Merge branch '6.2RC'

version 6.2
Merge branch 'dev' into 6.2RC
2026-06-22 01:17:41 -04:00 · 2021-09-08 07:43:40 +00:00 · 2021-09-08 07:42:44 +00:00 · 2021-09-07 10:22:07 +00:00 · 2021-09-07 10:21:02 +00:00 · 2021-09-07 09:29:14 +00:00
1562 changed files with 149713 additions and 76402 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -33,8 +33,10 @@ apps/
 home.html
 # page header plugin
 pageheader.html
-# Ignore site TOS
+# Ignore site TOS & gddpr
 doc/SiteTOS.md
+doc/*/SiteTOS.md
+doc/*/gdpr.md
 # themes except for redbasic
 view/theme/*
 !view/theme/redbasic
@@ -55,6 +57,7 @@ tests/results/
 .buildpath
 .externalToolBuilders
 .settings/
+.pydevproject
 # NetBeans project folder
 nbproject/
 # Kdevelop project files
@@ -75,3 +78,5 @@ composer.phar
 vendor/**/tests/
 vendor/**/Test/
 vendor/sabre/*/examples/
+# /info is a directory containing site-specific HTML documents
+/info/
--- a/130
+++ b/130
@@ -1,3 +1,133 @@
+Hubzilla 6.2 (2021-09-08)
+	- Deprecate the custom highlight [hl] bbcode in favor of [mark] which is a html5 standard
+	- Check post_mail permission when receiving a direct message
+	- Refactor actor store and cache mechanism
+	- Add optional strict flag (false) to base64url_decode() which is passed on to base64_decode()
+	- Update russian translations
+	- Add optional force flag (false) to Activity::actor_store()
+	- Improved icon lookup for actor objects
+	- Improved desktop notifications
+	- Make Hubzilla installable as PWA in supported browsers
+	- Capitalized widget titles (redbasic)
+	- Make images loaded counter showing % loaded instead of actual image count
+	- Deprecate optional channel menu in favor of extended app bin
+	- Implement infrastructure to provide an app install widget for modules
+	- Implement app descriptions
+	- Implement app drag and drop sorting
+	- Implement app drag and drop pinning/starring
+	- Update polish translations
+	- Update to bootstrap 5 and adjust templates
+
+	Bugfixes
+	- Fix anonymous comments for cards and articles
+	- Resolve regex interference between contact and channel autocomplete
+	- Fix files stored in wrong directory when uploaded in the photo module
+	- Fix records with empty public key selected for OWA
+	- Fix import_author_zot failing if primary is both dead and unknown - issue #1599
+	- Fix regression with bookmarks
+	- Fix pubstream notifications link redirecting to mod hq when not local
+	- Cleanup legacy mail leftovers - issue #1595
+	- Fix getimagesize() called with empty path
+	- Fix display issue caused by redundant closing div tag
+
+	Addons
+	- Pubcrawl: fix post to forum - issue #159
+	- Diaspora: implement post_mail permissions for direct messages
+	- Pubcrawl: implement post_mail permissions for direct messages
+	- Pubcrawl: deprecate asencode_person() in favor of Activity::encode_person()
+	- Pubcrawl: implement Activity::get_actor_collections() to reflect core actor store changes
+	- Diaspora: fix use of deprecated function
+	- Twitter: prevent re-retweeting of a post from a clone if it has already been sent
+	- Totp: use platform name instead of banner text
+	- Pubcrawl: use force flag when updating an actor
+	- Sse: do not process possible empty hashes
+	- Implement app descriptions for addons that already support the apps infrastructure
+
+
+Hubzilla 6.0.1 (2021-07-27)
+	- Fix regression in notification handling introduced in 6.0
+	- Fix regression in regard to unified session page load times introduced in 6.0
+	- Fix photo description textarea only available if create status post enabled
+	- Fix item not found by message id at clone locations
+	- Dismiss deleted xchans in mod chanview
+
+
+Hubzilla 6.0 (2021-07-09)
+	- Implement swipe to right for bringing in left aside
+	- DB update 1247 to clean up bogus entries in updates
+	- DB update 1246 to mark legacy zot xchans and hublocs deleted
+	- Implement desktop notifications
+	- Emit a warning if the calendar for the created event is disabled
+	- Add an option to drop media for bbcode processing
+	- Make mod HQ the default landing page after login
+	- Implement direct messages view for mod HQ
+	- Implement public/restricted messages view for mod HQ
+	- Implement starred messages view for mod HQ (only available if the Star Posts feature is enabled)
+	- Update composer libs
+	- Remove deprecated mod ping
+	- Remove legacy zot libs and functions - major cleanup
+
+	Bugfixes
+	- Fix deleting and starring in unthreaded view
+	- Fix issue where incomplete datasets were stored into updates
+	- Fix photo item tags not stored and propagated
+	- Fix notifications not loading if a filter was applied
+	- Fix in browser email validation for registrations
+	- Fix directory sync issues
+	- Fix issue where the original rawmsg iconfig got overwritten
+	- Fix unmaintained id3 pareser for PHP8
+	- Fix item_private state for imported items
+	- Random PHP8 fixes (ongoing)
+
+	Addons
+	- Pubcrawl: fix ld-signature for profile updates
+	- Pubcrawl: deprecate as_actor_store() in favor of Activity::actor_store()
+	- Twitter: prevent duplicated tweets
+	- Remove legacy zot dpendencies and deprecated functions
+	- Pubcrawl: fix remote reply for peertube
+	- Pubcrawl: fix issue where we could end up with an xchan but without hubloc
+	- Diaspora: implement the direct_message_recipients hook
+	- Queueworker: add a simple priority mechanism to prevent not so important janitor tasks (e.g. onedirsync) stuffing up the queue and delaying delivery of items
+	- Pubcrawl: implement direct message recognision for activities coming from Mastodon
+	- Pubcrawl: always show complete threads (complete as in all the messages we have received) in public stream
+	- Twitter_api: remove the mail endpoint
+	- Mail: make interface read only with the possibility to download and delete mails (this addon will be removed in a future version)
+	- Pubsubhubbub: move to addons-unmaintained
+	- GNU-Social: move to addons-unmaintained
+	- Fixes to reflect core notifier changes
+	- Diaspora: refactor conversations a.k.a mail to implement direct messages infrastructure
+	- Pubcrawl: allow hublocs to be upgraded from ostatus
+	- Diaspora: fix issue where we could end up with an xchan but without hubloc
+
+
+Hubzilla 5.6.1 (2021-06-04)
+	- Update spanish translations
+	- Fix login name label if register email verification is disabled
+	- Fix zotinfo issue with deleted channels
+	- Make pubstream ordering configurable
+	- Fix article summary duplicated when editing
+	- Update polish translations
+	- Fix admin setting for invitations not displayed correctly
+	- Fix registration in invite only mode
+	- Fix notifications not returning offset -1 when returning early
+	- Fix direct messages for items imported via sync
+	- Bring back the channel protocols hooks
+	- Fix security headers switching
+	- Fix magic auth for delegated channels
+	- Introduce drop_query_params() for secure query parameter removal
+	- PHP8 fixes (ongoing)
+	- Fix menu wrapping regression
+
+	Addons
+	- LDAPauth: fix regression creating an account
+	- Twitter: allow feeds crossposting
+	- Twitter: fix posting when post by default is disabled
+	- Pubcrawl: add litepub directMessage attribute
+	- Pubcrawl: allow xchan/hubloc upgrades from e.g. ostatus
+	- Diaspora: fix possible issue with missing hublocs
+	- Diaspora: refine dispatching of public of public items
+
+
 Hubzilla 5.6 (2021-05-11)
 	- Improve postgres hubloc queries
 	- Implement automatic duplicate singleton hubloc removal
--- a/SBOM.md
+++ b/SBOM.md
@@ -5,15 +5,15 @@
 |blueimp/jquery-file-upload|10.31.0.0|MIT|https://github.com/vkhramtsov/jQuery-File-Upload.git|
 |brick/math|0.9.2.0|MIT|https://github.com/brick/math.git|
 |bshaffer/oauth2-server-php|1.11.1.0|MIT|https://github.com/bshaffer/oauth2-server-php.git|
-|commerceguys/intl|1.0.7.0|MIT|https://github.com/commerceguys/intl.git|
+|commerceguys/intl|1.1.0.0|MIT|https://github.com/commerceguys/intl.git|
 |desandro/imagesloaded|4.1.4.0|MIT|https://github.com/desandro/imagesloaded.git|
 |ezyang/htmlpurifier|4.13.0.0|LGPL-2.1-or-later|https://github.com/ezyang/htmlpurifier.git|
-|league/html-to-markdown|4.10.0.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
+|league/html-to-markdown|5.0.0.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
 |lukasreschke/id3parser|0.0.3.0|GPL|https://github.com/LukasReschke/ID3Parser.git|
 |michelf/php-markdown|1.9.0.0|BSD-3-Clause|https://github.com/michelf/php-markdown.git|
 |pear/text_languagedetect|1.0.1.0|BSD-2-Clause|https://github.com/pear/Text_LanguageDetect.git|
 |phpseclib/phpseclib|2.0.30.0|MIT|https://github.com/phpseclib/phpseclib.git|
-|psr/log|1.1.3.0|MIT|https://github.com/php-fig/log.git|
+|psr/log|1.1.4.0|MIT|https://github.com/php-fig/log.git|
 |ramsey/collection|1.1.3.0|MIT|https://github.com/ramsey/collection.git|
 |ramsey/uuid|4.1.1.0|MIT|https://github.com/ramsey/uuid.git|
 |sabre/dav|4.1.5.0|BSD-3-Clause|https://github.com/sabre-io/dav.git|
@@ -23,8 +23,8 @@
 |sabre/vobject|4.3.5.0|BSD-3-Clause|https://github.com/sabre-io/vobject.git|
 |sabre/xml|2.2.3.0|BSD-3-Clause|https://github.com/sabre-io/xml.git|
 |simplepie/simplepie|1.5.6.0|BSD-3-Clause|https://github.com/simplepie/simplepie.git|
-|smarty/smarty|3.1.38.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
-|symfony/polyfill-ctype|1.22.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
+|smarty/smarty|3.1.39.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
+|symfony/polyfill-ctype|1.23.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
 |twbs/bootstrap|4.6.0.0|MIT|https://github.com/twbs/bootstrap.git|
 |fullcalendar/fullcalendar|4.4.2.0|MIT|https://github.com/fullcalendar/fullcalendar.git|
 |miromannino/Justified-Gallery|3.8.1.0|MIT|https://github.com/miromannino/Justified-Gallery.git|
--- a/ServiceWorker.js
+++ b/ServiceWorker.js
@@ -0,0 +1,10 @@
+// This file should be served from the web root to avoid scope and cookie related issues with some browsers
+self.addEventListener('install', function(e) {
+	console.log('install event');
+});
+
+self.addEventListener('fetch', function(e) {
+	// nothing here yet
+	return;
+});
+
--- a/Zotlabs/Access/Permissions.php
+++ b/Zotlabs/Access/Permissions.php
@@ -65,9 +65,9 @@ class Permissions {
 			'write_wiki'    => t('Can write to my wiki pages'),
 			'post_wall'     => t('Can post on my channel (wall) page'),
 			'post_comments' => t('Can comment on or like my posts'),
-			'post_mail'     => t('Can send me private mail messages'),
+			'post_mail'     => t('Can send me direct messages'),
 			'post_like'     => t('Can like/dislike profiles and profile things'),
-			'tag_deliver'   => t('Can forward to all my channel connections via ! mentions in posts'),
+			'tag_deliver'   => t('Can forward direct messages to all my channel connections (forum)'),
 			'chat'          => t('Can chat with me'),
 			'republish'     => t('Can source my public posts in derived channels'),
 			'delegate'      => t('Can administer my channel')
--- a/Zotlabs/Daemon/Cron.php
+++ b/Zotlabs/Daemon/Cron.php
@@ -48,13 +48,7 @@ class Cron {
 			db_quoteinterval('3 MINUTE')
 		);

-		// expire any expired mail
-
-		q("delete from mail where expires > '%s' and expires < %s ",
-			dbesc(NULL_DATE),
-			db_utcnow()
-		);
-
+		require_once('include/account.php');
 		remove_expired_registrations();

 		$interval = get_config('system', 'delivery_interval', 3);
@@ -164,11 +158,6 @@ class Cron {
 			}
 		}

-
-		// check if any connections transitioned to zot6 and upgrade the connections to zot6 at this hub if so.
-		require_once('include/connections.php');
-		z6trans_connections();
-
 		require_once('include/attach.php');
 		attach_upgrade();

--- a/Zotlabs/Daemon/Cron_daily.php
+++ b/Zotlabs/Daemon/Cron_daily.php
@@ -95,8 +95,6 @@ class Cron_daily {
 		remove_obsolete_hublocs();
 		remove_duplicate_singleton_hublocs();

-		z6_discover();
-
 		$date = datetime_convert();
 		call_hooks('cron_daily', $date);

--- a/Zotlabs/Daemon/Deliver.php
+++ b/Zotlabs/Daemon/Deliver.php
@@ -2,7 +2,7 @@

 namespace Zotlabs\Daemon;

-require_once('include/queue_fn.php');
+use Zotlabs\Lib\Queue;

 class Deliver {

@@ -23,7 +23,7 @@ class Deliver {
 			);

 			if ($r) {
-				queue_deliver($r[0], true);
+				Queue::deliver($r[0], true);
 			}

 		}
--- a/Zotlabs/Daemon/Directory.php
+++ b/Zotlabs/Daemon/Directory.php
@@ -74,7 +74,7 @@ class Directory {
 			 * the directory packet. That means we'll try again on the next poll run.
 			 */

-			$hash = random_string();
+			$hash = new_uuid();

 			Queue::insert(array(
 				'hash'       => $hash,
--- a/Zotlabs/Daemon/Expire.php
+++ b/Zotlabs/Daemon/Expire.php
@@ -2,6 +2,7 @@

 namespace Zotlabs\Daemon;

+require_once('include/items.php');

 class Expire {

--- a/Zotlabs/Daemon/Notifier.php
+++ b/Zotlabs/Daemon/Notifier.php
@@ -6,23 +6,14 @@ use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Activity;
 use Zotlabs\Lib\Queue;

-require_once('include/queue_fn.php');
 require_once('include/html2plain.php');
 require_once('include/conversation.php');
-require_once('include/zot.php');
 require_once('include/items.php');
 require_once('include/bbcode.php');


 /*
- * This file was at one time responsible for doing all deliveries, but this caused
- * big problems on shared hosting systems, where the process might get killed by the
- * hosting provider and nothing would get delivered.
- * It now only delivers one message under certain cases, and invokes a queued
- * delivery mechanism (include/deliver.php) to deliver individual contacts at
- * controlled intervals.
- * This has a much better chance of surviving random processes getting killed
- * by the hosting provider.
+ * Notifier - message dispatch and preparation for delivery
 *
 * The basic flow is:
 *   Identify the type of message
@@ -53,7 +44,6 @@ require_once('include/bbcode.php');
 *	event			(in events.php)
 *	expire			(in items.php)
 *	like			(in like.php, poke.php)
- *	mail			(in message.php)
 *	tag			(in photos.php, poke.php, tagger.php)
 *	tgroup			(in items.php)
 *	wall-new		(in photos.php, item.php)
@@ -63,7 +53,6 @@ require_once('include/bbcode.php');
 * ZOT
 *       permission_create      abook_id
 *       permission_accept      abook_id
- *       permission_reject      abook_id
 *       permission_update      abook_id
 *       refresh_all            channel_id
 *       purge                  channel_id            xchan_hash
@@ -71,7 +60,6 @@ require_once('include/bbcode.php');
 *       expire                 channel_id
 *       relay			item_id (item was relayed to owner, we will deliver it as owner)
 *       single_activity        item_id (deliver to a singleton network from the appropriate clone)
- *       single_mail            mail_id (deliver to a singleton network from the appropriate clone)
 *       location               channel_id
 *       request                channel_id            xchan_hash             message_id
 *       rating                 xlink_id
@@ -82,10 +70,20 @@ require_once('include/bbcode.php');

 class Notifier {

+	static public $deliveries = [];
+	static public $recipients = [];
+	static public $env_recips = [];
+	static public $packet_type = 'activity';
+	static public $encoding = 'activitystreams';
+	static public $encoded_item = null;
+	static public $channel = null;
+	static public $private = false;
+
 	static public function run($argc, $argv) {

-		if ($argc < 3)
+		if ($argc < 3) {
 			return;
+		}

 		logger('notifier: invoked: ' . print_r($argv, true), LOGGER_DEBUG);

@@ -93,153 +91,97 @@ class Notifier {

 		$item_id = $argv[2];

-		if (!$item_id)
+		if (!$item_id) {
 			return;
-
-		$sys = get_sys_channel();
-
-		$deliveries = [];
-
-		$request        = false;
-		$mail           = false;
-		$location       = false;
-		$recipients     = [];
-		$normal_mode    = true;
-		$packet_type    = 'undefined';
-
-		if ($cmd === 'mail' || $cmd === 'single_mail') {
-			$normal_mode = false;
-			$mail        = true;
-			$private     = true;
-			$message     = q("SELECT * FROM mail WHERE id = %d LIMIT 1",
-				intval($item_id)
-			);
-			if (!$message) {
-				return;
-			}
-			xchan_mail_query($message[0]);
-			$uid          = $message[0]['channel_id'];
-			$recipients[] = $message[0]['from_xchan']; // include clones
-			$recipients[] = $message[0]['to_xchan'];
-			$item         = $message[0];
-			$encoded_item = encode_mail($item);
-
-			$s = q("select * from channel where channel_id = %d limit 1",
-				intval($uid)
-			);
-			if ($s)
-				$channel = $s[0];
-
 		}
-		elseif ($cmd === 'request') {
-			$channel_id         = $item_id;
-			$xchan              = $argv[3];
-			$request_message_id = $argv[4];

-			$s = q("select * from channel where channel_id = %d limit 1",
-				intval($channel_id)
-			);
-			if ($s)
-				$channel = $s[0];

-			$private      = true;
-			$recipients[] = $xchan;
-			$packet_type  = 'request';
-			$normal_mode  = false;
-		}
-		elseif ($cmd === 'keychange') {
-			$channel = channelx_by_n($item_id);
+		self::$deliveries   = [];
+		self::$recipients   = [];
+		self::$env_recips   = [];
+		self::$packet_type  = 'activity';
+		self::$encoding     = 'activitystreams';
+		self::$encoded_item = null;
+		self::$channel      = null;
+		self::$private      = false;

-			$r       = q("select abook_xchan from abook where abook_channel = %d",
+		$sys         = get_sys_channel();
+		$normal_mode = true;
+
+		if ($cmd === 'keychange') {
+			self::$channel = channelx_by_n($item_id);
+			$r             = q("select abook_xchan from abook where abook_channel = %d",
 				intval($item_id)
 			);
 			if ($r) {
 				foreach ($r as $rr) {
-					$recipients[] = $rr['abook_xchan'];
+					self::$recipients[] = $rr['abook_xchan'];
 				}
 			}
-			$private     = false;
-			$packet_type = 'keychange';
-			$normal_mode = false;
+			self::$private      = false;
+			self::$packet_type  = 'keychange';
+			self::$encoded_item = get_pconfig(self::$channel['channel_id'], 'system', 'keychange');
+			self::$encoding     = 'zot';
+			$normal_mode        = false;
 		}
-		elseif (in_array($cmd, ['permission_update', 'permission_reject', 'permission_accept', 'permission_create'])) {
+		elseif (in_array($cmd, ['permission_update', 'permission_accept', 'permission_create'])) {
 			// Get the (single) recipient
 			$r = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_self = 0",
 				intval($item_id)
 			);
 			if ($r) {
-				$uid = $r[0]['abook_channel'];
-				// Get the sender
-				$channel = channelx_by_n($uid);
-				if ($channel) {
-					$perm_update = ['sender' => $channel, 'recipient' => $r[0], 'success' => false, 'deliveries' => ''];
+				$recip = $r[0];

-					if ($cmd === 'permission_create')
-						call_hooks('permissions_create', $perm_update);
-					elseif ($cmd === 'permission_accept')
-						call_hooks('permissions_accept', $perm_update);
-					elseif ($cmd === 'permission_reject')
-						call_hooks('permissions_reject', $perm_update);
-					else
-						call_hooks('permissions_update', $perm_update);
+				// Get the sender
+				self::$channel = channelx_by_n($recip['abook_channel']);
+				if (self::$channel) {
+					$perm_update = ['sender' => self::$channel, 'recipient' => $recip, 'success' => false, 'deliveries' => ''];
+
+					switch ($cmd) {
+						case 'permission_create':
+							call_hooks('permissions_create', $perm_update);
+							break;
+						case 'permission_accept':
+							call_hooks('permissions_accept', $perm_update);
+							break;
+						case 'permission_update':
+							call_hooks('permissions_update', $perm_update);
+							break;
+						default:
+							break;
+					}

 					if ($perm_update['success']) {
 						if ($perm_update['deliveries']) {
-							$deliveries[] = $perm_update['deliveries'];
-							do_delivery($deliveries);
+							self::$deliveries[] = $perm_update['deliveries'];
+							do_delivery(self::$deliveries);
 						}
 						return;
 					}
 					else {
-						$recipients[]  = $r[0]['abook_xchan'];
-						$private       = false;
-						$packet_type   = 'refresh';
-						$packet_recips = [['guid' => $r[0]['xchan_guid'], 'guid_sig' => $r[0]['xchan_guid_sig'], 'hash' => $r[0]['xchan_hash']]];
+						self::$recipients[] = $recip['abook_xchan'];
+						self::$private      = false;
+						self::$packet_type  = 'refresh';
+						self::$env_recips   = [$recip['xchan_hash']];
 					}
 				}
 			}
 		}
 		elseif ($cmd === 'refresh_all') {
 			logger('notifier: refresh_all: ' . $item_id);
-			$uid     = $item_id;
-			$channel = channelx_by_n($item_id);

-			$r       = q("select abook_xchan from abook where abook_channel = %d",
-				intval($uid)
-			);
-			if ($r) {
-				foreach ($r as $rr) {
-					$recipients[] = $rr['abook_xchan'];
-				}
-			}
-			$private     = false;
-			$packet_type = 'refresh';
-		}
-		elseif ($cmd === 'location') {
-			logger('notifier: location: ' . $item_id);
-			$s = q("select * from channel where channel_id = %d limit 1",
+			self::$channel = channelx_by_n($item_id);
+
+			$r = q("select abook_xchan from abook where abook_channel = %d",
 				intval($item_id)
 			);
-			if ($s)
-				$channel = $s[0];
-
-			$uid        = $item_id;
-			$recipients = [];
-
-			$r          = q("select abook_xchan from abook where abook_channel = %d",
-				intval($uid)
-			);
 			if ($r) {
 				foreach ($r as $rr) {
-					$recipients[] = $rr['abook_xchan'];
+					self::$recipients[] = $rr['abook_xchan'];
 				}
 			}
-
-			$encoded_item = ['locations' => Libzot::encode_locations($channel), 'type' => 'location', 'encoding' => 'zot'];
-			$target_item  = ['aid' => $channel['channel_account_id'], 'uid' => $channel['channel_id']];
-			$private      = false;
-			$packet_type  = 'location';
-			$location     = true;
+			self::$private     = false;
+			self::$packet_type = 'refresh';
 		}
 		elseif ($cmd === 'purge') {
 			$xchan = $argv[3];
@@ -248,33 +190,27 @@ class Notifier {
 				return;
 			}

-			$channel         = channelx_by_n($item_id);
-			$recipients[]    = $xchan;
-			$private         = true;
-			$packet_type     = 'purge';
-			$packet_recips[] = ['hash' => $xchan];
+			self::$channel     = channelx_by_n($item_id);
+			self::$recipients  = [$xchan];
+			self::$private     = true;
+			self::$packet_type = 'purge';
 		}
 		elseif ($cmd === 'purge_all') {
-
 			logger('notifier: purge_all: ' . $item_id);
-			$channel = channelx_by_n($item_id);
+			self::$channel     = channelx_by_n($item_id);
+			self::$recipients  = [];
+			self::$private     = false;
+			self::$packet_type = 'purge';

-			$recipients = [];
-			$r          = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
+			$r = q("select abook_xchan from abook where abook_channel = %d and abook_self = 0",
 				intval($item_id)
 			);
 			if (!$r) {
 				return;
 			}
 			foreach ($r as $rr) {
-				$recipients[]    = $rr['abook_xchan'];
-				$packet_recips[] = ['hash' => $rr['abook_xchan']];
+				self::$recipients[] = $rr['abook_xchan'];
 			}
-
-			$private     = false;
-			$packet_type = 'purge';
-
-
 		}
 		else {

@@ -282,15 +218,14 @@ class Notifier {

 			// Fetch the target item

-			$r = q("SELECT * FROM item WHERE id = %d and parent != 0 LIMIT 1",
+			$r = q("SELECT * FROM item WHERE id = %d AND parent != 0",
 				intval($item_id)
 			);
-
-			if (!$r)
+			if (!$r) {
 				return;
+			}

 			xchan_query($r);
-
 			$r = fetch_post_tags($r);

 			$target_item = $r[0];
@@ -345,11 +280,12 @@ class Notifier {
 			$s = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
 				intval($target_item['uid'])
 			);
-			if ($s)
-				$channel = $s[0];
+			if ($s) {
+				self::$channel = $s[0];
+			}

-			if ($channel['channel_hash'] !== $target_item['author_xchan'] && $channel['channel_hash'] !== $target_item['owner_xchan']) {
-				logger("notifier: Sending channel {$channel['channel_hash']} is not owner {$target_item['owner_xchan']} or author {$target_item['author_xchan']}", LOGGER_NORMAL, LOG_WARNING);
+			if (self::$channel['channel_hash'] !== $target_item['author_xchan'] && self::$channel['channel_hash'] !== $target_item['owner_xchan']) {
+				logger("notifier: Sending channel " . self::$channel['channel_hash'] . " is not owner {$target_item['owner_xchan']} or author {$target_item['author_xchan']}", LOGGER_NORMAL, LOG_WARNING);
 				return;
 			}

@@ -359,12 +295,13 @@ class Notifier {
 			}
 			else {
 				// fetch the parent item
-				$r = q("SELECT * from item where id = %d order by id asc",
+				$r = q("SELECT * FROM item WHERE id = %d",
 					intval($target_item['parent'])
 				);

-				if (!$r)
+				if (!$r) {
 					return;
+				}

 				if (strpos($r[0]['postopts'], 'nodeliver') !== false) {
 					logger('notifier: target item is undeliverable', LOGGER_DEBUG, LOG_NOTICE);
@@ -379,20 +316,17 @@ class Notifier {
 			}

 			// avoid looping of discover items 12/4/2014
-
-			if ($sys && $parent_item['uid'] == $sys['channel_id'])
+			if ($sys && $parent_item['uid'] == $sys['channel_id']) {
 				return;
+			}

-			$encoded_item = encode_item($target_item);
-
+			$m = get_iconfig($target_item, 'activitypub', 'signed_data');
 			// Re-use existing signature unless the activity type changed to a Tombstone, which won't verify.
-			$m = ((intval($target_item['item_deleted'])) ? '' : get_iconfig($target_item, 'activitypub', 'signed_data'));
-
-			if ($m) {
-				$activity = json_decode($m, true);
+			if ($m && (!intval($target_item['item_deleted']))) {
+				self::$encoded_item = json_decode($m, true);
 			}
 			else {
-				$activity = array_merge(['@context' => [
+				self::$encoded_item = array_merge(['@context' => [
 					ACTIVITYSTREAMS_JSONLD_REV,
 					'https://w3id.org/security/v1',
 					z_root() . ZOT_APSCHEMA_REV
@@ -401,7 +335,7 @@ class Notifier {
 			}

 			logger('target_item: ' . print_r($target_item, true), LOGGER_DEBUG);
-			logger('encoded: ' . print_r($activity, true), LOGGER_DEBUG);
+			logger('encoded: ' . print_r(self::$encoded_item, true), LOGGER_DEBUG);

 			// Send comments to the owner to re-deliver to everybody in the conversation
 			// We only do this if the item in question originated on this site. This prevents looping.
@@ -412,9 +346,9 @@ class Notifier {
 			// flag on comments for an extended period. So we'll also call comment_local_origin() which looks at
 			// the hostname in the message_id and provides a second (fallback) opinion.

-			$relay_to_owner = (((!$top_level_post) && (intval($target_item['item_origin'])) && comment_local_origin($target_item)) ? true : false);
-
-			$uplink = false;
+			$relay_to_owner = (!$top_level_post && intval($target_item['item_origin']) && comment_local_origin($target_item));
+			$uplink         = false;
+			$upstream       = false;

 			// $cmd === 'relay' indicates the owner is sending it to the original recipients
 			// don't allow the item in the relay command to relay to owner under any circumstances, it will loop
@@ -426,27 +360,34 @@ class Notifier {

 			if (($cmd === 'uplink') && intval($parent_item['item_uplink']) && (!$top_level_post)) {
 				logger('notifier: uplink');
-				$uplink = true;
+				$uplink            = true;
+				self::$packet_type = 'response';
 			}

 			if (($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
 				logger('notifier: followup relay', LOGGER_DEBUG);
-				$recipients = [($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']];
-				$private    = true;
-				if (!$encoded_item['flags'])
-					$encoded_item['flags'] = [];
-				$encoded_item['flags'][] = 'relay';
-				$upstream                = true;
+				$sendto            = (($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']);
+				self::$recipients  = [$sendto];
+				self::$private     = true;
+				$upstream          = true;
+				self::$packet_type = 'response';
 			}
 			else {
-				logger('notifier: normal distribution', LOGGER_DEBUG);
-				if ($cmd === 'relay')
-					logger('notifier: owner relay');
-				$upstream = false;
+				if ($cmd === 'relay') {
+					logger('owner relay (downstream delivery)');
+				}
+				else {
+					logger('normal (downstream) distribution', LOGGER_DEBUG);
+				}
+
+				if ($parent_item && $parent_item['item_private'] !== $target_item['item_private']) {
+					logger('conversation privacy mismatch - downstream delivery prevented');
+					return;
+				}
+
 				// if our parent is a tag_delivery recipient, uplink to the original author causing
 				// a delivery fork.
-
-				if (($parent_item) && intval($parent_item['item_uplink']) && (!$top_level_post) && ($cmd !== 'uplink')) {
+				if ($parent_item && intval($parent_item['item_uplink']) && !$top_level_post && $cmd !== 'uplink') {
 					// don't uplink a relayed post to the relay owner
 					if ($parent_item['source_xchan'] !== $parent_item['owner_xchan']) {
 						logger('notifier: uplinking this item');
@@ -454,98 +395,88 @@ class Notifier {
 					}
 				}

-				$private    = false;
-				$recipients = collect_recipients($parent_item, $private);
-
-				if ($top_level_post) {
-					// remove clones who will receive the post via sync
-					$recipients = array_diff($recipients, [$target_item['owner_xchan']]);
-				}
+				self::$private    = false;
+				self::$recipients = collect_recipients($parent_item, self::$private);

 				// FIXME add any additional recipients such as mentions, etc.

+				if ($top_level_post) {
+					// remove clones who will receive the post via sync
+					self::$recipients = array_values(array_diff(self::$recipients, [$target_item['owner_xchan']]));
+				}
+
+				// don't send deletions onward for other people's stuff
+				if (intval($target_item['item_deleted']) && (!intval($target_item['item_wall']))) {
+					logger('notifier: ignoring delete notification for non-wall item', LOGGER_NORMAL, LOG_NOTICE);
+					return;
+				}
 			}
 		}

-		$walltowall = (($top_level_post && $channel['xchan_hash'] === $target_item['author_xchan']) ? true : false);
-
 		// Generic delivery section, we have an encoded item and recipients
 		// Now start the delivery process

-		$x          = $encoded_item;
-		$x['title'] = 'private';
-		$x['body']  = 'private';
-		logger('notifier: encoded item: ' . print_r($x, true), LOGGER_DATA, LOG_DEBUG);
+		logger('encoded item: ' . print_r(self::$encoded_item, true), LOGGER_DATA, LOG_DEBUG);

-		//logger('notifier: encoded activity: ' . print_r($activity,true), LOGGER_DATA, LOG_DEBUG);
-
-		stringify_array_elms($recipients);
-		if (!$recipients) {
+		stringify_array_elms(self::$recipients);
+		if (!self::$recipients) {
 			logger('no recipients');
 			return;
 		}

-		//	logger('notifier: recipients: ' . print_r($recipients,true), LOGGER_NORMAL, LOG_DEBUG);
+		// logger('recipients: ' . print_r(self::$recipients,true), LOGGER_NORMAL, LOG_DEBUG);

-		$env_recips = (($private) ? [] : null);
-
-		$details = q("select xchan_hash, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',', $recipients)) . ")");
+		if (!count(self::$env_recips)) {
+			self::$env_recips = ((self::$private) ? [] : null);
+		}

 		$recip_list = [];

+		$details = dbq("select xchan_hash, xchan_network, xchan_addr, xchan_guid, xchan_guid_sig from xchan where xchan_hash in (" . protect_sprintf(implode(',', self::$recipients)) . ")");
+
 		if ($details) {
 			foreach ($details as $d) {
 				$recip_list[] = $d['xchan_addr'] . ' (' . $d['xchan_hash'] . ')';
-				if ($private) {
-					$env_recips[] = [
-						'guid'     => $d['xchan_guid'],
-						'guid_sig' => $d['xchan_guid_sig'],
-						'hash'     => $d['xchan_hash']
-					];
+				if (self::$private) {
+					self::$env_recips[] = $d['xchan_hash'];
 				}
 			}
 		}


 		$narr = [
-			'channel'        => $channel,
+			'channel'        => self::$channel,
 			'upstream'       => $upstream,
-			'env_recips'     => $env_recips,
-			'packet_recips'  => $packet_recips,
-			'recipients'     => $recipients,
-			'item'           => $item,
+			'env_recips'     => self::$env_recips,
+			'recipients'     => self::$recipients,
 			'target_item'    => $target_item,
 			'parent_item'    => $parent_item,
 			'top_level_post' => $top_level_post,
-			'private'        => $private,
+			'private'        => self::$private,
 			'relay_to_owner' => $relay_to_owner,
 			'uplink'         => $uplink,
 			'cmd'            => $cmd,
-			'mail'           => $mail,
-			'single'         => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
-			'location'       => $location,
-			'request'        => $request,
+			'single'         => ($cmd === 'single_activity'),
 			'normal_mode'    => $normal_mode,
-			'packet_type'    => $packet_type,
-			'walltowall'     => $walltowall,
+			'packet_type'    => self::$packet_type,
 			'queued'         => []
 		];

 		call_hooks('notifier_process', $narr);
 		if ($narr['queued']) {
 			foreach ($narr['queued'] as $pq)
-				$deliveries[] = $pq;
+				self::$deliveries[] = $pq;
 		}

 		// notifier_process can alter the recipient list

-		$recipients    = $narr['recipients'];
-		$env_recips    = $narr['env_recips'];
-		$packet_recips = $narr['packet_recips'];
+		self::$recipients = $narr['recipients'];
+		self::$env_recips = $narr['env_recips'];

-		if (($private) && (!$env_recips)) {
+		if (self::$private && !self::$env_recips) {
 			// shouldn't happen
 			logger('notifier: private message with no envelope recipients.' . print_r($argv, true), LOGGER_NORMAL, LOG_NOTICE);
+			return;
 		}

 		logger('notifier: recipients (may be delivered to more if public): ' . print_r($recip_list, true), LOGGER_DEBUG);
@@ -554,15 +485,15 @@ class Notifier {
 		// Now we have collected recipients (except for external mentions, FIXME)
 		// Let's reduce this to a set of hubs; checking that the site is not dead.

-		$hubs = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc left join site on site_url = hubloc_url
-			where hubloc_hash in (" . protect_sprintf(implode(',', $recipients)) . ")
+		$hubs = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_dead from hubloc left join site on site_url = hubloc_url
+			where hubloc_hash in (" . protect_sprintf(implode(',', self::$recipients)) . ")
 			and hubloc_error = 0 and hubloc_deleted = 0"
 		);

 		// public posts won't make it to the local public stream unless there's a recipient on this site.
 		// This code block sees if it's a public post and localhost is missing, and if so adds an entry for the local sys channel to the $hubs list

-		if (!$private) {
+		if (!self::$private) {
 			$found_localhost = false;
 			if ($hubs) {
 				foreach ($hubs as $h) {
@@ -573,12 +504,12 @@ class Notifier {
 				}
 			}
 			if (!$found_localhost) {
-				$localhub = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_version, site.site_project, site.site_dead from hubloc
-					left join site on site_url = hubloc_url where hubloc_id_url = '%s' and hubloc_error = 0 and hubloc_deleted = 0",
+				$localhub = q("select hubloc.*, site.site_crypto, site.site_flags, site.site_dead from hubloc left join site on site_url = hubloc_url
+				 	where hubloc_id_url = '%s' and hubloc_error = 0 and hubloc_deleted = 0",
 					dbesc(z_root() . '/channel/sys')
 				);
 				if ($localhub) {
-					$hubs = array_merge($hubs, $localhub);
+					$hubs = array_merge($localhub, $hubs);
 				}
 			}
 		}
@@ -603,33 +534,24 @@ class Notifier {
 		$dead    = []; // known dead hubs - report them as undeliverable

 		foreach ($hubs as $hub) {
-
-			if (intval($hub['site_dead'])) {
+			if (isset($hub['site_dead']) && intval($hub['site_dead'])) {
 				$dead[] = $hub;
 				continue;
 			}

-			if ($env_recips) {
-				foreach ($env_recips as $er) {
-					if ($hub['hubloc_hash'] === $er['hash']) {
-						if (!array_key_exists($hub['hubloc_host'] . $hub['hubloc_sitekey'], $hub_env)) {
-							$hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] = [];
+			if (self::$env_recips) {
+				foreach (self::$env_recips as $er) {
+					if ($hub['hubloc_hash'] === $er) {
+						if (!array_key_exists($hub['hubloc_site_id'], $hub_env)) {
+							$hub_env[$hub['hubloc_site_id']] = [];
 						}
-						$hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']][] = $er;
+						$hub_env[$hub['hubloc_site_id']][] = $er;
 					}
 				}
 			}

-
-			if ($hub['hubloc_network'] == 'zot') {
+			if ($hub['hubloc_network'] === 'zot6') {
 				if (!in_array($hub['hubloc_sitekey'], $keys)) {
-					$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
-					$dhubs[]   = $hub;
-					$keys[]    = $hub['hubloc_sitekey'];
-				}
-			}
-			else {
-				if (!in_array($hub['hubloc_url'], $urls)) {
 					if ($hub['hubloc_url'] === z_root()) {
 						//deliver to local hub first
 						array_unshift($hublist, $hub['hubloc_host'] . ' ' . $hub['hubloc_network']);
@@ -639,7 +561,14 @@ class Notifier {
 						$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
 						$dhubs[]   = $hub;
 					}
-					$urls[] = $hub['hubloc_url'];
+					$keys[] = $hub['hubloc_sitekey'];
+				}
+			}
+			else {
+				if (!in_array($hub['hubloc_url'], $urls)) {
+					$hublist[] = $hub['hubloc_host'] . ' ' . $hub['hubloc_network'];
+					$dhubs[]   = $hub;
+					$urls[]    = $hub['hubloc_url'];
 				}
 			}
 		}
@@ -650,37 +579,30 @@ class Notifier {

 			logger('notifier_hub: ' . $hub['hubloc_url'], LOGGER_DEBUG);

-			if (!in_array($hub['hubloc_network'], ['zot', 'zot6'])) {
+			if ($hub['hubloc_network'] !== 'zot6') {
 				$narr = [
-					'channel'        => $channel,
+					'channel'        => self::$channel,
 					'upstream'       => $upstream,
-					'env_recips'     => $env_recips,
-					'packet_recips'  => $packet_recips,
-					'recipients'     => $recipients,
-					'item'           => $item,
+					'env_recips'     => self::$env_recips,
+					'recipients'     => self::$recipients,
 					'target_item'    => $target_item,
 					'parent_item'    => $parent_item,
 					'hub'            => $hub,
 					'top_level_post' => $top_level_post,
-					'private'        => $private,
+					'private'        => self::$private,
 					'relay_to_owner' => $relay_to_owner,
 					'uplink'         => $uplink,
 					'cmd'            => $cmd,
-					'mail'           => $mail,
-					'single'         => (($cmd === 'single_mail' || $cmd === 'single_activity') ? true : false),
-					'location'       => $location,
-					'request'        => $request,
+					'single'         => $cmd === 'single_activity',
 					'normal_mode'    => $normal_mode,
-					'packet_type'    => $packet_type,
-					'walltowall'     => $walltowall,
+					'packet_type'    => self::$packet_type,
 					'queued'         => []
 				];

-
 				call_hooks('notifier_hub', $narr);
 				if ($narr['queued']) {
 					foreach ($narr['queued'] as $pq)
-						$deliveries[] = $pq;
+						self::$deliveries[] = $pq;
 				}
 				continue;

@@ -695,153 +617,62 @@ class Notifier {
 			// will invoke a delivery to those connections which are connected to just that
 			// hub instance.

-			if ($cmd === 'single_mail' || $cmd === 'single_activity') {
+			if ($cmd === 'single_activity') {
 				continue;
 			}

-			if (!in_array($hub['hubloc_network'], ['zot', 'zot6'])) {
+			// default: zot protocol
+
+			$hash = new_uuid();
+
+			$env = (($hub_env && $hub_env[$hub['hubloc_site_id']]) ? $hub_env[$hub['hubloc_site_id']] : '');
+			if ((self::$private) && (!$env)) {
 				continue;
 			}

-			// Do not change this to a uuid as long as we have traditional zot servers
-			// in the loop. The signature verification step can't handle dashes in the
-			// hashes.
+			$packet = Libzot::build_packet(self::$channel, self::$packet_type, $env, self::$encoded_item, self::$encoding, ((self::$private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto']);

-			$hash = random_string(48);
+			Queue::insert(
+				[
+					'hash'       => $hash,
+					'account_id' => self::$channel['channel_account_id'],
+					'channel_id' => self::$channel['channel_id'],
+					'posturl'    => $hub['hubloc_callback'],
+					'notify'     => $packet,
+					'msg'        => EMPTY_STR
+				]
+			);

-			$packet = null;
-			$pmsg   = '';
-
-			if ($packet_type === 'refresh' || $packet_type === 'purge') {
-				if ($hub['hubloc_network'] === 'zot6') {
-					$packet = Libzot::build_packet($channel, $packet_type, ids_to_array($packet_recips, 'hash'));
-				}
-				else {
-					$packet = zot_build_packet($channel, $packet_type, (($packet_recips) ? $packet_recips : null));
-				}
-			}
-			if ($packet_type === 'keychange' && $hub['hubloc_network'] === 'zot') {
-				$pmsg   = get_pconfig($channel['channel_id'], 'system', 'keychange');
-				$packet = zot_build_packet($channel, $packet_type, (($packet_recips) ? $packet_recips : null));
-			}
-			elseif ($packet_type === 'request' && $hub['hubloc_network'] === 'zot') {
-				$env    = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
-				$packet = zot_build_packet($channel, $packet_type, $env, $hub['hubloc_sitekey'], $hub['site_crypto'],
-					$hash, ['message_id' => $request_message_id]
+			// only create delivery reports for normal undeleted items
+			if (is_array($target_item) && (!$target_item['item_deleted']) && (!get_config('system', 'disable_dreport'))) {
+				q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan, dreport_queue )
+					values ( '%s', '%s','%s','%s','%s','%s','%s','%s' ) ",
+					dbesc($target_item['mid']),
+					dbesc($hub['hubloc_host']),
+					dbesc($hub['hubloc_host']),
+					dbesc($hub['hubloc_host']),
+					dbesc('queued'),
+					dbesc(datetime_convert()),
+					dbesc(self::$channel['channel_hash']),
+					dbesc($hash)
 				);
 			}

-			if ($packet) {
-				Queue::insert(
-					[
-						'hash'       => $hash,
-						'account_id' => $channel['channel_account_id'],
-						'channel_id' => $channel['channel_id'],
-						'posturl'    => $hub['hubloc_callback'],
-						'driver'     => $hub['hubloc_network'],
-						'notify'     => $packet,
-						'msg'        => (($pmsg) ? json_encode($pmsg) : '')
-					]
-				);
-			}
-			else {
-				$env = (($hub_env && $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']]) ? $hub_env[$hub['hubloc_host'] . $hub['hubloc_sitekey']] : '');
+			self::$deliveries[] = $hash;

-				if ($hub['hubloc_network'] === 'zot6') {
-					$zenv = [];
-					if ($env) {
-						foreach ($env as $e) {
-							$zenv[] = $e['hash'];
-						}
-					}
-
-					$packet_type = (($upstream || $uplink) ? 'response' : 'activity');
-
-					// block zot private reshares from zot6, as this could cause a number of privacy issues
-					// due to parenting differences between the reshare implementations. In zot a reshare is
-					// a standalone parent activity and in zot6 it is a followup/child of the original activity.
-					// For public reshares, some comments to the reshare on the zot fork will not make it to zot6
-					// due to these different message models. This cannot be prevented at this time.
-
-					if ($packet_type === 'activity' && $activity['type'] === 'Announce' && intval($target_item['item_private'])) {
-						continue;
-					}
-
-					$packet = Libzot::build_packet($channel, $packet_type, $zenv, $activity, 'activitystreams', (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto']);
-				}
-				else {
-					// currently zot6 delivery is only performed on normal items and not sync items or mail or anything else
-					// Eventually we will do this for all deliveries, but for now ensure this is precisely what we are dealing
-					// with before switching to zot6 as the primary zot6 handler checks for the existence of a message delivery report
-					// to trigger dequeue'ing
-
-					$z6 = (($encoded_item && $encoded_item['type'] === 'activity' && (!array_key_exists('allow_cid', $encoded_item))) ? true : false);
-					if ($z6) {
-						$packet = zot6_build_packet($channel, 'notify', $env, json_encode($encoded_item), (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'], $hash);
-					}
-					else {
-						$packet = zot_build_packet($channel, 'notify', $env, (($private) ? $hub['hubloc_sitekey'] : null), $hub['site_crypto'], $hash);
-
-					}
-				}
-
-
-				// remove this after most hubs have updated to version 5.0
-				if (stripos($hub['site_project'], 'hubzilla') !== false && version_compare($hub['site_version'], '4.7.3', '<=')) {
-					if ($encoded_item['type'] === 'mail') {
-						$encoded_item['from']['network']  = 'zot';
-						$encoded_item['from']['guid_sig'] = str_replace('sha256.', '', $encoded_item['from']['guid_sig']);
-					}
-					else {
-						$encoded_item['owner']['network']  = 'zot';
-						$encoded_item['owner']['guid_sig'] = str_replace('sha256.', '', $encoded_item['owner']['guid_sig']);
-						if (strpos($encoded_item['author']['url'], z_root()) === 0) {
-							$encoded_item['author']['network']  = 'zot';
-							$encoded_item['author']['guid_sig'] = str_replace('sha256.', '', $encoded_item['author']['guid_sig']);
-						}
-					}
-				}
-
-				Queue::insert(
-					[
-						'hash'       => $hash,
-						'account_id' => $target_item['aid'],
-						'channel_id' => $target_item['uid'],
-						'posturl'    => $hub['hubloc_callback'],
-						'driver'     => $hub['hubloc_network'],
-						'notify'     => $packet,
-						'msg'        => json_encode($encoded_item)
-					]
-				);
-
-				// only create delivery reports for normal undeleted items
-				if (is_array($target_item) && array_key_exists('postopts', $target_item) && (!$target_item['item_deleted']) && (!get_config('system', 'disable_dreport'))) {
-					q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan, dreport_queue ) values ( '%s','%s','%s','%s','%s','%s','%s' ) ",
-						dbesc($target_item['mid']),
-						dbesc($hub['hubloc_host']),
-						dbesc($hub['hubloc_host']),
-						dbesc('queued'),
-						dbesc(datetime_convert()),
-						dbesc($channel['channel_hash']),
-						dbesc($hash)
-					);
-				}
-			}
-
-			$deliveries[] = $hash;
 		}

 		if ($normal_mode) {
+			// This wastes a process if there are no delivery hooks configured, so check this before launching the new process
 			$x = q("select * from hook where hook = 'notifier_normal'");
 			if ($x) {
 				Master::Summon(['Deliver_hooks', $target_item['id']]);
 			}
 		}

-		if ($deliveries)
-			do_delivery($deliveries);
-
-		logger('notifier: basic loop complete.', LOGGER_DEBUG);
+		if (self::$deliveries) {
+			do_delivery(self::$deliveries);
+		}

 		if ($dead) {
 			foreach ($dead as $deceased) {
@@ -854,8 +685,8 @@ class Notifier {
 						dbesc($deceased['hubloc_host']),
 						dbesc('undeliverable/unresponsive site'),
 						dbesc(datetime_convert()),
-						dbesc($channel['channel_hash']),
-						dbesc(random_string(48))
+						dbesc(self::$channel['channel_hash']),
+						dbesc(new_uuid())
 					);
 				}
 			}
@@ -864,6 +695,7 @@ class Notifier {
 		call_hooks('notifier_end', $target_item);

 		logger('notifer: complete.');
+
 		return;

 	}
--- a/Zotlabs/Daemon/Onedirsync.php
+++ b/Zotlabs/Daemon/Onedirsync.php
@@ -5,10 +5,6 @@ namespace Zotlabs\Daemon;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Libzotdir;

-require_once('include/zot.php');
-require_once('include/dir_fns.php');
-
-
 class Onedirsync {

 	static public function run($argc, $argv) {
@@ -29,6 +25,7 @@ class Onedirsync {

 		if (!$r)
 			return;
+
 		if (($r[0]['ud_flags'] & UPDATE_FLAGS_UPDATED) || (!$r[0]['ud_addr']))
 			return;

@@ -54,25 +51,24 @@ class Onedirsync {
 		// ignore doing an update if this ud_addr refers to a known dead hubloc

 		$h = q("select * from hubloc where hubloc_addr = '%s'",
-			dbesc($r[0]['ud_addr'])
+			dbesc($r[0]['ud_addr']),
 		);

 		$h = Libzot::zot_record_preferred($h);

-		if (($h) && ($h['hubloc_status'] & HUBLOC_OFFLINE)) {
+		if (($h) && (($h['hubloc_status'] & HUBLOC_OFFLINE) || $h['hubloc_deleted'] || $h['hubloc_error'])) {
 			q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 ",
-				intval(UPDATE_FLAGS_UPDATED),
+				intval(UPDATE_FLAGS_DELETED),
 				dbesc($r[0]['ud_addr']),
 				intval(UPDATE_FLAGS_UPDATED)
 			);
-
 			return;
 		}

 		// we might have to pull this out some day, but for now update_directory_entry()
 		// runs zot_finger() and is kind of zot specific

-		if ($h && !in_array($h['hubloc_network'], ['zot6', 'zot']))
+		if ($h && $h['hubloc_network'] !== 'zot6')
 			return;

 		Libzotdir::update_directory_entry($r[0]);
--- a/Zotlabs/Daemon/Onepoll.php
+++ b/Zotlabs/Daemon/Onepoll.php
@@ -8,6 +8,7 @@ use Zotlabs\Lib\ASCollection;
 use Zotlabs\Lib\Libzot;

 require_once('include/socgraph.php');
+require_once('include/feedutils.php');

 class Onepoll {

@@ -44,7 +45,7 @@ class Onepoll {
 			return;
 		}

-		$contact      = array_shift($contacts);
+		$contact      = $contacts[0];
 		$importer_uid = $contact['abook_channel'];

 		$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
@@ -75,16 +76,12 @@ class Onepoll {
 			return;
 		}

-		if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+		if ($contact['xchan_network'] !== 'zot6')
 			return;

 		// update permissions

-		if ($contact['xchan_network'] === 'zot6')
-			$x = Libzot::refresh($contact, $importer);
-
-		if ($contact['xchan_network'] === 'zot')
-			$x = zot_refresh($contact, $importer);
+		$x = Libzot::refresh($contact, $importer);

 		$responded = false;
 		$updated   = datetime_convert();
@@ -109,31 +106,33 @@ class Onepoll {
 			return;

 		$fetch_feed = true;
-		$x          = null;

 		// They haven't given us permission to see their stream
-
 		$can_view_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'their_perms', 'view_stream'));

-		if (!$can_view_stream)
+		if (!$can_view_stream) {
 			$fetch_feed = false;
+		}

 		// we haven't given them permission to send us their stream
-
 		$can_send_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'my_perms', 'send_stream'));

-		if (!$can_send_stream)
+		if (!$can_send_stream) {
 			$fetch_feed = false;
+		}

-		if ($fetch_feed && $contact['xchan_network'] !== 'zot') {
+		if ($fetch_feed) {

 			$max = intval(get_config('system', 'max_imported_posts', 30));

 			if (intval($max)) {
-				$cl = get_xconfig($contact['abook_xchan'], 'activitypub', 'collections');
+				$cl = Activity::get_actor_collections($contact['abook_xchan']);
+				if(empty($cl)) {
+					$cl = get_xconfig($contact['abook_xchan'], 'activitypub', 'collections');
+				}

-				if (is_array($cl) && $cl) {
-					$url = ((array_key_exists('outbox', $cl)) ? $cl['outbox'] : '');
+				if (is_array($cl) && array_key_exists('outbox', $cl)) {
+					$url = $cl['outbox'];
 				}
 				else {
 					$url = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
@@ -163,8 +162,10 @@ class Onepoll {
 		// update the poco details for this connection
 		$r = q("SELECT xlink_id from xlink where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1",
 			intval($contact['xchan_hash']),
-			db_utcnow(), db_quoteinterval('1 DAY')
+			db_utcnow(),
+			db_quoteinterval('1 DAY')
 		);
+
 		if (!$r) {
 			poco_load($contact['xchan_hash'], $contact['xchan_connurl']);
 		}
--- a/Zotlabs/Daemon/Poller.php
+++ b/Zotlabs/Daemon/Poller.php
@@ -69,11 +69,11 @@ class Poller {
 			abook.abook_channel, abook.abook_id, abook.abook_archived, abook.abook_pending,
 			abook.abook_ignored, abook.abook_blocked,
 			xchan.xchan_network,
-			account.account_lastlog, account.account_flags 
-			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash 
+			account.account_lastlog, account.account_flags
+			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash
 			LEFT JOIN account on abook_account = account_id
 			where abook_self = 0
-			$sql_extra 
+			$sql_extra
 			AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
 			intval(ACCOUNT_OK),
 			intval(ACCOUNT_UNVERIFIED)     // FIXME
@@ -102,8 +102,7 @@ class Poller {
 					continue;
 				}

-
-				if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+				if ($contact['xchan_network'] !== 'zot6')
 					continue;

 				if ($c == $t) {
@@ -191,7 +190,7 @@ class Poller {

 		set_config('system', 'lastpoll', datetime_convert());

-		//All done - clear the lockfile	
+		//All done - clear the lockfile

 		@unlink($lockfile);

--- a/Zotlabs/Daemon/Queue.php
+++ b/Zotlabs/Daemon/Queue.php
@@ -2,8 +2,7 @@

 namespace Zotlabs\Daemon;

-require_once('include/queue_fn.php');
-require_once('include/zot.php');
+use Zotlabs\Lib\Queue as LibQueue;

 class Queue {

@@ -48,17 +47,17 @@ class Queue {
 		else {

 			// For the first 12 hours we'll try to deliver every 15 minutes
-			// After that, we'll only attempt delivery once per hour. 
-			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl 
+			// After that, we'll only attempt delivery once per hour.
+			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl
 			// so that we don't start off a thousand deliveries for a couple of dead hubs.
 			// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
 			// Other drivers will have to do something different here and may need their own query.

-			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the 
+			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the
 			// "every 15 minutes" category. We probably need to prioritise them when inserted into the queue
 			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
-			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once 
-			// or twice a day. 
+			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once
+			// or twice a day.

 			$sqlrandfunc = db_getfunc('rand');

@@ -67,7 +66,7 @@ class Queue {
 			);
 			while ($r) {
 				foreach ($r as $rv) {
-					queue_deliver($rv);
+					LibQueue::deliver($rv);
 				}
 				$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
 					db_utcnow()
@@ -78,7 +77,7 @@ class Queue {
 			return;

 		foreach ($r as $rv) {
-			queue_deliver($rv);
+			LibQueue::deliver($rv);
 		}
 	}
 }
--- a/Zotlabs/Daemon/Ratenotif.php
+++ b/Zotlabs/Daemon/Ratenotif.php
@@ -1,126 +0,0 @@
-<?php
-
-namespace Zotlabs\Daemon;
-
-require_once('include/zot.php');
-require_once('include/queue_fn.php');
-
-
-class Ratenotif {
-
-	static public function run($argc,$argv) {
-
-
-		// Deprecated
-		return;
-
-
-		require_once("datetime.php");
-		require_once('include/items.php');
-
-		if($argc < 3)
-			return;
-
-
-		logger('ratenotif: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
-
-		$cmd = $argv[1];
-
-		$item_id = $argv[2];
-
-
-		if($cmd === 'rating') {
-			$r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
-				intval($item_id)
-			);
-			if(! $r) {
-				logger('rating not found');
-				return;
-			}
-
-			$encoded_item = array(
-				'type' => 'rating', 
-				'encoding' => 'zot',
-				'target' => $r[0]['xlink_link'],
-				'rating' => intval($r[0]['xlink_rating']),
-				'rating_text' => $r[0]['xlink_rating_text'],
-				'signature' => $r[0]['xlink_sig'],
-				'edited' => $r[0]['xlink_updated']
-			);
-		}
-
-		$channel = channelx_by_hash($r[0]['xlink_xchan']);
-		if(! $channel) {
-			logger('no channel');
-			return;
-		}
-
-
-		$primary = get_directory_primary();
-	
-		if(! $primary)
-			return;
-
-
-		$interval = ((get_config('system','delivery_interval') !== false) 
-			? intval(get_config('system','delivery_interval')) : 2 );
-
-		$deliveries_per_process = intval(get_config('system','delivery_batch_count'));
-
-		if($deliveries_per_process <= 0)
-			$deliveries_per_process = 1;
-
-		$deliver = array();
-
-		$x = z_fetch_url($primary . '/regdir');
-		if($x['success']) {
-			$j = json_decode($x['body'],true);
-			if($j && $j['success'] && is_array($j['directories'])) {
-
-				foreach($j['directories'] as $h) {
-					if($h == z_root())
-						continue;
-
-					$hash = random_string();
-					$n = zot_build_packet($channel,'notify',null,null,'',$hash);
-
-					queue_insert(array(
-						'hash'       => $hash,
-						'account_id' => $channel['channel_account_id'],
-						'channel_id' => $channel['channel_id'],
-						'posturl'    => $h . '/post',
-						'notify'     => $n,
-						'msg'        => json_encode($encoded_item)
-					));
-
-
-					$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
-					if(intval($x[0]['total']) > intval(get_config('system','force_queue_threshold',300))) {
-						logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
-						update_queue_item($hash);
-						continue;
-					}
-
-					$deliver[] = $hash;
-	
-					if(count($deliver) >= $deliveries_per_process) {
-						Master::Summon(array('Deliver',$deliver));
-						$deliver = array();
-						if($interval)
-							@time_sleep_until(microtime(true) + (float) $interval);
-					}
-				}
-	
-				// catch any stragglers
-	
-				if(count($deliver)) {
-					Master::Summon(array('Deliver',$deliver));
-				}
-			}
-		}
-		
-		logger('ratenotif: complete.');
-		return;
-
-	}
-}
--- a/Zotlabs/Daemon/Thumbnail.php
+++ b/Zotlabs/Daemon/Thumbnail.php
@@ -45,7 +45,6 @@ class Thumbnail {
 			return;
 		}

-
 		$default_controller = null;

 		$files = glob('Zotlabs/Thumbs/*.php');
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
@@ -8,9 +8,12 @@ use Zotlabs\Access\PermissionRoles;
 use Zotlabs\Access\Permissions;
 use Zotlabs\Daemon\Master;
 use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\XConfig;
+use Zotlabs\Lib\Libzot;

 require_once('include/event.php');
 require_once('include/html2plain.php');
+require_once('include/items.php');

 class Activity {

@@ -41,9 +44,6 @@ class Activity {
 			if ($x['type'] === ACTIVITY_OBJ_EVENT) {
 				return self::fetch_event($x);
 			}
-			if ($x['type'] === ACTIVITY_OBJ_PHOTO) {
-				return self::fetch_image($x);
-			}

 			call_hooks('encode_object', $x);
 		}
@@ -193,6 +193,7 @@ class Activity {
 	}

 	static function fetch_image($x) {
+
 		$ret = [
 			'type'      => 'Image',
 			'id'        => $x['id'],
@@ -591,13 +592,11 @@ class Activity {
 							break;

 						case 'Mention':
-							$mention_type = substr($t['name'], 0, 1);
-							if ($mention_type === '!') {
-								$ret[] = ['ttype' => TERM_FORUM, 'url' => $t['href'], 'term' => escape_tags(substr($t['name'], 1))];
-							}
-							else {
-								$ret[] = ['ttype' => TERM_MENTION, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '@') ? substr($t['name'], 1) : $t['name'])];
-							}
+							$ret[] = ['ttype' => TERM_MENTION, 'url' => $t['href'], 'term' => escape_tags((substr($t['name'], 0, 1) === '@') ? substr($t['name'], 1) : $t['name'])];
+							break;
+
+						case 'Bookmark':
+							$ret[] = ['ttype' => TERM_BOOKMARK, 'url' => $t['href'], 'term' => escape_tags($t['name'])];
 							break;

 						default:
@@ -624,14 +623,14 @@ class Activity {
 						}
 						break;

-					case TERM_FORUM:
-						$ret[] = ['type' => 'Mention', 'href' => $t['url'], 'name' => '!' . $t['term']];
-						break;
-
 					case TERM_MENTION:
 						$ret[] = ['type' => 'Mention', 'href' => $t['url'], 'name' => '@' . $t['term']];
 						break;

+					case TERM_BOOKMARK:
+						$ret[] = ['type' => 'Bookmark', 'href' => $t['url'], 'name' => $t['term']];
+						break;
+
 					default:
 						break;
 				}
@@ -649,7 +648,7 @@ class Activity {
 			$atts = ((is_array($item['attach'])) ? $item['attach'] : json_decode($item['attach'], true));
 			if ($atts) {
 				foreach ($atts as $att) {
-					if (strpos($att['type'], 'image')) {
+					if (isset($att['type']) && strpos($att['type'], 'image')) {
 						$ret[] = ['type' => 'Image', 'url' => $att['href']];
 					}
 					else {
@@ -758,7 +757,9 @@ class Activity {
 				if (array_path_exists('object/id', $obj)) {
 					$obj['object'] = $obj['object']['id'];
 				}
-				unset($obj['cc']);
+				if (isset($obj['cc'])) {
+					unset($obj['cc']);
+				}
 				$obj['to']     = [ACTIVITY_PUBLIC_INBOX];
 				$ret['object'] = $obj;
 			}
@@ -1110,6 +1111,7 @@ class Activity {
 		call_hooks('encode_person', $arr);

 		$ret = $arr['encoded'];
+
 		return $ret;
 	}

@@ -1532,10 +1534,54 @@ class Activity {
 		return;
 	}

-	static function actor_store($url, $person_obj) {
+	static function actor_store($url, $person_obj, $force = false) {

-		if (!is_array($person_obj))
+		if (!is_array($person_obj)) {
 			return;
+		}
+
+/* not implemented
+		if (array_key_exists('movedTo',$person_obj) && $person_obj['movedTo'] && ! is_array($person_obj['movedTo'])) {
+			$tgt = self::fetch($person_obj['movedTo']);
+			if (is_array($tgt)) {
+				self::actor_store($person_obj['movedTo'],$tgt);
+				ActivityPub::move($person_obj['id'],$tgt);
+			}
+			return;
+		}
+*/
+		$ap_hubloc = null;
+
+		$hublocs = self::get_actor_hublocs($url);
+
+		if ($hublocs) {
+			foreach ($hublocs as $hub) {
+				if ($hub['hubloc_network'] === 'activitypub') {
+					$ap_hubloc = $hub;
+				}
+				if ($hub['hubloc_network'] === 'zot6') {
+					Libzot::update_cached_hubloc($hub);
+				}
+			}
+		}
+
+		if ($ap_hubloc) {
+			// we already have a stored record. Determine if it needs updating.
+			if ($ap_hubloc['hubloc_updated'] < datetime_convert('UTC','UTC',' now - 3 days') || $force) {
+				$person_obj = self::fetch($url);
+			}
+			else {
+				return;
+			}
+		}
+
+		if (isset($person_obj['id'])) {
+			$url = $person_obj['id'];
+		}
+
+		if (! $url) {
+			return;
+		}

 		$inbox = $person_obj['inbox'];

@@ -1545,21 +1591,35 @@ class Activity {
 			return;
 		}

-		$name = $person_obj['name'];
-		if (!$name)
-			$name = $person_obj['preferredUsername'];
-		if (!$name)
-			$name = t('Unknown');
+		// store the actor record in XConfig
+		XConfig::Set($url, 'system', 'actor_record', $person_obj);

+		$name = $person_obj['name'];
+		if (!$name) {
+			$name = $person_obj['preferredUsername'];
+		}
+		if (!$name) {
+			$name = t('Unknown');
+		}
+
+		$icon = z_root() . '/' . get_default_profile_photo(300);
 		if ($person_obj['icon']) {
 			if (is_array($person_obj['icon'])) {
-				if (array_key_exists('url', $person_obj['icon']))
+				if (array_key_exists('url', $person_obj['icon'])) {
 					$icon = $person_obj['icon']['url'];
-				else
-					$icon = $person_obj['icon'][0]['url'];
+				}
+				else {
+					if (is_string($person_obj['icon'][0])) {
+						$icon = $person_obj['icon'][0];
+					}
+					elseif (array_key_exists('url', $person_obj['icon'][0])) {
+						$icon = $person_obj['icon'][0]['url'];
+					}
+				}
 			}
-			else
+			else {
 				$icon = $person_obj['icon'];
+			}
 		}

 		$links   = false;
@@ -1592,20 +1652,6 @@ class Activity {
 			$profile = $url;
 		}

-		$collections = [];
-
-		if ($inbox) {
-			$collections['inbox'] = $inbox;
-			if (array_key_exists('outbox', $person_obj))
-				$collections['outbox'] = $person_obj['outbox'];
-			if (array_key_exists('followers', $person_obj))
-				$collections['followers'] = $person_obj['followers'];
-			if (array_key_exists('following', $person_obj))
-				$collections['following'] = $person_obj['following'];
-			if (array_key_exists('endpoints', $person_obj) && array_key_exists('sharedInbox', $person_obj['endpoints']))
-				$collections['sharedInbox'] = $person_obj['endpoints']['sharedInbox'];
-		}
-
 		if (array_key_exists('publicKey', $person_obj) && array_key_exists('publicKeyPem', $person_obj['publicKey'])) {
 			if ($person_obj['id'] === $person_obj['publicKey']['owner']) {
 				$pubkey = $person_obj['publicKey']['publicKeyPem'];
@@ -1615,85 +1661,82 @@ class Activity {
 			}
 		}

-		$r = q("select * from xchan where xchan_hash = '%s' limit 1",
+		$m = parse_url($url);
+		if($m) {
+			$hostname = $m['host'];
+			$baseurl = $m['scheme'] . '://' . $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
+			$site_url = $m['scheme'] . '://' . $m['host'];
+		}
+
+		$r = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where xchan_hash = '%s'",
 			dbesc($url)
 		);
-		if (!$r) {
+
+		if($r) {
+			// Record exists. Cache existing records for one week at most
+			// then refetch to catch updated profile photos, names, etc.
+			$d = datetime_convert('UTC', 'UTC', 'now - 3 days');
+			if($r[0]['hubloc_updated'] > $d && !$force) {
+				return;
+			}
+
+			q("UPDATE site SET site_update = '%s', site_dead = 0 WHERE site_url = '%s'",
+				dbesc(datetime_convert()),
+				dbesc($site_url)
+			);
+
+			// update existing xchan record
+			q("update xchan set xchan_name = '%s', xchan_guid = '%s', xchan_pubkey = '%s', xchan_network = 'activitypub', xchan_name_date = '%s' where xchan_hash = '%s'",
+				dbesc(escape_tags($name)),
+				dbesc(escape_tags($url)),
+				dbesc(escape_tags($pubkey)),
+				dbescdate(datetime_convert()),
+				dbesc($url)
+			);
+
+			// update existing hubloc record
+			q("update hubloc set hubloc_guid = '%s', hubloc_network = 'activitypub', hubloc_url = '%s', hubloc_host = '%s', hubloc_callback = '%s', hubloc_updated = '%s', hubloc_id_url = '%s' where hubloc_hash = '%s'",
+				dbesc(escape_tags($url)),
+				dbesc(escape_tags($baseurl)),
+				dbesc(escape_tags($hostname)),
+				dbesc(escape_tags($inbox)),
+				dbescdate(datetime_convert()),
+				dbesc(escape_tags($profile)),
+				dbesc($url)
+			);
+		}
+		else {
 			// create a new record

 			xchan_store_lowlevel(
 				[
-					'xchan_hash'      => $url,
-					'xchan_guid'      => $url,
-					'xchan_pubkey'    => $pubkey,
-					'xchan_addr'      => '',
-					'xchan_url'       => $profile,
-					'xchan_name'      => $name,
-					'xchan_name_date' => datetime_convert(),
-					'xchan_network'   => 'activitypub'
+					'xchan_hash'         => escape_tags($url),
+					'xchan_guid'         => escape_tags($url),
+					'xchan_pubkey'       => escape_tags($pubkey),
+					'xchan_addr'         => '',
+					'xchan_url'          => escape_tags($profile),
+					'xchan_name'         => escape_tags($name),
+					'xchan_name_date'    => datetime_convert(),
+					'xchan_network'      => 'activitypub'
 				]
 			);
-		}
-		else {

-			// Record exists. Cache existing records for one week at most
-			// then refetch to catch updated profile photos, names, etc.
-
-			$d = datetime_convert('UTC', 'UTC', 'now - 1 week');
-			if ($r[0]['xchan_name_date'] > $d)
-				return;
-
-			// update existing record
-			q("update xchan set xchan_name = '%s', xchan_pubkey = '%s', xchan_network = '%s', xchan_name_date = '%s' where xchan_hash = '%s'",
-				dbesc($name),
-				dbesc($pubkey),
-				dbesc('activitypub'),
-				dbesc(datetime_convert()),
-				dbesc($url)
-			);
-		}
-
-		if ($collections) {
-			set_xconfig($url, 'activitypub', 'collections', $collections);
-		}
-
-		$r = q("select * from hubloc where hubloc_hash = '%s' limit 1",
-			dbesc($url)
-		);
-
-		$m = parse_url($url);
-		if ($m) {
-			$hostname = $m['host'];
-			$site_url  = $m['scheme'] . '://' . $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
-		}
-
-		if (!$r) {
 			hubloc_store_lowlevel(
 				[
-					'hubloc_guid'     => $url,
-					'hubloc_hash'     => $url,
+					'hubloc_guid'     => escape_tags($url),
+					'hubloc_hash'     => escape_tags($url),
 					'hubloc_addr'     => '',
 					'hubloc_network'  => 'activitypub',
-					'hubloc_url'      => $site_url,
-					'hubloc_host'     => $hostname,
-					'hubloc_callback' => $inbox,
+					'hubloc_url'      => escape_tags($baseurl),
+					'hubloc_host'     => escape_tags($hostname),
+					'hubloc_callback' => escape_tags($inbox),
 					'hubloc_updated'  => datetime_convert(),
 					'hubloc_primary'  => 1,
-					'hubloc_id_url'   => $profile
+					'hubloc_id_url'   => escape_tags($profile)
 				]
 			);
 		}

-		q("UPDATE site SET site_update = '%s', site_dead = 0 WHERE site_url = '%s' AND site_update < %s - INTERVAL %s",
-			dbesc(datetime_convert()),
-			dbesc($site_url),
-			db_utcnow(),
-			db_quoteinterval('1 DAY')
-		);
-
-		if (!$icon)
-			$icon = z_root() . '/' . get_default_profile_photo(300);
-
 		$photos = import_xchan_photo($icon, $url);
 		q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
 			dbescdate(datetime_convert('UTC', 'UTC', $photos[5])),
@@ -1742,14 +1785,9 @@ class Activity {
 	static function create_note($channel, $observer_hash, $act) {

 		$s = [];
-
-		// Mastodon only allows visibility in public timelines if the public inbox is listed in the 'to' field.
-		// They are hidden in the public timeline if the public inbox is listed in the 'cc' field.
-		// This is not part of the activitypub protocol - we might change this to show all public posts in pubstream at some point.
-		$pubstream      = ((is_array($act->obj) && array_key_exists('to', $act->obj) && in_array(ACTIVITY_PUBLIC_INBOX, $act->obj['to'])) ? true : false);
 		$is_sys_channel = is_sys_channel($channel['channel_id']);
-
 		$parent = ((array_key_exists('inReplyTo', $act->obj)) ? urldecode($act->obj['inReplyTo']) : '');
+
 		if ($parent) {

 			$r = q("select * from item where uid = %d and ( mid = '%s' or  mid = '%s' ) limit 1",
@@ -1764,7 +1802,7 @@ class Activity {
 			}

 			if ($r[0]['owner_xchan'] === $channel['channel_hash']) {
-				if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !($is_sys_channel && $pubstream)) {
+				if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !$is_sys_channel) {
 					logger('no comment permission.');
 					return;
 				}
@@ -1776,13 +1814,28 @@ class Activity {

 		}
 		else {
-			if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !($is_sys_channel && $pubstream)) {
-				logger('no permission');
+			if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !$is_sys_channel) {
+				logger('no send_stream permission');
 				return;
 			}
 			$s['owner_xchan'] = $s['author_xchan'] = $observer_hash;
 		}

+		if ($act->recips && (!in_array(ACTIVITY_PUBLIC_INBOX, $act->recips)))
+			$s['item_private'] = 1;
+
+
+		if (array_key_exists('directMessage', $act->obj) && intval($act->obj['directMessage'])) {
+			$s['item_private'] = 2;
+		}
+
+		if (intval($s['item_private']) === 2) {
+			if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'post_mail')) {
+				logger('no post_mail permission');
+				return;
+			}
+		}
+
 		$abook = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
 			dbesc($observer_hash),
 			intval($channel['channel_id'])
@@ -1931,14 +1984,6 @@ class Activity {
 			}
 		}

-		if ($act->recips && (!in_array(ACTIVITY_PUBLIC_INBOX, $act->recips)))
-			$s['item_private'] = 1;
-
-
-		if (array_key_exists('directMessage', $act->obj) && intval($act->obj['directMessage'])) {
-			$s['item_private'] = 2;
-		}
-
 		set_iconfig($s, 'activitypub', 'recips', $act->raw_recips);
 		if ($parent) {
 			set_iconfig($s, 'activitypub', 'rawmsg', $act->raw, 1);
@@ -2268,7 +2313,6 @@ class Activity {
 			$s['app'] = escape_tags($generator['name']);
 		}

-
 		if (!$response_activity) {
 			$a = self::decode_taxonomy($act->obj);
 			if ($a) {
@@ -2403,7 +2447,7 @@ class Activity {

 			}

-			if ($act->obj['type'] === 'Image') {
+			if ($act->obj['type'] === 'Image' && strpos($s['body'],'zrl=') === false) {

 				$ptr = null;

@@ -2545,12 +2589,6 @@ class Activity {
 			return;
 		}*/

-		// Mastodon only allows visibility in public timelines if the public inbox is listed in the 'to' field.
-		// They are hidden in the public timeline if the public inbox is listed in the 'cc' field.
-		// This is not part of the activitypub protocol - we might change this to show all public posts in pubstream at some point.
-
-		$pubstream = ((is_array($act->obj) && array_key_exists('to', $act->obj) && in_array(ACTIVITY_PUBLIC_INBOX, $act->obj['to'])) ? true : false);
-
 		// TODO: this his handled in pubcrawl atm.
 		// very unpleasant and imperfect way of determining a Mastodon DM
 		/*if ($act->raw_recips && array_key_exists('to',$act->raw_recips) && is_array($act->raw_recips['to']) && count($act->raw_recips['to']) === 1 && $act->raw_recips['to'][0] === channel_url($channel) && ! $act->raw_recips['cc']) {
@@ -2611,7 +2649,7 @@ class Activity {

 				$allowed = true;
 				// reject public stream comments that weren't sent by the conversation owner
-				if ($is_sys_channel && $pubstream && $item['owner_xchan'] !== $observer_hash && !$fetch_parents) {
+				if ($is_sys_channel && $item['owner_xchan'] !== $observer_hash && !$fetch_parents) {
 					$allowed = false;
 				}
 			}
@@ -2626,7 +2664,7 @@ class Activity {

 			// The $item['item_fetched'] flag is set in fetch_and_store_parents().
 			// In this case we should check against author permissions because sender is not owner.
-			if (perm_is_allowed($channel['channel_id'], (($item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || ($is_sys_channel && $pubstream)) {
+			if (perm_is_allowed($channel['channel_id'], (($item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || $is_sys_channel) {
 				$allowed = true;
 			}
 			// TODO: not implemented
@@ -2641,6 +2679,11 @@ class Activity {
 			$allowed = true;
 		}

+		if (intval($item['item_private']) === 2) {
+			if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'post_mail')) {
+				$allowed = false;
+			}
+		}

 		if ($is_sys_channel) {

@@ -2764,7 +2807,7 @@ class Activity {
 					$fetch = false;
 					// TODO: debug
 					// if (perm_is_allowed($channel['channel_id'],$observer_hash,'send_stream') && (PConfig::Get($channel['channel_id'],'system','hyperdrive',true) || $act->type === 'Announce')) {
-					if (perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') || ($is_sys_channel && $pubstream)) {
+					if (perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') || $is_sys_channel) {
 						$fetch = (($fetch_parents) ? self::fetch_and_store_parents($channel, $observer_hash, $item, $force) : false);
 					}
 					if ($fetch) {
@@ -3073,15 +3116,9 @@ class Activity {
 	static function announce_note($channel, $observer_hash, $act) {

 		$s = [];
-
 		$is_sys_channel = is_sys_channel($channel['channel_id']);

-		// Mastodon only allows visibility in public timelines if the public inbox is listed in the 'to' field.
-		// They are hidden in the public timeline if the public inbox is listed in the 'cc' field.
-		// This is not part of the activitypub protocol - we might change this to show all public posts in pubstream at some point.
-		$pubstream = ((is_array($act->obj) && array_key_exists('to', $act->obj) && in_array(ACTIVITY_PUBLIC_INBOX, $act->obj['to'])) ? true : false);
-
-		if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !($is_sys_channel && $pubstream)) {
+		if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') && !$is_sys_channel) {
 			logger('no permission');
 			return;
 		}
@@ -3496,7 +3533,7 @@ class Activity {
 	static function find_best_identity($xchan) {

 		if (filter_var($xchan, FILTER_VALIDATE_URL)) {
-			$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'zot') and hubloc_deleted = 0",
+			$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' and hubloc_deleted = 0",
 				dbesc($xchan)
 			);
 			if ($r) {
@@ -3510,4 +3547,53 @@ class Activity {

 	}

+	static function get_cached_actor($id) {
+		return (XConfig::Get($id,'system','actor_record'));
+	}
+
+	static function get_actor_hublocs($url, $options = 'all') {
+
+		$hublocs = false;
+
+		switch ($options) {
+			case 'activitypub':
+				$hublocs = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_hash = '%s' and hubloc_deleted = 0 ",
+					dbesc($url)
+				);
+				break;
+			case 'zot6':
+				$hublocs = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where hubloc_id_url = '%s' and hubloc_deleted = 0 ",
+					dbesc($url)
+				);
+				break;
+			case 'all':
+			default:
+				$hublocs = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash where ( hubloc_id_url = '%s' OR hubloc_hash = '%s' ) and hubloc_deleted = 0 ",
+					dbesc($url),
+					dbesc($url)
+				);
+				break;
+		}
+
+		return $hublocs;
+	}
+
+	static function get_actor_collections($url) {
+		$ret = [];
+		$actor_record = XConfig::Get($url,'system','actor_record');
+		if (! $actor_record) {
+			return $ret;
+		}
+
+		foreach ( [ 'inbox','outbox','followers','following' ] as $collection) {
+			if (isset($actor_record[$collection]) && $actor_record[$collection]) {
+				$ret[$collection] = $actor_record[$collection];
+			}
+		}
+		if (array_path_exists('endpoints/sharedInbox',$actor_record) && $actor_record['endpoints']['sharedInbox']) {
+			$ret['sharedInbox'] = $actor_record['endpoints']['sharedInbox'];
+		}
+
+		return $ret;
+	}
 }
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -300,16 +300,8 @@ class ActivityStreams {
 	function get_actor($property, $base = '', $namespace = '') {
 		$x = $this->get_property_obj($property, $base, $namespace);
 		if ($this->is_url($x)) {
-
-			// SECURITY: If we have already stored the actor profile, re-generate it
-			// from cached data - don't refetch it from the network
-
-			$r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' limit 1",
-				dbesc($x)
-			);
-			if ($r) {
-				$y           = Activity::encode_person($r[0]);
-				$y['cached'] = true;
+			$y = Activity::get_cached_actor($x);
+			if ($y) {
 				return $y;
 			}
 		}
--- a/Zotlabs/Lib/Apps.php
+++ b/Zotlabs/Lib/Apps.php
@@ -2,6 +2,7 @@

 namespace Zotlabs\Lib;

+use App;
 use Zotlabs\Lib\Libsync;

 require_once('include/plugin.php');
@@ -76,7 +77,9 @@ class Apps {
 			'Directory',
 			'Search',
 			'Help',
-			'Profile Photo'
+			'Profile Photo',
+			'HQ',
+			'Post'
 		]);

 		/**
@@ -374,7 +377,7 @@ class Apps {
 			'Permission Categories' => t('Permission Categories'),
 			'Public Stream' => t('Public Stream'),
 			'My Chatrooms' => t('My Chatrooms'),
-			'Channel Export' => t('Channel Export')
+			'Channel Export' => t('Channel Export'),
 		);

 		if(array_key_exists('name',$arr)) {
@@ -524,7 +527,7 @@ class Apps {
 		}
 		elseif(remote_channel()) {
 			$observer = \App::get_observer();
-			if($observer && in_array($observer['xchan_network'], ['zot6', 'zot'])) {
+			if($observer && $observer['xchan_network'] === 'zot6') {
 				// some folks might have xchan_url redirected offsite, use the connurl
 				$x = parse_url($observer['xchan_connurl']);
 				if($x) {
@@ -536,13 +539,47 @@ class Apps {
 		$install_action = (($installed) ? t('Update') : t('Install'));
 		$icon = ((strpos($papp['photo'],'icon:') === 0) ? substr($papp['photo'],5) : '');

+		if (!$installed && $mode === 'module') {
+			$_SESSION['return_url'] = App::$query_string;
+			return replace_macros(get_markup_template('app_install.tpl'), [
+				'$papp' => $papp,
+				'$install' => $install_action
+			]);
+		}
+
 		if($mode === 'navbar') {
+			return replace_macros(get_markup_template('app_nav_pinned.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+			));
+		}
+
+		if($mode === 'nav') {
 			return replace_macros(get_markup_template('app_nav.tpl'),array(
 				'$app' => $papp,
 				'$icon' => $icon,
 			));
 		}

+		if($mode === 'inline') {
+			return replace_macros(get_markup_template('app_inline.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+				'$installed' => $installed,
+				'$purchase' => ((isset($papp['page']) && (! $installed)) ? t('Purchase') : ''),
+				'$action_label' => $install_action
+			));
+		}
+
+		if(in_array($mode, ['nav-order', 'nav-order-pinned'])) {
+			return replace_macros(get_markup_template('app_order.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+				'$hosturl' => $hosturl,
+				'$mode' => $mode
+			));
+		}
+
 		if($mode === 'install') {
 			$papp['embed'] = true;
 		}
@@ -563,8 +600,6 @@ class Apps {
 			'$pin' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
 			'$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true),
 			'$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true),
-			'$navapps' => (($mode == 'nav') ? true : false),
-			'$order' => (($mode === 'nav-order' || $mode === 'nav-order-pinned') ? true : false),
 			'$mode' => $mode,
 			'$add' => t('Add to app-tray'),
 			'$remove' => t('Remove from app-tray'),
@@ -574,6 +609,7 @@ class Apps {
 		));
 	}

+
 	static public function app_install($uid,$app) {

 		if(! is_array($app)) {
@@ -1356,4 +1392,17 @@ class Apps {
 		return chunk_split(base64_encode(json_encode($papp)),72,"\n");
 	}

+	static public function get_papp($app) {
+
+		$r = q("select * from app where app_id = '%s' and app_channel = 0 limit 1",
+			dbesc(hash('whirlpool', $app))
+		);
+
+		if ($r) {
+			$papp = self::app_encode($r[0]);
+			return $papp;
+		}
+
+		return false;
+	}
 }
--- a/Zotlabs/Lib/Connect.php
+++ b/Zotlabs/Lib/Connect.php
@@ -146,7 +146,7 @@ class Connect {

 		}

-		$allowed = ((in_array($xchan['xchan_network'],['rss','zot','zot6'])) ? 1 : 0);
+		$allowed = ((in_array($xchan['xchan_network'],['rss', 'zot6'])) ? 1 : 0);

 		$hookdata = ['channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0];
 		call_hooks('follow_allow',$hookdata);
--- a/Zotlabs/Lib/DReport.php
+++ b/Zotlabs/Lib/DReport.php
@@ -87,8 +87,7 @@ class DReport {

 		// Is the sender one of our channels?

-		$c = q("select channel_id from channel where channel_hash = '%s' or channel_portable_id = '%s' limit 1",
-			dbesc($dr['sender']),
+		$c = q("select channel_id from channel where channel_hash = '%s' limit 1",
 			dbesc($dr['sender'])
 		);

--- a/Zotlabs/Lib/Enotify.php
+++ b/Zotlabs/Lib/Enotify.php
@@ -69,24 +69,24 @@ class Enotify {
 		$sender_name = $product;
 		$hostname = \App::get_hostname();
 		if(strpos($hostname,':'))
-			$hostname = substr($hostname,0,strpos($hostname,':'));
+			$hostname = substr($hostname, 0, strpos($hostname,':'));

 		// Do not translate 'noreply' as it must be a legal 7-bit email address

-		$reply_email = get_config('system','reply_address');
+		$reply_email = get_config('system', 'reply_address');
 		if(! $reply_email)
 			$reply_email = 'noreply' . '@' . $hostname;

-		$sender_email = get_config('system','from_email');
+		$sender_email = get_config('system', 'from_email');
 		if(! $sender_email)
 			$sender_email = 'Administrator' . '@' . $hostname;

-		$sender_name = get_config('system','from_email_name');
+		$sender_name = get_config('system', 'from_email_name');
 		if(! $sender_name)
 			$sender_name = \Zotlabs\Lib\System::get_site_name();


-		$additional_mail_header = "";
+		$additional_mail_header = '';

 		if(array_key_exists('item', $params)) {
 			require_once('include/conversation.php');
@@ -114,27 +114,28 @@ class Enotify {
 		}


-	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
-	$vnotify = get_pconfig($recip['channel_id'],'system','vnotify');
+	$always_show_in_notices = get_pconfig($recip['channel_id'], 'system', 'always_show_in_notices');
+	$vnotify = get_pconfig($recip['channel_id'], 'system', 'vnotify');

 	$salutation = $recip['channel_name'];

 	// e.g. "your post", "David's photo", etc.
 	$possess_desc = t('%s <!item_type!>');

+// @@TODO: consider using switch instead of those elseif
 	if ($params['type'] == NOTIFY_MAIL) {
 		logger('notification: mail');
-		$subject = 	sprintf( t('[$Projectname:Notify] New mail received at %s'),$sitename);
+		$subject = 	sprintf( t('[$Projectname:Notify] New direct message received at %s'), $sitename);

-		$preamble = sprintf( t('%1$s sent you a new private message at %2$s.'), $sender['xchan_name'],$sitename);
-		$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
-		$sitelink = t('Please visit %s to view and/or reply to your private messages.');
-		$tsitelink = sprintf( $sitelink, $siteurl . '/mail/' . $params['item']['id'] );
-		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/mail/' . $params['item']['id'] . '">' . $sitename . '</a>');
-		$itemlink = $siteurl . '/mail/' . $params['item']['id'];
+		$preamble = sprintf( t('%1$s sent you a new direct message at %2$s.'), $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s sent you %2$s.'), '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a direct message') . '[/zrl]');
+		$sitelink = t('Please visit %s to view and/or reply to your direct messages.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/hq/' . gen_link_id($params['item']['mid']));
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/hq/' . gen_link_id($params['item']['mid']) . '">' . $sitename . '</a>');
+		$itemlink = $siteurl . '/hq/' . gen_link_id($params['item']['mid']);
 	}

-	if ($params['type'] == NOTIFY_COMMENT) {
+	elseif ($params['type'] === NOTIFY_COMMENT) {
 		//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);

 		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
@@ -171,7 +172,6 @@ class Enotify {
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification

-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -196,6 +196,7 @@ class Enotify {

 		xchan_query($p);

+//@@FIXME $p can be null (line 188)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
@@ -250,7 +251,7 @@ class Enotify {

 	}

-	if ($params['type'] == NOTIFY_LIKE) {
+	elseif ($params['type'] === NOTIFY_LIKE) {
 //		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);

 		$itemlink =  $params['link'];
@@ -268,7 +269,6 @@ class Enotify {
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification

-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -293,7 +293,7 @@ class Enotify {

 		xchan_query($p);

-
+//@@FIXME $p can be null (line 285)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
@@ -302,7 +302,7 @@ class Enotify {


 		// "your post"
-		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+		if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
 			$dest_str = sprintf(t('%1$s liked [zrl=%2$s]your %3$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
 				$itemlink,
@@ -328,7 +328,7 @@ class Enotify {



-	if($params['type'] == NOTIFY_WALL) {
+	elseif($params['type'] === NOTIFY_WALL) {
 		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);

 		$preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
@@ -343,9 +343,8 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_TAGSELF) {
+	elseif ($params['type'] === NOTIFY_TAGSELF) {

-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -368,7 +367,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_POKE) {
+	elseif ($params['type'] === NOTIFY_POKE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
@@ -385,7 +384,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_TAGSHARE) {
+	elseif ($params['type'] === NOTIFY_TAGSHARE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
@@ -398,7 +397,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_INTRO) {
+	elseif ($params['type'] === NOTIFY_INTRO) {
 		$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
 		$preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
@@ -412,7 +411,7 @@ class Enotify {
 		$itemlink = $params['link'];
 	}

-	if ($params['type'] == NOTIFY_SUGGEST) {
+	elseif ($params['type'] === NOTIFY_SUGGEST) {
 		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
 		$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
@@ -430,11 +429,11 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}

-	if ($params['type'] == NOTIFY_CONFIRM) {
+	elseif ($params['type'] === NOTIFY_CONFIRM) {
 		// ?
 	}

-	if ($params['type'] == NOTIFY_SYSTEM) {
+	elseif ($params['type'] === NOTIFY_SYSTEM) {
 		// ?
 	}

@@ -477,7 +476,7 @@ class Enotify {
 	} while ($dups === true);


-	$datarray = array();
+	$datarray = [];
 	$datarray['hash']   = $hash;
 	$datarray['sender_hash'] = $sender['xchan_hash'];
 	$datarray['xname']   = $sender['xchan_name'];
@@ -514,7 +513,7 @@ class Enotify {
 	// (probably would be better that way)

 	if (!$always_show_in_notices) {
-		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
+		if (($params['type'] === NOTIFY_WALL) || ($params['type'] === NOTIFY_MAIL) || ($params['type'] === NOTIFY_INTRO)) {
 			$seen = 1;
 		}
 	}
@@ -550,12 +549,12 @@ class Enotify {
 	}

 	$itemlink = z_root() . '/notify/view/' . $notify_id;
-	$msg = str_replace('$itemlink',$itemlink,$epreamble);
+	$msg = str_replace('$itemlink', $itemlink, $epreamble);

 	// wretched hack, but we don't want to duplicate all the preamble variations and we also don't want to screw up a translation

 	if ((\App::$language === 'en' || (! \App::$language)) && strpos($msg,', '))
-		$msg = substr($msg,strpos($msg,', ')+1);
+		$msg = substr($msg, strpos($msg,', ')+1);

 	$datarray['id'] = $notify_id;
 	$datarray['msg'] = $msg;
@@ -575,7 +574,7 @@ class Enotify {

 		logger('notification: sending notification email');

-		$hn = get_pconfig($recip['channel_id'],'system','email_notify_host');
+		$hn = get_pconfig($recip['channel_id'], 'system', 'email_notify_host');
 		if($hn && (! stristr(\App::get_hostname(),$hn))) {
 			// this isn't the email notification host
 			pop_lang();
@@ -584,7 +583,7 @@ class Enotify {

 		$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array( "", "\n"), $body))),ENT_QUOTES,'UTF-8'));

-		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)));
+		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array('',"<br />\n"),$body)));


 		// use $_SESSION['zid_override'] to force zid() to use
@@ -601,7 +600,7 @@ class Enotify {
 		unset($_SESSION['zid_override']);
 		unset($_SESSION['zrl_override']);

-		$datarray = array();
+		$datarray = [];
 		$datarray['banner']       = $banner;
 		$datarray['product']      = $product;
 		$datarray['preamble']     = $preamble;
@@ -758,9 +757,9 @@ class Enotify {
 		$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');

 		// generate a mime boundary
-		$mimeBoundary = rand(0, 9) . "-"
-				.rand(100000000, 999999999) . "-"
-				.rand(100000000, 999999999) . "=:"
+		$mimeBoundary = rand(0, 9) . '-'
+				.rand(100000000, 999999999) . '-'
+				.rand(100000000, 999999999) . '=:'
 				.rand(10000, 99999);

 		// generate a multipart/alternative message header
@@ -768,7 +767,7 @@ class Enotify {
 			$params['additionalMailHeader'] .
 			"From: $fromName <{$params['fromEmail']}>" . PHP_EOL .
 			"Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL .
-			"MIME-Version: 1.0" . PHP_EOL .
+			'MIME-Version: 1.0' . PHP_EOL .
 			"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";

 		// assemble the final multipart message body with the text and html types included
@@ -776,15 +775,15 @@ class Enotify {
 		$htmlBody = chunk_split(base64_encode($params['htmlVersion']));

 		$multipartMessageBody =
-			"--" . $mimeBoundary . PHP_EOL .					// plain text section
-			"Content-Type: text/plain; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// plain text section
+			'Content-Type: text/plain; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$textBody . PHP_EOL .
-			"--" . $mimeBoundary . PHP_EOL .					// text/html section
-			"Content-Type: text/html; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// text/html section
+			'Content-Type: text/html; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$htmlBody . PHP_EOL .
-			"--" . $mimeBoundary . "--" . PHP_EOL;					// message ending
+			'--' . $mimeBoundary . '--' . PHP_EOL;					// message ending

 		// send the message
 		$res = mail(
@@ -793,7 +792,7 @@ class Enotify {
 			$multipartMessageBody,							// message body
 			$messageHeader									// message headers
 		);
-		logger("notification: enotify::send returns " . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
+		logger('notification: enotify::send returns ' . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
 		return $res;
 	}

@@ -833,13 +832,12 @@ class Enotify {
 		$edit = false;

 		if($item['edited'] > $item['created']) {
+			$edit = true;
 			if($item['item_thread_top']) {
 				$itemem_text = sprintf( t('edited a post dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 			else {
 				$itemem_text = sprintf( t('edited a comment dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 		}

@@ -856,18 +854,18 @@ class Enotify {
 			'photo' => $item[$who]['xchan_photo_s'],
 			'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])),
 			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
-			'b64mid' => (($item['mid']) ? 'b64.' . base64url_encode($item['mid']) : ''),
-			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])),
+			'b64mid' => (($item['mid']) ? gen_link_id($item['mid']) : ''),
+			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? gen_link_id($item['thr_parent']) : gen_link_id($item['mid'])),
 			'thread_top' => (($item['item_thread_top']) ? true : false),
 			'message' => bbcode(escape_tags($itemem_text)),
-			'body' =>  htmlentities(html2plain(bbcode($item['body']), 75, true), ENT_QUOTES, 'UTF-8', false),
+			'body' =>  htmlentities(html2plain(bbcode($item['body'], ['drop_media', true]), 75, true), ENT_QUOTES, 'UTF-8', false),
 			// these are for the superblock addon
 			'hash' => $item[$who]['xchan_hash'],
 			'uid' => $item['uid'],
 			'display' => true
 		);

-		call_hooks('enotify_format',$x);
+		call_hooks('enotify_format', $x);
 		if(! $x['display']) {
 			return [];
 		}
@@ -884,9 +882,9 @@ class Enotify {

 		$mid = basename($tt['link']);

-		$b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid));
+		$b64mid = gen_link_id($mid);
 		$x = [
-			'notify_link' => z_root() . '/notify/view/' . $tt['id'],
+			'notify_link' => (($tt['ntype'] === NOTIFY_MAIL) ? $tt['link'] : z_root() . '/notify/view/' . $tt['id']),
 			'name' => $tt['xname'],
 			'url' => $tt['url'],
 			'photo' => $tt['photo'],
@@ -903,7 +901,7 @@ class Enotify {

 	static public function format_intros($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/connections/ifpending',
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
@@ -914,13 +912,11 @@ class Enotify {
 			'message' => t('added your channel')
 		];

-		return $x;
-
 	}

 	static public function format_files($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/sharedwithme',
 			'name' => $rr['author']['xchan_name'],
 			'addr' => $rr['author']['xchan_addr'],
@@ -931,13 +927,11 @@ class Enotify {
 			'message' => t('shared a file with you')
 		];

-		return $x;
-
 	}

 	static public function format_mail($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/mail/' . $rr['id'],
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
@@ -945,11 +939,9 @@ class Enotify {
 			'photo' => $rr['xchan_photo_s'],
 			'when' => datetime_convert('UTC', date_default_timezone_get(), $rr['created']),
 			'hclass' => (intval($rr['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
-			'message' => t('sent you a private message'),
+			'message' => t('sent you a direct message'),
 		];

-		return $x;
-
 	}

 	static public function format_all_events($rr) {
@@ -959,7 +951,7 @@ class Enotify {
 		$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
 		$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ?  ' ' . t('[today]') : '');

-		$x = [
+		return [
 			'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'],
 			'name'        => $rr['xchan_name'],
 			'addr'        => $rr['xchan_addr'],
@@ -970,13 +962,12 @@ class Enotify {
 			'message'     => t('created an event')
 		];

-		return $x;

 	}

 	static public function format_register($rr) {

-		$x = [
+		return [
 			'notify_link' => z_root() . '/admin/accounts',
 			'name' => $rr['reg_did2'],
 			//'addr' => '',
@@ -986,7 +977,5 @@ class Enotify {
 			'message' => t('status verified')
 		];

-		return $x;
-
 	}
 }
--- a/Zotlabs/Lib/Libsync.php
+++ b/Zotlabs/Lib/Libsync.php
@@ -255,9 +255,6 @@ class Libsync {
 			if (array_key_exists('chatroom', $arr) && $arr['chatroom'])
 				sync_chatrooms($channel, $arr['chatroom']);

-			if (array_key_exists('conv', $arr) && $arr['conv'])
-				import_conv($channel, $arr['conv']);
-
 			if (array_key_exists('mail', $arr) && $arr['mail'])
 				sync_mail($channel, $arr['mail']);

--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -1142,6 +1142,7 @@ class Libzot {
 		}


+
 		$deliveries = null;

 		if (array_key_exists('recipients', $env) && count($env['recipients'])) {
@@ -1270,10 +1271,6 @@ class Libzot {

 				if ($AS->data['signed_data']) {
 					IConfig::Set($arr, 'activitypub', 'signed_data', $AS->data['signed_data'], false);
-					$j = json_decode($AS->data['signed_data'], true);
-					if ($j) {
-						IConfig::Set($arr, 'activitypub', 'rawmsg', json_encode(JSalmon::unpack($j['data'])), true);
-					}
 				}

 				logger('Activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
@@ -1377,8 +1374,6 @@ class Libzot {
 				$check_mentions = true;
 			}
 		}
-		elseif ($msg['type'] === 'mail')
-			$perm = 'post_mail';

 		$r = [];

@@ -1606,6 +1601,12 @@ class Libzot {
 					$friendofriend = true;
 				}

+				if (intval($arr['item_private']) === 2) {
+					if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
+						$allowed = false;
+					}
+				}
+
 				if (!$allowed) {
 					logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
 					$DR->update('permission denied');
@@ -1915,16 +1916,18 @@ class Libzot {

 			// logger($AS->debug());

-			$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1",
+			$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s'",
 				dbesc($AS->actor['id'])
 			);
+			$r = self::zot_record_preferred($r);

 			if (!$r) {
 				$y = import_author_xchan(['url' => $AS->actor['id']]);
 				if ($y) {
-					$r = q("select hubloc_hash from hubloc where hubloc_id_url = '%s' limit 1",
+					$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s'",
 						dbesc($AS->actor['id'])
 					);
+					$r = self::zot_record_preferred($r);
 				}
 				if (!$r) {
 					logger('FOF Activity: no actor');
@@ -1940,9 +1943,8 @@ class Libzot {
 				}
 			}

-
 			if ($r) {
-				$arr['author_xchan'] = $r[0]['hubloc_hash'];
+				$arr['author_xchan'] = $r['hubloc_hash'];
 			}

 			if ($signer) {
@@ -2210,90 +2212,6 @@ class Libzot {
 		return $post_id;
 	}

-	static function process_mail_delivery($sender, $arr, $deliveries) {
-
-		$result = [];
-
-		if ($sender != $arr['from_xchan']) {
-			logger('process_mail_delivery: sender is not mail author');
-			return;
-		}
-
-		foreach ($deliveries as $d) {
-
-			$DR = new DReport(z_root(), $sender, $d, $arr['mid']);
-
-			$r = q("select * from channel where channel_hash = '%s' limit 1",
-				dbesc($d['hash'])
-			);
-
-			if (!$r) {
-				$DR->update('recipient not found');
-				$result[] = $DR->get();
-				continue;
-			}
-
-			$channel = $r[0];
-			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
-
-
-			if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
-
-				/*
-				 * Always allow somebody to reply if you initiated the conversation. It's anti-social
-				 * and a bit rude to send a private message to somebody and block their ability to respond.
-				 * If you are being harrassed and want to put an end to it, delete the conversation.
-				 */
-
-				$return = false;
-				if ($arr['parent_mid']) {
-					$return = q("select * from mail where mid = '%s' and channel_id = %d limit 1",
-						dbesc($arr['parent_mid']),
-						intval($channel['channel_id'])
-					);
-				}
-				if (!$return) {
-					logger("permission denied for mail delivery {$channel['channel_id']}");
-					$DR->update('permission denied');
-					$result[] = $DR->get();
-					continue;
-				}
-			}
-
-
-			$r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
-				dbesc($arr['mid']),
-				intval($channel['channel_id'])
-			);
-			if ($r) {
-				if (intval($arr['mail_recalled'])) {
-					$x = q("delete from mail where id = %d and channel_id = %d",
-						intval($r[0]['id']),
-						intval($channel['channel_id'])
-					);
-					$DR->update('mail recalled');
-					$result[] = $DR->get();
-					logger('mail_recalled');
-				}
-				else {
-					$DR->update('duplicate mail received');
-					$result[] = $DR->get();
-					logger('duplicate mail received');
-				}
-				continue;
-			}
-			else {
-				$arr['account_id'] = $channel['channel_account_id'];
-				$arr['channel_id'] = $channel['channel_id'];
-				$item_id           = mail_store($arr);
-				$DR->update('mail delivered');
-				$result[] = $DR->get();
-			}
-		}
-
-		return $result;
-	}
-

 	/**
 	 * @brief Processes delivery of profile.
@@ -2664,29 +2582,34 @@ class Libzot {
 		// we may only end up with one; which results in posts with no author name or photo and are a bit
 		// of a hassle to repair. If either or both are missing, do a full discovery probe.

-		//if (!array_key_exists('id', $x)) {
-			//return import_author_activitypub($x);
-		//}
+		if(!isset($x['id']) && !isset($x['key']) && !isset($x['id_sig'])) {
+			return false;
+		}

 		$hash = self::make_xchan_hash($x['id'], $x['key']);

 		$desturl = $x['url'];

+		$found_primary = false;
+
 		$r1 = q("select hubloc_url, hubloc_updated, site_dead from hubloc left join site on
 			hubloc_url = site_url where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1",
 			dbesc($x['id']),
 			dbesc($x['id_sig'])
 		);
+		if ($r1) {
+			$found_primary = true;
+		}

 		$r2 = q("select xchan_hash from xchan where xchan_guid = '%s' and xchan_guid_sig = '%s' limit 1",
 			dbesc($x['id']),
 			dbesc($x['id_sig'])
 		);

-		$site_dead = false;
+		$primary_dead = false;

 		if ($r1 && intval($r1[0]['site_dead'])) {
-			$site_dead = true;
+			$primary_dead = true;
 		}

 		// We have valid and somewhat fresh information. Always true if it is our own site.
@@ -2704,13 +2627,14 @@ class Libzot {
 		// cached entry and the identity is valid. It's just unreachable until they bring back their
 		// server from the grave or create another clone elsewhere.

-		if ($site_dead) {
-			logger('dead site - ignoring', LOGGER_DEBUG, LOG_INFO);
+		if ($primary_dead || ! $found_primary) {
+			logger('dead or unknown primary site - ignoring', LOGGER_DEBUG, LOG_INFO);

 			$r = q("select hubloc_id_url from hubloc left join site on hubloc_url = site_url
 				where hubloc_hash = '%s' and site_dead = 0",
 				dbesc($hash)
 			);
+
 			if ($r) {
 				logger('found another site that is not dead: ' . $r[0]['hubloc_url'], LOGGER_DEBUG, LOG_INFO);
 				$desturl = $r[0]['hubloc_url'];
@@ -2924,7 +2848,19 @@ class Libzot {
 		];

 		$ret['channel_role']  = get_pconfig($e['channel_id'], 'system', 'permissions_role', 'custom');
-		$ret['protocols']     = ['zot6', 'zot'];
+
+		$hookinfo = [
+			'channel_id' => $id,
+			'protocols' => ['zot6']
+		];
+		/**
+		 * @hooks channel_protocols
+		 *   * \e int \b channel_id
+		 *   * \e array \b protocols
+		 */
+		call_hooks('channel_protocols', $hookinfo);
+
+		$ret['protocols']     = $hookinfo['protocols'];
 		$ret['searchable']    = $searchable;
 		$ret['adult_content'] = $adult_channel;
 		$ret['public_forum']  = $public_forum;
@@ -3219,14 +3155,15 @@ class Libzot {
 				return $v;
 			}
 		}
-		foreach ($arr as $v) {
-			if ($v[$check] === 'zot') {
-				return $v;
-			}
-		}

 		return $arr[0];

 	}

+	static function update_cached_hubloc($hubloc) {
+		if ($hubloc['hubloc_updated'] > datetime_convert('UTC','UTC','now - 1 week') || $hubloc['hubloc_url'] === z_root()) {
+			return;
+		}
+		self::refresh( [ 'hubloc_id_url' => $hubloc['hubloc_id_url'] ] );
+	}
 }
--- a/Zotlabs/Lib/Libzotdir.php
+++ b/Zotlabs/Lib/Libzotdir.php
@@ -207,8 +207,6 @@ class Libzotdir {
 			);
 		}

-
-
 		// If there are no directory servers, setup the fallback master
 		/** @FIXME What to do if we're in a different realm? */

@@ -249,11 +247,12 @@ class Libzotdir {

 			$syncdate = (($rr['site_sync'] <= NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
 			$x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : ''));
+
 			if (! $x['success'])
 				continue;

 			$j = json_decode($x['body'],true);
-			if (!($j['transactions']) || ($j['ratings']))
+			if (!$j['transactions'])
 				continue;

 			q("update site set site_sync = '%s' where site_url = '%s'",
@@ -265,6 +264,11 @@ class Libzotdir {

 			if (is_array($j['transactions']) && count($j['transactions'])) {
 				foreach ($j['transactions'] as $t) {
+
+					if (empty($t['hash']) || empty($t['transaction_id']) || empty($t['address'])) {
+						continue;
+					}
+
 					$r = q("select * from updates where ud_guid = '%s' limit 1",
 						dbesc($t['transaction_id'])
 					);
@@ -319,6 +323,14 @@ class Libzotdir {
 			}
 			if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
 				$xc = Libzot::import_xchan($zf['data'], 0, $ud);
+				// This is a workaround for a missing xchan_updated column
+				// TODO: implement xchan_updated in the xchan table and update this column instead
+				if($zf['data']['primary_location']['address'] && $zf['data']['primary_location']['url']) {
+					q("UPDATE hubloc SET hubloc_updated = '%s' WHERE hubloc_id_url = '%s' AND hubloc_primary = 1",
+						dbesc(datetime_convert()),
+						dbesc($zf['data']['primary_location']['url'])
+					);
+				}
 			}
 			else {
 				q("update updates set ud_last = '%s' where ud_addr = '%s'",
@@ -345,7 +357,7 @@ class Libzotdir {

 		logger('local_dir_update: uid: ' . $uid, LOGGER_DEBUG);

-		$p = q("select channel.channel_hash, channel_address, channel_timezone, channel_portable_id, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
+		$p = q("select channel.channel_hash, channel_address, channel_timezone, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
 			intval($uid)
 		);

@@ -354,7 +366,6 @@ class Libzotdir {

 		if ($p) {
 			$hash = $p[0]['channel_hash'];
-			$legacy_hash = $p[0]['channel_portable_id'];

 			$profile['description'] = $p[0]['pdesc'];
 			$profile['birthday']    = $p[0]['dob'];
@@ -393,10 +404,9 @@ class Libzotdir {
 			);

 			if(intval($r[0]['xchan_hidden']) != $hidden) {
-				$r = q("update xchan set xchan_hidden = %d where xchan_hash in ('%s', '%s')",
+				$r = q("update xchan set xchan_hidden = %d where xchan_hash = '%s'",
 					intval($hidden),
-					dbesc($hash),
-					dbesc($legacy_hash)
+					dbesc($hash)
 				);
 			}

@@ -410,13 +420,11 @@ class Libzotdir {
 			}
 			else {
 				// they may have made it private
-				q("delete from xprof where xprof_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
+				q("delete from xprof where xprof_hash = '%s'",
+					dbesc($hash)
 				);
-				q("delete from xtag where xtag_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
+				q("delete from xtag where xtag_hash = '%s'",
+					dbesc($hash)
 				);
 			}

@@ -635,8 +643,13 @@ class Libzotdir {

 		$dirmode = intval(get_config('system', 'directory_mode'));

-		if($dirmode == DIRECTORY_MODE_NORMAL)
+		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			return;
+		}
+
+		if (empty($hash) || empty($guid) || empty($addr)) {
+			return;
+		}

 		if($flags) {
 			q("insert into updates (ud_hash, ud_guid, ud_date, ud_flags, ud_addr ) values ( '%s', '%s', '%s', %d, '%s' )",
@@ -656,9 +669,4 @@ class Libzotdir {
 		}
 	}

-
-
-
-
-
 }
--- a/Zotlabs/Lib/MessageFilter.php
+++ b/Zotlabs/Lib/MessageFilter.php
@@ -11,8 +11,6 @@ class MessageFilter {

 		require_once('include/html2plain.php');

-		unobscure($item);
-
 		$text = prepare_text($item['body'],$item['mimetype']);
 		$text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);

--- a/Zotlabs/Lib/Queue.php
+++ b/Zotlabs/Lib/Queue.php
@@ -2,6 +2,9 @@

 namespace Zotlabs\Lib;

+use Zotlabs\Zot6\Receiver;
+use Zotlabs\Zot6\Zot6Handler;
+
 class Queue {

 	static function update($id, $add_priority = 0) {
@@ -28,19 +31,19 @@ class Queue {
 			$might_be_down = ((datetime_convert('UTC','UTC',$y[0]['earliest']) < datetime_convert('UTC','UTC','now - 2 days')) ? true : false);


-		// Set all other records for this destination way into the future. 
+		// Set all other records for this destination way into the future.
 		// The queue delivers by destination. We'll keep one queue item for
 		// this destination (this one) with a shorter delivery. If we succeed
 		// once, we'll try to deliver everything for that destination.
-		// The delivery will be set to at most once per hour, and if the 
+		// The delivery will be set to at most once per hour, and if the
 		// queue item is less than 12 hours old, we'll schedule for fifteen
-		// minutes. 
+		// minutes.

 		q("UPDATE outq SET outq_scheduled = '%s' WHERE outq_posturl = '%s'",
 			dbesc(datetime_convert('UTC','UTC','now + 5 days')),
 			dbesc($x[0]['outq_posturl'])
 		);
- 
+
 		$since = datetime_convert('UTC','UTC',$x[0]['outq_created']);

 		if(($might_be_down) || ($since < datetime_convert('UTC','UTC','now - 12 hour'))) {
@@ -50,9 +53,9 @@ class Queue {
 			$next = datetime_convert('UTC','UTC','now + ' . intval($add_priority) . ' minutes');
 		}

-		q("UPDATE outq SET outq_updated = '%s', 
-			outq_priority = outq_priority + %d, 
-			outq_scheduled = '%s' 
+		q("UPDATE outq SET outq_updated = '%s',
+			outq_priority = outq_priority + %d,
+			outq_scheduled = '%s'
 			WHERE outq_hash = '%s'",

 			dbesc(datetime_convert()),
@@ -66,7 +69,7 @@ class Queue {
 	static function remove($id,$channel_id = 0) {
 		logger('queue: remove queue item ' . $id,LOGGER_DEBUG);
 		$sql_extra = (($channel_id) ? " and outq_channel = " . intval($channel_id) . " " : '');
-		
+
 		q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
 			dbesc($id)
 		);
@@ -75,7 +78,7 @@ class Queue {

 	static function remove_by_posturl($posturl) {
 		logger('queue: remove queue posturl ' . $posturl,LOGGER_DEBUG);
-		
+
 		q("DELETE FROM outq WHERE outq_posturl = '%s' ",
 			dbesc($posturl)
 		);
@@ -88,7 +91,7 @@ class Queue {
 		$sql_extra = (($channel['channel_id']) ? " and outq_channel = " . intval($channel['channel_id']) . " " : '');

 		// Set the next scheduled run date so far in the future that it will be expired
-		// long before it ever makes it back into the delivery chain. 
+		// long before it ever makes it back into the delivery chain.

 		q("update outq set outq_delivered = 1, outq_updated = '%s', outq_scheduled = '%s' where outq_hash = '%s' $sql_extra ",
 			dbesc(datetime_convert()),
@@ -108,7 +111,7 @@ class Queue {
 		}

 		$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
-			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg ) 
+			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg )
 			values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
 			dbesc($arr['hash']),
 			intval($arr['account_id']),
@@ -133,7 +136,7 @@ class Queue {

 		$base = null;
 		$h = parse_url($outq['outq_posturl']);
-		if($h !== false) 
+		if($h !== false)
 			$base = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');

 		if(($base) && ($base !== z_root()) && ($immediate)) {
@@ -147,7 +150,7 @@ class Queue {
 					return;
 				}
 				if($y[0]['site_update'] < datetime_convert('UTC','UTC','now - 1 month')) {
-					self::update($outq['outq_hash'],10);
+					self::update($outq['outq_hash'], 10);
 					logger('immediate delivery deferred for site ' . $base);
 					return;
 				}
@@ -158,12 +161,12 @@ class Queue {
 				// your site has existed. Since we don't know for sure what these sites are,
 				// call them unknown

-				site_store_lowlevel( 
+				site_store_lowlevel(
 					[
 						'site_url'    => $base,
 						'site_update' => datetime_convert(),
 						'site_dead'   => 0,
-						'site_type'   => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN),
+						'site_type'   => SITE_TYPE_UNKNOWN,
 						'site_crypto' => ''
 					]
 				);
@@ -171,65 +174,17 @@ class Queue {
 		}

 		$arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate);
-		call_hooks('queue_deliver',$arr);
+		call_hooks('queue_deliver', $arr);
 		if($arr['handled'])
 			return;

-		// "post" queue driver - used for diaspora and friendica-over-diaspora communications.
-
-		if($outq['outq_driver'] === 'post') {
-			$result = z_post_url($outq['outq_posturl'],$outq['outq_msg']);
-			if($result['success'] && $result['return_code'] < 300) {
-				logger('deliver: queue post success to ' . $outq['outq_posturl'], LOGGER_DEBUG);
-				if($base) {
-					q("update site set site_update = '%s', site_dead = 0 where site_url = '%s' ",
-						dbesc(datetime_convert()),
-						dbesc($base)
-					);
-				}
-				q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'",
-					dbesc('accepted for delivery'),
-					dbesc(datetime_convert()),
-					dbesc($outq['outq_hash'])
-				);
-				self::remove($outq['outq_hash']);
-
-				// server is responding - see if anything else is going to this destination and is piled up 
-				// and try to send some more. We're relying on the fact that do_delivery() results in an 
-				// immediate delivery otherwise we could get into a queue loop. 
-
-				if(! $immediate) {
-					$x = q("select outq_hash from outq where outq_posturl = '%s' and outq_delivered = 0",
-						dbesc($outq['outq_posturl'])
-					);
-	
-					$piled_up = array();
-					if($x) {
-						foreach($x as $xx) {
-							 $piled_up[] = $xx['outq_hash'];
-						}
-					}
-					if($piled_up) {
-						// call do_delivery() with the force flag
-						do_delivery($piled_up, true);
-					}
-				}
-			}
-			else {
-				logger('deliver: queue post returned ' . $result['return_code'] 
-					. ' from ' . $outq['outq_posturl'],LOGGER_DEBUG);
-					self::update($outq['outq_hash'],10);
-			}
-			return;
-		}
-
 		// normal zot delivery

 		logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG);

 		if($outq['outq_posturl'] === z_root() . '/zot') {
 			// local delivery
-			$zot = new \Zotlabs\Zot6\Receiver(new \Zotlabs\Zot6\Zot6Handler(),$outq['outq_notify']);
+			$zot = new Receiver(new Zot6Handler(), $outq['outq_notify']);
 			$result = $zot->run();
 			logger('returned_json: ' . json_encode($result,JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES), LOGGER_DATA);
 			logger('deliver: local zot delivery succeeded to ' . $outq['outq_posturl']);
@@ -246,7 +201,8 @@ class Queue {
 			$host_crypto = null;

 			if($channel && $base) {
-				$h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' and hubloc_sitekey != '' order by hubloc_id desc limit 1",
+				$h = q("SELECT hubloc_sitekey, site_crypto FROM hubloc LEFT JOIN site ON hubloc_url = site_url
+					WHERE site_url = '%s' AND hubloc_network = 'zot6' ORDER BY hubloc_id DESC LIMIT 1",
 					dbesc($base)
 				);
 				if($h) {
@@ -256,7 +212,7 @@ class Queue {

 			$msg = $outq['outq_notify'];

-			$result = Libzot::zot($outq['outq_posturl'],$msg,$channel,$host_crypto);
+			$result = Libzot::zot($outq['outq_posturl'], $msg, $channel, $host_crypto);

 			if($result['success']) {
 				logger('deliver: remote zot delivery succeeded to ' . $outq['outq_posturl']);
@@ -265,7 +221,7 @@ class Queue {
 			else {
 				logger('deliver: remote zot delivery failed to ' . $outq['outq_posturl']);
 				logger('deliver: remote zot delivery fail data: ' . print_r($result,true), LOGGER_DATA);
-				self::update($outq['outq_hash'],10);
+				self::update($outq['outq_hash'], 10);
 			}
 		}
 		return;
--- a/Zotlabs/Lib/Share.php
+++ b/Zotlabs/Lib/Share.php
@@ -8,13 +8,13 @@ class Share {


 	public function __construct($post_id) {
-	
+
 		if(! $post_id)
 			return;
-	
+
 		if(! (local_channel() || remote_channel()))
 			return;
-	
+
 		$r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d  LIMIT 1",
 			intval($post_id)
 		);
@@ -23,26 +23,26 @@ class Share {

 		if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss'))
 			return;
-	
+
 		$sql_extra = item_permissions_sql($r[0]['uid']);
-	
+
 		$r = q("select * from item where id = %d $sql_extra",
 			intval($post_id)
 		);
 		if(! $r)
 			return;
-	
+
 		if($r[0]['mimetype'] !== 'text/bbcode')
 			return;
-	
+
 		/** @FIXME eventually we want to post remotely via rpost on your home site */
 		// When that works remove this next bit:
-	
+
 		if(! local_channel())
 			return;

 		xchan_query($r);
-	
+
 		$this->item = $r[0];
 		return;
 	}
@@ -66,14 +66,14 @@ class Share {
 			'address'  => $this->item['author']['xchan_addr'],
 			'network'  => $this->item['author']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['author']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['author']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['author']['xchan_photo_mimetype'],
 					'href' => $this->item['author']['xchan_photo_m']
 				]
 			]
@@ -84,14 +84,14 @@ class Share {
 			'address'  => $this->item['owner']['xchan_addr'],
 			'network'  => $this->item['owner']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['owner']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['owner']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['owner']['xchan_photo_mimetype'],
 					'href' => $this->item['owner']['xchan_photo_m']
 				]
 			]
@@ -117,7 +117,7 @@ class Share {
 			$object = json_decode($this->item['obj'],true);
 			$photo_bb = $object['body'];
 		}
-	
+
 		if (strpos($this->item['body'], "[/share]") !== false) {
 			$pos = strpos($this->item['body'], "[share");
 			$bb = substr($this->item['body'], $pos);
@@ -126,7 +126,7 @@ class Share {
 				"' profile='"    . $this->item['author']['xchan_url'] .
 				"' avatar='"     . $this->item['author']['xchan_photo_s'] .
 				"' link='"       . $this->item['plink'] .
-				"' auth='"       . ((in_array($this->item['author']['xchan_network'], ['zot6', 'zot'])) ? 'true' : 'false') .
+				"' auth='"       . (($this->item['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
 				"' posted='"     . $this->item['created'] .
 				"' message_id='" . $this->item['mid'] .
 			"']";
--- a/Zotlabs/Lib/ThreadItem.php
+++ b/Zotlabs/Lib/ThreadItem.php
@@ -299,7 +299,7 @@ class ThreadItem {
 			);
 			*/

-			$settings = t('Conversation Tools');
+			$settings = t('Conversation Features');
 		}

 		$has_bookmarks = false;
@@ -367,7 +367,7 @@ class ThreadItem {
                call_hooks('dropdown_extras',$dropdown_extras_arr);
                $dropdown_extras = $dropdown_extras_arr['dropdown_extras'];

-		$midb64 = 'b64.' . base64url_encode($item['mid']);
+		$midb64 = gen_link_id($item['mid']);
 		$mids = [ $midb64 ];
 		$response_mids = [];
 		foreach($response_verbs as $v) {
@@ -503,7 +503,7 @@ class ThreadItem {
 			'wait' => t('Please wait'),
 			'thread_level' => $thread_level,
 			'settings' => $settings,
-			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? 'b64.' . base64url_encode($item['thr_parent']) : '')
+			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : '')
 		);

 		$arr = array('item' => $item, 'output' => $tmp_item);
@@ -842,7 +842,7 @@ class ThreadItem {
 			'$cipher' => $conv->get_cipher(),
 			'$sourceapp' => \App::$sourcename,
 			'$observer' => get_observer_hash(),
-			'$anoncomments' => ((($conv->get_mode() === 'channel' || $conv->get_mode() === 'display') && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
+			'$anoncomments' => ((in_array($conv->get_mode(), ['channel', 'display', 'cards', 'articles']) && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
 			'$anonname' => [ 'anonname', t('Your full name (required)') ],
 			'$anonmail' => [ 'anonmail', t('Your email address (required)') ],
 			'$anonurl'  => [ 'anonurl',  t('Your website URL (optional)') ]
--- a/Zotlabs/Lib/ThreadStream.php
+++ b/Zotlabs/Lib/ThreadStream.php
@@ -77,7 +77,7 @@ class ThreadStream {
 				$this->reload = $_SESSION['return_url'];
 				break;
 			case 'display':
-				// in this mode we set profile_owner after initialisation (from conversation()) and then 
+				// in this mode we set profile_owner after initialisation (from conversation()) and then
 				// pull some trickery which allows us to re-invoke this function afterward
 				// it's an ugly hack so @FIXME
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
@@ -170,14 +170,14 @@ class ThreadStream {
 		 * Only add things that will be displayed
 		 */

-		
+
 		if(($item->get_data_value('id') != $item->get_data_value('parent')) && (activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE))) {
 			return false;
 		}

 		$item->set_commentable(false);
 		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
-		
+
 		if(! comments_are_now_closed($item->get_data())) {
 			if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
 				$item->set_commentable(true);
@@ -194,7 +194,7 @@ class ThreadStream {
 		}
 		if($this->mode === 'pubstream' && (! local_channel())) {
 			$item->set_commentable(false);
-		} 
+		}


 		$item->set_conversation($this);
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -222,6 +222,7 @@ class Acl extends \Zotlabs\Web\Controller {
 					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					intval(local_channel())
 				);
+
 				if($r2)
 					$r = array_merge($r2,$r);

@@ -282,13 +283,12 @@ class Acl extends \Zotlabs\Web\Controller {
 			}
 		}
 		elseif($type == 'm') {
-
 			$r = array();
 			$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
-				and xchan_network IN ('zot', 'diaspora', 'friendica-over-diaspora')
+				and not xchan_network IN ('rss', 'anon', 'unknown')
 				$sql_extra3
 				ORDER BY xchan_name ASC ",
 				intval(local_channel())
@@ -371,7 +371,7 @@ class Acl extends \Zotlabs\Web\Controller {
 					);
 				}
 				if($type !== 'f') {
-					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && ($g['net'] == 'zot6' || $g['net'] == 'zot'))) {
+					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && $g['net'] == 'zot6')) {
 						$contacts[$x[$lkey]] = array(
 							"type"     => "c",
 							"photo"    => $g['micro'],
@@ -438,7 +438,6 @@ class Acl extends \Zotlabs\Web\Controller {
 		}

 		if(! $url) {
-			require_once("include/dir_fns.php");
 			$directory = Libzotdir::find_upstream_directory($dirmode);
 			$url = $directory['url'] . '/dirsearch';
 		}
--- a/Zotlabs/Module/Admin.php
+++ b/Zotlabs/Module/Admin.php
@@ -8,7 +8,6 @@

 namespace Zotlabs\Module;

-require_once('include/queue_fn.php');
 require_once('include/account.php');

 /**
--- a/Zotlabs/Module/Admin/Queue.php
+++ b/Zotlabs/Module/Admin/Queue.php
@@ -2,35 +2,35 @@

 namespace Zotlabs\Module\Admin;

-
+use Zotlabs\Lib\Queue as LibQueue;

 class Queue {


-	
+
 	function get() {

 		$o = '';
-	
+
 		$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
-	
+
 		if($_REQUEST['drophub']) {
 			hubloc_mark_as_down($_REQUEST['drophub']);
-			remove_queue_by_posturl($_REQUEST['drophub']);
+			LibQueue::remove_by_posturl($_REQUEST['drophub']);
 		}
-	
+
 		if($_REQUEST['emptyhub']) {
-			remove_queue_by_posturl($_REQUEST['emptyhub']);
+			LibQueue::remove_by_posturl($_REQUEST['emptyhub']);
 		}
-	
-		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq 
+
+		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq
 			where outq_delivered = 0 group by outq_posturl order by total desc");
-	
+
 		for($x = 0; $x < count($r); $x ++) {
 			$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
 			$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
 		}
-	
+
 		$o = replace_macros(get_markup_template('admin_queue.tpl'), array(
 			'$banner' => t('Queue Statistics'),
 			'$numentries' => t('Total Entries'),
@@ -43,11 +43,11 @@ class Queue {
 			'$entries' => $r,
 			'$expert' => $expert
 		));
-	
+
 		return $o;
 	}
-	



-}
+
+}
--- a/Zotlabs/Module/Admin/Site.php
+++ b/Zotlabs/Module/Admin/Site.php
@@ -480,12 +480,12 @@ class Site {
 			'$invitation_only' => [
 				'invitation_only',
 				t("Require invite code"),
-				$invitation_only
+				get_config('system', 'invitation_only', 0)
 			],
 			'$invitation_also' => [
 				'invitation_also',
 				t("Allow invite code"),
-				$invitation_also
+				get_config('system', 'invitation_also', 0)
 			],
 			'$verify_email'		=> [
 				'verify_email',
--- a/Zotlabs/Module/Affinity.php
+++ b/Zotlabs/Module/Affinity.php
@@ -44,17 +44,14 @@ class Affinity extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;

-		$desc = t('This app presents a slider control in your connection editor and also on your network page. The slider represents your degree of friendship (affinity) with each connection. It allows you to zoom in or out and display conversations from only your closest friends or everybody in your stream.');
-		if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) {
+		if(! Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Affinity Tool App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= $desc;
-			return $o;
+			$papp = Apps::get_papp('Affinity Tool');
+			return Apps::app_render($papp, 'module');
 		}

-		$text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.'); 			
+		$text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.');

 		$content = '<div class="section-content-info-wrapper">' . $text . '</div>';

--- a/Zotlabs/Module/Appman.php
+++ b/Zotlabs/Module/Appman.php
@@ -1,6 +1,6 @@
 <?php /** @file */

-namespace Zotlabs\Module; 
+namespace Zotlabs\Module;

 //require_once('include/apps.php');

@@ -9,10 +9,10 @@ use \Zotlabs\Lib as Zlib;
 class Appman extends \Zotlabs\Web\Controller {

 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		if($_POST['url']) {
 			$arr = array(
 				'uid' => intval($_REQUEST['uid']),
@@ -32,30 +32,30 @@ class Appman extends \Zotlabs\Web\Controller {
 				'sig' => escape_tags($_REQUEST['sig']),
 				'categories' => escape_tags($_REQUEST['categories'])
 			);
-	
+
 			$_REQUEST['appid'] = Zlib\Apps::app_install(local_channel(),$arr);
-	
+
 			if(Zlib\Apps::app_installed(local_channel(),$arr))
 				info( t('App installed.') . EOL);

 			goaway(z_root() . '/apps');
 			return; //not reached
 		}
-	
-	
+
+
 		$papp = Zlib\Apps::app_decode($_POST['papp']);
-	
+
 		if(! is_array($papp)) {
 			notice( t('Malformed app.') . EOL);
 			return;
 		}
-	
+
 		if($_POST['install']) {
 			Zlib\Apps::app_install(local_channel(),$papp);
 			if(Zlib\Apps::app_installed(local_channel(),$papp))
 				info( t('App installed.') . EOL);
 		}
-	
+
 		if($_POST['delete']) {
 			Zlib\Apps::app_destroy(local_channel(),$papp);
 		}
@@ -72,17 +72,21 @@ class Appman extends \Zotlabs\Web\Controller {
 			Zlib\Apps::app_feature(local_channel(), $papp, $_POST['pin']);
 		}

-		if($_SESSION['return_url']) 
+		if($_POST['aj']) {
+			killme();
+		}
+
+		if($_SESSION['return_url'])
 			goaway(z_root() . '/' . $_SESSION['return_url']);

 		goaway(z_root() . '/apps');
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
@@ -130,11 +134,11 @@ class Appman extends \Zotlabs\Web\Controller {
 			}

 			$embed = array('embed', t('Embed code'), Zlib\Apps::app_encode($app,true),'', 'onclick="this.select();"');
-	
+
 		}
-				
+
 		return replace_macros(get_markup_template('app_create.tpl'), array(
-	
+
 			'$banner' => (($app) ? t('Edit App') : t('Create App')),
 			'$app' => $app,
 			'$guid' => (($app) ? $app['app_id'] : ''),
@@ -154,7 +158,7 @@ class Appman extends \Zotlabs\Web\Controller {
 			'$embed' => $embed,
 			'$submit' => t('Submit')
 		));
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Apps.php
+++ b/Zotlabs/Module/Apps.php
@@ -9,7 +9,7 @@ class Apps extends \Zotlabs\Web\Controller {
 	function get() {

 		nav_set_selected('Apps');
-	
+
 		if(argc() == 2 && argv(1) == 'edit')
 			$mode = 'edit';
 		else
@@ -18,9 +18,9 @@ class Apps extends \Zotlabs\Web\Controller {
 		$available = ((argc() == 2 && argv(1) === 'available') ? true : false);

 		$_SESSION['return_url'] = \App::$query_string;
-	
+
 		$apps = array();
-	
+
 		if(local_channel()) {
 			Zlib\Apps::import_system_apps();
 			$syslist = array();
@@ -37,9 +37,9 @@ class Apps extends \Zotlabs\Web\Controller {
 			$syslist = Zlib\Apps::get_system_apps(true);

 		usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
-	
+
 	//	logger('apps: ' . print_r($syslist,true));
-	
+
 		foreach($syslist as $app) {
 			$apps[] = Zlib\Apps::app_render($app,(($available) ? 'install' : $mode));
 		}
@@ -53,7 +53,7 @@ class Apps extends \Zotlabs\Web\Controller {
 			'$manage' => (($available) ? '' : t('Manage Apps')),
 			'$create' => (($mode == 'edit') ? t('Create Custom App') : '')
 		));
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Article_edit.php
+++ b/Zotlabs/Module/Article_edit.php
@@ -85,7 +85,6 @@ class Article_edit extends \Zotlabs\Web\Controller {

 		$mimetype = $itm[0]['mimetype'];

-		$summary = (($itm[0]['summary']) ? '[summary]' . $itm[0]['summary'] . '[/summary]' . "\r\n" : '');
 		$content = $itm[0]['body'];

 		$rp = 'articles/' . $channel['channel_address'];
@@ -109,7 +108,7 @@ class Article_edit extends \Zotlabs\Web\Controller {
 			'ptyp' => $itm[0]['type'],
 			'mimeselect' => false,
 			'mimetype' => $itm[0]['mimetype'],
-			'body' => $summary . undo_post_tagging($content),
+			'body' => undo_post_tagging($content),
 			'post_id' => $post_id,
 			'visitor' => true,
 			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
--- a/Zotlabs/Module/Articles.php
+++ b/Zotlabs/Module/Articles.php
@@ -48,10 +48,8 @@ class Articles extends Controller {
 		if(! Apps::system_app_installed(App::$profile_uid, 'Articles')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Articles App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Create interactive articles');
-			return $o;
+			$papp = Apps::get_papp('Articles');
+			return Apps::app_render($papp, 'module');
 		}

 		nav_set_selected('Articles');
--- a/Zotlabs/Module/Authtest.php
+++ b/Zotlabs/Module/Authtest.php
@@ -1,41 +1,38 @@
 <?php
 namespace Zotlabs\Module;

-require_once('include/zot.php');
-
-
 class Authtest extends \Zotlabs\Web\Controller {

 	function get() {
-	
-	
+
+
 		$auth_success = false;
 		$o .= '<h3>Magic-Auth Diagnostic</h3>';
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return $o;
 		}
-	
+
 		$o .= '<form action="authtest" method="get">';
 		$o .= 'Target URL: <input type="text" style="width: 250px;" name="dest" value="' . $_GET['dest'] .'" />';
-		$o .= '<input type="submit" name="submit" value="Submit" /></form>'; 
-	
+		$o .= '<input type="submit" name="submit" value="Submit" /></form>';
+
 		$o .= '<br /><br />';
-	
+
 		if(x($_GET,'dest')) {
 			if(strpos($_GET['dest'],'@')) {
 				$_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@'));
 			}
-	
+
 			$_REQUEST['test'] = 1;
 			$mod = new Magic();
 			$x = $mod->init($a);

 			$o .= 'Local Setup returns: ' . print_r($x,true);
-	
-	
-	
+
+
+
 			if($x['url']) {
 				$z = z_fetch_url($x['url'] . '&test=1');
 				if($z['success']) {
@@ -50,12 +47,12 @@ class Authtest extends \Zotlabs\Web\Controller {
 					$o .= 'fetch url failure.' . print_r($z,true);
 				}
 			}
-	
+
 			if(! $auth_success)
 				$o .= 'Authentication Failed!' . EOL;
 		}
-	
+
 		return str_replace("\n",'<br />',$o);
 	}
-	
+
 }
--- a/Zotlabs/Module/Bookmarks.php
+++ b/Zotlabs/Module/Bookmarks.php
@@ -18,31 +18,31 @@ class Bookmarks extends \Zotlabs\Web\Controller {

 		$item_id = (isset($_REQUEST['item']) ? $_REQUEST['item'] : false);
 		$burl    = (isset($_REQUEST['burl']) ? trim($_REQUEST['burl']) : '');
-	
+
 		if(! $item_id)
 			return;
-	
+
 		$u = \App::get_channel();
-	
+
 		$item_normal = item_normal();
-	
+
 		$i = q("select * from item where id = %d and uid = %d $item_normal limit 1",
 			intval($item_id),
 			intval(local_channel())
 		);
-	
+
 		if(! $i)
 			return;
-	
+
 		$i = fetch_post_tags($i);
-	
+
 		$item = $i[0];
-	
+
 		$terms = (x($item, 'term') ? get_terms_oftype($item['term'],TERM_BOOKMARK) : false);
-	
+
 		if($terms) {
 			require_once('include/bookmarks.php');
-	
+
 			$s = q("select * from xchan where xchan_hash = '%s' limit 1",
 				dbesc($item['author_xchan'])
 			);
@@ -58,13 +58,13 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 				}
 				else
 					bookmark_add($u,$s[0],$t,$item['item_private']);
-	
+
 				info( t('Bookmark added') . EOL);
 			}
 		}
 		killme();
 	}
-	
+
 	function get() {
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
@@ -74,49 +74,47 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Bookmarks')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Bookmarks App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Bookmark links from posts and manage them');
-			return $o;
+			$papp = Apps::get_papp('Bookmarks');
+			return Apps::app_render($papp, 'module');
 		}
-	
+
 		require_once('include/menu.php');
 		require_once('include/conversation.php');
-	
+
 		$channel = \App::get_channel();
-	
+
 		$o = '';
-	
+
 		$o .= '<div class="generic-content-wrapper-styled">';
-	
-		$o .= '<h3>' . t('My Bookmarks') . '</h3>';
-	
+
+		$o .= '<h3>' . t('Bookmarks') . '</h3>';
+
 		$x = menu_list(local_channel(),'',MENU_BOOKMARK);
-	
+
 		if($x) {
 			foreach($x as $xx) {
 				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
 				$o .= menu_render($y,'',true);
 			}
 		}
-	
+
 		$o .= '<h3>' . t('My Connections Bookmarks') . '</h3>';
-	
-	
+
+
 		$x = menu_list(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK);
-	
+
 		if($x) {
 			foreach($x as $xx) {
 				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
 				$o .= menu_render($y,'',true);
 			}
 		}
-	
+
 		$o .= '</div>';
-	
+
 		return $o;
-	
+
 	}
-	
-	
+
+
 }
--- a/Zotlabs/Module/Cards.php
+++ b/Zotlabs/Module/Cards.php
@@ -47,10 +47,8 @@ class Cards extends Controller {
 		if(! Apps::system_app_installed(App::$profile_uid, 'Cards')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Cards App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Create personal planning cards');
-			return $o;
+			$papp = Apps::get_papp('Cards');
+			return Apps::app_render($papp, 'module');
 		}

 		nav_set_selected('Cards');
--- a/Zotlabs/Module/Cdav.php
+++ b/Zotlabs/Module/Cdav.php
@@ -873,10 +873,8 @@ class Cdav extends Controller {
 		if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('CardDAV App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('CalDAV capable addressbook');
-			return $o;
+			$papp = Apps::get_papp('CardDAV');
+			return Apps::app_render($papp, 'module');
 		}

 		App::$profile_uid = local_channel();
@@ -1059,6 +1057,7 @@ class Cdav extends Controller {
 				'$cancel' => t('Cancel'),
 				'$create' => t('Create'),
 				'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'),
+				'$disabled_warning' => t('Could not fetch calendar resource. The selected calendar might be disabled.'),

 				'$channel_hash' => $channel['channel_hash'],
 				'$acl' => $acl,
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -46,14 +46,22 @@ class Channel extends Controller {
 		}

 		$profile = 0;
-		$channel = App::get_channel();

 		if ((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
+			$channel = App::get_channel();
 			$which   = $channel['channel_address'];
 			$profile = argv(1);
 		}

-		$channel = channelx_by_nick($which);
+
+		// Do not use channelx_by_nick() here since it will dismiss deleted channels.
+		// We need to provide zotinfo for deleted channels so that directories can pick up the info.
+		$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' LIMIT 1",
+			dbesc($which)
+		);
+
+		$channel = $r[0];
+
 		if (!$channel) {
 			http_status_exit(404, 'Not found');
 		}
@@ -66,7 +74,8 @@ class Channel extends Controller {

 			if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
 				$data = json_encode(Libzot::zotinfo(['address' => $channel['channel_address'], 'target_url' => $sigdata['signer']]));
-				$s    = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+
+				$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
 					dbesc($sigdata['signer'])
 				);

@@ -83,24 +92,27 @@ class Channel extends Controller {
 				'Digest'           => HTTPSig::generate_digest_header($data),
 				'(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']
 			];
-			$h       = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel));
+
+			$h = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel));
 			HTTPSig::set_headers($h);
 			echo $data;
 			killme();
 		}

+		if ($channel['channel_removed']) {
+			http_status_exit(404, 'Not found');
+		}
+
 		if (ActivityStreams::is_as_request($channel)) {

 			// Somebody may attempt an ActivityStreams fetch on one of our message permalinks
 			// Make it do the right thing.

-			$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-			if ($mid && strpos($mid, 'b64.') === 0) {
-				$decoded = @base64url_decode(substr($mid, 4));
-				if ($decoded) {
-					$mid = $decoded;
-				}
+			$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+			if ($mid === false) {
+				http_status_exit(404, 'Not found');
 			}
+
 			if ($mid) {
 				$obj = null;
 				if (strpos($mid, z_root() . '/item/') === 0) {
@@ -145,15 +157,19 @@ class Channel extends Controller {
 		profile_load($which, $profile);

 		// Add Opengraph markup
-		$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-		if (strpos($mid, 'b64.') === 0)
-			$mid = @base64url_decode(substr($mid, 4));
+		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');

-		if ($mid)
+		if ($mid === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}
+
+		if ($mid) {
 			$r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
 				dbesc($mid),
 				intval($channel['channel_id'])
 			);
+		}

 		opengraph_add_meta((isset($r) && count($r) ? $r[0] : []), $channel);
 	}
@@ -164,12 +180,11 @@ class Channel extends Controller {

 		$category = $datequery = $datequery2 = '';

-		$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-
-		if (strpos($mid, 'b64.') === 0)
-			$decoded = @base64url_decode(substr($mid, 4));
-		if (isset($decoded))
-			$mid = $decoded;
+		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+		if ($mid === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}

 		$datequery  = ((x($_GET, 'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
 		$datequery2 = ((x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
@@ -213,7 +228,7 @@ class Channel extends Controller {

 		if (!$update) {

-			nav_set_selected('Channel Home');
+			nav_set_selected('Channel');

 			// search terms header
 			if ($search) {
@@ -420,8 +435,8 @@ class Channel extends Controller {

 		if ((!$update) && (!$load)) {

-			if (isset($decoded))
-				$mid = 'b64.' . base64url_encode($mid);
+			//if we got a decoded hash we must encode it again before handing to javascript
+			$mid = gen_link_id($mid);

 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
 			// because browser prefetching might change it on us. We have to deliver it with the page.
--- a/Zotlabs/Module/Chanview.php
+++ b/Zotlabs/Module/Chanview.php
@@ -10,49 +10,49 @@ use Zotlabs\Lib\Zotfinger;
 class Chanview extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		$observer = App::get_observer();
 		$xchan = null;
-	
+
 		$r = null;
-	
+
 		if($_REQUEST['hash']) {
-			$r = q("select * from xchan where xchan_hash = '%s'",
+			$r = q("select * from xchan where xchan_hash = '%s' and xchan_deleted = 0",
 				dbesc($_REQUEST['hash'])
 			);
 		}
 		if($_REQUEST['address']) {
-			$r = q("select * from xchan where xchan_addr = '%s'",
+			$r = q("select * from xchan where xchan_addr = '%s' and xchan_deleted = 0",
 				dbesc(punify($_REQUEST['address']))
 			);
 		}
 		elseif(local_channel() && intval($_REQUEST['cid'])) {
-			$r = q("SELECT abook.*, xchan.* 
+			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_channel = %d and abook_id = %d",
+				WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0",
 				intval(local_channel()),
 				intval($_REQUEST['cid'])
 			);
-		}	
+		}
 		elseif($_REQUEST['url']) {
-	
+
 			// if somebody re-installed they will have more than one xchan, use the most recent name date as this is
-			// the most useful consistently ascending table item we have. 
-	
-			$r = q("select * from xchan where xchan_url = '%s' order by xchan_name_date desc",
+			// the most useful consistently ascending table item we have.
+
+			$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0 order by xchan_name_date desc",
 				dbesc($_REQUEST['url'])
 			);
 		}
 		if($r) {
 			App::$poi = Libzot::zot_record_preferred($r, 'xchan_network');
 		}
-	
-	
+
+
 		// Here, let's see if we have an xchan. If we don't, how we proceed is determined by what
-		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or 
-		// address, we can and should try to import it. If it's just a hash, we can't continue, but we 
+		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or
+		// address, we can and should try to import it. If it's just a hash, we can't continue, but we
 		// probably wouldn't have a hash if we don't already have an xchan for this channel.
-	
+
 		if(! App::$poi) {
 			logger('mod_chanview: fallback');

@@ -71,7 +71,7 @@ class Chanview extends \Zotlabs\Web\Controller {

 				if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) {
 					Libzot::import_xchan($zf['data']);
-					$r = q("select * from xchan where xchan_url = '%s'",
+					$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0",
 						dbesc($_REQUEST['url'])
 					);
 					if($r) {
@@ -80,7 +80,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 				}
 				if(! $r) {
 					if(discover_by_webbie($_REQUEST['url'])) {
-						$r = q("select * from xchan where xchan_url = '%s'",
+						$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0",
 							dbesc($_REQUEST['url'])
 						);
 						if($r) {
@@ -90,7 +90,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		if(! App::$poi) {
 			notice( t('Channel not found.') . EOL);
 			return;
@@ -98,9 +98,9 @@ class Chanview extends \Zotlabs\Web\Controller {

 		$is_zot = false;
 		$connected = false;
-	
+
 		$url = App::$poi['xchan_url'];
-		if(in_array(App::$poi['xchan_network'], ['zot', 'zot6'])) {
+		if(App::$poi['xchan_network'] === 'zot6') {
 			$is_zot = true;
 		}
 		if(local_channel()) {
@@ -111,29 +111,29 @@ class Chanview extends \Zotlabs\Web\Controller {
 			if($c)
 				$connected = true;
 		}
-		
-		// We will load the chanview template if it's a foreign network, 
+
+		// We will load the chanview template if it's a foreign network,
 		// just so that we can provide a connect button along with a profile
 		// photo. Chances are we can't load the remote profile into an iframe
 		// because of cross-domain security headers. So provide a link to
-		// the remote profile. 
+		// the remote profile.
 		// If we are already connected, just go to the profile.
 		// Zot channels will usually have a connect link.
-	
+
 		if($is_zot || $connected) {
 			if($is_zot && $observer) {
 				$url = zid($url);
 			}
 			goaway($url);
 		}
-		else {	
+		else {
 			$o = replace_macros(get_markup_template('chanview.tpl'),array(
 				'$url' => $url,
 				'$full' => t('toggle full screen mode')
 			));
-	
+
 			return $o;
 		}
 	}
-	
+
 }
--- a/Zotlabs/Module/Chat.php
+++ b/Zotlabs/Module/Chat.php
@@ -14,7 +14,7 @@ require_once('include/bookmarks.php');
 class Chat extends Controller {

 	function init() {
-	
+
 		$which = null;
 		if(argc() > 1)
 			$which = argv(1);
@@ -29,79 +29,77 @@ class Chat extends Controller {
 			notice( t('You must be logged in to see this page.') . EOL );
 			return;
 		}
-	
+
 		$profile = 0;
 		$channel = App::get_channel();
-	
+
 		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 			$which = $channel['channel_address'];
-			$profile = argv(1);		
+			$profile = argv(1);
 		}
-		
+
 		// Run profile_load() here to make sure the theme is set before
 		// we start loading content
-	
+
 		profile_load($which,$profile);
-	
+
 	}
-	
+
 	function post() {
-	
+
 		if($_POST['room_name'])
-			$room = strip_tags(trim($_POST['room_name']));	
-	
+			$room = strip_tags(trim($_POST['room_name']));
+
 		if((! $room) || (! local_channel()))
 			return;
-	
+
 		$channel = App::get_channel();
-	
-	
+
+
 		if($_POST['action'] === 'drop') {
 			logger('delete chatroom');
 			Chatroom::destroy($channel,array('cr_name' => $room));
 			goaway(z_root() . '/chat/' . $channel['channel_address']);
 		}
-	
+
 		$acl = new AccessList($channel);
 		$acl->set_from_array($_REQUEST);
-	
+
 		$arr = $acl->get();
 		$arr['name'] = $room;
 		$arr['expire'] = intval($_POST['chat_expire']);
 		if(intval($arr['expire']) < 0)
 			$arr['expire'] = 0;
-	
+
 		Chatroom::create($channel,$arr);
-	
+
 		$x = q("select * from chatroom where cr_name = '%s' and cr_uid = %d limit 1",
 			dbesc($room),
 			intval(local_channel())
 		);
-	
+
 		Libsync::build_sync_packet(0, array('chatroom' => $x));
-	
+
 		if($x)
 			goaway(z_root() . '/chat/' . $channel['channel_address'] . '/' . $x[0]['cr_id']);
-	
+
 		// that failed. Try again perhaps?
-	
+
 		goaway(z_root() . '/chat/' . $channel['channel_address'] . '/new');
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {

 		if(! Apps::system_app_installed(App::$profile_uid, 'Chatrooms')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Chatrooms App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Access Controlled Chatrooms');
-			return $o;
+			$papp = Apps::get_papp('Chatrooms');
+			return Apps::app_render($papp, 'module');
 		}
-	
+
 		if(local_channel()) {
 			$channel = App::get_channel();
 			nav_set_selected('Chatrooms');
@@ -113,24 +111,24 @@ class Chat extends Controller {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		if(! perm_is_allowed(App::$profile['profile_uid'],$observer,'chat')) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-		
+
 		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'leave')) {
 			Chatroom::leave($observer,argv(2),$_SERVER['REMOTE_ADDR']);
 			goaway(z_root() . '/channel/' . argv(1));
 		}
-	
-	
+
+
 		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'status')) {
 			$ret = array('success' => false);
 			$room_id = intval(argv(2));
 			if(! $room_id || ! $observer)
 				return;
-	
+
 			$r = q("select * from chatroom where cr_id = %d limit 1",
 				intval($room_id)
 			);
@@ -139,7 +137,7 @@ class Chat extends Controller {
 			}
 			require_once('include/security.php');
 			$sql_extra = permissions_sql($r[0]['cr_uid']);
-	
+
 			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
 				intval($room_id),
 				intval($r[0]['cr_uid'])
@@ -155,9 +153,9 @@ class Chat extends Controller {
 				$ret['chatroom'] = $r[0]['cr_name'];
 				$ret['inroom'] = $y[0]['total'];
 			}
-	
+
 			// figure out how to present a timestamp of the last activity, since we don't know the observer's timezone.
-	
+
 			$z = q("select created from chat where chat_room = %d order by created desc limit 1",
 				intval($room_id)
 			);
@@ -166,13 +164,13 @@ class Chat extends Controller {
 			}
 			json_return_and_die($ret);
 		}
-	
-	
+
+
 		if(argc() > 2 && intval(argv(2))) {
-	
+
 			$room_id = intval(argv(2));
 			$bookmark_link = get_bookmark_link($ob);
-	
+
 			$x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
 			if(! $x)
 				return;
@@ -180,26 +178,26 @@ class Chat extends Controller {
 				intval($room_id),
 				intval(App::$profile['profile_uid'])
 			);
-	
+
 			if($x) {
 				$acl = new AccessList(false);
 				$acl->set($x[0]);
-	
+
 				$private = $acl->is_private();
 				$room_name = $x[0]['cr_name'];
 				if($bookmark_link)
-					$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; 
+					$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1';
 			}
 			else {
 				notice( t('Room not found') . EOL);
 				return;
 			}
-	
+
 			$cipher = get_pconfig(local_channel(),'system','default_cipher');
 			if(! $cipher)
 				$cipher = 'AES-128-CCM';
-	
-	
+
+
 			$o = replace_macros(get_markup_template('chat.tpl'),array(
 				'$is_owner' => ((local_channel() && local_channel() == $x[0]['cr_uid']) ? true : false),
 				'$room_name' => $room_name,
@@ -223,7 +221,7 @@ class Chat extends Controller {
 		}

 		require_once('include/conversation.php');
-	
+
 		$o = '';

 		$acl = new AccessList($channel);
@@ -246,12 +244,12 @@ class Chat extends Controller {
 				'$deny_gid' => acl2json($channel_acl['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$submit' => t('Submit')
-	
+
 			));
 		}

 		$rooms = Chatroom::roomlist(App::$profile['profile_uid']);
-	
+
 		$o .= replace_macros(get_markup_template('chatrooms.tpl'), array(
 			'$header' => sprintf( t('%1$s\'s Chatrooms'), App::$profile['fullname']),
 			'$name' => t('Name'),
@@ -259,15 +257,15 @@ class Chat extends Controller {
 			'$nickname' => App::$profile['channel_address'],
 			'$rooms' => $rooms,
 			'$norooms' => t('No chatrooms available'),
-			'$newroom' => t('Create New'),
+			'$newroom' => t('Add Room'),
 			'$is_owner' => ((local_channel() && local_channel() == App::$profile['profile_uid']) ? 1 : 0),
 			'$chatroom_new' => $chatroom_new,
 			'$expire' => t('Expiration'),
 			'$expire_unit' => t('min') //minutes
 		));
-	 
+
 		return $o;
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -40,12 +40,12 @@ class Connedit extends Controller {
 		if((argc() >= 2) && intval(argv(1))) {
 			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
+				WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0 LIMIT 1",
 				intval(local_channel()),
 				intval(argv(1))
 			);
 			if($r) {
-				App::$poi = array_shift($r);
+				App::$poi = $r[0];
 			}
 		}

@@ -220,9 +220,6 @@ class Connedit extends Controller {
 				if($z)
 					$record = $z[0]['xlink_id'];
 			}
-			if($record) {
-				Master::Summon(array('Ratenotif','rating',$record));
-			}
 		}

 		if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) {
@@ -426,7 +423,7 @@ class Connedit extends Controller {
 			$cmd = argv(2);

 			$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1",
+				WHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 and xchan_deleted = 0 LIMIT 1",
 				intval($contact_id),
 				intval(local_channel())
 			);
@@ -478,16 +475,11 @@ class Connedit extends Controller {
 			}

 			if($cmd === 'refresh') {
-				if($orig_record[0]['xchan_network'] === 'zot') {
-					if(! zot_refresh($orig_record[0],App::get_channel()))
-						notice( t('Refresh failed - channel is currently unavailable.') );
-				}
-				elseif($orig_record[0]['xchan_network'] === 'zot6') {
+				if($orig_record[0]['xchan_network'] === 'zot6') {
 					if(! Libzot::refresh($orig_record[0],App::get_channel()))
 						notice( t('Refresh failed - channel is currently unavailable.') );
 				}
 				else {
-
 					// if you are on a different network we'll force a refresh of the connection basic info
 					Master::Summon(array('Notifier','permission_update',$contact_id));
 				}
@@ -667,7 +659,7 @@ class Connedit extends Controller {
 			);


-			if(in_array($contact['xchan_network'], ['zot6', 'zot'])) {
+			if($contact['xchan_network'] === 'zot6') {
 				$tools['fetchvc'] = [
 					'label' => t('Fetch Vcard'),
 					'url'    => z_root() . '/connedit/' . $contact['abook_id'] . '/fetchvc',
@@ -841,7 +833,7 @@ class Connedit extends Controller {
 				$locstr = unpunify($contact['xchan_url']);

 			$clone_warn = '';
-			$clonable = (in_array($contact['xchan_network'],['zot', 'zot6', 'rss']) ? true : false);
+			$clonable = in_array($contact['xchan_network'], ['zot6', 'rss']);
 			if(! $clonable) {
 				$clone_warn = '<strong>';
 				$clone_warn .= ((intval($contact['abook_not_here']))
--- a/Zotlabs/Module/Defperms.php
+++ b/Zotlabs/Module/Defperms.php
@@ -19,13 +19,13 @@ class Defperms extends Controller {
 	 */

 	function init() {
-	
+
 		if(! local_channel())
 			return;

 		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
 			return;
-	
+
 		$r = q("SELECT abook.*, xchan.*
 			FROM abook left join xchan on abook_xchan = xchan_hash
 			WHERE abook_self = 1 and abook_channel = %d LIMIT 1",
@@ -37,39 +37,39 @@ class Defperms extends Controller {

 		$channel = App::get_channel();
 		if($channel)
-			head_set_icon($channel['xchan_photo_s']);	
+			head_set_icon($channel['xchan_photo_s']);
 	}

-	
+
 	/* @brief Evaluate posted values and set changes
 	 *
 	 */
-	
+
 	function post() {
-	
+
 		if(! local_channel())
 			return;

 		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
 			return;
-	
+
 		$contact_id = intval(argv(1));
 		if(! $contact_id)
 			return;
-	
+
 		$channel = App::get_channel();
-	
+
 		$orig_record = q("SELECT * FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
 			intval($contact_id),
 			intval(local_channel())
 		);
-	
+
 		if(! $orig_record) {
 			notice( t('Could not access contact record.') . EOL);
 			goaway(z_root() . '/connections');
 			return; // NOTREACHED
 		}
-	
+

 		if(intval($orig_record[0]['abook_self'])) {
 			$autoperms = intval($_POST['autoperms']);
@@ -79,8 +79,8 @@ class Defperms extends Controller {
 			$autoperms = null;
 			$is_self = false;
 		}
-	
-	
+
+
 		$all_perms = \Zotlabs\Access\Permissions::Perms();

 		if($all_perms) {
@@ -105,15 +105,15 @@ class Defperms extends Controller {
 			}
 		}

-		if(! is_null($autoperms)) 
+		if(! is_null($autoperms))
 			set_pconfig($channel['channel_id'],'system','autoperms',$autoperms);
-				
-	
+
+
 		notice( t('Settings updated.') . EOL);

-	
+
 		// Refresh the structure in memory with the new data
-	
+
 		$r = q("SELECT abook.*, xchan.*
 			FROM abook left join xchan on abook_xchan = xchan_hash
 			WHERE abook_channel = %d and abook_id = %d LIMIT 1",
@@ -123,28 +123,28 @@ class Defperms extends Controller {
 		if($r) {
 			App::$poi = $r[0];
 		}
-	
-	
+
+
 		$this->defperms_clone($a);
-	
+
 		goaway(z_root() . '/defperms');
-	
+
 		return;
-	
+
 	}
-	
+
 	/* @brief Clone connection
 	 *
 	 *
 	 */
-	
+
 	function defperms_clone(&$a) {
-	
+
 			if(! App::$poi)
 				return;
-		
+
 			$channel = App::get_channel();
-	
+
 			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d and abook_id = %d LIMIT 1",
@@ -154,30 +154,30 @@ class Defperms extends Controller {
 			if($r) {
 				App::$poi = array_shift($r);
 			}
-	
+
 			$clone = App::$poi;
-	
+
 			unset($clone['abook_id']);
 			unset($clone['abook_account']);
 			unset($clone['abook_channel']);
-	
+
 			$abconfig = load_abconfig($channel['channel_id'],$clone['abook_xchan']);
 			if($abconfig)
 				$clone['abconfig'] = $abconfig;
-	
+
 			Libsync::build_sync_packet(0 /* use the current local_channel */, array('abook' => array($clone)));
 	}
-	
+
 	/* @brief Generate content of connection default permissions page
 	 *
 	 *
 	 */
-	
+
 	function get() {
-	
+
 		$sort_type = 0;
 		$o = '';
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return login();
@@ -186,17 +186,15 @@ class Defperms extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Default Permissions App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Set custom default permissions for new connections');
-			return $o;
+			$papp = Apps::get_papp('Default Permissions');
+			return Apps::app_render($papp, 'module');
 		}
-	
+
 		$section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : '');
 		$channel = App::get_channel();
-	
+
 		$yes_no = array(t('No'),t('Yes'));
-	
+
 		$connect_perms = \Zotlabs\Access\Permissions::connect_perms(local_channel());

 		$o .= "<script>function connectDefaultShare() {
@@ -210,28 +208,28 @@ class Defperms extends Controller {
 			}
 		}
 		$o .= " }\n</script>\n";
-	
+
 		if(App::$poi) {
-	
+
 			$sections = [];

 			$self = false;
-	
+
 			$tpl = get_markup_template('defperms.tpl');
-	
-	
+
+
 			$perms = array();
 			$channel = App::get_channel();

 			$contact = App::$poi;
-	
+
 			$global_perms = \Zotlabs\Access\Permissions::Perms();

 			$hidden_perms = [];
-	
+
 			foreach($global_perms as $k => $v) {
 				$thisperm = get_abconfig(local_channel(),$contact['abook_xchan'],'my_perms',$k);
-				
+
 				$checkinherited = \Zotlabs\Access\PermissionLimits::Get(local_channel(),$k);

 				$inherited = (($checkinherited & PERMS_SPECIFIC) ? false : true);
@@ -241,7 +239,7 @@ class Defperms extends Controller {
 					$hidden_perms[] = [ 'perms_' . $k, intval($thisperm) ];
 				}
 			}
-	
+
 			$pcat = new \Zotlabs\Lib\Permcat(local_channel());
 			$pcatlist = $pcat->listing();
 			$permcats = [];
@@ -272,13 +270,13 @@ class Defperms extends Controller {
 				'$contact_id'     => $contact['abook_id'],
 				'$name'           => $contact['xchan_name'],
 			]);
-	
+
 			$arr = array('contact' => $contact,'output' => $o);
-	
+
 			call_hooks('contact_edit', $arr);
-	
+
 			return $arr['output'];
-	
-		}	
+
+		}
 	}
 }
--- a/Zotlabs/Module/Directory.php
+++ b/Zotlabs/Module/Directory.php
@@ -8,7 +8,6 @@ use Zotlabs\Lib\Libzotdir;


 require_once('include/socgraph.php');
-require_once('include/dir_fns.php');
 require_once('include/bbcode.php');
 require_once('include/html2plain.php');

--- a/Zotlabs/Module/Dirsearch.php
+++ b/Zotlabs/Module/Dirsearch.php
@@ -4,26 +4,22 @@ namespace Zotlabs\Module;
 use App;
 use Zotlabs\Web\Controller;

-require_once('include/dir_fns.php');
-
-
-
 class Dirsearch extends Controller {

 	function init() {
 		App::set_pager_itemspage(30);
-	
+
 	}
-	
+
 	function get() {
-	
+
 		$ret = array('success' => false);
-	
+
 	//	logger('request: ' . print_r($_REQUEST,true));
-	
-	
+
+
 		$dirmode = intval(get_config('system','directory_mode'));
-	
+
 		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			$ret['message'] = t('This site is not a directory server');
 			json_return_and_die($ret);
@@ -31,24 +27,24 @@ class Dirsearch extends Controller {


 		$access_token = $_REQUEST['t'];
-	
+
 		$token = get_config('system','realm_token');
 		if($token && $access_token != $token) {
 			$ret['message'] = t('This directory server requires an access token');
 			json_return_and_die($ret);
 		}
-	
-	
+
+
 		if(argc() > 1 && argv(1) === 'sites') {
 			$ret = $this->list_public_sites();
 			json_return_and_die($ret);
 		}
-	
+
 		$sql_extra = '';
-	
-	
+
+
 		$tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords');
-	
+
 		if($_REQUEST['query']) {
 			$advanced = $this->dir_parse_query($_REQUEST['query']);
 			if($advanced) {
@@ -64,9 +60,9 @@ class Dirsearch extends Controller {
 				}
 			}
 		}
-	
+
 		$hash     = ((x($_REQUEST['hash']))    ? $_REQUEST['hash']     : '');
-	
+
 		$name     = ((x($_REQUEST,'name'))     ? $_REQUEST['name']     : '');
 		$hub      = ((x($_REQUEST,'hub'))      ? $_REQUEST['hub']      : '');
 		$address  = ((x($_REQUEST,'address'))  ? $_REQUEST['address']  : '');
@@ -82,16 +78,16 @@ class Dirsearch extends Controller {
 		$agele    = ((x($_REQUEST,'agele'))    ? intval($_REQUEST['agele']) : 0 );
 		$kw       = ((x($_REQUEST,'kw'))       ? intval($_REQUEST['kw'])    : 0 );
 		$forums   = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0);
-	
+
 		if(get_config('system','disable_directory_keywords'))
 			$kw = 0;
-	
-	
+
+
 		// by default use a safe search
 		$safe     = ((x($_REQUEST,'safe')));    // ? intval($_REQUEST['safe'])  : 1 );
 		if ($safe === false)
 				$safe = 1;
-			
+
 		if(array_key_exists('sync',$_REQUEST)) {
 			if($_REQUEST['sync'])
 				$sync = datetime_convert('UTC','UTC',$_REQUEST['sync']);
@@ -100,7 +96,7 @@ class Dirsearch extends Controller {
 		}
 		else
 			$sync = false;
-	
+
 		if(($dirmode == DIRECTORY_MODE_STANDALONE) && (! $hub)) {
 			$hub = \App::get_hostname();
 		}
@@ -109,13 +105,13 @@ class Dirsearch extends Controller {
 			$hub_query = " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host =  '" . protect_sprintf(dbesc($hub)) . "') ";
 		else
 			$hub_query = '';
-	
+
 		$sort_order  = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : '');
-	
+
 		$joiner = ' OR ';
 		if($_REQUEST['and'])
 			$joiner = ' AND ';
-	
+
 		if($name)
 			$sql_extra .= $this->dir_query_build($joiner,'xchan_name',$name);
 		if($address)
@@ -136,58 +132,58 @@ class Dirsearch extends Controller {
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_sexual',$sexual);
 		if($keywords)
 			$sql_extra .= $this->dir_query_build($joiner,'xprof_keywords',$keywords);
-	
-	
-		// we only support an age range currently. You must set both agege 
-		// (greater than or equal) and agele (less than or equal) 
-	
+
+
+		// we only support an age range currently. You must set both agege
+		// (greater than or equal) and agele (less than or equal)
+
 		if($agele && $agege) {
 			$sql_extra .= " $joiner ( xprof_age <= " . intval($agele) . " ";
 			$sql_extra .= " AND  xprof_age >= " . intval($agege) . ") ";
 		}
-	
-	
+
+
 		if($hash) {
 			$sql_extra = " AND xchan_hash like '" . dbesc($hash) . protect_sprintf('%') . "' ";
 		}
-	
-	
+
+
 	    $perpage      = (($_REQUEST['n'])              ? $_REQUEST['n']                    : 60);
 	    $page         = (($_REQUEST['p'])              ? intval($_REQUEST['p'] - 1)        : 0);
 	    $startrec     = (($page+1) * $perpage) - $perpage;
 		$limit        = (($_REQUEST['limit'])          ? intval($_REQUEST['limit'])        : 0);
 		$return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0);
-	
+
 		// mtime is not currently working
-	
+
 		$mtime        = ((x($_REQUEST,'mtime'))        ? datetime_convert('UTC','UTC',$_REQUEST['mtime']) : '');
-	
-		// ok a separate tag table won't work. 
+
+		// ok a separate tag table won't work.
 		// merge them into xprof
-	
+
 		$ret['success'] = true;
-	
+
 		// If &limit=n, return at most n entries
 		// If &return_total=1, we count matching entries and return that as 'total_items' for use in pagination.
 		// By default we return one page (default 80 items maximum) and do not count total entries
-	
+
 		$logic = ((strlen($sql_extra)) ? 'false' : 'true');
-	
+
 		if($hash)
 			$logic = 'true';
-	
+
 		if($dirmode == DIRECTORY_MODE_STANDALONE) {
 			$sql_extra .= " and xchan_addr like '%%" . \App::get_hostname() . "' ";
 		}
-	
+
 		$safesql = (($safe > 0) ? " and xchan_censored = 0 and xchan_selfcensored = 0 " : '');
 		if($safe < 0)
 			$safesql = " and ( xchan_censored = 1 OR xchan_selfcensored = 1 ) ";
-	
+
 		if($forums)
 			$safesql .= " and xchan_pubforum = " . ((intval($forums)) ? '1 ' : '0 ');
-	
-		if($limit) 
+
+		if($limit)
 			$qlimit = " LIMIT $limit ";
 		else {
 			$qlimit = " LIMIT " . intval($perpage) . " OFFSET " . intval($startrec);
@@ -198,27 +194,27 @@ class Dirsearch extends Controller {
 				}
 			}
 		}
-	
+
 		if($sort_order == 'normal') {
 			$order = " order by xchan_name asc ";
-	
-			// Start the alphabetic search at 'A' 
+
+			// Start the alphabetic search at 'A'
 			// This will make a handful of channels whose names begin with
 			// punctuation un-searchable in this mode
-	
+
 			$safesql .= " and ascii(substring(xchan_name FROM 1 FOR 1)) > 64 ";
 		}
 		elseif($sort_order == 'reverse')
 			$order = " order by xchan_name desc ";
 		elseif($sort_order == 'reversedate')
 			$order = " order by xchan_name_date asc ";
-		else	
+		else
 			$order = " order by xchan_name_date desc ";
-	
-	
+
+
 		if($sync) {
 			$spkt = array('transactions' => array());
-			$r = q("select * from updates where ud_date >= '%s' and ud_guid != '' order by ud_date desc",
+			$r = q("select * from updates where ud_date >= '%s' and ud_guid != '' and ud_addr != '' order by ud_date desc",
 				dbesc($sync)
 			);
 			if($r) {
@@ -228,7 +224,7 @@ class Dirsearch extends Controller {
 						$flags[] = 'deleted';
 					if($rr['ud_flags'] & UPDATE_FLAGS_FORCED)
 						$flags[] = 'forced';
-	
+
 					$spkt['transactions'][] = array(
 						'hash' => $rr['ud_hash'],
 						'address' => $rr['ud_addr'],
@@ -238,87 +234,48 @@ class Dirsearch extends Controller {
 					);
 				}
 			}
-			$r = q("select * from xlink where xlink_static = 1 and xlink_updated >= '%s' ",
-				dbesc($sync)
-			);
-			if($r) {
-				$spkt['ratings'] = array();
-				foreach($r as $rr) {
-					$spkt['ratings'][] = array(
-						'type' => 'rating', 
-						'encoding' => 'zot',
-						'channel' => $rr['xlink_xchan'],
-						'target' => $rr['xlink_link'],
-						'rating' => intval($rr['xlink_rating']),
-						'rating_text' => $rr['xlink_rating_text'],
-						'signature' => $rr['xlink_sig'],
-						'edited' => $rr['xlink_updated']
-					);
-				}
-			}
 			json_return_and_die($spkt);
 		}
 		else {
-	
-			$r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash 
-				where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 
-				$safesql $order $qlimit "
+
+			$r = q("SELECT
+				xchan.xchan_name as name,
+				xchan.xchan_hash as hash,
+				xchan.xchan_censored as censored,
+				xchan.xchan_selfcensored as selfcensored,
+				xchan.xchan_pubforum as public_forum,
+				xchan.xchan_url as url,
+				xchan.xchan_photo_l as photo_l,
+				xchan.xchan_photo_m as photo,
+				xchan.xchan_addr as address,
+				xprof.xprof_desc as description,
+				xprof.xprof_locale as locale,
+				xprof.xprof_region as region,
+				xprof.xprof_postcode as postcode,
+				xprof.xprof_country as country,
+				xprof.xprof_dob as birthday,
+				xprof.xprof_age as age,
+				xprof.xprof_gender as gender,
+				xprof.xprof_marital as marital,
+				xprof.xprof_sexual as sexual,
+				xprof.xprof_about as about,
+				xprof.xprof_homepage as homepage,
+				xprof.xprof_hometown as hometown,
+				xprof.xprof_keywords as keywords
+				from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on hubloc_hash = xchan_hash
+				where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
+				$safesql $order $qlimit",
+				db_utcnow(),
+				db_quoteinterval('30 DAY')
 			);
-	
-	
-	
-			$ret['page'] = $page + 1;
-			$ret['records'] = count($r);		
+
 		}
-	
-	
-	
+
 		if($r) {
-	
-			$entries = array();
-	
-			foreach($r as $rr) {
-	
-				$entry = array();
-	
-				$pc = q("select count(xlink_rating) as total_ratings from xlink where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 group by xlink_rating",
-					dbesc($rr['xchan_hash'])
-				);
-	
-				if($pc)
-					$entry['total_ratings'] = intval($pc[0]['total_ratings']);
-				else
-					$entry['total_ratings'] = 0;
-	
-				$entry['name']         = $rr['xchan_name'];
-				$entry['hash']         = $rr['xchan_hash'];
-				$entry['censored']     = $rr['xchan_censored'];
-				$entry['selfcensored'] = $rr['xchan_selfcensored'];
-				$entry['public_forum'] = (intval($rr['xchan_pubforum']) ? true : false);
-				$entry['url']          = $rr['xchan_url'];
-				$entry['photo_l']      = $rr['xchan_photo_l'];
-				$entry['photo']        = $rr['xchan_photo_m'];
-				$entry['address']      = $rr['xchan_addr'];
-				$entry['description']  = $rr['xprof_desc'];
-				$entry['locale']       = $rr['xprof_locale'];
-				$entry['region']       = $rr['xprof_region'];
-				$entry['postcode']     = $rr['xprof_postcode'];
-				$entry['country']      = $rr['xprof_country'];
-				$entry['birthday']     = $rr['xprof_dob'];
-				$entry['age']          = $rr['xprof_age'];
-				$entry['gender']       = $rr['xprof_gender'];
-				$entry['marital']      = $rr['xprof_marital'];
-				$entry['sexual']       = $rr['xprof_sexual'];
-				$entry['about']        = $rr['xprof_about'];
-				$entry['homepage']     = $rr['xprof_homepage'];
-				$entry['hometown']     = $rr['xprof_hometown'];
-				$entry['keywords']     = $rr['xprof_keywords'];
-	
-				$entries[] = $entry;
-	
-			}
-	
-			$ret['results'] = $entries;
+			$ret['results'] = $r;
+			$ret['page'] = $page + 1;
+			$ret['records'] = count($r);
+
 			if($kw) {
 				$k = dir_tagadelic($kw, $hub);
 				if($k) {
@@ -328,30 +285,30 @@ class Dirsearch extends Controller {
 					}
 				}
 			}
-		}		
-	
+		}
+
 		json_return_and_die($ret);
 	}
-	
+
 	function dir_query_build($joiner,$field,$s) {
 		$ret = '';
 		if(trim($s))
 			$ret .= dbesc($joiner) . " " . dbesc($field) . " like '" . protect_sprintf( '%' . dbesc($s) . '%' ) . "' ";
 		return $ret;
 	}
-	
+
 	function dir_flag_build($joiner,$field,$bit,$s) {
 		return dbesc($joiner) . " ( " . dbesc($field) . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 ";
 	}
-	
-	
+
+
 	function dir_parse_query($s) {
-	
+
 		$ret = array();
 		$curr = array();
 		$all = explode(' ',$s);
 		$quoted_string = false;
-	
+
 		if($all) {
 			foreach($all as $q) {
 				if($quoted_string === false) {
@@ -382,7 +339,7 @@ class Dirsearch extends Controller {
 							$ret[] = $curr;
 							$curr = array();
 							continue;
-						}	
+						}
 						else {
 							$ret[] = $curr;
 							$curr = array();
@@ -405,15 +362,15 @@ class Dirsearch extends Controller {
 		logger('dir_parse_query:' . print_r($ret,true),LOGGER_DATA);
 		return $ret;
 	}
-	
-		
-	
-	
-	
-	
-	
+
+
+
+
+
+
+
 	function list_public_sites() {
-	
+
 		$rand = db_getfunc('rand');
 		$realm = get_directory_realm();
 		if($realm == DIRECTORY_REALM) {
@@ -428,16 +385,16 @@ class Dirsearch extends Controller {
 				intval(SITE_TYPE_ZOT)
 			);
 		}
-			
+
 		$ret = array('success' => false);
-	
+
 		if($r) {
 			$ret['success'] = true;
 			$ret['sites'] = array();
 			$insecure = array();
-	
+
 			foreach($r as $rr) {
-				
+
 				if($rr['site_access'] == ACCESS_FREE)
 					$access = 'free';
 				elseif($rr['site_access'] == ACCESS_PAID)
@@ -446,14 +403,14 @@ class Dirsearch extends Controller {
 					$access = 'tiered';
 				else
 					$access = 'private';
-	
+
 				if($rr['site_register'] == REGISTER_OPEN)
 					$register = 'open';
 				elseif($rr['site_register'] == REGISTER_APPROVE)
 					$register = 'approve';
 				else
 					$register = 'closed';
-	
+
 				if(strpos($rr['site_url'],'https://') !== false)
 					$ret['sites'][] = array('url' => $rr['site_url'], 'access' => $access, 'register' => $register, 'sellpage' => $rr['site_sellpage'], 'location' => $rr['site_location'], 'project' => $rr['site_project'], 'version' => $rr['site_version']);
 				else
--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -1,6 +1,8 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+
 require_once("include/bbcode.php");
 require_once('include/security.php');
 require_once('include/conversation.php');
@@ -34,11 +36,20 @@ class Display extends \Zotlabs\Web\Controller {
 			}
 		}

-		if($_REQUEST['mid'])
+		if($_REQUEST['mid']) {
 			$item_hash = $_REQUEST['mid'];
+		}

-		if(! $item_hash) {
-			\App::$error = 404;
+		$item_hash = unpack_link_id($item_hash);
+
+		if ($item_hash === false) {
+			App::$error = 400;
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}
+
+		if(!$item_hash) {
+			App::$error = 404;
 			notice( t('Item not found.') . EOL);
 			return;
 		}
@@ -47,7 +58,7 @@ class Display extends \Zotlabs\Web\Controller {

 		if(local_channel() && (! $update)) {

-			$channel = \App::get_channel();
+			$channel = App::get_channel();

 			$channel_acl = array(
 				'allow_cid' => $channel['channel_allow_cid'],
@@ -92,11 +103,6 @@ class Display extends \Zotlabs\Web\Controller {

 		$target_item = null;

-		if(strpos($item_hash,'b64.') === 0)
-			$decoded = @base64url_decode(substr($item_hash,4));
-		if($decoded)
-			$item_hash = $decoded;
-
 		$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid = '%s' limit 1",
 			dbesc($item_hash)
 		);
@@ -110,7 +116,7 @@ class Display extends \Zotlabs\Web\Controller {
 		);
 		if($x) {
 // not yet ready for prime time
-//			\App::$poi = $x[0];
+//			App::$poi = $x[0];
 		}

 		//if the item is to be moderated redirect to /moderate
@@ -189,17 +195,15 @@ class Display extends \Zotlabs\Web\Controller {
 			// if the target item is not a post (eg a like) we want to address its thread parent

 			//$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']);
-			$mid = $target_item['mid'];

 			// if we got a decoded hash we must encode it again before handing to javascript
-			if($decoded)
-				$mid = 'b64.' . base64url_encode($mid);
+			$mid = gen_link_id($target_item['mid']);

 			$o .= '<div id="live-display"></div>' . "\r\n";
 			$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1))
-				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n";
+				. "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n";

-			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
+			App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
 				'$baseurl' => z_root(),
 				'$pgtype'  => 'display',
 				'$uid'     => '0',
@@ -215,7 +219,7 @@ class Display extends \Zotlabs\Web\Controller {
 				'$dm'      => '0',
 				'$nouveau' => '0',
 				'$wall'    => '0',
-				'$page'    => ((\App::$pager['page'] != 1) ? \App::$pager['page'] : 1),
+				'$page'    => ((App::$pager['page'] != 1) ? App::$pager['page'] : 1),
 				'$list'    => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
 				'$search'  => '',
 				'$xchan'   => '',
@@ -233,7 +237,7 @@ class Display extends \Zotlabs\Web\Controller {
 			head_add_link([
 				'rel'   => 'alternate',
 				'type'  => 'application/json+oembed',
-				'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
+				'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
 				'title' => 'oembed'
 			]);

@@ -355,7 +359,7 @@ class Display extends \Zotlabs\Web\Controller {
 				}
 				$o .= '</noscript>';

-				\App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . \App::$page['title'] : \App::$page['title']);
+				App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . App::$page['title'] : App::$page['title']);

 				$o .= conversation($items, 'display', $update, 'client');
 			}
@@ -368,12 +372,12 @@ class Display extends \Zotlabs\Web\Controller {
 				'$version'       => xmlify(\Zotlabs\Lib\System::get_project_version()),
 				'$generator'     => xmlify(\Zotlabs\Lib\System::get_platform_name()),
 				'$generator_uri' => 'https://hubzilla.org',
-				'$feed_id'       => xmlify(\App::$cmd),
+				'$feed_id'       => xmlify(App::$cmd),
 				'$feed_title'    => xmlify(t('Article')),
 				'$feed_updated'  => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
 				'$author'        => '',
 				'$owner'         => '',
-				'$profile_page'  => xmlify(z_root() . '/display/' . $target_item['mid']),
+				'$profile_page'  => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])),
 			));

 			$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];
--- a/Zotlabs/Module/Dreport.php
+++ b/Zotlabs/Module/Dreport.php
@@ -5,33 +5,21 @@ namespace Zotlabs\Module;
 class Dreport extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
 			return;
 		}
-	
-		$table = 'item';
-	
-		$channel = \App::get_channel();
-		
-		$mid = ((argc() > 1) ? argv(1) : '');
-		$encoded_mid = '';

-		if(strpos($mid,'b64.') === 0) {
-			$encoded_mid = $mid;
-			$mid = @base64url_decode(substr($mid,4));
-		}
+		$table = 'item';
+		$channel = \App::get_channel();
+		$mid = ((argc() > 1) ? unpack_link_id(argv(1)) : '');
+
 		if($mid === 'push') {
 			$table = 'push';
-			$mid = ((argc() > 2) ? argv(2) : '');
+			$mid = ((argc() > 2) ? unpack_link_id(argv(2)) : '');

-			if(strpos($mid,'b64.') === 0) {
-				$encoded_mid = $mid;
-				$mid = @base64url_decode(substr($mid,4));
-			}
-
-			if($mid) {	
+			if($mid) {
 				$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
 					dbesc($mid),
 					intval($channel['channel_id']),
@@ -43,23 +31,14 @@ class Dreport extends \Zotlabs\Web\Controller {
 				}
 			}
 			sleep(3);
-			goaway(z_root() . '/dreport/' . (($encoded_mid) ? $encoded_mid : $mid));
+			goaway(z_root() . '/dreport/' . gen_link_id($mid));
 		}

-		if($mid === 'mail') {
-			$table = 'mail';
-			$mid = ((argc() > 2) ? argv(2) : '');
-			if(strpos($mid,'b64.') === 0)
-				$mid = @base64url_decode(substr($mid,4));
-
-		}
-	
-	
 		if(! $mid) {
 			notice( t('Invalid message') . EOL);
 			return;
 		}
-	
+
 		switch($table) {
 			case 'item':
 				$i = q("select id from item where mid = '%s' and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
@@ -68,39 +47,32 @@ class Dreport extends \Zotlabs\Web\Controller {
 					dbesc($channel['channel_hash'])
 				);
 				break;
-			case 'mail':
-				$i = q("select id from mail where mid = '%s' and from_xchan = '%s'",
-					dbesc($mid),
-					dbesc($channel['channel_hash'])
-				);
-				break;
 			default:
 				break;
 		}
-	
+
 		if(! $i) {
 			notice( t('Permission denied') . EOL);
 			return;
 		}
-		
-		$r = q("select * from dreport where (dreport_xchan = '%s' or dreport_xchan = '%s') and dreport_mid = '%s'",
+
+		$r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
 			dbesc($channel['channel_hash']),
-			dbesc($channel['channel_portable_id']),
 			dbesc($mid)
 		);
-	
+
 		if(! $r) {
 			notice( t('no results') . EOL);
 //			return;
 		}
-		
+
 		for($x = 0; $x < count($r); $x++ ) {
-	
+
 			// This has two purposes: 1. make the delivery report strings translateable, and
 			// 2. assign an ordering to item delivery results so we can group them and provide
 			// a readable report with more interesting events listed toward the top and lesser
 			// interesting items towards the bottom
-	
+
 			switch($r[$x]['dreport_result']) {
 				case 'channel sync processed':
 					$r[$x]['gravity'] = 0;
@@ -132,27 +104,18 @@ class Dreport extends \Zotlabs\Web\Controller {
 				case 'recipient not found':
 					$r[$x]['dreport_result'] = t('recipient not found');
 					break;
-				case 'mail recalled':
-					$r[$x]['dreport_result'] = t('mail recalled');
-					break;
-				case 'duplicate mail received':
-					$r[$x]['dreport_result'] = t('duplicate mail received');
-					break;
-				case 'mail delivered':
-					$r[$x]['dreport_result'] = t('mail delivered');
-					break;
 				default:
 					$r[$x]['gravity'] = 1;
 					break;
 			}
 		}
-	
+
 		usort($r,'self::dreport_gravity_sort');

 		$entries = array();
 		foreach($r as $rr) {
-			$entries[] = [ 
-				'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']),					
+			$entries[] = [
+				'name' => escape_tags($rr['dreport_name'] ?: $rr['dreport_recip']),
 				'result' => escape_tags($rr['dreport_result']),
 				'time' => escape_tags(datetime_convert('UTC',date_default_timezone_get(),$rr['dreport_time']))
 			];
@@ -167,14 +130,14 @@ class Dreport extends \Zotlabs\Web\Controller {
 			'$push' => t('Redeliver'),
 			'$entries' => $entries
 		));
-	
-	
+
+
 		return $o;
-	
-	
-	
+
+
+
 	}
-	
+
 	private static function dreport_gravity_sort($a,$b) {
 		if($a['gravity'] == $b['gravity']) {
 			if($a['dreport_name'] === $b['dreport_name'])
@@ -183,5 +146,5 @@ class Dreport extends \Zotlabs\Web\Controller {
 		}
 		return (($a['gravity'] > $b['gravity']) ? 1 : (-1));
 	}
-	
+
 }
--- a/Zotlabs/Module/Events.php
+++ b/Zotlabs/Module/Events.php
@@ -1,750 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/conversation.php');
-require_once('include/bbcode.php');
-require_once('include/datetime.php');
-require_once('include/event.php');
-require_once('include/items.php');
-require_once('include/html2plain.php');
-
-class Events extends \Zotlabs\Web\Controller {
-
-	function post() {
-
-		// this module is deprecated
-		return;
-	
-		logger('post: ' . print_r($_REQUEST,true), LOGGER_DATA);
-	
-		if(! local_channel())
-			return;
-	
-		if(($_FILES) && array_key_exists('userfile',$_FILES) && intval($_FILES['userfile']['size'])) {
-			$src = $_FILES['userfile']['tmp_name'];
-			if($src) {
-				$result = parse_ical_file($src,local_channel());
-				if($result)
-					info( t('Calendar entries imported.') . EOL);
-				else
-					notice( t('No calendar entries found.') . EOL);
-				@unlink($src);
-			}
-			goaway(z_root() . '/events');
-		}
-	
-	
-		$event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0);
-		$event_hash = ((x($_POST,'event_hash')) ? $_POST['event_hash'] : '');
-	
-		$xchan = ((x($_POST,'xchan')) ? dbesc($_POST['xchan']) : '');
-		$uid      = local_channel();
-	
-		$start_text = escape_tags($_REQUEST['start_text']);
-		$finish_text = escape_tags($_REQUEST['finish_text']);
-	
-		$adjust   = intval($_POST['adjust']);
-		$nofinish = intval($_POST['nofinish']);
-	
-		$timezone = ((x($_POST,'timezone_select')) ? notags(trim($_POST['timezone_select']))     : '');
-
-		$tz = (($timezone) ? $timezone : date_default_timezone_get());
-
-		$categories = escape_tags(trim($_POST['category']));
-	
-		// only allow editing your own events. 
-	
-		if(($xchan) && ($xchan !== get_observer_hash()))
-			return;
-	
-		if($start_text) {
-			$start = $start_text;
-		}
-		else {
-			$start = sprintf('%d-%d-%d %d:%d:0',$startyear,$startmonth,$startday,$starthour,$startminute);
-		}
-	
-	
-		if($finish_text) {
-			$finish = $finish_text;
-		}
-		else {
-			$finish = sprintf('%d-%d-%d %d:%d:0',$finishyear,$finishmonth,$finishday,$finishhour,$finishminute);
-		}
-
-		if($nofinish) {
-			$finish = NULL_DATE;
-		}
-
-	
-		if($adjust) {
-			$start = datetime_convert($tz,'UTC',$start);
-			if(! $nofinish)
-				$finish = datetime_convert($tz,'UTC',$finish);
-		}
-		else {
-			$start = datetime_convert('UTC','UTC',$start);
-			if(! $nofinish)
-				$finish = datetime_convert('UTC','UTC',$finish);
-		}
-	
-		// Don't allow the event to finish before it begins.
-		// It won't hurt anything, but somebody will file a bug report
-		// and we'll waste a bunch of time responding to it. Time that 
-		// could've been spent doing something else. 
-	
-	
-		$summary  = escape_tags(trim($_POST['summary']));
-		$desc     = escape_tags(trim($_POST['desc']));
-		$location = escape_tags(trim($_POST['location']));
-		$type     = escape_tags(trim($_POST['type']));
-	
-		require_once('include/text.php');
-		linkify_tags($desc, local_channel());
-		linkify_tags($location, local_channel());
-	
-		//$action = ($event_hash == '') ? 'new' : "event/" . $event_hash;
-	
-		//fixme: this url gives a wsod if there is a linebreak detected in one of the variables ($desc or $location)
-		//$onerror_url = z_root() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish&type=$type";
-		$onerror_url = z_root() . "/events";
-	
-		if(strcmp($finish,$start) < 0 && !$nofinish) {
-			notice( t('Event can not end before it has started.') . EOL);
-			if(intval($_REQUEST['preview'])) {
-				echo( t('Unable to generate preview.'));
-				killme();
-			}
-			goaway($onerror_url);
-		}
-	
-		if((! $summary) || (! $start)) {
-			notice( t('Event title and start time are required.') . EOL);
-			if(intval($_REQUEST['preview'])) {
-				echo( t('Unable to generate preview.'));
-				killme();
-			}
-			goaway($onerror_url);
-		}
-	
-		//		$share = ((intval($_POST['distr'])) ? intval($_POST['distr']) : 0);
-
-		$share = 1;	
-
-		$channel = \App::get_channel();
-	
-		$acl = new \Zotlabs\Access\AccessList(false);
-	
-		if($event_id) {
-			$x = q("select * from event where id = %d and uid = %d limit 1",
-				intval($event_id),
-				intval(local_channel())
-			);
-			if(! $x) {
-				notice( t('Event not found.') . EOL);
-				if(intval($_REQUEST['preview'])) {
-					echo( t('Unable to generate preview.'));
-					killme();
-				}
-				return;
-			}
-	
-			$acl->set($x[0]);
-	
-			$created = $x[0]['created'];
-			$edited = datetime_convert();
-	
-			if($x[0]['allow_cid'] === '<' . $channel['channel_hash'] . '>' 
-				&& $x[0]['allow_gid'] === '' && $x[0]['deny_cid'] === '' && $x[0]['deny_gid'] === '') {
-				$share = false;
-			}
-			else {
-				$share = true;
-			}
-		}
-		else {
-			$created = $edited = datetime_convert();
-			if($share) {
-				$acl->set_from_array($_POST);
-			}
-			else {
-				$acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
-			}
-		}
-	
-		$post_tags = array();
-		$channel = \App::get_channel();
-		$ac = $acl->get();
-	
-		if(strlen($categories)) {
-			$cats = explode(',',$categories);
-			foreach($cats as $cat) {
-				$post_tags[] = array(
-					'uid'   => $profile_uid, 
-					'ttype' => TERM_CATEGORY,
-					'otype' => TERM_OBJ_POST,
-					'term'  => trim($cat),
-					'url'   => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))
-				);
-			}
-		}
-	
-		$datarray = array();
-		$datarray['dtstart'] = $start;
-		$datarray['dtend'] = $finish;
-		$datarray['summary'] = $summary;
-		$datarray['description'] = $desc;
-		$datarray['location'] = $location;
-		$datarray['etype'] = $type;
-		$datarray['adjust'] = $adjust;
-		$datarray['nofinish'] = $nofinish;
-		$datarray['uid'] = local_channel();
-		$datarray['account'] = get_account_id();
-		$datarray['event_xchan'] = $channel['channel_hash'];
-		$datarray['allow_cid'] = $ac['allow_cid'];
-		$datarray['allow_gid'] = $ac['allow_gid'];
-		$datarray['deny_cid'] = $ac['deny_cid'];
-		$datarray['deny_gid'] = $ac['deny_gid'];
-		$datarray['private'] = (($acl->is_private()) ? 1 : 0);
-		$datarray['id'] = $event_id;
-		$datarray['created'] = $created;
-		$datarray['edited'] = $edited;
-	
-		if(intval($_REQUEST['preview'])) {
-			$html = format_event_html($datarray);
-			echo $html;
-			killme();
-		}
-	
-		$event = event_store_event($datarray);
-	
-		if($post_tags)	
-			$datarray['term'] = $post_tags;
-	
-		$item_id = event_store_item($datarray,$event);
-	
-		if($item_id) {
-			$r = q("select * from item where id = %d",
-				intval($item_id)
-			);
-			if($r) {
-				xchan_query($r);
-				$sync_item = fetch_post_tags($r);
-				$z = q("select * from event where event_hash = '%s' and uid = %d limit 1",
-					dbesc($r[0]['resource_id']),
-					intval($channel['channel_id'])
-				);
-				if($z) {
-					build_sync_packet($channel['channel_id'],array('event_item' => array(encode_item($sync_item[0],true)),'event' => $z));
-				}
-			}
-		}
-	
-		if($share)
-			\Zotlabs\Daemon\Master::Summon(array('Notifier','event',$item_id));
-	
-	}
-	
-	
-	
-	function get() {
-
-		// this module is deprecated
-		return;
-	
-		if(argc() > 2 && argv(1) == 'ical') {
-			$event_id = argv(2);
-	
-			require_once('include/security.php');
-			$sql_extra = permissions_sql(local_channel());
-	
-			$r = q("select * from event where event_hash = '%s' $sql_extra limit 1",
-				dbesc($event_id)
-			);
-			if($r) { 
-				header('Content-type: text/calendar');
-				header('content-disposition: attachment; filename="' . t('event') . '-' . $event_id . '.ics"' );
-				echo ical_wrapper($r);
-				killme();
-			}
-			else {
-				notice( t('Event not found.') . EOL );
-				return;
-			}
-		}
-	
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		\App::$profile_uid = local_channel();
-		nav_set_selected('Events');
-
-	
-		if((argc() > 2) && (argv(1) === 'ignore') && intval(argv(2))) {
-			$r = q("update event set dismissed = 1 where id = %d and uid = %d",
-				intval(argv(2)),
-				intval(local_channel())
-			);
-		}
-	
-		if((argc() > 2) && (argv(1) === 'unignore') && intval(argv(2))) {
-			$r = q("update event set dismissed = 0 where id = %d and uid = %d",
-				intval(argv(2)),
-				intval(local_channel())
-			);
-		}
-	
-		$first_day = feature_enabled(local_channel(), 'events_cal_first_day');
-		$first_day = (($first_day) ? $first_day : 0);
-	
-		$htpl = get_markup_template('event_head.tpl');
-		\App::$page['htmlhead'] .= replace_macros($htpl,array(
-			'$baseurl' => z_root(),
-			'$module_url' => '/events',
-			'$modparams' => 1,
-			'$lang' => \App::$language,
-			'$first_day' => $first_day
-		));
-	
-		$o = '';
-	
-		$channel = \App::get_channel();
-	
-		$mode = 'view';
-		$y = 0;
-		$m = 0;
-		$ignored = ((x($_REQUEST,'ignored')) ? " and dismissed = " . intval($_REQUEST['ignored']) . " "  : '');
-	
-	
-		// logger('args: ' . print_r(\App::$argv,true));
-	
-	
-	
-		if(argc() > 1) {
-			if(argc() > 2 && argv(1) === 'add') {
-				$mode = 'add';
-				$item_id = intval(argv(2));
-			}
-			if(argc() > 2 && argv(1) === 'drop') {
-				$mode = 'drop';
-				$event_id = argv(2);
-			}
-			if(argc() > 2 && intval(argv(1)) && intval(argv(2))) {
-				$mode = 'view';
-				$y = intval(argv(1));
-				$m = intval(argv(2));
-			}
-			if(argc() <= 2) {
-				$mode = 'view';
-				$event_id = argv(1);
-			}
-		}
-	
-		if($mode === 'add') {
-			event_addtocal($item_id,local_channel());
-			killme();
-		}
-	
-		if($mode == 'view') {
-	
-			/* edit/create form */
-			if($event_id) {
-				$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
-					dbesc($event_id),
-					intval(local_channel())
-				);
-				if(count($r))
-					$orig_event = $r[0];
-			}
-	
-			$channel = \App::get_channel();
-	
-			// Passed parameters overrides anything found in the DB
-			if(!x($orig_event))
-				$orig_event = array();
-	
-			// In case of an error the browser is redirected back here, with these parameters filled in with the previous values
-			/*
-			if(x($_REQUEST,'nofinish')) $orig_event['nofinish'] = $_REQUEST['nofinish'];
-			if(x($_REQUEST,'adjust')) $orig_event['adjust'] = $_REQUEST['adjust'];
-			if(x($_REQUEST,'summary')) $orig_event['summary'] = $_REQUEST['summary'];
-			if(x($_REQUEST,'description')) $orig_event['description'] = $_REQUEST['description'];
-			if(x($_REQUEST,'location')) $orig_event['location'] = $_REQUEST['location'];
-			if(x($_REQUEST,'start')) $orig_event['dtstart'] = $_REQUEST['start'];
-			if(x($_REQUEST,'finish')) $orig_event['dtend'] = $_REQUEST['finish'];
-			if(x($_REQUEST,'type')) $orig_event['etype'] = $_REQUEST['type'];
-			*/
-	
-			$n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : '');
-			$a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : '');
-			$t_orig = ((x($orig_event)) ? $orig_event['summary'] : '');
-			$d_orig = ((x($orig_event)) ? $orig_event['description'] : '');
-			$l_orig = ((x($orig_event)) ? $orig_event['location'] : '');
-			$eid = ((x($orig_event)) ? $orig_event['id'] : 0);
-			$event_xchan = ((x($orig_event)) ? $orig_event['event_xchan'] : $channel['channel_hash']);
-			$mid = ((x($orig_event)) ? $orig_event['mid'] : '');
-	
-			if(! x($orig_event)) {
-				$sh_checked = '';
-				$a_checked = ' checked="checked" ';
-			}
-			else {
-				$sh_checked = ((($orig_event['allow_cid'] === '<' . $channel['channel_hash'] . '>' || (! $orig_event['allow_cid'])) && (! $orig_event['allow_gid']) && (! $orig_event['deny_cid']) && (! $orig_event['deny_gid'])) ? '' : ' checked="checked" ' );
-			}
-
-			if($orig_event['event_xchan'])
-				$sh_checked .= ' disabled="disabled" ';
-	
-			$sdt = ((x($orig_event)) ? $orig_event['dtstart'] : 'now');
-	
-			$fdt = ((x($orig_event)) ? $orig_event['dtend'] : '+1 hour');
-	
-			$tz = date_default_timezone_get();
-			if(x($orig_event))
-				$tz = (($orig_event['adjust']) ? date_default_timezone_get() : 'UTC');
-	
-			$syear = datetime_convert('UTC', $tz, $sdt, 'Y');
-			$smonth = datetime_convert('UTC', $tz, $sdt, 'm');
-			$sday = datetime_convert('UTC', $tz, $sdt, 'd');
-			$shour = datetime_convert('UTC', $tz, $sdt, 'H');
-			$sminute = datetime_convert('UTC', $tz, $sdt, 'i');
-	
-			$stext = datetime_convert('UTC',$tz,$sdt);
-			$stext = substr($stext,0,14) . "00:00";
-	
-			$fyear = datetime_convert('UTC', $tz, $fdt, 'Y');
-			$fmonth = datetime_convert('UTC', $tz, $fdt, 'm');
-			$fday = datetime_convert('UTC', $tz, $fdt, 'd');
-			$fhour = datetime_convert('UTC', $tz, $fdt, 'H');
-			$fminute = datetime_convert('UTC', $tz, $fdt, 'i');
-	
-			$ftext = datetime_convert('UTC',$tz,$fdt);
-			$ftext = substr($ftext,0,14) . "00:00";
-	
-			$type = ((x($orig_event)) ? $orig_event['etype'] : 'event');
-	
-			$f = get_config('system','event_input_format');
-			if(! $f)
-				$f = 'ymd';
-	
-			$catsenabled = feature_enabled(local_channel(),'categories');
-	
-			$category = '';
-	
-			if($catsenabled && x($orig_event)){
-				$itm = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d limit 1",
-					dbesc($orig_event['event_hash']),
-					intval(local_channel())
-				);
-				$itm = fetch_post_tags($itm);
-				if($itm) {
-					$cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-					foreach ($cats as $cat) {
-						if(strlen($category))
-							$category .= ', ';
-						$category .= $cat['term'];
-	            			}
-				}
-			}
-	
-			require_once('include/acl_selectors.php');
-	
-			$acl = new \Zotlabs\Access\AccessList($channel);
-			$perm_defaults = $acl->get();
-
-			$permissions = ((x($orig_event)) ? $orig_event : $perm_defaults);
-
-			$tpl = get_markup_template('event_form.tpl');
-	
-			$form = replace_macros($tpl,array(
-				'$post' => z_root() . '/events',
-				'$eid' => $eid,
-				'$type' => $type,
-				'$xchan' => $event_xchan,
-				'$mid' => $mid,
-				'$event_hash' => $event_id,
-				'$summary' => array('summary', (($event_id) ? t('Edit event title') : t('Event title')), $t_orig, t('Required'), '*'),
-				'$catsenabled' => $catsenabled,
-				'$placeholdercategory' => t('Categories (comma-separated list)'),
-				'$c_text' => (($event_id) ? t('Edit Category') : t('Category')),
-				'$category' => $category,
-				'$required' => '<span class="required" title="' . t('Required') . '">*</span>',
-				'$s_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$syear+5),\DateTime::createFromFormat('Y-m-d H:i',"$syear-$smonth-$sday $shour:$sminute"), (($event_id) ? t('Edit start date and time') : t('Start date and time')), 'start_text',true,true,'','',true,$first_day),
-				'$n_text' => t('Finish date and time are not known or not relevant'),
-				'$n_checked' => $n_checked,
-				'$f_dsel' => datetimesel($f,new \DateTime(),\DateTime::createFromFormat('Y',$fyear+5),\DateTime::createFromFormat('Y-m-d H:i',"$fyear-$fmonth-$fday $fhour:$fminute"), (($event_id) ? t('Edit finish date and time') : t('Finish date and time')),'finish_text',true,true,'start_text','',false,$first_day),
-				'$nofinish' => array('nofinish', t('Finish date and time are not known or not relevant'), $n_checked, '', array(t('No'),t('Yes')), 'onclick="enableDisableFinishDate();"'),
-				'$adjust' => array('adjust', t('Adjust for viewer timezone'), $a_checked, t('Important for events that happen in a particular place. Not practical for global holidays.'), array(t('No'),t('Yes'))),
-				'$a_text' => t('Adjust for viewer timezone'),
-				'$d_text' => (($event_id) ? t('Edit Description') : t('Description')),
-				'$d_orig' => $d_orig,
-				'$l_text' => (($event_id) ? t('Edit Location') : t('Location')),
-				'$l_orig' => $l_orig,
-				'$t_orig' => $t_orig,
-				'$preview' => t('Preview'),
-				'$perms_label' => t('Permission settings'),
-				// populating the acl dialog was a permission description from view_stream because Cal.php, which
-				// displays events, says "since we don't currently have an event permission - use the stream permission"
-				'$acl' => (($orig_event['event_xchan']) ? '' : populate_acl(((x($orig_event)) ? $orig_event : $perm_defaults), false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'))),
-
-				'$allow_cid' => acl2json($permissions['allow_cid']),
-				'$allow_gid' => acl2json($permissions['allow_gid']),
-				'$deny_cid' => acl2json($permissions['deny_cid']),
-				'$deny_gid' => acl2json($permissions['deny_gid']),
-				'$tz_choose' => feature_enabled(local_channel(),'event_tz_select'),
-				'$timezone' => array('timezone_select' , t('Timezone:'), date_default_timezone_get(), '', get_timezones()),
-
-				'$lockstate' => (($acl->is_private()) ? 'lock' : 'unlock'),
-
-				'$submit' => t('Submit'),
-				'$advanced' => t('Advanced Options')
-	
-			));
-			/* end edit/create form */
-	
-			$thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
-			$thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
-			if(! $y)
-				$y = intval($thisyear);
-			if(! $m)
-				$m = intval($thismonth);
-	
-			$export = false;
-			if(argc() === 4 && argv(3) === 'export')
-				$export = true;
-	
-			// Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
-			// An upper limit was chosen to keep search engines from exploring links millions of years in the future. 
-	
-			if($y < 1901)
-				$y = 1900;
-			if($y > 2099)
-				$y = 2100;
-	
-			$nextyear = $y;
-			$nextmonth = $m + 1;
-			if($nextmonth > 12) {
-					$nextmonth = 1;
-				$nextyear ++;
-			}
-	
-			$prevyear = $y;
-			if($m > 1)
-				$prevmonth = $m - 1;
-			else {
-				$prevmonth = 12;
-				$prevyear --;
-			}
-				
-			$dim    = get_dim($y,$m);
-			$start  = sprintf('%d-%d-%d %d:%d:%d',$y,$m,1,0,0,0);
-			$finish = sprintf('%d-%d-%d %d:%d:%d',$y,$m,$dim,23,59,59);
-	
-	
-			if (argv(1) === 'json'){
-				if (x($_GET,'start'))	$start = $_GET['start'];
-				if (x($_GET,'end'))	$finish = $_GET['end'];
-			}
-	
-			$start  = datetime_convert('UTC','UTC',$start);
-			$finish = datetime_convert('UTC','UTC',$finish);
-	
-			$adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
-			$adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
-	
-			if (x($_GET,'id')){
-			  	$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d limit 1",
-					intval(local_channel()),
-					intval($_GET['id'])
-				);
-			} elseif($export) {
-				$r = q("SELECT * from event where uid = %d
-					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
-					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
-					intval(local_channel()),
-					dbesc($start),
-					dbesc($finish),
-					dbesc($adjust_start),
-					dbesc($adjust_finish)
-				);
-			}
-			else {
-				// fixed an issue with "nofinish" events not showing up in the calendar.
-				// There's still an issue if the finish date crosses the end of month.
-				// Noting this for now - it will need to be fixed here and in Friendica.
-				// Ultimately the finish date shouldn't be involved in the query. 
-
-				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan
-	                              from event left join item on event_hash = resource_id 
-					where resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
-					AND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) 
-					OR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) ",
-					intval(local_channel()),
-					dbesc($start),
-					dbesc($finish),
-					dbesc($adjust_start),
-					dbesc($adjust_finish)
-				);
-			}
-	
-			$links = array();
-	
-			if($r && ! $export) {
-				xchan_query($r);
-				$r = fetch_post_tags($r,true);
-	
-				$r = sort_by_date($r);
-			}
-	
-			if($r) {
-				foreach($r as $rr) {
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					if(! x($links,$j)) 
-						$links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j;
-				}
-			}
-	
-			$events=array();
-	
-			$last_date = '';
-			$fmt = t('l, F j');
-	
-			if($r) {
-	
-				foreach($r as $rr) {
-					
-					$j = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'j') : datetime_convert('UTC','UTC',$rr['dtstart'],'j'));
-					$d = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], $fmt) : datetime_convert('UTC','UTC',$rr['dtstart'],$fmt));
-					$d = day_translate($d);
-					
-					$start = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtstart'], 'c') : datetime_convert('UTC','UTC',$rr['dtstart'],'c'));
-					if ($rr['nofinish']){
-						$end = null;
-					} else {
-						$end = (($rr['adjust']) ? datetime_convert('UTC',date_default_timezone_get(),$rr['dtend'], 'c') : datetime_convert('UTC','UTC',$rr['dtend'],'c'));
-
-						// give a fake end to birthdays so they get crammed into a 
-						// single day on the calendar
-
-						if($rr['etype'] === 'birthday')
-							$end = null;
-					}
-					
-					
-					$is_first = ($d !== $last_date);
-						
-					$last_date = $d;
-	
-					$edit = ((local_channel() && $rr['author_xchan'] == get_observer_hash()) ? array(z_root().'/events/'.$rr['event_hash'].'?expandform=1',t('Edit event'),'','') : false);
-	
-					$drop = array(z_root().'/events/drop/'.$rr['event_hash'],t('Delete event'),'','');
-	
-					$title = strip_tags(html_entity_decode(zidify_links(bbcode($rr['summary'])),ENT_QUOTES,'UTF-8'));
-					if(! $title) {
-						list($title, $_trash) = explode("<br",bbcode($rr['desc']),2);
-						$title = strip_tags(html_entity_decode($title,ENT_QUOTES,'UTF-8'));
-					}
-					$html = format_event_html($rr);
-					$rr['desc'] = zidify_links(smilies(bbcode($rr['desc'])));
-					$rr['description'] = htmlentities(html2plain(bbcode($rr['description'])),ENT_COMPAT,'UTF-8',false);
-					$rr['location'] = zidify_links(smilies(bbcode($rr['location'])));
-					$events[] = array(
-						'id'=>$rr['id'],
-						'hash' => $rr['event_hash'],
-						'start'=> $start,
-						'end' => $end,
-						'drop' => $drop,
-						'allDay' => false,
-						'title' => $title,
-						
-						'j' => $j,
-						'd' => $d,
-						'edit' => $edit,
-						'is_first'=>$is_first,
-						'item'=>$rr,
-						'html'=>$html,
-						'plink' => array($rr['plink'],t('Link to Source'),'',''),
-					);
-
-				}
-			}
-
-			if($export) {
-				header('Content-type: text/calendar');
-				header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"' );
-				echo ical_wrapper($r);
-				killme();
-			}
-	
-			if (\App::$argv[1] === 'json'){
-				echo json_encode($events); killme();
-			}
-			
-			// links: array('href', 'text', 'extra css classes', 'title')
-			if (x($_GET,'id')){
-				$tpl =  get_markup_template("event.tpl");
-			} 
-			else {
-				$tpl = get_markup_template("events-js.tpl");
-			}
-	
-			$o = replace_macros($tpl, array(
-				'$baseurl'	=> z_root(),
-				'$new_event'	=> array(z_root().'/events',(($event_id) ? t('Edit Event') : t('Create Event')),'',''),
-				'$previus'	=> array(z_root()."/events/$prevyear/$prevmonth",t('Previous'),'',''),
-				'$next'		=> array(z_root()."/events/$nextyear/$nextmonth",t('Next'),'',''),
-				'$export'	=> array(z_root()."/events/$y/$m/export",t('Export'),'',''),
-				'$calendar'	=> cal($y,$m,$links, ' eventcal'),
-				'$events'	=> $events,
-				'$view_label'   => t('View'),
-				'$month'        => t('Month'),
-				'$week'         => t('Week'),
-				'$day'          => t('Day'),
-				'$prev'		=> t('Previous'),
-				'$next'		=> t('Next'),
-				'$today'	=> t('Today'),
-				'$form'		=> $form,
-				'$expandform'	=> ((x($_GET,'expandform')) ? true : false),
-			));
-			
-			if (x($_GET,'id')){ echo $o; killme(); }
-			
-			return $o;
-		}
-	
-		if($mode === 'drop' && $event_id) {
-			$r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1",
-				dbesc($event_id),
-				intval(local_channel())
-			);
-	
-			$sync_event = $r[0];
-	
-			if($r) {
-				$r = q("delete from event where event_hash = '%s' and uid = %d",
-					dbesc($event_id),
-					intval(local_channel())
-				);
-				if($r) {
-					$r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d",
-						dbesc($event_id),
-						intval(local_channel())
-					);
-					$sync_event['event_deleted'] = 1;
-					build_sync_packet(0,array('event' => array($sync_event)));
-	
-					info( t('Event removed') . EOL);
-				}
-				else {
-					notice( t('Failed to remove event' ) . EOL);
-				}
-				goaway(z_root() . '/events');
-			}
-		}
-	
-	}
-	
-}
--- a/Zotlabs/Module/Fhublocs.php
+++ b/Zotlabs/Module/Fhublocs.php
@@ -3,7 +3,6 @@ namespace Zotlabs\Module;

 use Zotlabs\Lib\Libzot;

-require_once('include/zot.php');
 require_once('include/crypto.php');

 /* fix missing or damaged hublocs */
@@ -59,23 +58,6 @@ class Fhublocs extends \Zotlabs\Web\Controller {

 				// Create a verified hub location pointing to this site.

-/*
-				$h = hubloc_store_lowlevel(
-					[
-						'hubloc_guid'     => $rr['channel_guid'],
-						'hubloc_guid_sig' => $rr['channel_guid_sig'],
-						'hubloc_hash'     => $rr['channel_hash'],
-						'hubloc_addr'     => channel_reddress($rr),
-						'hubloc_network'  => 'zot',
-						'hubloc_primary'  => $primary,
-						'hubloc_url'      => z_root(),
-						'hubloc_url_sig'  => base64url_encode(Crypto::sign(z_root(),$rr['channel_prvkey'])),
-						'hubloc_host'     => \App::get_hostname(),
-						'hubloc_callback' => z_root() . '/post',
-						'hubloc_sitekey'  => $sitekey
-					]
-				);
-*/
 				$h = hubloc_store_lowlevel(
 					[
 						'hubloc_guid'     => $rr['channel_guid'],
--- a/Zotlabs/Module/Group.php
+++ b/Zotlabs/Module/Group.php
@@ -26,7 +26,7 @@ class Group extends Controller {
 	}

 	function post() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
@@ -35,10 +35,10 @@ class Group extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
 			return;
 		}
-	
+
 		if((argc() == 2) && (argv(1) === 'new')) {
 			check_form_security_token_redirectOnErr('/group/new', 'group_edit');
-			
+
 			$name = notags(trim($_POST['groupname']));
 			$public = intval($_POST['public']);
 			$r = group_add(local_channel(),$name,$public);
@@ -49,11 +49,11 @@ class Group extends Controller {
 				notice( t('Could not create privacy group.') . EOL );
 			}
 			goaway(z_root() . '/group');
-	
+
 		}
 		if((argc() == 2) && (intval(argv(1)))) {
 			check_form_security_token_redirectOnErr('/group', 'group_edit');
-			
+
 			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
@@ -61,12 +61,12 @@ class Group extends Controller {
 			if(! $r) {
 				notice( t('Privacy group not found.') . EOL );
 				goaway(z_root() . '/connections');
-	
+
 			}
 			$group = $r[0];
 			$groupname = notags(trim($_POST['groupname']));
 			$public = intval($_POST['public']);
-	
+
 			$hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
                       	call_hooks ('privacygroup_extras_post',$hookinfo);

@@ -83,18 +83,14 @@ class Group extends Controller {

 				Libsync::build_sync_packet(local_channel(),null,true);
 			}
-	
+
 			goaway(z_root() . '/group/' . argv(1) . '/' . argv(2));
 		}
-		return;	
+		return;
 	}
-	
+
 	function get() {

-		$change = false;
-	
-		logger('mod_group: ' . App::$cmd,LOGGER_DEBUG);
-		
 		if(! local_channel()) {
 			notice( t('Permission denied') . EOL);
 			return;
@@ -103,12 +99,14 @@ class Group extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Privacy Groups App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Management of privacy groups');
-			return $o;
+			$papp = Apps::get_papp('Privacy Groups');
+			return Apps::app_render($papp, 'module');
 		}

+		logger('mod_group: ' . App::$cmd,LOGGER_DEBUG);
+
+		$change = false;
+
 		// Switch to text mode interface if we have more than 'n' contacts or group members
 		$switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit');
 		if($switchtotext === false)
@@ -166,16 +164,16 @@ class Group extends Controller {

 		$context = array('$submit' => t('Submit'));
 		$tpl = get_markup_template('group_edit.tpl');
-	
+
 		if((argc() == 3) && (argv(1) === 'drop')) {
 			check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
-			
+
 			if(intval(argv(2))) {
 				$r = q("SELECT gname FROM pgrp WHERE id = %d AND uid = %d LIMIT 1",
 					intval(argv(2)),
 					intval(local_channel())
 				);
-				if($r) 
+				if($r)
 					$result = group_rmv(local_channel(),$r[0]['gname']);
 				if($result) {
 					$hookinfo = [ 'pgrp_extras' => '', 'group' => argv(2) ];
@@ -188,23 +186,23 @@ class Group extends Controller {
 			goaway(z_root() . '/group');
 			// NOTREACHED
 		}
-	
-	
+
+
 		if((argc() > 2) && intval(argv(1)) && argv(2)) {
-	
+
 			check_form_security_token_ForbiddenOnErr('group_member_change', 't');
-	
+
 			$r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 limit 1",
 				dbesc(base64url_decode(argv(2))),
 				intval(local_channel())
 			);
 			if(count($r))
 				$change = base64url_decode(argv(2));
-	
+
 		}
-	
+
 		if((argc() > 1) && (intval(argv(1)))) {
-	
+
 			require_once('include/acl_selectors.php');
 			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
@@ -215,28 +213,28 @@ class Group extends Controller {
 				goaway(z_root() . '/connections');
 			}
 			$group = $r[0];
-	
-	
+
+
 			$members = group_get_members($group['id']);
-	
+
 			$preselected = array();
 			if(count($members))	{
 				foreach($members as $member)
 					if(! in_array($member['xchan_hash'],$preselected))
 						$preselected[] = $member['xchan_hash'];
 			}
-	
+
 			if($change) {
-	
+
 				if(in_array($change,$preselected)) {
 					group_rmv_member(local_channel(),$group['gname'],$change);
 				}
 				else {
 					group_add_member(local_channel(),$group['gname'],$change);
 				}
-	
+
 				$members = group_get_members($group['id']);
-	
+
 				$preselected = array();
 				if(count($members))	{
 					foreach($members as $member)
@@ -260,19 +258,19 @@ class Group extends Controller {
 				'$form_security_token_drop' => get_form_security_token("group_drop"),
 				'$pgrp_extras' => $pgrp_extras,
 			);
-	
+
 		}
-	
+
 		if(! isset($group))
 			return;
-	
+
 		$groupeditor = array(
 			'label_members' => t('Group members'),
 			'members' => array(),
 			'label_contacts' => t('Not in this group'),
 			'contacts' => array(),
 		);
-			
+
 		$sec_token = addslashes(get_form_security_token('group_member_change'));
 		$textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : 'card');
 		foreach($members as $member) {
@@ -284,11 +282,11 @@ class Group extends Controller {
 			else
 				group_rmv_member(local_channel(),$group['gname'],$member['xchan_hash']);
 		}
-	
+
 		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc",
 			intval(local_channel())
 		);
-	
+
 		if(count($r)) {
 			$textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : 'card');
 			foreach($r as $member) {
@@ -299,20 +297,20 @@ class Group extends Controller {
 				}
 			}
 		}
-	
+
 		$context['$groupeditor'] = $groupeditor;
 		$context['$desc'] = t('Click a channel to toggle membership');
 		$context['$pgrp_extras'] = $pgrp_extras;
-	
+
 		if($change) {
 			$tpl = get_markup_template('groupeditor.tpl');
 			echo replace_macros($tpl, $context);
 			killme();
 		}
-		
+
 		return replace_macros($tpl, $context);
-	
+
 	}
-	
-	
+
+
 }
--- a/Zotlabs/Module/Home.php
+++ b/Zotlabs/Module/Home.php
@@ -40,7 +40,7 @@ class Home extends Controller {
 			if (!$dest)
 				$dest = get_config('system', 'startpage');
 			if (!$dest)
-				$dest = z_root() . '/network';
+				$dest = z_root() . '/hq';

 			goaway($dest);
 		}
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -1,6 +1,10 @@
 <?php
 namespace Zotlabs\Module;

+use App;
+use Zotlabs\Widget\Messages;
+
+
 require_once("include/bbcode.php");
 require_once('include/security.php');
 require_once('include/conversation.php');
@@ -14,36 +18,27 @@ class Hq extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;

-		\App::$profile_uid = local_channel();
-	}
-
-	function post() {
-
-		if(!local_channel())
-			return;
-
-		if($_REQUEST['notify_id']) {
-			q("update notify set seen = 1 where id = %d and uid = %d",
-				intval($_REQUEST['notify_id']),
-				intval(local_channel())
-			);
-		}
-
-		killme();
-
+		App::$profile_uid = local_channel();
 	}

 	function get($update = 0, $load = false) {

-		if(!local_channel())
+		if(!local_channel()) {
 			return;
-
-		if(argc() > 1 && argv(1) !== 'load') {
-			$item_hash = argv(1);
 		}

-		if($_REQUEST['mid'])
-			$item_hash = $_REQUEST['mid'];
+		if(argc() > 1 && argv(1) !== 'load') {
+			$item_hash = unpack_link_id(argv(1));
+		}
+
+		if(isset($_REQUEST['mid'])) {
+			$item_hash = unpack_link_id($_REQUEST['mid']);
+		}
+
+		if($item_hash === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}

 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
@@ -52,23 +47,17 @@ class Hq extends \Zotlabs\Web\Controller {
 			$r = q("SELECT mid FROM item
 				WHERE uid = %d $item_normal
 				AND mid = parent_mid
+				AND item_private IN (0, 1)
 				ORDER BY created DESC LIMIT 1",
 				intval(local_channel())
 			);
-
 			if($r[0]['mid']) {
-				$item_hash = 'b64.' . base64url_encode($r[0]['mid']);
+				$item_hash = $r[0]['mid'];
 			}
 		}

 		if($item_hash) {

-			if(strpos($item_hash,'b64.') === 0)
-				$decoded = @base64url_decode(substr($item_hash,4));
-
-			if($decoded)
-				$item_hash = $decoded;
-
 			$target_item = null;

 			$r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1",
@@ -96,7 +85,7 @@ class Hq extends \Zotlabs\Web\Controller {
 		}

 		if(! $update) {
-			$channel = \App::get_channel();
+			$channel = App::get_channel();

 			$channel_acl = [
 				'allow_cid' => $channel['channel_allow_cid'],
@@ -125,13 +114,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				'reset'               => t('Reset form')
 			];

-			$o = replace_macros(get_markup_template("hq.tpl"),
-				[
-					'$no_messages' => (($target_item) ? false : true),
-					'$no_messages_label' => [ t('Welcome to Hubzilla!'), t('You have got no unseen posts...') ],
-					'$editor' => status_editor($a,$x,false,'Hq')
-				]
-			);
+			$o = status_editor($a, $x, true);

 		}

@@ -142,10 +125,9 @@ class Hq extends \Zotlabs\Web\Controller {
 			if($target_item) {
 				// if the target item is not a post (eg a like) we want to address its thread parent
 				//$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']);
-				$mid = $target_item['mid'];
+
 				// if we got a decoded hash we must encode it again before handing to javascript
-				if($decoded)
-					$mid = 'b64.' . base64url_encode($mid);
+				$mid = gen_link_id($target_item['mid']);
 			}
 			else {
 				$mid = '';
@@ -153,9 +135,9 @@ class Hq extends \Zotlabs\Web\Controller {

 			$o .= '<div id="live-hq"></div>' . "\r\n";
 			$o .= "<script> var profile_uid = " . local_channel()
-				. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . ";</script>\r\n";
+				. "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . ";</script>\r\n";

-			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[
+			App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),[
 				'$baseurl' => z_root(),
 				'$pgtype'  => 'hq',
 				'$uid'     => local_channel(),
@@ -267,4 +249,17 @@ class Hq extends \Zotlabs\Web\Controller {

 	}

+	function post() {
+		if (!local_channel())
+			return;
+
+		$options['offset'] = $_REQUEST['offset'];
+		$options['dm'] = $_REQUEST['dm'];
+		$options['type'] = $_REQUEST['type'];
+
+		$ret = Messages::get_messages_page($options);
+
+		json_return_and_die($ret);
+	}
+
 }
--- a/Zotlabs/Module/Import.php
+++ b/Zotlabs/Module/Import.php
@@ -2,7 +2,6 @@

 namespace Zotlabs\Module;

-require_once('include/zot.php');
 require_once('include/channel.php');
 require_once('include/import.php');
 require_once('include/perm_upgrade.php');
@@ -212,35 +211,8 @@ class Import extends \Zotlabs\Web\Controller {
 		// create new hubloc for the new channel at this site

 		if(array_key_exists('channel',$data)) {
-			if($channel['channel_portable_id']) {
-				$r = hubloc_store_lowlevel(
-					[
-						'hubloc_guid'     => $channel['channel_guid'],
-						'hubloc_guid_sig' => $channel['channel_guid_sig'],
-						'hubloc_hash'     => $channel['channel_portable_id'],
-						'hubloc_addr'     => channel_reddress($channel),
-						'hubloc_network'  => 'zot',
-						'hubloc_primary'  => (($seize) ? 1 : 0),
-						'hubloc_url'      => z_root(),
-						'hubloc_url_sig'  => base64url_encode(Crypto::sign(z_root(),$channel['channel_prvkey'])),
-						'hubloc_host'     => \App::get_hostname(),
-						'hubloc_callback' => z_root() . '/post',
-						'hubloc_sitekey'  => get_config('system','pubkey'),
-						'hubloc_updated'  => datetime_convert(),
-						'hubloc_id_url'   => channel_url($channel)
-					]
-				);

-				// reset the original primary hubloc if it is being seized
-				if($seize) {
-					$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ",
-						dbesc($channel['channel_portable_id']),
-						dbesc(z_root())
-					);
-				}
-			}
-
-			// create a new zot6 hubloc if we have got a channel_portable_id
+			// create a new zot6 hubloc

 			$r = hubloc_store_lowlevel(
 				[
@@ -280,33 +252,10 @@ class Import extends \Zotlabs\Web\Controller {

 			// replace any existing xchan we may have on this site if we're seizing control

-			$r = q("delete from xchan where ( xchan_hash = '%s' or xchan_hash = '%s' ) ",
-				dbesc($channel['channel_hash']),
-				dbesc($channel['channel_portable_id'])
+			$r = q("delete from xchan where xchan_hash = '%s'",
+				dbesc($channel['channel_hash'])
 			);

-			if($channel['channel_portable_id']) {
-				$r = xchan_store_lowlevel(
-					[
-						'xchan_hash'           => $channel['channel_portable_id'],
-						'xchan_guid'           => $channel['channel_guid'],
-						'xchan_guid_sig'       => $channel['channel_guid_sig'],
-						'xchan_pubkey'         => $channel['channel_pubkey'],
-						'xchan_photo_l'        => z_root() . "/photo/profile/l/" . $channel['channel_id'],
-						'xchan_photo_m'        => z_root() . "/photo/profile/m/" . $channel['channel_id'],
-						'xchan_photo_s'        => z_root() . "/photo/profile/s/" . $channel['channel_id'],
-						'xchan_addr'           => channel_reddress($channel),
-						'xchan_url'            => z_root() . '/channel/' . $channel['channel_address'],
-						'xchan_connurl'        => z_root() . '/poco/' . $channel['channel_address'],
-						'xchan_follow'         => z_root() . '/follow?f=&url=%s',
-						'xchan_name'           => $channel['channel_name'],
-						'xchan_network'        => 'zot',
-						'xchan_photo_date'     => datetime_convert(),
-						'xchan_name_date'      => datetime_convert()
-					]
-				);
-			}
-
 			$r = xchan_store_lowlevel(
 				[
 					'xchan_hash'           => $channel['channel_hash'],
@@ -336,14 +285,6 @@ class Import extends \Zotlabs\Web\Controller {
 		if($xchans) {
 			foreach($xchans as $xchan) {

-				if($xchan['xchan_network'] === 'zot') {
-					$hash = make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_guid_sig']);
-					if($hash !== $xchan['xchan_hash']) {
-						logger('forged xchan: ' . print_r($xchan,true));
-						continue;
-					}
-				}
-
 				if($xchan['xchan_network'] === 'zot6') {
 					$zhash = Libzot::make_xchan_hash($xchan['xchan_guid'],$xchan['xchan_pubkey']);
 					if($zhash !== $xchan['xchan_hash']) {
@@ -553,12 +494,6 @@ class Import extends \Zotlabs\Web\Controller {
 		if(is_array($data['chatroom']))
 			import_chatrooms($channel,$data['chatroom']);

-		if(is_array($data['conv']))
-			import_conv($channel,$data['conv']);
-
-		if(is_array($data['mail']))
-			import_mail($channel,$data['mail']);
-
 		if(is_array($data['event']))
 			import_events($channel,$data['event']);

--- a/Zotlabs/Module/Invite.php
+++ b/Zotlabs/Module/Invite.php
@@ -306,9 +306,8 @@ class Invite extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Invite')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = 'ZAI0102E,' . t('Invite App') . ' (' . t('Not Installed') . ')' . EOL;
-			return $o;
+			$papp = Apps::get_papp('Invite');
+			return Apps::app_render($papp, 'module');
 		}

 		if (! (get_config('system','invitation_also') || get_config('system','invitation_only')) ) {
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -280,16 +280,17 @@ class Item extends Controller {


 		if(argc() > 1 && argv(1) !== 'drop') {
-			$x = q("select uid, item_wall, llink, mid from item where mid = '%s' or mid = '%s' ",
+			$x = q("select uid, item_wall, llink, mid from item where mid = '%s' or mid = '%s' or uuid = '%s'",
 				dbesc(z_root() . '/item/' . argv(1)),
-				dbesc(z_root() . '/activity/' . argv(1))
+				dbesc(z_root() . '/activity/' . argv(1)),
+				dbesc(argv(1))
 			);
 			if($x) {
 				foreach($x as $xv) {
 					if (intval($xv['item_wall'])) {
 						$c = channelx_by_n($xv['uid']);
 						if ($c) {
-							goaway($c['xchan_url'] . '?mid=' . gen_link_id($xv['mid']));
+							goaway(z_root() . '/channel/' . $c['channel_address'] . '?mid=' . gen_link_id($xv['mid']));
 						}
 					}
 				}
@@ -745,10 +746,10 @@ class Item extends Controller {

 			if($parent_item) {
 				$acl->set($parent_item);
-				$private = intval($acl->is_private() || $parent_item['item_private']);
-				$public_policy     = $parent_item['public_policy'];
-				$owner_hash        = $parent_item['owner_xchan'];
-				$webpage           = $parent_item['item_type'];
+				$private       = intval($parent_item['item_private']);
+				$public_policy = $parent_item['public_policy'];
+				$owner_hash    = $parent_item['owner_xchan'];
+				$webpage       = $parent_item['item_type'];
 			}

 			if((! $allow_empty) && (! strlen($body))) {
@@ -822,6 +823,8 @@ class Item extends Controller {

 		$post_tags = [];

+
+
 		if($mimetype === 'text/bbcode') {

 			require_once('include/text.php');
@@ -1374,6 +1377,10 @@ class Item extends Controller {
 			return $post;

 		if($return_path) {
+			if($return_path === 'hq') {
+				goaway(z_root() . '/hq/' . gen_link_id($datarray['mid']));
+			}
+
 			goaway(z_root() . "/" . $return_path);
 		}

--- a/Zotlabs/Module/Lang.php
+++ b/Zotlabs/Module/Lang.php
@@ -7,16 +7,60 @@ use Zotlabs\Web\Controller;

 class Lang extends Controller {

+	const MYP = 	'ZIN';
+	const VERSION =	'2.0.0';
+
+	function post() {
+
+		$re = [];
+		$isajax = is_ajax();
+		$eol 	= $isajax ? "\n" : EOL;
+
+		if (! Apps::system_app_installed(local_channel(), 'Language')) {
+			$re['msg'] = 'ZIN0202E, ' . t('Language App') . ' (' . t('Not Installed') . ')' ;
+			notice( $re['msg'] . EOL);
+			if ($isajax) {
+				echo json_encode( $re );
+				killme();
+				exit;
+			} else {
+				return;
+			}
+		}
+
+		$lc = x($_POST['zinlc']) && preg_match('/^\?\?|[a-z]{2,2}[x_\-]{0,1}[a-zA-Z]{0,2}$/', $_POST['zinlc'])
+			? $_POST['zinlc'] : '';
+		$lcs= x($_POST['zinlcs']) && preg_match('/^[a-z,_\-]{0,191}$/', $_POST['zinlcs'])
+			? $_POST['zinlcs'] : '';
+
+		if ($isajax) {
+
+			if ($lc == '??') {
+				$re['lc'] = get_best_language();
+				$re['lcs'] = language_list();
+			} else {
+				$re['lc'] = $lc;
+				$re['alc'] = App::$language;
+				$re['slc'] = $_SESSION['language'];
+				$_SESSION['language'] = $lc;
+				App::$language = $lc;
+				load_translation_table($lc, true);
+			}
+
+			echo json_encode( $re );
+			killme();
+			exit;
+		}
+	}
+
 	function get() {

 		if(local_channel()) {
 			if(! Apps::system_app_installed(local_channel(), 'Language')) {
-				//Do not display any associated widgets at this point
-				App::$pdl = '';
-
-				$o = '<b>' . t('Language App') . ' (' . t('Not Installed') . '):</b><br>';
-				$o .= t('Change UI language');
-				return $o;
+			//Do not display any associated widgets at this point
+			App::$pdl = '';
+			$papp = Apps::get_papp('Language');
+			return Apps::app_render($papp, 'module');
 			}
 		}

@@ -24,5 +68,5 @@ class Lang extends Controller {
 		return lang_selector();

 	}
-	
+
 }
--- a/Zotlabs/Module/Linkinfo.php
+++ b/Zotlabs/Module/Linkinfo.php
@@ -5,37 +5,37 @@ namespace Zotlabs\Module;
 class Linkinfo extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		logger('linkinfo: ' . print_r($_REQUEST,true));
-	
+
 		$text = null;
 		$str_tags = '';
-		$process_oembed = true;	
-	
+		$process_oembed = true;
+
 		$br = "\n";
-	
+
 		if(x($_GET,'binurl'))
 			$url = trim(hex2bin($_GET['binurl']));
 		else
 			$url = trim($_GET['url']);
-	
+
 		if(substr($url,0,1) === '!') {
 			$process_oembed = false;
 			$url = substr($url,1);
 		}

 		$url = strip_zids($url);
-	
+
 		if((substr($url,0,1) != '/') && (substr($url,0,4) != 'http'))
 			$url = 'http://' . $url;
-	
-	
+
+
 		if($_GET['title'])
 			$title = strip_tags(trim($_GET['title']));
-	
+
 		if($_GET['description'])
 			$text = strip_tags(trim($_GET['description']));
-	
+
 		if($_GET['tags']) {
 			$arr_tags = str_getcsv($_GET['tags']);
 			if(count($arr_tags)) {
@@ -43,23 +43,25 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 				$str_tags = $br . implode(' ',$arr_tags) . $br;
 			}
 		}
-	
+
 		logger('linkinfo: ' . $url);
-		
-                // Replace plink URL with 'share' tag if possible
-                preg_match("/(mid=b64\.|display\/|posts\/)([\w\-]+)(&.+)?$/", $url, $mid);

-                if (!empty($mid) && $mid[1] == 'mid=b64.')
-                        $mid[2] = base64_decode($mid[2]);
+		// Replace plink URL with 'share' tag if possible
+		preg_match("/(mid=b64\.|display\/|posts\/)([\w\-]+)(&.+)?$/", $url, $mid);

-                $r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
-                        dbesc((empty($mid) ? $url : $mid[2])),
-                        intval(local_channel())
-                );
-                if ($r) {
-                        echo "[share=" . $r[0]['id'] . "][/share]";
-                        killme();
-                }
+		if (!empty($mid)) {
+			$mid[2] = unpack_link_id($mid[2]);
+		}
+
+		$r = q("SELECT id FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
+			dbesc((empty($mid) ? $url : $mid[2])),
+			intval(local_channel())
+		);
+
+		if ($r) {
+			echo "[share=" . $r[0]['id'] . "][/share]";
+			killme();
+		}

 		$result = z_fetch_url($url,false,0,array('novalidate' => true, 'nobody' => true));
 		if($result['success']) {
@@ -108,13 +110,13 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		$template = $br . '#^[url=%s]%s[/url]%s' . $br;
-	
+
 		$arr = array('url' => $url, 'text' => '');
-	
+
 		call_hooks('parse_link', $arr);
-	
+
 		if(strlen($arr['text'])) {
 			echo $arr['text'];
 			killme();
@@ -127,28 +129,28 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 				killme();
 			}
 		}
-	
+
 		if($url && $title && $text) {
-	
+
 			$text = $br . '[quote]' . trim($text) . '[/quote]' . $br;
-	
+
 			$title = str_replace(array("\r","\n"),array('',''),$title);
-	
+
 			$result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags;
-	
+
 			logger('linkinfo (unparsed): returns: ' . $result);
-	
+
 			echo $result;
 			killme();
 		}
-	
+
 		$siteinfo = self::parseurl_getsiteinfo($url);
-	
+
 		// If the site uses this platform, use zrl rather than url so they get zids sent to them by default
-	
+
 		if(is_matrix_url($url))
 			$template = str_replace('url','zrl',$template);
-	
+
 		if($siteinfo["title"] == "") {
 			echo sprintf($template,$url,$url,'') . $str_tags;
 			killme();
@@ -156,19 +158,19 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 			$text = $siteinfo["text"];
 			$title = $siteinfo["title"];
 		}
-	
+
 		$image = "";

 		if(is_array($siteinfo["images"]) && count($siteinfo["images"])){
 			/* Execute below code only if image is present in siteinfo */
-	
+
 			$total_images = 0;
 			$max_images = get_config('system','max_bookmark_images');
 			if($max_images === false)
 				$max_images = 2;
 			else
 				$max_images = intval($max_images);
-	
+
 			foreach ($siteinfo["images"] as $imagedata) {
 	                        if ($url) {
 	                            $image .= sprintf('[url=%s]', $url);
@@ -183,57 +185,57 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		if(strlen($text)) {
 			$text = $br.'[quote]'.trim($text).'[/quote]'.$br ;
 		}
-	
+
 		if($image) {
 			$text = $br.$br.$image.$text;
 		}
 		$title = str_replace(array("\r","\n"),array('',''),$title);
-	
+
 		$result = sprintf($template,$url,($title) ? $title : $url,$text) . $str_tags;
-	
+
 		logger('linkinfo: returns: ' . $result, LOGGER_DEBUG);
-	
+
 		echo trim($result);
 		killme();
-	
+
 	}
-	
-	
+
+
 	public static function deletexnode(&$doc, $node) {
 		$xpath = new \DomXPath($doc);
 		$list = $xpath->query("//".$node);
 		foreach ($list as $child)
 			$child->parentNode->removeChild($child);
 	}
-	
+
 	public static function completeurl($url, $scheme) {
 	        $urlarr = parse_url($url);
-	
+
 	        if (isset($urlarr["scheme"]))
 	                return($url);
-	
+
 	        $schemearr = parse_url($scheme);
-	
+
 	        $complete = $schemearr["scheme"]."://".$schemearr["host"];
-	
+
 	        if ($schemearr["port"] != "")
 	                $complete .= ":".$schemearr["port"];
-	
+
 			if(strpos($urlarr['path'],'/') !== 0)
 				$complete .= '/';
-	
+
 	        $complete .= $urlarr["path"];
-	
+
 	        if ($urlarr["query"] != "")
 	                $complete .= "?".$urlarr["query"];
-	
+
 	        if ($urlarr["fragment"] != "")
 	                $complete .= "#".$urlarr["fragment"];
-	
+
 	        return($complete);
 	}

@@ -251,7 +253,7 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 		$p = substr($m,strpos($m,'/')+1);

 		// get the channel to check permissions
-		
+
 		$u = channelx_by_nick($nick);

 		if($u && $p) {
@@ -272,18 +274,18 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 		return EMPTY_STR;
 	}

-	
+
 	public static function parseurl_getsiteinfo($url) {
 		$siteinfo = array();
-	
-	
+
+
 		$result = z_fetch_url($url,false,0,array('novalidate' => true));
 		if(! $result['success'])
 			return $siteinfo;
-	
+
 		$header = $result['header'];
 		$body   = $result['body'];
-		
+
 		// Check codepage in HTTP headers or HTML if not exist
 		$cp = (preg_match('/Content-Type: text\/html; charset=(.+)\r\n/i', $header, $o) ? $o[1] : '');
 		if(empty($cp))
@@ -291,10 +293,10 @@ class Linkinfo extends \Zotlabs\Web\Controller {

 		$body   = mb_convert_encoding($body, 'UTF-8', $cp);
 		$body   = mb_convert_encoding($body, 'HTML-ENTITIES', "UTF-8");
-	
+
 		$doc    = new \DOMDocument();
 		@$doc->loadHTML($body);
-	
+
 		self::deletexnode($doc, 'style');
 		self::deletexnode($doc, 'script');
 		self::deletexnode($doc, 'option');
@@ -306,14 +308,14 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 		self::deletexnode($doc, 'h6');
 		self::deletexnode($doc, 'ol');
 		self::deletexnode($doc, 'ul');
-	
+
 		$xpath = new \DomXPath($doc);
-	
+
 		//$list = $xpath->query("head/title");
 		$list = $xpath->query("//title");
 		foreach ($list as $node)
 			$siteinfo["title"] =  html_entity_decode($node->nodeValue, ENT_QUOTES, "UTF-8");
-	
+
 		//$list = $xpath->query("head/meta[@name]");
 		$list = $xpath->query("//meta[@name]");
 		foreach ($list as $node) {
@@ -321,9 +323,9 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 			if ($node->attributes->length)
 	                        foreach ($node->attributes as $attribute)
 	                                $attr[$attribute->name] = $attribute->value;
-	
+
 			$attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8");
-	
+
 			switch (strtolower($attr["name"])) {
 				case "fulltitle":
 					$siteinfo["title"] = trim($attr["content"]);
@@ -365,7 +367,7 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		//$list = $xpath->query("head/meta[@property]");
 		$list = $xpath->query("//meta[@property]");
 		foreach ($list as $node) {
@@ -373,9 +375,9 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 			if ($node->attributes->length)
 	                        foreach ($node->attributes as $attribute)
 	                                $attr[$attribute->name] = $attribute->value;
-	
+
 			$attr["content"] = html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8");
-	
+
 			switch (strtolower($attr["property"])) {
 				case "og:image":
 					$siteinfo["image"] = $attr["content"];
@@ -388,7 +390,7 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					break;
 			}
 		}
-	
+
 		if ($siteinfo["image"] == "") {
 	            $list = $xpath->query("//img[@src]");
 	            foreach ($list as $node) {
@@ -396,10 +398,10 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 	                if ($node->attributes->length)
 	                    foreach ($node->attributes as $attribute)
 	                        $attr[$attribute->name] = $attribute->value;
-	
+
 				$src = self::completeurl($attr["src"], $url);
 				$photodata = @getimagesize($src);
-	
+
 				if (($photodata) && ($photodata[0] > 150) and ($photodata[1] > 150)) {
 					if ($photodata[0] > 300) {
 						$photodata[1] = round($photodata[1] * (300 / $photodata[0]));
@@ -413,36 +415,36 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 									"width"=>$photodata[0],
 									"height"=>$photodata[1]);
 				}
-	
+
 	 		}
 	    } else {
 			$src = self::completeurl($siteinfo["image"], $url);
-	
+
 			unset($siteinfo["image"]);
-	
+
 			$photodata = @getimagesize($src);
-	
+
 			if (($photodata) && ($photodata[0] > 10) and ($photodata[1] > 10))
 				$siteinfo["images"][] = array("src"=>$src,
 								"width"=>$photodata[0],
 								"height"=>$photodata[1]);
 		}
-	
+
 		if ($siteinfo["text"] == "") {
 			$text = "";
-	
+
 			$list = $xpath->query("//div[@class='article']");
 			foreach ($list as $node)
 				if (strlen($node->nodeValue) > 40)
 					$text .= " ".trim($node->nodeValue);
-	
+
 			if ($text == "") {
 				$list = $xpath->query("//div[@class='content']");
 				foreach ($list as $node)
 					if (strlen($node->nodeValue) > 40)
 						$text .= " ".trim($node->nodeValue);
 			}
-	
+
 			// If none text was found then take the paragraph content
 			if ($text == "") {
 				$list = $xpath->query("//p");
@@ -450,21 +452,21 @@ class Linkinfo extends \Zotlabs\Web\Controller {
 					if (strlen($node->nodeValue) > 40)
 						$text .= " ".trim($node->nodeValue);
 			}
-	
+
 			if ($text != "") {
 				$text = trim(str_replace(array("\n", "\r"), array(" ", " "), $text));
-	
+
 				while (strpos($text, "  "))
 					$text = trim(str_replace("  ", " ", $text));
-					
+
 				$text = substr(html_entity_decode($text, ENT_QUOTES, "UTF-8"), 0, 350);
 				$siteinfo["text"] = rtrim(substr($text, 0, strrpos($text, " ")), "?.,:;!-") . '...';
 			}
 		}
-	
+
 		return($siteinfo);
 	}
-	
+

 	private static function arr_add_hashes(&$item,$k) {
 		$item = '#' . $item;
--- a/Zotlabs/Module/Locs.php
+++ b/Zotlabs/Module/Locs.php
@@ -28,9 +28,8 @@ class Locs extends Controller {
 					return;
 				}

-				q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND (hubloc_hash = '%s' OR hubloc_hash = '%s')",
-					dbesc($channel['channel_hash']),
-					dbesc($channel['channel_portable_id'])
+				q("UPDATE hubloc SET hubloc_primary = 0 WHERE hubloc_primary = 1 AND hubloc_hash = '%s'",
+					dbesc($channel['channel_hash'])
 				);

 				q("UPDATE hubloc SET hubloc_primary = 1 WHERE hubloc_id = %d AND hubloc_hash = '%s'",
@@ -81,10 +80,9 @@ class Locs extends Controller {
 					}
 				}

-				q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND (hubloc_hash = '%s' OR hubloc_hash = '%s')",
+				q("UPDATE hubloc SET hubloc_deleted = 1 WHERE hubloc_id_url = '%s' AND hubloc_hash = '%s'",
 					dbesc($r[0]['hubloc_id_url']),
-					dbesc($channel['channel_hash']),
-					dbesc($channel['channel_portable_id'])
+					dbesc($channel['channel_hash'])
 				);
 				Master::Summon( [ 'Notifier', 'refresh_all', $channel['channel_id'] ] );
 				return;
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@@ -40,7 +40,7 @@ class Magic extends Controller {
 			goaway($dest);
 		}

-		$basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : ''); 
+		$basepath = $parsed['scheme'] . '://' . $parsed['host'] . (isset($parsed['port']) ? ':' . $parsed['port'] : '');
 		$owapath = SConfig::get($basepath,'system','openwebauth', $basepath . '/owa');

 		// This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating. 
@@ -110,6 +110,7 @@ class Magic extends Controller {
 				$headers['(request-target)'] = 'post ' . '/owa';

 				$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
+				$redirects = 0;
 				$x = z_post_url($owapath,$data,$redirects,[ 'headers' => $headers ]);
 				logger('owa fetch returned: ' . print_r($x,true),LOGGER_DATA);
 				if ($x['success']) {
--- a/Zotlabs/Module/Manage.php
+++ b/Zotlabs/Module/Manage.php
@@ -5,18 +5,18 @@ namespace Zotlabs\Module;
 class Manage extends \Zotlabs\Web\Controller {

 	function get() {
-	
+
 		if((! get_account_id()) || ($_SESSION['delegate'])) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}

 		nav_set_selected('Channel Manager', 'settings/manage');
-	
+
 		require_once('include/security.php');
-	
+
 		$change_channel = ((argc() > 1) ? intval(argv(1)) : 0);
-	
+
 		if((argc() > 2) && (argv(2) === 'default')) {
 			$r = q("select channel_id from channel where channel_id = %d and channel_account_id = %d limit 1",
 				intval($change_channel),
@@ -31,7 +31,7 @@ class Manage extends \Zotlabs\Web\Controller {
 			goaway(z_root() . '/manage');
 		}

-	
+
 		if($change_channel) {

 			$r = change_channel($change_channel);
@@ -45,29 +45,29 @@ class Manage extends \Zotlabs\Web\Controller {
 			}
 			goaway(z_root());
 		}
-	
+
 		$channels = null;
-	
+
 		$r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and channel_removed = 0 order by channel_name ",
 			intval(get_account_id())
 		);
-	
+
 		$account = \App::get_account();
-	
+
 		if($r && count($r)) {
 			$channels = $r;
 			for($x = 0; $x < count($channels); $x ++) {
 				$channels[$x]['link'] = 'manage/' . intval($channels[$x]['channel_id']);
-				$channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : ''); 
+				$channels[$x]['default'] = (($channels[$x]['channel_id'] == $account['account_default_channel']) ? "1" : '');
 				$channels[$x]['default_links'] = '1';
-	
-	
+
+
 				$c = q("SELECT id, item_wall FROM item
 					WHERE item_unseen = 1 and uid = %d " . item_normal(),
 					intval($channels[$x]['channel_id'])
 				);
-	
-				if($c) {	
+
+				if($c) {
 					foreach ($c as $it) {
 						if(intval($it['item_wall']))
 							$channels[$x]['home'] ++;
@@ -75,25 +75,15 @@ class Manage extends \Zotlabs\Web\Controller {
 							$channels[$x]['network'] ++;
 					}
 				}
-	
-	
+
+
 				$intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
 					intval($channels[$x]['channel_id'])
 				);
-	
+
 				if($intr)
 					$channels[$x]['intros'] = intval($intr[0]['total']);
-	
-	
-				$mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ",
-					intval($channels[$x]['channel_id']),
-					dbesc($channels[$x]['channel_hash'])
-				);
-	
-				if($mails)
-					$channels[$x]['mail'] = intval($mails[0]['total']);
-			
-	
+
 				$events = q("SELECT etype, dtstart, adjust FROM event
 					WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
 					ORDER BY dtstart ASC ",
@@ -101,7 +91,7 @@ class Manage extends \Zotlabs\Web\Controller {
 					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')),
 					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
 				);
-	
+
 				if($events) {
 					$channels[$x]['all_events'] = count($events);

@@ -128,7 +118,7 @@ class Manage extends \Zotlabs\Web\Controller {
 				}
 			}

-		}			
+		}

 		$r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0",
 			intval(get_account_id())
@@ -140,23 +130,23 @@ class Manage extends \Zotlabs\Web\Controller {
 		else {
 			$channel_usage_message = '';
 	 	}
-	
-	
+
+
 		$create = array( 'new_channel', t('Create a new channel'), t('Create New'));
-	
+
 		$delegates = null;

 		if(local_channel()) {
-			$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where 
+			$delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where
 				abook_channel = %d and abook_xchan in ( select xchan from abconfig where chan = %d and cat = 'their_perms' and k = 'delegate' and v = '1' )",
 				intval(local_channel()),
 				intval(local_channel())
 			);
 		}
-	
+
 		if($delegates) {
 			for($x = 0; $x < count($delegates); $x ++) {
-				$delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url']) 
+				$delegates[$x]['link'] = 'magic?f=&bdest=' . bin2hex($delegates[$x]['xchan_url'] . '?zid=' . get_my_address() . '&delegate=' . urlencode($delegates[$x]['xchan_addr']))
 				. '&delegate=' . urlencode($delegates[$x]['xchan_addr']);
 				$delegates[$x]['channel_name'] = $delegates[$x]['xchan_name'];
 				$delegates[$x]['delegate'] = 1;
@@ -165,9 +155,9 @@ class Manage extends \Zotlabs\Web\Controller {
 		else {
 			$delegates = null;
 		}
-	
+
 		$o = replace_macros(get_markup_template('channels.tpl'), array(
-			'$header'           => t('Channel Manager'),
+			'$header'           => t('Channels'),
 			'$msg_selected'     => t('Current Channel'),
 			'$selected'         => local_channel(),
 			'$desc'             => ((count($channels) > 1 || $delegates) ? t('Switch to one of your channels by selecting it.') : ''),
@@ -175,15 +165,14 @@ class Manage extends \Zotlabs\Web\Controller {
 			'$msg_make_default' => t('Make Default'),
 			'$create'           => $create,
 			'$all_channels'     => $channels,
-			'$mail_format'      => t('%d new messages'),
 			'$intros_format'    => t('%d new introductions'),
 			'$channel_usage_message' => $channel_usage_message,
 			'$delegated_desc'   => t('Delegated Channel'),
 			'$delegates'        => $delegates
 		));
-	
+
 		return $o;
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Manifest.php
+++ b/Zotlabs/Module/Manifest.php
@@ -0,0 +1,50 @@
+<?php
+namespace Zotlabs\Module;
+
+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\System;
+
+class Manifest extends Controller {
+
+	function init() {
+
+		$ret = [
+			'name' => ucfirst(System::get_platform_name()),
+			'short_name' => ucfirst(System::get_platform_name()),
+			'icons' => [
+				[ 'src' => '/images/app/hz-72.png', 'sizes' => '72x72', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz-96.png', 'sizes' => '96x96', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz-128.png', 'sizes' => '128x128', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz-144.png', 'sizes' => '144x144', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz-152.png', 'sizes' => '152x152', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz-192.png', 'sizes' => '192x192', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz-348.png', 'sizes' => '384x384', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz-512.png', 'sizes' => '512x512', 'type' => 'image/png' ],
+				[ 'src' => '/images/app/hz.svg', 'sizes' => '64x64', 'type' => 'image/xml+svg' ]
+			],
+			'scope' => '/',
+			'start_url' => z_root(),
+			'display' => 'standalone',
+			'orientation' => 'any',
+			'share_target' => [
+				'action' => '/rpost',
+				'method' => 'POST',
+				'enctype' => 'multipart/form-data',
+				'params' => [
+					'title' => 'title',
+					'text' => 'body',
+					'url' => 'url',
+					'files' => [
+						[ 'name' => 'userfile',
+							'accept' => [ 'image/*', 'audio/*', 'video/*', 'text/*', 'application/*' ]
+						]
+					]
+				]
+			]
+		];
+
+		json_return_and_die($ret,'application/manifest+json');
+	}
+
+}
--- a/Zotlabs/Module/Message.php
+++ b/Zotlabs/Module/Message.php
@@ -1,108 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/acl_selectors.php');
-require_once('include/message.php');
-require_once('include/zot.php');
-require_once("include/bbcode.php");
-
-
-class Message extends \Zotlabs\Web\Controller {
-
-	function get() {
-	
-		$o = '';
-		nav_set_selected('messages');
-	
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return login();
-		}
-	
-		$channel = \App::get_channel();
-		head_set_icon($channel['xchan_photo_s']);
-	
-		$cipher = get_pconfig(local_channel(),'system','default_cipher');
-		if(! $cipher)
-			$cipher = 'aes256';
-	
-	/*
-		if((argc() == 3) && (argv(1) === 'dropconv')) {
-			if(! intval(argv(2)))
-				return;
-			$cmd = argv(1);
-			$r = private_messages_drop(local_channel(), argv(2), true);
-			if($r)
-				info( t('Conversation removed.') . EOL );
-			goaway(z_root() . '/mail/combined' );
-		}
-	
-		if(argc() == 2) {
-	
-			switch(argv(1)) {
-				case 'combined':
-					$mailbox = 'combined';
-					$header = t('Conversations');
-					break;
-				case 'inbox':
-					$mailbox = 'inbox';
-					$header = t('Received Messages');
-					break;
-				case 'outbox':
-					$mailbox = 'outbox';
-					$header = t('Sent Messages');
-					break;
-				default:
-					break;
-			}
-	
-			// private_messages_list() can do other more complicated stuff, for now keep it simple
-	
-			$r = private_messages_list(local_channel(), $mailbox, \App::$pager['start'], \App::$pager['itemspage']);
-	
-			if(! $r) {
-				info( t('No messages.') . EOL);
-				return $o;
-			}
-	
-			$messages = array();
-	
-			foreach($r as $rr) {
-	
-				$messages[] = array(
-					'id'         => $rr['id'],
-					'from_name'  => $rr['from']['xchan_name'],
-					'from_url'   => chanlink_hash($rr['from_xchan']),
-					'from_photo' => $rr['from']['xchan_photo_s'],
-					'to_name'    => $rr['to']['xchan_name'],
-					'to_url'     => chanlink_hash($rr['to_xchan']),
-					'to_photo'   => $rr['to']['xchan_photo_s'],
-					'subject'    => (($rr['seen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
-					'delete'     => t('Delete conversation'),
-					'body'       => zidify_links(smilies(bbcode($rr['body']))),
-					'date'       => datetime_convert('UTC',date_default_timezone_get(),$rr['created'], t('D, d M Y - g:i A')),
-					'seen'       => $rr['seen']
-				);
-			}
-	
-	
-			$tpl = get_markup_template('mail_head.tpl');
-			$o = replace_macros($tpl, array(
-				'$header' => $header,
-				'$messages' => $messages
-			));
-	
-	
-			$o .= alt_pager(count($r));	
-	
-			return $o;
-	
-			return;
-	
-		}
-	*/
-	
-		return;
-	}
-	
-}
--- a/Zotlabs/Module/Mood.php
+++ b/Zotlabs/Module/Mood.php
@@ -14,36 +14,36 @@ require_once('include/items.php');
 class Mood extends Controller {

 	function init() {
-	
+
 		if(! local_channel())
 			return;

 		if(! Apps::system_app_installed(local_channel(), 'Mood')) {
 			return;
 		}
-	
+
 		$uid = local_channel();
 		$channel = App::get_channel();
 		$verb = notags(trim($_GET['verb']));
-		
-		if(! $verb) 
+
+		if(! $verb)
 			return;
-	
+
 		$verbs = get_mood_verbs();
-	
+
 		if(! array_key_exists($verb,$verbs))
 			return;
-	
+
 		$activity = ACTIVITY_MOOD . '#' . urlencode($verb);
-	
+
 		$parent = ((x($_GET,'parent')) ? intval($_GET['parent']) : 0);
-	
-	
+
+
 		logger('mood: verb ' . $verb, LOGGER_DEBUG);
-	
-	
+
+
 		if($parent) {
-			$r = q("select mid, owner_xchan, private, allow_cid, allow_gid, deny_cid, deny_gid 
+			$r = q("select mid, owner_xchan, private, allow_cid, allow_gid, deny_cid, deny_gid
 				from item where id = %d and parent = %d and uid = %d limit 1",
 				intval($parent),
 				intval($parent),
@@ -59,24 +59,24 @@ class Mood extends Controller {
 			}
 		}
 		else {
-	
+
 			$private       = 0;
-	
+
 			$allow_cid     =  $channel['channel_allow_cid'];
 			$allow_gid     =  $channel['channel_allow_gid'];
 			$deny_cid      =  $channel['channel_deny_cid'];
 			$deny_gid      =  $channel['channel_deny_gid'];
 		}
-	
+
 		$poster = App::get_observer();
-	
+
 		$uuid = item_message_id();
 		$mid = z_root() . '/item/' . $uuid;
-	
-		$action = sprintf( t('%1$s is %2$s','mood'), '[zrl=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/zrl]' , $verbs[$verb]); 
-	
+
+		$action = sprintf( t('%1$s is %2$s','mood'), '[zrl=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/zrl]' , $verbs[$verb]);
+
 		$arr = array();
-	
+
 		$arr['aid']           = get_account_id();
 		$arr['uid']           = $uid;
 		$arr['uuid']          = $uuid;
@@ -97,31 +97,31 @@ class Mood extends Controller {
 		$arr['item_unseen']   = 1;
 		if(! $parent_mid)
 			$item['item_thread_top'] = 1;
-	
+
 		if ((! $arr['plink']) && intval($arr['item_thread_top'])) {
 			$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']);
 		}
-	
-	
+
+
 		$post = item_store($arr);
 		$item_id = $post['item_id'];
-	
+
 		if($item_id) {
 			\Zotlabs\Daemon\Master::Summon(array('Notifier','activity', $item_id));
 		}
-	
+
 		call_hooks('post_local_end', $arr);
-	
+
 		if($_SESSION['return_url'])
 			goaway(z_root() . '/' . $_SESSION['return_url']);
-	
+
 		return;
 	}
-	
-	
-	
+
+
+
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
@@ -130,26 +130,24 @@ class Mood extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Mood')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Mood App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Set your current mood and tell your friends');
-			return $o;
+			$papp = Apps::get_papp('Mood');
+			return Apps::app_render($papp, 'module');
 		}

 		nav_set_selected('Mood');

 		$parent = ((x($_GET,'parent')) ? intval($_GET['parent']) : '0');
-	
+
 		$verbs = get_mood_verbs();
-	
+
 		$shortlist = array();
 		foreach($verbs as $k => $v)
 			if($v !== 'NOTRANSLATION')
 				$shortlist[] = array($k,$v);
-	
-	
+
+
 		$tpl = get_markup_template('mood_content.tpl');
-	
+
 		$o = replace_macros($tpl,array(
 			'$title' => t('Mood'),
 			'$desc' => t('Set your current mood and tell your friends'),
@@ -157,9 +155,9 @@ class Mood extends Controller {
 			'$parent' => $parent,
 			'$submit' => t('Submit'),
 		));
-	
+
 		return $o;
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Network.php
+++ b/Zotlabs/Module/Network.php
@@ -22,11 +22,11 @@ class Network extends \Zotlabs\Web\Controller {

 		$search = $_GET['search'] ?? '';

-		if(in_array(substr($search, 0, 1),[ '@', '!', '?']) || strpos($search, 'https://') === 0)
+		if(in_array(substr($search, 0, 1), [ '@', '!', '?']) || strpos($search, 'https://') === 0)
 			goaway(z_root() . '/search?f=&search=' . $search);

 		if(count($_GET) < 2) {
-			$network_options = get_pconfig(local_channel(),'system','network_page_default');
+			$network_options = get_pconfig(local_channel(), 'system', 'network_page_default');
 			if($network_options)
 				goaway(z_root() . '/network?f=&' . $network_options);
 		}
@@ -84,7 +84,7 @@ class Network extends \Zotlabs\Web\Controller {

 		$search = $_GET['search'] ?? '';
 		if($search) {
-			if(strpos($search,'#') === 0) {
+			if(strpos($search, '#') === 0) {
 				$hashtags = substr($search,1);
 				$search = '';
 			}
@@ -114,31 +114,31 @@ class Network extends \Zotlabs\Web\Controller {
 			$def_acl    = array('allow_gid' => '<' . $r[0]['hash'] . '>');
 		}

-		$default_cmin = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmin',0) : (-1));
-		$default_cmax = ((Apps::system_app_installed(local_channel(),'Affinity Tool')) ? get_pconfig(local_channel(),'affinity','cmax',99) : (-1));
+		$default_cmin = ((Apps::system_app_installed(local_channel(), 'Affinity Tool')) ? get_pconfig(local_channel(), 'affinity', 'cmin', 0) : (-1));
+		$default_cmax = ((Apps::system_app_installed(local_channel(), 'Affinity Tool')) ? get_pconfig(local_channel(), 'affinity', 'cmax', 99) : (-1));

-		$cid      = ((x($_GET,'cid'))   ? intval($_GET['cid'])   : 0);
-		$star     = ((x($_GET,'star'))  ? intval($_GET['star'])  : 0);
-		$liked    = ((x($_GET,'liked')) ? intval($_GET['liked']) : 0);
-		$conv     = ((x($_GET,'conv'))  ? intval($_GET['conv'])  : 0);
-		$spam     = ((x($_GET,'spam'))  ? intval($_GET['spam'])  : 0);
-		$cmin     = ((array_key_exists('cmin',$_GET))  ? intval($_GET['cmin'])  : $default_cmin);
-		$cmax     = ((array_key_exists('cmax',$_GET))  ? intval($_GET['cmax'])  : $default_cmax);
-		$file     = ((x($_GET,'file'))  ? $_GET['file']          : '');
-		$xchan    = ((x($_GET,'xchan')) ? $_GET['xchan']         : '');
-		$net      = ((x($_GET,'net'))   ? $_GET['net']           : '');
-		$pf       = ((x($_GET,'pf'))    ? $_GET['pf']            : '');
-		$unseen   = ((x($_GET,'unseen'))    ? $_GET['unseen']            : '');
+		$cid      = ((x($_GET, 'cid'))   ? intval($_GET['cid'])   : 0);
+		$star     = ((x($_GET, 'star'))  ? intval($_GET['star'])  : 0);
+		$liked    = ((x($_GET, 'liked')) ? intval($_GET['liked']) : 0);
+		$conv     = ((x($_GET, 'conv'))  ? intval($_GET['conv'])  : 0);
+		$spam     = ((x($_GET, 'spam'))  ? intval($_GET['spam'])  : 0);
+		$cmin     = ((array_key_exists('cmin', $_GET))  ? intval($_GET['cmin'])  : $default_cmin);
+		$cmax     = ((array_key_exists('cmax', $_GET))  ? intval($_GET['cmax'])  : $default_cmax);
+		$file     = ((x($_GET, 'file'))  ? $_GET['file']          : '');
+		$xchan    = ((x($_GET, 'xchan')) ? $_GET['xchan']         : '');
+		$net      = ((x($_GET, 'net'))   ? $_GET['net']           : '');
+		$pf       = ((x($_GET, 'pf'))    ? $_GET['pf']            : '');
+		$unseen   = ((x($_GET, 'unseen'))    ? $_GET['unseen']            : '');

-		if (Apps::system_app_installed(local_channel(),'Affinity Tool')) {
-			$affinity_locked = intval(get_pconfig(local_channel(),'affinity','lock',1));
+		if (Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
+			$affinity_locked = intval(get_pconfig(local_channel(), 'affinity', 'lock', 1));
 			if ($affinity_locked) {
-				set_pconfig(local_channel(),'affinity','cmin',$cmin);
-				set_pconfig(local_channel(),'affinity','cmax',$cmax);
+				set_pconfig(local_channel(), 'affinity', 'cmin', $cmin);
+				set_pconfig(local_channel(), 'affinity', 'cmax', $cmax);
 			}
 		}

-		if(x($_GET,'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen)
+		if(x($_GET, 'search') || $file || (!$pf && $cid) || $hashtags || $verb || $category || $conv || $unseen)
 			$nouveau = true;

 		$cid_r = [];
@@ -164,8 +164,8 @@ class Network extends \Zotlabs\Web\Controller {

 			// search terms header
 			if($search || $hashtags) {
-				$o .= replace_macros(get_markup_template("section_title.tpl"),array(
-					'$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT,'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8'))
+				$o .= replace_macros(get_markup_template('section_title.tpl'), array(
+					'$title' => t('Search Results For:') . ' ' . (($search) ? htmlspecialchars($search, ENT_COMPAT, 'UTF-8') : '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8'))
 				));
 			}

@@ -193,7 +193,7 @@ class Network extends \Zotlabs\Web\Controller {

 			$x = array(
 				'is_owner'         => true,
-				'allow_location'   => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
+				'allow_location'   => ((intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location'))) ? '1' : ''),
 				'default_location' => $channel['channel_location'],
 				'nickname'         => $channel['channel_address'],
 				'lockstate'        => (($private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
@@ -209,7 +209,7 @@ class Network extends \Zotlabs\Web\Controller {
 				'reset' => t('Reset form')
 			);

-			$status_editor = status_editor($a,$x,false,'Network');
+			$status_editor = status_editor($a, $x, false, 'Network');
 			$o .= $status_editor;

 		}
@@ -221,7 +221,7 @@ class Network extends \Zotlabs\Web\Controller {


 		$sql_options  = (($star)
-			? " and item_starred = 1 "
+			? ' and item_starred = 1 '
 			: '');

 		$sql_nets = '';
@@ -235,7 +235,7 @@ class Network extends \Zotlabs\Web\Controller {
 			$contact_str = '';
 			$contacts = group_get_members($group);
 			if($contacts) {
-				$contact_str = ids_to_querystr($contacts,'xchan',true);
+				$contact_str = ids_to_querystr($contacts, 'xchan', true);
 			}
 			else {
 				$contact_str = " '0' ";
@@ -249,7 +249,7 @@ class Network extends \Zotlabs\Web\Controller {
 			$x = group_rec_byhash(local_channel(), $group_hash);

 			if($x) {
-				$title = replace_macros(get_markup_template("section_title.tpl"),array(
+				$title = replace_macros(get_markup_template('section_title.tpl'), array(
 					'$title' => t('Privacy group: ') . $x['gname']
 				));
 			}
@@ -289,10 +289,10 @@ class Network extends \Zotlabs\Web\Controller {
 					// This is for threaded view cid queries (e.g. if a forum is selected from the forum filter)
 					$ttype = (($pf) ? TERM_FORUM : TERM_MENTION);

-					$p1 = q("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal ");
-					$p2 = q("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'");
+					$p1 = dbq("SELECT DISTINCT parent FROM item WHERE uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' OR owner_xchan = '" . dbesc($cid_r[0]['abook_xchan']) . "' ) $item_normal ");
+					$p2 = dbq("SELECT oid AS parent FROM term WHERE uid = " . intval(local_channel()) . " AND ttype = $ttype AND term = '" . dbesc($cid_r[0]['xchan_name']) . "'");

-					$p_str = ids_to_querystr(array_merge($p1,$p2),'parent');
+					$p_str = ids_to_querystr(array_merge($p1, $p2), 'parent');
 					if(! $p_str)
 						killme();

@@ -300,7 +300,7 @@ class Network extends \Zotlabs\Web\Controller {
 				}
 			}

-			$title = replace_macros(get_markup_template("section_title.tpl"),array(
+			$title = replace_macros(get_markup_template('section_title.tpl'), array(
 				'$title' => '<a href="' . zid($cid_r[0]['xchan_url']) . '" ><img src="' . zid($cid_r[0]['xchan_photo_s'])  . '" alt="' . urlencode($cid_r[0]['xchan_name']) . '" /></a> <a href="' . zid($cid_r[0]['xchan_url']) . '" >' . $cid_r[0]['xchan_name'] . '</a>'
 			));

@@ -314,7 +314,7 @@ class Network extends \Zotlabs\Web\Controller {
 			if($r) {
 				$item_thread_top = '';
 				$sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($xchan) . "' or owner_xchan = '" . dbesc($xchan) . "' ) $item_normal ) ";
-				$title = replace_macros(get_markup_template("section_title.tpl"),array(
+				$title = replace_macros(get_markup_template("section_title.tpl"), array(
 					'$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s'])  . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>'
 				));

@@ -345,13 +345,13 @@ class Network extends \Zotlabs\Web\Controller {
 			$sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
 		}

-		$sql_extra2 = (($nouveau) ? '' : " AND item.parent = item.id ");
+		$sql_extra2 = (($nouveau) ? '' : ' AND item.parent = item.id ');
 		$sql_extra3 = (($nouveau) ? '' : $sql_extra3);

-		if(x($_GET,'search')) {
+		if(x($_GET, 'search')) {
 			$search = escape_tags($_GET['search']);
-			if(strpos($search,'#') === 0) {
-				$sql_extra .= term_query('item',substr($search,1),TERM_HASHTAG,TERM_COMMUNITYTAG);
+			if(strpos($search, '#') === 0) {
+				$sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG, TERM_COMMUNITYTAG);
 			}
 			else {
 				$sql_extra .= sprintf(" AND (item.body like '%s' OR item.title like '%s') ",
@@ -368,8 +368,8 @@ class Network extends \Zotlabs\Web\Controller {
 			// The name 'verb' is a holdover from the earlier XML
 			// ActivityStreams specification.

-			if (substr($verb,0,1) === '.') {
-				$verb = substr($verb,1);
+			if (substr($verb, 0, 1) === '.') {
+				$verb = substr($verb, 1);
 				$sql_extra .= sprintf(" AND item.obj_type like '%s' ",
 					dbesc(protect_sprintf('%' . $verb . '%'))
 				);
@@ -382,12 +382,16 @@ class Network extends \Zotlabs\Web\Controller {
 		}

 		if(strlen($file)) {
-			$sql_extra .= term_query('item',$file,TERM_FILE);
+			$sql_extra .= term_query('item', $file, TERM_FILE);
 		}

 		if ($dm) {
-			$sql_extra .= " AND item_private = 2 ";
+			$sql_extra .= ' AND item_private = 2 ';
 		}
+		else {
+			$sql_extra .= ' AND item_private IN (0, 1) ';
+		}
+

 		if($conv) {
 			$item_thread_top = '';
@@ -401,38 +405,38 @@ class Network extends \Zotlabs\Web\Controller {

 		}
 		else {
-			$itemspage = get_pconfig(local_channel(),'system','itemspage');
+			$itemspage = get_pconfig(local_channel(), 'system', 'itemspage');
 			App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
 			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
 		}

 		// cmin and cmax are both -1 when the affinity tool is disabled

-		if(($cmin != (-1)) || ($cmax != (-1))) {
+		if(($cmin !== (-1)) || ($cmax !== (-1))) {

 			// Not everybody who shows up in the network stream will be in your address book.
 			// By default those that aren't are assumed to have closeness = 99; but this isn't
 			// recorded anywhere. So if cmax is 99, we'll open the search up to anybody in
 			// the stream with a NULL address book entry.

-			$sql_nets .= " AND ";
+			$sql_nets .= ' AND ';

-			if($cmax == 99)
-				$sql_nets .= " ( ";
+			if($cmax === 99)
+				$sql_nets .= ' ( ';

-			$sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " ";
-			$sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) ";
+			$sql_nets .= '( abook.abook_closeness >= ' . intval($cmin) . ' ';
+			$sql_nets .= ' AND abook.abook_closeness <= ' . intval($cmax) . ' ) ';

-			if($cmax == 99)
-				$sql_nets .= " OR abook.abook_closeness IS NULL ) ";
+			if($cmax === 99)
+				$sql_nets .= ' OR abook.abook_closeness IS NULL ) ';

 		}

-		$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : '');
+		$net_query = (($net) ? ' left join xchan on xchan_hash = author_xchan ' : '');
 		$net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : '');

-		$abook_uids = " and abook.abook_channel = " . local_channel() . " ";
-		$uids = " and item.uid = " . local_channel() . " ";
+		$abook_uids = ' and abook.abook_channel = ' . local_channel() . ' ';
+		$uids = ' and item.uid = ' . local_channel() . ' ';

 		if(feature_enabled(local_channel(), 'network_list_mode'))
 			$page_mode = 'list';
@@ -461,7 +465,7 @@ class Network extends \Zotlabs\Web\Controller {

 		if($nouveau && $load) {
 			// "New Item View" - show all items unthreaded in reverse created date order
-			$items = q("SELECT item.*, item.id AS item_id, created FROM item
+			$items = dbq("SELECT item.*, item.id AS item_id, created FROM item
 				left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
 				$net_query
 				WHERE true $uids $item_normal
@@ -471,26 +475,26 @@ class Network extends \Zotlabs\Web\Controller {
 				ORDER BY item.created DESC $pager_sql "
 			);

-			$parents_str = ids_to_querystr($items,'item_id');
+			$parents_str = ids_to_querystr($items, 'item_id');

 			require_once('include/items.php');

 			xchan_query($items);

-			$items = fetch_post_tags($items,true);
+			$items = fetch_post_tags($items, true);
 		}
 		elseif($update) {

 			// Normal conversation view

 			if($order === 'post')
-				$ordering = "created";
+				$ordering = 'created';
 			else
-				$ordering = "commented";
+				$ordering = 'commented';

 			if($load) {
 				// Fetch a page full of parent items for this page
-				$r = q("SELECT item.parent AS item_id FROM item
+				$r = dbq("SELECT item.parent AS item_id FROM item
 					left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
 					$net_query
 					WHERE true $uids $item_thread_top $item_normal
@@ -504,31 +508,28 @@ class Network extends \Zotlabs\Web\Controller {
 			else {

 				// this is an update
-				$r = q("SELECT item.parent AS item_id FROM item
+				$r = dbq("SELECT item.parent AS item_id FROM item
 					left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
 					$net_query
 					WHERE true $uids $item_normal_update $simple_update
 					and (abook.abook_blocked = 0 or abook.abook_flags is null)
-					$sql_extra3 $sql_extra $sql_options $sql_nets $net_query2"
+					$sql_extra3 $sql_extra $sql_options $sql_nets $net_query2 "
 				);
 			}

 			// Then fetch all the children of the parents that are on this page

 			if($r) {
-
-				$parents_str = ids_to_querystr($r,'item_id');
-
-				$items = q("SELECT item.*, item.id AS item_id FROM item
+				$parents_str = ids_to_querystr($r, 'item_id');
+				$items = dbq("SELECT item.*, item.id AS item_id FROM item
 					WHERE true $uids $item_normal
-					AND item.parent IN ( %s )
-					$sql_extra ",
-					dbesc($parents_str)
+					AND item.parent IN ( $parents_str )
+					$sql_extra "
 				);

-				xchan_query($items,true);
-				$items = fetch_post_tags($items,true);
-				$items = conv_sort($items,$ordering);
+				xchan_query($items, true);
+				$items = fetch_post_tags($items, true);
+				$items = conv_sort($items, $ordering);
 			}
 			else {
 				$items = array();
@@ -546,7 +547,7 @@ class Network extends \Zotlabs\Web\Controller {
 			// We only launch liveUpdate if you aren't filtering in some incompatible
 			// way and also you aren't writing a comment (discovered in javascript).

-			$maxheight = get_pconfig(local_channel(),'system','network_divmore_height');
+			$maxheight = get_pconfig(local_channel(), 'system', 'network_divmore_height');
 			if(! $maxheight)
 				$maxheight = 400;

@@ -591,7 +592,7 @@ class Network extends \Zotlabs\Web\Controller {
 			));
 		}

-		$o .= conversation($items,$mode,$update,$page_mode);
+		$o .= conversation($items, $mode, $update, $page_mode);

 		if(($items) && (! $update))
 			$o .= alt_pager(count($items));
--- a/Zotlabs/Module/Notes.php
+++ b/Zotlabs/Module/Notes.php
@@ -38,7 +38,6 @@ class Notes extends Controller {
 		// push updates to channel clones

 		if((argc() > 1) && (argv(1) === 'sync')) {
-			require_once('include/zot.php');
 			Libsync::build_sync_packet();
 		}

@@ -52,11 +51,9 @@ class Notes extends Controller {

 		if(! Apps::system_app_installed(local_channel(), 'Notes')) {
 			//Do not display any associated widgets at this point
-			App::$pdl = EMPTY_STR;
-
-			$o = '<b>' . t('Notes App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('A simple notes app with a widget (note: notes are not encrypted)');
-			return $o;
+			App::$pdl = '';
+			$papp = Apps::get_papp('Notes');
+			return Apps::app_render($papp, 'module');
 		}

 		$w = new \Zotlabs\Widget\Notes;
--- a/Zotlabs/Module/Notifications.php
+++ b/Zotlabs/Module/Notifications.php
@@ -8,10 +8,58 @@ class Notifications extends \Zotlabs\Web\Controller {
 	function get() {

 		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
 			return;
 		}

+		// ajax mark all unseen items read
+		if(x($_REQUEST, 'markRead')) {
+			switch($_REQUEST['markRead']) {
+				case 'dm':
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_private = 2",
+						intval(local_channel())
+					);
+					break;
+				case 'network':
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_private IN (0, 1)",
+						intval(local_channel())
+					);
+					break;
+				case 'home':
+					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_wall = 1 AND item_private IN (0, 1)",
+						intval(local_channel())
+					);
+					break;
+				case 'all_events':
+					$evdays = intval(get_pconfig(local_channel(), 'system', 'evdays', 3));
+					$r = q("UPDATE event SET dismissed = 1 WHERE uid = %d AND dismissed = 0 AND dtstart < '%s' AND dtstart > '%s' ",
+						intval(local_channel()),
+						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
+						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
+					);
+					break;
+				case 'notify':
+					$r = q("UPDATE notify SET seen = 1 WHERE seen = 0 AND uid = %d",
+						intval(local_channel())
+					);
+					break;
+				case 'pubs':
+					unset($_SESSION['static_loadtime']);
+					break;
+				default:
+					break;
+			}
+			killme();
+		}
+
+		// ajax mark all comments of a parent item read
+		if(x($_REQUEST, 'markItemRead') && local_channel()) {
+			$r = q("UPDATE item SET item_unseen = 0 WHERE  uid = %d AND parent = %d",
+				intval(local_channel()),
+				intval($_REQUEST['markItemRead'])
+			);
+			killme();
+		}
+
 		nav_set_selected('Notifications');

 		$o = '';
--- a/Zotlabs/Module/Notify.php
+++ b/Zotlabs/Module/Notify.php
@@ -8,7 +8,15 @@ class Notify extends \Zotlabs\Web\Controller {
 	function init() {
 		if(! local_channel())
 			return;
-	
+
+		if($_REQUEST['notify_id']) {
+			q("update notify set seen = 1 where id = %d and uid = %d",
+				intval($_REQUEST['notify_id']),
+				intval(local_channel())
+			);
+			killme();
+		}
+
 		if(argc() > 2 && argv(1) === 'view' && intval(argv(2))) {
 			$r = q("select * from notify where id = %d and uid = %d limit 1",
 				intval(argv(2)),
@@ -29,24 +37,24 @@ class Notify extends \Zotlabs\Web\Controller {
 			}
 			goaway(z_root());
 		}
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
 		if(! local_channel())
 			return login();
-	
+
 		$notif_tpl = get_markup_template('notifications.tpl');
-			
+
 		$not_tpl = get_markup_template('notify.tpl');
 		require_once('include/bbcode.php');
-	
+
 		$r = q("SELECT * from notify where uid = %d and seen = 0 order by created desc",
 			intval(local_channel())
 		);
-			
+
 		if($r) {
 			foreach ($r as $it) {
 				$notif_content .= replace_macros($not_tpl,array(
@@ -56,18 +64,18 @@ class Notify extends \Zotlabs\Web\Controller {
 					'$item_when' => relative_date($it['created'])
 				));
 			}
-		} 
+		}
 		else {
 			$notif_content .= t('No more system notifications.');
 		}
-			
+
 		$o .= replace_macros($notif_tpl,array(
 			'$notif_header' => t('System Notifications'),
 			'$tabs' => '', // $tabs,
 			'$notif_content' => $notif_content,
 		));
-	
+
 		return $o;
-	
+
 	}
 }
--- a/Zotlabs/Module/Oauth.php
+++ b/Zotlabs/Module/Oauth.php
@@ -17,22 +17,22 @@ class Oauth extends Controller {

 		if(! Apps::system_app_installed(local_channel(), 'OAuth Apps Manager'))
 			return;
-	
+
 		if(x($_POST,'remove')){
 			check_form_security_token_redirectOnErr('/oauth', 'oauth');
-			
+
 			$key = $_POST['remove'];
 			q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
 				dbesc($key),
 				local_channel());
 			goaway(z_root()."/oauth");
-			return;			
+			return;
 		}
-	
+
 		if((argc() > 1) && (argv(1) === 'edit' || argv(1) === 'add') && x($_POST,'submit')) {
-			
+
 			check_form_security_token_redirectOnErr('oauth', 'oauth');
-			
+
 			$name   	= ((x($_POST,'name')) ? escape_tags($_POST['name']) : '');
 			$key		= ((x($_POST,'key')) ? escape_tags($_POST['key']) : '');
 			$secret		= ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : '');
@@ -48,7 +48,7 @@ class Oauth extends Controller {
 				$ok = false;
 				notice( t('Key and Secret are required') . EOL);
 			}
-		
+
 			if($ok) {
 				if ($_POST['submit']==t("Update")){
 					$r = q("UPDATE clients SET
@@ -96,13 +96,11 @@ class Oauth extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'OAuth Apps Manager')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('OAuth Apps Manager App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('OAuth authentication tokens for mobile and remote apps');
-			return $o;
+			$papp = Apps::get_papp('OAuth Apps Manager');
+			return Apps::app_render($papp, 'module');
 		}

-			
+
 		if((argc() > 1) && (argv(1) === 'add')) {
 			$tpl = get_markup_template("oauth_edit.tpl");
 			$o .= replace_macros($tpl, array(
@@ -118,18 +116,18 @@ class Oauth extends Controller {
 			));
 			return $o;
 		}
-			
+
 		if((argc() > 2) && (argv(1) === 'edit')) {
 			$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d",
 					dbesc(argv(2)),
 					local_channel());
-			
+
 			if (!count($r)){
 				notice(t('Application not found.'));
 				return;
 			}
 			$app = $r[0];
-				
+
 			$tpl = get_markup_template("oauth_edit.tpl");
 			$o .= replace_macros($tpl, array(
 				'$form_security_token' => get_form_security_token("oauth"),
@@ -144,26 +142,26 @@ class Oauth extends Controller {
 			));
 			return $o;
 		}
-			
+
 		if((argc() > 2) && (argv(1) === 'delete')) {
 			check_form_security_token_redirectOnErr('/oauth', 'oauth', 't');
-			
+
 			$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
 					dbesc(argv(2)),
 					local_channel());
 			goaway(z_root()."/oauth");
-			return;			
+			return;
 		}
-			
-			
-		$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my 
+
+
+		$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my
 				FROM clients
 				LEFT JOIN tokens ON clients.client_id=tokens.client_id
 				WHERE clients.uid IN (%d,0)",
 				local_channel(),
 				local_channel());
-		
-			
+
+
 		$tpl = get_markup_template("oauth.tpl");
 		$o .= replace_macros($tpl, array(
 			'$form_security_token' => get_form_security_token("oauth"),
@@ -178,7 +176,7 @@ class Oauth extends Controller {
 			'$apps'		=> $r,
 		));
 		return $o;
-			
+
 	}

 }
--- a/Zotlabs/Module/Oauth2.php
+++ b/Zotlabs/Module/Oauth2.php
@@ -16,11 +16,11 @@ class Oauth2 extends Controller {

 		if(! Apps::system_app_installed(local_channel(), 'OAuth2 Apps Manager'))
 			return;
-	
+
 		if(x($_POST,'remove')){
 			check_form_security_token_redirectOnErr('oauth2', 'oauth2');
 			$name   	= ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
-		logger("REMOVE! ".$name." uid: ".local_channel());	
+		logger("REMOVE! ".$name." uid: ".local_channel());
 			$key = $_POST['remove'];
 			q("DELETE FROM oauth_authorization_codes WHERE client_id='%s' AND user_id=%d",
 				dbesc($name),
@@ -35,13 +35,13 @@ class Oauth2 extends Controller {
 				intval(local_channel())
 			);
 			goaway(z_root()."/oauth2");
-			return;			
+			return;
 		}
-	
+
 		if((argc() > 1) && (argv(1) === 'edit' || argv(1) === 'add') && x($_POST,'submit')) {
-			
+
 			check_form_security_token_redirectOnErr('oauth2', 'oauth2');
-			
+
 			$name   	= ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
 			$secret		= ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
 			$redirect	= ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
@@ -53,7 +53,7 @@ class Oauth2 extends Controller {
 				$ok = false;
 				notice( t('Name and Secret are required') . EOL);
 			}
-		
+
 			if($ok) {
 				if ($_POST['submit']==t("Update")){
 					$r = q("UPDATE oauth_clients SET
@@ -61,7 +61,7 @@ class Oauth2 extends Controller {
 								client_secret = '%s',
 								redirect_uri = '%s',
 								grant_types = '%s',
-								scope = '%s', 
+								scope = '%s',
 								user_id = %d
 							WHERE client_id='%s' and user_id = %s",
 							dbesc($name),
@@ -102,12 +102,10 @@ class Oauth2 extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'OAuth2 Apps Manager')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('OAuth2 Apps Manager App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('OAuth2 authenticatication tokens for mobile and remote apps');
-			return $o;
+			$papp = Apps::get_papp('OAuth2 Apps Manager');
+			return Apps::app_render($papp, 'module');
 		}
-			
+
 		if((argc() > 1) && (argv(1) === 'add')) {
 			$tpl = get_markup_template("oauth2_edit.tpl");
 			$o .= replace_macros($tpl, array(
@@ -123,20 +121,20 @@ class Oauth2 extends Controller {
 			));
 			return $o;
 		}
-			
+
 		if((argc() > 2) && (argv(1) === 'edit')) {
 			$r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d",
 					dbesc(argv(2)),
 					intval(local_channel())
 			);
-			
+
 			if (! $r){
 				notice(t('OAuth2 Application not found.'));
 				return;
 			}

 			$app = $r[0];
-				
+
 			$tpl = get_markup_template("oauth2_edit.tpl");
 			$o .= replace_macros($tpl, array(
 				'$form_security_token' => get_form_security_token("oauth2"),
@@ -151,10 +149,10 @@ class Oauth2 extends Controller {
 			));
 			return $o;
 		}
-			
+
 		if((argc() > 2) && (argv(1) === 'delete')) {
 			check_form_security_token_redirectOnErr('oauth2', 'oauth2', 't');
-			
+
 			$r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d",
 					dbesc(argv(2)),
 					intval(local_channel())
@@ -172,11 +170,11 @@ class Oauth2 extends Controller {
 					intval(local_channel())
 			);
 			goaway(z_root()."/oauth2");
-			return;			
+			return;
 		}
-			

-		$r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my 
+
+		$r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my
 				FROM oauth_clients
 				LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id AND
                                                                 oauth_clients.user_id=oauth_access_tokens.user_id
@@ -184,7 +182,7 @@ class Oauth2 extends Controller {
 				intval(local_channel()),
 				intval(local_channel())
 		);
-			
+
 		$tpl = get_markup_template("oauth2.tpl");
 		$o .= replace_macros($tpl, array(
 			'$form_security_token' => get_form_security_token("oauth2"),
@@ -199,7 +197,7 @@ class Oauth2 extends Controller {
 			'$apps'		=> $r,
 		));
 		return $o;
-			
+
 	}

 }
--- a/Zotlabs/Module/Oep.php
+++ b/Zotlabs/Module/Oep.php
@@ -77,8 +77,11 @@ class Oep extends \Zotlabs\Web\Controller {
 			$res = $matches[2];
 		}

-		if(strpos($res,'b64.') === 0) {
-			$res = base64url_decode(substr($res,4));
+		$res = unpack_link_id($res);
+
+		if ($res === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
 		}

 		$item_normal = item_normal();
@@ -122,12 +125,12 @@ class Oep extends \Zotlabs\Web\Controller {


 		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
-            "' profile='".$p[0]['author']['xchan_url'] .
-            "' avatar='".$p[0]['author']['xchan_photo_s'].
-            "' link='".$p[0]['plink'].
-		"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
-            "' posted='".$p[0]['created'].
-            "' message_id='".$p[0]['mid']."']";
+			"' profile='".$p[0]['author']['xchan_url'] .
+			"' avatar='".$p[0]['author']['xchan_photo_s'].
+			"' link='".$p[0]['plink'].
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
+			"' posted='".$p[0]['created'].
+			"' message_id='".$p[0]['mid']."']";
 	    if($p[0]['title'])
            $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";

@@ -210,13 +213,13 @@ class Oep extends \Zotlabs\Web\Controller {


 		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
-            "' profile='".$p[0]['author']['xchan_url'] .
-            "' avatar='".$p[0]['author']['xchan_photo_s'].
-            "' link='".$p[0]['plink'].
-			"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
-            "' posted='".$p[0]['created'].
-            "' message_id='".$p[0]['mid']."']";
-	    if($p[0]['title'])
+			"' profile='".$p[0]['author']['xchan_url'] .
+			"' avatar='".$p[0]['author']['xchan_photo_s'].
+			"' link='".$p[0]['plink'].
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
+			"' posted='".$p[0]['created'].
+			"' message_id='".$p[0]['mid']."']";
+		if($p[0]['title'])
            $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";

 		$o .= $x;
@@ -296,14 +299,14 @@ class Oep extends \Zotlabs\Web\Controller {


 		$o = "[share author='".urlencode($p[0]['author']['xchan_name']).
-            "' profile='".$p[0]['author']['xchan_url'] .
-            "' avatar='".$p[0]['author']['xchan_photo_s'].
-            "' link='".$p[0]['plink'].
-			"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
-            "' posted='".$p[0]['created'].
-            "' message_id='".$p[0]['mid']."']";
-	    if($p[0]['title'])
-            $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";
+			"' profile='".$p[0]['author']['xchan_url'] .
+			"' avatar='".$p[0]['author']['xchan_photo_s'].
+			"' link='".$p[0]['plink'].
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
+			"' posted='".$p[0]['created'].
+			"' message_id='".$p[0]['mid']."']";
+		if($p[0]['title'])
+			$o .= '[b]'.$p[0]['title'].'[/b]'."\r\n";

 		$o .= $x;
 		$o .= "[/share]";
@@ -374,7 +377,7 @@ class Oep extends \Zotlabs\Web\Controller {
 			"' profile='".$p[0]['author']['xchan_url'] .
 			"' avatar='".$p[0]['author']['xchan_photo_s'].
 			"' link='".$p[0]['plink'].
-			"' auth='".((in_array($p[0]['author']['xchan_network'], ['zot6','zot'])) ? 'true' : 'false') .
+			"' auth='".(($p[0]['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
 			"' posted='".$p[0]['created'].
 			"' message_id='".$p[0]['mid']."']";
 		if($p[0]['title'])
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -32,14 +32,14 @@ class Owa extends Controller {
 				$keyId = $sigblock['keyId'];
 				if ($keyId) {
 					$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
-						WHERE hubloc_id_url = '%s'",
+						WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ",
 						dbesc($keyId)
 					);
 					if (! $r) {
 						$found = discover_by_webbie(str_replace('acct:','',$keyId));
 						if ($found) {
 							$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
-								WHERE hubloc_id_url = '%s'",
+								WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ",
 								dbesc($keyId)
 							);
 						}
--- a/Zotlabs/Module/Pdledit.php
+++ b/Zotlabs/Module/Pdledit.php
@@ -27,10 +27,10 @@ class Pdledit extends Controller {
 		info( t('Layout updated.') . EOL);
 		goaway(z_root() . '/pdledit/' . $_REQUEST['module']);
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
@@ -39,10 +39,8 @@ class Pdledit extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'PDL Editor')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('PDL Editor App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Provides the ability to edit system page layouts');
-			return $o;
+			$papp = Apps::get_papp('PDL Editor');
+			return Apps::app_render($papp, 'module');
 		}

 		if(argc() > 2 && argv(2) === 'reset') {
@@ -68,7 +66,7 @@ class Pdledit extends Controller {
 					$edited[] = substr(str_replace('.pdl','',$rv['k']),4);
 				}
 			}
-			
+
 			$files = glob('Zotlabs/Module/*.php');
 			if($files) {
 				foreach($files as $f) {
@@ -81,21 +79,21 @@ class Pdledit extends Controller {
 			}

 			$o .= '</div>';
-			
+
 			// list module pdl files
 			return $o;
 		}
-	
+
 		$t = get_pconfig(local_channel(),'system',$module);
 		$s = file_get_contents(theme_include($module));
 		if(! $t) {
 			$t = $s;
-		}	
+		}
 		if(! $t) {
 			notice( t('Layout not found.') . EOL);
 			return '';
 		}
-	
+
 		$o = replace_macros(get_markup_template('pdledit.tpl'),array(
 			'$header' => t('Edit System Page Description'),
 			'$mname' => t('Module Name:'),
@@ -107,8 +105,8 @@ class Pdledit extends Controller {
 			'$content' => htmlspecialchars($t,ENT_COMPAT,'UTF-8'),
 			'$submit' => t('Submit')
 		));
-	    
+
 		return $o;
 	}
-	
+
 }
--- a/Zotlabs/Module/Permcats.php
+++ b/Zotlabs/Module/Permcats.php
@@ -40,16 +40,16 @@ class Permcats extends Controller {
 				}
 			}
 		}
-		
+
 		\Zotlabs\Lib\Permcat::update(local_channel(),$name,$pcarr);

 		Libsync::build_sync_packet();

 		info( t('Permission category saved.') . EOL);
-		
+
 		return;
 	}
-	
+

 	function get() {

@@ -59,16 +59,14 @@ class Permcats extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Permission Categories')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Permission Categories App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Create custom connection permission limits');
-			return $o;
+			$papp = Apps::get_papp('Permission Categories');
+			return Apps::app_render($papp, 'module');
 		}

 		$channel = App::get_channel();

-		if(argc() > 1) 
-			$name = hex2bin(argv(1));			
+		if(argc() > 1)
+			$name = hex2bin(argv(1));

 		if(argc() > 2 && argv(2) === 'drop') {
 			\Zotlabs\Lib\Permcat::delete(local_channel(),$name);
@@ -130,5 +128,5 @@ class Permcats extends Controller {
 		));
 		return $o;
 	}
-	
+
 }
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -876,7 +876,7 @@ class Photos extends \Zotlabs\Web\Controller {
 			$prevlink = '';
 			$nextlink = '';

-			if($_GET['order'] === 'posted')
+			if(isset($_GET['order']) && $_GET['order'] === 'posted')
 				$order = 'ASC';
 			else
 				$order = 'DESC';
@@ -901,8 +901,8 @@ class Photos extends \Zotlabs\Web\Controller {
 					}
 				}

-				$prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
-				$nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
+				$prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : '');
+				$nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($order == 'ASC') ? '?f=&order=posted' : '');
 	 		}


@@ -987,7 +987,7 @@ class Photos extends \Zotlabs\Web\Controller {
 				}

 				$tags = array();
-				if($link_item['term']) {
+				if(x($link_item, 'term')) {
 					$cnt = 0;
 					foreach($link_item['term'] as $t) {
 						$tags[$cnt] = array(0 => format_term_for_display($t));
@@ -1178,10 +1178,8 @@ class Photos extends \Zotlabs\Web\Controller {
 						if($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan'])
 							$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));

-
 						$name_e = $profile_name;
 						$title_e = $item['title'];
-						unobscure($item);
 						$body_e = prepare_text($item['body'],$item['mimetype']);

 						$comments .= replace_macros($template,array(
--- a/Zotlabs/Module/Pin.php
+++ b/Zotlabs/Module/Pin.php
@@ -37,7 +37,7 @@ class Pin extends \Zotlabs\Web\Controller {
 			http_status_exit(404, 'Not found');
 		}

-		$midb64 = 'b64.' . base64url_encode($r[0]['mid']);
+		$midb64 = gen_link_id($r[0]['mid']);
 		$pinned = (in_array($midb64, get_pconfig($r[0]['uid'], 'pinned', $r[0]['item_type'], [])) ? true : false);

 		switch(argv(1)) {
--- a/Zotlabs/Module/Ping.php
+++ b/Zotlabs/Module/Ping.php
@@ -1,707 +0,0 @@
-<?php
-
-namespace Zotlabs\Module;
-
-use Zotlabs\Lib\Apps;
-
-require_once('include/bbcode.php');
-
-/**
- * @brief Ping Controller.
- *
- */
-class Ping extends \Zotlabs\Web\Controller {
-
-	/**
-	 * @brief do several updates when pinged.
-	 *
-	 * This function does several tasks. Whenever called it checks for new messages,
-	 * introductions, notifications, etc. and returns a json with the results.
-	 *
-	 * @result JSON
-	 */
-	function init() {
-
-		$result = array();
-		$notifs = array();
-
-		$result['notify'] = 0;
-		$result['home'] = 0;
-		$result['network'] = 0;
-		$result['intros'] = 0;
-		$result['mail'] = 0;
-		$result['register'] = 0;
-		$result['events'] = 0;
-		$result['events_today'] = 0;
-		$result['birthdays'] = 0;
-		$result['birthdays_today'] = 0;
-		$result['all_events'] = 0;
-		$result['all_events_today'] = 0;
-		$result['notice'] = [];
-		$result['info'] = [];
-		$result['pubs'] = 0;
-		$result['files'] = 0;
-		$result['forums'] = 0;
-		$result['forums_sub'] = [];
-
-		if(! $_SESSION['static_loadtime'])
-			$_SESSION['static_loadtime'] = datetime_convert();
-
-		$t0 = dba_timer();
-
-		header("content-type: application/json");
-
-		$vnotify = false;
-
-		$item_normal = item_normal();
-
-		if(local_channel()) {
-			$vnotify = get_pconfig(local_channel(),'system','vnotify');
-			$evdays = intval(get_pconfig(local_channel(),'system','evdays'));
-			$ob_hash = get_observer_hash();
-		}
-
-		// if unset show all visual notification types
-		if($vnotify === false)
-			$vnotify = (-1);
-		if($evdays < 1)
-			$evdays = 3;
-
-		/**
-		 * If you have several windows open to this site and switch to a different channel
-		 * in one of them, the others may get into a confused state showing you a page or options
-		 * on that page which were only valid under the old identity. You session has changed.
-		 * Therefore we send a notification of this fact back to the browser where it is picked up
-		 * in javascript and which reloads the page it is on so that it is valid under the context
-		 * of the now current channel.
-		 */
-
-		$result['invalid'] = ((intval($_GET['uid'])) && (intval($_GET['uid']) != local_channel()) ? 1 : 0);
-
-		/**
-		 * Send all system messages (alerts) to the browser.
-		 * Some are marked as informational and some represent
-		 * errors or serious notifications. These typically
-		 * will popup on the current page (no matter what page it is)
-		 */
-
-		if(x($_SESSION, 'sysmsg')){
-			foreach ($_SESSION['sysmsg'] as $m){
-				$result['notice'][] = array('message' => $m);
-			}
-			unset($_SESSION['sysmsg']);
-		}
-		if(x($_SESSION, 'sysmsg_info')){
-			foreach ($_SESSION['sysmsg_info'] as $m){
-				$result['info'][] = array('message' => $m);
-			}
-			unset($_SESSION['sysmsg_info']);
-		}
-		if(! ($vnotify & VNOTIFY_INFO))
-			$result['info'] = array();
-		if(! ($vnotify & VNOTIFY_ALERT))
-			$result['notice'] = array();
-
-		if(\App::$install) {
-			echo json_encode($result);
-			killme();
-		}
-
-		/**
-		 * Update chat presence indication (if applicable)
-		 */
-
-		if(get_observer_hash() && (! $result['invalid'])) {
-			$r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1",
-				dbesc(get_observer_hash()),
-				dbesc($_SERVER['REMOTE_ADDR'])
-			);
-			$basic_presence = false;
-			if($r) {
-				$basic_presence = true;
-				q("update chatpresence set cp_last = '%s' where cp_id = %d",
-					dbesc(datetime_convert()),
-					intval($r[0]['cp_id'])
-				);
-			}
-			if(! $basic_presence) {
-				q("insert into chatpresence ( cp_xchan, cp_last, cp_status, cp_client)
-					values( '%s', '%s', '%s', '%s' ) ",
-					dbesc(get_observer_hash()),
-					dbesc(datetime_convert()),
-					dbesc('online'),
-					dbesc($_SERVER['REMOTE_ADDR'])
-				);
-			}
-		}
-
-		/**
-		 * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page
-		 * and shouldn't count as online anymore. We allow an expection for bots.
-		 */
-
-		q("delete from chatpresence where cp_last < %s - INTERVAL %s and cp_client != 'auto' ",
-			db_utcnow(), db_quoteinterval('3 MINUTE')
-		);
-
-
-		$sql_extra = '';
-		if(! ($vnotify & VNOTIFY_LIKE))
-			$sql_extra = " AND verb NOT IN ('" . dbesc(ACTIVITY_LIKE) . "', '" . dbesc(ACTIVITY_DISLIKE) . "') ";
-
-		if(local_channel()) {
-			$notify_pubs = ($vnotify & VNOTIFY_PUBS) && can_view_public_stream() && Apps::system_app_installed(local_channel(), 'Public Stream');
-		}
-		else {
-			$notify_pubs = can_view_public_stream();
-		}
-
-		if($notify_pubs) {
-			$sys = get_sys_channel();
-
-			$pubs = q("SELECT count(id) as total from item
-				WHERE uid = %d
-				AND item_unseen = 1
-				AND author_xchan != '%s'
-				AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
-				$item_normal
-				$sql_extra",
-				intval($sys['channel_id']),
-				dbesc(get_observer_hash())
-			);
-
-			if($pubs)
-				$result['pubs'] = intval($pubs[0]['total']);
-		}
-
-
-
-		if((argc() > 1) && (argv(1) === 'pubs') && ($notify_pubs)) {
-			$sys = get_sys_channel();
-			$result = array();
-
-			$r = q("SELECT * FROM item
-				WHERE uid = %d
-				AND item_unseen = 1
-				AND author_xchan != '%s'
-				AND created > '" . datetime_convert('UTC','UTC',$_SESSION['static_loadtime']) . "'
-				$item_normal
-				$sql_extra
-				ORDER BY created DESC
-				LIMIT 300",
-				intval($sys['channel_id']),
-				dbesc(get_observer_hash())
-			);
-
-			if($r) {
-				xchan_query($r);
-				foreach($r as $rr) {
-					$rr['llink'] = str_replace('display/', 'pubstream/?f=&mid=', $rr['llink']);
-					$result[] = \Zotlabs\Lib\Enotify::format($rr);
-				}
-			}
-
-//			logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		$t1 = dba_timer();
-
-		if((! local_channel()) || ($result['invalid'])) {
-			echo json_encode($result);
-			killme();
-		}
-
-		/**
-		 * Everything following is only permitted under the context of a locally authenticated site member.
-		 */
-
-		/**
-		 * Handle "mark all xyz notifications read" requests.
-		 */
-
-		// mark all items read
-		if(x($_REQUEST, 'markRead') && local_channel()) {
-			switch($_REQUEST['markRead']) {
-				case 'network':
-					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1",
-						intval(local_channel())
-					);
-					break;
-				case 'home':
-					$r = q("UPDATE item SET item_unseen = 0 WHERE uid = %d AND item_unseen = 1 AND item_wall = 1",
-						intval(local_channel())
-					);
-					break;
-				case 'mail':
-					$r = q("UPDATE mail SET mail_seen = 1 WHERE channel_id = %d AND mail_seen = 0",
-						intval(local_channel())
-					);
-					break;
-				case 'all_events':
-					$r = q("UPDATE event SET dismissed = 1 WHERE uid = %d AND dismissed = 0 AND dtstart < '%s' AND dtstart > '%s' ",
-						intval(local_channel()),
-						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
-						dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
-					);
-					break;
-				case 'notify':
-					$r = q("update notify set seen = 1 where uid = %d",
-						intval(local_channel())
-					);
-					break;
-				case 'pubs':
-					unset($_SESSION['static_loadtime']);
-					break;
-				default:
-					break;
-			}
-		}
-
-		if(x($_REQUEST, 'markItemRead') && local_channel()) {
-			$r = q("UPDATE item SET item_unseen = 0 WHERE  uid = %d AND parent = %d",
-				intval(local_channel()),
-				intval($_REQUEST['markItemRead'])
-			);
-		}
-
-		/**
-		 * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification
-		 * dropdown menu.
-		 */
-		if(argc() > 1 && argv(1) === 'notify') {
-			$t = q("SELECT * FROM notify WHERE uid = %d AND seen = 0 ORDER BY CREATED DESC",
-				intval(local_channel())
-			);
-
-			if($t) {
-				foreach($t as $tt) {
-					$message = trim(strip_tags(bbcode($tt['msg'])));
-
-					if(strpos($message, $tt['xname']) === 0)
-						$message = substr($message, strlen($tt['xname']) + 1);
-
-					$mid = basename($tt['link']);
-					$mid = ((strpos($mid, 'b64.') === 0) ? @base64url_decode(substr($mid, 4)) : $mid);
-
-					if(in_array($tt['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
-						// we need the thread parent
-						$r = q("select thr_parent from item where mid = '%s' and uid = %d limit 1",
-							dbesc($mid),
-							intval(local_channel())
-						);
-						$b64mid = ((strpos($r[0]['thr_parent'], 'b64.') === 0) ? $r[0]['thr_parent'] : 'b64.' . base64url_encode($r[0]['thr_parent']));
-					}
-					else {
-						$b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid));
-					}
-
-					$notifs[] = array(
-						'notify_link' => z_root() . '/notify/view/' . $tt['id'],
-						'name' => $tt['xname'],
-						'url' => $tt['url'],
-						'photo' => $tt['photo'],
-						'when' => relative_date($tt['created']),
-						'hclass' => (($tt['seen']) ? 'notify-seen' : 'notify-unseen'),
-						'b64mid' => (($tt['otype'] == 'item') ? $b64mid : 'undefined'),
-						'notify_id' => (($tt['otype'] == 'item') ? $tt['id'] : 'undefined'),
-						'message' => $message
-					);
-				}
-			}
-
-			echo json_encode(array('notify' => $notifs));
-			killme();
-		}
-
-		if(argc() > 1 && argv(1) === 'mail') {
-			$channel = \App::get_channel();
-			$t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan
-				where channel_id = %d and mail_seen = 0 and mail_deleted = 0
-				and from_xchan != '%s' order by created desc limit 50",
-				intval(local_channel()),
-				dbesc($channel['channel_hash'])
-			);
-
-			if($t) {
-				foreach($t as $zz) {
-					$notifs[] = array(
-						'notify_link' => z_root() . '/mail/' . $zz['id'],
-						'name' => $zz['xchan_name'],
-						'addr' => $zz['xchan_addr'],
-						'url' => $zz['xchan_url'],
-						'photo' => $zz['xchan_photo_s'],
-						'when' => relative_date($zz['created']),
-						'hclass' => (intval($zz['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
-						'message' => t('sent you a private message'),
-					);
-				}
-			}
-
-			echo json_encode(array('notify' => $notifs));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) {
-			$result = array();
-
-			if(argv(1) === 'home') {
-				$sql_extra .= ' and item_wall = 1 ';
-			}
-
-			$r = q("SELECT * FROM item 
-				WHERE uid = %d
-				AND item_unseen = 1
-				AND author_xchan != '%s'
-				$item_normal
-				$sql_extra
-				ORDER BY created DESC
-				LIMIT 300",
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-
-			if($r) {
-				xchan_query($r);
-				foreach($r as $item) {
-					$result[] = \Zotlabs\Lib\Enotify::format($item);
-				}
-			}
-//			logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'intros')) {
-			$result = array();
-
-			$r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ORDER BY abook_created DESC LIMIT 50",
-				intval(local_channel())
-			);
-
-			if($r) {
-				foreach($r as $rr) {
-					$result[] = array(
-						'notify_link' => z_root() . '/connections/ifpending',
-						'name' => $rr['xchan_name'],
-						'addr' => $rr['xchan_addr'],
-						'url' => $rr['xchan_url'],
-						'photo' => $rr['xchan_photo_s'],
-						'when' => relative_date($rr['abook_created']),
-						'hclass' => ('notify-unseen'),
-						'message' => t('added your channel')
-					);
-				}
-			}
-			logger('ping (intros): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if((argc() > 1 && (argv(1) === 'register')) && is_site_admin()) {
-			$result = array();
-
-			$r = q("SELECT account_email, account_created from account where (account_flags & %d) > 0",
-				intval(ACCOUNT_PENDING)
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$result[] = array(
-						'notify_link' => z_root() . '/admin/accounts',
-						'name' => $rr['account_email'],
-						'addr' => $rr['account_email'],
-						'url' => '',
-						'photo' => z_root() . '/' . get_default_profile_photo(48),
-						'when' => relative_date($rr['account_created']),
-						'hclass' => ('notify-unseen'),
-						'message' => t('requires approval')
-					);
-				}
-			}
-			logger('ping (register): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'all_events')) {
-			$bd_format = t('g A l F d') ; // 8 AM Friday January 18
-
-			$result = array();
-
-			$r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash
-				WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
-				and etype in ( 'event', 'birthday' )
-				ORDER BY dtstart DESC LIMIT 1000",
-				intval(local_channel()),
-				dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
-				dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
-			);
-
-			if($r) {
-				foreach($r as $rr) {
-
-					$strt = datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart']);
-					$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
-					$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ?  ' ' . t('[today]') : '');
-
-					$result[] = array(
-						'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'],
-						'name'        => $rr['xchan_name'],
-						'addr'        => $rr['xchan_addr'],
-						'url'         => $rr['xchan_url'],
-						'photo'       => $rr['xchan_photo_s'],
-						'when'        => $when,
-						'hclass'       => ('notify-unseen'),
-						'message'     => t('posted an event')
-					);
-				}
-			}
-			logger('ping (all_events): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		if(argc() > 1 && (argv(1) === 'files')) {
-			$result = array();
-
-			$r = q("SELECT item.created, xchan.xchan_name, xchan.xchan_addr, xchan.xchan_url, xchan.xchan_photo_s FROM item 
-				LEFT JOIN xchan on author_xchan = xchan_hash
-				WHERE item.verb = '%s'
-				AND item.obj_type = '%s'
-				AND item.uid = %d
-				AND item.owner_xchan != '%s'
-				AND item.item_unseen = 1",
-				dbesc(ACTIVITY_POST),
-				dbesc(ACTIVITY_OBJ_FILE),
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$result[] = array(
-						'notify_link' => z_root() . '/sharedwithme',
-						'name' => $rr['xchan_name'],
-						'addr' => $rr['xchan_addr'],
-						'url' => $rr['xchan_url'],
-						'photo' => $rr['xchan_photo_s'],
-						'when' => relative_date($rr['created']),
-						'hclass' => ('notify-unseen'),
-						'message' => t('shared a file with you')
-					);
-				}
-			}
-			logger('ping (files): ' . print_r($result, true), LOGGER_DATA);
-			echo json_encode(array('notify' => $result));
-			killme();
-		}
-
-		/**
-		 * Normal ping - just the counts, no detail
-		 */
-		if($vnotify & VNOTIFY_SYSTEM) {
-			$t = q("select count(*) as total from notify where uid = %d and seen = 0",
-				intval(local_channel())
-			);
-			if($t)
-				$result['notify'] = intval($t[0]['total']);
-		}
-
-		$t2 = dba_timer();
-
-		if($vnotify & VNOTIFY_FILES) {
-			$files = q("SELECT count(id) as total FROM item
-				WHERE verb = '%s'
-				AND obj_type = '%s'
-				AND uid = %d
-				AND owner_xchan != '%s'
-				AND item_unseen = 1",
-				dbesc(ACTIVITY_POST),
-				dbesc(ACTIVITY_OBJ_FILE),
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-			if($files)
-				$result['files'] = intval($files[0]['total']);
-		}
-
-		$t3 = dba_timer();
-
-		if($vnotify & (VNOTIFY_NETWORK|VNOTIFY_CHANNEL)) {
-
-			$r = q("SELECT id, item_wall FROM item 
-				WHERE uid = %d and item_unseen = 1 
-				$item_normal
-				$sql_extra
-				AND author_xchan != '%s'",
-				intval(local_channel()),
-				dbesc($ob_hash)
-			);
-
-			if($r) {
-				$arr = array('items' => $r);
-				call_hooks('network_ping', $arr);
-
-				foreach ($r as $it) {
-					if(intval($it['item_wall']))
-						$result['home'] ++;
-					else
-						$result['network'] ++;
-				}
-			}
-		}
-		if(! ($vnotify & VNOTIFY_NETWORK))
-			$result['network'] = 0;
-		if(! ($vnotify & VNOTIFY_CHANNEL))
-			$result['home'] = 0;
-
-		$t4 = dba_timer();
-
-		if($vnotify & VNOTIFY_INTRO) {
-			$intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ",
-				intval(local_channel())
-			);
-
-			$t5 = dba_timer();
-
-			if($intr)
-				$result['intros'] = intval($intr[0]['total']);
-		}
-
-		$t6 = dba_timer();
-		$channel = \App::get_channel();
-
-		if($vnotify & VNOTIFY_MAIL) {
-			$mails = q("SELECT count(id) as total from mail
-				WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ",
-				intval(local_channel()),
-				dbesc($channel['channel_hash'])
-			);
-			if($mails)
-				$result['mail'] = intval($mails[0]['total']);
-		}
-
-		if($vnotify & VNOTIFY_REGISTER) {
-			if (\App::$config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) {
-				$regs = q("SELECT count(account_id) as total from account where (account_flags & %d) > 0",
-					intval(ACCOUNT_PENDING)
-				);
-				if($regs)
-					$result['register'] = intval($regs[0]['total']);
-			}
-		}
-
-		$t7 = dba_timer();
-
-		if($vnotify & (VNOTIFY_EVENT|VNOTIFY_EVENTTODAY|VNOTIFY_BIRTHDAY)) {
-			$events = q("SELECT etype, dtstart, adjust FROM event
-				WHERE event.uid = %d AND dtstart < '%s' AND dtstart > '%s' and dismissed = 0
-				and etype in ( 'event', 'birthday' )
-				ORDER BY dtstart ASC ",
-					intval(local_channel()),
-					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + ' . intval($evdays) . ' days')),
-					dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))
-			);
-
-			if($events) {
-				$result['all_events'] = count($events);
-
-				if($result['all_events']) {
-					$str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d');
-					foreach($events as $x) {
-						$bd = false;
-						if($x['etype'] === 'birthday') {
-							$result['birthdays'] ++;
-							$bd = true;
-						}
-						else {
-							$result['events'] ++;
-						}
-						if(datetime_convert('UTC', ((intval($x['adjust'])) ? date_default_timezone_get() : 'UTC'), $x['dtstart'], 'Y-m-d') === $str_now) {
-							$result['all_events_today'] ++;
-							if($bd)
-								$result['birthdays_today'] ++;
-							else
-								$result['events_today'] ++;
-						}
-					}
-				}
-			}
-		}
-		if(! ($vnotify & VNOTIFY_EVENT))
-			$result['all_events'] = $result['events'] = 0;
-		if(! ($vnotify & VNOTIFY_EVENTTODAY))
-			$result['all_events_today'] = $result['events_today'] = 0;
-		if(! ($vnotify & VNOTIFY_BIRTHDAY))
-			$result['birthdays'] = 0;
-
-
-
-		if($vnotify & VNOTIFY_FORUMS) {
-			$forums = get_forum_channels(local_channel());
-
-			if($forums) {
-				$item_normal = item_normal();
-				$fcount = count($forums);
-				$forums['total'] = 0;
-
-				for($x = 0; $x < $fcount; $x ++) {
-					$p = q("SELECT oid AS parent FROM term WHERE uid = %d AND ttype = %d AND term = '%s'",
-						intval(local_channel()),
-						intval(TERM_FORUM),
-						dbesc($forums[$x]['xchan_name'])
-					);
-
-					$p_str = ids_to_querystr($p, 'parent');
-					$p_sql = (($p_str) ? "OR parent IN ( $p_str )" : '');
-
-					$r = q("select count(id) as unseen from item 
-						where uid = %d and ( owner_xchan = '%s' OR author_xchan = '%s' $p_sql ) and item_unseen = 1 $item_normal $sql_extra",
-						intval(local_channel()),
-						dbesc($forums[$x]['xchan_hash']),
-						dbesc($forums[$x]['xchan_hash'])
-					);
-					if($r[0]['unseen']) {
-						$forums[$x]['notify_link'] = (($forums[$x]['private_forum']) ? $forums[$x]['xchan_url'] : z_root() . '/network/?f=&pf=1&unseen=1&cid=' . $forums[$x]['abook_id']);
-						$forums[$x]['name'] = $forums[$x]['xchan_name'];
-						$forums[$x]['addr'] = $forums[$x]['xchan_addr'];
-						$forums[$x]['url'] = $forums[$x]['xchan_url'];
-						$forums[$x]['photo'] = $forums[$x]['xchan_photo_s'];
-						$forums[$x]['unseen'] = $r[0]['unseen'];
-						$forums[$x]['private_forum'] = (($forums[$x]['private_forum']) ? 'lock' : '');
-						$forums[$x]['message'] = (($forums[$x]['private_forum']) ? t('Private forum') : t('Public forum'));
-
-						$forums['total'] = $forums['total'] + $r[0]['unseen'];
-
-						unset($forums[$x]['abook_id']);
-						unset($forums[$x]['xchan_hash']);
-						unset($forums[$x]['xchan_name']);
-						unset($forums[$x]['xchan_url']);
-						unset($forums[$x]['xchan_photo_s']);
-
-						//if($forums[$x]['private_forum'])
-						//	unset($forums[$x]['private_forum']);
-
-					}
-					else {
-						unset($forums[$x]);
-					}
-				}
-				$result['forums'] = $forums['total'];
-				unset($forums['total']);
-
-				$result['forums_sub'] = $forums;
-			}
-		}
-
-		$x = json_encode($result);
-
-		$t8 = dba_timer();
-
-//		logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t8 - $t7, $t7 - $t6, $t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0));
-
-		echo $x;
-		killme();
-	}
-
-}
--- a/Zotlabs/Module/Poke.php
+++ b/Zotlabs/Module/Poke.php
@@ -9,11 +9,11 @@ use Zotlabs\Web\Controller;
 *
 * Poke, prod, finger, or otherwise do unspeakable things to somebody - who must be a connection in your address book
 * This function can be invoked with the required arguments (verb and cid and private and possibly parent) silently via ajax or
- * other web request. You must be logged in and connected to a channel. 
+ * other web request. You must be logged in and connected to a channel.
 * If the required arguments aren't present, we'll display a simple form to choose a recipient and a verb.
 * parent is a special argument which let's you attach this activity as a comment to an existing conversation, which
 * may have started with somebody else poking (etc.) somebody, but this isn't necessary. This can be used in the adult
- * plugin version to have entire conversations where Alice poked Bob, Bob fingered Alice, Alice hugged Bob, etc.  
+ * plugin version to have entire conversations where Alice poked Bob, Bob fingered Alice, Alice hugged Bob, etc.
 *
 * private creates a private conversation with the recipient. Otherwise your channel's default post privacy is used.
 *
@@ -25,41 +25,41 @@ require_once('include/items.php');
 class Poke extends Controller {

 	function init() {
-	
+
 		if(! local_channel())
 			return;

 		if(! Apps::system_app_installed(local_channel(), 'Poke')) {
 			return;
 		}
-	
+
 		$uid = local_channel();
 		$channel = App::get_channel();
-	
+
 		$verb = notags(trim($_REQUEST['verb']));
-		
-		if(! $verb) 
+
+		if(! $verb)
 			return;
-	
+
 		$verbs = get_poke_verbs();
-	
+
 		if(! array_key_exists($verb,$verbs))
 			return;
-	
+
 		$activity = ACTIVITY_POKE . '#' . urlencode($verbs[$verb][0]);
-	
+
 		$contact_id = intval($_REQUEST['cid']);

 		$xchan = trim($_REQUEST['xchan']);

 		if(! ($contact_id || $xchan))
 			return;
-	
+
 		$parent = ((x($_REQUEST,'parent')) ? intval($_REQUEST['parent']) : 0);
-	
+
 		logger('poke: verb ' . $verb . ' contact ' . $contact_id, LOGGER_DEBUG);
-	
-	
+
+
 		if($contact_id) {
 			$r = q("SELECT * FROM abook left join xchan on xchan_hash = abook_xchan where abook_id = %d and abook_channel = %d LIMIT 1",
 				intval($contact_id),
@@ -71,17 +71,17 @@ class Poke extends Controller {
 				dbesc($xchan . '%')
 			);
 		}
-			
+
 		if(! $r) {
 			logger('poke: no target.');
 			return;
 		}
-	
+
 		$target = $r[0];
 		$parent_item = null;
-	
+
 		if($parent) {
-			$r = q("select mid, item_private, owner_xchan, allow_cid, allow_gid, deny_cid, deny_gid 
+			$r = q("select mid, item_private, owner_xchan, allow_cid, allow_gid, deny_cid, deny_gid
 				from item where id = %d and parent = %d and uid = %d limit 1",
 				intval($parent),
 				intval($parent),
@@ -98,18 +98,18 @@ class Poke extends Controller {
 			}
 		}
 		elseif($contact_id) {
-	
+
 			$item_private = ((x($_GET,'private')) ? intval($_GET['private']) : 0);
-	
+
 			$allow_cid     = (($item_private) ? '<' . $target['abook_xchan']. '>' : $channel['channel_allow_cid']);
 			$allow_gid     = (($item_private) ? '' : $channel['channel_allow_gid']);
 			$deny_cid      = (($item_private) ? '' : $channel['channel_deny_cid']);
 			$deny_gid      = (($item_private) ? '' : $channel['channel_deny_gid']);
 		}
-	
-	
+
+
 		$arr = array();
-	
+


 		$arr['item_wall']     = 1;
@@ -124,7 +124,7 @@ class Poke extends Controller {
 		$arr['item_private']  = $item_private;
 		$arr['obj_type']      = ACTIVITY_OBJ_PERSON;
 		$arr['body']          = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t($verbs[$verb][0]) . ' ' . '[zrl=' . $target['xchan_url'] . ']' . $target['xchan_name'] . '[/zrl]';
-	
+
 		$obj = array(
 			'type' => ACTIVITY_OBJ_PERSON,
 			'title' => $target['xchan_name'],
@@ -134,25 +134,25 @@ class Poke extends Controller {
 				array('rel' => 'photo', 'type' => $target['xchan_photo_mimetype'], 'href' => $target['xchan_photo_l'])
 			),
 		);
-	
+
 		$arr['obj'] = json_encode($obj);
-	
+
 		$arr['item_origin']   = 1;
 		$arr['item_wall']     = 1;
 		$arr['item_unseen']   = 1;
 		if(! $parent_item)
 			$item['item_thread_top'] = 1;
-	
-	
+
+
 		post_activity_item($arr);
-	
+
 		return;
 	}
-	
-	
-	
+
+
+
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
@@ -161,19 +161,17 @@ class Poke extends Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Poke')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Poke App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Poke somebody in your addressbook');
-			return $o;
+			$papp = Apps::get_papp('Poke');
+			return Apps::app_render($papp, 'module');
 		}

 		nav_set_selected('Poke');
-	
+
 		$name = '';
 		$id = '';
-	
+
 		if(intval($_REQUEST['c'])) {
-			$r = q("select abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash 
+			$r = q("select abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash
 				where abook_id = %d and abook_channel = %d limit 1",
 				intval($_REQUEST['c']),
 				intval(local_channel())
@@ -183,17 +181,17 @@ class Poke extends Controller {
 				$id = $r[0]['abook_id'];
 			}
 		}
-	
+
 		$parent = ((x($_REQUEST,'parent')) ? intval($_REQUEST['parent']) : '0');
-	
+
 		$verbs = get_poke_verbs();
-	
+
 		$shortlist = array();
 		foreach($verbs as $k => $v)
 			if($v[1] !== 'NOTRANSLATION')
 				$shortlist[] = array($k,$v[1]);
-	
-	
+
+
 		$poke_basic = get_config('system','poke_basic');
 		if($poke_basic) {
 			$title = t('Poke');
@@ -203,7 +201,7 @@ class Poke extends Controller {
 			$title = t('Poke/Prod');
 			$desc = t('Poke, prod or do other things to somebody');
 		}
-	
+
 		$o = replace_macros(get_markup_template('poke_content.tpl'),array(
 			'$title' => $title,
 			'$poke_basic' => $poke_basic,
@@ -218,8 +216,8 @@ class Poke extends Controller {
 			'$name' => $name,
 			'$id' => $id
 		));
-	
+
 		return $o;
-	
+
 	}
 }
--- a/Zotlabs/Module/Post.php
+++ b/Zotlabs/Module/Post.php
@@ -1,34 +0,0 @@
-<?php
-/**
- * @file Zotlabs/Module/Post.php
- *
- * @brief Zot endpoint.
- *
- */
-
-namespace Zotlabs\Module;
-
-require_once('include/zot.php');
-
-/**
- * @brief Post module.
- *
- */
-class Post extends \Zotlabs\Web\Controller {
-
-	function init() {
-		if(array_key_exists('auth', $_REQUEST)) {
-			$x = new \Zotlabs\Zot\Auth($_REQUEST);
-			exit;
-		}
-	}
-
-	function post() {
-		if(array_key_exists('data',$_REQUEST)) {
-			$z = new \Zotlabs\Zot\Receiver($_REQUEST['data'], get_config('system', 'prvkey'), new \Zotlabs\Zot\ZotHandler());
-			exit;
-		}
-
-	}
-
-}
--- a/Zotlabs/Module/Prate.php
+++ b/Zotlabs/Module/Prate.php
@@ -1,107 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-use Zotlabs\Lib\Crypto;
-
-class Prate extends \Zotlabs\Web\Controller {
-
-	function init() {
-		if($_SERVER['REQUEST_METHOD'] === 'post')
-			return;
-
-		if(! local_channel())
-			return;
-
-		$channel = \App::get_channel();
-
-		$target = argv(1);
-		if(! $target)
-			return;
-
-		$r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1",
-			dbesc($channel['channel_hash']),
-			dbesc($target)
-		);
-		if($r)
-			json_return_and_die(array('rating' => $r[0]['xlink_rating'],'rating_text' => $r[0]['xlink_rating_text']));
-		killme();
-	}
-
-		function post() {
-
-		if(! local_channel())
-			return;
-
-		$channel = \App::get_channel();
-
-		$target = trim($_REQUEST['target']);
-		if(! $target)
-			return;
-
-		if($target === $channel['channel_hash'])
-			return;
-
-		$rating = intval($_POST['rating']);
-		if($rating < (-10))
-			$rating = (-10);
-		if($rating > 10)
-			$rating = 10;
-
-		$rating_text = trim(escape_tags($_REQUEST['rating_text']));
-
-		$signed = $target . '.' . $rating . '.' . $rating_text;
-
-		$sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey']));
-
-
-		$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-			dbesc($channel['channel_hash']),
-			dbesc($target)
-		);
-		if($z) {
-			$record = $z[0]['xlink_id'];
-			$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
-				where xlink_id = %d",
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert()),
-				intval($record)
-			);
-		}
-		else {
-			$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
-				dbesc($channel['channel_hash']),
-				dbesc($target),
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert())
-			);
-			$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-				dbesc($channel['channel_hash']),
-				dbesc($orig_record[0]['abook_xchan'])
-			);
-			if($z)
-				$record = $z[0]['xlink_id'];
-		}
-		if($record) {
-			\Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record));
-		}
-
-		json_return_and_die(array('result' => true));;
-	}
-
-
-
-
-
-
-
-
-
-
-
-
-}
--- a/Zotlabs/Module/Probe.php
+++ b/Zotlabs/Module/Probe.php
@@ -1,60 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-use App;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Lib\Crypto;
-
-require_once('include/zot.php');
-
-class Probe extends \Zotlabs\Web\Controller {
-
-	function get() {
-
-		if(local_channel()) {
-			if(! Apps::system_app_installed(local_channel(), 'Remote Diagnostics')) {
-				//Do not display any associated widgets at this point
-				App::$pdl = '';
-
-				$o = '<b>' . t('Remote Diagnostics App') . ' (' . t('Not Installed') . '):</b><br>';
-				$o .= t('Perform diagnostics on remote channels');
-				return $o;
-			}
-		}
-
-		nav_set_selected('Remote Diagnostics');
-
-		$o .= '<h3>Remote Diagnostics</h3>';
-
-		$o .= '<form action="probe" method="get">';
-		$o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" />';
-		$o .= '<input type="submit" name="submit" value="Submit" /></form>';
-
-		$o .= '<br /><br />';
-
-		if(x($_GET,'addr')) {
-			$channel = App::get_channel();
-			$addr = trim($_GET['addr']);
-			$do_import = ((intval($_GET['import']) && is_site_admin()) ? true : false);
-
-			$j = \Zotlabs\Zot\Finger::run($addr,$channel,false);
-
-			$o .= '<pre>';
-			if(! $j['success']) {
-				$o .= "<strong>https connection failed. Trying again with auto failover to http.</strong>\r\n\r\n";
-				$j = \Zotlabs\Zot\Finger::run($addr,$channel,true);
-				if(! $j['success']) {
-					return $o;
-				}
-			}
-			if($do_import && $j)
-				$x = import_xchan($j);
-			if($j && $j['permissions'] && $j['permissions']['iv'])
-				$j['permissions'] = json_decode(Crypto::unencapsulate($j['permissions'],$channel['channel_prvkey']),true);
-			$o .= str_replace("\n",'<br />',print_r($j,true));
-			$o .= '</pre>';
-		}
-		return $o;
-	}
-
-}
--- a/Zotlabs/Module/Profiles.php
+++ b/Zotlabs/Module/Profiles.php
@@ -600,7 +600,6 @@ class Profiles extends \Zotlabs\Web\Controller {
 				intval(local_channel())
 			);
 			if($r) {
-				require_once('include/zot.php');
 				Libsync::build_sync_packet(local_channel(),array('profile' => $r));
 			}

--- a/Zotlabs/Module/Pubsites.php
+++ b/Zotlabs/Module/Pubsites.php
@@ -6,7 +6,6 @@ use Zotlabs\Lib\Libzotdir;
 class Pubsites extends \Zotlabs\Web\Controller {

 	function get() {
-		require_once('include/dir_fns.php');
 		$dirmode = intval(get_config('system','directory_mode'));

 		if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -16,10 +16,8 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			if(! Apps::system_app_installed(local_channel(), 'Public Stream')) {
 				//Do not display any associated widgets at this point
 				App::$pdl = '';
-
-				$o = '<b>' . t('Public Stream App') . ' (' . t('Not Installed') . '):</b><br>';
-				$o .= t('The unmoderated public stream of this hub');
-				return $o;
+				$papp = Apps::get_papp('Public Stream');
+				return Apps::app_render($papp, 'module');
 			}
 		}

@@ -44,19 +42,16 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			$site_firehose = false;
 		}

-		$mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');
-		$hashtags   = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : '');
-
-
-		if(strpos($mid,'b64.') === 0)
-			$decoded = @base64url_decode(substr($mid,4));
-		if($decoded)
-			$mid = $decoded;
+		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+		if ($mid === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}

+		$hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : '');
 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
-
-		$net    = ((array_key_exists('net',$_REQUEST))    ? escape_tags($_REQUEST['net']) : '');
+		$net = ((array_key_exists('net',$_REQUEST))    ? escape_tags($_REQUEST['net']) : '');

 		$title = replace_macros(get_markup_template("section_title.tpl"),array(
 			'$title' => (($hashtags) ? '#' . htmlspecialchars($hashtags, ENT_COMPAT,'UTF-8') : '')
@@ -65,15 +60,15 @@ class Pubstream extends \Zotlabs\Web\Controller {
 		$o = (($hashtags) ? $title : '');

 		if(local_channel() && (! $update)) {
-	
+
 			$channel = \App::get_channel();

 			$channel_acl = array(
-				'allow_cid' => $channel['channel_allow_cid'], 
-				'allow_gid' => $channel['channel_allow_gid'], 
-				'deny_cid'  => $channel['channel_deny_cid'], 
+				'allow_cid' => $channel['channel_allow_cid'],
+				'allow_gid' => $channel['channel_allow_gid'],
+				'deny_cid'  => $channel['channel_deny_cid'],
 				'deny_gid'  => $channel['channel_deny_gid']
-			); 
+			);

 			$x = array(
 				'is_owner'            => true,
@@ -94,12 +89,12 @@ class Pubstream extends \Zotlabs\Web\Controller {
 				'jotnets'             => true,
 				'reset'               => t('Reset form')
 			);
-	
+
 			$o .= '<div id="jot-popup">';
 			$o .= status_editor($a,$x,false,'Pubstream');
 			$o .= '</div>';
 		}
-	
+
 		if(! $update && !$load) {

 			nav_set_selected(t('Public Stream'));
@@ -110,15 +105,14 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			$maxheight = get_config('system','home_divmore_height');
 			if(! $maxheight)
 				$maxheight = 400;
-	
+
 			$o .= '<div id="live-pubstream"></div>' . "\r\n";
-			$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1)) 
-				. "; var profile_page = " . \App::$pager['page'] 
+			$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1))
+				. "; var profile_page = " . \App::$pager['page']
 				. "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
-	
-			//if we got a decoded hash we must encode it again before handing to javascript 
-			if($decoded)
-				$mid = 'b64.' . base64url_encode($mid);
+
+			//if we got a decoded hash we must encode it again before handing to javascript
+			$mid = gen_link_id($mid);

 			\App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
 				'$baseurl' => z_root(),
@@ -151,7 +145,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 				'$dbegin'  => ''
 			));
 		}
-	
+
 		if($update && ! $load) {
 			// only setup pagination on initial page view
 			$pager_sql = '';
@@ -160,10 +154,10 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			\App::set_pager_itemspage(10);
 			$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
 		}
-	
+
 		require_once('include/channel.php');
 		require_once('include/security.php');
-	
+
 		if($site_firehose) {
 			$uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0  and item_wall = 1 ";
 		}
@@ -173,7 +167,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			$sql_extra = item_permissions_sql($sys['channel_id']);
 			\App::$data['firehose'] = intval($sys['channel_id']);
 		}
-	
+
 		if(get_config('system','public_list_mode'))
 			$page_mode = 'list';
 		else
@@ -184,7 +178,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			$sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
 		}

-		$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : ''); 
+		$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : '');
 		$net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : '');

 		$abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " ";
@@ -196,13 +190,13 @@ class Pubstream extends \Zotlabs\Web\Controller {
 		//logger('update: ' . $update . ' load: ' . $load);

 		if($update) {
-	
-			$ordering = "commented";
-	
+
+			$ordering = get_config('system', 'pubstream_ordering', 'commented');
+
 			if($load) {
 				if($mid) {
 					$r = q("SELECT parent AS item_id FROM item
-						left join abook on item.author_xchan = abook.abook_xchan 
+						left join abook on item.author_xchan = abook.abook_xchan
 						$net_query
 						WHERE mid = '%s' $uids $item_normal
 						and (abook.abook_blocked = 0 or abook.abook_flags is null)
@@ -212,7 +206,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 				}
 				else {
 					// Fetch a page full of parent items for this page
-					$r = q("SELECT item.id AS item_id FROM item 
+					$r = dbq("SELECT item.id AS item_id FROM item
 						left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids )
 						$net_query
 						WHERE true $uids and item.item_thread_top = 1 $item_normal
@@ -234,7 +228,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
 					);
 				}
 				else {
-					$r = q("SELECT parent AS item_id FROM item
+					$r = dbq("SELECT parent AS item_id FROM item
 						left join abook on item.author_xchan = abook.abook_xchan
 						$net_query
 						WHERE true $uids $item_normal_update
@@ -247,20 +241,19 @@ class Pubstream extends \Zotlabs\Web\Controller {

 			// Then fetch all the children of the parents that are on this page
 			$parents_str = '';
-	
+
 			if($r) {
-	
+
 				$parents_str = ids_to_querystr($r,'item_id');
-	
-				$items = q("SELECT item.*, item.id AS item_id FROM item
+
+				$items = dbq("SELECT item.*, item.id AS item_id FROM item
 					WHERE true $uids $item_normal
-					AND item.parent IN ( %s )
-					$sql_extra ",
-					dbesc($parents_str)
+					AND item.parent IN ( $parents_str )
+					$sql_extra"
 				);
-	
+
 				// use effective_uid param of xchan_query to help sort out comment permission
-				// for sys_channel owned items. 
+				// for sys_channel owned items.

 				xchan_query($items,true,(($sys) ? local_channel() : 0));
 				$items = fetch_post_tags($items,true);
@@ -269,9 +262,9 @@ class Pubstream extends \Zotlabs\Web\Controller {
 			else {
 				$items = array();
 			}
-	
+
 		}
-	
+
 		// fake it
 		$mode = (($hashtags) ? 'search' : 'pubstream');

@@ -279,13 +272,13 @@ class Pubstream extends \Zotlabs\Web\Controller {

 		if($mid)
 			$o .= '<div id="content-complete"></div>';
-	
+
 		if(($items) && (! $update))
 			$o .= alt_pager(count($items));

 		$_SESSION['loadtime'] = datetime_convert();

 		return $o;
-	
+
 	}
 }
--- a/Zotlabs/Module/Randprof.php
+++ b/Zotlabs/Module/Randprof.php
@@ -15,7 +15,7 @@ class Randprof extends \Zotlabs\Web\Controller {
 		$x = random_profile();
 		if($x)
 			goaway(chanlink_hash($x));
-	
+
 		/** FIXME this doesn't work at the moment as a fallback */
 		goaway(z_root() . '/profile');
 	}
@@ -25,13 +25,11 @@ class Randprof extends \Zotlabs\Web\Controller {
 			if(! Apps::system_app_installed(local_channel(), 'Random Channel')) {
 				//Do not display any associated widgets at this point
 				App::$pdl = '';
-
-				$o = '<b>' . t('Random Channel App') . ' (' . t('Not Installed') . '):</b><br>';
-				$o .= t('Visit a random channel in the $Projectname network');
-				return $o;
+				$papp = Apps::get_papp('Random Channel');
+				return Apps::app_render($papp, 'module');
 			}
 		}

 	}
-	
+
 }
--- a/Zotlabs/Module/Rate.php
+++ b/Zotlabs/Module/Rate.php
@@ -1,174 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-
-use Zotlabs\Lib\Crypto;
-
-class Rate extends \Zotlabs\Web\Controller {
-
-	function init() {
-
-		if(! local_channel())
-			return;
-
-		$channel = \App::get_channel();
-
-		$target = $_REQUEST['target'];
-		if(! $target)
-			return;
-
-		\App::$data['target'] = $target;
-
-		if($target) {
-			$r = q("SELECT * FROM xchan where xchan_hash like '%s' LIMIT 1",
-				dbesc($target)
-			);
-			if($r) {
-				\App::$poi = $r[0];
-			}
-			else {
-				$r = q("select * from site where site_url like '%s' and site_type = %d",
-					dbesc('%' . $target),
-					intval(SITE_TYPE_ZOT)
-				);
-				if($r) {
-					\App::$data['site'] = $r[0];
-					\App::$data['site']['site_url'] = strtolower($r[0]['site_url']);
-				}
-			}
-		}
-
-
-		return;
-
-	}
-
-
-	function post() {
-
-		if(! local_channel())
-			return;
-
-		if(! \App::$data['target'])
-			return;
-
-		if(! $_REQUEST['execute'])
-			return;
-
-		$channel = \App::get_channel();
-
-		$rating = intval($_POST['rating']);
-		if($rating < (-10))
-			$rating = (-10);
-		if($rating > 10)
-			$rating = 10;
-
-		$rating_text = trim(escape_tags($_REQUEST['rating_text']));
-
-		$signed = \App::$data['target'] . '.' . $rating . '.' . $rating_text;
-
-		$sig = base64url_encode(Crypto::sign($signed,$channel['channel_prvkey']));
-
-		$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-			dbesc($channel['channel_hash']),
-			dbesc(\App::$data['target'])
-		);
-
-		if($z) {
-			$record = $z[0]['xlink_id'];
-			$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
-				where xlink_id = %d",
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert()),
-				intval($record)
-			);
-		}
-		else {
-			$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
-				dbesc($channel['channel_hash']),
-				dbesc(\App::$data['target']),
-				intval($rating),
-				dbesc($rating_text),
-				dbesc($sig),
-				dbesc(datetime_convert())
-			);
-			$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
-				dbesc($channel['channel_hash']),
-				dbesc(\App::$data['target'])
-			);
-			if($z)
-				$record = $z[0]['xlink_id'];
-		}
-
-		if($record) {
-			\Zotlabs\Daemon\Master::Summon(array('Ratenotif','rating',$record));
-		}
-
-	}
-
-	function get() {
-
-		if(! local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-	//	if(! \App::$data['target']) {
-	//		notice( t('No recipients.') . EOL);
-	//		return;
-	//	}
-
-		$rating_enabled = get_config('system','rating_enabled');
-		if(! $rating_enabled) {
-			notice('Ratings are disabled on this site.');
-			return;
-		}
-
-		$channel = \App::get_channel();
-
-		$r = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1",
-			dbesc($channel['channel_hash']),
-			dbesc(\App::$data['target'])
-		);
-		if($r) {
-			\App::$data['xlink'] = $r[0];
-			$rating_val = $r[0]['xlink_rating'];
-			$rating_text = $r[0]['xlink_rating_text'];
-		}
-		else {
-			$rating_val = 0;
-			$rating_text = '';
-		}
-
-		if($rating_enabled) {
-			$rating = replace_macros(get_markup_template('rating_slider.tpl'),array(
-				'$min' => -10,
-				'$val' => $rating_val
-			));
-		}
-		else {
-			$rating = false;
-		}
-
-		$o = replace_macros(get_markup_template('rating_form.tpl'),array(
-			'$header' => t('Rating'),
-			'$website' => t('Website:'),
-			'$site' => ((\App::$data['site']) ? '<a href="' . \App::$data['site']['site_url'] . '" >' . \App::$data['site']['site_url'] . '</a>' : ''),
-			'target' => \App::$data['target'],
-			'$tgt_name' => ((\App::$poi && \App::$poi['xchan_name']) ? \App::$poi['xchan_name'] : sprintf( t('Remote Channel [%s] (not yet known on this site)'), substr(\App::$data['target'],0,16))),
-			'$lbl_rating'     => t('Rating (this information is public)'),
-			'$lbl_rating_txt' => t('Optionally explain your rating (this information is public)'),
-			'$rating_txt'     => $rating_text,
-			'$rating'         => $rating,
-			'$rating_val'     => $rating_val,
-			'$slide'          => $slide,
-			'$submit' => t('Submit')
-		));
-
-		return $o;
-
-	}
-}
--- a/Zotlabs/Module/Ratings.php
+++ b/Zotlabs/Module/Ratings.php
@@ -1,109 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/dir_fns.php');
-
-
-class Ratings extends \Zotlabs\Web\Controller {
-
-	function init() {
-	
-		if(observer_prohibited()) {
-			return;
-		}
-	
-		if(local_channel())
-			load_contact_links(local_channel());
-	
-		$dirmode = intval(get_config('system','directory_mode'));
-	
-		$x = find_upstream_directory($dirmode);
-		if($x)
-			$url = $x['url'];
-	
-		$rating_enabled = get_config('system','rating_enabled');
-	
-		if(! $rating_enabled)
-			return;
-	
-		if(argc() > 1)
-			$hash = argv(1);
-	
-		if(! $hash) {
-			notice('Must supply a channel identififier.');
-			return;
-		}
-	
-		$results = false;
-	
-		$x = z_fetch_url($url . '/ratingsearch/' . urlencode($hash));
-	
-	
-		if($x['success'])
-			$results = json_decode($x['body'],true);
-	
-	
-		if((! $results) || (! $results['success'])) {
-	
-			notice('No results.');
-			return;
-		} 
-	
-		if(array_key_exists('xchan_hash',$results['target']))
-			\App::$poi = $results['target'];
-		
-		$friends = array();
-		$others = array();
-	
-		if($results['ratings']) {
-			foreach($results['ratings'] as $n) {
-				if(is_array(\App::$contacts) && array_key_exists($n['xchan_hash'],\App::$contacts))
-					$friends[] = $n;
-				else
-					$others[] = $n;
-			}
-		}
-	
-		\App::$data = array('target' => $results['target'], 'results' => array_merge($friends,$others));
-	
-		if(! \App::$data['results']) {
-			notice( t('No ratings') . EOL);
-		}
-	
-		return;
-	}
-	
-	
-	
-	
-	
-	function get() {
-	
-		if(observer_prohibited()) {
-			notice( t('Public access denied.') . EOL);
-			return;
-		}
-	
-		$rating_enabled = get_config('system','rating_enabled');
-	
-		if(! $rating_enabled)
-			return;
-	
-		$site_target = ((array_key_exists('target',\App::$data) && array_key_exists('site_url',\App::$data['target'])) ?
-			'<a href="' . \App::$data['target']['site_url'] . '" >' . \App::$data['target']['site_url'] . '</a>' : '');
-	
-	
-		$o = replace_macros(get_markup_template('prep.tpl'),array(
-			'$header' => t('Ratings'),
-			'$rating_lbl' => t('Rating: ' ),
-			'$website' => t('Website: '),
-			'$site' => $site_target,
-			'$rating_text_lbl' => t('Description: '),
-			'$raters' => \App::$data['results']
-		));
-	
-		return $o;
-	}
-	
-				
-}
--- a/Zotlabs/Module/Ratingsearch.php
+++ b/Zotlabs/Module/Ratingsearch.php
@@ -1,78 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-
-
-class Ratingsearch extends \Zotlabs\Web\Controller {
-
-	function init() {
-	
-		$ret = array('success' => false);
-	
-		$dirmode = intval(get_config('system','directory_mode'));
-	
-		if($dirmode == DIRECTORY_MODE_NORMAL) {
-			$ret['message'] = 'This site is not a directory server.';
-			json_return_and_die($ret);
-		}
-	
-		if(argc() > 1)
-			$hash = argv(1);
-	
-		if(! $hash) {
-			$ret['message'] = 'No channel identifier';
-			json_return_and_die($ret);
-		}
-	
-		if(strpos($hash,'@')) {
-			$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
-				dbesc($hash)
-			);
-			if($r)
-				$hash = $r[0]['hubloc_hash'];
-		} 
-	
-		$p = q("select * from xchan where xchan_hash like '%s'",
-			dbesc($hash . '%')
-		);
-	
-		if($p)
-			$target = $p[0]['xchan_hash'];
-		else {
-			$p = q("select * from site where site_url like '%s' and site_type = %d ",
-				dbesc('%' . $hash),
-				intval(SITE_TYPE_ZOT)
-			);
-			if($p) {
-				$target = strtolower($hash);
-			}
-			else {
-				$ret['message'] = 'Rating target not found';
-				json_return_and_die($ret);
-			}
-		}
-	
-		if($p)
-			$ret['target']  = $p[0];
-	
-		$ret['success'] = true;
-	
-		$r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash 
-			where xlink_link = '%s' and xlink_rating != 0 and xlink_static = 1 
-			and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 
-			order by xchan_name asc",
-			dbesc($target)
-		);
-	
-		if($r) {
-			$ret['ratings'] = $r;
-		}
-		else
-			$ret['ratings'] = array();
-			
-		json_return_and_die($ret);
-	
-	}
-	
-	
-}
--- a/Zotlabs/Module/Rbmark.php
+++ b/Zotlabs/Module/Rbmark.php
@@ -6,12 +6,11 @@ require_once('include/crypto.php');
 require_once('include/items.php');
 require_once('include/taxonomy.php');
 require_once('include/conversation.php');
-require_once('include/zot.php');
 require_once('include/bookmarks.php');

 /**
 * remote bookmark
- * 
+ *
 * https://yoursite/rbmark?f=&title=&url=&private=&remote_return=
 *
 * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length
@@ -31,45 +30,45 @@ class Rbmark extends \Zotlabs\Web\Controller {
 	function post() {
 		if($_POST['submit'] !== t('Save'))
 			return;
-	
+
 		logger('rbmark_post: ' . print_r($_REQUEST,true));
-	
+
 		$channel = \App::get_channel();
-	
+
 		$t = array('url' => escape_tags($_REQUEST['url']),'term' => escape_tags($_REQUEST['title']));
 		bookmark_add($channel,$channel,$t,((x($_REQUEST,'private')) ? intval($_REQUEST['private']) : 0),
 			array('menu_id' => ((x($_REQUEST,'menu_id')) ? intval($_REQUEST['menu_id']) : 0),
 				'menu_name' => ((x($_REQUEST,'menu_name')) ? escape_tags($_REQUEST['menu_name']) : ''),
 				'ischat' => ((x($_REQUEST['ischat'])) ? intval($_REQUEST['ischat']) : 0)
 			));
-	
+
 		goaway(z_root() . '/bookmarks');
-	
+
 	}
-	
-	
+
+
 		function get() {
-	
+
 		$o = '';
-	
+
 		if(! local_channel()) {
-	
+
 			// The login procedure is going to bugger our $_REQUEST variables
 			// so save them in the session.
-	
+
 			if(array_key_exists('url',$_REQUEST)) {
 				$_SESSION['bookmark'] = $_REQUEST;
 			}
 			return login();
 		}
-	
+
 		// If we have saved rbmark session variables, but nothing in the current $_REQUEST, recover the saved variables
-	
+
 		if((! array_key_exists('url',$_REQUEST)) && (array_key_exists('bookmark',$_SESSION))) {
 			$_REQUEST = $_SESSION['bookmark'];
 			unset($_SESSION['bookmark']);
 		}
-	
+
 		if($_REQUEST['remote_return']) {
 			$_SESSION['remote_return'] = $_REQUEST['remote_return'];
 		}
@@ -78,12 +77,12 @@ class Rbmark extends \Zotlabs\Web\Controller {
 				goaway($_SESSION['remote_return']);
 			goaway(z_root() . '/bookmarks');
 		}
-	
+
 		$channel = \App::get_channel();
-	
-	
+
+
 		$m = menu_list($channel['channel_id'],'',MENU_BOOKMARK);
-	
+
 		$menus = array();
 		if($m) {
 			$menus = array(0 => '');
@@ -92,10 +91,10 @@ class Rbmark extends \Zotlabs\Web\Controller {
 			}
 		}
 		$menu_select = array('menu_id',t('Select a bookmark folder'),false,'',$menus);
-	
-	
+
+
 		$o .= replace_macros(get_markup_template('rbmark.tpl'), array(
-	
+
 			'$header' => t('Save Bookmark'),
 			'$url' => array('url',t('URL of bookmark'),escape_tags($_REQUEST['url'])),
 			'$title' => array('title',t('Description'),escape_tags($_REQUEST['title'])),
@@ -104,18 +103,18 @@ class Rbmark extends \Zotlabs\Web\Controller {
 			'$submit' => t('Save'),
 			'$menu_name' => array('menu_name',t('Or enter new bookmark folder name'),'',''),
 			'$menus' => $menu_select
-	
+
 		));
-	
-	
-	
-	
-	
-	
+
+
+
+
+
+
 		return $o;
-	
+
 	}
-	
-	
-	
+
+
+
 }
--- a/Zotlabs/Module/Removeme.php
+++ b/Zotlabs/Module/Removeme.php
@@ -5,54 +5,54 @@ namespace Zotlabs\Module;
 class Removeme extends \Zotlabs\Web\Controller {

 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		if($_SESSION['delegate'])
 			return;
-	
+
 		if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
 			return;
-	
+
 		if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify']))))
 			return;
-	
+
 		if($_POST['verify'] !== $_SESSION['remove_account_verify'])
 			return;
-	
-	
+
+
 		$account = \App::get_account();
-	
-	
+
+
 		$x = account_verify_password($account['account_email'],$_POST['qxz_password']);
 		if(! ($x && $x['account']))
 			return;
-	
+
 		if($account['account_password_changed'] > NULL_DATE) {
 			$d1 = datetime_convert('UTC','UTC','now - 48 hours');
-			if($account['account_password_changed'] > d1) {
+			if($account['account_password_changed'] > $d1) {
 				notice( t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL);
 				return;
 			}
 		}
-	
+
 		$global_remove = 0; //intval($_POST['global']);

 		channel_remove(local_channel(),1 - $global_remove,true);
-	
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel())
 			goaway(z_root());
-	
+
 		$hash = random_string();
-	
+
 		$_SESSION['remove_account_verify'] = $hash;
-	
+
 		$tpl = get_markup_template('removeme.tpl');
 		$o .= replace_macros($tpl, array(
 			'$basedir' => z_root(),
@@ -63,9 +63,9 @@ class Removeme extends \Zotlabs\Web\Controller {
 			// '$global'  => [ 'global', t('Remove this channel and all its clones from the network'), false, t('By default only the instance of the channel located on this hub will be removed from the network'),  [ t('No'),t('Yes') ] ],
 			'$submit'  => t('Remove Channel')
 		));
-	
-		return $o;		
-	
+
+		return $o;
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -1,12 +1,13 @@
 <?php
 namespace Zotlabs\Module; /** @file */

+use Zotlabs\Lib\Libzot;
+
 require_once('include/acl_selectors.php');
 require_once('include/crypto.php');
 require_once('include/items.php');
 require_once('include/taxonomy.php');
 require_once('include/conversation.php');
-require_once('include/zot.php');

 /**
 * remote post
@@ -42,7 +43,7 @@ class Rpost extends \Zotlabs\Web\Controller {
 				// by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin
 				// blocks them.

-				$url = get_rpost_path(\App::get_observer());
+				$url = Libzot::get_rpost_path(\App::get_observer());
 				// make sure we're not looping to our own hub
 				if(($url) && (! stristr($url, \App::get_hostname()))) {
 					foreach($_GET as $key => $arg) {
@@ -65,6 +66,73 @@ class Rpost extends \Zotlabs\Web\Controller {

 		nav_set_selected('Post');

+		if (local_channel() && array_key_exists('userfile',$_FILES)) {
+
+			$channel = App::get_channel();
+			$observer = App::get_observer();
+
+			$def_album  = get_pconfig($channel['channel_id'],'system','photo_path');
+			$def_attach = get_pconfig($channel['channel_id'],'system','attach_path');
+
+			$r = attach_store($channel, (($observer) ? $observer['xchan_hash'] : ''), '', [
+				'source'    => 'editor',
+				'visible'   => 0,
+				'album'     => $def_album,
+				'directory' => $def_attach,
+				'flags'     => 1, // indicates temporary permissions are created
+				'allow_cid' => '<' . $channel['channel_hash'] . '>'
+			]);
+
+			if (! $r['success']) {
+				notice( $r['message'] . EOL);
+			}
+
+			$s = EMPTY_STR;
+
+			if (intval($r['data']['is_photo'])) {
+				$s .= "\n\n" . $r['body'] . "\n\n";
+			}
+
+			$url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path'];
+
+			if (strpos($r['data']['filetype'],'video') === 0) {
+				$s .= "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n";
+			}
+
+			if (strpos($r['data']['filetype'],'audio') === 0) {
+				$s .= "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n";
+			}
+
+			if ($r['data']['filetype'] === 'image/svg+xml') {
+				$x = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
+				if ($x) {
+					$bb = svg2bb($x);
+					if ($bb) {
+						$s .= "\n\n" . $bb;
+					}
+					else {
+						logger('empty return from svgbb');
+					}
+				}
+				else {
+					logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
+				}
+			}
+
+			if ($r['data']['filetype'] === 'text/calendar') {
+				$content = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
+				if ($content) {
+					$ev = ical_to_ev($content);
+					if ($ev) {
+						$s .= "\n\n" . format_event_bbcode($ev[0]) . "\n\n";
+					}
+				}
+			}
+
+			$s .=  "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
+			$_REQUEST['body'] = ((array_key_exists('body',$_REQUEST)) ? $_REQUEST['body'] . $s : $s);
+		}
+
 		// If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables

 		if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) {
--- a/Zotlabs/Module/Search.php
+++ b/Zotlabs/Module/Search.php
@@ -25,10 +25,11 @@ class Search extends Controller {

 		nav_set_selected('Search');

-		require_once("include/bbcode.php");
-		require_once('include/security.php');
+		require_once('include/bbcode.php');
 		require_once('include/conversation.php');
 		require_once('include/items.php');
+		require_once('include/security.php');
+

 		$format = (($_REQUEST['format']) ? $_REQUEST['format'] : '');
 		if ($format !== '') {
@@ -38,11 +39,9 @@ class Search extends Controller {
 		$observer      = App::get_observer();
 		$observer_hash = (($observer) ? $observer['xchan_hash'] : '');

-		$o = '<div id="live-search"></div>' . "\r\n";
+		$o = '<div class="generic-content-wrapper-styled">' . "\r\n";

-		$o .= '<div class="generic-content-wrapper-styled">' . "\r\n";
-
-		$o .= '<h3>' . t('Search') . '</h3>';
+		$o .= '<h2>' . t('Search') . '</h2>';

 		if (x(App::$data, 'search'))
 			$search = trim(App::$data['search']);
@@ -87,21 +86,21 @@ class Search extends Controller {
 			$tag    = true;
 			$search = substr($search, 1);
 		}
-		if (strpos($search, '@') === 0) {
+		elseif(strpos($search, '@') === 0) {
 			$search = substr($search, 1);
 			goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
 		}
-		if (strpos($search, '!') === 0) {
+		elseif(strpos($search, '!') === 0) {
 			$search = substr($search, 1);
 			goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
 		}
-		if (strpos($search, '?') === 0) {
+		elseif(strpos($search, '?') === 0) {
 			$search = substr($search, 1);
 			goaway(z_root() . '/help' . '?f=1&navsearch=1&search=' . $search);
 		}

 		// look for a naked webbie
-		if (strpos($search,'@') !== false && strpos($search,'http') !== 0) {
+		if (strpos($search, '@') !== false && strpos($search, 'http') !== 0) {
 			goaway(z_root() . '/directory' . '?f=1&navsearch=1&search=' . $search);
 		}

@@ -216,7 +215,7 @@ class Search extends Controller {
 				}
 				if ($r) {
 					$str = ids_to_querystr($r, 'item_id');
-					$r   = q("select *, id as item_id from item where id in ( " . $str . ") order by created desc ");
+					$r   = dbq("select *, id as item_id from item where id in ( " . $str . ") order by created desc");
 				}
 			}
 			else {
@@ -234,7 +233,7 @@ class Search extends Controller {
 			$items = [];
 		}

-		if ($format == 'json') {
+		if ($format === 'json') {
 			$result = [];
 			require_once('include/conversation.php');
 			foreach ($items as $item) {
--- a/Zotlabs/Module/Settings.php
+++ b/Zotlabs/Module/Settings.php
@@ -1,7 +1,6 @@
 <?php
 namespace Zotlabs\Module; /** @file */

-require_once('include/zot.php');
 require_once('include/security.php');

 class Settings extends \Zotlabs\Web\Controller {
@@ -11,68 +10,68 @@ class Settings extends \Zotlabs\Web\Controller {
 	function init() {
 		if(! local_channel())
 			return;
-	
+
 		if($_SESSION['delegate'])
 			return;
-	
+
 		\App::$profile_uid = local_channel();
-	
+
 		// default is channel settings in the absence of other arguments
-	
+
 		if(argc() == 1) {
 			// We are setting these values - don't use the argc(), argv() functions here
 			\App::$argc = 2;
 			\App::$argv[] = 'channel';
-		}	
+		}

 		$this->sm = new \Zotlabs\Web\SubModule();
 	}
-	
-	
+
+
 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		if($_SESSION['delegate'])
 			return;
-	
+
 		// logger('mod_settings: ' . print_r($_REQUEST,true));
-	
+
 		if(argc() > 1) {
 			if($this->sm->call('post') !== false) {
 				return;
 			}
 		}
-	
+
 		goaway(z_root() . '/settings' );
 		return; // NOTREACHED
 	}
-	
-	
-	
+
+
+
 	function get() {
-	
+
 		nav_set_selected('Settings');
-	
+
 		if((! local_channel()) || ($_SESSION['delegate'])) {
 			notice( t('Permission denied.') . EOL );
 			return login();
 		}
-	
-	
+
+
 		$channel = \App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);
-	
+
 		$o = $this->sm->call('get');
 		if($o !== false)
 			return $o;

 		$o = '';

-	
-	}	
+
+	}
 }


--- a/Zotlabs/Module/Settings/Channel.php
+++ b/Zotlabs/Module/Settings/Channel.php
@@ -16,11 +16,11 @@ class Channel {
 		$channel = \App::get_channel();

 		check_form_security_token_redirectOnErr('/settings', 'settings');
-		
+
 		call_hooks('settings_post', $_POST);
-	
+
 		$set_perms = '';
-	
+
 		$role = ((x($_POST,'permissions_role')) ? notags(trim($_POST['permissions_role'])) : '');
 		$oldrole = get_pconfig(local_channel(),'system','permissions_role');

@@ -28,9 +28,9 @@ class Channel {
 		if($oldrole === 'social_party') {
 			$oldrole = 'social_federation';
 		}
-	
+
 		if(($role != $oldrole) || ($role === 'custom')) {
-	
+
 			if($role === 'custom') {
 				$hide_presence    = (((x($_POST,'hide_presence')) && (intval($_POST['hide_presence']) == 1)) ? 1: 0);
 				$publish          = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
@@ -38,18 +38,18 @@ class Channel {
 				$r = q("update channel set channel_default_group = '%s' where channel_id = %d",
 					dbesc($def_group),
 					intval(local_channel())
-				);	
-	
+				);
+
 				$global_perms = \Zotlabs\Access\Permissions::Perms();
-	
+
 				foreach($global_perms as $k => $v) {
 					\Zotlabs\Access\PermissionLimits::Set(local_channel(),$k,intval($_POST[$k]));
 				}
 				$acl = new \Zotlabs\Access\AccessList($channel);
 				$acl->set_from_array($_POST);
 				$x = $acl->get();
-	
-				$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', 
+
+				$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s',
 					channel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d",
 					dbesc($x['allow_cid']),
 					dbesc($x['allow_gid']),
@@ -93,13 +93,13 @@ class Channel {
 				}
 				// no default collection
 				else {
-					q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', 
+					q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '',
 						channel_deny_cid = '' where channel_id = %d",
 							intval(local_channel())
 					);
 				}

-				if($role_permissions['perms_connect']) {	
+				if($role_permissions['perms_connect']) {
 					$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
 					foreach($x as $k => $v) {
 						set_abconfig(local_channel(),$channel['channel_hash'],'my_perms',$k, $v);
@@ -110,7 +110,7 @@ class Channel {
 							del_pconfig(local_channel(),'autoperms',$k);
 						}
 					}
-				}	
+				}

 				if($role_permissions['limits']) {
 					foreach($role_permissions['limits'] as $k => $v) {
@@ -121,11 +121,11 @@ class Channel {
 					$publish = intval($role_permissions['directory_publish']);
 				}
 			}
-	
+
 			set_pconfig(local_channel(),'system','hide_online_status',$hide_presence);
 			set_pconfig(local_channel(),'system','permissions_role',$role);
 		}
-	
+
 		$username         = ((x($_POST,'username'))   ? notags(trim($_POST['username']))     : '');
 		$timezone         = ((x($_POST,'timezone_select'))   ? notags(trim($_POST['timezone_select']))     : '');
 		$defloc           = ((x($_POST,'defloc'))     ? notags(trim($_POST['defloc']))       : '');
@@ -135,36 +135,36 @@ class Channel {
 		$evdays           = ((x($_POST,'evdays'))     ? intval($_POST['evdays'])             : 3);
 		$photo_path       = ((x($_POST,'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : '');
 		$attach_path      = ((x($_POST,'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : '');
-	
+
 		$expire_items     = ((x($_POST,'expire_items')) ? intval($_POST['expire_items'])	 : 0);
 		$expire_starred   = ((x($_POST,'expire_starred')) ? intval($_POST['expire_starred']) : 0);
 		$expire_photos    = ((x($_POST,'expire_photos'))? intval($_POST['expire_photos'])	 : 0);
 		$expire_network_only    = ((x($_POST,'expire_network_only'))? intval($_POST['expire_network_only'])	 : 0);
-	
+
 		$allow_location   = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
-	
+
 		$blocktags        = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted!
 		$unkmail          = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0);
 		$cntunkmail       = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0);
-		$suggestme        = ((x($_POST,'suggestme')) ? intval($_POST['suggestme'])  : 0);  
-		$autoperms        = ((x($_POST,'autoperms')) ? intval($_POST['autoperms'])  : 0);  
-	
+		$suggestme        = ((x($_POST,'suggestme')) ? intval($_POST['suggestme'])  : 0);
+		$autoperms        = ((x($_POST,'autoperms')) ? intval($_POST['autoperms'])  : 0);
+
 		$post_newfriend   = (($_POST['post_newfriend'] == 1) ? 1: 0);
 		$post_joingroup   = (($_POST['post_joingroup'] == 1) ? 1: 0);
 		$post_profilechange   = (($_POST['post_profilechange'] == 1) ? 1: 0);
 		$adult            = (($_POST['adult'] == 1) ? 1 : 0);
 		$defpermcat       = ((x($_POST,'defpermcat')) ? notags(trim($_POST['defpermcat'])) : 'default');
-	
+
 		$mailhost        = ((array_key_exists('mailhost',$_POST)) ? notags(trim($_POST['mailhost'])) : '');
-	
+
 		$pageflags = $channel['channel_pageflags'];
 		$existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0);
 		if($adult != $existing_adult)
 			$pageflags = ($pageflags ^ PAGE_ADULT);
-	
-	
+
+
 		$notify = 0;
-	
+
 		if(x($_POST,'notify1'))
 			$notify += intval($_POST['notify1']);
 		if(x($_POST,'notify2'))
@@ -181,10 +181,10 @@ class Channel {
 			$notify += intval($_POST['notify7']);
 		if(x($_POST,'notify8'))
 			$notify += intval($_POST['notify8']);
-	
-	
+
+
 		$vnotify = 0;
-	
+
 		if(x($_POST,'vnotify1'))
 			$vnotify += intval($_POST['vnotify1']);
 		if(x($_POST,'vnotify2'))
@@ -215,13 +215,13 @@ class Channel {
 			$vnotify += intval($_POST['vnotify14']);
 		if(x($_POST,'vnotify15'))
 			$vnotify += intval($_POST['vnotify15']);
-	
+
 		$always_show_in_notices = x($_POST,'always_show_in_notices') ? 1 : 0;
-		
+
 		$err = '';
-	
+
 		$name_change = false;
-	
+
 		if($username != $channel['channel_name']) {
 			$name_change = true;
 			require_once('include/channel.php');
@@ -231,12 +231,12 @@ class Channel {
 				return;
 			}
 		}
-	
+
 		if($timezone != $channel['channel_timezone']) {
 			if(strlen($timezone))
 				date_default_timezone_set($timezone);
 		}
-	
+
 		set_pconfig(local_channel(),'system','use_browser_location',$allow_location);
 		set_pconfig(local_channel(),'system','suggestme', $suggestme);
 		set_pconfig(local_channel(),'system','post_newfriend', $post_newfriend);
@@ -251,7 +251,7 @@ class Channel {
 		set_pconfig(local_channel(),'system','default_permcat',$defpermcat);
 		set_pconfig(local_channel(),'system','email_notify_host',$mailhost);
 		set_pconfig(local_channel(),'system','autoperms',$autoperms);
-	
+
 		$r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d $set_perms where channel_id = %d",
 			dbesc($username),
 			intval($pageflags),
@@ -262,17 +262,17 @@ class Channel {
 			intval($maxreq),
 			intval($expire),
 			intval(local_channel())
-		);   
+		);
 		if($r)
 			info( t('Settings updated.') . EOL);
-	
+
 		if(! is_null($publish)) {
 			$r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d",
 				intval($publish),
 				intval(local_channel())
 			);
 		}
-	
+
 		if($name_change) {
 			// change name on all associated xchans by matching the url
 			$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_url = '%s'",
@@ -285,49 +285,49 @@ class Channel {
 				intval($channel['channel_id'])
 			);
 		}
-	
+
 		\Zotlabs\Daemon\Master::Summon(array('Directory',local_channel()));
-	
+
 		Libsync::build_sync_packet();
-	
-	
+
+
 		if($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) {
-	
+
 			// FIXME - set to un-verified, blocked and redirect to logout
 			// Q: Why? Are we verifying people or email addresses?
 			// A: the policy is to verify email addresses
 		}
-	
+
 		goaway(z_root() . '/settings' );
 		return; // NOTREACHED
 	}
-			
+
 	function get() {
-	
+
 		require_once('include/acl_selectors.php');
 		require_once('include/permissions.php');


 		$yes_no = array(t('No'),t('Yes'));
-	
-	
+
+
 		$p = q("SELECT * FROM profile WHERE is_default = 1 AND uid = %d LIMIT 1",
 			intval(local_channel())
 		);
 		if(count($p))
 			$profile = $p[0];
-	
+
 		load_pconfig(local_channel(),'expire');
-	
+
 		$channel = \App::get_channel();
-	
+
 		$global_perms = \Zotlabs\Access\Permissions::Perms();

 		$permiss = array();
-	
+
 		$perm_opts = array(
 			array( t('Nobody except yourself'), 0),
-			array( t('Only those you specifically allow'), PERMS_SPECIFIC), 
+			array( t('Only those you specifically allow'), PERMS_SPECIFIC),
 			array( t('Approved connections'), PERMS_CONTACTS),
 			array( t('Any connections'), PERMS_PENDING),
 			array( t('Anybody on this website'), PERMS_SITE),
@@ -335,10 +335,10 @@ class Channel {
 			array( t('Anybody authenticated'), PERMS_AUTHED),
 			array( t('Anybody on the internet'), PERMS_PUBLIC)
 		);
-	
+
 		$limits = \Zotlabs\Access\PermissionLimits::Get(local_channel());
 		$anon_comments = get_config('system','anonymous_comments',true);
-	
+
 		foreach($global_perms as $k => $perm) {
 			$options = array();
 			$can_be_public = ((strstr($k,'view') || ($k === 'post_comments' && $anon_comments)) ? true : false);
@@ -347,61 +347,61 @@ class Channel {
 					continue;
 				$options[$opt[1]] = $opt[0];
 			}
-			$permiss[] = array($k,$perm,$limits[$k],'',$options);			
+			$permiss[] = array($k,$perm,$limits[$k],'',$options);
 		}
-		
+
 		//		logger('permiss: ' . print_r($permiss,true));
-	
+
 		$username   = $channel['channel_name'];
 		$nickname   = $channel['channel_address'];
 		$timezone   = $channel['channel_timezone'];
 		$notify     = $channel['channel_notifyflags'];
 		$defloc     = $channel['channel_location'];
-	
+
 		$maxreq     = $channel['channel_max_friend_req'];
 		$expire     = $channel['channel_expire_days'];
 		$adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT);
 		$sys_expire = get_config('system','default_expire_days');
-	
+
 //		$unkmail    = \App::$user['unkmail'];
 //		$cntunkmail = \App::$user['cntunkmail'];
-	
+
 		$hide_presence = intval(get_pconfig(local_channel(), 'system','hide_online_status'));
-	
-	
+
+
 		$expire_items = get_pconfig(local_channel(), 'expire','items');
 		$expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1
-		
+
 		$expire_notes = get_pconfig(local_channel(), 'expire','notes');
 		$expire_notes = (($expire_notes===false)? '1' : $expire_notes); // default if not set: 1
-	
+
 		$expire_starred = get_pconfig(local_channel(), 'expire','starred');
 		$expire_starred = (($expire_starred===false)? '1' : $expire_starred); // default if not set: 1
-		
+
 		$expire_photos = get_pconfig(local_channel(), 'expire','photos');
 		$expire_photos = (($expire_photos===false)? '0' : $expire_photos); // default if not set: 0
-	
+
 		$expire_network_only = get_pconfig(local_channel(), 'expire','network_only');
 		$expire_network_only = (($expire_network_only===false)? '0' : $expire_network_only); // default if not set: 0
-	
-	
+
+
 		$suggestme = get_pconfig(local_channel(), 'system','suggestme');
 		$suggestme = (($suggestme===false)? '0': $suggestme); // default if not set: 0
-	
+
 		$post_newfriend = get_pconfig(local_channel(), 'system','post_newfriend');
 		$post_newfriend = (($post_newfriend===false)? '0': $post_newfriend); // default if not set: 0
-	
+
 		$post_joingroup = get_pconfig(local_channel(), 'system','post_joingroup');
 		$post_joingroup = (($post_joingroup===false)? '0': $post_joingroup); // default if not set: 0
-	
+
 		$post_profilechange = get_pconfig(local_channel(), 'system','post_profilechange');
 		$post_profilechange = (($post_profilechange===false)? '0': $post_profilechange); // default if not set: 0
-	
+
 		$blocktags  = get_pconfig(local_channel(),'system','blocktags');
 		$blocktags = (($blocktags===false) ? '0' : $blocktags);
-		
+
 		$timezone = date_default_timezone_get();
-	
+
 		$opt_tpl = get_markup_template("field_checkbox.tpl");
 		if(get_config('system','publish_all')) {
 			$profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />';
@@ -411,20 +411,20 @@ class Channel {
 				'$field' 	=> array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no),
 			));
 		}
-	
+
 		$suggestme = replace_macros($opt_tpl,array(
 				'$field' 	=> array('suggestme',  t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no),
-	
+
 		));
-	
+
 		$subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : '');

 		$webbie = $nickname . '@' . \App::get_hostname();
 		$intl_nickname = unpunify($nickname) . '@' . unpunify(\App::get_hostname());
-	
+

 		$tpl_addr = get_markup_template("settings_nick_set.tpl");
-	
+
 		$prof_addr = replace_macros($tpl_addr,array(
 			'$desc' => t('Your channel address is'),
 			'$nickname' => (($intl_nickname === $webbie) ? $webbie : $intl_nickname . '&nbsp;(' . $webbie . ')'),
@@ -447,27 +447,27 @@ class Channel {

 		$default_permcat = get_pconfig(local_channel(),'system','default_permcat','default');

-	
+
 		$stpl = get_markup_template('settings.tpl');
-	
+
 		$acl = new \Zotlabs\Access\AccessList($channel);
 		$perm_defaults = $acl->get();
-	
+
 		require_once('include/group.php');
 		$group_select = mini_group_select(local_channel(),$channel['channel_default_group']);
-	
+
 		$evdays = get_pconfig(local_channel(),'system','evdays');
 		if(! $evdays)
 			$evdays = 3;
-	
+
 		$permissions_role = get_pconfig(local_channel(),'system','permissions_role');
 		if(! $permissions_role)
 			$permissions_role = 'custom';
 		// compatibility mapping - can be removed after 3.4 release
-		if($permissions_role === 'social_party') 
+		if($permissions_role === 'social_party')
 			$permissions_role = 'social_federation';

-		if(in_array($permissions_role,['forum','repository'])) 	
+		if(in_array($permissions_role,['forum','repository']))
 			$autoperms = replace_macros(get_markup_template('field_checkbox.tpl'), [
 				'$field' =>  [ 'autoperms',t('Automatic membership approval'), ((get_pconfig(local_channel(),'system','autoperms')) ? 1 : 0), t('If enabled, connection requests will be approved without your interaction'), $yes_no ]]);
 		else
@@ -491,7 +491,7 @@ class Channel {

 		$o .= replace_macros($stpl,array(
 			'$ptitle' 	=> t('Channel Settings'),
-	
+
 			'$submit' 	=> t('Submit'),
 			'$baseurl' => z_root(),
 			'$uid' => local_channel(),
@@ -503,15 +503,15 @@ class Channel {
 			'$timezone' => array('timezone_select' , t('Your Timezone:'), $timezone, '', get_timezones()),
 			'$defloc'	=> array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')),
 			'$allowloc' => array('allow_location', t('Use Browser Location:'), ((get_pconfig(local_channel(),'system','use_browser_location')) ? 1 : ''), '', $yes_no),
-			
+
 			'$adult'    => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no),
-	
+
 			'$h_prv' 	=> t('Security and Privacy Settings'),
 			'$permissions_set' => $permissions_set,
 			'$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'),
-	
+
 			'$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no),
-	
+
 			'$lbl_pmacro' => t('Simple Privacy Settings:'),
 			'$pmacro3'    => t('Very Public - <em>extremely permissive (should be used with caution)</em>'),
 			'$pmacro2'    => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'),
@@ -519,9 +519,9 @@ class Channel {
 			'$pmacro0'    => t('Blocked - <em>default blocked to/from everybody</em>'),
 			'$permiss_arr' => $permiss,
 			'$blocktags' => array('blocktags',t('Allow others to tag your posts'), 1-$blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no),
-	
+
 			'$lbl_p2macro' => t('Channel Permission Limits'),
-	
+
 			'$expire' => array('expire',t('Expire other channel content after this many days'),$expire, t('0 or blank to use the website limit.') . ' ' . ((intval($sys_expire)) ? sprintf( t('This website expires after %d days.'),intval($sys_expire)) : t('This website does not expire imported content.')) . ' ' . t('The website limit takes precedence if lower than your limit.')),
 			'$maxreq' 	=> array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']) , t('May reduce spam activity')),
 			'$permissions' => t('Default Privacy Group'),
@@ -540,10 +540,10 @@ class Channel {
 			'$profile_in_dir' => $profile_in_dir,
 			'$hide_friends' => $hide_friends,
 			'$hide_wall' => $hide_wall,
-			'$unkmail' => $unkmail,		
+			'$unkmail' => $unkmail,
 			'$cntunkmail' 	=> array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']) ,t("Useful to reduce spamming")),
-			
-			'$autoperms' => $autoperms,			
+
+			'$autoperms' => $autoperms,
 			'$h_not' 	=> t('Notification Settings'),
 			'$activity_options' => t('By default post a status message when:'),
 			'$post_newfriend' => array('post_newfriend',  t('accepting a friend request'), $post_newfriend, '', $yes_no),
@@ -558,12 +558,12 @@ class Channel {
 			'$notify6'  => array('notify6', t('You receive a friend suggestion'), ($notify & NOTIFY_SUGGEST), NOTIFY_SUGGEST, '', $yes_no),
 			'$notify7'  => array('notify7', t('You are tagged in a post'), ($notify & NOTIFY_TAGSELF), NOTIFY_TAGSELF, '', $yes_no),
 			'$notify8'  => array('notify8', t('You are poked/prodded/etc. in a post'), ($notify & NOTIFY_POKE), NOTIFY_POKE, '', $yes_no),
-			
+
 			'$notify9'  => array('notify9', t('Someone likes your post/comment'), ($notify & NOTIFY_LIKE), NOTIFY_LIKE, '', $yes_no),
-			
-	
+
+
 			'$lbl_vnot' 	=> t('Show visual notifications including:'),
-	
+
 			'$vnotify1'	=> array('vnotify1', t('Unseen stream activity'), ($vnotify & VNOTIFY_NETWORK), VNOTIFY_NETWORK, '', $yes_no),
 			'$vnotify2'	=> array('vnotify2', t('Unseen channel activity'), ($vnotify & VNOTIFY_CHANNEL), VNOTIFY_CHANNEL, '', $yes_no),
 			'$vnotify3'	=> array('vnotify3', t('Unseen private messages'), ($vnotify & VNOTIFY_MAIL), VNOTIFY_MAIL, t('Recommended'), $yes_no),
@@ -581,12 +581,13 @@ class Channel {
 			'$vnotify15'	=> array('vnotify15', t('Unseen forum posts'), ($vnotify & VNOTIFY_FORUMS), VNOTIFY_FORUMS, '', $yes_no),
 			'$mailhost' => [ 'mailhost', t('Email notification hub (hostname)'), get_pconfig(local_channel(),'system','email_notify_host',\App::get_hostname()), sprintf( t('If your channel is mirrored to multiple hubs, set this to your preferred location. This will prevent duplicate email notifications. Example: %s'),\App::get_hostname()) ],
 			'$always_show_in_notices'  => array('always_show_in_notices', t('Show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no),
-	
-			'$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')),			
+			'$desktop_notifications_info' => t('Desktop notifications are unavailable because the required browser permission has not been granted'),
+			'$desktop_notifications_request' => t('Grant permission'),
+			'$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')),
 			'$basic_addon' => $plugin['basic'],
 			'$sec_addon'  => $plugin['security'],
 			'$notify_addon' => $plugin['notify'],
-	
+
 			'$h_advn' => t('Advanced Account/Page Type Settings'),
 			'$h_descadvn' => t('Change the behaviour of this account for special situations'),
 			'$pagetype' => $pagetype,
@@ -596,11 +597,11 @@ class Channel {
 			'$removeme' => t('Remove Channel'),
 			'$removechannel' => t('Remove this channel.'),
 		));
-	
+
 		call_hooks('settings_form',$o);
-	
+
 		//$o .= '</form>' . "\r\n";
-	
+
 		return $o;
 	}
 }
--- a/Zotlabs/Module/Settings/Display.php
+++ b/Zotlabs/Module/Settings/Display.php
@@ -24,7 +24,6 @@ class Display {


 		$preload_images    = ((x($_POST,'preload_images')) ? intval($_POST['preload_images'])  : 0);
-		$channel_menu      = ((x($_POST,'channel_menu')) ? intval($_POST['channel_menu'])  : 0);
 		$user_scalable     = ((x($_POST,'user_scalable')) ? intval($_POST['user_scalable'])  : 0);
 		$nosmile           = ((x($_POST,'nosmile')) ? intval($_POST['nosmile'])  : 0);
 		$title_tosource    = ((x($_POST,'title_tosource')) ? intval($_POST['title_tosource'])  : 0);
@@ -46,7 +45,6 @@ class Display {
 		set_pconfig(local_channel(),'system','itemspage', $itemspage);
 		set_pconfig(local_channel(),'system','no_smilies',1-intval($nosmile));
 		set_pconfig(local_channel(),'system','title_tosource',$title_tosource);
-		set_pconfig(local_channel(),'system','channel_menu', $channel_menu);
 		set_pconfig(local_channel(),'system','start_menu', $start_menu);

 		$newschema = '';
@@ -197,7 +195,6 @@ class Display {
 			'$ajaxint'   => array('browser_update',  t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')),
 			'$itemspage'   => array('itemspage',  t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 30 items')),
 			'$nosmile'	=> array('nosmile', t("Show emoticons (smilies) as images"), 1-intval($nosmile), '', $yes_no),
-			'$channel_menu' => [ 'channel_menu', t('Provide channel menu in navigation bar'), get_pconfig(local_channel(),'system','channel_menu',get_config('system','channel_menu',0)), t('Default: channel menu located in app menu'),$yes_no ],
 			'$title_tosource'	=> array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no),
 			'$theme_config' => $theme_config,
 			'$start_menu' => ['start_menu', t('New Member Links'), $start_menu, t('Display new member quick links menu'), $yes_no]
--- a/Show More
+++ b/Show More