Merge branch '8.4RC'

Owa compatibility for Friendica

See merge request hubzilla/core!2036

.gitignore

@@ -33,8 +33,10 @@ apps/
 home.html
 # page header plugin
 pageheader.html
-# Ignore site TOS
+# Ignore site TOS & gddpr
 doc/SiteTOS.md
+doc/*/SiteTOS.md
+doc/*/gdpr.md
 # themes except for redbasic
 view/theme/*
 !view/theme/redbasic
@@ -55,6 +57,7 @@ tests/results/
 .buildpath
 .externalToolBuilders
 .settings/
+.pydevproject
 # NetBeans project folder
 nbproject/
 # Kdevelop project files
@@ -75,3 +78,5 @@ composer.phar
 vendor/**/tests/
 vendor/**/Test/
 vendor/sabre/*/examples/
+# /info is a directory containing site-specific HTML documents
+/info/

.gitlab-ci.yml

@@ -1,7 +1,9 @@
 # Select image from https://hub.docker.com/_/php/
 #image: php:7.3
 # Use a prepared Hubzilla image to optimise pipeline duration
-image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+# image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+
+image: php:8.1
 
 stages:
   - test
@@ -35,7 +37,12 @@ before_script:
 - if [ -f /usr/local/etc/php/conf.d/z_prod.ini ]; then mv /usr/local/etc/php/conf.d/z_prod.ini /usr/local/etc/php/conf.d/z_prod.ini.off; fi
 # Install & enable Xdebug for code coverage reports
 - pecl install xdebug
+- apt-get update
+- apt-get install zip unzip libjpeg-dev libpng-dev -yqq
 - docker-php-ext-enable xdebug
+- docker-php-ext-install gd
+
+
 # Install composer
 - curl -sS https://getcomposer.org/installer | php
 # Install dev libraries from composer
@@ -43,31 +50,38 @@ before_script:
 # php.ini settings
 - echo 'xdebug.mode=coverage' >> /usr/local/etc/php/php.ini
 
-# hidden job definition with template for MySQL/MariaDB
-.job_template_mysql: &job_definition_mysql
+# hidden job definition with template for PHP
+.job_template_php: &job_definition_php
   stage: test
   script:
-  - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
-  - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
-  - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
   - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
 
+
+# hidden job definition with template for MySQL/MariaDB
+#.job_template_mysql: &job_definition_mysql
+#  stage: test
+#  script:
+#  - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+#  - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+#  - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+#  - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
+
 # hidden job definition with template for PostgreSQL
-.job_template_postgres: &job_definition_postgres
-  stage: test
-  services:
-  - postgres:latest
-  script:
-  - export PGPASSWORD=$POSTGRES_PASSWORD
-  - psql --version
-  - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT VERSION();"
+#.job_template_postgres: &job_definition_postgres
+#  stage: test
+#  services:
+#  - postgres:latest
+#  script:
+#  - export PGPASSWORD=$POSTGRES_PASSWORD
+#  - psql --version
+#  - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT VERSION();"
   # Import hubzilla's DB schema
-  - psql -h "postgres" -U "$POSTGRES_USER" -v ON_ERROR_STOP=1 --quiet "$POSTGRES_DB" < ./install/schema_postgres.sql
+#  - psql -h "postgres" -U "$POSTGRES_USER" -v ON_ERROR_STOP=1 --quiet "$POSTGRES_DB" < ./install/schema_postgres.sql
   # Show databases and relations/tables of hubzilla's database
   #- psql -h "postgres" -U "$POSTGRES_USER" -l
   #- psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;"
   # Run the actual tests
-  - vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox
+#  - vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox
 
 # hidden job definition with artifacts config template
 .artifacts_template:
@@ -82,56 +96,61 @@ before_script:
       - tests/results/
 
 
-# PHP7.3 with MySQL 5.7
-php7.3_mysql5.7:
-  <<: *job_definition_mysql
-  services:
-  - mysql:5.7
+# PHP8.1
+php8.1:
+  <<: *job_definition_php
+
+# PHP8.0 with MySQL 5.7
+#php8.0_mysql5.7:
+#  <<: *job_definition_mysql
+#  services:
+#  - mysql:5.7
 
 
-# PHP7.3 with MySQL 8 (latest)
-php7.3_mysql8:
-  <<: *job_definition_mysql
-  services:
-  - name: mysql:8
-    command: ["--default-authentication-plugin=mysql_native_password"]
+# PHP8.0 with MySQL 8 (latest)
+#php8.0_mysql8:
+#  <<: *job_definition_mysql
+#  services:
+#  - name: mysql:8
+#    command: ["--default-authentication-plugin=mysql_native_password"]
 
 
-# PHP7.3 with MariaDB 10.2
-php7.3_mariadb10.2:
-  <<: *job_definition_mysql
-  services:
-  - name: mariadb:10.2
-    alias: mysql
+# PHP8.0 with MariaDB 10.2
+#php8.0_mariadb10.2:
+#  <<: *job_definition_mysql
+#  services:
+#  - name: mariadb:10.2
+#    alias: mysql
 
 
-# PHP7.3 with MariaDB 10.3 (latest)
-php7.3_mariadb10.3:
-  <<: *job_definition_mysql
-  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
-  services:
-  - name: mariadb:10.3
-    alias: mysql
+# PHP8.0 with MariaDB 10.3 (latest)
+#php8.0_mariadb10.3:
+#  <<: *job_definition_mysql
+#  image: php:8.0
+  #image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+#  services:
+#  - name: mariadb:10.3
+#    alias: mysql
 
 
 # PHP7.3 with PostgreSQL latest (11)
-php7.3_postgres11:
-  <<: *job_definition_postgres
-  artifacts: *artifacts_template
+#php7.3_postgres11:
+#  <<: *job_definition_postgres
+#  artifacts: *artifacts_template
 
 
 # PHP7.3 with PostgreSQL latest (11)
-php7.3_postgres11:
-  <<: *job_definition_postgres
-  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
-  artifacts: *artifacts_template
+#php7.3_postgres11:
+#  <<: *job_definition_postgres
+#  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+#  artifacts: *artifacts_template
 
 
 # Generate Doxygen API Documentation and deploy it as GitLab pages
 pages:
   stage: deploy
   cache: {}
-  image: php:7-cli-alpine
+  image: php:8-cli-alpine
   before_script:
     - apk update
     - apk add doxygen ttf-freefont graphviz

CHANGELOG

@@ -1,3 +1,663 @@
+Hubzilla 8.4 (2023-05-17)
+	- Slightly rewrite Activity::store() to save a query
+	- Use act->objprop() in decode_note() to get activity values
+	- Make sure to re-discover a channel upon connecting if we have just an xchan but no hubloc
+	- Updated ES translations
+	- Updated RU translations
+	- Redesigned profile vcard to implement cover images
+	- Slightly improved discovery of AP quoted messages
+	- Updated bootstrap library
+	- Changed hashtag encoding to match mastodons expectations (issue #1750)
+	- Implement fedearted directory flags from trusted directory servers
+	- Use Activity::get_actor_hublocs() in Libzot::fetch_conversation() instead of custom queries
+	- Add the conversation endpoint
+	- Implement paginated fetch for zot requests in mod item
+	- Implement Zotconvo daemon to fetch conversations in the background
+	- Expose deleted channels to webfinger (otherwise we can not mark them deleted locally)
+	- Expire items in batches to prevent memory exhaustion
+	- Remove legacy zot compatibility tweaks
+	- Rewrite and simplify directory sync
+	- Improve potentially long running sql query finding the thread parent
+	- Implement option to override permissions for posts with mentions
+
+	Bugfixes
+	- Fix parent_mid and thr_parent not set correctly for response activities
+	- Fix query for postgres in attach_list_files()
+	- Fix item_url_replace() failing on arrays
+	- Fix OWA compatibility with friendica
+	- Fix regression in decoding the object type
+	- Fix xss vulnerability in justified gallery library
+	- Fix permissions not initialized after accepted follow request from AP
+	- Fix empty path passed to fopen()
+	- Fix % value in format_poll() not rounded
+	- Fix remove_all_xchan_resources() executed for local channels
+	- Fix likes not synced via libsync between clones
+
+	Addons
+	- Pubcrawl: fix xchan_url used as follow object instead of xchan_hash
+	- Channelreputation: moved to unmaintained repo due to duplication issues when storing data in pconfig
+	- Pubcrawl: add lemmy accept/reject follow quirks
+	- Diaspora: handle 4xx return codes in queue management
+	- Diaspora: fix fatal error in the case where parent_guid is set but empty
+	- Pubcrawl: if shared inbox delivery fails deliver to contacts instead of everybody we know from that site
+	- Articles: fix PHP error
+	- Diaspora: rewrite synced (from a clone) item author to primary
+	- Diaspora: improve reshare detection
+	- Diaspora: fix contact role not sets
+	- Pubcrawl: rewrite synced (from a clone) item author to primary
+	- Pubcrawl: if we receive a public message to the shared inbox deliver to following *and* directly addressed
+
+
+Hubzilla 8.2 (2023-03-19)
+	- Remove redundant untranslated htconfig templates
+	- Implement workaround for friendica image/attachment construct
+	- Implement notification exception for forum posts repeated by group actors
+	- Updated es translations
+	- Rewrite totp multifactor auth and move it from addon to core (ported from streams)
+	- Implement page load progress indicator for pwa standalone mode
+	- Improved mod HQ logic to save some DB lookups
+	- Default owner_xchan to sender in Activity::store() except for fetched items
+	- Improved contact search
+	- Do not force new thread if announce comes from group actor
+	- Disable oembed in notes app
+	- Improved queue handling
+	- Slightly restructure conv item head
+	- Implemet author images in HQ widget
+	- Implement author filter in HQ widget
+	- Add config option db_skip_locked_supported which should be set if the DB backend supports skip locked
+	- Updated simple pie library
+	- Updated smarty library
+	- Updated forkawesome library
+	- Updated fullcalendar library
+	- Implement native dark/light mode in favour of dark/light schema
+	- Updated bootstrap library
+
+	Bugfixes
+	- Fix channel calendar location html not interpreted - issue #1728
+	- Fix max oembed size check if content length header is an array
+	- Fix group actor wall posts turned into direct messages when posting article or card
+	- Fix non zot profile mentions using zrl tag
+	- Fix message filter > and < not decoded
+	- Fix deleted hublocs included in author lookup
+	- Fix some more PHP warnings
+	- Fix syntax for get_compund_property()
+	- Fix xchan_pubforum not set on actor updates
+	- Fix duplicate directory entries for xchans with bogus second primary entry
+	- Fix missing created timestamp in like activity - issue #1729
+	- Fix messages not signed when posting from non primary locations
+	- Fix pinned post regression
+	- Fix autocomplete items not selectable on mobile
+	- Fix hubloc confusion in Libzot::fetch_conversation()
+	- Fix valid duplicate notification entries deduplicated
+	- Fix ics file import
+	- Fix recipients deduplication in some places
+	- Fix hashtag encoded with href instead of id
+
+	Addons
+	- Pubcrawl: re-implement encrypted content which got lost in transition
+	- Pubcrawl: flag fetched items
+	- Totp: removed from addons in favor of implementation in core
+	- Pubcrawl: fix delivery issues for relayed activities
+	- Cart: fix missing bootstrap namespace
+	- Gallery: do not inject gallery code in webpages
+	- Pubcrawl: fix sql error if mentions string is empty
+	- Cart: fix paypal order hash size
+
+
+Hubzilla 8.0 (2023-01-13)
+	- Updated ru strings
+	- Implement ability to edit addon PDL with pdledit_gui and pdledit
+	- Implement queueworker auto sleep time
+	- Always add sys channel to receivers for public items
+	- Improved server sent events loop
+	- Exclude not tagable xchan networks handle_tag()
+	- Add mark html tag to the html2bbcode parser
+	- Embed or attach uploaded files depending on file type
+	- Changed logic to enable site only public stream - please revisit admin setting
+	- Updated nb-no strings
+	- Moved queueworker to core
+	- Provide a PDL file for mod invite and set the profile
+	- Disabled outdated context help
+	- Mark unseen items seen after a certain amount of time (default 90 days)
+	- Slightly restructure lib webfinger
+	- Improved redbasic dark schema
+	- Implement unseen thread and unseen items count in HQ widget
+	- In unseen items notifications just count the first 99 and display 99+ if there are more
+
+	Bugfixes
+	- Fix race conditions when processing multiple choice polls
+	- Fix affinity slider updates - issue #1714
+	- Fix issue where accounts created with a did2 could change their password
+	- Fix no message displayed if file not found in mod cloud
+	- Fix pubstream tagcloud unthreaded view
+	- Fix french invite template
+	- Fix comment permission issue in site only public stream
+	- Fix privacy tag not referring to latest hubloc entry
+	- Fix selected item not highlighted
+	- Fix poll issue when special chars and spaces are involved
+	- Fix prune_hub_reinstalls() to only care about zot6 hublocs
+	- Fix redis session PHP warnings
+	- Fix remote visitor photo uploads
+	- Fix mod shredwithme not showing any items
+	- Fix api_auth not referring to latest hubloc entry
+	- Fix category widget URLs
+	- Fix poller always polling broken feeds
+	- Fix sse event always triggered if public stream notification are off or the app is not installed
+	- Fix more PHP8 warnings
+	- Fix wrong variable in tag_deliver()
+	- Fix mod follow use trim() after punify() - issue #1698
+
+	Addons
+	- Cards: update widget info
+	- Articles: update widget info
+	- Wiki: update widget info
+	- Sse: filter apporvals
+	- Cards: use html_entity_decode before purify and html2plain for summary
+	- Articles: use html_entity_decode before purify and html2plain for summary
+	- Wiki: use html_entity_decode before purify and html2plain for summary
+	- Cards: fix comments not displayed if filter by category
+	- Articles: fix comments not displayed if filter by category
+	- Sse: respect the site public stream setting
+	- Queueworker: moved to core
+	- Pubcrawl: move db query out of foreach loop
+	- Pubcrawl: add mentions and thread owner to recipients for public items
+
+
+Hubzilla 7.8.7 (2022-12-03)
+	- Fix regression when adding feed contacts
+	- Fix regression new channel calendar event not created
+
+
+Hubzilla 7.8.6 (2022-11-14)
+	- Fix typo in boot.php
+
+
+Hubzilla 7.8.5 (2022-11-13)
+	- Fix outbound edit activity not of type update
+	- Fix mod display not falling through to fetch public item
+	- Fix more PHP warnings
+	- Fix regression in items_fetch() which resulted in empty atom feed
+	- Pubcrawl: cleanup and slightly restructre mod inbox
+
+
+Hubzilla 7.8.4 (2022-11-09)
+	- Fix new uuid created when editing a post
+
+
+Hubzilla 7.8.3 (2022-11-07)
+	- Fix regression where auto created directories were not created with public permissions
+	- Fix regression where pinned/featured state of apps was not displayed correctly
+
+
+Hubzilla 7.8.2 (2022-11-05)
+	- Pubcrawl: fix regression in inbox
+	- Fix display issue of shares coming from streams
+	- Throw a 404 if we could not determine which channel to load
+	- If we have a cached xchan/hubloc entry, make sure we fetch the latest
+	- Gallery: paint the background grid with css
+
+
+Hubzilla 7.8.1 (2022-10-26)
+	- Silence tons of PHP warnings in core
+	- Catch decryption failure edgecase in receiver
+	- Deal with conversation privacy mismatches in Activity::store()
+	- Composer libs updates
+	- Fix timeago strings not always translated
+	- Fix edit link regression in cards addon
+	- Fix edit link regression in article addon
+
+
+Hubzilla 7.8 (2022-10-10)
+	- Updated spanish translations
+	- Always update hubloc_updated timestamp if a hubloc is updated
+	- Do better with re-installs in various situations
+	- Update htconfig templates
+	- Emit an info if an item is deleted manually (issue #1691)
+	- Updated german translations
+	- Make Activity::actor_store() fetch the actor object if none is provided
+	- Check for various forms of as:Public for compatibility
+	- Cleanup dark schema
+	- Make use of CSS variables in redbasic
+	- Implement link hover color in redbasic
+	- Update to bootstrap version 5.2 which implements CSS variables
+
+	Bugfixes
+	- Fix stream filter for polls and events does not work anymore (issue #1694)
+	- Fix item menu display issue
+	- Fix HQ widget displaying superblocked items
+	- Fix mod poke
+	- Fix link to article or card not processed correctly if umlauts are involved (issue #1687)
+	- Fix mod siteinfo containing a dead link (issue #1690)
+	- Fix permission issue when displaying things (issue #1686).
+	- Fix check for existing profiles (issue #1688)
+	- Fix modal missing for conversation settings
+	- Fix missing closing div tag if there are no recent channel activities
+	- Fix issue where an unkown diaspora author was not imported if the comment arrived via a relayed activity
+	- Fix mangled xchan_url due to escape_tags()
+	- Fix the AP url not decode bin mod search
+	- Fix some php warnings
+
+	Addons
+	- Wiki: move create_missing_page() from widget to module
+	- Superblock: implement blocking for messages widget_item
+	- Diaspora: fix verification of relayed comments and likes
+	- Pubcrawl: make sure to store the attributedTo actor in announce activities
+	- Diaspora: fix issue where an unkown author was not imported if the comment arrived via a relayed activity
+
+
+Hubzilla 7.6.1 (2022-08-07)
+	Bugfixes
+	- Fix attachments displayed in visible response activities
+	- Fix wrong attribution in unseen like notifications
+
+	Addons
+	- Cards: fix widget not implemented via pdl file (requires re-install)
+	- Articles: fix widget not implemented via pdl file (requires re-install)
+	- Wiki: fix widget not implemented via pdl file (requires re-install)
+
+
+Hubzilla 7.6 (2022-07-26)
+	- Add filter rule to check for false condition
+	- Implement HQ dashboard to display recently created content for various modules
+	- Updated spanish translations
+	- Implement a max oembed size which defaults to 1MB
+	- Update composer libs
+
+	Addons
+	- Cart: do not attempt oembed
+	- Cards: implement channel_activities_widget for HQ dashboard
+	- Articles: implement channel_activities_widget for HQ dashboard
+	- Wiki: implement channel_activities_widget for HQ dashboard
+
+	Bugfixes
+	- Fix language filter filtering ambigous results
+	- Fix vcard-card background for dark schema
+	- Fix contact edit dialog not displayed in chrome browser
+	- Fix readability of category pills in dark schema
+	- Fix opengraph images inside zmg opening tag
+	- Fix oembed attempted for text previews
+
+
+Hubzilla 7.4 (2022-06-01)
+	- Updated russian translations
+	- Raise min PHP version to 8.0
+	- Rewrite inbound attachment handling
+	- Move photo flag feature from addon to core
+	- Adjust default production php logging
+	- Update composer libs
+	- Add a hidden config to enable the hs2019 http signature algorithm
+	- Allow starring of pubstream items
+	- Update spanish translations
+	- Add the title in forum post reshares if applicable
+	- Implement inbound pleroma reactions
+	- Add real name info to the navbar template data
+	- Add the updated date to the icon url so that other platforms will pick it up on change
+	- Move wiki from core to addon
+	- Move articles from core to addon
+	- Move cards from core to addon
+
+	Addons
+	- Rendezvous: add missing default value to sql schema
+	- Wiki: moved from core to addons
+	- Articles: moved from core to addons
+	- Cards: moved from core to addons
+	- Photoflag: moved to core
+	- Sse: fix issue where notifications were emited for created tasks
+
+	Bugfixes
+	- Fix issue where inbound activitypub items lost image descriptions (issue 1679)
+	- Fix issue where observer tags were not rendered correctly in event items (issue 1674)
+	- Fix forum posts leaked into network stream
+	- Fix tags not found in search if not logged in (issue 1677)
+	- Fix dislikes causing stuck notifications (issue 1676)
+
+
+Hubzilla 7.2.2 (2022-04-26)
+	- Fix item_verified not set due to data structure changes
+
+
+Hubzilla 7.2.1 (2022-04-25)
+	- Fix changing profile image from new member widget - issue #1671
+	- Fix regression with incoming poll answers from activitypub introduced in 7.2
+	- Fix addons not removed from the DB when removed from the filesystem
+	- Fix regression in attaching images for activitypub introduced in 7.2
+	- Move activitypub addressing from core to the pubcrawl addon
+	- Fix hub re-install issues
+	- Fediwordle: slightly improved algorithm
+
+
+Hubzilla 7.2 (2022-03-29)
+	- Streamline comment policy with downstream project
+	- Add new function is_local_url()
+	- Add helper function to escape URLs
+	- Add signing algorithm to zotinfo()
+	- Store signing algorithm in import_xchan()
+	- Use bootstrap-nightfall for redbasic:dark schema
+	- Add support for hs2019
+	- Remove unused function script_path()
+	- Move login and register button into the hamburger menu for small screens
+	- Collect accept headers in an array instead of a concatenated string
+	- Update composer libs
+	- Enhanced content filters
+	- Improve mod gprobe to also deal with URLs
+	- Adapt unseen forum posts query in mod network to new forum post style
+	- Remove deprecated widgets
+	- Add inbound support for quoteUrl to Lib/Activity
+	- Add widget descriptions
+	- Add a GUI for the PDL editor
+
+	Addons
+	- Pubcrawl: deprecate as.php in favor of core libs
+	- Pubcrawl: rewrite/modernize mod inbox
+	- Pubcrawl: reflect core enhanced content filter changes
+	- Diaspora: reflect core enhanced content filter changes
+	- Fediwordle: new addon - a distributed word game inspired by wordle
+	- Pubcrawl: streamline post_local hook with diaspora
+
+	Bugfixes
+	- Fix comments_closed date on posts where comments are disabled
+	- Fix open redirect via rpath query param (CVE-2022-27256)
+	- Fix cross-site scripting via rpath query param (CVE-2022-27258)
+	- Fix local file inclusion in redbasic theme (CVE-2022-27257)
+	- Fix baseurl for css and js
+	- Fix duplicate IDs in login form
+	- Fix unknown author not fetched if w2w comment arrives
+	- Fix thr_parent lost across edits
+
+
+Hubzilla 7.0.3 (2022-02-10)
+	- Allow to override the charset for the PDO connection string via $db_charset in .htconfig.php
+
+
+Hubzilla 7.0.2 (2022-02-09)
+	- Update french templates
+	- Add charset to the PDO connection strings
+	- Introduce delete keytype for get_activitystreams_key()
+	- Fix PHP error in Daemon/Externals
+	- Improved actor cache handling
+	- Implement manual fetch of packed local links
+	- Add JSalmon data to the meta field instead of data in Lib/ActivityStreams
+	- Fix some PHP8.1 deprecation warnings
+	- Fix delivery report for likes not found in some cases
+	- Allow zotfinger to recurse through all known hublocs if the one we got does not exist (404) or got removed (410)
+	- Diaspora: improve relaying of comments
+	- Fix regression in mod hcard
+	- Add the LD signature in Daemon/Notifier in case where there is no signed data available
+	- Prevent zot6 packet being saved as AP raw message
+	- Attach iconfig to the activity instead of the activity object
+
+	Addons
+	- Pubcrawl: make sure the sys channel falls through the app installed check
+	- Pubcrawl: improve local delivery of shared inbox items
+
+
+Hubzilla 7.0.1 (2022-01-28)
+	- Fix removing contacts from privacy groups in the contact edit modal
+	- Fix escape_tags() messing with URLs in actor_store()
+	- Fix pagination in the cards module if a category is selected
+	- Remove unused entries in webfinger
+	- Remove deprecated mail app from apps
+	- Set item_hidden for forum comment announces
+	- Fix relaying of signed messages for activitypub
+	- Fix contact role permissions not re-assigned if the role permission has changed
+	- Fix default channel role not set in rare cases
+
+	Addons
+	- Pubcrawl: fix webfinger not returning the fetched URL
+	- Pubcrawl: improved queue handling for rejected deliveries
+
+
+Hubzilla 7.0 (2022-01-21)
+	- Provide theme_color and background_color in App::$theme_info for usage in page meta and manifest
+	- PWA improvements according to lighthouse
+	- Refactor mod profile_photo
+	- Remove core legacy mail code
+	- Set session samesite cookie flag
+	- Improve toc bbcode for more flexible usecases
+	- Deprecate include/group in favor of Lib/AccessList
+	- Deprecate AccessList::widget()
+	- Mark forum channel profile images with a small icon in the timelines
+	- Improve privacy groups UI/UX
+	- Do not show connections widget if there are no connections
+	- Remove suggestions widget from various modules
+	- Provide guest access links for private resources in lockview
+	- Improve pconfig syncing
+	- deprecate include/group in favor of Lib/AccessList
+	- Implement background deleting of items in contact_remove()
+	- Refactor guest access tokens for better usability and provide quick access
+	- Refactor permissions handling
+	- Improved poll rendering
+
+	Bugfixes
+	- Fix items not deleted on remote channel purge
+	- Fix plink in post_activity_item()
+	- Fix multiple update_poll() calls dismissed in queueworker
+	- Fix blocked or ignored contacts displayed in connections
+	- Fix polls for forum channels
+
+	Addons:
+	- Legacy mail: remove
+	- Deprecate include/group in favor of Lib/AccessList
+	- Pubcrawl: support pleroma end time for polls
+	- Pubcrawl: slightly adjust the way we check mastodon direct messages
+	- Socialauth: scope support and improvements
+
+
+Hubzilla 6.4.2 (2021-12-14)
+	- Fix issue in mod sse_bs where returning message id's were assumed to be base64 encoded
+	- Fix announce activity type not registered as response activity
+
+
+Hubzilla 6.4.1 (2021-12-03)
+	- Fix hubloc_site_id in fix_system_urls() on detected site rename events
+	- Fix duplicate deliveries if duplicate hublocs available
+	- Redesign profile vcard for improved responsive handling
+	- Fix profile photos not stored in profile photo folder
+	- Maximum width of content region is now calculated in rem for improved responsive handling
+	- Fix likes notices emited allthough they are disabled
+	- Fix page not reloaded after comment/like in mod photos - issue #1651
+	- Port improved Lib/HttpMeta from zap
+	- Improved responsive aside
+
+
+Hubzilla 6.4 (2021-11-09)
+	- Automatically connect the invitee with the inviting channel
+	- Use the composer version of urlify
+	- Implement zip file import of exported items from mod uexport
+	- Start sending supported protocols with the actor object
+	- Split up manual item export to separate sections
+	- Serve w3.org jsonld documents locally - issue #1637
+	- Support IDNA URL embedding
+	- Improve handling of re-installed hubs in lib HTTPSig
+	- BBcode support for notes widget/app
+	- Implement a force flag for HTTPSig::get_key()
+	- Update composer libs
+	- Use Libzot::fetch_conversation for manual content import
+	- Implement optional force argument in Libzot::process_delivery
+	- Improve german doco
+	- Move sync logic for apps to mod appman
+	- Provide sync for system apps
+	- Update certificates
+	- Return status code 410 if a channel is deleted
+	- Add optional argument to channelx_by_* functions to allow inclusion of removed channels
+	- Improve file upload performance
+	- Introduce progress tracking for channel cloning via network (not compatible with cloning from older versions)
+	- Improve channel delete performance by moving some actions to background tasks
+	- Introduce all in one channel cloning via network (not compatible with cloning from older versions)
+	- Rename zotfeed to outbox but keep an alias for compatibility
+	- Implement apps un-starring from the app bin via drag and drop
+	- Re-implement the externals daemon
+	- Add zot6 specific handling to onepoll
+	- Implement the top option in items_fetch() which will only return top level items
+	- Add notices tab to HQ widget
+	- Improve mod manage performance
+	- Add option to mark all notices of a thread read if a notice of the thread is clicked (default true)
+	- Provide a get_cached_actor_provider hook and improve the author/owner handling in Libzot::import()
+
+	Bugfixes
+	- Fix issue where remote channels could not create wiki pages due to wron permission check - issue #1640
+	- Fix dutch registration email template
+	- Fix selection of invite template
+	- Fix too restrictive email check in mod invite
+	- Fix photos and albums ActivityStreams 2 representation
+	- Fix keys always fetched from network in lib HTTPSig for some AP implementations
+	- Fix album display of root directory
+	- Fix onepoll importing to deleted channels
+	- Fix rendering of image tags in codeblocks
+	- Fix webfinger and xrd providing results for removed channels
+	- Fix alt_pager() providing too many arguments
+	- Fix drop_query_params() if no query params are provided
+	- Fix duplicate entries for dead hubs in delivery report
+	- Fix site lookup
+	- Fix mod locs displaying drop icons for local channels
+	- Fix multiple issues with propagating deletes of cloned channels
+	- Fix apps can be draged outsite of drop areas
+	- Fix removed channels counted in max id check
+	- Fix api_auth not fetching the id if it was not cached
+	- Fix public stream unseen notifications displayed allthough the app is not installed
+	- Fix possible storage conversion stuck on file save error
+	- Fix notification panel collapsed state not saved if closed manually
+	- Fix find_best_identity() dismissing AP hublocs
+	- Fix likes and commments on direct messages mixed up in notices
+	- Fix rewrite of links to resources in body fails if nicknames of clones differ - issue #1507
+	- Fix syncing outdated data due to profile sync done before the fields were updated
+	- Fix $desturl set to wrong value (null)
+
+	Addons
+	- Cart: add settings URL to the apd file
+	- Diaspora: remove deprecated included
+	- Cart: remove deprecated include
+	- Openid: remove library/urlify in favor of composer installed versions
+	- Pubcrawl: provide tags indicating the supported protocols
+	- Pubcrawl: if we do not get an uuid, create a v5 uuid from the mid
+	- Cart: fix rendering regressions from bootstrap5 upgrade
+	- Upgrade_info: fix dismiss button
+	- Pubcrawl: move fetch_provider from core to addon
+	- Diaspora: fix regression in fetch_provider
+	- Content_import: fix syntax error
+	- Queueworker: update priorities
+	- Pubcrawl: only lookup announce author if we actually deal with an announce
+	- Pubcrawl: make sure we have the best identity before we make the abook lookup
+	- Pubcrawl: outbox moved to core
+	- Diaspora: implement the get_cached_actor_provider hook
+
+
+Hubzilla 6.2.2 (2021-10-03)
+	- Fix an issue which could lead to loss of photos under certain conditions
+
+
+Hubzilla 6.2.1 (2021-09-16)
+	- Fix regression introduced in 6.2 where Diaspora comments on Hubzilla posts were not relayed
+	- Fix wrong variable used for refresh under certain conditions
+	- Fix issue where summary tag was processed in cleanup_bbcode() while it shoud not
+	- Fix issue where profile name change was not applied if done from non primary location
+	- Fix spacing issue for collapsed pinned apps with an image
+	- Fix language selector reloading the page if not clicking exactly the icon
+	- Fix regression displaying bootstrap modals introduced in 6.2
+
+
+Hubzilla 6.2 (2021-09-08)
+	- Deprecate the custom highlight [hl] bbcode in favor of [mark] which is a html5 standard
+	- Check post_mail permission when receiving a direct message
+	- Refactor actor store and cache mechanism
+	- Add optional strict flag (false) to base64url_decode() which is passed on to base64_decode()
+	- Update russian translations
+	- Add optional force flag (false) to Activity::actor_store()
+	- Improved icon lookup for actor objects
+	- Improved desktop notifications
+	- Make Hubzilla installable as PWA in supported browsers
+	- Capitalized widget titles (redbasic)
+	- Make images loaded counter showing % loaded instead of actual image count
+	- Deprecate optional channel menu in favor of extended app bin
+	- Implement infrastructure to provide an app install widget for modules
+	- Implement app descriptions
+	- Implement app drag and drop sorting
+	- Implement app drag and drop pinning/starring
+	- Update polish translations
+	- Update to bootstrap 5 and adjust templates
+
+	Bugfixes
+	- Fix anonymous comments for cards and articles
+	- Resolve regex interference between contact and channel autocomplete
+	- Fix files stored in wrong directory when uploaded in the photo module
+	- Fix records with empty public key selected for OWA
+	- Fix import_author_zot failing if primary is both dead and unknown - issue #1599
+	- Fix regression with bookmarks
+	- Fix pubstream notifications link redirecting to mod hq when not local
+	- Cleanup legacy mail leftovers - issue #1595
+	- Fix getimagesize() called with empty path
+	- Fix display issue caused by redundant closing div tag
+
+	Addons
+	- Pubcrawl: fix post to forum - issue #159
+	- Diaspora: implement post_mail permissions for direct messages
+	- Pubcrawl: implement post_mail permissions for direct messages
+	- Pubcrawl: deprecate asencode_person() in favor of Activity::encode_person()
+	- Pubcrawl: implement Activity::get_actor_collections() to reflect core actor store changes
+	- Diaspora: fix use of deprecated function
+	- Twitter: prevent re-retweeting of a post from a clone if it has already been sent
+	- Totp: use platform name instead of banner text
+	- Pubcrawl: use force flag when updating an actor
+	- Sse: do not process possible empty hashes
+	- Implement app descriptions for addons that already support the apps infrastructure
+
+
+Hubzilla 6.0.1 (2021-07-27)
+	- Fix regression in notification handling introduced in 6.0
+	- Fix regression in regard to unified session page load times introduced in 6.0
+	- Fix photo description textarea only available if create status post enabled
+	- Fix item not found by message id at clone locations
+	- Dismiss deleted xchans in mod chanview
+
+
+Hubzilla 6.0 (2021-07-09)
+	- Implement swipe to right for bringing in left aside
+	- DB update 1247 to clean up bogus entries in updates
+	- DB update 1246 to mark legacy zot xchans and hublocs deleted
+	- Implement desktop notifications
+	- Emit a warning if the calendar for the created event is disabled
+	- Add an option to drop media for bbcode processing
+	- Make mod HQ the default landing page after login
+	- Implement direct messages view for mod HQ
+	- Implement public/restricted messages view for mod HQ
+	- Implement starred messages view for mod HQ (only available if the Star Posts feature is enabled)
+	- Update composer libs
+	- Remove deprecated mod ping
+	- Remove legacy zot libs and functions - major cleanup
+
+	Bugfixes
+	- Fix deleting and starring in unthreaded view
+	- Fix issue where incomplete datasets were stored into updates
+	- Fix photo item tags not stored and propagated
+	- Fix notifications not loading if a filter was applied
+	- Fix in browser email validation for registrations
+	- Fix directory sync issues
+	- Fix issue where the original rawmsg iconfig got overwritten
+	- Fix unmaintained id3 pareser for PHP8
+	- Fix item_private state for imported items
+	- Random PHP8 fixes (ongoing)
+
+	Addons
+	- Pubcrawl: fix ld-signature for profile updates
+	- Pubcrawl: deprecate as_actor_store() in favor of Activity::actor_store()
+	- Twitter: prevent duplicated tweets
+	- Remove legacy zot dpendencies and deprecated functions
+	- Pubcrawl: fix remote reply for peertube
+	- Pubcrawl: fix issue where we could end up with an xchan but without hubloc
+	- Diaspora: implement the direct_message_recipients hook
+	- Queueworker: add a simple priority mechanism to prevent not so important janitor tasks (e.g. onedirsync) stuffing up the queue and delaying delivery of items
+	- Pubcrawl: implement direct message recognision for activities coming from Mastodon
+	- Pubcrawl: always show complete threads (complete as in all the messages we have received) in public stream
+	- Twitter_api: remove the mail endpoint
+	- Mail: make interface read only with the possibility to download and delete mails (this addon will be removed in a future version)
+	- Pubsubhubbub: move to addons-unmaintained
+	- GNU-Social: move to addons-unmaintained
+	- Fixes to reflect core notifier changes
+	- Diaspora: refactor conversations a.k.a mail to implement direct messages infrastructure
+	- Pubcrawl: allow hublocs to be upgraded from ostatus
+	- Diaspora: fix issue where we could end up with an xchan but without hubloc
+
+
 Hubzilla 5.6.1 (2021-06-04)
 	- Update spanish translations
 	- Fix login name label if register email verification is disabled

SBOM.md

@@ -2,20 +2,21 @@
 
 |Name|Version|License|Source|
 |----|-------|-------|------|
-|blueimp/jquery-file-upload|10.31.0.0|MIT|https://github.com/vkhramtsov/jQuery-File-Upload.git|
-|brick/math|0.9.2.0|MIT|https://github.com/brick/math.git|
+|blueimp/jquery-file-upload|10.32.0.0|MIT|https://github.com/vkhramtsov/jQuery-File-Upload.git|
+|brick/math|0.9.3.0|MIT|https://github.com/brick/math.git|
 |bshaffer/oauth2-server-php|1.11.1.0|MIT|https://github.com/bshaffer/oauth2-server-php.git|
-|commerceguys/intl|1.0.7.0|MIT|https://github.com/commerceguys/intl.git|
+|commerceguys/intl|1.1.0.0|MIT|https://github.com/commerceguys/intl.git|
 |desandro/imagesloaded|4.1.4.0|MIT|https://github.com/desandro/imagesloaded.git|
 |ezyang/htmlpurifier|4.13.0.0|LGPL-2.1-or-later|https://github.com/ezyang/htmlpurifier.git|
-|league/html-to-markdown|4.10.0.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
+|jbroadway/urlify|1.2.2.0|BSD-3-Clause-Clear|https://github.com/jbroadway/urlify.git|
+|league/html-to-markdown|5.0.1.0|MIT|https://github.com/thephpleague/html-to-markdown.git|
 |lukasreschke/id3parser|0.0.3.0|GPL|https://github.com/LukasReschke/ID3Parser.git|
 |michelf/php-markdown|1.9.0.0|BSD-3-Clause|https://github.com/michelf/php-markdown.git|
 |pear/text_languagedetect|1.0.1.0|BSD-2-Clause|https://github.com/pear/Text_LanguageDetect.git|
-|phpseclib/phpseclib|2.0.30.0|MIT|https://github.com/phpseclib/phpseclib.git|
-|psr/log|1.1.3.0|MIT|https://github.com/php-fig/log.git|
-|ramsey/collection|1.1.3.0|MIT|https://github.com/ramsey/collection.git|
-|ramsey/uuid|4.1.1.0|MIT|https://github.com/ramsey/uuid.git|
+|phpseclib/phpseclib|2.0.33.0|MIT|https://github.com/phpseclib/phpseclib.git|
+|psr/log|1.1.4.0|MIT|https://github.com/php-fig/log.git|
+|ramsey/collection|1.2.2.0|MIT|https://github.com/ramsey/collection.git|
+|ramsey/uuid|4.2.3.0|MIT|https://github.com/ramsey/uuid.git|
 |sabre/dav|4.1.5.0|BSD-3-Clause|https://github.com/sabre-io/dav.git|
 |sabre/event|5.1.2.0|BSD-3-Clause|https://github.com/sabre-io/event.git|
 |sabre/http|5.1.1.0|BSD-3-Clause|https://github.com/sabre-io/http.git|
@@ -23,9 +24,13 @@
 |sabre/vobject|4.3.5.0|BSD-3-Clause|https://github.com/sabre-io/vobject.git|
 |sabre/xml|2.2.3.0|BSD-3-Clause|https://github.com/sabre-io/xml.git|
 |simplepie/simplepie|1.5.6.0|BSD-3-Clause|https://github.com/simplepie/simplepie.git|
-|smarty/smarty|3.1.38.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
-|symfony/polyfill-ctype|1.22.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
-|twbs/bootstrap|4.6.0.0|MIT|https://github.com/twbs/bootstrap.git|
+|smarty/smarty|3.1.39.0|LGPL-3.0|https://github.com/smarty-php/smarty.git|
+|symfony/polyfill-ctype|1.23.0.0|MIT|https://github.com/symfony/polyfill-ctype.git|
+|symfony/polyfill-php80|1.23.1.0|MIT|https://github.com/symfony/polyfill-php80.git|
+|symfony/polyfill-php81|1.23.0.0|MIT|https://github.com/symfony/polyfill-php81.git|
+|twbs/bootstrap|5.1.3.0|MIT|https://github.com/twbs/bootstrap.git|
+|voku/portable-ascii|1.5.6.0|MIT|https://github.com/voku/portable-ascii.git|
+|voku/stop-words|2.0.1.0|MIT|https://github.com/voku/stop-words.git|
 |fullcalendar/fullcalendar|4.4.2.0|MIT|https://github.com/fullcalendar/fullcalendar.git|
 |miromannino/Justified-Gallery|3.8.1.0|MIT|https://github.com/miromannino/Justified-Gallery.git|
 |fengyuanchen/cropperjs|1.5.7.0|MIT|https://github.com/fengyuanchen/cropperjs.git|

ServiceWorker.js

@@ -0,0 +1,10 @@
+// This file should be served from the web root to avoid scope and cookie related issues with some browsers
+self.addEventListener('install', function(e) {
+	console.log('install event');
+});
+
+self.addEventListener('fetch', function(e) {
+	// nothing here yet
+	return;
+});
+

Zotlabs/Access/AccessList.php

@@ -139,6 +139,11 @@ class AccessList {
 	 * @param boolean $explicit (optional) default true
 	 */
 	function set_from_array($arr, $explicit = true) {
+		$arr['contact_allow'] = $arr['contact_allow'] ?? [];
+		$arr['group_allow'] = $arr['group_allow'] ?? [];
+		$arr['contact_deny'] = $arr['contact_deny'] ?? [];
+		$arr['group_deny'] = $arr['group_deny'] ?? [];
+
 		$this->allow_cid = perms2str((is_array($arr['contact_allow']))
 			? $arr['contact_allow'] : explode(',', $arr['contact_allow']));
 		$this->allow_gid = perms2str((is_array($arr['group_allow']))

Zotlabs/Access/PermissionLimits.php

@@ -89,4 +89,4 @@ class PermissionLimits {
 
 		return false;
 	}
-}
+}

Zotlabs/Access/PermissionRoles.php

@@ -17,7 +17,7 @@ class PermissionRoles {
 	 * @return number
 	 */
 	static public function version() {
-		return 2;
+		return 3;
 	}
 
 	static function role_perms($role) {
@@ -27,6 +27,54 @@ class PermissionRoles {
 		$ret['role'] = $role;
 
 		switch($role) {
+
+			case 'public':
+				$ret['default_collection'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'post_wall', 'chat', 'post_like', 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['post_comments'] = PERMS_AUTHED;
+				$ret['limits']['post_mail'] = PERMS_AUTHED;
+				$ret['limits']['post_like'] = PERMS_AUTHED;
+				$ret['limits']['chat'] = PERMS_AUTHED;
+				break;
+
+			// Hubzilla default role
+			case 'personal':
+				$ret['default_collection'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'chat', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+				break;
+
+			case 'group':
+				$ret['default_collection'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'post_wall', 'post_comments',
+					'post_mail', 'post_like', 'chat'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['channel_type'] = 'group';
+				break;
+
+			// Provide some defaults for the custom role so that we do not start
+			// with no permissions at all if we create a new channel with this role
+			case 'custom':
+				$ret['default_collection'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'chat', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				break;
+
+/*
 			case 'social':
 				$ret['perms_auto'] = false;
 				$ret['default_collection'] = false;
@@ -193,13 +241,14 @@ class PermissionRoles {
 				$ret['channel_type'] = 'group';
 
 				break;
+*/
 
-			case 'custom':
 			default:
 				break;
 		}
 
 		$x = get_config('system','role_perms');
+
 		// let system settings over-ride any or all
 		if($x && is_array($x) && array_key_exists($role,$x))
 			$ret = array_merge($ret,$x[$role]);
@@ -284,6 +333,7 @@ class PermissionRoles {
 	 */
 	static public function roles() {
 		$roles = [
+
 			t('Social Networking') => [
 				'social_federation' => t('Social - Federation'),
 				'social' => t('Social - Mostly Public'),
@@ -317,4 +367,29 @@ class PermissionRoles {
 		return $roles;
 	}
 
+	/**
+	 * @brief Array with translated role names and grouping.
+	 *
+	 * Return an associative array with role names that can be used
+	 * to create select groups like in \e field_select_grouped.tpl.
+	 *
+	 * @return array
+	 */
+	static public function channel_roles() {
+		$channel_roles = [
+			//'public' => [t('Public'), t('A very permissive role suited for participation in the fediverse')],
+			//'personal' => [t('Personal'), t('The $Projectname default role suited for a personal channel')],
+			//'forum' => [t('Community forum'), t('This role configures your channel to act as an community forum')],
+			//'custom' => [t('Custom'), t('This role comes with the presets of the personal role but allows you to configure it to your needs')]
+			'public' => t('Public'),
+			'personal' => t('Personal'),
+			'group' => t('Community forum'),
+			'custom' => t('Custom')
+		];
+
+		call_hooks('list_channel_roles', $channel_roles);
+
+		return $channel_roles;
+	}
+
 }

Zotlabs/Access/Permissions.php

@@ -41,7 +41,7 @@ class Permissions {
 	 * @return number
 	 */
 	static public function version() {
-		return 2;
+		return 3;
 	}
 
 	/**
@@ -65,11 +65,11 @@ class Permissions {
 			'write_wiki'    => t('Can write to my wiki pages'),
 			'post_wall'     => t('Can post on my channel (wall) page'),
 			'post_comments' => t('Can comment on or like my posts'),
-			'post_mail'     => t('Can send me private mail messages'),
+			'post_mail'     => t('Can send me direct messages'),
 			'post_like'     => t('Can like/dislike profiles and profile things'),
-			'tag_deliver'   => t('Can forward to all my channel connections via ! mentions in posts'),
 			'chat'          => t('Can chat with me'),
-			'republish'     => t('Can source my public posts in derived channels'),
+			'republish'     => t('Can source/mirror my public posts in derived channels'),
+			//'tag_deliver'   => t('Can forward to my contacts via direct messages (forum)'),
 			'delegate'      => t('Can administer my channel')
 		];
 
@@ -217,25 +217,23 @@ class Permissions {
 
 		$my_perms  = [];
 		$permcat   = null;
-		$automatic = 0;
+		$automatic = get_pconfig($channel_id, 'system', 'autoperms');
 
 		// If a default permcat exists, use that
 
-		$pc = ((feature_enabled($channel_id, 'permcats')) ? get_pconfig($channel_id, 'system', 'default_permcat') : 'default');
-		if (!in_array($pc, ['', 'default'])) {
-			$pcp     = new Zlib\Permcat($channel_id);
-			$permcat = $pcp->fetch($pc);
-			if ($permcat && $permcat['perms']) {
-				foreach ($permcat['perms'] as $p) {
-					$my_perms[$p['name']] = $p['value'];
-				}
+		$pc = get_pconfig($channel_id, 'system', 'default_permcat', 'default');
+		$pcp     = new Zlib\Permcat($channel_id);
+		$permcat = $pcp->fetch($pc);
+		if ($permcat && $permcat['perms']) {
+			foreach ($permcat['perms'] as $p) {
+				$my_perms[$p['name']] = $p['value'];
 			}
 		}
 
 		// look up the permission role to see if it specified auto-connect
 		// and if there was no permcat or a default permcat, set the perms
 		// from the role
-
+/*
 		$role = get_pconfig($channel_id, 'system', 'permissions_role');
 		if ($role) {
 			$xx = PermissionRoles::role_perms($role);
@@ -247,11 +245,12 @@ class Permissions {
 				$my_perms      = Permissions::FilledPerms($default_perms);
 			}
 		}
+*/
 
 		// If we reached this point without having any permission information,
 		// it is likely a custom permissions role. First see if there are any
 		// automatic permissions.
-
+/*
 		if (!$my_perms) {
 			$m = Permissions::FilledAutoperms($channel_id);
 			if ($m) {
@@ -259,11 +258,12 @@ class Permissions {
 				$my_perms  = $m;
 			}
 		}
-
+*/
 		// If we reached this point with no permissions, the channel is using
 		// custom perms but they are not automatic. They will be stored in abconfig with
 		// the channel's channel_hash (the 'self' connection).
 
+/*
 		if (!$my_perms) {
 			$r = q("select channel_hash from channel where channel_id = %d",
 				intval($channel_id)
@@ -280,10 +280,10 @@ class Permissions {
 				}
 			}
 		}
-
-		return (['perms' => $my_perms, 'automatic' => $automatic]);
+*/
+		return (['perms' => $my_perms, 'automatic' => $automatic, 'role' => $pc]);
 	}
-
+/*
 	static public function serialise($p) {
 		$n = [];
 		if ($p) {
@@ -295,4 +295,5 @@ class Permissions {
 		}
 		return implode(',', $n);
 	}
+*/
 }

Zotlabs/Daemon/Addon.php

@@ -7,6 +7,7 @@ class Addon {
 	static public function run($argc, $argv) {
 
 		call_hooks('daemon_addon', $argv);
+		return;
 
 	}
 

Zotlabs/Daemon/Cache_embeds.php

@@ -19,8 +19,10 @@ class Cache_embeds {
 		$item = $c[0];
 
 		// bbcode conversion by default processes embeds that aren't already cached.
-		// Ignore the returned html output. 
+		// Ignore the returned html output.
 
 		bbcode($item['body']);
+
+		return;
 	}
 }

Zotlabs/Daemon/Cache_query.php

@@ -24,7 +24,7 @@ class Cache_query {
 
 		array_shift($argv);
 		array_shift($argv);
-		
+
 		$arr = json_decode(base64_decode($argv[0]), true);
 
 		$r = call_user_func_array('q', $arr);
@@ -32,5 +32,7 @@ class Cache_query {
 			Cache::set($key, serialize($r));
 
 		del_config('procid', $key);
+
+		return;
 	}
 }

Zotlabs/Daemon/Channel_purge.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+class Channel_purge {
+
+	static public function run($argc,$argv) {
+
+		cli_startup();
+
+		$channel_id = intval($argv[1]);
+
+		$channel = q("select * from channel where channel_id = %d and channel_removed = 1",
+			intval($channel_id)
+		);
+
+		if (! $channel) {
+			return;
+		}
+
+		do {
+			$r = q("select id from item where uid = %d and item_deleted = 0 limit 1000",
+				intval($channel_id)
+			);
+			if ($r) {
+				foreach ($r as $rv) {
+					drop_item($rv['id'], false);
+				}
+			}
+		} while ($r);
+
+		return;
+	}
+}

Zotlabs/Daemon/Checksites.php

@@ -10,6 +10,9 @@ class Checksites {
 
 		logger('checksites: start');
 
+		$site_id = '';
+		$sql_options = '';
+
 		if (($argc > 1) && ($argv[1]))
 			$site_id = $argv[1];
 

Zotlabs/Daemon/Cli_suggest.php

@@ -9,6 +9,7 @@ class Cli_suggest {
 	static public function run($argc,$argv) {
 
 		update_suggestions();
+		return;
 
 	}
 }

Zotlabs/Daemon/Content_importer.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\PConfig;
+
+
+require_once('include/cli_startup.php');
+require_once('include/attach.php');
+require_once('include/import.php');
+
+class Content_importer {
+
+	static public function run($argc,$argv) {
+		cli_startup();
+
+		$page = $argv[1];
+		$since = $argv[2];
+		$until = $argv[3];
+		$channel_address = $argv[4];
+		$hz_server = urldecode($argv[5]);
+
+		$m = parse_url($hz_server);
+
+		$channel = channelx_by_nick($channel_address);
+		if(! $channel) {
+			logger('channel not found');
+			return;
+		}
+
+		$headers = [
+			'X-API-Token'      => random_string(),
+			'X-API-Request'    => $hz_server . '/api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page ,
+			'Host'             => $m['host'],
+			'(request-target)' => 'get /api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page ,
+		];
+
+		$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');
+
+		$x = z_fetch_url($hz_server . '/api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page,false,$redirects,[ 'headers' => $headers ]);
+
+		// logger('item fetch: ' . print_r($x,true));
+
+		if(! $x['success']) {
+			logger('no API response',LOGGER_DEBUG);
+			killme();
+		}
+
+		$j = json_decode($x['body'],true);
+
+		if(! is_array($j['item']) || ! count($j['item'])) {
+			PConfig::Set($channel['channel_id'], 'import', 'content_completed', 1);
+			return;
+		}
+
+		$saved_notification_flags = notifications_off($channel['channel_id']);
+
+		import_items($channel,$j['item'],false,((array_key_exists('relocate',$j)) ? $j['relocate'] : null));
+
+		notifications_on($channel['channel_id'], $saved_notification_flags);
+
+		PConfig::Set($channel['channel_id'], 'import', 'content_progress', [
+			'items_total' => $j['items_total'],
+			'items_page' => $j['items_page'],
+			'items_current_page' => count($j['item']),
+			'last_page' => $page,
+			'next_cmd' => ['Content_importer', sprintf('%d',$page + 1), $since, $until, $channel['channel_address'], urlencode($hz_server)]
+		]);
+
+		$page++;
+
+		Master::Summon([ 'Content_importer', sprintf('%d',$page), $since, $until, $channel['channel_address'], urlencode($hz_server) ]);
+
+		return;
+	}
+}

Zotlabs/Daemon/Convo.php

@@ -30,6 +30,7 @@ class Convo {
 			intval($channel_id),
 			dbesc($contact_hash)
 		);
+
 		if (!$r) {
 			return;
 		}
@@ -40,19 +41,26 @@ class Convo {
 
 		$messages = $obj->get();
 
-		if ($messages) {
-			foreach ($messages as $message) {
-				if (is_string($message)) {
-					$message = Activity::fetch($message, $channel);
-				}
-				// set client flag because comments will probably just be objects and not full blown activities
-				// and that lets us use implied_create
-				$AS = new ActivityStreams($message);
-				if ($AS->is_valid() && is_array($AS->obj)) {
-					$item = Activity::decode_note($AS);
-					Activity::store($channel, $contact['abook_xchan'], $AS, $item);
-				}
+		if (!$messages) {
+			return;
+		}
+
+		foreach ($messages as $message) {
+			if (is_string($message)) {
+				$message = Activity::fetch($message, $channel);
+			}
+
+			// set client flag because comments will probably just be objects and not full blown activities
+			// and that lets us use implied_create
+			$AS = new ActivityStreams($message);
+			if ($AS->is_valid() && is_array($AS->obj)) {
+				$item = Activity::decode_note($AS);
+				$item['item_fetched'] = true;
+				Activity::store($channel, $contact['abook_xchan'], $AS, $item);
 			}
 		}
+
+		return;
+
 	}
 }

Zotlabs/Daemon/Cron.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Daemon;
 
 use Zotlabs\Lib\Libsync;
+use Zotlabs\Lib\Libzotdir;
 
 class Cron {
 
@@ -19,6 +20,7 @@ class Cron {
 			}
 		}
 
+/*
 		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
 		$lockfile = 'store/[data]/cron';
 		if ((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600))
@@ -30,13 +32,24 @@ class Cron {
 		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
 		$x = '';
 		file_put_contents($lockfile, $x);
+*/
 
 		logger('cron: start');
 
+		// If this is a directory server, request a sync with an upstream
+		// directory at least once a day, up to once every poll interval.
+		// Pull remote changes and push local changes.
+		// potential issue: how do we keep from creating an endless update loop?
+
+		$dirmode = get_config('system', 'directory_mode');
+
+		if ($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
+			Libzotdir::sync_directories($dirmode);
+		}
+
 		// run queue delivery process in the background
 
 		Master::Summon(array('Queue'));
-
 		Master::Summon(array('Poller'));
 
 		/**
@@ -48,17 +61,10 @@ class Cron {
 			db_quoteinterval('3 MINUTE')
 		);
 
-		// expire any expired mail
-
-		q("delete from mail where expires > '%s' and expires < %s ",
-			dbesc(NULL_DATE),
-			db_utcnow()
-		);
-
 		require_once('include/account.php');
 		remove_expired_registrations();
 
-		$interval = get_config('system', 'delivery_interval', 3);
+		$interval = get_config('queueworker', 'queue_interval', 500000);
 
 		// expire any expired items
 
@@ -73,8 +79,10 @@ class Cron {
 				if ($rr['item_wall']) {
 					// The notifier isn't normally invoked unless item_drop is interactive.
 					Master::Summon(['Notifier', 'drop', $rr['id']]);
-					if ($interval)
-						@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($interval) {
+						usleep($interval);
+					}
 				}
 			}
 		}
@@ -104,8 +112,10 @@ class Cron {
 		if ($r) {
 			foreach ($r as $rr) {
 				Master::Summon(array('Directory', $rr['channel_id'], 'force'));
-				if ($interval)
-					@time_sleep_until(microtime(true) + (float)$interval);
+
+				if ($interval) {
+					usleep($interval);
+				}
 			}
 		}
 
@@ -159,17 +169,14 @@ class Cron {
 						);
 					}
 					Master::Summon(array('Notifier', 'wall-new', $rr['id']));
-					if ($interval)
-						@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($interval) {
+						usleep($interval);
+					}
 				}
 			}
 		}
 
-
-		// check if any connections transitioned to zot6 and upgrade the connections to zot6 at this hub if so.
-		require_once('include/connections.php');
-		z6trans_connections();
-
 		require_once('include/attach.php');
 		attach_upgrade();
 
@@ -216,12 +223,11 @@ class Cron {
 		}
 
 
-		// pull in some public posts
+		// pull in some public posts if allowed
 
-/*		$disable_discover_tab = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false;
-		if (!$disable_discover_tab)
-			Master::Summon(array('Externals'));
-*/
+		$disable_externals = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false || get_config('system', 'site_firehose');
+		if (!$disable_externals)
+			Master::Summon(['Externals']);
 
 		$restart = false;
 
@@ -242,7 +248,7 @@ class Cron {
 		set_config('system', 'lastcron', datetime_convert());
 
 		//All done - clear the lockfile
-		@unlink($lockfile);
+		//@unlink($lockfile);
 
 		return;
 	}

Zotlabs/Daemon/Cron_daily.php

@@ -49,6 +49,22 @@ class Cron_daily {
 			dbesc('sse_id.%')
 		);
 
+		// Mark items seen after X days (default 90)
+
+		$r = dbq("select channel_id from channel where channel_removed = 0");
+		if ($r) {
+			foreach ($r as $rr) {
+				$mark_seen_days = get_pconfig($rr['channel_id'], 'system', 'mark_seen_days', 90);
+				q("UPDATE item SET item_unseen = 0 WHERE
+					uid = %d AND item_unseen = 1
+					AND created < %s - INTERVAL %s",
+					intval($rr['channel_id']),
+					db_utcnow(),
+					db_quoteinterval($mark_seen_days . ' DAY')
+				);
+			}
+		}
+
 		// Clean up emdedded content cache
 		q("DELETE FROM cache WHERE updated < %s - INTERVAL %s",
 			db_utcnow(),
@@ -78,25 +94,12 @@ class Cron_daily {
 		// expire any expired accounts
 		downgrade_accounts();
 
-		// If this is a directory server, request a sync with an upstream
-		// directory at least once a day, up to once every poll interval.
-		// Pull remote changes and push local changes.
-		// potential issue: how do we keep from creating an endless update loop?
-
-		$dirmode = get_config('system', 'directory_mode');
-
-		if ($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
-			Libzotdir::sync_directories($dirmode);
-		}
-
 		Master::Summon(array('Expire'));
 		Master::Summon(array('Cli_suggest'));
 
 		remove_obsolete_hublocs();
 		remove_duplicate_singleton_hublocs();
 
-		z6_discover();
-
 		$date = datetime_convert();
 		call_hooks('cron_daily', $date);
 
@@ -105,5 +108,7 @@ class Cron_daily {
 		/**
 		 * End Cron Daily
 		 */
+
+		 return;
 	}
 }

Zotlabs/Daemon/Cron_weekly.php

@@ -22,12 +22,12 @@ class Cron_weekly {
 
 		mark_orphan_hubsxchans();
 
-		// Find channels that were removed in the last three weeks, but 
+		// Find channels that were removed in the last three weeks, but
 		// haven't been finally cleaned up. These should be older than 10
-		// days to ensure that "purgeall" messages have gone out or bounced 
-		// or timed out. 
+		// days to ensure that "purgeall" messages have gone out or bounced
+		// or timed out.
 
-		$r = q("select channel_id from channel where channel_removed = 1 and 
+		$r = q("select channel_id from channel where channel_removed = 1 and
 			channel_deleted >  %s - INTERVAL %s and channel_deleted < %s - INTERVAL %s",
 			db_utcnow(), db_quoteinterval('21 DAY'),
 			db_utcnow(), db_quoteinterval('10 DAY')
@@ -59,5 +59,6 @@ class Cron_weekly {
 		 * End Cron Weekly
 		 */
 
+		return;
 	}
-}
+}

Zotlabs/Daemon/Deliver.php

@@ -2,7 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
-require_once('include/queue_fn.php');
+use Zotlabs\Lib\Queue;
 
 class Deliver {
 
@@ -23,11 +23,13 @@ class Deliver {
 			);
 
 			if ($r) {
-				queue_deliver($r[0], true);
+				Queue::deliver($r[0], true);
 			}
 
 		}
 
+		return;
+
 	}
 
 }

Zotlabs/Daemon/Deliver_hooks.php

@@ -12,8 +12,12 @@ class Deliver_hooks {
 		$r = q("select * from item where id = '%d'",
 			intval($argv[1])
 		);
-		if ($r)
+
+		if ($r) {
 			call_hooks('notifier_normal', $r[0]);
+		}
+
+		return;
 
 	}
 }

Zotlabs/Daemon/Delxitems.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/connections.php');
+
+/*
+ * Daemon to remove 'item' resources in the background from a removed connection
+ */
+
+class Delxitems {
+
+	static public function run($argc, $argv) {
+
+		cli_startup();
+
+		if($argc != 3) {
+			return;
+		}
+
+		remove_abook_items($argv[1], $argv[2]);
+
+		return;
+	}
+}

Zotlabs/Daemon/Directory.php

@@ -49,8 +49,9 @@ class Directory {
 			);
 
 			// Now update all the connections
-			if ($pushall)
+			if ($pushall) {
 				Master::Summon(array('Notifier', 'refresh_all', $channel['channel_id']));
+			}
 
 			return;
 		}
@@ -74,7 +75,7 @@ class Directory {
 			 * the directory packet. That means we'll try again on the next poll run.
 			 */
 
-			$hash = random_string();
+			$hash = new_uuid();
 
 			Queue::insert(array(
 				'hash'       => $hash,
@@ -93,8 +94,10 @@ class Directory {
 		}
 
 		// Now update all the connections
-		if ($pushall)
+		if ($pushall) {
 			Master::Summon(array('Notifier', 'refresh_all', $channel['channel_id']));
+		}
 
+		return;
 	}
 }

Zotlabs/Daemon/Expire.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
+require_once('include/items.php');
 
 class Expire {
 
@@ -31,7 +32,6 @@ class Expire {
 		}
 
 		// physically remove anything that has been deleted for more than two months
-		/** @FIXME - this is a wretchedly inefficient query */
 
 		q("delete from item where item_pending_remove = 1 and changed < %s - INTERVAL %s",
 			db_utcnow(),
@@ -58,8 +58,8 @@ class Expire {
 					continue;
 
 				// service class default (if non-zero) over-rides the site default
-
 				$service_class_expire = service_class_fetch($rr['channel_id'], 'expire_days');
+
 				if (intval($service_class_expire))
 					$channel_expire = $service_class_expire;
 				else
@@ -84,7 +84,6 @@ class Expire {
 
 			// this should probably just fetch the channel_expire_days from the sys channel,
 			// but there's no convenient way to set it.
-
 			$expire_days = get_config('system', 'sys_expire_days');
 			if ($expire_days === false)
 				$expire_days = 30;
@@ -95,12 +94,15 @@ class Expire {
 
 			logger('Expire: sys interval: ' . $expire_days, LOGGER_DEBUG);
 
-			if ($expire_days)
+			if ($expire_days) {
 				item_expire($x['channel_id'], $expire_days, $commented_days);
+			}
 
 			logger('Expire: sys: done', LOGGER_DEBUG);
 		}
 
 		del_config('procid', 'expire');
+
+		return;
 	}
 }

Zotlabs/Daemon/Externals.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Daemon;
 
 use Zotlabs\Lib\Activity;
+use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\ActivityStreams;
 use Zotlabs\Lib\ASCollection;
 
@@ -18,6 +19,7 @@ class Externals {
 		$importer = get_sys_channel();
 		$total    = 0;
 		$attempts = 0;
+		$url = '';
 
 		logger('externals: startup', LOGGER_DEBUG);
 
@@ -31,25 +33,54 @@ class Externals {
 				$url = $arr['url'];
 			}
 			else {
+				$networks = ['zot6'];
+
+				if (plugin_is_installed('pubcrawl')) {
+					$networks[] = 'activitypub';
+				}
+
+				stringify_array_elms($networks);
+				$networks_str = implode(',', $networks);
+
 				$randfunc = db_getfunc('RAND');
 
 				// fixme this query does not deal with directory realms.
+				//$r = q("select site_url, site_pull from site where site_url != '%s'
+						//and site_flags != %d and site_type = %d
+						//and site_dead = 0 and site_project like '%s' and site_version > '5.3.1' order by $randfunc limit 1",
+					//dbesc(z_root()),
+					//intval(DIRECTORY_MODE_STANDALONE),
+					//intval(SITE_TYPE_ZOT),
+					//dbesc('hubzilla%')
+				//);
 
-				$r = q("select site_url, site_pull from site where site_url != '%s'
-						and site_flags != %d and site_type = %d
-						and site_dead = 0 and site_project like '%s' and site_version > '5.3.1' order by $randfunc limit 1",
+				$r = q("SELECT * FROM hubloc
+					LEFT JOIN abook ON abook_xchan = hubloc_hash
+					LEFT JOIN site ON site_url = hubloc_url WHERE
+					hubloc_network IN ( $networks_str ) AND
+					abook_xchan IS NULL AND
+					hubloc_url != '%s' AND
+					hubloc_updated > '%s' AND
+					hubloc_primary = 1 AND hubloc_deleted = 0 AND
+					site_dead = 0
+					ORDER BY $randfunc LIMIT 1",
 					dbesc(z_root()),
-					intval(DIRECTORY_MODE_STANDALONE),
-					intval(SITE_TYPE_ZOT),
-					dbesc('hubzilla%')
+					datetime_convert('UTC', 'UTC', 'now - 30 days')
 				);
-				if ($r)
-					$url = $r[0]['site_url'];
+
+				if ($r) {
+					$contact = $r[0];
+					$url = $contact['hubloc_id_url'];
+				}
+			}
+
+			if (!$url) {
+				continue;
 			}
 
 			$blacklisted = false;
 
-			if (!check_siteallowed($url)) {
+			if (!check_siteallowed($contact['hubloc_url'])) {
 				logger('blacklisted site: ' . $url);
 				$blacklisted = true;
 			}
@@ -59,123 +90,68 @@ class Externals {
 			// make sure we can eventually break out if somebody blacklists all known sites
 
 			if ($blacklisted) {
-				if ($attempts > 20)
+				if ($attempts > 5)
 					break;
 				$attempts--;
 				continue;
 			}
 
+			$cl = Activity::get_actor_collections($contact['hubloc_hash']);
+			if(empty($cl)) {
+				$cl = get_xconfig($contact['hubloc_hash'], 'activitypub', 'collections');
+			}
+
+			if (is_array($cl) && array_key_exists('outbox', $cl)) {
+				$url = $cl['outbox'];
+			}
+			else {
+				$url = str_replace('/channel/', '/outbox/', $contact['hubloc_id_url']);
+				if ($url) {
+					$url .= '?top=1';
+				}
+			}
+
 			if ($url) {
+				logger('fetching outbox: ' . $url);
 
-				$max = intval(get_config('system', 'max_imported_posts', 30));
-				if (intval($max)) {
-					logger('externals: fetching outbox');
+				$obj      = new ASCollection($url, $importer, 0, 10);
+				$messages = $obj->get();
 
-					$feed_url = $url . '/zotfeed';
-					$obj      = new ASCollection($feed_url, $importer, 0, $max);
-					$messages = $obj->get();
+				if ($messages) {
+					foreach ($messages as $message) {
+						if (is_string($message)) {
+							$message = Activity::fetch($message, $importer);
+						}
 
-					if ($messages) {
-						foreach ($messages as $message) {
-							if (is_string($message)) {
-								$message = Activity::fetch($message, $importer);
-							}
-							$AS = new ActivityStreams($message);
-							if ($AS->is_valid() && is_array($AS->obj)) {
-								$item = Activity::decode_note($AS);
-								Activity::store($importer, $importer['xchan_hash'], $AS, $item, true);
-								$total++;
+						if ($message['type'] !== 'Create') {
+							continue;
+						}
+
+						if ($contact['hubloc_network'] === 'zot6') {
+							// make sure we only fetch top level items
+							if (isset($message['object']['inReplyTo'])) {
+								continue;
 							}
+
+							$obj_id = $message['object']['id'] ?? $message['object'];
+
+							Libzot::fetch_conversation($importer, $obj_id);
+							$total++;
+							continue;
+						}
+
+						$AS = new ActivityStreams($message);
+						if ($AS->is_valid() && is_array($AS->obj)) {
+							$item = Activity::decode_note($AS);
+							$item['item_fetched'] = true;
+							Activity::store($importer, $contact['hubloc_hash'], $AS, $item);
+							$total++;
 						}
 					}
-					logger('externals: import_public_posts: ' . $total . ' messages imported', LOGGER_DEBUG);
 				}
+				logger('fetched messages count: ' . $total);
 			}
 		}
 		return;
-
-		/*		$total    = 0;
-				$attempts = 0;
-
-				logger('externals: startup', LOGGER_DEBUG);
-
-				// pull in some public posts
-
-				while ($total == 0 && $attempts < 3) {
-					$arr = ['url' => ''];
-					call_hooks('externals_url_select', $arr);
-
-					if ($arr['url']) {
-						$url = $arr['url'];
-					}
-					else {
-						$randfunc = db_getfunc('RAND');
-
-						// fixme this query does not deal with directory realms.
-
-						$r = q("select site_url, site_pull from site where site_url != '%s' and site_flags != %d and site_type = %d and site_dead = 0 order by $randfunc limit 1",
-							dbesc(z_root()),
-							intval(DIRECTORY_MODE_STANDALONE),
-							intval(SITE_TYPE_ZOT)
-						);
-						if ($r)
-							$url = $r[0]['site_url'];
-					}
-
-					$blacklisted = false;
-
-					if (!check_siteallowed($url)) {
-						logger('blacklisted site: ' . $url);
-						$blacklisted = true;
-					}
-
-					$attempts++;
-
-					// make sure we can eventually break out if somebody blacklists all known sites
-
-					if ($blacklisted) {
-						if ($attempts > 20)
-							break;
-						$attempts--;
-						continue;
-					}
-
-					if ($url) {
-						if ($r[0]['site_pull'] > NULL_DATE)
-							$mindate = urlencode(datetime_convert('', '', $r[0]['site_pull'] . ' - 1 day'));
-						else {
-							$days = get_config('externals', 'since_days');
-							if ($days === false)
-								$days = 15;
-							$mindate = urlencode(datetime_convert('', '', 'now - ' . intval($days) . ' days'));
-						}
-
-						$feedurl = $url . '/zotfeed?f=&mindate=' . $mindate;
-
-						logger('externals: pulling public content from ' . $feedurl, LOGGER_DEBUG);
-
-						$x = z_fetch_url($feedurl);
-						if (($x) && ($x['success'])) {
-
-							q("update site set site_pull = '%s' where site_url = '%s'",
-								dbesc(datetime_convert()),
-								dbesc($url)
-							);
-
-							$j = json_decode($x['body'], true);
-							if ($j['success'] && $j['messages']) {
-								$sys = get_sys_channel();
-								foreach ($j['messages'] as $message) {
-									// on these posts, clear any route info.
-									$message['route'] = '';
-									process_delivery(['hash' => 'undefined'], get_item_elements($message),
-										[['hash' => $sys['xchan_hash']]], false, true);
-									$total++;
-								}
-								logger('externals: import_public_posts: ' . $total . ' messages imported', LOGGER_DEBUG);
-							}
-						}
-					}
-				}*/
 	}
 }

Zotlabs/Daemon/File_importer.php

@@ -0,0 +1,71 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+use Zotlabs\Web\HTTPSig;
+use Zotlabs\Lib\PConfig;
+
+
+require_once('include/cli_startup.php');
+require_once('include/attach.php');
+require_once('include/import.php');
+
+class File_importer {
+
+	static public function run($argc,$argv) {
+
+		cli_startup();
+
+		$page = $argv[1];
+		$channel_address = $argv[2];
+		$hz_server = urldecode($argv[3]);
+
+		$m = parse_url($hz_server);
+
+		$channel = channelx_by_nick($channel_address);
+		if(! $channel) {
+			logger('channel not found');
+			return;
+		}
+
+		$headers = [
+			'X-API-Token'      => random_string(),
+			'X-API-Request'    => $hz_server . '/api/z/1.0/file/export_page?f=records=1&page=' . $page,
+			'Host'             => $m['host'],
+			'(request-target)' => 'get /api/z/1.0/file/export_page?f=records=1&page=' . $page,
+		];
+
+		$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),true,'sha512');
+
+		// TODO: implement total count
+		$x = z_fetch_url($hz_server . '/api/z/1.0/file/export_page?f=records=1&page=' . $page, false, $redirects, [ 'headers' => $headers ]);
+		// logger('file fetch: ' . print_r($x,true));
+
+		if(! $x['success']) {
+			logger('no API response',LOGGER_DEBUG);
+			killme();
+		}
+
+		$j = json_decode($x['body'],true);
+
+		if(! is_array($j['results'][0]['attach']) || ! count($j['results'][0]['attach'])) {
+			PConfig::Set($channel['channel_id'], 'import', 'files_completed', 1);
+			return;
+		}
+
+		$r = sync_files($channel, $j['results']);
+
+		PConfig::Set($channel['channel_id'], 'import', 'files_progress', [
+			'files_total' => $j['total'],
+			'files_page' => 1, // export page atm returns just one file
+			'last_page' => $page,
+			'next_cmd' => ['File_importer',sprintf('%d',$page + 1), $channel['channel_address'], urlencode($hz_server)]
+		]);
+
+		$page++;
+
+		Master::Summon([ 'File_importer',sprintf('%d',$page), $channel['channel_address'], urlencode($hz_server) ]);
+
+		return;
+	}
+}

Zotlabs/Daemon/Gprobe.php

@@ -15,21 +15,32 @@ class Gprobe {
 			return;
 
 		$url = hex2bin($argv[1]);
+		$is_webbie = false;
+		$r = null;
 
-		if (!strpos($url, '@'))
-			return;
+		if (filter_var($url, FILTER_VALIDATE_EMAIL)) {
+			$is_webbie = true;
 
-		$r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_network = 'zot6' limit 1",
-			dbesc($url)
-		);
+			$r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_network = 'zot6' limit 1",
+				dbesc($url)
+			);
+		}
+		elseif (filter_var($url, FILTER_VALIDATE_URL)) {
+			$r = q("select * from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+				dbesc($url)
+			);
+		}
 
 		if (!$r) {
-			$href = Webfinger::zot_url(punify($url));
-			if ($href) {
-				$zf = Zotfinger::exec($href, null);
+			if ($is_webbie) {
+				$url = Webfinger::zot_url(punify($url));
 			}
-			if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
-				Libzot::import_xchan($zf['data']);
+
+			if ($url) {
+				$zf = Zotfinger::exec($url, null);
+				if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $url && intval($zf['signature']['header_valid'])) {
+					Libzot::import_xchan($zf['data']);
+				}
 			}
 		}
 

Zotlabs/Daemon/Importdoc.php

@@ -11,6 +11,8 @@ class Importdoc {
 
 		self::update_docs_dir('doc/*');
 
+		return;
+
 	}
 
 	static public function update_docs_dir($s) {

Zotlabs/Daemon/Master.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\QueueWorker;
+
 if (array_search(__file__, get_included_files()) === 0) {
 	require_once('include/cli_startup.php');
 	array_shift($argv);
@@ -9,6 +11,7 @@ if (array_search(__file__, get_included_files()) === 0) {
 
 	if ($argc)
 		Master::Release($argc, $argv);
+
 	return;
 }
 
@@ -16,6 +19,10 @@ if (array_search(__file__, get_included_files()) === 0) {
 class Master {
 
 	static public function Summon($arr) {
+
+		QueueWorker::Summon($arr);
+		return;
+/*
 		$hookinfo = [
 			'argv' => $arr
 		];
@@ -32,11 +39,15 @@ class Master {
 
 		$phpbin = get_config('system', 'phpbin', 'php');
 		proc_run($phpbin, 'Zotlabs/Daemon/Master.php', $arr);
+*/
 	}
 
 	static public function Release($argc, $argv) {
 		cli_startup();
 
+		QueueWorker::Release($argv);
+		return;
+/*
 		$hookinfo = [
 			'argv' => $argv
 		];
@@ -54,5 +65,6 @@ class Master {
 		logger('Master: release: ' . json_encode($argv), LOGGER_ALL, LOG_DEBUG);
 		$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
 		$cls::run($argc, $argv);
+*/
 	}
 }

Zotlabs/Daemon/Onedirsync.php

@@ -5,10 +5,6 @@ namespace Zotlabs\Daemon;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Libzotdir;
 
-require_once('include/zot.php');
-require_once('include/dir_fns.php');
-
-
 class Onedirsync {
 
 	static public function run($argc, $argv) {
@@ -19,61 +15,45 @@ class Onedirsync {
 			$update_id = intval($argv[1]);
 
 		if (!$update_id) {
-			logger('onedirsync: no update');
+			logger('onedirsync: no update id');
 			return;
 		}
 
-		$r = q("select * from updates where ud_id = %d limit 1",
+		$r = q("select * from updates where ud_id = %d",
 			intval($update_id)
 		);
 
-		if (!$r)
-			return;
-
-		if (($r[0]['ud_flags'] & UPDATE_FLAGS_UPDATED) || (!$r[0]['ud_addr']))
-			return;
-
-		// Have we probed this channel more recently than the other directory server
-		// (where we received this update from) ?
-		// If we have, we don't need to do anything except mark any older entries updated
-
-		$x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d )>0 order by ud_date desc limit 1",
-			dbesc($r[0]['ud_addr']),
-			dbesc($r[0]['ud_date']),
-			intval(UPDATE_FLAGS_UPDATED)
-		);
-		if ($x) {
-			q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 and ud_date != '%s'",
-				intval(UPDATE_FLAGS_UPDATED),
-				dbesc($r[0]['ud_addr']),
-				intval(UPDATE_FLAGS_UPDATED),
-				dbesc($x[0]['ud_date'])
-			);
+		if (!$r) {
+			logger('onedirsync: update id not found');
 			return;
 		}
 
 		// ignore doing an update if this ud_addr refers to a known dead hubloc
 
-		$h = q("select * from hubloc where hubloc_addr = '%s'",
-			dbesc($r[0]['ud_addr'])
+		$h = q("select * from hubloc where hubloc_id_url = '%s' order by hubloc_id desc",
+			dbesc($r[0]['ud_addr']),
 		);
 
 		$h = Libzot::zot_record_preferred($h);
 
-		if (($h) && (($h['hubloc_status'] & HUBLOC_OFFLINE) || $h['hubloc_deleted'] || $h['hubloc_error']) ) {
-			q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and ( ud_flags & %d ) = 0 ",
-				intval(UPDATE_FLAGS_UPDATED),
-				dbesc($r[0]['ud_addr']),
-				intval(UPDATE_FLAGS_UPDATED)
-			);
-			return;
+		if (($h) && (($h['hubloc_status'] & HUBLOC_OFFLINE) || $h['hubloc_deleted'] || $h['hubloc_error'])) {
+
+			// 2023-04-12: Try to update anyway since the info is not always correct
+			// This might change after all directory servers run the new code.
+
+			// q("update updates set ud_flags = 9 where ud_hash = '%s' and ud_flags != 9",
+			//	dbesc($r[0]['ud_hash'])
+			//);
+
+			// return;
 		}
 
 		// we might have to pull this out some day, but for now update_directory_entry()
 		// runs zot_finger() and is kind of zot specific
 
-		if ($h && !in_array($h['hubloc_network'], ['zot6', 'zot']))
+		if ($h && $h['hubloc_network'] !== 'zot6') {
 			return;
+		}
 
 		Libzotdir::update_directory_entry($r[0]);
 

Zotlabs/Daemon/Onepoll.php

@@ -8,6 +8,7 @@ use Zotlabs\Lib\ASCollection;
 use Zotlabs\Lib\Libzot;
 
 require_once('include/socgraph.php');
+require_once('include/feedutils.php');
 
 class Onepoll {
 
@@ -29,14 +30,10 @@ class Onepoll {
 			$sql_extra = ' and abook_feed = 0 ';
 		}
 
-		$contacts = q("SELECT abook.*, xchan.*, account.*
-			FROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan
-			where abook_id = %d $sql_extra
-			and abook_pending = 0 and abook_archived = 0 and abook_blocked = 0 and abook_ignored = 0
-			AND (( account_flags = %d ) OR ( account_flags = %d )) limit 1",
-			intval($contact_id),
-			intval(ACCOUNT_OK),
-			intval(ACCOUNT_UNVERIFIED)
+		$contacts = q("SELECT abook.*, xchan.* FROM abook
+			LEFT JOIN xchan ON xchan_hash = abook_xchan
+			WHERE abook_id = %d",
+			intval($contact_id)
 		);
 
 		if (!$contacts) {
@@ -44,19 +41,16 @@ class Onepoll {
 			return;
 		}
 
-		$contact      = array_shift($contacts);
+		$contact      = $contacts[0];
+
 		$importer_uid = $contact['abook_channel'];
 
-		$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
-			intval($importer_uid)
-		);
+		$importer = channelx_by_n($importer_uid);
 
-		if (!$r)
+		if (!$importer)
 			return;
 
-		$importer = $r[0];
-
-		logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
+		logger("onepoll: poll: ($contact_id) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
 
 		$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] <= NULL_DATE))
 			? datetime_convert('UTC', 'UTC', 'now - 7 days')
@@ -66,25 +60,30 @@ class Onepoll {
 		if ($contact['xchan_network'] === 'rss') {
 			logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
 			$alive = handle_feed($importer['channel_id'], $contact_id, $contact['xchan_hash']);
-			if ($alive) {
-				q("update abook set abook_connected = '%s' where abook_id = %d",
+
+			if (!$alive) {
+				q("update abook set abook_updated = '%s' where abook_id = %d",
 					dbesc(datetime_convert()),
 					intval($contact['abook_id'])
 				);
+				return;
 			}
+
+			q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d",
+				dbesc(datetime_convert()),
+				dbesc(datetime_convert()),
+				intval($contact['abook_id'])
+			);
+
 			return;
 		}
 
-		if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+		if ($contact['xchan_network'] !== 'zot6')
 			return;
 
 		// update permissions
 
-		if ($contact['xchan_network'] === 'zot6')
-			$x = Libzot::refresh($contact, $importer);
-
-		if ($contact['xchan_network'] === 'zot')
-			$x = zot_refresh($contact, $importer);
+		$x = Libzot::refresh($contact, $importer);
 
 		$responded = false;
 		$updated   = datetime_convert();
@@ -109,49 +108,67 @@ class Onepoll {
 			return;
 
 		$fetch_feed = true;
-		$x          = null;
 
 		// They haven't given us permission to see their stream
-
 		$can_view_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'their_perms', 'view_stream'));
 
-		if (!$can_view_stream)
+		if (!$can_view_stream) {
 			$fetch_feed = false;
+		}
 
 		// we haven't given them permission to send us their stream
-
 		$can_send_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'my_perms', 'send_stream'));
 
-		if (!$can_send_stream)
+		if (!$can_send_stream) {
 			$fetch_feed = false;
+		}
 
-		if ($fetch_feed && $contact['xchan_network'] !== 'zot') {
+		if ($fetch_feed) {
 
 			$max = intval(get_config('system', 'max_imported_posts', 30));
 
 			if (intval($max)) {
-				$cl = get_xconfig($contact['abook_xchan'], 'activitypub', 'collections');
+				$cl = Activity::get_actor_collections($contact['abook_xchan']);
+				if(empty($cl)) {
+					$cl = get_xconfig($contact['abook_xchan'], 'activitypub', 'collections');
+				}
 
-				if (is_array($cl) && $cl) {
-					$url = ((array_key_exists('outbox', $cl)) ? $cl['outbox'] : '');
+				if (is_array($cl) && array_key_exists('outbox', $cl)) {
+					$url = $cl['outbox'];
 				}
 				else {
-					$url = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
+					$url = str_replace('/poco/', '/outbox/', $contact['xchan_connurl']);
 				}
 
 				if ($url) {
 					logger('fetching outbox');
-					$url      = $url . '?date_begin=' .  urlencode($last_update);
+					$url = $url . '?date_begin=' .  urlencode($last_update);
+
+					if($contact['xchan_network'] === 'zot6') {
+						$url = $url . '&top=1';
+					}
+
 					$obj      = new ASCollection($url, $importer, 0, $max);
 					$messages = $obj->get();
+
 					if ($messages) {
 						foreach ($messages as $message) {
 							if (is_string($message)) {
 								$message = Activity::fetch($message, $importer);
 							}
+
+							if ($contact['xchan_network'] === 'zot6') {
+								// make sure we only fetch top level items
+								if ($message['type'] === 'Create' && !isset($message['object']['inReplyTo'])) {
+									Libzot::fetch_conversation($importer, $message['object']['id']);
+								}
+								continue;
+							}
+
 							$AS = new ActivityStreams($message);
 							if ($AS->is_valid() && is_array($AS->obj)) {
 								$item = Activity::decode_note($AS);
+								$item['item_fetched'] = true;
 								Activity::store($importer, $contact['abook_xchan'], $AS, $item);
 							}
 						}
@@ -163,8 +180,10 @@ class Onepoll {
 		// update the poco details for this connection
 		$r = q("SELECT xlink_id from xlink where xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1",
 			intval($contact['xchan_hash']),
-			db_utcnow(), db_quoteinterval('1 DAY')
+			db_utcnow(),
+			db_quoteinterval('1 DAY')
 		);
+
 		if (!$r) {
 			poco_load($contact['xchan_hash'], $contact['xchan_connurl']);
 		}

Zotlabs/Daemon/Poller.php

@@ -17,21 +17,7 @@ class Poller {
 			}
 		}
 
-		$interval = intval(get_config('system', 'poll_interval'));
-		if (!$interval)
-			$interval = ((get_config('system', 'delivery_interval') === false) ? 3 : intval(get_config('system', 'delivery_interval')));
-
-		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
-		$lockfile = 'store/[data]/poller';
-		if ((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600))
-			&& (!get_config('system', 'override_poll_lockfile'))) {
-			logger("poller: Already running");
-			return;
-		}
-
-		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
-		$x = '';
-		file_put_contents($lockfile, $x);
+		$interval = get_config('queueworker', 'queue_interval', 500000);
 
 		logger('poller: start');
 
@@ -63,17 +49,22 @@ class Poller {
 			: ''
 		);
 
+		$allow_feeds = get_config('system', 'feed_contacts');
+		if(!$allow_feeds) {
+			$sql_extra .= ' and abook_feed = 0 ';
+		}
+
 		$randfunc = db_getfunc('RAND');
 
 		$contacts = q("SELECT abook.abook_updated, abook.abook_connected, abook.abook_feed,
 			abook.abook_channel, abook.abook_id, abook.abook_archived, abook.abook_pending,
 			abook.abook_ignored, abook.abook_blocked,
 			xchan.xchan_network,
-			account.account_lastlog, account.account_flags 
-			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash 
+			account.account_lastlog, account.account_flags
+			FROM abook LEFT JOIN xchan on abook_xchan = xchan_hash
 			LEFT JOIN account on abook_account = account_id
-			where abook_self = 0
-			$sql_extra 
+			where abook_self = 0 and abook_pending = 0 and abook_archived = 0 and abook_blocked = 0 and abook_ignored = 0
+			$sql_extra
 			AND (( account_flags = %d ) OR ( account_flags = %d )) $abandon_sql ORDER BY $randfunc",
 			intval(ACCOUNT_OK),
 			intval(ACCOUNT_UNVERIFIED)     // FIXME
@@ -93,17 +84,27 @@ class Poller {
 						$min = intval(get_config('system', 'minimum_feedcheck_minutes'));
 					if (!$min)
 						$min = 60;
-					$x = datetime_convert('UTC', 'UTC', "now - $min minutes");
-					if ($c < $x) {
-						Master::Summon(['Onepoll', $contact['abook_id']]);
-						if ($interval)
-							@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($t !== $c) {
+						// if the last fetch failed only attempt fetch once a day
+						$min = 60 * 24;
 					}
+
+					$x = datetime_convert('UTC', 'UTC', "now - $min minutes");
+
+					if ($t < $x) {
+						Master::Summon(['Onepoll', $contact['abook_id']]);
+
+						if ($interval) {
+							usleep($interval);
+						}
+					}
+
 					continue;
+
 				}
 
-
-				if (!in_array($contact['xchan_network'], ['zot', 'zot6']))
+				if ($contact['xchan_network'] !== 'zot6')
 					continue;
 
 				if ($c == $t) {
@@ -159,20 +160,22 @@ class Poller {
 					continue;
 
 				Master::Summon(['Onepoll', $contact['abook_id']]);
-				if ($interval)
-					@time_sleep_until(microtime(true) + (float)$interval);
 
+				if ($interval) {
+					usleep($interval);
+				}
 			}
 		}
 
 		$dirmode = intval(get_config('system', 'directory_mode'));
 
 		if ($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
-			$r = q("SELECT u.ud_addr, u.ud_id, u.ud_last FROM updates AS u INNER JOIN (SELECT ud_addr, max(ud_id) AS ud_id FROM updates WHERE ( ud_flags & %d ) = 0 AND ud_addr != '' AND ( ud_last <= '%s' OR ud_last > %s - INTERVAL %s ) GROUP BY ud_addr) AS s ON s.ud_id = u.ud_id ",
-				intval(UPDATE_FLAGS_UPDATED),
+			$r = q("SELECT * FROM updates WHERE ud_update = 1 AND (ud_last = '%s' OR ud_last > %s - INTERVAL %s)",
 				dbesc(NULL_DATE),
-				db_utcnow(), db_quoteinterval('7 DAY')
+				db_utcnow(),
+				db_quoteinterval('7 DAY')
 			);
+
 			if ($r) {
 				foreach ($r as $rr) {
 
@@ -182,19 +185,18 @@ class Poller {
 					if ($rr['ud_last'] > NULL_DATE)
 						if ($rr['ud_last'] > datetime_convert('UTC', 'UTC', 'now - 1 day'))
 							continue;
+
 					Master::Summon(['Onedirsync', $rr['ud_id']]);
-					if ($interval)
-						@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($interval) {
+						usleep($interval);
+					}
 				}
 			}
 		}
 
 		set_config('system', 'lastpoll', datetime_convert());
 
-		//All done - clear the lockfile	
-
-		@unlink($lockfile);
-
 		return;
 	}
 }

Zotlabs/Daemon/Queue.php

@@ -2,83 +2,62 @@
 
 namespace Zotlabs\Daemon;
 
-require_once('include/queue_fn.php');
-require_once('include/zot.php');
+use Zotlabs\Lib\Queue as LibQueue;
 
 class Queue {
 
 	static public function run($argc, $argv) {
-
-		require_once('include/items.php');
-		require_once('include/bbcode.php');
-
-		if ($argc > 1)
-			$queue_id = $argv[1];
-		else
-			$queue_id = EMPTY_STR;
+		$queue_id = ($argc > 1) ? $argv[1] : '';
 
 		logger('queue: start');
 
 		// delete all queue items more than 3 days old
 		// but first mark these sites dead if we haven't heard from them in a month
 
-		$r = q("select outq_posturl from outq where outq_created < %s - INTERVAL %s",
-			db_utcnow(), db_quoteinterval('3 DAY')
+		$oldqItems = q("select outq_posturl, outq_hash from outq where outq_created < %s - INTERVAL %s",
+			db_utcnow(),
+			db_quoteinterval('3 DAY')
 		);
-		if ($r) {
-			foreach ($r as $rr) {
-				$h       = parse_url($rr['outq_posturl']);
-				$desturl = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');
+
+		if ($oldqItems) {
+			foreach ($oldqItems as $qItem) {
+				$h = parse_url($qItem['outq_posturl']);
+				$site_url = $h['scheme'] . '://' . $h['host'] . ((!empty($h['port'])) ? ':' . $h['port'] : '');
 				q("update site set site_dead = 1 where site_dead = 0 and site_url = '%s' and site_update < %s - INTERVAL %s",
-					dbesc($desturl),
-					db_utcnow(), db_quoteinterval('1 MONTH')
+					dbesc($site_url),
+					db_utcnow(),
+					db_quoteinterval('1 MONTH')
 				);
 			}
+
+			$old_hashes = ids_to_querystr($oldqItems, 'outq_hash', true);
+
+			logger('Removing ' . count($oldqItems) . ' old queue entries');
+			dbq("DELETE FROM outq WHERE outq_hash IN ($old_hashes)");
+
 		}
 
-		q("DELETE FROM outq WHERE outq_created < %s - INTERVAL %s",
-			db_utcnow(), db_quoteinterval('3 DAY')
-		);
+		$deliveries = [];
 
 		if ($queue_id) {
-			$r = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
+			$qItems = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
 				dbesc($queue_id)
 			);
+			logger('queue deliver: ' . $qItems[0]['outq_hash'] . ' to ' . $qItems[0]['outq_posturl'], LOGGER_DEBUG);
+			LibQueue::deliver($qItems[0]);
 		}
 		else {
-
-			// For the first 12 hours we'll try to deliver every 15 minutes
-			// After that, we'll only attempt delivery once per hour. 
-			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl 
-			// so that we don't start off a thousand deliveries for a couple of dead hubs.
-			// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
-			// Other drivers will have to do something different here and may need their own query.
-
-			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the 
-			// "every 15 minutes" category. We probably need to prioritise them when inserted into the queue
-			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
-			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once 
-			// or twice a day. 
-
-			$sqlrandfunc = db_getfunc('rand');
-
-			$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
+			$qItems = q("SELECT outq_hash FROM outq WHERE outq_scheduled < %s ",
 				db_utcnow()
 			);
-			while ($r) {
-				foreach ($r as $rv) {
-					queue_deliver($rv);
-				}
-				$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
-					db_utcnow()
-				);
-			}
-		}
-		if (!$r)
-			return;
 
-		foreach ($r as $rv) {
-			queue_deliver($rv);
-		}
+			if ($qItems) {
+				foreach ($qItems as $qItem) {
+					$deliveries[] = $qItem['outq_hash'];
+				}
+				do_delivery($deliveries, true);
+			}
+		 }
 	}
+
 }

Zotlabs/Daemon/Ratenotif.php

@@ -1,126 +0,0 @@
-<?php
-
-namespace Zotlabs\Daemon;
-
-require_once('include/zot.php');
-require_once('include/queue_fn.php');
-
-
-class Ratenotif {
-
-	static public function run($argc,$argv) {
-
-
-		// Deprecated
-		return;
-
-
-		require_once("datetime.php");
-		require_once('include/items.php');
-
-		if($argc < 3)
-			return;
-
-
-		logger('ratenotif: invoked: ' . print_r($argv,true), LOGGER_DEBUG);
-
-		$cmd = $argv[1];
-
-		$item_id = $argv[2];
-
-
-		if($cmd === 'rating') {
-			$r = q("select * from xlink where xlink_id = %d and xlink_static = 1 limit 1",
-				intval($item_id)
-			);
-			if(! $r) {
-				logger('rating not found');
-				return;
-			}
-
-			$encoded_item = array(
-				'type' => 'rating', 
-				'encoding' => 'zot',
-				'target' => $r[0]['xlink_link'],
-				'rating' => intval($r[0]['xlink_rating']),
-				'rating_text' => $r[0]['xlink_rating_text'],
-				'signature' => $r[0]['xlink_sig'],
-				'edited' => $r[0]['xlink_updated']
-			);
-		}
-
-		$channel = channelx_by_hash($r[0]['xlink_xchan']);
-		if(! $channel) {
-			logger('no channel');
-			return;
-		}
-
-
-		$primary = get_directory_primary();
-	
-		if(! $primary)
-			return;
-
-
-		$interval = ((get_config('system','delivery_interval') !== false) 
-			? intval(get_config('system','delivery_interval')) : 2 );
-
-		$deliveries_per_process = intval(get_config('system','delivery_batch_count'));
-
-		if($deliveries_per_process <= 0)
-			$deliveries_per_process = 1;
-
-		$deliver = array();
-
-		$x = z_fetch_url($primary . '/regdir');
-		if($x['success']) {
-			$j = json_decode($x['body'],true);
-			if($j && $j['success'] && is_array($j['directories'])) {
-
-				foreach($j['directories'] as $h) {
-					if($h == z_root())
-						continue;
-
-					$hash = random_string();
-					$n = zot_build_packet($channel,'notify',null,null,'',$hash);
-
-					queue_insert(array(
-						'hash'       => $hash,
-						'account_id' => $channel['channel_account_id'],
-						'channel_id' => $channel['channel_id'],
-						'posturl'    => $h . '/post',
-						'notify'     => $n,
-						'msg'        => json_encode($encoded_item)
-					));
-
-
-					$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
-					if(intval($x[0]['total']) > intval(get_config('system','force_queue_threshold',300))) {
-						logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
-						update_queue_item($hash);
-						continue;
-					}
-
-					$deliver[] = $hash;
-	
-					if(count($deliver) >= $deliveries_per_process) {
-						Master::Summon(array('Deliver',$deliver));
-						$deliver = array();
-						if($interval)
-							@time_sleep_until(microtime(true) + (float) $interval);
-					}
-				}
-	
-				// catch any stragglers
-	
-				if(count($deliver)) {
-					Master::Summon(array('Deliver',$deliver));
-				}
-			}
-		}
-		
-		logger('ratenotif: complete.');
-		return;
-
-	}
-}

Zotlabs/Daemon/Thumbnail.php

@@ -45,7 +45,6 @@ class Thumbnail {
 			return;
 		}
 
-
 		$default_controller = null;
 
 		$files = glob('Zotlabs/Thumbs/*.php');
@@ -74,5 +73,7 @@ class Thumbnail {
 				|| (filectime(dbunescbin($attach['content']) . 'thumb') < (time() - 60)))) {
 			$default_controller->Thumb($attach, $preview_style, $preview_width, $preview_height);
 		}
+
+		return;
 	}
 }

Zotlabs/Daemon/Zotconvo.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+use Zotlabs\Lib\Libzot;
+
+class Zotconvo {
+
+	static public function run($argc, $argv) {
+
+		logger('Zotconvo invoked: ' . print_r($argv, true));
+
+		if ($argc != 3) {
+			return;
+		}
+
+		$mid = $argv[2];
+		if (!$mid) {
+			return;
+		}
+
+		$channel = channelx_by_n(intval($argv[1]));
+		if (!$channel) {
+			return;
+		}
+
+		Libzot::fetch_conversation($channel, $mid);
+
+		return;
+
+	}
+}

Zotlabs/Lib/ASCollection.php

@@ -24,6 +24,8 @@ class ASCollection {
 		$this->direction = $direction;
 		$this->limit     = $limit;
 
+		$data = null;
+
 		if (is_array($obj)) {
 			$data = $obj;
 		}
@@ -147,4 +149,4 @@ class ASCollection {
 		}
 		logger('nextpage: ' . $this->nextpage, LOGGER_DEBUG);
 	}
-}
+}

Zotlabs/Lib/AbConfig.php

@@ -6,12 +6,17 @@ namespace Zotlabs\Lib;
 class AbConfig {
 
 	static public function Load($chan,$xhash,$family = '') {
-		if($family)
+		$where = '';
+
+		if($family) {
 			$where = sprintf(" and cat = '%s' ",dbesc($family));
+		}
+
 		$r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
 			intval($chan),
 			dbesc($xhash)
 		);
+
 		return $r;
 	}
 
@@ -21,7 +26,7 @@ class AbConfig {
 			intval($chan),
 			dbesc($xhash),
 			dbesc($family),
-			dbesc($key)		
+			dbesc($key)
 		);
 		if($r) {
 			return ((preg_match('|^a:[0-9]+:{.*}$|s', $r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
@@ -41,19 +46,19 @@ class AbConfig {
 				dbesc($xhash),
 				dbesc($family),
 				dbesc($key),
-				dbesc($dbvalue)		
+				dbesc($dbvalue)
 			);
 		}
 		else {
 			$r = q("update abconfig set v = '%s' where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ",
-				dbesc($dbvalue),		
+				dbesc($dbvalue),
 				dbesc($chan),
 				dbesc($xhash),
 				dbesc($family),
 				dbesc($key)
 			);
 		}
-	
+
 		if($r)
 			return $value;
 		return false;

Zotlabs/Lib/AccessList.php

@@ -1,38 +1,37 @@
-<?php 
+<?php
 
 namespace Zotlabs\Lib;
 
-use Zotlabs\Lib\Libsync;
-
-
 class AccessList {
-	
-	static function add($uid,$name,$public = 0) {
 
-		$ret = false;
+	static function add($uid, $name, $public = 0) {
+
+		$ret  = false;
+		$hash = '';
 		if ($uid && $name) {
-			$r = self::byname($uid,$name); // check for dups
+			$r = self::by_name($uid, $name); // check for dups
 			if ($r !== false) {
 
-				// This could be a problem. 
+				// This could be a problem.
 				// Let's assume we've just created a list which we once deleted
 				// all the old members are gone, but the list remains so we don't break any security
 				// access lists. What we're doing here is reviving the dead list, but old content which
-				// was restricted to this list may now be seen by the new list members. 
+				// was restricted to this list may now be seen by the new list members.
 
 				$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
 					intval($r)
 				);
-				if(($z) && $z[0]['deleted']) {
+				if (($z) && $z[0]['deleted']) {
 					q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
-					notice( t('A deleted list with this name was revived. Existing item permissions <strong>may</strong> apply to this list and any future members. If this is not what you intended, please create another list with a different name.') . EOL); 
+					notice(t('A deleted privacy group with this name was revived. Existing item permissions <strong>may</strong> apply to this privacy group and any future members. If this is not what you intended, please create another privacy group with a different name.') . EOL);
 				}
-				return true;
+				$hash = self::by_id($uid, $r);
+				return $hash;
 			}
 
 			$hash = new_uuid();
 
-			$r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
+			$r   = q("INSERT INTO pgrp ( hash, uid, visible, gname )
 				VALUES( '%s', %d, %d, '%s' ) ",
 				dbesc($hash),
 				intval($uid),
@@ -42,12 +41,12 @@ class AccessList {
 			$ret = $r;
 		}
 
-		Libsync::build_sync_packet($uid,null,true);
-		return $ret;
+		Libsync::build_sync_packet($uid, null, true);
+
+		return (($ret) ? $hash : $ret);
 	}
 
-
-	static function remove($uid,$name) {
+	static function remove($uid, $name) {
 		$ret = false;
 		if ($uid && $name) {
 			$r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
@@ -55,36 +54,36 @@ class AccessList {
 				dbesc($name)
 			);
 			if ($r) {
-				$group_id = $r[0]['id'];
+				$group_id   = $r[0]['id'];
 				$group_hash = $r[0]['hash'];
 			}
 			else {
 				return false;
 			}
-			
+
 			// remove group from default posting lists
 			$r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
-			       intval($uid)
+				intval($uid)
 			);
 			if ($r) {
 				$user_info = array_shift($r);
-				$change = false;
+				$change    = false;
 
 				if ($user_info['channel_default_group'] == $group_hash) {
 					$user_info['channel_default_group'] = '';
-					$change = true;
+					$change                             = true;
 				}
 				if (strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
 					$user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
-					$change = true;
+					$change                         = true;
 				}
 				if (strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
 					$user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
-					$change = true;
+					$change                        = true;
 				}
 
 				if ($change) {
-					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' 
+					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s'
 						WHERE channel_id = %d",
 						intval($user_info['channel_default_group']),
 						dbesc($user_info['channel_allow_gid']),
@@ -110,16 +109,16 @@ class AccessList {
 
 		}
 
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 
 		return $ret;
 	}
 
 	// returns the integer id of an access group owned by $uid and named $name
 	// or false.
-	
-	static function byname($uid,$name) {
-		if (! ($uid && $name)) {
+
+	static function by_name($uid, $name) {
+		if (!($uid && $name)) {
 			return false;
 		}
 		$r = q("SELECT id FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
@@ -132,11 +131,11 @@ class AccessList {
 		return false;
 	}
 
-	static function by_id($uid,$id) {
-		if (! ($uid && $id)) {
+	static function by_id($uid, $id) {
+		if (!($uid && $id)) {
 			return false;
 		}
-		
+
 		$r = q("SELECT * FROM pgrp WHERE uid = %d AND id = %d and deleted = 0",
 			intval($uid),
 			intval($id)
@@ -147,10 +146,8 @@ class AccessList {
 		return false;
 	}
 
-
-
-	static function rec_byhash($uid,$hash) {
-		if (! ( $uid && $hash)) {
+	static function by_hash($uid, $hash) {
+		if (!($uid && $hash)) {
 			return false;
 		}
 		$r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
@@ -163,46 +160,46 @@ class AccessList {
 		return false;
 	}
 
+	static function member_remove($uid, $name, $member, $gid = 0) {
+		if (!$gid) {
+			$gid = self::by_name($uid, $name);
+		}
 
-	static function member_remove($uid,$name,$member) {
-		$gid = self::byname($uid,$name);
-		if (! $gid) {
-			return false;
-		}
-		if (! ($uid && $gid && $member)) {
+		if (!($uid && $gid && $member)) {
 			return false;
 		}
+
 		$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
 			intval($uid),
 			intval($gid),
 			dbesc($member)
 		);
 
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 
 		return $r;
 	}
 
-
-	static function member_add($uid,$name,$member,$gid = 0) {
-		if (! $gid) {
-			$gid = self::byname($uid,$name);
+	static function member_add($uid, $name, $member, $gid = 0) {
+		if (!$gid) {
+			$gid = self::by_name($uid, $name);
 		}
-		if (! ($gid && $uid && $member)) {
+		if (!($gid && $uid && $member)) {
 			return false;
 		}
 
-		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",	
+		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",
 			intval($uid),
 			intval($gid),
 			dbesc($member)
 		);
 		if ($r) {
-			return true;	// You might question this, but 
-				// we indicate success because the group member was in fact created
-				// -- It was just created at another time
+			return true;
+			// You might question this, but
+			// we indicate success because the group member was in fact created
+			// -- It was just created at another time
 		}
-	 	else {
+		else {
 			$r = q("INSERT INTO pgrp_member (uid, gid, xchan)
 				VALUES( %d, %d, '%s' ) ",
 				intval($uid),
@@ -210,15 +207,14 @@ class AccessList {
 				dbesc($member)
 			);
 		}
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 		return $r;
 	}
 
-
 	static function members($uid, $gid) {
 		$ret = [];
 		if (intval($gid)) {
-			$r = q("SELECT * FROM pgrp_member 
+			$r = q("SELECT * FROM pgrp_member
 				LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
 				WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
 				intval($gid),
@@ -232,7 +228,7 @@ class AccessList {
 		return $ret;
 	}
 
-	static function members_xchan($uid,$gid) {
+	static function members_xchan($uid, $gid) {
 		$ret = [];
 		if (intval($gid)) {
 			$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
@@ -248,99 +244,75 @@ class AccessList {
 		return $ret;
 	}
 
-	static function members_profile_xchan($uid,$gid) {
+	static function profile_members_xchan($uid,$gid) {
 		$ret = [];
-		if (intval($gid)) {
+
+		if(intval($gid)) {
 			$r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
 				intval($gid),
 				intval($uid)
 			);
-			if ($r) {
-				foreach($r as $rv) {
-					$ret[] = $rv['xchan'];
+			if($r) {
+				foreach($r as $rr) {
+					$ret[] = $rr['xchan'];
 				}
 			}
 		}
 		return $ret;
 	}
 
+	static function select($uid, $options) {
 
+		$selected = $options['selected'] ?? '';
+		$form_id = $options['form_id'] ?? 'accesslist_select';
+		$label = $options['label'] ?? t('Select a privacy group');
+		$before = $options['before'] ?? [];
+		$after = $options['after'] ?? [];
 
-
-	static function select($uid,$group = '') {
-	
 		$grps = [];
+		$o = '';
+
+		$grps[] = [
+			'name' => '',
+			'id' => '0',
+			'selected' => false
+		];
+
+		if ($before) {
+			$grps[] = $before;
+		}
 
 		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
 			intval($uid)
 		);
-		$grps[] = [ 'name' => '', 'hash' => '0', 'selected' => '' ];
-		if ($r) {
-			foreach ($r as $rr) {
-				$grps[] = [ 'name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : '') ];
-			}
 
-		}
-		
-		return replace_macros(get_markup_template('group_selection.tpl'), [
-			'$label' => t('Add new connections to this access list'),
-			'$groups' => $grps 
-		]);
-	}
-
-
-	static function widget($every="connections",$each="lists",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
-
-		$o = '';
-
-		$groups = [];
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($_SESSION['uid'])
-		);
-		$member_of = [];
-		if ($cid) {
-			$member_of = self::containing(local_channel(),$cid);
-		} 
-
-		if ($r) {
-			foreach ($r as $rr) {
-				$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
-			
-				if ($edit) {
-					$groupedit = [ 'href' => "lists/".$rr['id'], 'title' => t('edit') ];
-				} 
-				else {
-					$groupedit = null;
-				}
-			
-				$groups[] = [
-					'id'		=> $rr['id'],
-					'enc_cid'   => base64url_encode($cid),
-					'cid'		=> $cid,
-					'text' 		=> $rr['gname'],
-					'selected' 	=> $selected,
-					'href'		=> (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
-					'edit'		=> $groupedit,
-					'ismember'	=> in_array($rr['id'],$member_of),
+		if($r) {
+			foreach($r as $rr) {
+				$grps[] = [
+					'name' => $rr['gname'],
+					'id' => $rr['hash'],
+					'selected' => ($selected == $rr['hash'])
 				];
 			}
 		}
-		
-		return replace_macros(get_markup_template('group_side.tpl'), [
-			'$title'		=> t('Lists'),
-			'$edittext'     => t('Edit list'),
-			'$createtext' 	=> t('Create new list'),
-			'$ungrouped'    => (($every === 'contacts') ? t('Channels not in any access list') : ''),
-			'$groups'		=> $groups,
-			'$add'			=> t('add'),
-		]);
 
+		if ($after) {
+			$grps[] = $after;
+		}
+
+		logger('select: ' . print_r($grps,true), LOGGER_DATA);
+
+		$o = replace_macros(get_markup_template('group_selection.tpl'), array(
+			'$label' => $label,
+			'$form_id' => $form_id,
+			'$groups' => $grps
+		));
+
+		return $o;
 	}
 
-
 	static function expand($g) {
-		if (! (is_array($g) && count($g))) {
+		if (!(is_array($g) && count($g))) {
 			return [];
 		}
 
@@ -350,8 +322,8 @@ class AccessList {
 		// private profile linked virtual groups
 
 		foreach ($g as $gv) {
-			if (substr($gv,0,3) === 'vp.') {
-				$profile_hash = substr($gv,3);
+			if (substr($gv, 0, 3) === 'vp.') {
+				$profile_hash = substr($gv, 3);
 				if ($profile_hash) {
 					$r = q("select abook_xchan from abook where abook_profile = '%s'",
 						dbesc($profile_hash)
@@ -366,10 +338,10 @@ class AccessList {
 			else {
 				$x[] = $gv;
 			}
-		}								 
+		}
 
 		if ($x) {
-			stringify_array_elms($x,true);
+			stringify_array_elms($x, true);
 			$groups = implode(',', $x);
 			if ($groups) {
 				$r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
@@ -383,9 +355,8 @@ class AccessList {
 		return $ret;
 	}
 
-
 	static function member_of($c) {
-		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id 
+		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id
 			WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname  ASC ",
 			dbesc($c)
 		);
@@ -393,7 +364,7 @@ class AccessList {
 		return $r;
 	}
 
-	static function containing($uid,$c) {
+	static function containing($uid, $c) {
 
 		$r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
 			intval($uid),
@@ -405,7 +376,8 @@ class AccessList {
 			foreach ($r as $rv)
 				$ret[] = $rv['gid'];
 		}
-		
+
 		return $ret;
 	}
-}
+
+}

Zotlabs/Lib/ActivityStreams.php

@@ -11,6 +11,7 @@ class ActivityStreams {
 
 	public $raw = null;
 	public $data = null;
+	public $meta = null;
 	public $valid = false;
 	public $deleted = false;
 	public $id = '';
@@ -36,10 +37,14 @@ class ActivityStreams {
 	 */
 	function __construct($string) {
 
+		if(!$string)
+			return;
+
 		$this->raw = $string;
 
 		if (is_array($string)) {
 			$this->data = $string;
+			$this->raw = json_encode($string, JSON_UNESCAPED_SLASHES);
 		}
 		else {
 			$this->data = json_decode($string, true);
@@ -56,18 +61,21 @@ class ActivityStreams {
 					if ($ret['signer']) {
 						$saved                     = json_encode($this->data, JSON_UNESCAPED_SLASHES);
 						$this->data                = $tmp;
-						$this->data['signer']      = $ret['signer'];
-						$this->data['signed_data'] = $saved;
+						$this->meta['signer']      = $ret['signer'];
+						$this->meta['signed_data'] = $saved;
 						if ($ret['hubloc']) {
-							$this->data['hubloc'] = $ret['hubloc'];
+							$this->meta['hubloc'] = $ret['hubloc'];
 						}
 					}
 				}
 			}
 
+			// This indicates only that we have sucessfully decoded JSON.
 			$this->valid = true;
 
-			if (array_key_exists('type', $this->data) && array_key_exists('actor', $this->data) && array_key_exists('object', $this->data)) {
+			// Special handling for Mastodon "delete actor" activities which will often fail to verify
+			// because the key cannot be fetched. We will catch this condition elsewhere.
+			if (is_array($this->data) && array_key_exists('type', $this->data) && array_key_exists('actor', $this->data) && array_key_exists('object', $this->data)) {
 				if ($this->data['type'] === 'Delete' && $this->data['actor'] === $this->data['object']) {
 					$this->deleted = $this->data['actor'];
 					$this->valid   = false;
@@ -76,6 +84,7 @@ class ActivityStreams {
 
 		}
 
+		// Attempt to assemble an Activity from what we were given.
 		if ($this->is_valid()) {
 			$this->id     = $this->get_property_obj('id');
 			$this->type   = $this->get_primary_type();
@@ -87,7 +96,7 @@ class ActivityStreams {
 
 			$this->ldsig = $this->get_compound_property('signature');
 			if ($this->ldsig) {
-				$this->signer = $this->get_compound_property('creator', $this->ldsig);
+				$this->signer = $this->get_actor('creator', $this->ldsig);
 				if ($this->signer && is_array($this->signer) && array_key_exists('publicKey', $this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
 					$this->sigok = LDSignatures::verify($this->data, $this->signer['publicKey']['publicKeyPem']);
 				}
@@ -104,20 +113,21 @@ class ActivityStreams {
 			// fetch recursive or embedded activities
 
 			if ($this->obj && is_array($this->obj) && array_key_exists('object', $this->obj)) {
-				$this->obj['object'] = $this->get_compound_property($this->obj['object']);
+				$this->obj['object'] = $this->get_compound_property('object', $this->obj);
 			}
 
-			if ($this->obj && is_array($this->obj) && $this->obj['actor'])
+			if ($this->obj && is_array($this->obj) && isset($this->obj['actor']))
 				$this->obj['actor'] = $this->get_actor('actor', $this->obj);
-			if ($this->tgt && is_array($this->tgt) && $this->tgt['actor'])
+			if ($this->tgt && is_array($this->tgt) && isset($this->tgt['actor']))
 				$this->tgt['actor'] = $this->get_actor('actor', $this->tgt);
 
 			$this->parent_id = $this->get_property_obj('inReplyTo');
 
-			if ((!$this->parent_id) && is_array($this->obj)) {
+			if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['inReplyTo'])) {
 				$this->parent_id = $this->obj['inReplyTo'];
 			}
-			if ((!$this->parent_id) && is_array($this->obj)) {
+
+			if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['id'])) {
 				$this->parent_id = $this->obj['id'];
 			}
 		}
@@ -136,36 +146,59 @@ class ActivityStreams {
 		$this->saved_recips = $arr;
 	}
 
+	/**
+	 * @brief get single property from Activity object
+	 *
+	 * @param string $property
+	 * @param mixed $default return value if property or object not set
+	 *    or object is a string id which could not be fetched.
+	 * @return mixed
+	 */
+	public function objprop(string $property, mixed $default = false): mixed {
+		$x = $this->get_property_obj($property, $this->obj);
+		return (isset($x)) ? $x : $default;
+	}
+
 	/**
 	 * @brief Collects all recipients.
 	 *
-	 * @param string $base
+	 * @param mixed $base
 	 * @param string $namespace (optional) default empty
 	 * @return array
 	 */
-	function collect_recips($base = '', $namespace = '') {
-		$x = [];
+	public function collect_recips(mixed $base = '', string $namespace = ''): array {
+		$result = [];
+		$tmp = [];
 
 		$fields = ['to', 'cc', 'bto', 'bcc', 'audience'];
-		foreach ($fields as $f) {
-			$y = $this->get_compound_property($f, $base, $namespace);
-			if ($y) {
-				if (!is_array($this->raw_recips)) {
-					$this->raw_recips = [];
-				}
-
-				if (!is_array($y)) {
-					$y = [$y];
-				}
-				$this->raw_recips[$f] = $y;
-				$x                    = array_merge($x, $y);
+		foreach ($fields as $field) {
+			// don't expand these yet
+			$values = $this->get_property_obj($field, $base, $namespace);
+			if ($values) {
+				$values = force_array($values);
+				$tmp[$field] = $values;
+				$result = array_values(array_unique(array_merge($result, $values)));
+			}
+			// Merge the object recipients if they exist.
+			$values = $this->objprop($field);
+			if ($values) {
+				$values = force_array($values);
+				$tmp[$field] = ((isset($tmp[$field])) ? array_merge($tmp[$field], $values) : $values);
+				$result = array_values(array_unique(array_merge($result, $values)));
+			}
+			// remove duplicates
+			if (isset($tmp[$field])) {
+				$tmp[$field] = array_values(array_unique($tmp[$field]));
 			}
 		}
-// not yet ready for prime time
-//		$x = $this->expand($x,$base,$namespace);
-		return $x;
+		$this->raw_recips = $tmp;
+
+		// not yet ready for prime time
+		//      $result = $this->expand($result,$base,$namespace);
+		return $result;
 	}
 
+
 	function expand($arr, $base = '', $namespace = '') {
 		$ret = [];
 
@@ -299,29 +332,25 @@ class ActivityStreams {
 
 	function get_actor($property, $base = '', $namespace = '') {
 		$x = $this->get_property_obj($property, $base, $namespace);
+
 		if ($this->is_url($x)) {
-
-			// SECURITY: If we have already stored the actor profile, re-generate it
-			// from cached data - don't refetch it from the network
-
-			$r = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s'",
-				dbesc($x)
-			);
-			if ($r) {
-				$r = Libzot::zot_record_preferred($r);
-				$y = Activity::encode_person($r);
-				$y['cached'] = true;
+			$y = Activity::get_cached_actor($x);
+			if ($y) {
 				return $y;
 			}
 		}
+
 		$actor = $this->get_compound_property($property, $base, $namespace, true);
+
 		if (is_array($actor) && self::is_an_actor($actor['type'])) {
 			if (array_key_exists('id', $actor) && (!array_key_exists('inbox', $actor))) {
 				$actor = $this->fetch_property($actor['id']);
 			}
 			return $actor;
 		}
-		return null;
+
+		return Activity::get_unknown_actor($this->data);
+
 	}
 
 
@@ -336,6 +365,7 @@ class ActivityStreams {
 	 */
 	function get_compound_property($property, $base = '', $namespace = '', $first = false) {
 		$x = $this->get_property_obj($property, $base, $namespace);
+
 		if ($this->is_url($x)) {
 			$y = $this->fetch_property($x);
 			if (is_array($y)) {
@@ -352,10 +382,10 @@ class ActivityStreams {
 				if ($ret['signer']) {
 					$saved            = json_encode($x, JSON_UNESCAPED_SLASHES);
 					$x                = $tmp;
-					$x['signer']      = $ret['signer'];
-					$x['signed_data'] = $saved;
+					$x['meta']['signer']      = $ret['signer'];
+					$x['meta']['signed_data'] = $saved;
 					if ($ret['hubloc']) {
-						$x['hubloc'] = $ret['hubloc'];
+						$x['meta']['hubloc'] = $ret['hubloc'];
 					}
 				}
 			}
@@ -426,15 +456,19 @@ class ActivityStreams {
 
 	static function get_accept_header_string($channel = null) {
 
+		$ret = '';
+
 		$hookdata = [];
 		if ($channel)
 			$hookdata['channel'] = $channel;
 
-		$hookdata['data'] = 'application/x-zot-activity+json';
+		$hookdata['data'] = ['application/x-zot-activity+json'];
 
 		call_hooks('get_accept_header_string', $hookdata);
 
-		return $hookdata['data'];
+		$ret = implode(', ', $hookdata['data']);
+
+		return $ret;
 
 	}
 

Zotlabs/Lib/Apps.php

@@ -2,7 +2,7 @@
 
 namespace Zotlabs\Lib;
 
-use Zotlabs\Lib\Libsync;
+use App;
 
 require_once('include/plugin.php');
 require_once('include/channel.php');
@@ -21,9 +21,10 @@ class Apps {
 	 * @brief
 	 *
 	 * @param boolean $translate (optional) default true
+	 * @param boolean $sync (optional) default false used if called from sync_sysapps()
 	 * @return array
 	 */
-	static public function get_system_apps($translate = true) {
+	static public function get_system_apps($translate = true, $sync = false) {
 		$ret = [];
 
 		if(is_dir('apps'))
@@ -33,7 +34,7 @@ class Apps {
 
 		if($files) {
 			foreach($files as $f) {
-				$x = self::parse_app_description($f,$translate);
+				$x = self::parse_app_description($f, $translate, $sync);
 				if($x) {
 					$ret[] = $x;
 				}
@@ -45,7 +46,7 @@ class Apps {
 				$path = explode('/',$f);
 				$plugin = trim($path[1]);
 				if(plugin_is_installed($plugin)) {
-					$x = self::parse_app_description($f,$translate);
+					$x = self::parse_app_description($f, $translate, $sync);
 					if($x) {
 						$x['plugin'] = $plugin;
 						$ret[] = $x;
@@ -66,17 +67,17 @@ class Apps {
 	static public function get_base_apps() {
 		$x = get_config('system','base_apps',[
 			'Connections',
+			'Contact Roles',
 			'Network',
-			'Settings',
 			'Files',
-			'Channel Home',
-			'View Profile',
+			'Channel',
 			'Photos',
 			'Calendar',
 			'Directory',
 			'Search',
 			'Help',
-			'Profile Photo'
+			'HQ',
+			'Post'
 		]);
 
 		/**
@@ -158,7 +159,7 @@ class Apps {
 		foreach(self::$available_apps as $iapp) {
 			if($iapp['app_id'] == hash('whirlpool',$app['name'])) {
 				$notfound = false;
-				if(($iapp['app_version'] !== $app['version'])
+				if((isset($app['version']) && $iapp['app_version'] !== $app['version'])
 					|| ($app['plugin'] && (! $iapp['app_plugin']))) {
 					return intval($iapp['app_id']);
 				}
@@ -207,9 +208,10 @@ class Apps {
 	 *
 	 * @param string $f filename
 	 * @param boolean $translate (optional) default true
+	 * @param boolean $sync (optional) default false
 	 * @return boolean|array
 	 */
-	static public function parse_app_description($f, $translate = true) {
+	static public function parse_app_description($f, $translate = true, $sync = false) {
 		$ret = [];
 		$matches = [];
 
@@ -234,6 +236,7 @@ class Apps {
 			$ret['photo'] = $baseurl . '/' . get_default_profile_photo(80);
 
 		$ret['type'] = 'system';
+		$ret['plugin'] = '';
 
 		foreach($ret as $k => $v) {
 			if(strpos($v,'http') === 0) {
@@ -255,7 +258,7 @@ class Apps {
 		if(array_key_exists('categories',$ret))
 			$ret['categories'] = str_replace(array('\'','"'),array(''','&dquot;'),$ret['categories']);
 
-		if(array_key_exists('requires',$ret)) {
+		if(array_key_exists('requires',$ret) && !$sync) {
 			$requires = explode(',',$ret['requires']);
 			foreach($requires as $require) {
 				$require = trim(strtolower($require));
@@ -307,14 +310,16 @@ class Apps {
 				}
 			}
 		}
-		if(isset($ret)) {
-			if($translate)
-				self::translate_system_apps($ret);
 
-			return $ret;
+		if(empty($ret)) {
+			return false;
 		}
 
-		return false;
+		if($translate) {
+			self::translate_system_apps($ret);
+		}
+
+		return $ret;
 	}
 
 
@@ -340,7 +345,7 @@ class Apps {
 			'Files' => t('Files'),
 			'Webpages' => t('Webpages'),
 			'Wiki' => t('Wiki'),
-			'Channel Home' => t('Channel Home'),
+			'Channel' => t('Channel'),
 			'View Profile' => t('View Profile'),
 			'Photos' => t('Photos'),
 			'Calendar' => t('Calendar'),
@@ -371,7 +376,7 @@ class Apps {
 			'OAuth Apps Manager' => t('OAuth Apps Manager'),
 			'OAuth2 Apps Manager' => t('OAuth2 Apps Manager'),
 			'PDL Editor' => t('PDL Editor'),
-			'Permission Categories' => t('Permission Categories'),
+			'Contact Roles' => t('Contact Roles'),
 			'Public Stream' => t('Public Stream'),
 			'My Chatrooms' => t('My Chatrooms'),
 			'Channel Export' => t('Channel Export')
@@ -422,7 +427,7 @@ class Apps {
 
 		self::translate_system_apps($papp);
 
-		if(trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin']))))
+		if(isset($papp['plugin']) && trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin']))))
 			return '';
 
 		$papp['papp'] = self::papp_encode($papp);
@@ -517,14 +522,19 @@ class Apps {
 		$hosturl = '';
 
 		if(local_channel()) {
-			if(self::app_installed(local_channel(),$papp) && !$papp['deleted'])
+			if(self::app_installed(local_channel(),$papp)) {
 				$installed = true;
+			}
+
+			if ($installed && isset($papp['deleted']) && $papp['deleted']) {
+				$installed = false;
+			}
 
 			$hosturl = z_root() . '/';
 		}
 		elseif(remote_channel()) {
 			$observer = \App::get_observer();
-			if($observer && in_array($observer['xchan_network'], ['zot6', 'zot'])) {
+			if($observer && $observer['xchan_network'] === 'zot6') {
 				// some folks might have xchan_url redirected offsite, use the connurl
 				$x = parse_url($observer['xchan_connurl']);
 				if($x) {
@@ -536,13 +546,47 @@ class Apps {
 		$install_action = (($installed) ? t('Update') : t('Install'));
 		$icon = ((strpos($papp['photo'],'icon:') === 0) ? substr($papp['photo'],5) : '');
 
+		if (!$installed && $mode === 'module') {
+			$_SESSION['return_url'] = App::$query_string;
+			return replace_macros(get_markup_template('app_install.tpl'), [
+				'$papp' => $papp,
+				'$install' => $install_action
+			]);
+		}
+
 		if($mode === 'navbar') {
+			return replace_macros(get_markup_template('app_nav_pinned.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+			));
+		}
+
+		if($mode === 'nav') {
 			return replace_macros(get_markup_template('app_nav.tpl'),array(
 				'$app' => $papp,
 				'$icon' => $icon,
 			));
 		}
 
+		if($mode === 'inline') {
+			return replace_macros(get_markup_template('app_inline.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+				'$installed' => $installed,
+				'$purchase' => ((isset($papp['page']) && (! $installed)) ? t('Purchase') : ''),
+				'$action_label' => $install_action
+			));
+		}
+
+		if(in_array($mode, ['nav-order', 'nav-order-pinned'])) {
+			return replace_macros(get_markup_template('app_order.tpl'),array(
+				'$app' => $papp,
+				'$icon' => $icon,
+				'$hosturl' => $hosturl,
+				'$mode' => $mode
+			));
+		}
+
 		if($mode === 'install') {
 			$papp['embed'] = true;
 		}
@@ -557,14 +601,12 @@ class Apps {
 			'$edit' => ((local_channel() && $installed && $mode == 'edit') ? t('Edit') : ''),
 			'$delete' => ((local_channel() && $mode == 'edit') ? t('Delete') : ''),
 			'$undelete' => ((local_channel() && $mode == 'edit') ? t('Undelete') : ''),
-			'$settings_url' => ((local_channel() && $installed && $mode == 'list') ? $papp['settings_url'] : ''),
-			'$deleted' => $papp['deleted'],
+			'$settings_url' => ((local_channel() && $installed && $mode == 'list' && isset($papp['settings_url'])) ? $papp['settings_url'] : ''),
+			'$deleted' => $papp['deleted'] ?? false,
 			'$feature' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
 			'$pin' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
-			'$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true),
-			'$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true),
-			'$navapps' => (($mode == 'nav') ? true : false),
-			'$order' => (($mode === 'nav-order' || $mode === 'nav-order-pinned') ? true : false),
+			'$featured' => ((isset($papp['categories']) && strpos($papp['categories'], 'nav_featured_app') !== false) ? true : false),
+			'$pinned' => ((isset($papp['categories']) && strpos($papp['categories'], 'nav_pinned_app') !== false) ? true : false),
 			'$mode' => $mode,
 			'$add' => t('Add to app-tray'),
 			'$remove' => t('Remove from app-tray'),
@@ -574,6 +616,7 @@ class Apps {
 		));
 	}
 
+
 	static public function app_install($uid,$app) {
 
 		if(! is_array($app)) {
@@ -588,10 +631,12 @@ class Apps {
 
 		$app['uid'] = $uid;
 
-		if(self::app_installed($uid,$app,true))
+		if(self::app_installed($uid,$app,true)) {
 			$x = self::app_update($app);
-		else
+		}
+		else {
 			$x = self::app_store($app);
+		}
 
 		if($x['success']) {
 			$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
@@ -599,13 +644,12 @@ class Apps {
 				intval($uid)
 			);
 			if($r) {
-				if(($app['uid']) && (! $r[0]['app_system'])) {
-					if($app['categories'] && (! $app['term'])) {
+				if($app['uid']) {
+					if((isset($app['categories']) && $app['categories']) && !(isset($app['term']) && $app['term'])) {
 						$r[0]['term'] = q("select * from term where otype = %d and oid = %d",
 							intval(TERM_OBJ_APP),
 							intval($r[0]['id'])
 						);
-						Libsync::build_sync_packet($uid,array('app' => $r[0]));
 					}
 				}
 			}
@@ -634,6 +678,7 @@ class Apps {
 				}
 			}
 		}
+
 		return true;
 	}
 
@@ -645,38 +690,35 @@ class Apps {
 				dbesc($app['guid']),
 				intval($uid)
 			);
-			if($x) {
-				if(! intval($x[0]['app_deleted'])) {
-					$x[0]['app_deleted'] = 1;
-					if(self::can_delete($uid,$app)) {
-						q("delete from app where app_id = '%s' and app_channel = %d",
-							dbesc($app['guid']),
-							intval($uid)
-						);
-						q("delete from term where otype = %d and oid = %d",
-							intval(TERM_OBJ_APP),
-							intval($x[0]['id'])
-						);
-						/**
-						 * @hooks app_destroy
-						 *  Called after app entry got removed from database
-						 *  and provide app array from database.
-						 */
-						call_hooks('app_destroy', $x[0]);
-					}
-					else {
-						q("update app set app_deleted = 1 where app_id = '%s' and app_channel = %d",
-							dbesc($app['guid']),
-							intval($uid)
-						);
-					}
-					if(! intval($x[0]['app_system'])) {
-						Libsync::build_sync_packet($uid,array('app' => $x));
-					}
-				}
-				else {
-					self::app_undestroy($uid,$app);
-				}
+
+			if($x && intval($x[0]['app_deleted'])) {
+				self::app_undestroy($uid, $app);
+				return;
+			}
+
+			if(self::can_delete($uid,$app)) {
+				q("delete from app where app_id = '%s' and app_channel = %d",
+					dbesc($app['guid']),
+					intval($uid)
+				);
+
+				q("delete from term where otype = %d and oid = %d",
+					intval(TERM_OBJ_APP),
+					intval($x[0]['id'])
+				);
+
+				/**
+				 * @hooks app_destroy
+				 *  Called after app entry got removed from database
+				 *  and provide app array from database.
+				 */
+				call_hooks('app_destroy', $x[0]);
+			}
+			else {
+				q("update app set app_deleted = 1 where app_id = '%s' and app_channel = %d",
+					dbesc($app['guid']),
+					intval($uid)
+				);
 			}
 		}
 	}
@@ -693,13 +735,11 @@ class Apps {
 				dbesc($app['guid']),
 				intval($uid)
 			);
-			if($x) {
-				if($x[0]['app_system']) {
-					q("update app set app_deleted = 0 where app_id = '%s' and app_channel = %d",
-						dbesc($app['guid']),
-						intval($uid)
-					);
-				}
+			if($x && intval($x[0]['app_deleted']) && $x[0]['app_system']) {
+				q("update app set app_deleted = 0 where app_id = '%s' and app_channel = %d",
+					dbesc($app['guid']),
+					intval($uid)
+				);
 			}
 		}
 	}
@@ -1150,7 +1190,7 @@ class Apps {
 			$ret['success'] = true;
 			$ret['app_id'] = $darray['app_id'];
 		}
-		if($arr['categories']) {
+		if(isset($arr['categories']) && $arr['categories']) {
 			$x = q("select id from app where app_id = '%s' and app_channel = %d limit 1",
 				dbesc($darray['app_id']),
 				intval($darray['app_channel'])
@@ -1158,9 +1198,9 @@ class Apps {
 			$y = explode(',',$arr['categories']);
 			if($y) {
 				foreach($y as $t) {
-					$t = trim($t);
+					$t = escape_tags(trim($t));
 					if($t) {
-						store_item_tag($darray['app_channel'],$x[0]['id'],TERM_OBJ_APP,TERM_CATEGORY,escape_tags($t),escape_tags(z_root() . '/apps/?f=&cat=' . escape_tags($t)));
+						store_item_tag($darray['app_channel'], $x[0]['id'], TERM_OBJ_APP, TERM_CATEGORY, $t, z_root() . '/apps/?f=&cat=' . $t);
 					}
 				}
 			}
@@ -1248,7 +1288,7 @@ class Apps {
 				intval(TERM_OBJ_APP),
 				intval($x[0]['id'])
 			);
-			if($arr['categories']) {
+			if(isset($arr['categories']) && $arr['categories']) {
 				$y = explode(',',$arr['categories']);
 				if($y) {
 					foreach($y as $t) {
@@ -1356,4 +1396,17 @@ class Apps {
 		return chunk_split(base64_encode(json_encode($papp)),72,"\n");
 	}
 
+	static public function get_papp($app) {
+
+		$r = q("select * from app where app_id = '%s' and app_channel = 0 limit 1",
+			dbesc(hash('whirlpool', $app))
+		);
+
+		if ($r) {
+			$papp = self::app_encode($r[0]);
+			return $papp;
+		}
+
+		return false;
+	}
 }

Zotlabs/Lib/Connect.php

@@ -69,7 +69,8 @@ class Connect {
 		$xchan_hash = '';
 		$sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
 
-		$r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ",
+		// We need both, the xchan and the hubloc here hence use JOIN instead of LEFT JOIN
+		$r = q("SELECT * FROM xchan JOIN hubloc ON xchan_hash = hubloc_hash WHERE ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ORDER BY hubloc_id DESC",
 			dbesc($url),
 			dbesc($url),
 			dbesc($url)
@@ -80,12 +81,13 @@ class Connect {
 			// reset results to the best record or the first if we don't have the best
 			// note: this is a single record and not an array of results
 
-			$r = Libzot::zot_record_preferred($r,'xchan_network');
+			$r = Libzot::zot_record_preferred($r, 'xchan_network');
 
 		}
 
 		$singleton = false;
 		$d = false;
+		$wf = false;
 
 		if (! $r) {
 
@@ -108,10 +110,12 @@ class Connect {
 
 		if ($wf || $d) {
 
+			$xchan_hash = (($wf) ? $wf : $url);
+
 			// something was discovered - find the record which was just created.
 
 			$r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s' ) $sql_options",
-				dbesc(($wf) ? $wf : $url),
+				dbesc($xchan_hash),
 				dbesc($url),
 				dbesc($url)
 			);
@@ -119,7 +123,7 @@ class Connect {
 			// convert to a single record (once again preferring a zot solution in the case of multiples)
 
 			if ($r) {
-				$r = Libzot::zot_record_preferred($r,'xchan_network');
+				$r = Libzot::zot_record_preferred($r, 'xchan_network');
 			}
 		}
 
@@ -146,7 +150,7 @@ class Connect {
 
 		}
 
-		$allowed = ((in_array($xchan['xchan_network'],['rss','zot','zot6'])) ? 1 : 0);
+		$allowed = ((in_array($xchan['xchan_network'],['rss', 'zot6'])) ? 1 : 0);
 
 		$hookdata = ['channel_id' => $uid, 'follow_address' => $url, 'xchan' => $xchan, 'allowed' => $allowed, 'singleton' => 0];
 		call_hooks('follow_allow',$hookdata);
@@ -261,7 +265,8 @@ class Connect {
 					'abook_feed'      => intval(($xchan['xchan_network'] === 'rss') ? 1 : 0),
 					'abook_created'   => datetime_convert(),
 					'abook_updated'   => datetime_convert(),
-					'abook_instance'  => (($singleton) ? z_root() : '')
+					'abook_instance'  => (($singleton) ? z_root() : ''),
+					'abook_role'      => get_pconfig($uid, 'system', 'default_permcat', 'default')
 				]
 			);
 		}
@@ -300,7 +305,7 @@ class Connect {
 		/** If there is a default group for this channel, add this connection to it */
 
 		if ($default_group) {
-			$g = AccessList::rec_byhash($uid,$default_group);
+			$g = AccessList::by_hash($uid,$default_group);
 			if ($g) {
 				AccessList::member_add($uid,'',$xchan_hash,$g['id']);
 			}

Zotlabs/Lib/Crypto.php

@@ -87,6 +87,10 @@ class Crypto {
 			return false;
 		}
 
+		if (!$alg) {
+			$alg = 'sha256';
+		}
+
 		try {
 			$verify = openssl_verify($data, $sig, $key, $alg);
 		} catch (Exception $e) {

Zotlabs/Lib/DReport.php

@@ -87,27 +87,13 @@ class DReport {
 
 		// Is the sender one of our channels?
 
-		$c = q("select channel_id from channel where channel_hash = '%s' or channel_portable_id = '%s' limit 1",
-			dbesc($dr['sender']),
+		$c = q("select channel_id from channel where channel_hash = '%s' limit 1",
 			dbesc($dr['sender'])
 		);
 
 		if(! $c)
 			return false;
 
-		// legacy zot recipients add a space and their name to the xchan. remove it if true.
-
-		$legacy_recipient = strpos($dr['recipient'], ' ');
-		if($legacy_recipient !== false) {
-			$legacy_recipient_parts = explode(' ', $dr['recipient'], 2);
-			$rxchan = $legacy_recipient_parts[0];
-		}
-		else {
-			$rxchan = $dr['recipient'];
-		}
-
-
-
 		// is the recipient one of our connections, or do we want to store every report?
 
 		$pcf = get_pconfig($c[0]['channel_id'],'system','dreport_store_all');
@@ -118,7 +104,7 @@ class DReport {
 		// So if a remote site says they can't find us, that's no big surprise
 		// and just creates a lot of extra report noise
 
-		if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient not found'))
+		if(($dr['location'] !== z_root()) && ($dr['sender'] === $dr['recipient']) && ($dr['status'] === 'recipient not found'))
 			return false;
 
 		// If you have a private post with a recipient list, every single site is going to report
@@ -127,14 +113,14 @@ class DReport {
 		// have a channel on that site.
 
 		$r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_url = '%s'",
-			dbesc($rxchan),
+			dbesc($dr['recipient']),
 			dbesc($dr['location'])
 		);
 		if((! $r) && ($dr['status'] === 'recipient_not_found'))
 			return false;
 
 		$r = q("select abook_id from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
-			dbesc($rxchan),
+			dbesc($dr['recipient']),
 			intval($c[0]['channel_id'])
 		);
 		if($r)

Zotlabs/Lib/Enotify.php

@@ -69,24 +69,24 @@ class Enotify {
 		$sender_name = $product;
 		$hostname = \App::get_hostname();
 		if(strpos($hostname,':'))
-			$hostname = substr($hostname,0,strpos($hostname,':'));
+			$hostname = substr($hostname, 0, strpos($hostname,':'));
 
 		// Do not translate 'noreply' as it must be a legal 7-bit email address
 
-		$reply_email = get_config('system','reply_address');
+		$reply_email = get_config('system', 'reply_address');
 		if(! $reply_email)
 			$reply_email = 'noreply' . '@' . $hostname;
 
-		$sender_email = get_config('system','from_email');
+		$sender_email = get_config('system', 'from_email');
 		if(! $sender_email)
 			$sender_email = 'Administrator' . '@' . $hostname;
 
-		$sender_name = get_config('system','from_email_name');
+		$sender_name = get_config('system', 'from_email_name');
 		if(! $sender_name)
 			$sender_name = \Zotlabs\Lib\System::get_site_name();
 
 
-		$additional_mail_header = "";
+		$additional_mail_header = '';
 
 		if(array_key_exists('item', $params)) {
 			require_once('include/conversation.php');
@@ -114,27 +114,31 @@ class Enotify {
 		}
 
 
-	$always_show_in_notices = get_pconfig($recip['channel_id'],'system','always_show_in_notices');
-	$vnotify = get_pconfig($recip['channel_id'],'system','vnotify');
+	$always_show_in_notices = get_pconfig($recip['channel_id'], 'system', 'always_show_in_notices');
+	$vnotify = get_pconfig($recip['channel_id'], 'system', 'vnotify');
 
 	$salutation = $recip['channel_name'];
 
 	// e.g. "your post", "David's photo", etc.
 	$possess_desc = t('%s <!item_type!>');
 
-	if ($params['type'] == NOTIFY_MAIL) {
-		logger('notification: mail');
-		$subject = 	sprintf( t('[$Projectname:Notify] New mail received at %s'),$sitename);
+	$parent_mid = '';
+	$parent_item = [];
 
-		$preamble = sprintf( t('%1$s sent you a new private message at %2$s.'), $sender['xchan_name'],$sitename);
-		$epreamble = sprintf( t('%1$s sent you %2$s.'),'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]');
-		$sitelink = t('Please visit %s to view and/or reply to your private messages.');
-		$tsitelink = sprintf( $sitelink, $siteurl . '/mail/' . $params['item']['id'] );
-		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/mail/' . $params['item']['id'] . '">' . $sitename . '</a>');
-		$itemlink = $siteurl . '/mail/' . $params['item']['id'];
+// @@TODO: consider using switch instead of those elseif
+	if (isset($params['type']) && $params['type'] == NOTIFY_MAIL) {
+		logger('notification: mail');
+		$subject = 	sprintf( t('[$Projectname:Notify] New direct message received at %s'), $sitename);
+
+		$preamble = sprintf( t('%1$s sent you a new direct message at %2$s'), $sender['xchan_name'], $sitename);
+		$epreamble = sprintf( t('%1$s sent you %2$s.'), '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a direct message') . '[/zrl]');
+		$sitelink = t('Please visit %s to view and/or reply to your direct messages.');
+		$tsitelink = sprintf( $sitelink, $siteurl . '/hq/' . gen_link_id($params['item']['mid']));
+		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/hq/' . gen_link_id($params['item']['mid']) . '">' . $sitename . '</a>');
+		$itemlink = $siteurl . '/hq/' . gen_link_id($params['item']['mid']);
 	}
 
-	if ($params['type'] == NOTIFY_COMMENT) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_COMMENT) {
 		//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
 
 		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
@@ -166,12 +170,11 @@ class Enotify {
 
 		}
 
-		$parent_mid = $params['parent_mid'];
+		$parent_mid = $params['parent_mid'] ?? '';
 
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification
 
-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -196,6 +199,7 @@ class Enotify {
 
 		xchan_query($p);
 
+//@@FIXME $p can be null (line 188)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
@@ -237,7 +241,7 @@ class Enotify {
 			$subject = sprintf( t('[$Projectname:Notify] Moderated Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
 		else
 			$subject = sprintf( t('[$Projectname:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
-		$preamble = sprintf( t('%1$s commented on an item/conversation you have been following.'), $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s commented on an item/conversation you have been following'), $sender['xchan_name']);
 		$epreamble = $dest_str;
 
 		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
@@ -250,25 +254,24 @@ class Enotify {
 
 	}
 
-	if ($params['type'] == NOTIFY_LIKE) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_LIKE) {
 //		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
 
 		$itemlink =  $params['link'];
 
-		if (array_key_exists('item',$params) && (! activity_match($params['item']['verb'],ACTIVITY_LIKE))) {
-			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE)) {
+		if (array_key_exists('item',$params) && (activity_match($params['item']['verb'], ACTIVITY_LIKE) || activity_match($params['item']['verb'], ACTIVITY_DISLIKE))) {
+			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE) || !feature_enabled($recip['channel_id'], 'dislike')) {
 				logger('notification: not a visible activity. Ignoring.');
 				pop_lang();
 				return;
 			}
 		}
 
-		$parent_mid = $params['parent_mid'];
+		$parent_mid = $params['parent_mid'] ?? '';
 
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification
 
-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -291,8 +294,12 @@ class Enotify {
 			);
 		}
 
-		xchan_query($p);
+		if (!$p) {
+			pop_lang();
+			return;
+		}
 
+		xchan_query($p);
 
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
@@ -300,13 +307,16 @@ class Enotify {
 
 		$parent_item = $p[0];
 
+		$verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked'));
 
 		// "your post"
-		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
-			$dest_str = sprintf(t('%1$s liked [zrl=%2$s]your %3$s[/zrl]'),
+		if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+			$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]your %4$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$verb,
 				$itemlink,
-				$item_post_type);
+				$item_post_type
+			);
 		else {
 			pop_lang();
 			return;
@@ -318,7 +328,7 @@ class Enotify {
 		// differents subjects for messages on the same thread.
 
 		$subject = sprintf( t('[$Projectname:Notify] Like received to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']);
-		$preamble = sprintf( t('%1$s liked an item/conversation you created.'), $sender['xchan_name']);
+		$preamble = sprintf( t('%1$s liked an item/conversation you created'), $sender['xchan_name']);
 		$epreamble = $dest_str;
 
 		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
@@ -328,7 +338,7 @@ class Enotify {
 
 
 
-	if($params['type'] == NOTIFY_WALL) {
+	elseif(isset($params['type']) && $params['type'] === NOTIFY_WALL) {
 		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
 
 		$preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
@@ -343,9 +353,8 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_TAGSELF) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_TAGSELF) {
 
-		$p = null;
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
 			intval($recip['channel_id'])
@@ -368,7 +377,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_POKE) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_POKE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
@@ -385,7 +394,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_TAGSHARE) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_TAGSHARE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
@@ -398,7 +407,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_INTRO) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_INTRO) {
 		$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
 		$preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
@@ -412,7 +421,7 @@ class Enotify {
 		$itemlink = $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_SUGGEST) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_SUGGEST) {
 		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
 		$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
@@ -430,11 +439,11 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	if ($params['type'] == NOTIFY_CONFIRM) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_CONFIRM) {
 		// ?
 	}
 
-	if ($params['type'] == NOTIFY_SYSTEM) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_SYSTEM) {
 		// ?
 	}
 
@@ -477,7 +486,7 @@ class Enotify {
 	} while ($dups === true);
 
 
-	$datarray = array();
+	$datarray = [];
 	$datarray['hash']   = $hash;
 	$datarray['sender_hash'] = $sender['xchan_hash'];
 	$datarray['xname']   = $sender['xchan_name'];
@@ -489,12 +498,13 @@ class Enotify {
 	$datarray['link']   = $itemlink;
 	$datarray['parent'] = $parent_mid;
 	$datarray['parent_item'] = $parent_item;
-	$datarray['ntype']   = $params['type'];
-	$datarray['verb']   = $params['verb'];
-	$datarray['otype']  = $params['otype'];
+	$datarray['ntype']   = $params['type'] ?? '';
+	$datarray['verb']   = $params['verb'] ?? '';
+	$datarray['otype']  = $params['otype'] ?? '';
  	$datarray['abort']  = false;
+	$datarray['seen'] = 0;
 
-	$datarray['item'] = $params['item'];
+	$datarray['item'] = $params['item'] ?? [];
 
 	call_hooks('enotify_store', $datarray);
 
@@ -505,7 +515,6 @@ class Enotify {
 
 
 	// create notification entry in DB
-	$seen = 0;
 
 	// Mark some notifications as seen right away
 	// Note! The notification have to be created, because they are used to send emails
@@ -514,8 +523,8 @@ class Enotify {
 	// (probably would be better that way)
 
 	if (!$always_show_in_notices) {
-		if (($params['type'] == NOTIFY_WALL) || ($params['type'] == NOTIFY_MAIL) || ($params['type'] == NOTIFY_INTRO)) {
-			$seen = 1;
+		if (($params['type'] === NOTIFY_WALL) || ($params['type'] === NOTIFY_MAIL) || ($params['type'] === NOTIFY_INTRO)) {
+			$datarray['seen'] = 1;
 		}
 	}
 
@@ -531,7 +540,7 @@ class Enotify {
 		intval($datarray['uid']),
 		dbesc($datarray['link']),
 		dbesc($datarray['parent']),
-		intval($seen),
+		intval($datarray['seen']),
 		intval($datarray['ntype']),
 		dbesc($datarray['verb']),
 		dbesc($datarray['otype'])
@@ -550,12 +559,12 @@ class Enotify {
 	}
 
 	$itemlink = z_root() . '/notify/view/' . $notify_id;
-	$msg = str_replace('$itemlink',$itemlink,$epreamble);
+	$msg = str_replace('$itemlink', $itemlink, $epreamble);
 
 	// wretched hack, but we don't want to duplicate all the preamble variations and we also don't want to screw up a translation
 
 	if ((\App::$language === 'en' || (! \App::$language)) && strpos($msg,', '))
-		$msg = substr($msg,strpos($msg,', ')+1);
+		$msg = substr($msg, strpos($msg,', ')+1);
 
 	$datarray['id'] = $notify_id;
 	$datarray['msg'] = $msg;
@@ -575,7 +584,7 @@ class Enotify {
 
 		logger('notification: sending notification email');
 
-		$hn = get_pconfig($recip['channel_id'],'system','email_notify_host');
+		$hn = get_pconfig($recip['channel_id'], 'system', 'email_notify_host');
 		if($hn && (! stristr(\App::get_hostname(),$hn))) {
 			// this isn't the email notification host
 			pop_lang();
@@ -584,7 +593,7 @@ class Enotify {
 
 		$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array( "", "\n"), $body))),ENT_QUOTES,'UTF-8'));
 
-		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array("","<br />\n"),$body)));
+		$htmlversion = bbcode(stripslashes(str_replace(array("\\r","\\n"), array('',"<br />\n"),$body)));
 
 
 		// use $_SESSION['zid_override'] to force zid() to use
@@ -601,14 +610,14 @@ class Enotify {
 		unset($_SESSION['zid_override']);
 		unset($_SESSION['zrl_override']);
 
-		$datarray = array();
+		$datarray = [];
 		$datarray['banner']       = $banner;
 		$datarray['product']      = $product;
 		$datarray['preamble']     = $preamble;
 		$datarray['sitename']     = $sitename;
 		$datarray['siteurl']      = $siteurl;
-		$datarray['type']         = $params['type'];
-		$datarray['parent']       = $params['parent_mid'];
+		$datarray['type']         = $params['type'] ?? '';
+		$datarray['parent']       = $params['parent_mid'] ?? '';
 		$datarray['source_name']  = $sender['xchan_name'];
 		$datarray['source_link']  = $sender['xchan_url'];
 		$datarray['source_photo'] = $sender['xchan_photo_s'];
@@ -675,7 +684,6 @@ class Enotify {
 			'$source_name'  => $datarray['source_name'],
 			'$source_link'  => $datarray['source_link'],
 			'$source_photo' => $datarray['source_photo'],
-			'$username'     => $datarray['to_name'],
 			'$hsitelink'    => $datarray['hsitelink'],
 			'$hitemlink'    => $datarray['hitemlink'],
 			'$thanks'       => $datarray['thanks'],
@@ -697,7 +705,6 @@ class Enotify {
 			'$source_name'  => $datarray['source_name'],
 			'$source_link'  => $datarray['source_link'],
 			'$source_photo' => $datarray['source_photo'],
-			'$username'     => $datarray['to_name'],
 			'$tsitelink'    => $datarray['tsitelink'],
 			'$titemlink'    => $datarray['titemlink'],
 			'$thanks'       => $datarray['thanks'],
@@ -758,9 +765,9 @@ class Enotify {
 		$messageSubject = email_header_encode(html_entity_decode($params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
 
 		// generate a mime boundary
-		$mimeBoundary = rand(0, 9) . "-"
-				.rand(100000000, 999999999) . "-"
-				.rand(100000000, 999999999) . "=:"
+		$mimeBoundary = rand(0, 9) . '-'
+				.rand(100000000, 999999999) . '-'
+				.rand(100000000, 999999999) . '=:'
 				.rand(10000, 99999);
 
 		// generate a multipart/alternative message header
@@ -768,7 +775,7 @@ class Enotify {
 			$params['additionalMailHeader'] .
 			"From: $fromName <{$params['fromEmail']}>" . PHP_EOL .
 			"Reply-To: $fromName <{$params['replyTo']}>" . PHP_EOL .
-			"MIME-Version: 1.0" . PHP_EOL .
+			'MIME-Version: 1.0' . PHP_EOL .
 			"Content-Type: multipart/alternative; boundary=\"{$mimeBoundary}\"";
 
 		// assemble the final multipart message body with the text and html types included
@@ -776,15 +783,15 @@ class Enotify {
 		$htmlBody = chunk_split(base64_encode($params['htmlVersion']));
 
 		$multipartMessageBody =
-			"--" . $mimeBoundary . PHP_EOL .					// plain text section
-			"Content-Type: text/plain; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// plain text section
+			'Content-Type: text/plain; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$textBody . PHP_EOL .
-			"--" . $mimeBoundary . PHP_EOL .					// text/html section
-			"Content-Type: text/html; charset=UTF-8" . PHP_EOL .
-			"Content-Transfer-Encoding: base64" . PHP_EOL . PHP_EOL .
+			'--' . $mimeBoundary . PHP_EOL .					// text/html section
+			'Content-Type: text/html; charset=UTF-8' . PHP_EOL .
+			'Content-Transfer-Encoding: base64' . PHP_EOL . PHP_EOL .
 			$htmlBody . PHP_EOL .
-			"--" . $mimeBoundary . "--" . PHP_EOL;					// message ending
+			'--' . $mimeBoundary . '--' . PHP_EOL;					// message ending
 
 		// send the message
 		$res = mail(
@@ -793,7 +800,7 @@ class Enotify {
 			$multipartMessageBody,							// message body
 			$messageHeader									// message headers
 		);
-		logger("notification: enotify::send returns " . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
+		logger('notification: enotify::send returns ' . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
 		return $res;
 	}
 
@@ -809,10 +816,10 @@ class Enotify {
 
 		localize_item($item);
 
-		if($item['shortlocalize']) {
+		if(isset($item['shortlocalize'])) {
 			$itemem_text = $item['shortlocalize'];
 		}
-		elseif($item['localize']) {
+		elseif(isset($item['localize'])) {
 			$itemem_text = $item['localize'];
 		}
 		else {
@@ -821,10 +828,18 @@ class Enotify {
 				: (($item['obj_type'] === 'Answer') ? sprintf( t('voted on %s\'s poll'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]') : sprintf( t('commented on %s\'s post'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]'))
 			);
 
-			if($item['verb'] === ACTIVITY_SHARE) {
+			if($item['verb'] === ACTIVITY_SHARE && empty($item['owner']['xchan_pubforum'])) {
 				$itemem_text = sprintf( t('repeated %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
 			}
 
+			if($item['verb'] === ACTIVITY_LIKE) {
+				$itemem_text = sprintf( t('liked %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
+			}
+
+			if($item['verb'] === ACTIVITY_DISLIKE) {
+				$itemem_text = sprintf( t('disliked %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
+			}
+
 			if(in_array($item['obj_type'], ['Document', 'Video', 'Audio', 'Image'])) {
 				$itemem_text = t('shared a file with you');
 			}
@@ -833,41 +848,44 @@ class Enotify {
 		$edit = false;
 
 		if($item['edited'] > $item['created']) {
+			$edit = true;
 			if($item['item_thread_top']) {
 				$itemem_text = sprintf( t('edited a post dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 			else {
 				$itemem_text = sprintf( t('edited a comment dated %s'), relative_date($item['created']));
-				$edit = true;
 			}
 		}
 
 
 		// convert this logic into a json array just like the system notifications
 
-		$who = (($item['verb'] === ACTIVITY_SHARE) ? 'owner' : 'author');
+		$who = (($item['verb'] === ACTIVITY_SHARE && empty($item['owner']['xchan_pubforum'])) ? 'owner' : 'author');
+		$body = html2plain(bbcode($item['body'], ['drop_media' => true, 'tryoembed' => false]), 75, true);
+		if ($body) {
+			$body = htmlentities($body, ENT_QUOTES, 'UTF-8', false);
+		}
 
 		$x = array(
 			'notify_link' => $item['llink'],
 			'name' => $item[$who]['xchan_name'],
-			'addr' => (($item[$who]['xchan_addr']) ? $item[$who]['xchan_addr'] : $item[$who]['xchan_url']),
+			'addr' => $item[$who]['xchan_addr'] ? $item[$who]['xchan_addr'] : $item[$who]['xchan_url'],
 			'url' => $item[$who]['xchan_url'],
 			'photo' => $item[$who]['xchan_photo_s'],
 			'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])),
 			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
-			'b64mid' => (($item['mid']) ? 'b64.' . base64url_encode($item['mid']) : ''),
-			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? 'b64.' . base64url_encode($item['thr_parent']) : 'b64.' . base64url_encode($item['mid'])),
+			'b64mid' => (($item['mid']) ? gen_link_id($item['mid']) : ''),
+			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? gen_link_id($item['thr_parent']) : gen_link_id($item['mid'])),
 			'thread_top' => (($item['item_thread_top']) ? true : false),
 			'message' => bbcode(escape_tags($itemem_text)),
-			'body' =>  htmlentities(html2plain(bbcode($item['body']), 75, true), ENT_QUOTES, 'UTF-8', false),
+			'body' => $body,
 			// these are for the superblock addon
 			'hash' => $item[$who]['xchan_hash'],
 			'uid' => $item['uid'],
 			'display' => true
 		);
 
-		call_hooks('enotify_format',$x);
+		call_hooks('enotify_format', $x);
 		if(! $x['display']) {
 			return [];
 		}
@@ -884,9 +902,9 @@ class Enotify {
 
 		$mid = basename($tt['link']);
 
-		$b64mid = ((strpos($mid, 'b64.') === 0) ? $mid : 'b64.' . base64url_encode($mid));
+		$b64mid = gen_link_id($mid);
 		$x = [
-			'notify_link' => z_root() . '/notify/view/' . $tt['id'],
+			'notify_link' => (($tt['ntype'] === NOTIFY_MAIL) ? $tt['link'] : z_root() . '/notify/view/' . $tt['id']),
 			'name' => $tt['xname'],
 			'url' => $tt['url'],
 			'photo' => $tt['photo'],
@@ -903,8 +921,8 @@ class Enotify {
 
 	static public function format_intros($rr) {
 
-		$x = [
-			'notify_link' => z_root() . '/connections/ifpending',
+		return [
+			'notify_link' => z_root() . '/connections#' . $rr['abook_id'],
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
 			'url' => $rr['xchan_url'],
@@ -914,13 +932,11 @@ class Enotify {
 			'message' => t('added your channel')
 		];
 
-		return $x;
-
 	}
 
 	static public function format_files($rr) {
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/sharedwithme',
 			'name' => $rr['author']['xchan_name'],
 			'addr' => $rr['author']['xchan_addr'],
@@ -931,13 +947,11 @@ class Enotify {
 			'message' => t('shared a file with you')
 		];
 
-		return $x;
-
 	}
 
 	static public function format_mail($rr) {
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/mail/' . $rr['id'],
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
@@ -945,11 +959,9 @@ class Enotify {
 			'photo' => $rr['xchan_photo_s'],
 			'when' => datetime_convert('UTC', date_default_timezone_get(), $rr['created']),
 			'hclass' => (intval($rr['mail_seen']) ? 'notify-seen' : 'notify-unseen'),
-			'message' => t('sent you a private message'),
+			'message' => t('sent you a direct message'),
 		];
 
-		return $x;
-
 	}
 
 	static public function format_all_events($rr) {
@@ -959,7 +971,7 @@ class Enotify {
 		$today = ((substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d')) ? true : false);
 		$when = day_translate(datetime_convert('UTC', (($rr['adjust']) ? date_default_timezone_get() : 'UTC'), $rr['dtstart'], $bd_format)) . (($today) ?  ' ' . t('[today]') : '');
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/cdav/calendar/' . $rr['event_hash'],
 			'name'        => $rr['xchan_name'],
 			'addr'        => $rr['xchan_addr'],
@@ -970,13 +982,12 @@ class Enotify {
 			'message'     => t('created an event')
 		];
 
-		return $x;
 
 	}
 
 	static public function format_register($rr) {
 
-		$x = [
+		return [
 			'notify_link' => z_root() . '/admin/accounts',
 			'name' => $rr['reg_did2'],
 			//'addr' => '',
@@ -986,7 +997,5 @@ class Enotify {
 			'message' => t('status verified')
 		];
 
-		return $x;
-
 	}
 }

Zotlabs/Lib/Group.php

@@ -1,405 +0,0 @@
-<?php 
-
-namespace Zotlabs\Lib;
-
-use Zotlabs\Lib\Libsync;
-
-
-class Group {
-	
-	static function add($uid,$name,$public = 0) {
-
-		$ret = false;
-		if(x($uid) && x($name)) {
-			$r = self::byname($uid,$name); // check for dups
-			if($r !== false) {
-
-				// This could be a problem. 
-				// Let's assume we've just created a group which we once deleted
-				// all the old members are gone, but the group remains so we don't break any security
-				// access lists. What we're doing here is reviving the dead group, but old content which
-				// was restricted to this group may now be seen by the new group members. 
-
-				$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
-					intval($r)
-				);
-				if(($z) && $z[0]['deleted']) {
-					q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
-					notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL); 
-				}
-				return true;
-			}
-
-			do {
-				$dups = false;
-				$hash = random_string(32) . str_replace(['<','>'],['.','.'], $name);
-
-				$r = q("SELECT id FROM pgrp WHERE hash = '%s' LIMIT 1", dbesc($hash));
-				if($r)
-					$dups = true;
-			} while($dups == true);
-
-
-			$r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
-				VALUES( '%s', %d, %d, '%s' ) ",
-				dbesc($hash),
-				intval($uid),
-				intval($public),
-				dbesc($name)
-			);
-			$ret = $r;
-		}
-
-		Libsync::build_sync_packet($uid,null,true);
-		return $ret;
-	}
-
-
-	static function remove($uid,$name) {
-		$ret = false;
-		if(x($uid) && x($name)) {
-			$r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
-				intval($uid),
-				dbesc($name)
-			);
-			if($r) {
-				$group_id = $r[0]['id'];
-				$group_hash = $r[0]['hash'];
-			}
-
-			if(! $group_id)
-				return false;
-
-			// remove group from default posting lists
-			$r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
-			       intval($uid)
-			);
-			if($r) {
-				$user_info = $r[0];
-				$change = false;
-
-				if($user_info['channel_default_group'] == $group_hash) {
-					$user_info['channel_default_group'] = '';
-					$change = true;
-				}
-				if(strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
-					$user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
-					$change = true;
-				}
-				if(strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
-					$user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
-					$change = true;
-				}
-
-				if($change) {
-					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' 
-						WHERE channel_id = %d",
-						intval($user_info['channel_default_group']),
-						dbesc($user_info['channel_allow_gid']),
-						dbesc($user_info['channel_deny_gid']),
-						intval($uid)
-					);
-				}
-			}
-
-			// remove all members
-			$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d ",
-				intval($uid),
-				intval($group_id)
-			);
-
-			// remove group
-			$r = q("UPDATE pgrp SET deleted = 1 WHERE uid = %d AND gname = '%s'",
-				intval($uid),
-				dbesc($name)
-			);
-
-			$ret = $r;
-
-		}
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $ret;
-	}
-
-
-	static function byname($uid,$name) {
-		if((! $uid) || (! strlen($name)))
-			return false;
-		$r = q("SELECT * FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
-			intval($uid),
-			dbesc($name)
-		);
-		if($r)
-			return $r[0]['id'];
-		return false;
-	}
-
-
-	static function rec_byhash($uid,$hash) {
-		if((! $uid) || (! strlen($hash)))
-			return false;
-		$r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
-			intval($uid),
-			dbesc($hash)
-		);
-		if($r)
-			return $r[0];
-		return false;
-	}
-
-
-	static function member_remove($uid,$name,$member) {
-		$gid = self::byname($uid,$name);
-		if(! $gid)
-			return false;
-		if(! ( $uid && $gid && $member))
-			return false;
-		$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
-			intval($uid),
-			intval($gid),
-			dbesc($member)
-		);
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $r;
-	}
-
-
-	static function member_add($uid,$name,$member,$gid = 0) {
-		if(! $gid)
-			$gid = self::byname($uid,$name);
-		if((! $gid) || (! $uid) || (! $member))
-			return false;
-
-		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",	
-			intval($uid),
-			intval($gid),
-			dbesc($member)
-		);
-		if($r)
-			return true;	// You might question this, but 
-				// we indicate success because the group member was in fact created
-				// -- It was just created at another time
-	 	if(! $r)
-			$r = q("INSERT INTO pgrp_member (uid, gid, xchan)
-				VALUES( %d, %d, '%s' ) ",
-				intval($uid),
-				intval($gid),
-				dbesc($member)
-		);
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $r;
-	}
-
-
-	static function members($gid) {
-		$ret = array();
-		if(intval($gid)) {
-			$r = q("SELECT * FROM pgrp_member 
-				LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
-				WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
-				intval($gid),
-				intval(local_channel()),
-				intval(local_channel())
-			);
-			if($r)
-				$ret = $r;
-		}
-		return $ret;
-	}
-
-	static function members_xchan($gid) {
-		$ret = [];
-		if(intval($gid)) {
-			$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
-				intval($gid),
-				intval(local_channel())
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$ret[] = $rr['xchan'];
-				}
-			}
-		}
-		return $ret;
-	}
-
-	static function members_profile_xchan($uid,$gid) {
-		$ret = [];
-
-		if(intval($gid)) {
-			$r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
-				intval($gid),
-				intval($uid)
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$ret[] = $rr['xchan'];
-				}
-			}
-		}
-		return $ret;
-	}
-
-
-
-
-	static function select($uid,$group = '') {
-	
-		$grps = [];
-		$o = '';
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($uid)
-		);
-		$grps[] = array('name' => '', 'hash' => '0', 'selected' => '');
-		if($r) {
-			foreach($r as $rr) {
-				$grps[] = array('name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : ''));
-			}
-
-		}
-		logger('select: ' . print_r($grps,true), LOGGER_DATA);
-
-		$o = replace_macros(get_markup_template('group_selection.tpl'), array(
-			'$label' => t('Add new connections to this privacy group'),
-			'$groups' => $grps 
-		));
-		return $o;
-	}
-
-
-
-
-	static function widget($every="connections",$each="group",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
-
-		$o = '';
-
-		if(! (local_channel() && feature_enabled(local_channel(),'groups'))) {
-			return '';
-		}
-
-		$groups = array();
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($_SESSION['uid'])
-		);
-		$member_of = array();
-		if($cid) {
-			$member_of = self::containing(local_channel(),$cid);
-		} 
-
-		if($r) {
-			foreach($r as $rr) {
-				$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
-			
-				if ($edit) {
-					$groupedit = [ 'href' => "group/".$rr['id'], 'title' => t('edit') ];
-				} 
-				else {
-					$groupedit = null;
-				}
-			
-				$groups[] = [
-					'id'		=> $rr['id'],
-					'enc_cid'   => base64url_encode($cid),
-					'cid'		=> $cid,
-					'text' 		=> $rr['gname'],
-					'selected' 	=> $selected,
-					'href'		=> (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
-					'edit'		=> $groupedit,
-					'ismember'	=> in_array($rr['id'],$member_of),
-				];
-			}
-		}
-	
-	
-		$tpl = get_markup_template("group_side.tpl");
-		$o = replace_macros($tpl, array(
-			'$title'		=> t('Privacy Groups'),
-			'$edittext'     => t('Edit group'),
-			'$createtext' 	=> t('Add privacy group'),
-			'$ungrouped'    => (($every === 'contacts') ? t('Channels not in any privacy group') : ''),
-			'$groups'		=> $groups,
-			'$add'			=> t('add'),
-		));
-		
-	
-		return $o;
-	}
-
-
-	static function expand($g) {
-		if(! (is_array($g) && count($g)))
-			return array();
-
-		$ret = [];
-		$x   = [];
-
-		// private profile linked virtual groups
-
-		foreach($g as $gv) {
-			if(substr($gv,0,3) === 'vp.') {
-				$profile_hash = substr($gv,3);
-				if($profile_hash) {
-					$r = q("select abook_xchan from abook where abook_profile = '%s'",
-						dbesc($profile_hash)
-					);
-					if($r) {
-						foreach($r as $rv) {
-							$ret[] = $rv['abook_xchan'];
-						}
-					}
-				}
-			}
-			else {
-				$x[] = $gv;
-			}
-		}								 
-
-		if($x) {
-			stringify_array_elms($x,true);
-			$groups = implode(',', $x);
-			if($groups) {
-				$r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
-				if($r) {
-					foreach($r as $rr) {
-						$ret[] = $rr['xchan'];
-					}
-				}
-			}
-		}
-		return $ret;
-	}
-
-
-	static function member_of($c) {
-		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname  ASC ",
-			dbesc($c)
-		);
-
-		return $r;
-
-	}
-
-	static function containing($uid,$c) {
-
-		$r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
-			intval($uid),
-			dbesc($c)
-		);
-
-		$ret = array();
-		if($r) {
-			foreach($r as $rr)
-				$ret[] = $rr['gid'];
-		}
-	
-		return $ret;
-	}
-}

Zotlabs/Lib/LDSignatures.php

@@ -75,22 +75,23 @@ class LDSignatures {
 	}
 
 	static function hash($obj) {
-
-		return hash('sha256',self::normalise($obj));
+		return hash('sha256', self::normalise($obj));
 	}
 
 	static function normalise($data) {
+		$ret = '';
+
 		if(is_string($data)) {
 			$data = json_decode($data);
 		}
 
 		if(! is_object($data))
-			return '';
+			return $ret;
 
 		jsonld_set_document_loader('jsonld_document_loader');
 
 		try {
-			$d = jsonld_normalize($data,[ 'algorithm' => 'URDNA2015', 'format' => 'application/nquads' ]);
+			$ret = jsonld_normalize($data,[ 'algorithm' => 'URDNA2015', 'format' => 'application/nquads' ]);
 		}
 		catch (\Exception $e) {
 			// Don't log the exception - this can exhaust memory
@@ -98,7 +99,7 @@ class LDSignatures {
 			logger('normalise error: ' . print_r($data,true));
 		}
 
-		return $d;
+		return $ret;
 	}
 
 	static function salmon_sign($data,$channel) {

Zotlabs/Lib/Libsync.php

@@ -135,15 +135,13 @@ class Libsync {
 				$info['collection_members'] = $r;
 		}
 
-		$interval = ((get_config('system', 'delivery_interval') !== false)
-			? intval(get_config('system', 'delivery_interval')) : 2);
+		$interval = get_config('queueworker', 'queue_interval', 500000);
 
 		logger('Packet: ' . print_r($info, true), LOGGER_DATA, LOG_DEBUG);
 
 		$total = count($synchubs);
-
 		foreach ($synchubs as $hub) {
-			$hash = random_string();
+			$hash = new_uuid();
 			$n    = Libzot::build_packet($channel, 'sync', $env_recips, json_encode($info), 'hz', $hub['hubloc_sitekey'], $hub['site_crypto']);
 			Queue::insert([
 				'hash'       => $hash,
@@ -156,19 +154,26 @@ class Libsync {
 			]);
 
 
+			/*
 			$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
+
 			if (intval($x[0]['total']) > intval(get_config('system', 'force_queue_threshold', 3000))) {
 				logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
 				Queue::update($hash);
 				continue;
 			}
-
+			*/
 
 			Master::Summon(['Deliver', $hash]);
-			$total = $total - 1;
 
-			if ($interval && $total)
-				@time_sleep_until(microtime(true) + (float)$interval);
+			/*
+			$total = $total - 1;
+			*/
+
+			if ($interval) {
+				usleep($interval);
+			}
+
 		}
 	}
 
@@ -186,7 +191,6 @@ class Libsync {
 		require_once('include/import.php');
 
 		$result = [];
-
 		$keychange = ((array_key_exists('keychange', $arr)) ? true : false);
 
 		foreach ($deliveries as $d) {
@@ -194,7 +198,10 @@ class Libsync {
 				dbesc($sender)
 			);
 
-			$DR = new DReport(z_root(), $sender, $d, 'sync');
+			$mid = 'sync';
+
+
+			$DR = new DReport(z_root(), $sender, $d, $mid);
 
 			if (!$r) {
 				$DR->update('recipient not found');
@@ -204,6 +211,7 @@ class Libsync {
 
 			$channel = $r[0];
 
+
 			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
 
 			$max_friends = service_class_fetch($channel['channel_id'], 'total_channels');
@@ -232,8 +240,35 @@ class Libsync {
 
 			if (array_key_exists('config', $arr) && is_array($arr['config']) && count($arr['config'])) {
 				foreach ($arr['config'] as $cat => $k) {
-					foreach ($arr['config'][$cat] as $k => $v)
-						set_pconfig($channel['channel_id'], $cat, $k, $v);
+					$pconfig_updated = [];
+
+					foreach($arr['config'][$cat] as $k => $v) {
+						if ($cat === 'hz_delpconfig' && strpos($k, 'b64.') === 0) {
+							$delpconfig = explode(':', unpack_link_id($k));
+
+							// delete the provided pconfig
+							del_pconfig($channel['channel_id'], $delpconfig[0], $delpconfig[1], $v);
+
+							// delete the messenger pconfig
+							del_pconfig($channel['channel_id'], 'hz_delpconfig', $k);
+						}
+
+						if (strpos($k,'pcfgud:') === 0) {
+							$realk = substr($k,7);
+							$pconfig_updated[$realk] = $v;
+							unset($arr['config'][$cat][$k]);
+						}
+					}
+
+					foreach($arr['config'][$cat] as $k => $v) {
+						if (!isset($pconfig_updated[$k])) {
+							$pconfig_updated[$k] = NULL;
+						}
+
+						if ($cat !== 'hz_delpconfig') {
+							set_pconfig($channel['channel_id'],$cat,$k,$v,$pconfig_updated[$k]);
+						}
+					}
 				}
 			}
 
@@ -246,6 +281,10 @@ class Libsync {
 			if (array_key_exists('app', $arr) && $arr['app'])
 				sync_apps($channel, $arr['app']);
 
+			if (array_key_exists('sysapp',$arr) && $arr['sysapp']) {
+				sync_sysapps($channel, $arr['sysapp']);
+			}
+
 			if (array_key_exists('addressbook', $arr) && $arr['addressbook'])
 				sync_addressbook($channel, $arr['addressbook']);
 
@@ -255,11 +294,8 @@ class Libsync {
 			if (array_key_exists('chatroom', $arr) && $arr['chatroom'])
 				sync_chatrooms($channel, $arr['chatroom']);
 
-			if (array_key_exists('conv', $arr) && $arr['conv'])
-				import_conv($channel, $arr['conv']);
-
-			if (array_key_exists('mail', $arr) && $arr['mail'])
-				sync_mail($channel, $arr['mail']);
+			//if (array_key_exists('mail', $arr) && $arr['mail'])
+			//	sync_mail($channel, $arr['mail']);
 
 			if (array_key_exists('event', $arr) && $arr['event'])
 				sync_events($channel, $arr['event']);
@@ -267,14 +303,16 @@ class Libsync {
 			if (array_key_exists('event_item', $arr) && $arr['event_item'])
 				sync_items($channel, $arr['event_item'], ((array_key_exists('relocate', $arr)) ? $arr['relocate'] : null));
 
-			if (array_key_exists('item', $arr) && $arr['item'])
+			if (array_key_exists('item', $arr) && $arr['item']) {
 				sync_items($channel, $arr['item'], ((array_key_exists('relocate', $arr)) ? $arr['relocate'] : null));
+				$mid = $arr['item'][0]['message_id'] . '#sync';
+			}
 
 			// deprecated, maintaining for a few months for upward compatibility
 			// this should sync webpages, but the logic is a bit subtle
 
-			if (array_key_exists('item_id', $arr) && $arr['item_id'])
-				sync_items($channel, $arr['item_id']);
+			//if (array_key_exists('item_id', $arr) && $arr['item_id'])
+			//	sync_items($channel, $arr['item_id']);
 
 			if (array_key_exists('menu', $arr) && $arr['menu'])
 				sync_menus($channel, $arr['menu']);
@@ -385,19 +423,42 @@ class Libsync {
 					// This relies on the undocumented behaviour that red sites send xchan info with the abook
 					// and import_author_xchan will look them up on all federated networks
 
-					if ($abook['abook_xchan'] && $abook['xchan_addr']) {
+					$found = false;
+					if ($abook['abook_xchan'] && $abook['xchan_addr'] && (! in_array($abook['xchan_network'], [ 'token', 'unknown' ]))) {
 						$h = Libzot::get_hublocs($abook['abook_xchan']);
-						if (!$h) {
+						if ($h) {
+							$found = true;
+						}
+						else {
 							$xhash = import_author_xchan(encode_item_xchan($abook));
-							if (!$xhash) {
+							if ($xhash) {
+								$found = true;
+							}
+							else {
 								logger('Import of ' . $abook['xchan_addr'] . ' failed.');
-								continue;
 							}
 						}
 					}
 
+					if (!$found && !in_array($abook['xchan_network'], ['zot6', 'activitypub', 'diaspora'])) {
+						// just import the record.
+						$xc = [];
+						foreach ($abook as $k => $v) {
+							if (strpos($k,'xchan_') === 0) {
+								$xc[$k] = $v;
+							}
+						}
+						$r = q("select * from xchan where xchan_hash = '%s'",
+							dbesc($xc['xchan_hash'])
+						);
+						if (! $r) {
+							xchan_store_lowlevel($xc);
+						}
+					}
+
+
 					foreach ($abook as $k => $v) {
-						if (in_array($k, $disallowed) || (strpos($k, 'abook') !== 0)) {
+						if (in_array($k, $disallowed) || (strpos($k, 'abook_') !== 0)) {
 							continue;
 						}
 						if (!in_array($k, $fields)) {
@@ -411,6 +472,13 @@ class Libsync {
 
 					if (array_key_exists('abook_instance', $clean) && $clean['abook_instance'] && strpos($clean['abook_instance'], z_root()) === false) {
 						$clean['abook_not_here'] = 1;
+
+						// guest pass or access token - don't try to probe since it is one-way
+						// we are relying on the undocumented behaviour that the abook record also contains the xchan
+						if ($abook['xchan_network'] === 'token') {
+							$clean['abook_instance'] .= ',';
+							$clean['abook_instance'] .= z_root();
+						}
 					}
 
 
@@ -684,13 +752,12 @@ class Libsync {
 			 */
 			call_hooks('process_channel_sync_delivery', $addon);
 
-			$DR = new DReport(z_root(), $d, $d, 'sync', 'channel sync delivered');
+			$DR = new DReport(z_root(), $d, $d, $mid, 'channel sync processed');
 
 			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
 
 			$result[] = $DR->get();
 		}
-
 		return $result;
 	}
 
@@ -699,20 +766,32 @@ class Libsync {
 	 *
 	 * @param array $sender
 	 * @param array $arr
-	 * @param boolean $absolute (optional) default false
 	 * @return array
 	 */
 
-	static function sync_locations($sender, $arr, $absolute = false) {
+	static function sync_locations($sender, $arr) {
 
-		$ret = [];
+		$ret = [
+			'change_message' => '',
+			'changed' => false,
+			'message' => ''
+		];
 
-		if ($arr['locations']) {
+		$what = '';
+		$changed = false;
 
-			if ($absolute)
-				Libzot::check_location_move($sender['hash'], $arr['locations']);
+		// If a sender reports that the channel has been deleted, delete its hubloc
+		if (isset($arr['deleted_locally']) && intval($arr['deleted_locally'])) {
+			q("UPDATE hubloc SET hubloc_deleted = 1, hubloc_updated = '%s' WHERE hubloc_hash = '%s' AND hubloc_url = '%s'",
+				dbesc(datetime_convert()),
+				dbesc($sender['hash']),
+				dbesc($sender['site']['url'])
+			);
+		}
 
-			$xisting = q("select * from hubloc where hubloc_hash = '%s'",
+		if (isset($arr['locations']) && $arr['locations']) {
+
+			$xisting = q("select * from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0",
 				dbesc($sender['hash'])
 			);
 
@@ -760,14 +839,13 @@ class Libsync {
 
 				// match as many fields as possible in case anything at all changed.
 
-				$r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_id_url = '%s' and hubloc_url = '%s' and hubloc_url_sig = '%s' and hubloc_site_id = '%s' and hubloc_host = '%s' and hubloc_addr = '%s' and hubloc_callback = '%s' and hubloc_sitekey = '%s' ",
+				$r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_id_url = '%s' and hubloc_url = '%s' and hubloc_url_sig = '%s' and hubloc_host = '%s' and hubloc_addr = '%s' and hubloc_callback = '%s' and hubloc_sitekey = '%s' ",
 					dbesc($sender['hash']),
 					dbesc($sender['id']),
 					dbesc($sender['id_sig']),
 					dbesc($location['id_url']),
 					dbesc($location['url']),
 					dbesc($location['url_sig']),
-					dbesc($location['site_id']),
 					dbesc($location['host']),
 					dbesc($location['address']),
 					dbesc($location['callback']),
@@ -776,7 +854,18 @@ class Libsync {
 				if ($r) {
 					logger('Hub exists: ' . $location['url'], LOGGER_DEBUG);
 
-					// update connection timestamp if this is the site we're talking to
+					// generate a new hubloc_site_id if it's wrong due to historical bugs 2021-11-30
+
+					if ($r[0]['hubloc_site_id'] !== $location['site_id']) {
+						q("update hubloc set hubloc_site_id = '%s' where hubloc_id = %d",
+							dbesc(Libzot::make_xchan_hash($location['url'], $location['sitekey'])),
+							intval($r[0]['hubloc_id'])
+						);
+					}
+
+					// Update connection timestamp if this is the site we're talking to.
+					// Also mark all entries from the current site with different sitekeys
+					// deleted (the site has been re-installed)
 					// This only happens when called from import_xchan
 
 					$current_site = false;
@@ -790,6 +879,12 @@ class Libsync {
 							intval($r[0]['hubloc_id']),
 							dbesc($t)
 						);
+
+						q("update hubloc set hubloc_error = 1, hubloc_deleted = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s'",
+							dbesc($r[0]['hubloc_url']),
+							dbesc($r[0]['hubloc_sitekey'])
+						);
+
 						$current_site = true;
 					}
 
@@ -839,14 +934,7 @@ class Libsync {
 						$what    .= 'primary_hub ';
 						$changed = true;
 					}
-					elseif ($absolute) {
-						// Absolute sync - make sure the current primary is correctly reflected in the xchan
-						$pr = hubloc_change_primary($r[0]);
-						if ($pr) {
-							$what    .= 'xchan_primary ';
-							$changed = true;
-						}
-					}
+
 					if (intval($r[0]['hubloc_deleted']) && (!intval($location['deleted']))) {
 						q("update hubloc set hubloc_deleted = 0, hubloc_updated = '%s' where hubloc_id_url = '%s'",
 							dbesc(datetime_convert()),
@@ -864,6 +952,7 @@ class Libsync {
 						$what    .= 'delete_hub ';
 						$changed = true;
 					}
+
 					continue;
 				}
 
@@ -914,9 +1003,9 @@ class Libsync {
 				}
 			}
 
-			// get rid of any hubs we have for this channel which weren't reported.
+			// get rid of any hublocs we have for this channel which weren't reported.
 
-			if ($absolute && $xisting) {
+			if ($xisting) {
 				foreach ($xisting as $x) {
 					if (!array_key_exists('updated', $x)) {
 						logger('Deleting unreferenced hub location ' . $x['hubloc_addr']);

Zotlabs/Lib/Libzotdir.php

@@ -145,8 +145,8 @@ class Libzotdir {
 		if(! $directory_sort_order)
 			$directory_sort_order = 'date';
 
-		$current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : $directory_sort_order);
-		$suggest = (($_REQUEST['suggest']) ? '&suggest=' . $_REQUEST['suggest'] : '');
+		$current_order = $_REQUEST['order'] ?? $directory_sort_order;
+		$suggest = ((isset($_REQUEST['suggest'])) ? '&suggest=' . $_REQUEST['suggest'] : '');
 
 		$url = 'directory?f=';
 
@@ -172,13 +172,12 @@ class Libzotdir {
 	}
 
 	/**
-	 * @brief Checks the directory mode of this hub.
+	 * @brief fetches updates from known directories
 	 *
 	 * Checks the directory mode of this hub to see if it is some form of directory server. If it is,
 	 * get the directory realm of this hub. Fetch a list of all other directory servers in this realm and request
-	 * a directory sync packet. This will contain both directory updates and new ratings. Store these all in the DB.
-	 * In the case of updates, we will query each of them asynchronously from a poller task. Ratings are stored
-	 * directly if the rater's signature matches.
+	 * a directory sync packet. Store these all in the DB.
+	 * In the case of updates, we will query each of them asynchronously from a poller task.
 	 *
 	 * @param int $dirmode;
 	 */
@@ -207,8 +206,6 @@ class Libzotdir {
 			);
 		}
 
-
-
 		// If there are no directory servers, setup the fallback master
 		/** @FIXME What to do if we're in a different realm? */
 
@@ -235,6 +232,8 @@ class Libzotdir {
 		if (! $r)
 			return;
 
+		$dir_trusted_hosts = array_merge(get_directory_fallback_servers(), get_config('system', 'trusted_directory_servers', []));
+
 		foreach ($r as $rr) {
 			if (! $rr['site_directory'])
 				continue;
@@ -249,11 +248,12 @@ class Libzotdir {
 
 			$syncdate = (($rr['site_sync'] <= NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
 			$x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : ''));
+
 			if (! $x['success'])
 				continue;
 
 			$j = json_decode($x['body'],true);
-			if (!($j['transactions']) || ($j['ratings']))
+			if (!$j['transactions'])
 				continue;
 
 			q("update site set site_sync = '%s' where site_url = '%s'",
@@ -265,26 +265,65 @@ class Libzotdir {
 
 			if (is_array($j['transactions']) && count($j['transactions'])) {
 				foreach ($j['transactions'] as $t) {
-					$r = q("select * from updates where ud_guid = '%s' limit 1",
-						dbesc($t['transaction_id'])
-					);
-					if($r)
+					if (empty($t['hash']) || empty($t['host']) || empty($t['address'])) {
 						continue;
+					}
 
-					$ud_flags = 0;
-					if (is_array($t['flags']) && in_array('deleted',$t['flags']))
-						$ud_flags |= UPDATE_FLAGS_DELETED;
-					if (is_array($t['flags']) && in_array('forced',$t['flags']))
-						$ud_flags |= UPDATE_FLAGS_FORCED;
-
-					$z = q("insert into updates ( ud_hash, ud_guid, ud_date, ud_flags, ud_addr )
-						values ( '%s', '%s', '%s', %d, '%s' ) ",
-						dbesc($t['hash']),
-						dbesc($t['transaction_id']),
-						dbesc($t['timestamp']),
-						intval($ud_flags),
-						dbesc($t['address'])
+					$r = q("select * from updates where ud_hash = '%s' limit 1",
+						dbesc($t['hash'])
 					);
+
+					if ($r) {
+						$update = 0;
+
+						// no need to look at updates that originated from our own site
+						if ($t['host'] === z_root()) {
+							continue;
+						}
+
+						// there is more recent xchan information
+						if ($r[0]['ud_date'] <= $t['timestamp']) {
+							$update = 1;
+						}
+
+						// the host is trusted and flags have changed - update flags immediately
+						if (in_array($t['host'], $dir_trusted_hosts) &&
+							$rr['site_url'] === $t['host'] &&
+							intval($r[0]['ud_flags']) !== intval($t['flags'])) {
+
+							q("UPDATE updates SET ud_update = %d, ud_flags = %d WHERE ud_id = %d",
+								intval($update),
+								intval($t['flags']),
+								dbesc($r[0]['ud_id'])
+							);
+
+							q("UPDATE xchan SET xchan_censored = %d WHERE xchan_hash = '%s'",
+								intval($t['flags']),
+								dbesc($r[0]['ud_hash'])
+							);
+
+							continue;
+						}
+
+						if (!$update) {
+							continue;
+						}
+
+						q("UPDATE updates SET ud_update = %d WHERE ud_id = %d",
+							intval($update),
+							dbesc($r[0]['ud_id'])
+						);
+					}
+					else {
+						q("insert into updates ( ud_hash, ud_host, ud_date, ud_addr, ud_update, ud_flags )
+							values ( '%s', '%s', '%s', '%s', 1, %d) ",
+							dbesc($t['hash']),
+							dbesc($t['host']),
+							dbesc($t['timestamp']),
+							dbesc($t['address']),
+							dbesc(in_array($t['host'], $dir_trusted_hosts) ? $t['flags'] : 0)
+						);
+					}
 				}
 			}
 		}
@@ -299,8 +338,9 @@ class Libzotdir {
 	 *
 	 * Ignore updating records marked as deleted.
 	 *
-	 * If successful, sets ud_last in the DB to the current datetime for this
+	 * If successful, sets ud_updated in the DB to the current datetime for this
 	 * reddress/webbie.
+	 * Else update ud_last so we can stop trying after 7 days (Daemon/Poller.php)
 	 *
 	 * @param array $ud Entry from update table
 	 */
@@ -309,24 +349,47 @@ class Libzotdir {
 
 		logger('update_directory_entry: ' . print_r($ud,true), LOGGER_DATA);
 
-		if ($ud['ud_addr'] && (! ($ud['ud_flags'] & UPDATE_FLAGS_DELETED))) {
-			$success = false;
-			$zf = [];
+		// TODO: remove this check after all directory servers have version > 8.4
+		// ud_addr will always be the channel url at that time
+		$href = ((strpos($ud['ud_addr'], '://') === false) ? Webfinger::zot_url(punify($ud['ud_addr'])) : punify($ud['ud_addr']));
+		if($href) {
+			$zf = Zotfinger::exec($href);
+			if($zf && array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
+				$xc = Libzot::import_xchan($zf['data']);
 
-			$href = Webfinger::zot_url(punify($ud['ud_addr']));
-			if($href) {
-				$zf = Zotfinger::exec($href);
-			}
-			if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
-				$xc = Libzot::import_xchan($zf['data'], 0, $ud);
-			}
-			else {
-				q("update updates set ud_last = '%s' where ud_addr = '%s'",
-					dbesc(datetime_convert()),
-					dbesc($ud['ud_addr'])
-				);
+				// xchan_hash mismatch - this can happen after a site re-install at the same url
+				if ($xc['success'] && $xc['hash'] !== $ud['ud_hash']) {
+					self::delete_by_hash($ud['ud_hash']);
+				}
+
+				// backwards compatibility: Libzot::import_xchan(), where self::update() is called,
+				// will fail with versions < 8.4 if the channel has been locally deleted.
+				// In this case we will update the updates record here without bumping the date
+				// since we could not verify if anything changed.
+				if (!$xc['success'] && !empty($zf['data']['deleted_locally'])) {
+					self::update($ud['ud_hash'], $ud['ud_addr'], false);
+				}
+
+				// This is a workaround for a missing xchan_updated column
+				// TODO: implement xchan_updated in the xchan table and update this column instead
+				if(!empty($zf['data']['primary_location']['url'])) {
+					q("UPDATE hubloc SET hubloc_updated = '%s' WHERE hubloc_id_url = '%s' AND hubloc_primary = 1",
+						dbesc(datetime_convert()),
+						dbesc($zf['data']['primary_location']['url'])
+					);
+				}
+
+				return true;
 			}
 		}
+
+		q("UPDATE updates SET ud_addr = '%s', ud_last = '%s' WHERE ud_hash = '%s'",
+			dbesc($href ? $href : $ud['ud_addr']),
+			dbesc(datetime_convert()),
+			dbesc($ud['ud_hash'])
+		);
+
+		return false;
 	}
 
 
@@ -341,89 +404,78 @@ class Libzotdir {
 	 */
 
 	static function local_dir_update($uid, $force) {
+		logger('local_dir_update uid: ' . $uid, LOGGER_DEBUG);
 
-
-		logger('local_dir_update: uid: ' . $uid, LOGGER_DEBUG);
-
-		$p = q("select channel.channel_hash, channel_address, channel_timezone, channel_portable_id, profile.* from profile left join channel on channel_id = uid where uid = %d and is_default = 1",
+		$p = q("select channel.channel_hash, channel_address, channel_timezone, profile.*, xchan.xchan_hidden, xchan.xchan_url from profile left join channel on channel_id = uid left join xchan on channel_hash = xchan_hash where profile.uid = %d and profile.is_default = 1",
 			intval($uid)
 		);
 
-		$profile = array();
-		$profile['encoding'] = 'zot';
-
-		if ($p) {
-			$hash = $p[0]['channel_hash'];
-			$legacy_hash = $p[0]['channel_portable_id'];
-
-			$profile['description'] = $p[0]['pdesc'];
-			$profile['birthday']    = $p[0]['dob'];
-			if ($age = age($p[0]['dob'],$p[0]['channel_timezone'],''))
-				$profile['age'] = $age;
-
-			$profile['gender']      = $p[0]['gender'];
-			$profile['marital']     = $p[0]['marital'];
-			$profile['sexual']      = $p[0]['sexual'];
-			$profile['locale']      = $p[0]['locality'];
-			$profile['region']      = $p[0]['region'];
-			$profile['postcode']    = $p[0]['postal_code'];
-			$profile['country']     = $p[0]['country_name'];
-			$profile['about']       = $p[0]['about'];
-			$profile['homepage']    = $p[0]['homepage'];
-			$profile['hometown']    = $p[0]['hometown'];
-
-			if ($p[0]['keywords']) {
-				$tags = array();
-				$k = explode(' ', $p[0]['keywords']);
-				if ($k)
-					foreach ($k as $kk)
-						if (trim($kk))
-							$tags[] = trim($kk);
-
-				if ($tags)
-					$profile['keywords'] = $tags;
-			}
-
-			$hidden = (1 - intval($p[0]['publish']));
-
-			logger('hidden: ' . $hidden);
-
-			$r = q("select xchan_hidden from xchan where xchan_hash = '%s'",
-				dbesc($p[0]['channel_hash'])
-			);
-
-			if(intval($r[0]['xchan_hidden']) != $hidden) {
-				$r = q("update xchan set xchan_hidden = %d where xchan_hash in ('%s', '%s')",
-					intval($hidden),
-					dbesc($hash),
-					dbesc($legacy_hash)
-				);
-			}
-
-			$arr = [ 'channel_id' => $uid, 'hash' => $hash, 'profile' => $profile ];
-			call_hooks('local_dir_update', $arr);
-
-			$address = channel_reddress($p[0]);
-
-			if (perm_is_allowed($uid, '', 'view_profile')) {
-				self::import_directory_profile($hash, $arr['profile'], $address, 0);
-			}
-			else {
-				// they may have made it private
-				q("delete from xprof where xprof_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
-				);
-				q("delete from xtag where xtag_hash in ('%s', '%s')",
-					dbesc($hash),
-					dbesc($legacy_hash)
-				);
-			}
-
+		if (!$p) {
+			logger('profile not found');
+			return;
 		}
 
-		$ud_hash = random_string() . '@' . \App::get_hostname();
-		self::update_modtime($hash, $ud_hash, channel_reddress($p[0]),(($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED));
+		$profile = [];
+		$profile['encoding'] = 'zot';
+
+		$hash = $p[0]['channel_hash'];
+
+		$profile['description'] = $p[0]['pdesc'];
+		$profile['birthday']    = $p[0]['dob'];
+		if ($age = age($p[0]['dob'],$p[0]['channel_timezone'],''))
+			$profile['age'] = $age;
+
+		$profile['gender']      = $p[0]['gender'];
+		$profile['marital']     = $p[0]['marital'];
+		$profile['sexual']      = $p[0]['sexual'];
+		$profile['locale']      = $p[0]['locality'];
+		$profile['region']      = $p[0]['region'];
+		$profile['postcode']    = $p[0]['postal_code'];
+		$profile['country']     = $p[0]['country_name'];
+		$profile['about']       = $p[0]['about'];
+		$profile['homepage']    = $p[0]['homepage'];
+		$profile['hometown']    = $p[0]['hometown'];
+
+		if ($p[0]['keywords']) {
+			$tags = array();
+			$k = explode(' ', $p[0]['keywords']);
+			if ($k)
+				foreach ($k as $kk)
+					if (trim($kk))
+						$tags[] = trim($kk);
+
+			if ($tags)
+				$profile['keywords'] = $tags;
+		}
+
+		$hidden = (1 - intval($p[0]['publish']));
+
+		logger('hidden: ' . $hidden);
+
+		if(intval($p[0]['xchan_hidden']) !== $hidden) {
+			q("update xchan set xchan_hidden = %d where xchan_hash = '%s'",
+				intval($hidden),
+				dbesc($hash)
+			);
+		}
+
+		$arr = [ 'channel_id' => $uid, 'hash' => $hash, 'profile' => $profile ];
+		call_hooks('local_dir_update', $arr);
+
+		if (perm_is_allowed($uid, '', 'view_profile')) {
+			self::import_directory_profile($hash, $arr['profile']);
+		}
+		else {
+			// they may have made it private
+			q("delete from xprof where xprof_hash = '%s'",
+				dbesc($hash)
+			);
+			q("delete from xtag where xtag_hash = '%s'",
+				dbesc($hash)
+			);
+		}
+
+		self::update($hash, $p[0]['xchan_url']);
 	}
 
 
@@ -433,39 +485,48 @@ class Libzotdir {
 	 *
 	 * @param string $hash
 	 * @param array $profile
-	 * @param string $addr
-	 * @param number $ud_flags (optional) UPDATE_FLAGS_UPDATED
-	 * @param number $suppress_update (optional) default 0
 	 * @return boolean $updated if something changed
 	 */
 
-	static function import_directory_profile($hash, $profile, $addr, $ud_flags = UPDATE_FLAGS_UPDATED, $suppress_update = 0) {
+	static function import_directory_profile($hash, $profile) {
 
 		logger('import_directory_profile', LOGGER_DEBUG);
 		if (! $hash)
 			return false;
 
-		$arr = array();
+		$arr = [];
 
-		$arr['xprof_hash']         = $hash;
-		$arr['xprof_dob']          = (($profile['birthday'] === '0000-00-00') ? $profile['birthday'] : datetime_convert('','',$profile['birthday'],'Y-m-d')); // !!!! check this for 0000 year
-		$arr['xprof_age']          = (($profile['age'])         ? intval($profile['age']) : 0);
-		$arr['xprof_desc']         = (($profile['description']) ? htmlspecialchars($profile['description'], ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_gender']       = (($profile['gender'])      ? htmlspecialchars($profile['gender'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_marital']      = (($profile['marital'])     ? htmlspecialchars($profile['marital'],     ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_sexual']       = (($profile['sexual'])      ? htmlspecialchars($profile['sexual'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_locale']       = (($profile['locale'])      ? htmlspecialchars($profile['locale'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_region']       = (($profile['region'])      ? htmlspecialchars($profile['region'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_postcode']     = (($profile['postcode'])    ? htmlspecialchars($profile['postcode'],    ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_country']      = (($profile['country'])     ? htmlspecialchars($profile['country'],     ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_about']        = (($profile['about'])       ? htmlspecialchars($profile['about'],       ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_homepage']     = (($profile['homepage'])    ? htmlspecialchars($profile['homepage'],    ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_hometown']     = (($profile['hometown'])    ? htmlspecialchars($profile['hometown'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_hash'] = $hash;
+		$arr['xprof_dob'] = '0000-00-00';
+
+		if (isset($profile['birthday'])) {
+			$arr['xprof_dob'] = (($profile['birthday'] === '0000-00-00')
+			? $profile['birthday']
+			: datetime_convert('', '', $profile['birthday'], 'Y-m-d')); // !!!! check this for 0000 year
+		}
+
+		$arr['xprof_age']          = ((isset($profile['age']) && $profile['age']) ? intval($profile['age']) : 0);
+		$arr['xprof_desc']         = ((isset($profile['description']) && $profile['description']) ? htmlspecialchars($profile['description'], ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_gender']       = ((isset($profile['gender']) && $profile['gender'])     ? htmlspecialchars($profile['gender'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_marital']      = ((isset($profile['marital']) && $profile['marital'])   ? htmlspecialchars($profile['marital'],     ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_sexual']       = ((isset($profile['sexual']) && $profile['sexual'])     ? htmlspecialchars($profile['sexual'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_locale']       = ((isset($profile['locale']) && $profile['locale'])     ? htmlspecialchars($profile['locale'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_region']       = ((isset($profile['region']) && $profile['region'])     ? htmlspecialchars($profile['region'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_postcode']     = ((isset($profile['postcode']) && $profile['postcode']) ? htmlspecialchars($profile['postcode'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_country']      = ((isset($profile['country']) && $profile['country'])   ? htmlspecialchars($profile['country'],     ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_about']        = ((isset($profile['about']) && $profile['about'])       ? htmlspecialchars($profile['about'],       ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_homepage']     = ((isset($profile['homepage']) && $profile['homepage']) ? htmlspecialchars($profile['homepage'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_hometown']     = ((isset($profile['hometown']) && $profile['hometown']) ? htmlspecialchars($profile['hometown'],    ENT_COMPAT,'UTF-8',false) : '');
 
 		$clean = array();
 		if (array_key_exists('keywords', $profile) and is_array($profile['keywords'])) {
 			self::import_directory_keywords($hash,$profile['keywords']);
+
 			foreach ($profile['keywords'] as $kw) {
+				if (in_array($kw, $clean)) {
+					continue;
+				}
+
 				$kw = trim(htmlspecialchars($kw,ENT_COMPAT, 'UTF-8', false));
 				$kw = trim($kw, ',');
 				$clean[] = $kw;
@@ -572,9 +633,6 @@ class Libzotdir {
 		 */
 		call_hooks('import_directory_profile', $d);
 
-		if (($d['update']) && (! $suppress_update))
-			self::update_modtime($arr['xprof_hash'],random_string() . '@' . \App::get_hostname(), $addr, $ud_flags);
-
 		return $d['update'];
 	}
 
@@ -592,6 +650,10 @@ class Libzotdir {
 			dbesc($hash)
 		);
 
+		$xchan = q("select xchan_censored from xchan where xchan_hash = '%s'",
+			dbesc($hash)
+		);
+
 		if($r) {
 			foreach($r as $rr)
 				$existing[] = $rr['xtag_term'];
@@ -599,6 +661,10 @@ class Libzotdir {
 
 		$clean = array();
 		foreach($keywords as $kw) {
+			if (in_array($kw, $clean)) {
+				continue;
+			}
+
 			$kw = trim(htmlspecialchars($kw,ENT_COMPAT, 'UTF-8', false));
 			$kw = trim($kw, ',');
 			$clean[] = $kw;
@@ -613,9 +679,10 @@ class Libzotdir {
 		}
 		foreach($clean as $x) {
 			if(! in_array($x, $existing)) {
-				$r = q("insert into xtag ( xtag_hash, xtag_term, xtag_flags) values ( '%s' ,'%s', 0 )",
+				$r = q("insert into xtag ( xtag_hash, xtag_term, xtag_flags) values ( '%s' ,'%s', %d )",
 					dbesc($hash),
-					dbesc($x)
+					dbesc($x),
+					intval($xchan[0]['xchan_censored'])
 				);
 			}
 		}
@@ -625,40 +692,83 @@ class Libzotdir {
 	/**
 	 * @brief
 	 *
-	 * @param string $hash
-	 * @param string $guid
-	 * @param string $addr
-	 * @param int $flags (optional) default 0
+	 * @param string $hash the channel hash
+	 * @param string $addr the channel url
+	 * @param bool $bump_date (optional) default true
 	 */
 
-	static function update_modtime($hash, $guid, $addr, $flags = 0) {
+	static function update($hash, $addr, $bump_date = true, $flag = null) {
 
 		$dirmode = intval(get_config('system', 'directory_mode'));
 
-		if($dirmode == DIRECTORY_MODE_NORMAL)
+		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			return;
+		}
 
-		if($flags) {
-			q("insert into updates (ud_hash, ud_guid, ud_date, ud_flags, ud_addr ) values ( '%s', '%s', '%s', %d, '%s' )",
-				dbesc($hash),
-				dbesc($guid),
-				dbesc(datetime_convert()),
-				intval($flags),
-				dbesc($addr)
-			);
+		if (empty($hash) || empty($addr)) {
+			return;
 		}
-		else {
-			q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not (ud_flags & %d)>0 ",
-				intval(UPDATE_FLAGS_UPDATED),
+
+		$u = q("SELECT * FROM updates WHERE ud_hash = '%s' LIMIT 1",
+			dbesc($hash)
+		);
+
+		$date_sql = '';
+		if ($bump_date) {
+			$date_sql = "ud_date = '" . dbesc(datetime_convert()) . "',";
+		}
+
+		$flag_sql = '';
+		if ($flag !== null) {
+			$flag_sql = "ud_flags = '" . intval($flag) . "',";
+		}
+
+
+		if ($u) {
+			$x = q("UPDATE updates SET $date_sql $flag_sql ud_last = '%s', ud_host = '%s', ud_addr = '%s', ud_update = 0 WHERE ud_id = %d",
+				dbesc(NULL_DATE),
+				dbesc(z_root()),
 				dbesc($addr),
-				intval(UPDATE_FLAGS_UPDATED)
+				intval($u[0]['ud_id'])
 			);
+
+			return;
 		}
+
+		q("INSERT INTO updates (ud_hash, ud_host, ud_date, ud_addr, ud_flags) VALUES ( '%s', '%s', '%s', '%s', %d )",
+			dbesc($hash),
+			dbesc(z_root()),
+			dbesc(datetime_convert()),
+			dbesc($addr),
+			intval($flag)
+		);
+
+		return;
+
 	}
 
 
+	/**
+	 * @brief deletes a entry in updates by hash
+	 *
+	 * @param string $hash the channel hash
+	 * @return boolean
+	 */
 
+	static function delete_by_hash($hash) {
+		if (!$hash) {
+			return false;
+		}
 
+		$x = q("DELETE FROM updates WHERE ud_hash = '%s'",
+			dbesc($hash)
+		);
 
+		if ($x) {
+			return true;
+		}
+
+		return false;
+	}
 
 }

Zotlabs/Lib/MessageFilter.php

@@ -2,87 +2,120 @@
 
 namespace Zotlabs\Lib;
 
-
+require_once('include/html2plain.php');
 
 class MessageFilter {
 
+	public static function evaluate($item, $incl, $excl) {
 
-	static public function evaluate($item,$incl,$excl) {
-
-		require_once('include/html2plain.php');
-
-		unobscure($item);
-
-		$text = prepare_text($item['body'],$item['mimetype']);
+		$text = prepare_text($item['body'],((isset($item['mimetype'])) ? $item['mimetype'] : 'text/bbcode'));
 		$text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);
 
-
 		$lang = null;
 
-		if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false) || (strpos($incl,'lang!=') !== false) || (strpos($excl,'lang!=') !== false)) {
+		if ((strpos($incl, 'lang=') !== false) || (strpos($excl, 'lang=') !== false) || (strpos($incl, 'lang!=') !== false) || (strpos($excl, 'lang!=') !== false)) {
 			$lang = detect_language($text);
 		}
 
-		$tags = ((is_array($item['term']) && count($item['term'])) ? $item['term'] : false);
+		$tags = ((isset($item['term']) && is_array($item['term']) && count($item['term'])) ? $item['term'] : false);
 
 		// exclude always has priority
 
-		$exclude = (($excl) ? explode("\n",$excl) : null);
+		$exclude = (($excl) ? explode("\n", $excl) : null);
 
-		if($exclude) {
-			foreach($exclude as $word) {
-				$word = trim($word);
-				if(! $word)
+		if ($exclude) {
+			foreach ($exclude as $word) {
+				$word = html_entity_decode(trim($word));
+				if (! $word) {
 					continue;
-				if(substr($word,0,1) === '#' && $tags) {
-					foreach($tags as $t)
-						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return false;
 				}
-				elseif(substr($word,0,1) === '$' && $tags) {
-					foreach($tags as $t)
-						if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return false;
+				if (isset($lang) && ((strpos($word, 'lang=') === 0) || (strpos($word, 'lang!=') === 0))) {
+					if (!strlen($lang)) {
+						// Result is ambiguous. As we are matching deny rules only at this time, continue tests.
+						// Any matching deny rule concludes testing.
+						continue;
+					}
+					if (strpos($word, 'lang=') === 0 && strcasecmp($lang, trim(substr($word, 5))) == 0) {
+						return false;
+					} elseif (strpos($word, 'lang!=') === 0 && strcasecmp($lang, trim(substr($word, 6))) != 0) {
+						return false;
+					}
 				}
-				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
+                elseif (substr($word, 0, 1) === '#' && $tags) {
+					foreach ($tags as $t) {
+						if ((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return false;
+						}
+					}
+				} elseif (substr($word, 0, 1) === '$' && $tags) {
+					foreach ($tags as $t) {
+						if (($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return false;
+						}
+					}
+				} elseif (substr($word, 0, 2) === '?+') {
+					if (self::test_condition(substr($word, 2), $item['obj'])) {
+						return false;
+					}
+				} elseif (substr($word, 0, 1) === '?') {
+					if (self::test_condition(substr($word, 1), $item)) {
+						return false;
+					}
+				} elseif ((strpos($word, '/') === 0) && preg_match($word, $text)) {
 					return false;
-				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
-					return false;
-				elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
-					return false;
-				elseif(stristr($text,$word) !== false)
+				} elseif (stristr($text, $word) !== false) {
 					return false;
+				}
 			}
 		}
 
-		$include = (($incl) ? explode("\n",$incl) : null);
+		$include = (($incl) ? explode("\n", $incl) : null);
 
-		if($include) {
-			foreach($include as $word) {
-				$word = trim($word);
-				if(! $word)
+		if ($include) {
+			foreach ($include as $word) {
+				$word = html_entity_decode(trim($word));
+				if (! $word) {
 					continue;
-				if(substr($word,0,1) === '#' && $tags) {
-					foreach($tags as $t)
-						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return true;
 				}
-				elseif(substr($word,0,1) === '$' && $tags) {
-					foreach($tags as $t)
-						if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return true;
+				if (isset($lang) && ((strpos($word, 'lang=') === 0) || (strpos($word, 'lang!=') === 0))) {
+					if (!strlen($lang))  {
+						// Result is ambiguous. However we are checking allow rules
+						// and an ambiguous language is always permitted.
+						return true;
+					}
+					if (strpos($word, 'lang=') === 0 && strcasecmp($lang, trim(substr($word, 5))) == 0) {
+						return true;
+					} elseif (strpos($word, 'lang!=') === 0 && strcasecmp($lang, trim(substr($word, 6))) != 0) {
+						return true;
+					}
 				}
-				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
+                elseif (substr($word, 0, 1) === '#' && $tags) {
+					foreach ($tags as $t) {
+						if ((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return true;
+						}
+					}
+				} elseif (substr($word, 0, 1) === '$' && $tags) {
+					foreach ($tags as $t) {
+						if (($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return true;
+						}
+					}
+				} elseif (substr($word, 0, 2) === '?+') {
+					if (self::test_condition(substr($word, 2), $item['obj'])) {
+						return true;
+					}
+				} elseif (substr($word, 0, 1) === '?') {
+					if (self::test_condition(substr($word, 1), $item)) {
+						return true;
+					}
+				} elseif ((strpos($word, '/') === 0) && preg_match($word, $text)) {
 					return true;
-				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
-					return true;
-				elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
-					return true;
-				elseif(stristr($text,$word) !== false)
+				} elseif (stristr($text, $word) !== false) {
 					return true;
+				}
 			}
-		}
-		else {
+		} else {
 			return true;
 		}
 
@@ -90,4 +123,123 @@ class MessageFilter {
 	}
 
 
+	/**
+	 * @brief Test for Conditional Execution conditions. Shamelessly ripped off from Code/Render/Comanche
+	 *
+	 * This is extensible. The first version of variable testing supports tests of the forms:
+	 *
+	 * - ?foo ~= baz which will check if item.foo contains the string 'baz';
+	 * - ?foo == baz which will check if item.foo is the string 'baz';
+	 * - ?foo != baz which will check if item.foo is not the string 'baz';
+	 * - ?foo >= 3 which will check if item.foo is greater than or equal to 3;
+	 * - ?foo > 3 which will check if item.foo is greater than 3;
+	 * - ?foo <= 3 which will check if item.foo is less than or equal to 3;
+	 * - ?foo < 3 which will check if item.foo is less than 3;
+	 *
+	 * - ?foo {} baz which will check if 'baz' is an array element in item.foo
+	 * - ?foo {*} baz which will check if 'baz' is an array key in item.foo
+	 * - ?foo which will check for a return of a true condition for item.foo;
+     * - ?!foo which will check for a return of a false condition for item.foo;
+     *
+	 * The values 0, '', an empty array, and an unset value will all evaluate to false.
+	 *
+	 * @param string $s
+	 * @param array $item
+	 * @return bool
+	 */
+
+	public static function test_condition($s,$item) {
+
+		if (preg_match('/(.*?)\s\~\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (stripos($x, trim($matches[2])) !== false) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\=\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x == trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\!\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x != trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\>\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x >= trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\<\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x <= trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\>\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x > trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\>\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x < trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/[\$](.*?)\s\{\}\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (is_array($x) && in_array(trim($matches[2]), $x)) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\{\*\}\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (is_array($x) && array_key_exists(trim($matches[2]), $x)) {
+				return true;
+			}
+			return false;
+		}
+
+		// Ordering of this check (for falsiness) with relation to the following one (check for truthiness) is important.
+		if (preg_match('/\!(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (!$x) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x) {
+				return true;
+			}
+			return false;
+		}
+
+		return false;
+	}
+
 }

Zotlabs/Lib/NativeWiki.php

@@ -1,324 +0,0 @@
-<?php
-
-namespace Zotlabs\Lib;
-
-use Zotlabs\Lib\Libsync;
-
-define ( 'NWIKI_ITEM_RESOURCE_TYPE', 'nwiki' );
-
-class NativeWiki {
-
-
-	public static function listwikis($channel, $observer_hash) {
-
-		$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
-		$wikis = q("SELECT * FROM item 
-			WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra", 
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			intval($channel['channel_id'])
-		);
-
-		if($wikis) {
-			foreach($wikis as &$w) {
-
-				$w['json_allow_cid']  = acl2json($w['allow_cid']);
-				$w['json_allow_gid']  = acl2json($w['allow_gid']);
-				$w['json_deny_cid']   = acl2json($w['deny_cid']);
-				$w['json_deny_gid']   = acl2json($w['deny_gid']);
-
-				$w['rawName']  = get_iconfig($w, 'wiki', 'rawName');
-				$w['htmlName'] = escape_tags($w['rawName']);
-				//$w['urlName']  = urlencode(urlencode($w['rawName']));
-				$w['urlName']  = self::name_encode($w['rawName']);
-				$w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType');
-				$w['typelock'] = get_iconfig($w, 'wiki', 'typelock');
-				$w['lockstate']     = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock');
-			}
-		}
-		// TODO: query db for wikis the observer can access. Return with two lists, for read and write access
-		return array('wikis' => $wikis);
-	}
-
-
-	public static function create_wiki($channel, $observer_hash, $wiki, $acl) {
-
-		$resource_id = new_uuid();
-		$uuid = new_uuid();
-
-		$ac = $acl->get();
-		$mid = z_root() . '/item/' . $uuid;
-
-		$arr = array();	// Initialize the array of parameters for the post
-		$item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0); 
-		$wiki_url = z_root() . '/wiki/' . $channel['channel_address'] . '/' . $wiki['urlName'];
-		$arr['aid'] = $channel['channel_account_id'];
-		$arr['uuid'] = $uuid;
-		$arr['uid'] = $channel['channel_id'];
-		$arr['mid'] = $mid;
-		$arr['parent_mid'] = $mid;
-		$arr['item_hidden'] = $item_hidden;
-		$arr['resource_type'] = NWIKI_ITEM_RESOURCE_TYPE;
-		$arr['resource_id'] = $resource_id;
-		$arr['owner_xchan'] = $channel['channel_hash'];
-		$arr['author_xchan'] = $observer_hash;
-		$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . urlencode($arr['mid']);
-		$arr['llink'] = $arr['plink'];
-		$arr['title'] = $wiki['htmlName'];  // name of new wiki;
-		$arr['allow_cid'] = $ac['allow_cid'];
-		$arr['allow_gid'] = $ac['allow_gid'];
-		$arr['deny_cid'] = $ac['deny_cid'];
-		$arr['deny_gid'] = $ac['deny_gid'];
-		$arr['item_wall'] = 1;
-		$arr['item_origin'] = 1;
-		$arr['item_thread_top'] = 1;
-		$arr['item_private'] = intval($acl->is_private());
-		$arr['verb'] = ACTIVITY_CREATE;
-		$arr['obj_type'] = 'Document';
-		$arr['body'] = '[table][tr][td][h1]New Wiki[/h1][/td][/tr][tr][td][zrl=' . $wiki_url . ']' . $wiki['htmlName'] . '[/zrl][/td][/tr][/table]';
-
-		$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_wiki'),true);
-
-		// Save the wiki name information using iconfig. This is shareable.
-		if(! set_iconfig($arr, 'wiki', 'rawName', $wiki['rawName'], true)) {
-			return array('item' => null, 'success' => false);
-		}
-		if(! set_iconfig($arr, 'wiki', 'mimeType', $wiki['mimeType'], true)) {
-			return array('item' => null, 'success' => false);
-		}
-
-		set_iconfig($arr,'wiki','typelock',$wiki['typelock'],true);
-
-		$post = item_store($arr);
-
-		$item_id = $post['item_id'];
-
-		if($item_id) {
-			\Zotlabs\Daemon\Master::Summon(array('Notifier', 'activity', $item_id));
-			return array('item' => $post['item'], 'item_id' => $item_id, 'success' => true);
-		}
-		else {
-			return array('item' => null, 'success' => false);
-		}
-	}
-
-
-	public static function update_wiki($channel_id, $observer_hash, $arr, $acl) {
-
-		$w = self::get_wiki($channel_id, $observer_hash, $arr['resource_id']);
-		$item = $w['wiki'];
-
-		if(! $item) {
-			return array('item' => null, 'success' => false);
-		}
-
-		$x = $acl->get();
-
-		$item['allow_cid']    = $x['allow_cid'];
-		$item['allow_gid']    = $x['allow_gid'];
-		$item['deny_cid']     = $x['deny_cid'];
-		$item['deny_gid']     = $x['deny_gid'];
-		$item['item_private'] = intval($acl->is_private());
-
-		$update_title = false;
-
-		if($item['title'] !== $arr['updateRawName']) {
-			$update_title = true;
-			$item['title'] = $arr['updateRawName'];
-		}
-
-		$update = item_store_update($item);
-
-		$item_id = $update['item_id'];
-
-		// update acl for any existing wiki pages
-
-		q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where resource_type = 'nwikipage' and resource_id = '%s'",
-			dbesc($item['allow_cid']), 
-			dbesc($item['allow_gid']), 
-			dbesc($item['deny_cid']), 
-			dbesc($item['deny_gid']), 
-			dbesc($item['item_private']), 
-			dbesc($arr['resource_id'])
-		); 
-
-
-		if($update['item_id']) {
-			info( t('Wiki updated successfully'));
-			if($update_title) {
-				// Update the wiki name information using iconfig.
-				if(! set_iconfig($update['item_id'], 'wiki', 'rawName', $arr['updateRawName'], true)) {
-					return array('item' => null, 'success' => false);
-				}
-			}
-			return array('item' => $update['item'], 'item_id' => $update['item_id'], 'success' => $update['success']);
-		}
-		else {
-			return array('item' => null, 'success' => false);
-		}
-	}
-
-
-	public static function sync_a_wiki_item($uid,$id,$resource_id) {
-
-		$r = q("SELECT * from item WHERE uid = %d AND ( id = %d OR ( resource_type = '%s' and resource_id = '%s' )) ",
-			intval($uid),
-			intval($id),
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			dbesc($resource_id)
-		);
-		if($r) {
-
-			$q = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s'",
-				dbesc($r[0]['resource_id'])
-			);
-			if($q) {
-				$r = array_merge($r,$q);
-			}
-			xchan_query($r);
-			$sync_item = fetch_post_tags($r);
-			if($sync_item) {
-				$pkt = [];
-				foreach($sync_item as $w) {
-					$pkt[] = encode_item($w,true);
-				}
-				Libsync::build_sync_packet($uid,array('wiki' => $pkt));
-			}
-		}
-	}
-
-
-	public static function delete_wiki($channel_id,$observer_hash,$resource_id) {
-
-		$w = self::get_wiki($channel_id,$observer_hash,$resource_id);
-		if(! $w['wiki']) {
-			return [ 'success' => false ];
-		}
-		else {
-
-			$r = q("SELECT id FROM item WHERE uid = %s AND resource_id = '%s'",
-				intval($channel_id),
-				dbesc($resource_id)
-			);
-
-			$ids = array_column($r, 'id');
-			drop_items($ids, true, DROPITEM_PHASE1);
-
-			info(t('Wiki files deleted successfully'));
-
-			return [ 'success' => true ];
-		}
-	}
-
-
-	public static function get_wiki($channel_id, $observer_hash, $resource_id) {
-		
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
-
-		$item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0 
-			$sql_extra ORDER BY id LIMIT 1",
-			intval($channel_id), 
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			dbesc($resource_id)
-		);
-		if(! $item) {
-			return [ 'wiki' => null ];
-		}
-		else {
-		
-			$w = $item[0];	// wiki item table record
-			// Get wiki metadata
-			$rawName  = get_iconfig($w, 'wiki', 'rawName');
-			$mimeType = get_iconfig($w, 'wiki', 'mimeType');
-			$typelock = get_iconfig($w, 'wiki', 'typelock');
-
-			return array(
-				'wiki'     => $w,
-				'rawName'  => $rawName,
-				'htmlName' => escape_tags($rawName),
-				//'urlName'  => urlencode(urlencode($rawName)),
-				'urlName'  => self::name_encode($rawName),
-				'mimeType' => $mimeType,
-				'typelock' => $typelock
-			);
-		}
-	}
-
-
-	public static function exists_by_name($uid, $urlName) {
-
-		$sql_extra = item_permissions_sql($uid);		
-
-		$item = q("SELECT item.id, resource_id FROM item left join iconfig on iconfig.iid = item.id 
-			WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d 
-			AND item_deleted = 0 $sql_extra limit 1", 
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
-			//dbesc(urldecode($urlName)), 
-			dbesc(self::name_decode($urlName)),
-			intval($uid)
-		);
-
-		if($item) {
-			return array('id' => $item[0]['id'], 'resource_id' => $item[0]['resource_id']);
-		} 
-		else {
-			return array('id' => null, 'resource_id' => null);
-		}
-	}
-
-
-	public static function get_permissions($resource_id, $owner_id, $observer_hash) {
-
-		// TODO: For now, only the owner can edit
-		$sql_extra = item_permissions_sql($owner_id, $observer_hash);
-
-		if(local_channel() && local_channel() == $owner_id) {
-			return [ 'read' => true, 'write' => true, 'success' => true ];
-		}
-
-		$r = q("SELECT * FROM item WHERE uid = %d and resource_type = '%s' AND resource_id = '%s' $sql_extra LIMIT 1",
-			intval($owner_id),
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE), 
-			dbesc($resource_id)
-		);
-
-		if(! $r) {
-			return array('read' => false, 'write' => false, 'success' => true);
-		}
-		else {
-			// TODO: Create a new permission setting for wiki analogous to webpages. Until
-			// then, use webpage permissions
-			$write = perm_is_allowed($owner_id, $observer_hash,'write_wiki');
-			return array('read' => true, 'write' => $write, 'success' => true);
-		}
-	}
-
-
-	public static function name_encode ($string) {
-
-		$string = html_entity_decode($string);
-		$encoding = mb_internal_encoding();
-		mb_internal_encoding("UTF-8");
-		$ret = mb_ereg_replace_callback ('[^A-Za-z0-9\-\_\.\~]',function ($char) {
-	                $charhex = unpack('H*',$char[0]);
-                	$ret = '('.$charhex[1].')';
-                	return $ret;
- 			}
-			,$string);
-		mb_internal_encoding($encoding);
-		return $ret;
-	}
-
-
-	public static function name_decode ($string) {
-
-		$encoding = mb_internal_encoding();
-		mb_internal_encoding("UTF-8");
-		$ret = mb_ereg_replace_callback ('(\(([0-9a-f]+)\))',function ($chars) {
-			return pack('H*',$chars[2]);
-			}
-			,$string);
-		mb_internal_encoding($encoding);
-		return $ret;
-	}
-
-}

Zotlabs/Lib/NativeWikiPage.php

@@ -1,718 +0,0 @@
-<?php
-
-namespace Zotlabs\Lib;
-
-use \Zotlabs\Lib as Zlib;
-
-class NativeWikiPage {
-
-	static public function page_list($channel_id,$observer_hash, $resource_id) {
-
-		// TODO: Create item table records for pages so that metadata like title can be applied
-		$w = Zlib\NativeWiki::get_wiki($channel_id,$observer_hash,$resource_id);
-
-		$pages[] = [
-			'resource_id' => '',
-			'title'       => 'Home',
-			'url'         => 'Home',
-			'link_id'     => 'id_wiki_home_0'
-		];
-
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
-
-		$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and item_deleted = 0 
-			$sql_extra order by title asc",
-			dbesc($resource_id),
-			intval($channel_id)
-		);
-		if($r) {
-			$x = [];
-			$y = [];
-
-			foreach($r as $rv) {
-				if(! in_array($rv['mid'],$x)) {
-					$y[] = $rv;
-					$x[] = $rv['mid'];
-				}
-			}
-
-			$items = fetch_post_tags($y,true);
-
-			foreach($items as $page_item) {
-				$title = get_iconfig($page_item['id'],'nwikipage','pagetitle',t('(No Title)'));
-				if(urldecode($title) !== 'Home') {
-					$pages[] = [
-						'resource_id' => $resource_id,
-						'title'       => escape_tags($title),
-						//'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
-						'url'		=> Zlib\NativeWiki::name_encode($title),
-						'link_id'     => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
-					];
-				}
-			}
-		}
-
-		return array('pages' => $pages, 'wiki' => $w);
-	}
-
-
-	static public function create_page($channel_id, $observer_hash, $name, $resource_id, $mimetype = 'text/bbcode') {
-
-		logger('mimetype: ' . $mimetype);
-
-		if(! in_array($mimetype,[ 'text/markdown','text/bbcode','text/plain','text/html' ]))
-			$mimetype = 'text/markdown';
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
-		}
-
-		// backslashes won't work well in the javascript functions
-		$name = str_replace('\\','',$name);
-
-		// create an empty activity
-
-		$arr = [];
-		$arr['uid']           = $channel_id;
-		$arr['author_xchan']  = $observer_hash;
-		$arr['mimetype']      = $mimetype;
-		$arr['title']         = $name;
-		$arr['resource_type'] = 'nwikipage';
-		$arr['resource_id']   = $resource_id;
-		$arr['allow_cid']     = $w['wiki']['allow_cid'];
-		$arr['allow_gid']     = $w['wiki']['allow_gid'];
-		$arr['deny_cid']      = $w['wiki']['deny_cid'];
-		$arr['deny_gid']      = $w['wiki']['deny_gid'];
-
-		$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel_id,'view_wiki'),true);
-
-		// We may wish to change this some day.
-		$arr['item_unpublished'] = 1;
-
-		set_iconfig($arr,'nwikipage','pagetitle',(($name) ? $name : t('(No Title)')),true);
-
-		$p = post_activity_item($arr, false, false);
-
-		if($p['item_id']) {
-			$page = [ 
-				'rawName'  => $name,
-				'htmlName' => escape_tags($name),
-				//'urlName'  => urlencode($name), 
-				'urlName' => Zlib\NativeWiki::name_encode($name)
-
-			];
-
-			return array('page' => $page, 'item_id' => $p['item_id'], 'item' => $p['activity'], 'wiki' => $w, 'message' => '', 'success' => true);
-		}
-		return [ 'success' => false, 'message' => t('Wiki page create failed.') ];
-	}
-
-
-	static public function rename_page($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
-		$pageNewName   = ((array_key_exists('pageNewName',$arr))   ? $arr['pageNewName']   : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if(! $w['wiki']) {
-			return array('message' => t('Wiki not found.'), 'success' => false);
-		}
-
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id 
-			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageNewName)
-		);
-
-		if($ic) {
-			return [ 'success' => false, 'message' => t('Destination name already exists') ];
-		}
-
-
-		$ids = [];
-
-		$ic = q("select *, item.id as item_id from iconfig left join item on iconfig.iid = item.id 
-			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-
-		if($ic) {
-			foreach($ic as $c) {
-				set_iconfig($c['item_id'],'nwikipage','pagetitle',$pageNewName);
-				$ids[] = $c['item_id'];
-			}
-
-			$str_ids = implode(',', $ids);
-			q("update item set title = '%s' where id in ($str_ids)",
-				dbesc($pageNewName)
-			);
-
-			$page = [ 
-				'rawName'  => $pageNewName, 
-				'htmlName' => escape_tags($pageNewName), 
-				//'urlName'  => urlencode(escape_tags($pageNewName))
-				'urlName' => Zlib\NativeWiki::name_encode($pageNewName)
-			];
-
-			return [ 'success' => true, 'page' => $page ];
-		}
-
-		return [ 'success' => false, 'message' => t('Page not found') ];
-	
-	}
-
-
-	static public function get_page_content($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']        : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']        : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']      : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? intval($arr['channel_id']) : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? intval($arr['revision'])   : (-1));
-
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
-		}
-
-		$item = self::load_page($arr);
-
-		if($item) {
-			$content = $item['body'];
-
-			return [ 
-				'content'      => $content,
-				'mimeType'     => $w['mimeType'],
-				'pageMimeType' => $item['mimetype'], 
-				'message'      => '', 
-				'success'      => true
-			];
-		}
-	
-		return array('content' => null, 'message' => t('Error reading page content'), 'success' => false);
-
-	}
-
-
-	static public function page_history($arr) {
-
-		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return array('history' => null, 'message' => 'Error reading wiki', 'success' => false);
-		}
-
-		$items = self::load_page_history($arr);
-
-		$history = [];
-
-		if($items) {
-			$processed = 0;
-			foreach($items as $item) {
-				if($processed > 1000)
-					break;
-				$processed ++;
-				$history[] = [ 
-					'revision' => $item['revision'],
-					'date' => datetime_convert('UTC',date_default_timezone_get(),$item['edited']),
-					'name' => $item['author']['xchan_name'],
-					'title' => get_iconfig($item,'nwikipage','commit_msg') 
-				];
-
-			}
-
-			return [ 'success' => true, 'history' => $history ];
-		}
-
-		return [ 'success' => false ];
-
-	}
-	
-
-	static public function load_page($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']     : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']     : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']   : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']      : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']        : (-1));
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
-		}
-
-		$ids = '';
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-
-		if($ic) {
-			foreach($ic as $c) {
-				if($ids)
-					$ids .= ',';
-				$ids .= intval($c['iid']);
-			}
-		}
-
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
-
-		if($revision == (-1))
-			$sql_extra .= " order by revision desc ";
-		elseif($revision)
-			$sql_extra .= " and revision = " . intval($revision) . " ";
-
-		$r = null;
-
-
-		if($ids) {
-			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) $sql_extra limit 1",
-				dbesc($resource_id),
-				intval($channel_id)
-			);
-
-			if($r) {
-				$items = fetch_post_tags($r,true);
-				return $items[0];
-			}
-		}
-
-		return null;
-	}
-
-
-	static public function load_page_history($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']     : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']     : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash']   : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']      : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']        : (-1));
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (! $w['wiki']) {
-			return array('content' => null, 'message' => 'Error reading wiki', 'success' => false);
-		}
-
-		$ids = '';
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-	
-		if($ic) {
-			foreach($ic as $c) {
-				if($ids)
-					$ids .= ',';
-				$ids .= intval($c['iid']);
-			}
-		}
-
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
-
-		$sql_extra .= " order by revision desc ";
-
-		$r = null;
-		if($ids) {
-			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) and item_deleted = 0 $sql_extra",
-				dbesc($resource_id),
-				intval($channel_id)
-			);
-			if($r) {
-				xchan_query($r);
-				$items = fetch_post_tags($r,true);
-				return $items;
-			}
-		}
-
-		return null;
-	}
-
-
-	static public function save_page($arr) {
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
-		$content       = ((array_key_exists('content',$arr))       ? $arr['content']       : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']      : 0);
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		if (!$w['wiki']) {
-			return array('message' => t('Error reading wiki'), 'success' => false);
-		}
-
-	
-		// fetch the most recently saved revision. 
-
-		$item = self::load_page($arr);
-
-		if(! $item) {
-			return array('message' => t('Page not found'), 'success' => false);
-		}
-
-		$mimetype = $item['mimetype'];
-
-		// change just the fields we need to change to create a revision; 
-
-		unset($item['id']);
-		unset($item['author']);
-		$item['parent']       = 0;
-		$item['body']         = $content;
-		$item['author_xchan'] = $observer_hash;
-		$item['revision']     = (($arr['revision']) ? intval($arr['revision']) + 1 : intval($item['revision']) + 1);
-		$item['edited']       = datetime_convert();
-		$item['mimetype']     = $mimetype;
-
-		if($item['iconfig'] && is_array($item['iconfig']) && count($item['iconfig'])) {
-			for($x = 0; $x < count($item['iconfig']); $x ++) {
-				unset($item['iconfig'][$x]['id']);
-				unset($item['iconfig'][$x]['iid']);
-			}
-		}
-
-		$ret = item_store($item, false, false);
-
-		if($ret['item_id'])
-			return array('message' => '', 'item_id' => $ret['item_id'], 'filename' => $pageUrlName, 'success' => true);
-		else
-			return array('message' => t('Page update failed.'), 'success' => false);
-	}	
-
-
-	static public function delete_page($arr) {
-
-		$pageUrlName   = (array_key_exists('pageUrlName',$arr) ? $arr['pageUrlName'] : '');
-		$resource_id   = (array_key_exists('resource_id',$arr) ? $arr['resource_id'] : '');
-		$observer_hash = (array_key_exists('observer_hash',$arr) ? $arr['observer_hash'] : '');
-		$channel_id    = (array_key_exists('channel_id',$arr) ? $arr['channel_id'] : 0);
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if(! $w['wiki']) {
-			return [ 'success' => false, 'message' => t('Error reading wiki') ];
-		}
-
-		$ids = [];
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id 
-			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-
-		if($ic) {
-			foreach($ic as $c) {
-				$ids[] = intval($c['iid']);
-			}
-		}
-
-		if($ids) {
-			drop_items($ids, true, DROPITEM_PHASE1);
-			return [ 'success' => true ];
-		}
-
-		return [ 'success' => false, 'message' => t('Nothing deleted') ];	
-	}
-	
-
-	static public function revert_page($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
-		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
-		$commitHash    = ((array_key_exists('commitHash',$arr))    ? $arr['commitHash']    : null);
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-
-		if (! $commitHash) {
-			return array('message' => 'No commit was provided', 'success' => false);
-		}
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return array('message' => 'Error reading wiki', 'success' => false);
-		}
-
-		$x = $arr;
-
-		if(intval($commitHash) > 0) {
-			unset($x['commitHash']);
-			$x['revision'] = intval($commitHash) - 1;
-			$loaded = self::load_page($x);
-
-			if($loaded) {
-				$content = $loaded['body'];
-				return [ 'content' => $content, 'success' => true ];
-			}
-			return [ 'success' => false ];
-		}
-	}
-	
-
-	static public function compare_page($arr) {
-
-		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
-		$currentCommit = ((array_key_exists('currentCommit',$arr)) ? $arr['currentCommit'] : (-1));
-		$compareCommit = ((array_key_exists('compareCommit',$arr)) ? $arr['compareCommit'] : 0);
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		if (!$w['wiki']) {
-			return array('message' => t('Error reading wiki'), 'success' => false);
-		}
-
-		$x = $arr;
-		$x['revision'] = (-1);
-
-		$currpage = self::load_page($x);
-		if($currpage)
-			$currentContent = $currpage['body'];
-
-		$x['revision'] = $compareCommit;
-		$comppage = self::load_page($x);
-		if($comppage)
-			$compareContent = $comppage['body'];
-
-		if($currpage && $comppage) {
-			require_once('library/class.Diff.php');
-			$diff = \Diff::toTable(\Diff::compare($currentContent, $compareContent));
-
-			return [ 'success' => true, 'diff' => $diff ];
-		}
-		return [ 'success' => false, 'message' =>  t('Compare: object not found.') ];
-
-	}
-	
-
-	static public function commit($arr) {
-
-		$commit_msg    = ((array_key_exists('commit_msg', $arr))   ? $arr['commit_msg']    : t('Page updated'));
-		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : t('Untitled'));
-
-		if(array_key_exists('resource_id', $arr)) {
-			$resource_id = $arr['resource_id'];
-		}
-		else {
-			return array('message' => t('Wiki resource_id required for git commit'), 'success' => false);
-		}
-
-		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (! $w['wiki']) {
-			return array('message' => t('Error reading wiki'), 'success' => false);
-		}
-
-
-		$page = self::load_page($arr);
-
-		if($page) {
-			set_iconfig($page['id'],'nwikipage','commit_msg',escape_tags($commit_msg),true);
-			return [ 'success' => true, 'item_id' => $page['id'], 'page' => $page ];
-		}
-
-		return [ 'success' => false, 'message' => t('Page not found.') ];
-
-	}
-	
-	static public function convert_links($s, $wikiURL) {
-		
-		if (strpos($s,'[[') !== false) {
-			preg_match_all("/\[\[(.*?)\]\]/", $s, $match);
-			$pages = $pageURLs = array();
-			foreach ($match[1] as $m) {
-				// TODO: Why do we need to double urlencode for this to work?
-				//$pageURLs[] = urlencode(urlencode(escape_tags($m)));
-				$titleUri = explode('|',$m);
-				$page = $titleUri[0] ?? '';
-				$title = $titleUri[1] ?? $page;
-				$pageURLs[] = Zlib\NativeWiki::name_encode(escape_tags($page));
-				$pages[] = $title;
-			}
-			$idx = 0;
-			while(strpos($s,'[[') !== false) {
-			$replace = '<a href="'.$wikiURL.'/'.$pageURLs[$idx].'">'.$pages[$idx].'</a>';
-				$s = preg_replace("/\[\[(.*?)\]\]/", $replace, $s, 1);
-				$idx++;
-			}
-		}
-		return $s;
-	}
-
-	static public function render_page_history($arr) {
-
-		$pageUrlName = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-
-		$pageHistory = self::page_history([
-			'channel_id'    => \App::$profile_uid, 
-			'observer_hash' => get_observer_hash(),
-			'resource_id'   => $resource_id,
-			'pageUrlName'   => $pageUrlName
-		]);
-
-		return replace_macros(get_markup_template('nwiki_page_history.tpl'), array(
-			'$pageHistory' => $pageHistory['history'],
-			'$permsWrite'  => $arr['permsWrite'],
-			'$name_lbl'    => t('Name'),
-			'$msg_label'   => t('Message','wiki_history'),
-			'$date_lbl'    => t('Date'),
-			'$revert_btn'  => t('Revert'),
-			'$compare_btn' => t('Compare')
-		));
-
-	}
-
-
-	/**
-	 * Replace the instances of the string [toc] with a list element that will be populated by
-	 * a table of contents by the JavaScript library
-	 * @param string $s
-	 * @return string
-	 */
-	static public function generate_toc($s) {
-		if (strpos($s,'[toc]') !== false) {
-			//$toc_md = wiki_toc($s);	// Generate Markdown-formatted list prior to HTML render
-			$toc_md = '<ul id="wiki-toc"></ul>'; // use the available jQuery plugin http://ndabas.github.io/toc/
-			$s = preg_replace("/\[toc\]/", $toc_md, $s, -1);
-		}
-		return $s;
-	}
-	
-
-	/**
-	 *  Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php
-	 * @param string $s
-	 * @return string
-	 */
-	static public function bbcode($s) {
-			
-		$s = str_replace(array('[baseurl]', '[sitename]'), array(z_root(), get_config('system', 'sitename')), $s);
-			
-		$s = preg_replace_callback("/\[observer\.language\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_callback', $s);
-
-		$s = preg_replace_callback("/\[observer\.language\!\=(.*?)\](.*?)\[\/observer\]/ism",'oblanguage_necallback', $s);
-
-
-		$observer = \App::get_observer();
-		if ($observer) {
-			$s1 = '<span class="bb_observer" title="' . t('Different viewers will see this text differently') . '">';
-			$s2 = '</span>';
-			$obsBaseURL = $observer['xchan_connurl'];
-			$obsBaseURL = preg_replace("/\/poco\/.*$/", '', $obsBaseURL);
-			$s = str_replace('[observer.baseurl]', $obsBaseURL, $s);
-			$s = str_replace('[observer.url]', $observer['xchan_url'], $s);
-			$s = str_replace('[observer.name]', $s1 . $observer['xchan_name'] . $s2, $s);
-			$s = str_replace('[observer.address]', $s1 . $observer['xchan_addr'] . $s2, $s);
-			$s = str_replace('[observer.webname]', substr($observer['xchan_addr'], 0, strpos($observer['xchan_addr'], '@')), $s);
-			$s = str_replace('[observer.photo]', '', $s);
-		} 
-		else {
-			$s = str_replace('[observer.baseurl]', '', $s);
-			$s = str_replace('[observer.url]', '', $s);
-			$s = str_replace('[observer.name]', '', $s);
-			$s = str_replace('[observer.address]', '', $s);
-			$s = str_replace('[observer.webname]', '', $s);
-			$s = str_replace('[observer.photo]', '', $s);
-		}
-
-		return $s;
-	}
-	
-
-	static public function get_file_ext($arr) {
-
-		if($arr['mimetype'] === 'text/bbcode')
-			return '.bb';
-		elseif($arr['mimetype'] === 'text/markdown')
-			return '.md';
-		elseif($arr['mimetype'] === 'text/plain')
-			return '.txt';
-
-	}
-	
-	// This function is derived from 
-	// http://stackoverflow.com/questions/32068537/generate-table-of-contents-from-markdown-in-php
-	static public function toc($content) {
-	  // ensure using only "\n" as line-break
-	  $source = str_replace(["\r\n", "\r"], "\n", $content);
-	
-	  // look for markdown TOC items
-	  preg_match_all(
-		'/^(?:=|-|#).*$/m',
-		$source,
-		$matches,
-		PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE
-	  );
-	
-	  // preprocess: iterate matched lines to create an array of items
-	  // where each item is an array(level, text)
-	  $file_size = strlen($source);
-	  foreach ($matches[0] as $item) {
-		$found_mark = substr($item[0], 0, 1);
-		if ($found_mark == '#') {
-		  // text is the found item
-		  $item_text = $item[0];
-		  $item_level = strrpos($item_text, '#') + 1;
-		  $item_text = substr($item_text, $item_level);
-		} else {
-		  // text is the previous line (empty if <hr>)
-		  $item_offset = $item[1];
-		  $prev_line_offset = strrpos($source, "\n", -($file_size - $item_offset + 2));
-		  $item_text =
-			substr($source, $prev_line_offset, $item_offset - $prev_line_offset - 1);
-		  $item_text = trim($item_text);
-		  $item_level = $found_mark == '=' ? 1 : 2;
-		}
-		if (!trim($item_text) OR strpos($item_text, '|') !== FALSE) {
-		  // item is an horizontal separator or a table header, don't mind
-		  continue;
-		}
-		$raw_toc[] = ['level' => $item_level, 'text' => trim($item_text)];
-	  }
-		$o = '';
-		foreach($raw_toc as $t) {
-			$level = intval($t['level']);
-			$text = $t['text'];
-			switch ($level) {
-				case 1:
-					$li = '* ';
-					break;
-				case 2:
-					$li = '  * ';
-					break;
-				case 3:
-					$li = '    * ';
-					break;
-				case 4:
-					$li = '      * ';
-					break;
-				default:
-					$li = '* ';
-					break;
-			}
-			$o .= $li . $text . "\n";
-		}
-	  return $o;
-	}
-
-}

Zotlabs/Lib/PConfig.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Lib;
 
+use App;
+
 /**
  * @brief Class for handling channel specific configurations.
  *
@@ -32,15 +34,15 @@ class PConfig {
 		if(is_null($uid) || $uid === false)
 			return false;
 
-		if(! is_array(\App::$config)) {
+		if(! is_array(App::$config)) {
 			btlogger('App::$config not an array');
 		}
 
-		if(! array_key_exists($uid, \App::$config)) {
-			\App::$config[$uid] = array();
+		if(! array_key_exists($uid, App::$config)) {
+			App::$config[$uid] = array();
 		}
 
-		if(! is_array(\App::$config[$uid])) {
+		if(! is_array(App::$config[$uid])) {
 			btlogger('App::$config[$uid] not an array: ' . $uid);
 		}
 
@@ -52,12 +54,12 @@ class PConfig {
 			foreach($r as $rr) {
 				$k = $rr['k'];
 				$c = $rr['cat'];
-				if(! array_key_exists($c, \App::$config[$uid])) {
-					\App::$config[$uid][$c] = array();
-					\App::$config[$uid][$c]['config_loaded'] = true;
+				if(! array_key_exists($c, App::$config[$uid])) {
+					App::$config[$uid][$c] = array();
+					App::$config[$uid][$c]['config_loaded'] = true;
 				}
-				\App::$config[$uid][$c][$k] = $rr['v'];
-				\App::$config[$uid][$c]['pcfgud:'.$k] = $rr['updated'];
+				App::$config[$uid][$c][$k] = $rr['v'];
+				App::$config[$uid][$c]['pcfgud:'.$k] = $rr['updated'];
 			}
 		}
 	}
@@ -86,15 +88,15 @@ class PConfig {
 		if(is_null($uid) || $uid === false)
 			return $default;
 
-		if(! array_key_exists($uid, \App::$config))
+		if(! array_key_exists($uid, App::$config))
 			self::Load($uid);
 
-		if((! array_key_exists($family, \App::$config[$uid])) || (! array_key_exists($key, \App::$config[$uid][$family])))
+		if((! array_key_exists($family, App::$config[$uid])) || (! array_key_exists($key, App::$config[$uid][$family])))
 			return $default;
 
-		return ((! is_array(\App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$uid][$family][$key]))
-			? unserialize(\App::$config[$uid][$family][$key])
-			: \App::$config[$uid][$family][$key]
+		return ((! is_array(App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', App::$config[$uid][$family][$key]))
+			? unserialize(App::$config[$uid][$family][$key])
+			: App::$config[$uid][$family][$key]
 		);
 	}
 
@@ -133,6 +135,7 @@ class PConfig {
 		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
 		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
 		$new = false;
+		$update = false;
 
 		$now = datetime_convert();
 		if (! $updated) {
@@ -143,23 +146,22 @@ class PConfig {
 			$updated = datetime_convert('UTC','UTC','-2 seconds');
 		}
 
-		$hash = hash('sha256',$family.':'.$key);
+		$hash = gen_link_id($family.':'.$key);
 
 		if (self::Get($uid, 'hz_delpconfig', $hash) !== false) {
 			if (self::Get($uid, 'hz_delpconfig', $hash) > $now) {
 				logger('Refusing to update pconfig with outdated info (Item deleted more recently).', LOGGER_NORMAL, LOG_ERR);
 				return self::Get($uid,$family,$key);
 			} else {
-				self::Delete($uid,'hz_delpconfig',$hash);
+				self::Delete($uid, 'hz_delpconfig', $hash);
 			}
 		}
 
 		if(self::Get($uid, $family, $key) === false) {
-			if(! array_key_exists($uid, \App::$config))
-				\App::$config[$uid] = array();
-			if(! array_key_exists($family, \App::$config[$uid]))
-				\App::$config[$uid][$family] = array();
-
+			if(! array_key_exists($uid, App::$config))
+				App::$config[$uid] = array();
+			if(! array_key_exists($family, App::$config[$uid]))
+				App::$config[$uid][$family] = array();
 
 			$ret = q("INSERT INTO pconfig ( uid, cat, k, v, updated ) VALUES ( %d, '%s', '%s', '%s', '%s' ) ",
 				intval($uid),
@@ -177,13 +179,14 @@ class PConfig {
 				logger("Error: Insert to pconfig failed.",LOGGER_NORMAL, LOG_ERR);
 			}
 
-			\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+			$new = true;
+			App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
 
 		}
 		else {
-			$new = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);
+			$update = (App::$config[$uid][$family]['pcfgud:'.$key] < $now);
 
-			if ($new) {
+			if ($update) {
 
 				// @NOTE There is still a possible race condition under limited circumstances
 				// where a value will be updated by another thread with more current data than
@@ -198,7 +201,7 @@ class PConfig {
 					dbesc($key)
 				);
 
-				\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+				App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
 
 			} else {
 				logger('Refusing to update pconfig with outdated info.', LOGGER_NORMAL, LOG_ERR);
@@ -211,16 +214,16 @@ class PConfig {
 		// set in the life of this page. We need this to
 		// synchronise channel clones.
 
-		if(! array_key_exists('transient', \App::$config[$uid]))
-			\App::$config[$uid]['transient'] = array();
-		if(! array_key_exists($family, \App::$config[$uid]['transient']))
-			\App::$config[$uid]['transient'][$family] = array();
+		if(! array_key_exists('transient', App::$config[$uid]))
+			App::$config[$uid]['transient'] = array();
+		if(! array_key_exists($family, App::$config[$uid]['transient']))
+			App::$config[$uid]['transient'][$family] = array();
 
-		\App::$config[$uid][$family][$key] = $value;
+		App::$config[$uid][$family][$key] = $value;
 
-		if ($new) {
-			\App::$config[$uid]['transient'][$family][$key] = $value;
-			\App::$config[$uid]['transient'][$family]['pcfgud:'.$key] = $updated;
+		if ($new || $update) {
+			App::$config[$uid]['transient'][$family][$key] = $value;
+			App::$config[$uid]['transient'][$family]['pcfgud:'.$key] = $updated;
 		}
 
 		if($ret)
@@ -253,7 +256,7 @@ class PConfig {
 
 		$updated = ($updated) ? $updated : datetime_convert('UTC','UTC','-2 seconds');
 		$now = datetime_convert();
-		$newer = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);
+		$newer = (App::$config[$uid][$family]['pcfgud:'.$key] < $now);
 
 		if (! $newer) {
 			logger('Refusing to delete pconfig with outdated delete request.', LOGGER_NORMAL, LOG_ERR);
@@ -262,12 +265,12 @@ class PConfig {
 
 		$ret = false;
 
-		if (isset(\App::$config[$uid][$family][$key])) {
-			unset(\App::$config[$uid][$family][$key]);
+		if (isset(App::$config[$uid][$family][$key])) {
+			unset(App::$config[$uid][$family][$key]);
 		}
 
-		if (isset(\App::$config[$uid][$family]['pcfgud:'.$key])) {
-			unset(\App::$config[$uid][$family]['pcfgud:'.$key]);
+		if (isset(App::$config[$uid][$family]['pcfgud:'.$key])) {
+			unset(App::$config[$uid][$family]['pcfgud:'.$key]);
 		}
 
 		$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
@@ -278,9 +281,9 @@ class PConfig {
 
 		// Synchronize delete with clones.
 
-		if ($family != 'hz_delpconfig') {
-			$hash = hash('sha256',$family.':'.$key);
-			set_pconfig($uid,'hz_delpconfig',$hash,$updated);
+		if ($family !== 'hz_delpconfig') {
+			$hash = gen_link_id($family.':'.$key);
+			set_pconfig($uid, 'hz_delpconfig', $hash, $updated);
 		}
 
 		return $ret;

Zotlabs/Lib/Permcat.php

@@ -4,6 +4,7 @@ namespace Zotlabs\Lib;
 
 use Zotlabs\Access\PermissionRoles;
 use Zotlabs\Access\Permissions;
+use Zotlabs\Daemon\Master;
 
 /**
  * @brief Permission Categories. Permission rules for various classes of connections.
@@ -38,33 +39,33 @@ class Permcat {
 
 		// first check role perms for a perms_connect setting
 
-		$role = get_pconfig($channel_id,'system','permissions_role');
-		if($role) {
+		$role = get_pconfig($channel_id, 'system', 'permissions_role');
+		if ($role) {
 			$x = PermissionRoles::role_perms($role);
-			if($x['perms_connect']) {
+			if ($x['perms_connect']) {
 				$perms = Permissions::FilledPerms($x['perms_connect']);
 			}
 		}
 
 		// if no role perms it may be a custom role, see if there any autoperms
 
-		if(! $perms) {
+		if (!$perms) {
 			$perms = Permissions::FilledAutoPerms($channel_id);
 		}
 
 		// if no autoperms it may be a custom role with manual perms
 
-		if(! $perms) {
+		if (!$perms) {
 			$r = q("select channel_hash from channel where channel_id = %d",
 				intval($channel_id)
 			);
-			if($r) {
+			if ($r) {
 				$x = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'my_perms'",
 					intval($channel_id),
 					dbesc($r[0]['channel_hash'])
 				);
-				if($x) {
-					foreach($x as $xv) {
+				if ($x) {
+					foreach ($x as $xv) {
 						$perms[$xv['k']] = intval($xv['v']);
 					}
 				}
@@ -73,25 +74,27 @@ class Permcat {
 
 		// nothing was found - create a filled permission array where all permissions are 0
 
-		if(! $perms) {
+		if (!$perms) {
 			$perms = Permissions::FilledPerms([]);
 		}
 
 		$this->permcats[] = [
 			'name'      => 'default',
-			'localname' => t('default','permcat'),
+			'localname' => t('Default', 'permcat'),
 			'perms'     => Permissions::Operms($perms),
+			'raw_perms' => $perms,
 			'system'    => 1
 		];
 
 
 		$p = $this->load_permcats($channel_id);
-		if($p) {
-			for($x = 0; $x < count($p); $x++) {
+		if ($p) {
+			for ($x = 0; $x < count($p); $x++) {
 				$this->permcats[] = [
 					'name'      => $p[$x][0],
 					'localname' => $p[$x][1],
 					'perms'     => Permissions::Operms(Permissions::FilledPerms($p[$x][2])),
+					'raw_perms' => Permissions::FilledPerms($p[$x][2]),
 					'system'    => intval($p[$x][3])
 				];
 			}
@@ -116,9 +119,9 @@ class Permcat {
 	 *   * \e bool \b error if $name not found in permcats true
 	 */
 	public function fetch($name) {
-		if($name && $this->permcats) {
-			foreach($this->permcats as $permcat) {
-				if(strcasecmp($permcat['name'], $name) === 0) {
+		if ($name && $this->permcats) {
+			foreach ($this->permcats as $permcat) {
+				if (strcasecmp($permcat['name'], $name) === 0) {
 					return $permcat;
 				}
 			}
@@ -128,31 +131,28 @@ class Permcat {
 	}
 
 	public function load_permcats($uid) {
-
+		/*
 		$permcats = [
-			[ 'follower', t('follower','permcat'),
-				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
-				  'post_like' ], 1
-			],
-			[ 'contributor', t('contributor','permcat'),
-				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
-				  'post_wall','post_comments','write_wiki','post_like','tag_deliver','chat' ], 1
-			],
-			[ 'publisher', t('publisher','permcat'),
+			[ 'contributor', t('Contributor','permcat'),
 				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages',
-				  'write_storage','post_wall','write_pages','write_wiki','post_comments','post_like','tag_deliver',
-				  'chat', 'republish' ], 1
-			]
+				  'write_storage','post_wall','write_pages','write_wiki','post_comments', 'post_mail', 'post_like',
+				  'chat' ], 1
+			],
+			[ 'muted', t('Muted','permcat'),
+				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
+				  'post_comments','write_wiki','post_like' ], 1
+			],
 		];
-
-		if($uid) {
+		*/
+		if ($uid) {
 			$x = q("select * from pconfig where uid = %d and cat = 'permcat'",
 				intval($uid)
 			);
-			if($x) {
-				foreach($x as $xv) {
-					$value = ((preg_match('|^a:[0-9]+:{.*}$|s', $xv['v'])) ? unserialize($xv['v']) : $xv['v']);
-					$permcats[] = [ $xv['k'], $xv['k'], $value, 0 ];
+
+			if ($x) {
+				foreach ($x as $xv) {
+					$value      = ((preg_match('|^a:[0-9]+:{.*}$|s', $xv['v'])) ? unserialize($xv['v']) : $xv['v']);
+					$permcats[] = [$xv['k'], $xv['k'], $value, 0];
 				}
 			}
 		}
@@ -167,11 +167,11 @@ class Permcat {
 	}
 
 	static public function find_permcat($arr, $name) {
-		if((! $arr) || (! $name))
+		if ((!$arr) || (!$name))
 			return false;
 
-		foreach($arr as $p)
-			if($p['name'] == $name)
+		foreach ($arr as $p)
+			if ($p['name'] == $name)
 				return $p['value'];
 	}
 
@@ -183,4 +183,105 @@ class Permcat {
 		PConfig::Delete($channel_id, 'permcat', $name);
 	}
 
-}
+	/**
+	 * @brief assign a contact role to contacts
+	 *
+	 * @param array $channel
+	 * @param string $role the name of the role
+	 * @param array $contacts an array of contact hashes
+	 */
+	public static function assign($channel, $role, $contacts) {
+
+		if (!isset($channel['channel_id'])) {
+			return;
+		}
+
+		if (!is_array($contacts) || empty($contacts)) {
+			return;
+		}
+
+		if (!$role) {
+			// lookup the default
+			$role = get_pconfig($channel['channel_id'], 'system', 'default_permcat', 'default');
+		}
+
+
+		// Doublecheck that we do not assign a role to ourself.
+		// It does not make a difference but could be confusing.
+		if (in_array($channel['channel_hash'], $contacts)) {
+			$contacts = array_diff($contacts, [$channel['channel_hash']]);
+		}
+
+		$all_perms  = Permissions::Perms();
+		$permcats   = new Permcat($channel['channel_id']);
+		$role_perms = $permcats->fetch($role);
+
+		if (isset($role_perms['error'])) {
+			return false;
+		}
+
+		$perms = $role_perms['raw_perms'];
+
+		$values_sql = '';
+		stringify_array_elms($contacts, true);
+
+		if ($all_perms && $perms) {
+
+			foreach ($contacts as $contact) {
+				foreach ($all_perms as $perm => $desc) {
+					if (array_key_exists($perm, $perms)) {
+						$values_sql .= " (" . intval($channel['channel_id']) . ", " . protect_sprintf($contact) . ", 'my_perms', '" . dbesc($perm) . "', " . intval($perms[$perm]) . "),";
+					}
+					else {
+						$values_sql .= " (" . intval($channel['channel_id']) . ", " . protect_sprintf($contact) . ", 'my_perms', '" . dbesc($perm) . "', 0), ";
+					}
+				}
+			}
+		}
+
+		$values_sql = rtrim($values_sql, ',');
+
+		dbq("DELETE FROM abconfig WHERE chan = " . intval($channel['channel_id']) . " AND cat = 'my_perms' AND xchan IN (" . protect_sprintf(implode(',', $contacts)) . ")");
+
+		dbq("INSERT INTO abconfig ( chan, xchan, cat, k, v ) VALUES $values_sql");
+
+		q("UPDATE abook SET abook_role = '%s'
+			WHERE abook_xchan IN (" . protect_sprintf(implode(',', $contacts)) . ") AND abook_channel = %d",
+			dbesc($role),
+			intval($channel['channel_id'])
+		);
+
+		$r = q("SELECT abook.*, xchan.* FROM abook LEFT JOIN xchan ON abook.abook_xchan = xchan.xchan_hash WHERE abook.abook_xchan IN (" . protect_sprintf(implode(',', $contacts)) . ") AND abook.abook_channel = %d AND abook_self = 0",
+			intval($channel['channel_id'])
+		);
+
+		foreach ($r as $rr) {
+
+			if (intval($rr['abook_self'])) {
+				continue;
+			}
+
+			Master::Summon([
+				'Notifier',
+				'permission_update',
+				$rr['abook_id']
+			]);
+
+			$clone = $rr;
+
+			unset($clone['abook_id']);
+			unset($clone['abook_account']);
+			unset($clone['abook_channel']);
+
+			$abconfig = load_abconfig($channel['channel_id'], $clone['abook_xchan']);
+			if ($abconfig)
+				$clone['abconfig'] = $abconfig;
+
+			Libsync::build_sync_packet(0 /* use the current local_channel */, ['abook' => [$clone]]);
+
+		}
+
+		return true;
+	}
+
+}

Zotlabs/Lib/Queue.php

@@ -2,6 +2,9 @@
 
 namespace Zotlabs\Lib;
 
+use Zotlabs\Zot6\Receiver;
+use Zotlabs\Zot6\Zot6Handler;
+
 class Queue {
 
 	static function update($id, $add_priority = 0) {
@@ -28,19 +31,19 @@ class Queue {
 			$might_be_down = ((datetime_convert('UTC','UTC',$y[0]['earliest']) < datetime_convert('UTC','UTC','now - 2 days')) ? true : false);
 
 
-		// Set all other records for this destination way into the future. 
+		// Set all other records for this destination way into the future.
 		// The queue delivers by destination. We'll keep one queue item for
 		// this destination (this one) with a shorter delivery. If we succeed
 		// once, we'll try to deliver everything for that destination.
-		// The delivery will be set to at most once per hour, and if the 
+		// The delivery will be set to at most once per hour, and if the
 		// queue item is less than 12 hours old, we'll schedule for fifteen
-		// minutes. 
+		// minutes.
 
 		q("UPDATE outq SET outq_scheduled = '%s' WHERE outq_posturl = '%s'",
 			dbesc(datetime_convert('UTC','UTC','now + 5 days')),
 			dbesc($x[0]['outq_posturl'])
 		);
- 
+
 		$since = datetime_convert('UTC','UTC',$x[0]['outq_created']);
 
 		if(($might_be_down) || ($since < datetime_convert('UTC','UTC','now - 12 hour'))) {
@@ -50,11 +53,10 @@ class Queue {
 			$next = datetime_convert('UTC','UTC','now + ' . intval($add_priority) . ' minutes');
 		}
 
-		q("UPDATE outq SET outq_updated = '%s', 
-			outq_priority = outq_priority + %d, 
-			outq_scheduled = '%s' 
+		q("UPDATE outq SET outq_updated = '%s',
+			outq_priority = outq_priority + %d,
+			outq_scheduled = '%s'
 			WHERE outq_hash = '%s'",
-
 			dbesc(datetime_convert()),
 			intval($add_priority),
 			dbesc($next),
@@ -62,33 +64,53 @@ class Queue {
 		);
 	}
 
-
-	static function remove($id,$channel_id = 0) {
-		logger('queue: remove queue item ' . $id,LOGGER_DEBUG);
+	public static function remove($id, $channel_id = 0) {
+		logger('queue: remove queue item ' . $id, LOGGER_DEBUG);
 		$sql_extra = (($channel_id) ? " and outq_channel = " . intval($channel_id) . " " : '');
-		
-		q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
+
+		// figure out what endpoint it is going to.
+		$record = q("select outq_posturl from outq where outq_hash = '%s' $sql_extra",
 			dbesc($id)
 		);
-	}
 
+		if ($record) {
+			q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
+				dbesc($id)
+			);
+
+			// If there's anything remaining in the queue for this site, move one of them to the next active
+			// queue run by setting outq_scheduled back to the present. We may be attempting to deliver it
+			// as a 'piled_up' delivery, but this ensures the site has an active queue entry as long as queued
+			// entries still exist for it. This fixes an issue where one immediate delivery left everything
+			// else for that site undeliverable since all the other entries had been pushed far into the future.
+
+			$r = q("SELECT outq_hash, outq_posturl FROM outq WHERE outq_posturl = '%s' LIMIT 1",
+				dbesc($record[0]['outq_posturl'])
+			);
+
+			if ($r) {
+				$hashes = ids_to_querystr($r, 'outq_hash', true);
+				$x = q("UPDATE outq SET outq_scheduled = '%s' WHERE outq_hash IN ($hashes)",
+					dbesc(datetime_convert())
+				);
+			}
+		}
+	}
 
 	static function remove_by_posturl($posturl) {
 		logger('queue: remove queue posturl ' . $posturl,LOGGER_DEBUG);
-		
+
 		q("DELETE FROM outq WHERE outq_posturl = '%s' ",
 			dbesc($posturl)
 		);
 	}
 
-
-
 	static function set_delivered($id,$channel = 0) {
 		logger('queue: set delivered ' . $id,LOGGER_DEBUG);
 		$sql_extra = (($channel['channel_id']) ? " and outq_channel = " . intval($channel['channel_id']) . " " : '');
 
 		// Set the next scheduled run date so far in the future that it will be expired
-		// long before it ever makes it back into the delivery chain. 
+		// long before it ever makes it back into the delivery chain.
 
 		q("update outq set outq_delivered = 1, outq_updated = '%s', outq_scheduled = '%s' where outq_hash = '%s' $sql_extra ",
 			dbesc(datetime_convert()),
@@ -107,21 +129,30 @@ class Queue {
 			return false;
 		}
 
+		$hash = $arr['hash'] ?? '';
+		$account_id = $arr['account_id'] ?? 0;
+		$channel_id = $arr['channel_id'] ?? 0;
+		$driver = $arr['driver'] ?? 'zot6';
+		$posturl = $arr['posturl'] ?? '';
+		$priority = $arr['priority'] ?? 0;
+		$notify = $arr['notify'] ?? '';
+		$msg = $arr['msg'] ?? '';
+
 		$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
-			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg ) 
+			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg )
 			values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
-			dbesc($arr['hash']),
-			intval($arr['account_id']),
-			intval($arr['channel_id']),
-			dbesc(($arr['driver']) ? $arr['driver'] : 'zot6'),
-			dbesc($arr['posturl']),
+			dbesc($hash),
+			intval($account_id),
+			intval($channel_id),
+			dbesc($driver),
+			dbesc($posturl),
 			intval(1),
-			intval(isset($arr['priority']) ? $arr['priority'] : 0),
+			intval($priority),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
-			dbesc($arr['notify']),
-			dbesc(($arr['msg']) ? $arr['msg'] : '')
+			dbesc($notify),
+			dbesc($msg)
 		);
 		return $x;
 
@@ -133,24 +164,26 @@ class Queue {
 
 		$base = null;
 		$h = parse_url($outq['outq_posturl']);
-		if($h !== false) 
+		if($h !== false)
 			$base = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');
 
 		if(($base) && ($base !== z_root()) && ($immediate)) {
 			$y = q("select site_update, site_dead from site where site_url = '%s' ",
 				dbesc($base)
 			);
-			if($y) {
-				if(intval($y[0]['site_dead'])) {
+
+			if ($y) {
+				// Don't bother delivering if the site is dead.
+				// And if we haven't heard from the site in over a month - let them through but 3 strikes you're out.
+				if (intval($y[0]['site_dead']) || ($y[0]['site_update'] < datetime_convert('UTC', 'UTC', 'now - 1 month') && $outq['outq_priority'] > 20)) {
+					q("update dreport set dreport_result = '%s' where dreport_queue = '%s'",
+						dbesc('site dead'),
+						dbesc($outq['outq_hash'])
+					);
 					self::remove_by_posturl($outq['outq_posturl']);
 					logger('dead site ignored ' . $base);
 					return;
 				}
-				if($y[0]['site_update'] < datetime_convert('UTC','UTC','now - 1 month')) {
-					self::update($outq['outq_hash'],10);
-					logger('immediate delivery deferred for site ' . $base);
-					return;
-				}
 			}
 			else {
 
@@ -158,12 +191,12 @@ class Queue {
 				// your site has existed. Since we don't know for sure what these sites are,
 				// call them unknown
 
-				site_store_lowlevel( 
+				site_store_lowlevel(
 					[
 						'site_url'    => $base,
 						'site_update' => datetime_convert(),
 						'site_dead'   => 0,
-						'site_type'   => intval(($outq['outq_driver'] === 'post') ? SITE_TYPE_NOTZOT : SITE_TYPE_UNKNOWN),
+						'site_type'   => SITE_TYPE_UNKNOWN,
 						'site_crypto' => ''
 					]
 				);
@@ -171,65 +204,17 @@ class Queue {
 		}
 
 		$arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate);
-		call_hooks('queue_deliver',$arr);
+		call_hooks('queue_deliver', $arr);
 		if($arr['handled'])
 			return;
 
-		// "post" queue driver - used for diaspora and friendica-over-diaspora communications.
-
-		if($outq['outq_driver'] === 'post') {
-			$result = z_post_url($outq['outq_posturl'],$outq['outq_msg']);
-			if($result['success'] && $result['return_code'] < 300) {
-				logger('deliver: queue post success to ' . $outq['outq_posturl'], LOGGER_DEBUG);
-				if($base) {
-					q("update site set site_update = '%s', site_dead = 0 where site_url = '%s' ",
-						dbesc(datetime_convert()),
-						dbesc($base)
-					);
-				}
-				q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'",
-					dbesc('accepted for delivery'),
-					dbesc(datetime_convert()),
-					dbesc($outq['outq_hash'])
-				);
-				self::remove($outq['outq_hash']);
-
-				// server is responding - see if anything else is going to this destination and is piled up 
-				// and try to send some more. We're relying on the fact that do_delivery() results in an 
-				// immediate delivery otherwise we could get into a queue loop. 
-
-				if(! $immediate) {
-					$x = q("select outq_hash from outq where outq_posturl = '%s' and outq_delivered = 0",
-						dbesc($outq['outq_posturl'])
-					);
-	
-					$piled_up = array();
-					if($x) {
-						foreach($x as $xx) {
-							 $piled_up[] = $xx['outq_hash'];
-						}
-					}
-					if($piled_up) {
-						// call do_delivery() with the force flag
-						do_delivery($piled_up, true);
-					}
-				}
-			}
-			else {
-				logger('deliver: queue post returned ' . $result['return_code'] 
-					. ' from ' . $outq['outq_posturl'],LOGGER_DEBUG);
-					self::update($outq['outq_hash'],10);
-			}
-			return;
-		}
-
 		// normal zot delivery
 
 		logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG);
 
 		if($outq['outq_posturl'] === z_root() . '/zot') {
 			// local delivery
-			$zot = new \Zotlabs\Zot6\Receiver(new \Zotlabs\Zot6\Zot6Handler(),$outq['outq_notify']);
+			$zot = new Receiver(new Zot6Handler(), $outq['outq_notify']);
 			$result = $zot->run();
 			logger('returned_json: ' . json_encode($result,JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES), LOGGER_DATA);
 			logger('deliver: local zot delivery succeeded to ' . $outq['outq_posturl']);
@@ -240,13 +225,14 @@ class Queue {
 			$channel = null;
 
 			if($outq['outq_channel']) {
-				$channel = channelx_by_n($outq['outq_channel']);
+				$channel = channelx_by_n($outq['outq_channel'], true);
 			}
 
 			$host_crypto = null;
 
 			if($channel && $base) {
-				$h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' and hubloc_sitekey != '' order by hubloc_id desc limit 1",
+				$h = q("SELECT hubloc_sitekey, site_crypto FROM hubloc LEFT JOIN site ON hubloc_url = site_url
+					WHERE site_url = '%s' AND hubloc_network = 'zot6' AND hubloc_deleted = 0 ORDER BY hubloc_primary DESC, hubloc_id DESC LIMIT 1",
 					dbesc($base)
 				);
 				if($h) {
@@ -256,16 +242,16 @@ class Queue {
 
 			$msg = $outq['outq_notify'];
 
-			$result = Libzot::zot($outq['outq_posturl'],$msg,$channel,$host_crypto);
+			$result = Libzot::zot($outq['outq_posturl'], $msg, $channel, $host_crypto);
 
 			if($result['success']) {
 				logger('deliver: remote zot delivery succeeded to ' . $outq['outq_posturl']);
-				Libzot::process_response($outq['outq_posturl'],$result, $outq);
+				Libzot::process_response($outq['outq_posturl'], $result, $outq);
 			}
 			else {
 				logger('deliver: remote zot delivery failed to ' . $outq['outq_posturl']);
 				logger('deliver: remote zot delivery fail data: ' . print_r($result,true), LOGGER_DATA);
-				self::update($outq['outq_hash'],10);
+				self::update($outq['outq_hash'], 10);
 			}
 		}
 		return;

Zotlabs/Lib/QueueWorker.php

@@ -0,0 +1,378 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Ramsey\Uuid\Uuid;
+use Ramsey\Uuid\Exception\UnableToBuildUuidException;
+
+class QueueWorker {
+
+	public static $queueworker = null;
+	public static $maxworkers = 0;
+	public static $workermaxage = 0;
+	public static $workersleep = 100;
+	public static $default_priorities = [
+		'Notifier'         => 10,
+		'Deliver'          => 10,
+		'Cache_query'      => 10,
+		'Content_importer' => 1,
+		'File_importer'    => 1,
+		'Channel_purge'    => 1,
+		'Directory'        => 1
+	];
+
+	// Exceptions for processtimeout ($workermaxage) value.
+	// Currently the value is overriden with 3600 seconds (1h).
+	public static $long_running_cmd = [
+		'Queue',
+		'Expire'
+	];
+
+	private static function qstart() {
+		q('START TRANSACTION');
+	}
+
+	private static function qcommit() {
+		q("COMMIT");
+	}
+
+	private static function qrollback() {
+		q("ROLLBACK");
+	}
+
+	public static function Summon($argv) {
+
+		if ($argv[0] !== 'Queueworker') {
+
+			$priority = 0; // @TODO allow reprioritization
+
+			if (isset(self::$default_priorities[$argv[0]])) {
+				$priority = self::$default_priorities[$argv[0]];
+			}
+
+			$workinfo      = ['argc' => count($argv), 'argv' => $argv];
+			$workinfo_json = json_encode($workinfo);
+			$uuid          = self::getUuid($workinfo_json);
+
+			$r = q("SELECT * FROM workerq WHERE workerq_uuid = '%s'",
+				dbesc($uuid)
+			);
+			if ($r) {
+				logger("Summon: Ignoring duplicate workerq task", LOGGER_DEBUG);
+				logger(print_r($workinfo, true));
+				return;
+			}
+
+			self::qstart();
+			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
+				intval($priority),
+				$workinfo_json,
+				dbesc($uuid),
+				dbesc($argv[0])
+			);
+			if (!$r) {
+				self::qrollback();
+				logger("INSERT FAILED", LOGGER_DEBUG);
+				return;
+			}
+			self::qcommit();
+			logger('INSERTED: ' . $workinfo_json, LOGGER_DEBUG);
+		}
+
+		$workers = self::GetWorkerCount();
+		if ($workers < self::$maxworkers) {
+			logger($workers . '/' . self::$maxworkers . ' workers active', LOGGER_DEBUG);
+			$phpbin = get_config('system', 'phpbin', 'php');
+			proc_run($phpbin, 'Zotlabs/Daemon/Master.php', ['Queueworker']);
+		}
+	}
+
+	public static function Release($argv) {
+
+		if ($argv[0] !== 'Queueworker') {
+
+			$priority = 0; // @TODO allow reprioritization
+			if (isset(self::$default_priorities[$argv[0]])) {
+				$priority = self::$default_priorities[$argv[0]];
+			}
+
+			$workinfo      = ['argc' => count($argv), 'argv' => $argv];
+			$workinfo_json = json_encode($workinfo);
+			$uuid          = self::getUuid($workinfo_json);
+
+			$r = q("SELECT * FROM workerq WHERE workerq_uuid = '%s'",
+				dbesc($uuid)
+			);
+			if ($r) {
+				logger("Release: Duplicate task - do not insert.", LOGGER_DEBUG);
+				logger(print_r($workinfo, true));
+				return;
+			}
+
+			self::qstart();
+			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
+				intval($priority),
+				$workinfo_json,
+				dbesc($uuid),
+				dbesc($argv[0])
+			);
+			if (!$r) {
+				self::qrollback();
+				logger("Insert failed: " . $workinfo_json, LOGGER_DEBUG);
+				return;
+			}
+			self::qcommit();
+			logger('INSERTED: ' . $workinfo_json, LOGGER_DEBUG);
+		}
+
+		self::Process();
+	}
+
+	public static function GetWorkerCount() {
+		if (self::$maxworkers == 0) {
+			self::$maxworkers = get_config('queueworker', 'max_queueworkers', 4);
+			self::$maxworkers = self::$maxworkers > 3 ? self::$maxworkers : 4;
+		}
+		if (self::$workermaxage == 0) {
+			self::$workermaxage = get_config('queueworker', 'max_queueworker_age');
+			self::$workermaxage = self::$workermaxage > 120 ? self::$workermaxage : 300;
+		}
+
+		self::qstart();
+
+		// skip locked is preferred but is not supported by mariadb < 10.6 which is still used a lot - hence make it optional
+		$sql_quirks = ((get_config('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
+
+		$r = q("SELECT workerq_id FROM workerq WHERE workerq_reservationid IS NOT NULL AND workerq_processtimeout < %s FOR UPDATE $sql_quirks",
+			db_utcnow()
+		);
+
+		if ($r) {
+			// TODO: some long running services store their pid in config.procid.daemon
+			// we could possibly check if a pid exist and check if the process is still alive
+			// prior to reseting workerq_reservationid
+
+			$ids = ids_to_querystr($r, 'workerq_id');
+			$u = dbq("update workerq set workerq_reservationid = null where workerq_id in ($ids)");
+		}
+
+		self::qcommit();
+
+		//q("update workerq set workerq_reservationid = null where workerq_reservationid is not null and workerq_processtimeout < %s",
+			//db_utcnow()
+		//);
+
+		//usleep(self::$workersleep);
+
+		$workers = dbq("select count(*) as total from workerq where workerq_reservationid is not null");
+		logger("WORKERCOUNT: " . $workers[0]['total'], LOGGER_DEBUG);
+
+		return intval($workers[0]['total']);
+	}
+
+	public static function GetWorkerID() {
+		if (self::$queueworker) {
+			return self::$queueworker;
+		}
+
+		$wid = uniqid('', true);
+
+		//usleep(mt_rand(300000, 1000000)); //Sleep .3 - 1 seconds before creating a new worker.
+
+		$workers = self::GetWorkerCount();
+
+		if ($workers >= self::$maxworkers) {
+			logger("Too many active workers ($workers) max = " . self::$maxworkers, LOGGER_DEBUG);
+			return false;
+		}
+
+		self::$queueworker = $wid;
+
+		return $wid;
+	}
+
+	private static function getWorkId() {
+		self::GetWorkerCount();
+
+		self::qstart();
+
+		// skip locked is preferred but is not supported by mariadb < 10.6 which is still used a lot - hence make it optional
+		$sql_quirks = ((get_config('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
+
+		$work = dbq("SELECT workerq_id, workerq_cmd FROM workerq WHERE workerq_reservationid IS NULL ORDER BY workerq_priority DESC, workerq_id ASC LIMIT 1 FOR UPDATE $sql_quirks");
+
+		if (!$work) {
+			self::qrollback();
+			return false;
+		}
+
+		$id = $work[0]['workerq_id'];
+		$cmd = $work[0]['workerq_cmd'];
+		$age = self::$workermaxage;
+
+		if (in_array($cmd, self::$long_running_cmd)) {
+			$age = 3600; // 1h TODO: make this configurable
+		}
+
+		$work = q("UPDATE workerq SET workerq_reservationid = '%s', workerq_processtimeout = %s + INTERVAL %s WHERE workerq_id = %d",
+			self::$queueworker,
+			db_utcnow(),
+			db_quoteinterval($age . " SECOND"),
+			intval($id)
+		);
+
+		if (!$work) {
+			self::qrollback();
+			logger("Could not update workerq.", LOGGER_DEBUG);
+			return false;
+		}
+
+		logger("GOTWORK: " . json_encode($work), LOGGER_DEBUG);
+		self::qcommit();
+
+		return $id;
+	}
+
+	public static function Process() {
+		$sleep = intval(get_config('queueworker', 'queue_worker_sleep', 100));
+		$auto_queue_worker_sleep = get_config('queueworker', 'auto_queue_worker_sleep', 0);
+
+		if (!self::GetWorkerID()) {
+			if ($auto_queue_worker_sleep) {
+				set_config('queueworker', 'queue_worker_sleep', $sleep + 100);
+			}
+
+			logger('Unable to get worker ID. Exiting.', LOGGER_DEBUG);
+			killme();
+		}
+
+		if ($auto_queue_worker_sleep && $sleep > 100) {
+			$next_sleep = $sleep - 100;
+			set_config('queueworker', 'queue_worker_sleep', (($next_sleep < 100) ? 100 : $next_sleep));
+		}
+
+		$jobs               = 0;
+		$workid             = self::getWorkId();
+		$load_average_sleep = false;
+		self::$workersleep  = $sleep;
+		self::$workersleep  = ((intval(self::$workersleep) > 100) ? intval(self::$workersleep) : 100);
+
+		if (function_exists('sys_getloadavg') && get_config('queueworker', 'load_average_sleep')) {
+			// very experimental!
+			$load_average_sleep = true;
+		}
+
+		while ($workid) {
+
+			if ($load_average_sleep) {
+				$load_average      = sys_getloadavg();
+				self::$workersleep = intval($load_average[0]) * 10000;
+
+				if (!self::$workersleep) {
+					self::$workersleep = 100;
+				}
+			}
+
+			logger('queue_worker_sleep: ' . self::$workersleep, LOGGER_DEBUG);
+
+			usleep(self::$workersleep);
+
+			$workitem = dbq("SELECT * FROM workerq WHERE workerq_id = $workid");
+
+			if ($workitem) {
+				// At least SOME work to do.... in case there's more, let's ramp up workers.
+				$workers = self::GetWorkerCount();
+
+				if ($workers < self::$maxworkers) {
+					logger($workers . '/' . self::$maxworkers . ' workers active', LOGGER_DEBUG);
+					$phpbin = get_config('system', 'phpbin', 'php');
+					proc_run($phpbin, 'Zotlabs/Daemon/Master.php', ['Queueworker']);
+				}
+
+				$jobs++;
+
+				logger("Workinfo: " . $workitem[0]['workerq_data'], LOGGER_DEBUG);
+
+				$workinfo = json_decode($workitem[0]['workerq_data'], true);
+				$argv     = $workinfo['argv'];
+
+				$cls  = '\\Zotlabs\\Daemon\\' . $argv[0];
+				$argv = flatten_array_recursive($argv);
+				$argc = count($argv);
+				$rnd = random_string();
+
+				logger('PROCESSING: ' . $rnd . ' ' . print_r($argv[0], true));
+
+				$cls::run($argc, $argv);
+
+				logger('COMPLETED: ' . $rnd);
+
+				// @FIXME: Right now we assume that if we get a return, everything is OK.
+				// At some point we may want to test whether the run returns true/false
+				// and requeue the work to be tried again if needed.  But we probably want
+				// to implement some sort of "retry interval" first.
+
+				dbq("delete from workerq where workerq_id = $workid");
+			}
+			else {
+				logger("NO WORKITEM!", LOGGER_DEBUG);
+			}
+			$workid = self::getWorkId();
+		}
+		logger('Master: Worker Thread: queue items processed:' . $jobs, LOGGER_DEBUG);
+	}
+
+	public static function ClearQueue() {
+		$work = q("select * from workerq");
+		while ($work) {
+			foreach ($work as $workitem) {
+				$workinfo = json_decode($workitem['v'], true);
+				$argc     = $workinfo['argc'];
+				$argv     = $workinfo['argv'];
+
+				logger('Master: process: ' . print_r($argv, true), LOGGER_ALL, LOG_DEBUG);
+
+				if (!isset($argv[0])) {
+					q("delete from workerq where workerq_id = %d",
+						$work[0]['workerq_id']
+					);
+					continue;
+				}
+
+				$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
+				$cls::run($argc, $argv);
+
+				q("delete from workerq where workerq_id = %d",
+					$work[0]['workerq_id']
+				);
+
+				//Give the server .3 seconds to catch its breath between tasks.
+				//This will hopefully keep it from crashing to it's knees entirely
+				//if the last task ended up initiating other parallel processes
+				//(eg. polling remotes)
+				usleep(300000);
+			}
+
+			//Make sure nothing new came in
+			$work = q("select * from workerq");
+		}
+	}
+
+	/**
+	 * @brief Generate a name-based v5 UUID with custom namespace
+	 *
+	 * @param string $data
+	 * @return string $uuid
+	 */
+	private static function getUuid(string $data) {
+		$namespace = '3a112e42-f147-4ccf-a78b-f6841339ea2a';
+		try {
+			$uuid = Uuid::uuid5($namespace, $data)->toString();
+		} catch (UnableToBuildUuidException $e) {
+			logger('UUID generation failed');
+			return '';
+		}
+		return $uuid;
+	}
+
+}

Zotlabs/Lib/Share.php

@@ -8,13 +8,13 @@ class Share {
 
 
 	public function __construct($post_id) {
-	
+
 		if(! $post_id)
 			return;
-	
+
 		if(! (local_channel() || remote_channel()))
 			return;
-	
+
 		$r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d  LIMIT 1",
 			intval($post_id)
 		);
@@ -23,26 +23,26 @@ class Share {
 
 		if(($r[0]['item_private']) && ($r[0]['xchan_network'] !== 'rss'))
 			return;
-	
+
 		$sql_extra = item_permissions_sql($r[0]['uid']);
-	
+
 		$r = q("select * from item where id = %d $sql_extra",
 			intval($post_id)
 		);
 		if(! $r)
 			return;
-	
+
 		if($r[0]['mimetype'] !== 'text/bbcode')
 			return;
-	
+
 		/** @FIXME eventually we want to post remotely via rpost on your home site */
 		// When that works remove this next bit:
-	
+
 		if(! local_channel())
 			return;
 
 		xchan_query($r);
-	
+
 		$this->item = $r[0];
 		return;
 	}
@@ -66,14 +66,14 @@ class Share {
 			'address'  => $this->item['author']['xchan_addr'],
 			'network'  => $this->item['author']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['author']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['author']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['author']['xchan_photo_mimetype'],
 					'href' => $this->item['author']['xchan_photo_m']
 				]
 			]
@@ -84,14 +84,14 @@ class Share {
 			'address'  => $this->item['owner']['xchan_addr'],
 			'network'  => $this->item['owner']['xchan_network'],
 			'link'     => [
-				[ 
-					'rel'  => 'alternate', 
-					'type' => 'text/html', 
+				[
+					'rel'  => 'alternate',
+					'type' => 'text/html',
 					'href' => $this->item['owner']['xchan_url']
 				],
 				[
-					'rel'  => 'photo', 
-					'type' => $this->item['owner']['xchan_photo_mimetype'], 
+					'rel'  => 'photo',
+					'type' => $this->item['owner']['xchan_photo_mimetype'],
 					'href' => $this->item['owner']['xchan_photo_m']
 				]
 			]
@@ -117,7 +117,7 @@ class Share {
 			$object = json_decode($this->item['obj'],true);
 			$photo_bb = $object['body'];
 		}
-	
+
 		if (strpos($this->item['body'], "[/share]") !== false) {
 			$pos = strpos($this->item['body'], "[share");
 			$bb = substr($this->item['body'], $pos);
@@ -126,7 +126,7 @@ class Share {
 				"' profile='"    . $this->item['author']['xchan_url'] .
 				"' avatar='"     . $this->item['author']['xchan_photo_s'] .
 				"' link='"       . $this->item['plink'] .
-				"' auth='"       . ((in_array($this->item['author']['xchan_network'], ['zot6', 'zot'])) ? 'true' : 'false') .
+				"' auth='"       . (($this->item['author']['xchan_network'] === 'zot6') ? 'true' : 'false') .
 				"' posted='"     . $this->item['created'] .
 				"' message_id='" . $this->item['mid'] .
 			"']";

Zotlabs/Lib/System.php

@@ -16,13 +16,13 @@ class System {
 	}
 
 	static public function get_site_name() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['sitename'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['sitename']))
 			return \App::$config['system']['sitename'];
 		return '';
 	}
 
 	static public function get_project_version() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['hide_version']))
 			return '';
 		if(is_array(\App::$config) && is_array(\App::$config['system']) && array_key_exists('std_version',\App::$config['system']))
 			return \App::$config['system']['std_version'];
@@ -31,33 +31,33 @@ class System {
 	}
 
 	static public function get_update_version() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['hide_version']))
 			return '';
 		return DB_UPDATE_VERSION;
 	}
 
 
 	static public function get_notify_icon() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['email_notify_icon_url'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['email_notify_icon_url']))
 			return \App::$config['system']['email_notify_icon_url'];
 		return z_root() . DEFAULT_NOTIFY_ICON;
 	}
 
 	static public function get_site_icon() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['site_icon_url'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['site_icon_url']))
 			return \App::$config['system']['site_icon_url'];
 		return z_root() . DEFAULT_PLATFORM_ICON ;
 	}
 
 
 	static public function get_project_link() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_link'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['project_link']))
 			return \App::$config['system']['project_link'];
 		return 'https://hubzilla.org';
 	}
 
 	static public function get_project_srclink() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_srclink'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['project_srclink']))
 			return \App::$config['system']['project_srclink'];
 		return 'https://framagit.org/hubzilla/core.git';
 	}
@@ -68,7 +68,7 @@ class System {
 
 
 	static public function get_zot_revision() {
-		$x = [ 'revision' => ZOT_REVISION ]; 
+		$x = [ 'revision' => ZOT_REVISION ];
 		call_hooks('zot_revision',$x);
 		return $x['revision'];
 	}

Zotlabs/Lib/ThreadItem.php

@@ -2,7 +2,9 @@
 
 namespace Zotlabs\Lib;
 
+use App;
 use Zotlabs\Lib\Apps;
+use Zotlabs\Access\AccessList;
 
 require_once('include/text.php');
 
@@ -58,6 +60,9 @@ class ThreadItem {
 				$child = new ThreadItem($item);
 				$this->add_child($child);
 			}
+
+			// performance: we have already added the children
+			unset($this->data['children']);
 		}
 
 		// allow a site to configure the order and content of the reaction emoji list
@@ -79,10 +84,8 @@ class ThreadItem {
 
 	public function get_template_data($conv_responses, $thread_level=1, $conv_flags = []) {
 
-		$result = array();
-
-		$item     = $this->get_data();
-
+		$result = [];
+		$item = $this->get_data();
 		$commentww = '';
 		$sparkle = '';
 		$buttons = '';
@@ -93,16 +96,30 @@ class ThreadItem {
 		$is_item = false;
 		$osparkle = '';
 		$total_children = $this->count_descendants();
-		$unseen_comments = (($item['real_uid']) ? 0 : $this->count_unseen_descendants());
+		$unseen_comments = ((isset($item['real_uid']) && $item['real_uid']) ? 0 : $this->count_unseen_descendants());
 
  		$conv = $this->get_conversation();
 		$observer = $conv->get_observer();
 
-		$lock = (((intval($item['item_private'])) || (($item['uid'] == local_channel()) && (strlen($item['allow_cid']) || strlen($item['allow_gid'])
-			|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
-			? t('Private Message')
+		$acl = new AccessList(false);
+		$acl->set($item);
+
+		$lock = ((intval($item['item_private']) || ($item['uid'] == local_channel() && $acl->is_private()))
+			? t('Restricted message')
 			: false);
-		$locktype = $item['item_private'];
+
+		// 1 = restricted message, 2 = direct message
+		$locktype = intval($item['item_private']);
+
+		if ($locktype === 2) {
+			$lock = t('Direct message');
+		}
+
+		// 0 = limited based on public policy
+		if ($item['uid'] == local_channel() && intval($item['item_private']) && !$acl->is_private() && strlen($item['public_policy'])) {
+			$lock = t('Public Policy');
+			$locktype = 0;
+		}
 
 		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false);
 
@@ -110,16 +127,20 @@ class ThreadItem {
 		if($item['author']['xchan_network'] === 'rss')
 			$shareable = true;
 
-		$privacy_warning = false;
-		if(intval($item['item_private']) && ($item['owner']['xchan_network'] === 'activitypub')) {
-			$recips = get_iconfig($item['parent'], 'activitypub', 'recips');
+		// @fixme
+		// Have recently added code to properly handle polls in group reshares by redirecting all of the poll responses to the group.
+		// Sharing a poll using a regular embedded share is harder because the poll will need to fork. This is due to comment permissions.
+		// The original poll author may not accept responses from strangers. Forking the poll will receive responses from the sharer's
+		// followers, but there's no elegant way to merge these two sets of results together. For now, we'll disable sharing polls.
 
-			if(! is_array($recips['to']) || ! in_array($observer['xchan_url'], $recips['to']))
-				$privacy_warning = true;
+		if ($item['obj_type'] === 'Question') {
+			$shareable = false;
 		}
 
+		$privacy_warning = ($item['owner']['xchan_network'] === 'activitypub' && intval($item['item_private']) === 1);
+
 		if ($lock) {
- 			if (($item['mid'] == $item['parent_mid']) && count(get_terms_oftype($item['term'],TERM_FORUM))) {
+ 			if (($item['mid'] == $item['parent_mid']) && isset($item['term']) && count(get_terms_oftype($item['term'], TERM_FORUM))) {
  				$privacy_warning = true;
 				$conv_flags['parent_privacy_warning'] = true;
  			}
@@ -133,24 +154,11 @@ class ThreadItem {
 
 		$mode = $conv->get_mode();
 
-		switch($item['item_type']) {
-			case ITEM_TYPE_CARD:
-				$edlink = 'card_edit';
-				break;
-			case ITEM_TYPE_ARTICLE:
-				$edlink = 'article_edit';
-				break;
-			default:
-				$edlink = 'editpost';
-				break;
-		}
-
 		if(local_channel() && $observer['xchan_hash'] === $item['author_xchan'])
-			$edpost = array(z_root() . '/' . $edlink . '/' . $item['id'], t('Edit'));
+			$edpost = array(z_root() . '/editpost/' . $item['id'], t('Edit'));
 		else
 			$edpost = false;
 
-
 		if($observer && $observer['xchan_hash']
 			&& ($observer['xchan_hash'] == $this->get_data_value('author_xchan')
 			|| $observer['xchan_hash'] == $this->get_data_value('owner_xchan')
@@ -164,7 +172,7 @@ class ThreadItem {
 			$dropping = false;
 		}
 
-
+		$drop = [];
 		if($dropping) {
 			$drop = array(
 				'dropping' => $dropping,
@@ -175,13 +183,6 @@ class ThreadItem {
 			$drop = [ 'dropping' => true, 'delete' => t('Admin Delete') ];
 		}
 
-// FIXME
-		if($observer_is_pageowner) {
-			$multidrop = array(
-				'select' => t('Select'),
-			);
-		}
-
 		$filer = ((($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
 
 		$profile_avatar = $item['author']['xchan_photo_m'];
@@ -191,13 +192,12 @@ class ThreadItem {
 		$location = format_location($item);
 		$isevent = false;
 		$attend = null;
-		$canvote = false;
 
 		// process action responses - e.g. like/dislike/attend/agree/whatever
 		$response_verbs = array('like');
 		if(feature_enabled($conv->get_profile_owner(),'dislike'))
 			$response_verbs[] = 'dislike';
-		if($item['obj_type'] === ACTIVITY_OBJ_EVENT) {
+		if(in_array($item['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) {
 			$response_verbs[] = 'attendyes';
 			$response_verbs[] = 'attendno';
 			$response_verbs[] = 'attendmaybe';
@@ -211,17 +211,6 @@ class ThreadItem {
 			$response_verbs[] = 'answer';
 		}
 
-		$consensus = (intval($item['item_consensus']) ? true : false);
-		if($consensus) {
-			$response_verbs[] = 'agree';
-			$response_verbs[] = 'disagree';
-			$response_verbs[] = 'abstain';
-			if($this->is_commentable() && $observer) {
-				$conlabels = array( t('I agree'), t('I disagree'), t('I abstain'));
-				$canvote = true;
-			}
-		}
-
 		if(! feature_enabled($conv->get_profile_owner(),'dislike'))
 			unset($conv_responses['dislike']);
 
@@ -229,7 +218,8 @@ class ThreadItem {
 
 		$my_responses = [];
 		foreach($response_verbs as $v) {
-			$my_responses[$v] = (($conv_responses[$v][$item['mid'] . '-m']) ? 1 : 0);
+
+			$my_responses[$v] = ((isset($conv_responses[$v][$item['mid'] . '-m'])) ? 1 : 0);
 		}
 
 		$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
@@ -242,6 +232,7 @@ class ThreadItem {
 		}
 		$like_button_label = tt('Like','Likes',$like_count,'noun');
 
+		$showdislike = '';
 		if (feature_enabled($conv->get_profile_owner(),'dislike')) {
 			$dislike_count = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid']] : '');
 			$dislike_list = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid'] . '-l'] : '');
@@ -252,11 +243,11 @@ class ThreadItem {
 			} else {
 				$dislike_list_part = '';
 			}
+
+			$showdislike = ((x($conv_responses['dislike'],$item['mid'])) ? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
 		}
 
 		$showlike    = ((x($conv_responses['like'],$item['mid'])) ? format_like($conv_responses['like'][$item['mid']],$conv_responses['like'][$item['mid'] . '-l'],'like',$item['mid']) : '');
-		$showdislike = ((x($conv_responses['dislike'],$item['mid']) && feature_enabled($conv->get_profile_owner(),'dislike'))
-				? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
 
 		/*
 		 * We should avoid doing this all the time, but it depends on the conversation mode
@@ -267,14 +258,11 @@ class ThreadItem {
 		$this->check_wall_to_wall();
 
 		if($this->is_toplevel()) {
-			// FIXME check this permission
-			if(($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) {
-
-				$star = array(
+			if((local_channel() && $conv->get_profile_owner() === local_channel()) || (local_channel() && App::$module === 'pubstream')) {
+				$star = [
 					'toggle' => t("Toggle Star Status"),
 					'isstarred' => ((intval($item['item_starred'])) ? true : false),
-				);
-
+				];
 			}
 		}
 		else {
@@ -291,7 +279,7 @@ class ThreadItem {
 		$tagger = [];
 
 		// FIXME - check this permission
-		if($conv->get_profile_owner() == local_channel()) {
+		if(local_channel() && $conv->get_profile_owner() == local_channel()) {
 			/* disable until we agree on how to implemnt this in zot6/activitypub
 			$tagger = array(
 				'tagit' => t("Add Tag"),
@@ -299,11 +287,11 @@ class ThreadItem {
 			);
 			*/
 
-			$settings = t('Conversation Tools');
+			$settings = t('Conversation Features');
 		}
 
 		$has_bookmarks = false;
-		if(Apps::system_app_installed(local_channel(), 'Bookmarks') && is_array($item['term'])) {
+		if(Apps::system_app_installed(local_channel(), 'Bookmarks') && isset($item['term']) && is_array($item['term'])) {
 			foreach($item['term'] as $t) {
 				if(($t['ttype'] == TERM_BOOKMARK))
 					$has_bookmarks = true;
@@ -311,23 +299,29 @@ class ThreadItem {
 		}
 
 		$has_event = false;
-		if(($item['obj_type'] === ACTIVITY_OBJ_EVENT) && $conv->get_profile_owner() == local_channel())
+		if((in_array($item['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) && $conv->get_profile_owner() == local_channel())
 			$has_event = true;
 
+		$like = [];
+		$dislike = [];
+		$reply_to = [];
+
 		if($this->is_commentable() && $observer) {
 			$like = array( t("I like this \x28toggle\x29"), t("like"));
 			$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
 			$reply_to = array( t("Reply on this comment"), t("reply"), t("Reply to"));
 		}
 
+		$share = [];
+		$embed = [];
 		if ($shareable) {
 			// This actually turns out not to be possible in some protocol stacks without opening up hundreds of new issues.
 			// Will allow it only for uri resolvable sources.
 			if(strpos($item['mid'],'http') === 0) {
-				$share = []; //Not yet ready for primetime
+				//Not yet ready for primetime
 				//$share = array( t('Repeat This'), t('repeat'));
 			}
-			$embed = array( t('Share This'), t('share'));
+			$embed = [t('Share This'), t('share')];
 		}
 
 		$dreport = '';
@@ -336,11 +330,13 @@ class ThreadItem {
 		if($keep_reports === 0)
 			$keep_reports = 10;
 
-		if((! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
+		$dreport_link = '';
+		if((intval($item['item_type']) == ITEM_TYPE_POST) && (! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
 			$dreport = t('Delivery Report');
 			$dreport_link = gen_link_id($item['mid']);
 		}
 
+		$is_new = false;
 		if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
 			$is_new = true;
 
@@ -356,8 +352,8 @@ class ThreadItem {
 		if($conv->get_mode() === 'channel')
 			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode(gen_link_id($item['mid']));
 
-		$comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
-		$list_unseen_txt = (($unseen_comments) ? sprintf( t('%d unseen'),$unseen_comments) : '');
+		$comment_count_txt = sprintf(tt('%d Comment', '%d Comments', $total_children), $total_children);
+		$list_unseen_txt = (($unseen_comments) ? sprintf(t('%d unseen'), $unseen_comments) : '');
 
 		$children = $this->get_children();
 
@@ -367,7 +363,7 @@ class ThreadItem {
                 call_hooks('dropdown_extras',$dropdown_extras_arr);
                 $dropdown_extras = $dropdown_extras_arr['dropdown_extras'];
 
-		$midb64 = 'b64.' . base64url_encode($item['mid']);
+		$midb64 = gen_link_id($item['mid']);
 		$mids = [ $midb64 ];
 		$response_mids = [];
 		foreach($response_verbs as $v) {
@@ -384,6 +380,12 @@ class ThreadItem {
 		$pinned_items = ($allowed_type ? get_pconfig($item['uid'], 'pinned', $item['item_type'], []) : []);
 		$pinned = ((!empty($pinned_items) && in_array($midb64, $pinned_items)) ? true : false);
 
+		$contact = [];
+
+		if(App::$contacts && array_key_exists($item['author_xchan'], App::$contacts)) {
+			$contact = App::$contacts[$item['author_xchan']];
+		}
+
 		$tmp_item = array(
 			'template' => $this->get_template(),
 			'mode' => $mode,
@@ -401,11 +403,9 @@ class ThreadItem {
 			'mids' => $json_mids,
 			'parent' => $item['parent'],
 			'author_id' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
+			'author_is_group_actor' => (($item['author']['xchan_pubforum']) ? t('Forum') : ''),
 			'isevent' => $isevent,
 			'attend' => $attend,
-			'consensus' => $consensus,
-			'conlabels' => $conlabels,
-			'canvote' => $canvote,
 			'linktitle' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
 			'olinktitle' => (($item['owner']['xchan_addr']) ? $item['owner']['xchan_addr'] : $item['owner']['xchan_url']),
 			'llink' => $item['llink'],
@@ -474,7 +474,6 @@ class ThreadItem {
 			'bookmark'  => (($conv->get_profile_owner() == local_channel() && local_channel() && $has_bookmarks) ? t('Save Bookmarks') : ''),
 			'addtocal'  => (($has_event) ? t('Add to Calendar') : ''),
 			'drop'      => $drop,
-			'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
 			'dropdown_extras' => $dropdown_extras,
 // end toolbar buttons
 			'unseen_comments' => $unseen_comments,
@@ -497,13 +496,15 @@ class ThreadItem {
 			'modal_dismiss' => t('Close'),
 			'showlike' => $showlike,
 			'showdislike' => $showdislike,
-			'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box($indent)),
+			'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box()),
 			'previewing' => ($conv->is_preview() ? true : false ),
 			'preview_lbl' => t('This is an unsaved preview'),
 			'wait' => t('Please wait'),
 			'thread_level' => $thread_level,
 			'settings' => $settings,
-			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? 'b64.' . base64url_encode($item['thr_parent']) : '')
+			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : ''),
+			'contact_id' => (($contact) ? $contact['abook_id'] : '')
+
 		);
 
 		$arr = array('item' => $item, 'output' => $tmp_item);
@@ -789,7 +790,7 @@ class ThreadItem {
 	 *      _ The comment box string (empty if no comment box)
 	 *      _ false on failure
 	 */
-	private function get_comment_box($indent) {
+	private function get_comment_box() {
 
 		if(!$this->is_toplevel() && !get_config('system','thread_allow')) {
 			return '';
@@ -835,14 +836,13 @@ class ThreadItem {
 			'$edurl' => t('Insert Link'),
 			'$edvideo' => t('Video'),
 			'$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
-			'$indent' => $indent,
 			'$can_upload' => (perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage') && $conv->is_uploadable()),
 			'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
 			'$encrypt' => t('Encrypt text'),
 			'$cipher' => $conv->get_cipher(),
 			'$sourceapp' => \App::$sourcename,
 			'$observer' => get_observer_hash(),
-			'$anoncomments' => ((($conv->get_mode() === 'channel' || $conv->get_mode() === 'display') && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
+			'$anoncomments' => ((in_array($conv->get_mode(), ['channel', 'display', 'cards', 'articles']) && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
 			'$anonname' => [ 'anonname', t('Your full name (required)') ],
 			'$anonmail' => [ 'anonmail', t('Your email address (required)') ],
 			'$anonurl'  => [ 'anonurl',  t('Your website URL (optional)') ]

Zotlabs/Lib/ThreadListener.php

@@ -4,18 +4,30 @@ namespace Zotlabs\Lib;
 
 class ThreadListener {
 
+	public static function isEnabled() {
+		return Config::Get('system','enable_thread_listener');
+	}
+
 	static public function store($target_id,$portable_id,$ltype = 0) {
+		if (!self::isEnabled()) {
+			return true;
+		}
+
 		$x = self::fetch($target_id,$portable_id,$ltype = 0);
-		if(! $x) {  
+		if(! $x) {
 			$r = q("insert into listeners ( target_id, portable_id, ltype ) values ( '%s', '%s' , %d ) ",
 				dbesc($target_id),
 				dbesc($portable_id),
 				intval($ltype)
 			);
-		}  	
+		}
 	}
 
 	static public function fetch($target_id,$portable_id,$ltype = 0) {
+		if (!self::isEnabled()) {
+			return false;
+		}
+
 		$x = q("select * from listeners where target_id = '%s' and portable_id = '%s' and ltype = %d limit 1",
 			dbesc($target_id),
 			dbesc($portable_id),
@@ -28,6 +40,10 @@ class ThreadListener {
 	}
 
 	static public function fetch_by_target($target_id,$ltype = 0) {
+		if (!self::isEnabled()) {
+			return [];
+		}
+
 		$x = q("select * from listeners where target_id = '%s' and ltype = %d",
 			dbesc($target_id),
 			intval($ltype)

Zotlabs/Lib/ThreadStream.php

@@ -69,15 +69,15 @@ class ThreadStream {
 			case 'cards':
 				$this->profile_owner = \App::$profile['profile_uid'];
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
-				$this->reload = $_SESSION['return_url'];
+				//$this->reload = $_SESSION['return_url'];
 				break;
 			case 'articles':
 				$this->profile_owner = \App::$profile['profile_uid'];
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
-				$this->reload = $_SESSION['return_url'];
+				//$this->reload = $_SESSION['return_url'];
 				break;
 			case 'display':
-				// in this mode we set profile_owner after initialisation (from conversation()) and then 
+				// in this mode we set profile_owner after initialisation (from conversation()) and then
 				// pull some trickery which allows us to re-invoke this function afterward
 				// it's an ugly hack so @FIXME
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
@@ -170,14 +170,14 @@ class ThreadStream {
 		 * Only add things that will be displayed
 		 */
 
-		
+
 		if(($item->get_data_value('id') != $item->get_data_value('parent')) && (activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE))) {
 			return false;
 		}
 
 		$item->set_commentable(false);
 		$ob_hash = (($this->observer) ? $this->observer['xchan_hash'] : '');
-		
+
 		if(! comments_are_now_closed($item->get_data())) {
 			if(($item->get_data_value('author_xchan') === $ob_hash) || ($item->get_data_value('owner_xchan') === $ob_hash))
 				$item->set_commentable(true);
@@ -194,7 +194,7 @@ class ThreadStream {
 		}
 		if($this->mode === 'pubstream' && (! local_channel())) {
 			$item->set_commentable(false);
-		} 
+		}
 
 
 		$item->set_conversation($this);

Zotlabs/Lib/Webfinger.php

@@ -52,15 +52,21 @@ class Webfinger {
 
 		if(strpos($resource,'http') === 0) {
 			$m = parse_url($resource);
-			if($m) {
-				if($m['scheme'] !== 'https') {
-					return false;
-				}
-				self::$server = $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
-			}
-			else {
+
+			if (!$m) {
 				return false;
 			}
+
+			if(isset($m['scheme']) && $m['scheme'] !== 'https') {
+				return false;
+			}
+
+			if(!isset($m['host'])) {
+				return false;
+			}
+
+			self::$server = $m['host'] . ((isset($m['port'])) ? ':' . $m['port'] : '');
+
 		}
 		elseif(strpos($resource,'tag:') === 0) {
 			$arr = explode(':',$resource); // split the tag
@@ -86,7 +92,7 @@ class Webfinger {
 	/**
 	 * @brief fetch a webfinger resource and return a zot6 discovery url if present
 	 *
-	 */ 
+	 */
 
 	static function zot_url($resource) {
 

Zotlabs/Lib/XConfig.php

@@ -162,7 +162,7 @@ class XConfig {
 	 */
 	static public function Delete($xchan, $family, $key) {
 
-		if(x(\App::$config[$xchan][$family], $key))
+		if(isset(\App::$config[$xchan][$family][$key]))
 			unset(\App::$config[$xchan][$family][$key]);
 
 		$ret = q("DELETE FROM xconfig WHERE xchan = '%s' AND cat = '%s' AND k = '%s'",

Zotlabs/Lib/ZotURL.php

@@ -87,4 +87,4 @@ class ZotURL {
 		return ids_to_array($r,'hubloc_url');
 	}
 
-}
+}

Zotlabs/Lib/Zotfinger.php

@@ -6,7 +6,7 @@ use Zotlabs\Web\HTTPSig;
 
 class Zotfinger {
 
-	static function exec($resource,$channel = null, $verify = true) {
+	static function exec($resource, $channel = null, $verify = true, $recurse = true) {
 
 		if(! $resource) {
 			return false;
@@ -39,6 +39,30 @@ class Zotfinger {
 
 		logger('fetch: ' . print_r($x,true));
 
+        if (in_array(intval($x['return_code']), [ 404, 410 ]) && $recurse) {
+
+            // The resource has been deleted or doesn't exist at this location.
+            // Try to find another nomadic resource for this channel and return that.
+
+            // First, see if there's a hubloc for this site. Fetch that record to
+            // obtain the nomadic identity hash. Then use that to find any additional
+            // nomadic locations.
+
+            $h = Activity::get_actor_hublocs($resource, 'zot6');
+            if ($h) {
+                // mark this location deleted
+                hubloc_delete($h[0]);
+                $hubs = Activity::get_actor_hublocs($h[0]['hubloc_hash']);
+                if ($hubs) {
+                    foreach ($hubs as $hub) {
+                        if ($hub['hubloc_id_url'] !== $resource && !$hub['hubloc_deleted']) {
+                            return self::exec($hub['hubloc_id_url'], $channel, $verify);
+                        }
+                    }
+                }
+            }
+        }
+
 		if($x['success']) {
 			if ($verify) {
 				$result['signature'] = HTTPSig::verify($x, EMPTY_STR, 'zot6');

Zotlabs/Module/Acl.php

@@ -3,9 +3,9 @@
 namespace Zotlabs\Module;
 
 use Zotlabs\Lib\Libzotdir;
+use Zotlabs\Lib\AccessList;
 
 require_once 'include/acl_selectors.php';
-require_once 'include/group.php';
 
 /**
  * @brief ACL selector json backend.
@@ -66,6 +66,11 @@ class Acl extends \Zotlabs\Web\Controller {
 			killme();
 
 		$permitted = [];
+		$sql_extra = '';
+		$sql_extra2 = '';
+		$sql_extra3 = '';
+		$sql_extra2_xchan = '';
+		$order_extra2 = '';
 
 		if(in_array($type, [ 'm', 'a', 'c', 'f' ])) {
 
@@ -81,7 +86,6 @@ class Acl extends \Zotlabs\Web\Controller {
 
 		}
 
-
 		if($search) {
 			$sql_extra = " AND pgrp.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
 			$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
@@ -100,10 +104,6 @@ class Acl extends \Zotlabs\Web\Controller {
 			$sql_extra3 = "AND ( xchan_addr like " . protect_sprintf( "'%" . dbesc(punify($search)) . "%'" ) . " OR xchan_name like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ) ";
 
 		}
-		else {
-			$sql_extra = $sql_extra2 = $sql_extra3 = "";
-		}
-
 
 		$groups = array();
 		$contacts = array();
@@ -123,7 +123,7 @@ class Acl extends \Zotlabs\Web\Controller {
 						"name"  => t('Profile','acl') . ' ' . $rv['profile_name'],
 						"id"	=> 'vp' . $rv['id'],
 						"xid"   => 'vp.' . $rv['profile_guid'],
-						"uids"  => group_get_profile_members_xchan(local_channel(), $rv['id']),
+						"uids"  => AccessList::profile_members_xchan(local_channel(), $rv['id']),
 						"link"  => ''
 					);
 				}
@@ -146,14 +146,14 @@ class Acl extends \Zotlabs\Web\Controller {
 
 			if($r) {
 				foreach($r as $g){
-		//		logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id']));
+		//		logger('acl: group: ' . $g['gname'] . ' members: ' . AccessList::members_xchan(local_channel(), $g['id']));
 					$groups[] = array(
 						"type"  => "g",
 						"photo" => "images/twopeople.png",
 						"name"  => $g['gname'],
 						"id"	=> $g['id'],
 						"xid"   => $g['hash'],
-						"uids"  => group_get_members_xchan($g['id']),
+						"uids"  => AccessList::members_xchan(local_channel(), $g['id']),
 						"link"  => ''
 					);
 				}
@@ -222,6 +222,7 @@ class Acl extends \Zotlabs\Web\Controller {
 					WHERE (abook_channel = %d $extra_channels_sql) AND abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 $sql_extra2 order by $order_extra2 xchan_name asc" ,
 					intval(local_channel())
 				);
+
 				if($r2)
 					$r = array_merge($r2,$r);
 
@@ -282,13 +283,12 @@ class Acl extends \Zotlabs\Web\Controller {
 			}
 		}
 		elseif($type == 'm') {
-
 			$r = array();
-			$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
+			$z = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, abook_self
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
-				and xchan_network IN ('zot', 'diaspora', 'friendica-over-diaspora')
+				and not xchan_network IN ('rss', 'anon', 'unknown')
 				$sql_extra3
 				ORDER BY xchan_name ASC ",
 				intval(local_channel())
@@ -304,7 +304,7 @@ class Acl extends \Zotlabs\Web\Controller {
 		}
 		elseif($type == 'a') {
 
-			$r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
+			$r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag, abook_their_perms, abook_self FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
 				$sql_extra3
@@ -342,7 +342,7 @@ class Acl extends \Zotlabs\Web\Controller {
 			$x = [];
 			foreach($r as $g) {
 
-				if(in_array($g['net'],['rss','anon','unknown']) && ($type != 'a'))
+				if(isset($g['net']) && in_array($g['net'], ['rss','anon','unknown']) && ($type != 'a'))
 					continue;
 
 				$g['hash'] = urlencode($g['hash']);
@@ -371,19 +371,20 @@ class Acl extends \Zotlabs\Web\Controller {
 					);
 				}
 				if($type !== 'f') {
-					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && ($g['net'] == 'zot6' || $g['net'] == 'zot'))) {
+					if (! array_key_exists($x[$lkey], $contacts) || ($contacts[$x[$lkey]]['net'] !== 'zot6' && $g['net'] == 'zot6')) {
 						$contacts[$x[$lkey]] = array(
 							"type"     => "c",
 							"photo"    => $g['micro'],
 							"name"     => $g['name'],
 							"id"	   => urlencode($g['id']),
 							"xid"      => $g['hash'],
+							"url"      => $g['url'],
 							"link"     => $clink,
 							"nick"     => ((strpos($g['nick'],'@')) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']),
 							"self"     => (intval($g['abook_self']) ? 'abook-self' : ''),
 							"taggable" => '',
 							"label"    => '',
-							"net"      => $g['net']
+							"net"      => $g['net'] ?? ''
 						);
 					}
 				}
@@ -438,7 +439,6 @@ class Acl extends \Zotlabs\Web\Controller {
 		}
 
 		if(! $url) {
-			require_once("include/dir_fns.php");
 			$directory = Libzotdir::find_upstream_directory($dirmode);
 			$url = $directory['url'] . '/dirsearch';
 		}

Zotlabs/Module/Activity.php

@@ -182,7 +182,7 @@ class Activity extends Controller {
 				return;
 			}
 
-			$ob_authorise = false;
+			$ob_authorize = false;
 			$item_uid = 0;
 
 			$bear = ZlibActivity::token_from_request();

Zotlabs/Module/Admin.php

@@ -8,7 +8,6 @@
 
 namespace Zotlabs\Module;
 
-require_once('include/queue_fn.php');
 require_once('include/account.php');
 
 /**

Zotlabs/Module/Admin/Addons.php

@@ -77,6 +77,7 @@ class Addons {
 					} catch (\PHPGit\Exception\GitException $e) {
 						json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
 					}
+					break;
 				case 'removerepo':
 					if (array_key_exists('repoName', $_REQUEST)) {
 						$repoName = $_REQUEST['repoName'];
@@ -111,6 +112,7 @@ class Addons {
 					} else {
 						json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false));
 					}
+					break;
 				case 'installrepo':
 					if (array_key_exists('repoURL', $_REQUEST)) {
 						require_once('library/PHPGit.autoload.php');			// Load PHPGit dependencies
@@ -172,6 +174,7 @@ class Addons {
 						$repo = $git->probeRepo();
 						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
 					}
+					break;
 				case 'addrepo':
 					if (array_key_exists('repoURL', $_REQUEST)) {
 						require_once('library/PHPGit.autoload.php');	 // Load PHPGit dependencies

Zotlabs/Module/Admin/Dbsync.php

@@ -5,11 +5,11 @@ namespace Zotlabs\Module\Admin;
 
 
 class Dbsync {
-	
+
 
 	function get() {
 		$o = '';
-	
+
 		if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') {
 			// remove the old style config if it exists
 			del_config('database', 'update_r' . intval(argv(3)));
@@ -29,7 +29,7 @@ class Dbsync {
 				if(method_exists($c,'verify')) {
 					$retval = $c->verify();
 					if($retval === UPDATE_FAILED) {
-						$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s); 
+						$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s);
 					}
 					elseif($retval === UPDATE_SUCCESS) {
 						$o .= sprintf( t('Update %s was successfully applied.'), $s);
@@ -44,20 +44,8 @@ class Dbsync {
 			}
 			else
 				$o .= sprintf( t('Update function %s could not be found.'), $s);
-	
+
 			return $o;
-
-
-
-
-
-			// remove the old style config if it exists
-			del_config('database', 'update_r' . intval(argv(3)));
-			set_config('database', '_' . intval(argv(3)), 'success');
-			if(intval(get_config('system','db_version')) < intval(argv(3)))
-				set_config('system','db_version',intval(argv(3)));
-			info( t('Update has been marked successful') . EOL);
-			goaway(z_root() . '/admin/dbsync');
 		}
 
 		if(argc() > 2 && intval(argv(2))) {
@@ -68,7 +56,7 @@ class Dbsync {
 				$c =  new $cls();
 				$retval = $c->run();
 				if($retval === UPDATE_FAILED) {
-					$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s); 
+					$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s);
 				}
 				elseif($retval === UPDATE_SUCCESS) {
 					$o .= sprintf( t('Update %s was successfully applied.'), $s);
@@ -79,10 +67,10 @@ class Dbsync {
 			}
 			else
 				$o .= sprintf( t('Update function %s could not be found.'), $s);
-	
+
 			return $o;
 		}
-	
+
 		$failed = array();
 		$r = q("select * from config where cat = 'database' ");
 		if(count($r)) {
@@ -107,7 +95,7 @@ class Dbsync {
 		else {
 			return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>';
 		}
-	
+
 		return $o;
 	}
-}
+}

Zotlabs/Module/Admin/Queue.php

@@ -2,52 +2,63 @@
 
 namespace Zotlabs\Module\Admin;
 
-
+use Zotlabs\Lib\Queue as LibQueue;
 
 class Queue {
 
 
-	
+
 	function get() {
 
 		$o = '';
-	
-		$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
-	
-		if($_REQUEST['drophub']) {
+
+		$expert = $_REQUEST['expert'] ?? false;
+
+		if(isset($_REQUEST['drophub'])) {
 			hubloc_mark_as_down($_REQUEST['drophub']);
-			remove_queue_by_posturl($_REQUEST['drophub']);
+			LibQueue::remove_by_posturl($_REQUEST['drophub']);
 		}
-	
-		if($_REQUEST['emptyhub']) {
-			remove_queue_by_posturl($_REQUEST['emptyhub']);
+
+		if(isset($_REQUEST['emptyhub'])) {
+			LibQueue::remove_by_posturl($_REQUEST['emptyhub']);
 		}
-	
-		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq 
+
+		if(isset($_REQUEST['deliverhub'])) {
+
+			$hubq = q("SELECT * FROM outq WHERE outq_posturl = '%s'",
+				dbesc($_REQUEST['deliverhub'])
+			);
+
+			foreach ($hubq as $q) {
+				LibQueue::deliver($q, true);
+			}
+		}
+
+		$r = dbq("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq
 			where outq_delivered = 0 group by outq_posturl order by total desc");
-	
+
 		for($x = 0; $x < count($r); $x ++) {
 			$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
-			$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
 		}
-	
+
 		$o = replace_macros(get_markup_template('admin_queue.tpl'), array(
 			'$banner' => t('Queue Statistics'),
 			'$numentries' => t('Total Entries'),
 			'$priority' => t('Priority'),
 			'$desturl' => t('Destination URL'),
 			'$nukehub' => t('Mark hub permanently offline'),
+			'$deliverhub' => t('Retry delivery to this hub'),
 			'$empty' => t('Empty queue for this hub'),
 			'$lastconn' => t('Last known contact'),
 			'$hasentries' => ((count($r)) ? true : false),
 			'$entries' => $r,
 			'$expert' => $expert
 		));
-	
+
 		return $o;
 	}
-	
 
 
 
-}
+
+}

Zotlabs/Module/Admin/Queueworker.php

@@ -0,0 +1,121 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+use App;
+use Zotlabs\Web\Controller;
+
+class Queueworker extends Controller {
+
+	function init() {
+
+	}
+
+	function post() {
+
+		check_form_security_token('form_security_token', 'queueworker');
+
+		$maxqueueworkers = intval($_POST['queueworker_maxworkers']);
+		$maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4;
+		set_config('queueworker', 'max_queueworkers', $maxqueueworkers);
+
+		$maxworkerage = intval($_POST['queueworker_max_age']);
+		$maxworkerage = ($maxworkerage >= 120) ? $maxworkerage : 300;
+		set_config('queueworker', 'queueworker_max_age', $maxworkerage);
+
+		$queueworkersleep = intval($_POST['queue_worker_sleep']);
+		$queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100;
+		set_config('queueworker', 'queue_worker_sleep', $queueworkersleep);
+
+		$auto_queue_worker_sleep = intval($_POST['auto_queue_worker_sleep']);
+		set_config('queueworker', 'auto_queue_worker_sleep', $auto_queue_worker_sleep);
+
+		goaway(z_root() . '/admin/queueworker');
+	}
+
+	function get() {
+
+		$content = "<H1>Queue Status</H1>\n";
+
+		$r = q('select count(*) as total from workerq');
+
+		$content .= "<H4>There are " . $r[0]['total'] . " queue items to be processed.</H4>";
+
+		$r = dbq("select count(*) as qworkers from workerq where workerq_reservationid is not null");
+
+		$content .= "<H4>Active workers: " . $r[0]['qworkers'] . "</H4>";
+
+		$r = dbq("select workerq_cmd, count(*) as total from workerq where true group by workerq_cmd");
+
+		if ($r) {
+			$content .= "<H4>Work items</H4>";
+			foreach($r as $rr) {
+				$content .= $rr['workerq_cmd'] . ': ' . $rr['total'] . '<br>';
+			}
+		}
+
+		$maxqueueworkers = get_config('queueworker', 'max_queueworkers', 4);
+		$maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4;
+
+		$sc = '';
+
+		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
+			'$field' => [
+				'queueworker_maxworkers',
+				t('Max queueworker threads'),
+				$maxqueueworkers,
+				t('Minimum 4, default 4')
+			]
+		]);
+
+		$workermaxage = get_config('queueworker', 'queueworker_max_age');
+		$workermaxage = ($workermaxage >= 120) ? $workermaxage : 300;
+
+		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
+			'$field' => [
+				'queueworker_max_age',
+				t('Assume workers dead after'),
+				$workermaxage,
+				t('Minimum 120, default 300 seconds')
+			]
+		]);
+
+		$queueworkersleep = get_config('queueworker', 'queue_worker_sleep');
+		$queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100;
+
+		$auto_queue_worker_sleep = get_config('queueworker', 'auto_queue_worker_sleep', 0);
+
+		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
+			'$field' => [
+				'queue_worker_sleep',
+				t('Pause before starting next task'),
+				$queueworkersleep,
+				t('Minimum 100, default 100 microseconds'),
+				'',
+				(($auto_queue_worker_sleep) ? 'disabled' : '')
+			]
+		]);
+
+		$sc .= replace_macros(get_markup_template('field_checkbox.tpl'), [
+			'$field' => [
+				'auto_queue_worker_sleep',
+				t('Automatically adjust pause before starting next task'),
+				$auto_queue_worker_sleep,
+			]
+		]);
+
+		$tpl = get_markup_template('settings_addon.tpl');
+		$content .= replace_macros($tpl, [
+				'$action_url' => 'admin/queueworker',
+				'$form_security_token' => get_form_security_token('queueworker'),
+				'$title' => t('Queueworker Settings'),
+				'$content' => $sc,
+				'$baseurl' => z_root(),
+				'$submit' => t('Save')
+			]
+		);
+
+		return $content;
+
+	}
+}

Zotlabs/Module/Admin/Security.php

@@ -7,12 +7,12 @@ class Security {
 
 	function post() {
 		check_form_security_token_redirectOnErr('/admin/security', 'admin_security');
-	
+
 		$allowed_email        = ((x($_POST,'allowed_email'))	    ? notags(trim($_POST['allowed_email']))		: '');
 		$not_allowed_email    = ((x($_POST,'not_allowed_email'))	? notags(trim($_POST['not_allowed_email']))		: '');
 
 		set_config('system','allowed_email', $allowed_email);
-		set_config('system','not_allowed_email', $not_allowed_email);	
+		set_config('system','not_allowed_email', $not_allowed_email);
 
 		$block_public         = ((x($_POST,'block_public'))		? True	: False);
 		set_config('system','block_public',$block_public);
@@ -25,22 +25,22 @@ class Security {
 
 		$ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites']));
 		set_config('system','whitelisted_sites',$ws);
-	
+
 		$bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites']));
 		set_config('system','blacklisted_sites',$bs);
-	
+
 		$wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels']));
 		set_config('system','whitelisted_channels',$wc);
-	
+
 		$bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels']));
 		set_config('system','blacklisted_channels',$bc);
-	
+
 		$embed_sslonly         = ((x($_POST,'embed_sslonly'))		? True	: False);
 		set_config('system','embed_sslonly',$embed_sslonly);
-	
+
 		$we = $this->trim_array_elems(explode("\n",$_POST['embed_allow']));
 		set_config('system','embed_allow',$we);
-	
+
 		$be = $this->trim_array_elems(explode("\n",$_POST['embed_deny']));
 		set_config('system','embed_deny',$be);
 
@@ -49,47 +49,54 @@ class Security {
 
 		$inline_pdf = ((x($_POST,'inline_pdf')) ? intval($_POST['inline_pdf']) : 0);
 		set_config('system', 'inline_pdf' , $inline_pdf);
-	
+
 		$ts = ((x($_POST,'transport_security')) ? True : False);
 		set_config('system','transport_security_header',$ts);
 
 		$cs = ((x($_POST,'content_security')) ? True : False);
 		set_config('system','content_security_policy',$cs);
 
+		$trusted_directory_servers = $this->trim_array_elems(explode("\n", $_POST['trusted_directory_servers']));
+		set_config('system', 'trusted_directory_servers', $trusted_directory_servers);
+
 		goaway(z_root() . '/admin/security');
 	}
-	
-	
+
+
 
 	function get() {
-	
+
 		$whitesites = get_config('system','whitelisted_sites');
 		$whitesites_str = ((is_array($whitesites)) ? implode("\n",$whitesites) : '');
-	
+
 		$blacksites = get_config('system','blacklisted_sites');
 		$blacksites_str = ((is_array($blacksites)) ? implode("\n",$blacksites) : '');
-	
-	
+
+
 		$whitechannels = get_config('system','whitelisted_channels');
 		$whitechannels_str = ((is_array($whitechannels)) ? implode("\n",$whitechannels) : '');
-	
+
 		$blackchannels = get_config('system','blacklisted_channels');
 		$blackchannels_str = ((is_array($blackchannels)) ? implode("\n",$blackchannels) : '');
-	
-	
+
+
 		$whiteembeds = get_config('system','embed_allow');
 		$whiteembeds_str = ((is_array($whiteembeds)) ? implode("\n",$whiteembeds) : '');
-	
+
 		$blackembeds = get_config('system','embed_deny');
 		$blackembeds_str = ((is_array($blackembeds)) ? implode("\n",$blackembeds) : '');
-	
+
+		$trusted_directory_servers = get_config('system', 'trusted_directory_servers');
+		$trusted_directory_servers_str = ((is_array($trusted_directory_servers)) ? implode("\n", $trusted_directory_servers) : '');
+		$is_dir = (intval(get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL)) !== DIRECTORY_MODE_NORMAL);
+
 		$embed_coop = intval(get_config('system','embed_coop'));
-	
+
 		if((! $whiteembeds) && (! $blackembeds)) {
 			$embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure.");
 		}
 
-		$embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); 
+		$embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:");
 		$embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />");
 		$embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked.");
 
@@ -99,7 +106,7 @@ class Security {
 			'$page' => t('Security'),
 			'$form_security_token' => get_form_security_token('admin_security'),
 	        '$block_public'     => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")),
-			'$cloud_noroot'     => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ], 
+			'$cloud_noroot'     => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ],
 			'$cloud_disksize'     => [ 'cloud_disksize', t('Show total disk space available to cloud uploads'), intval(get_config('system','cloud_report_disksize')), '' ],
 			'$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''),
 			'$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''),
@@ -115,6 +122,8 @@ class Security {
 			'$thumbnail_security'   => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ],
 			'$inline_pdf'   => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), get_config('system','inline_pdf',0), '' ],
 
+			'$trusted_directory_servers' => (($is_dir) ? ['trusted_directory_servers', t('Additional trusted directory server URLs'), $trusted_directory_servers_str, t('Accept directory flags (spam, nsfw) from those servers. One per line like https://example.tld')] : ''),
+
 //	        '$embed_coop'     => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')),
 
 			'$submit' => t('Submit')
@@ -124,7 +133,7 @@ class Security {
 
 	function trim_array_elems($arr) {
 		$narr = array();
-	
+
 		if($arr && is_array($arr)) {
 			for($x = 0; $x < count($arr); $x ++) {
 				$y = trim($arr[$x]);
@@ -134,6 +143,6 @@ class Security {
 		}
 		return $narr;
 	}
-	
-	
+
+
 }

Zotlabs/Module/Admin/Site.php

@@ -67,7 +67,6 @@ class Site {
 		$open_pubstream     =   ((x($_POST,'open_pubstream')) ? True : False);
 		$login_on_homepage	=	((x($_POST,'login_on_homepage'))		? True	:	False);
 		$enable_context_help = ((x($_POST,'enable_context_help'))		? True	:	False);
-		$global_directory     = ((x($_POST,'directory_submit_url'))	? notags(trim($_POST['directory_submit_url']))	: '');
 		$no_community_page    = !((x($_POST,'no_community_page'))	? True	:	False);
 		$default_expire_days  = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
 		$active_expire_days  = ((array_key_exists('active_expire_days',$_POST)) ? intval($_POST['active_expire_days']) : 7);
@@ -100,7 +99,7 @@ class Site {
 		$reg_expire 	   = (preg_match('/^[a-z]{1,1}$/', $regexpireu) ? $regexpiren . $regexpireu : '');
 
 		$imagick_path      = ((x($_POST,'imagick_path'))     ? trim($_POST['imagick_path'])   : '');
-		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
+		//$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
 		$pub_incl = escape_tags(trim($_POST['pub_incl']));
 		$pub_excl = escape_tags(trim($_POST['pub_excl']));
 
@@ -129,7 +128,7 @@ class Site {
 					set_config('system', 'register_duty', $this->register_duty);
 					set_config('system', 'register_duty_jso', $this->joo);
 				} else {
-					notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg;
+					notice('ZAR0130E,' . t('Errors') . ': ' . $this->error . EOL . $this->msgfg . EOL);
 				}
 			}
 		}
@@ -181,7 +180,7 @@ class Site {
 			set_config('system', 'admininfo', $admininfo);
 		}
 		set_config('system','siteinfo',$siteinfo);
-		set_config('system', 'language', $language);
+		//set_config('system', 'language', $language);
 		set_config('system', 'theme', $theme);
 		//		if ( $theme_mobile === '---' ) {
 		//			del_config('system', 'mobile_theme');
@@ -205,12 +204,7 @@ class Site {
 		set_config('system','disable_discover_tab', $disable_discover_tab);
 		set_config('system','site_firehose', $site_firehose);
 		set_config('system','open_pubstream', $open_pubstream);
-		set_config('system','force_queue_threshold', $force_queue);
-		if ($global_directory == '') {
-			del_config('system', 'directory_submit_url');
-		} else {
-			set_config('system', 'directory_submit_url', $global_directory);
-		}
+		//set_config('system','force_queue_threshold', $force_queue);
 
 		set_config('system','no_community_page', $no_community_page);
 		set_config('system','no_utf', $no_utf);
@@ -283,7 +277,7 @@ class Site {
 		}
 
 		$dir_choices = null;
-		$dirmode = get_config('system','directory_mode');
+		$dirmode = get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL);
 		$realm = get_directory_realm();
 
 		// directory server should not be set or settable unless we are a directory client
@@ -301,6 +295,12 @@ class Site {
 					$dir_choices[$xx['site_url']] = $xx['site_url'];
 				}
 			}
+			if ($realm === DIRECTORY_REALM) {
+				$fallback_servers = get_directory_fallback_servers();
+				foreach ($fallback_servers as $fallback_server) {
+					$dir_choices[$fallback_server] = $fallback_server;
+				}
+			}
 		}
 
 		/* Banner */
@@ -339,12 +339,15 @@ class Site {
 		// now invert the logic for the setting.
 		$discover_tab = (1 - $discover_tab);
 
-		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
-		$default_role = get_config('system','default_permissions_role','social');
+		$perm_roles = \Zotlabs\Access\PermissionRoles::channel_roles();
+		$default_role = get_config('system', 'default_permissions_role', 'personal');
+
+		if (!in_array($default_role, array_keys($perm_roles))) {
+			$default_role = 'personal';
+		}
 
 		$role = array('permissions_role' , t('Default permission role for new accounts'), $default_role, t('This role will be used for the first channel created after registration.'),$perm_roles);
 
-
 		$homelogin = get_config('system','login_on_homepage');
 		$enable_context_help = get_config('system','enable_context_help');
 
@@ -422,7 +425,7 @@ class Site {
 			'$banner'			=> array('banner', t("Banner/Logo"), $banner, t('Unfiltered HTML/CSS/JS is allowed')),
 			'$admininfo'		=> array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators.  Displayed on siteinfo page.  BBCode can be used here")),
 			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
-			'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
+			//'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
 			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
 		//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
 		//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
@@ -505,10 +508,10 @@ class Site {
 			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
 			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
 			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
-			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
-			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
-			'$site_firehose'	=> array('site_firehose', t('Site only Public Streams'), get_config('system','site_firehose'), t('Allow access to public content originating only from this site if Imported Public Streams are disabled.')),
-			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the Public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing. Warning: this content is unmoderated.')),
+			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory")),
+			'$disable_discover_tab'	=> array('disable_discover_tab', t('Enable public stream'), $discover_tab, t('Enable the public stream. Warning: this content is unmoderated')),
+			'$site_firehose'	=> array('site_firehose', t('Site only public stream'), get_config('system','site_firehose'), t('Restrict the public stream to content originating at this site')),
+			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing')),
 			'$incl'           => array('pub_incl',t('Only import Public stream posts with this text'), get_config('system','pubstream_incl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
 			'$excl'           => array('pub_excl',t('Do not import Public stream posts with this text'), get_config('system','pubstream_excl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
 
@@ -529,7 +532,7 @@ class Site {
 			'$timeout'			=> array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
 			'$delivery_interval'			=> array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
 			'$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")),
-			'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
+			//'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
 			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
 			'$imagick_path'			=> array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")),
 			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),

Zotlabs/Module/Affinity.php

@@ -44,17 +44,14 @@ class Affinity extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;
 
-		$desc = t('This app presents a slider control in your connection editor and also on your network page. The slider represents your degree of friendship (affinity) with each connection. It allows you to zoom in or out and display conversations from only your closest friends or everybody in your stream.');
-		if(! Apps::system_app_installed(local_channel(),'Affinity Tool')) {
+		if(! Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Affinity Tool App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= $desc;
-			return $o;
+			$papp = Apps::get_papp('Affinity Tool');
+			return Apps::app_render($papp, 'module');
 		}
 
-		$text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.'); 			
+		$text = t('The numbers below represent the minimum and maximum slider default positions for your network/stream page as a percentage.');
 
 		$content = '<div class="section-content-info-wrapper">' . $text . '</div>';
 

Zotlabs/Module/Album.php

@@ -0,0 +1,103 @@
+<?php
+
+namespace Zotlabs\Module;
+
+use App;
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Activity;
+use Zotlabs\Lib\ActivityStreams;
+use Zotlabs\Lib\Config;
+use Zotlabs\Web\HTTPSig;
+
+require_once('include/security.php');
+require_once('include/attach.php');
+require_once('include/photo/photo_driver.php');
+require_once('include/photos.php');
+
+
+class Album extends Controller {
+
+	function init() {
+
+		if (ActivityStreams::is_as_request()) {
+			$sigdata = HTTPSig::verify(EMPTY_STR);
+			if ($sigdata['portable_id'] && $sigdata['header_valid']) {
+				$portable_id = $sigdata['portable_id'];
+				if (!check_channelallowed($portable_id)) {
+					http_status_exit(403, 'Permission denied');
+				}
+				if (!check_siteallowed($sigdata['signer'])) {
+					http_status_exit(403, 'Permission denied');
+				}
+				observer_auth($portable_id);
+			}
+			elseif (Config::get('system', 'require_authenticated_fetch', false)) {
+				http_status_exit(403, 'Permission denied');
+			}
+
+			$observer_xchan = get_observer_hash();
+			$allowed        = false;
+
+			$bear = Activity::token_from_request();
+			if ($bear) {
+				logger('bear: ' . $bear, LOGGER_DEBUG);
+			}
+
+			$channel = null;
+
+			if (argc() > 1) {
+				$channel = channelx_by_nick(argv(1));
+			}
+			if (!$channel) {
+				http_status_exit(404, 'Not found.');
+			}
+
+			$sql_extra = permissions_sql($channel['channel_id'], $observer_xchan);
+
+			if (argc() > 2) {
+				$folder  = argv(2);
+				$r       = q("select * from attach where is_dir = 1 and hash = '%s' and uid = %d $sql_extra limit 1",
+					dbesc($folder),
+					intval($channel['channel_id'])
+				);
+				$allowed = (($r) ? attach_can_view($channel['channel_id'], $observer_xchan, $r[0]['hash'] /*,$bear */) : false);
+			}
+			else {
+				$folder  = EMPTY_STR;
+				$allowed = perm_is_allowed($channel['channel_id'], $observer_xchan, 'view_storage');
+			}
+
+			if (!$allowed) {
+				http_status_exit(403, 'Permission denied.');
+			}
+
+			$x = q("select * from attach where folder = '%s' and uid = %d $sql_extra",
+				dbesc($folder),
+				intval($channel['channel_id'])
+			);
+
+			$contents = [];
+
+			if ($x) {
+				foreach ($x as $xv) {
+					if (intval($xv['is_dir'])) {
+						continue;
+					}
+					if (!attach_can_view($channel['channel_id'], $observer_xchan, $xv['hash'] /*,$bear*/)) {
+						continue;
+					}
+					if (intval($xv['is_photo'])) {
+						$contents[] = z_root() . '/photo/' . $xv['hash'];
+					}
+				}
+			}
+
+			$obj = Activity::encode_simple_collection($contents, App::$query_string, 'OrderedCollection', count($contents));
+			as_return_and_die($obj, $channel);
+
+		}
+
+	}
+
+}
+

Zotlabs/Module/Appman.php

@@ -1,19 +1,19 @@
 <?php /** @file */
 
-namespace Zotlabs\Module; 
+namespace Zotlabs\Module;
 
-//require_once('include/apps.php');
-
-use \Zotlabs\Lib as Zlib;
+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Libsync;
 
 class Appman extends \Zotlabs\Web\Controller {
 
 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
-		if($_POST['url']) {
+
+		if(isset($_POST['url']) && $_POST['url']) {
 			$arr = array(
 				'uid' => intval($_REQUEST['uid']),
 				'url' => escape_tags($_REQUEST['url']),
@@ -32,70 +32,136 @@ class Appman extends \Zotlabs\Web\Controller {
 				'sig' => escape_tags($_REQUEST['sig']),
 				'categories' => escape_tags($_REQUEST['categories'])
 			);
-	
-			$_REQUEST['appid'] = Zlib\Apps::app_install(local_channel(),$arr);
-	
-			if(Zlib\Apps::app_installed(local_channel(),$arr))
+
+			$_REQUEST['appid'] = Apps::app_install(local_channel(),$arr);
+
+			if(Apps::app_installed(local_channel(),$arr))
 				info( t('App installed.') . EOL);
 
 			goaway(z_root() . '/apps');
 			return; //not reached
 		}
-	
-	
-		$papp = Zlib\Apps::app_decode($_POST['papp']);
-	
+
+
+		$papp = Apps::app_decode($_POST['papp']);
+
 		if(! is_array($papp)) {
 			notice( t('Malformed app.') . EOL);
 			return;
 		}
-	
-		if($_POST['install']) {
-			Zlib\Apps::app_install(local_channel(),$papp);
-			if(Zlib\Apps::app_installed(local_channel(),$papp))
+
+		if(isset($_POST['install']) && $_POST['install']) {
+			Apps::app_install(local_channel(),$papp);
+			if(Apps::app_installed(local_channel(),$papp))
 				info( t('App installed.') . EOL);
-		}
-	
-		if($_POST['delete']) {
-			Zlib\Apps::app_destroy(local_channel(),$papp);
+
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (!$sync) {
+				return;
+			}
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
+			}
+
 		}
 
-		if($_POST['edit']) {
+		if(isset($_POST['delete']) && $_POST['delete']) {
+
+			// Fetch the app for sync before it is deleted (if it is deletable))
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (!$sync) {
+				return;
+			}
+
+			Apps::app_destroy(local_channel(), $papp);
+
+			// Now flag it deleted
+			$sync[0]['app_deleted'] = 1;
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
+			}
+		}
+
+		if(isset($_POST['edit']) && $_POST['edit']) {
 			return;
 		}
 
-		if($_POST['feature']) {
-			Zlib\Apps::app_feature(local_channel(), $papp, $_POST['feature']);
+		if(isset($_POST['feature']) && $_POST['feature']) {
+			Apps::app_feature(local_channel(), $papp, $_POST['feature']);
+
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
+			}
 		}
 
-		if($_POST['pin']) {
-			Zlib\Apps::app_feature(local_channel(), $papp, $_POST['pin']);
+		if(isset($_POST['pin']) && $_POST['pin']) {
+			Apps::app_feature(local_channel(), $papp, $_POST['pin']);
+
+			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
+				intval(local_channel()),
+				dbesc($papp['guid'])
+			);
+
+			if (intval($sync[0]['app_system'])) {
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
+			}
+			else {
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
+			}
 		}
 
-		if($_SESSION['return_url']) 
+		if(isset($_POST['aj']) && $_POST['aj']) {
+			killme();
+		}
+
+		if($_SESSION['return_url'])
 			goaway(z_root() . '/' . $_SESSION['return_url']);
 
 		goaway(z_root() . '/apps');
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 
-		$channel = \App::get_channel();
+		$channel = App::get_channel();
 
 		if(argc() > 3) {
 			if(argv(2) === 'moveup') {
-				Zlib\Apps::moveup(local_channel(),argv(1),argv(3));
+				Apps::moveup(local_channel(),argv(1),argv(3));
 			}
 			if(argv(2) === 'movedown') {
-				Zlib\Apps::movedown(local_channel(),argv(1),argv(3));
+				Apps::movedown(local_channel(),argv(1),argv(3));
 			}
 			goaway(z_root() . '/apporder');
 		}
@@ -105,7 +171,7 @@ class Appman extends \Zotlabs\Web\Controller {
 
 		$app = null;
 		$embed = null;
-		if($_REQUEST['appid']) {
+		if(isset($_REQUEST['appid']) && $_REQUEST['appid']) {
 			$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
 				dbesc($_REQUEST['appid']),
 				dbesc(local_channel())
@@ -129,32 +195,30 @@ class Appman extends \Zotlabs\Web\Controller {
 				}
 			}
 
-			$embed = array('embed', t('Embed code'), Zlib\Apps::app_encode($app,true),'', 'onclick="this.select();"');
-	
+			$embed = array('embed', t('Embed code'), Apps::app_encode($app,true),'', 'onclick="this.select();"');
+
 		}
-				
+
 		return replace_macros(get_markup_template('app_create.tpl'), array(
-	
 			'$banner' => (($app) ? t('Edit App') : t('Create App')),
 			'$app' => $app,
-			'$guid' => (($app) ? $app['app_id'] : ''),
-			'$author' => (($app) ? $app['app_author'] : $channel['channel_hash']),
-			'$addr' => (($app) ? $app['app_addr'] : $channel['xchan_addr']),
-			'$name' => array('name', t('Name of app'),(($app) ? $app['app_name'] : ''), t('Required')),
-			'$url' => array('url', t('Location (URL) of app'),(($app) ? $app['app_url'] : ''), t('Required')),
-	 		'$desc' => array('desc', t('Description'),(($app) ? $app['app_desc'] : ''), ''),
-			'$photo' => array('photo', t('Photo icon URL'),(($app) ? $app['app_photo'] : ''), t('80 x 80 pixels - optional')),
-			'$categories' => array('categories',t('Categories (optional, comma separated list)'),(($app) ? $app['categories'] : ''),''),
-			'$version' => array('version', t('Version ID'),(($app) ? $app['app_version'] : ''), ''),
-			'$price' => array('price', t('Price of app'),(($app) ? $app['app_price'] : ''), ''),
-			'$page' => array('page', t('Location (URL) to purchase app'),(($app) ? $app['app_page'] : ''), ''),
-			'$system' => (($app) ? intval($app['app_system']) : 0),
-			'$plugin' => (($app) ? $app['app_plugin'] : ''),
-			'$requires' => (($app) ? $app['app_requires'] : ''),
+			'$guid' => $app['app_id'] ?? '',
+			'$author' => $app['app_author'] ?? $channel['channel_hash'],
+			'$addr' => $app['app_addr'] ?? $channel['xchan_addr'],
+			'$name' => array('name', t('Name of app'), $app['app_name'] ?? '', t('Required')),
+			'$url' => array('url', t('Location (URL) of app'), $app['app_url'] ?? '', t('Required')),
+	 		'$desc' => array('desc', t('Description'), $app['app_desc'] ?? '', ''),
+			'$photo' => array('photo', t('Photo icon URL'),$app['app_photo'] ?? '', t('80 x 80 pixels - optional')),
+			'$categories' => array('categories',t('Categories (optional, comma separated list)'), $app['categories'] ?? '',''),
+			'$version' => array('version', t('Version ID'), $app['app_version'] ?? '', ''),
+			'$price' => array('price', t('Price of app'), $app['app_price'] ?? '', ''),
+			'$page' => array('page', t('Location (URL) to purchase app'), $app['app_page'] ?? '', ''),
+			'$system' => $app['app_system'] ?? 0,
+			'$plugin' => $app['app_plugin'] ?? '',
+			'$requires' => $app['app_requires'] ?? '',
 			'$embed' => $embed,
 			'$submit' => t('Submit')
 		));
-	
 	}
-	
+
 }

Zotlabs/Module/Apps.php

@@ -9,7 +9,7 @@ class Apps extends \Zotlabs\Web\Controller {
 	function get() {
 
 		nav_set_selected('Apps');
-	
+
 		if(argc() == 2 && argv(1) == 'edit')
 			$mode = 'edit';
 		else
@@ -18,9 +18,10 @@ class Apps extends \Zotlabs\Web\Controller {
 		$available = ((argc() == 2 && argv(1) === 'available') ? true : false);
 
 		$_SESSION['return_url'] = \App::$query_string;
-	
-		$apps = array();
-	
+
+		$apps = [];
+		$cat = [];
+
 		if(local_channel()) {
 			Zlib\Apps::import_system_apps();
 			$syslist = array();
@@ -37,9 +38,9 @@ class Apps extends \Zotlabs\Web\Controller {
 			$syslist = Zlib\Apps::get_system_apps(true);
 
 		usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
-	
+
 	//	logger('apps: ' . print_r($syslist,true));
-	
+
 		foreach($syslist as $app) {
 			$apps[] = Zlib\Apps::app_render($app,(($available) ? 'install' : $mode));
 		}
@@ -53,7 +54,7 @@ class Apps extends \Zotlabs\Web\Controller {
 			'$manage' => (($available) ? '' : t('Manage Apps')),
 			'$create' => (($mode == 'edit') ? t('Create Custom App') : '')
 		));
-	
+
 	}
-	
+
 }

Zotlabs/Module/Apschema.php

@@ -14,7 +14,7 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'zot'              => z_root() . '/apschema#',
 				'id'               => '@id',
 				'type'             => '@type',
-				'commentPolicy'    => 'as:commentPolicy',
+				'commentPolicy'    => 'zot:commentPolicy',
 				'meData'           => 'zot:meData',
 				'meDataType'       => 'zot:meDataType',
 				'meEncoding'       => 'zot:meEncoding',
@@ -33,6 +33,9 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'PropertyValue'    => 'schema:PropertyValue',
 				'value'            => 'schema:value',
 
+				'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
+
+
 				'magicEnv' => [
 					'@id'   => 'zot:magicEnv',
 					'@type' => '@id'
@@ -50,7 +53,7 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'guid'         => 'diaspora:guid',
 
 				'Hashtag'      => 'as:Hashtag'
-				
+
 			]
 		];
 

Zotlabs/Module/Article_edit.php

@@ -1,138 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/channel.php');
-require_once('include/acl_selectors.php');
-require_once('include/conversation.php');
-
-class Article_edit extends \Zotlabs\Web\Controller {
-
-
-	function get() {
-
-		// Figure out which post we're editing
-		$post_id = ((argc() > 1) ? intval(argv(1)) : 0);
-
-		if(! $post_id) {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$itm = q("SELECT * FROM item WHERE id = %d and item_type = %d LIMIT 1",
-			intval($post_id),
-			intval(ITEM_TYPE_ARTICLE)
-		);
-		if($itm) {
-			$item_id = q("select * from iconfig where cat = 'system' and k = 'ARTICLE' and iid = %d limit 1",
-				intval($itm[0]['id'])
-			);
-			if($item_id)
-				$card_title = $item_id[0]['v'];
-		}
-		else {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$owner = $itm[0]['uid'];
-		$uid = local_channel();
-
-		$observer = \App::get_observer();
-
-		$channel = channelx_by_n($owner);
-		if(! $channel) {
-			notice( t('Channel not found.') . EOL);
-			return;
-		}
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = (($uid && $uid == $owner) ? true : false);
-
-		$o = '';
-
-
-
-		$category = '';
-		$catsenabled = ((feature_enabled($owner,'categories')) ? 'categories' : '');
-
-		if ($catsenabled){
-		        $itm = fetch_post_tags($itm);
-
-	                $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-
-		        foreach ($cats as $cat) {
-		                if (strlen($category))
-		                        $category .= ', ';
-		                $category .= $cat['term'];
-		        }
-		}
-
-		if($itm[0]['attach']) {
-			$j = json_decode($itm[0]['attach'],true);
-			if($j) {
-				foreach($j as $jj) {
-					$itm[0]['body'] .= "\n" . '[attachment]' . basename($jj['href']) . ',' . $jj['revision'] . '[/attachment]' . "\n";
-				}
-			}
-		}
-
-
-		$mimetype = $itm[0]['mimetype'];
-
-		$content = $itm[0]['body'];
-
-		$rp = 'articles/' . $channel['channel_address'];
-
-		$x = array(
-			'nickname' => $channel['channel_address'],
-			'bbco_autocomplete'=> 'bbcode',
-			'return_path' => $rp,
-			'webpage' => ITEM_TYPE_ARTICLE,
-			'button' => t('Edit'),
-			'writefiles' => perm_is_allowed($owner, get_observer_hash(), 'write_pages'),
-			'weblink' => t('Insert web link'),
-			'hide_voting' => false,
-			'hide_future' => false,
-			'hide_location' => false,
-			'hide_expire' => false,
-			'showacl' => true,
-			'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
-			'permissions' => $itm[0],
-			'lockstate' => (($itm[0]['allow_cid'] || $itm[0]['allow_gid'] || $itm[0]['deny_cid'] || $itm[0]['deny_gid']) ? 'lock' : 'unlock'),
-			'ptyp' => $itm[0]['type'],
-			'mimeselect' => false,
-			'mimetype' => $itm[0]['mimetype'],
-			'body' => undo_post_tagging($content),
-			'post_id' => $post_id,
-			'visitor' => true,
-			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
-			'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'),
-			'placeholdertitle' => t('Title (optional)'),
-			'pagetitle' => $card_title,
-			'profile_uid' => (intval($channel['channel_id'])),
-			'catsenabled' => $catsenabled,
-			'category' => $category,
-			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
-		);
-
-		$editor = status_editor($a, $x, false, 'Article_edit');
-
-		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
-			'$title' => t('Edit Article'),
-			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
-			'$id' => $itm[0]['id'],
-			'$cancel' => t('Cancel'),
-			'$editor' => $editor
-		));
-
-		return $o;
-
-	}
-
-}

Zotlabs/Module/Articles.php

@@ -1,234 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-use App;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Web\Controller;
-use Zotlabs\Lib\PermissionDescription;
-
-require_once('include/channel.php');
-require_once('include/conversation.php');
-require_once('include/acl_selectors.php');
-require_once('include/opengraph.php');
-
-
-class Articles extends Controller {
-
-	function init() {
-
-		if(argc() > 1)
-			$which = argv(1);
-
-                if(! $which) {
-                        if(local_channel()) {
-                                $channel = App::get_channel();
-                                if($channel && $channel['channel_address'])
-                                $which = $channel['channel_address'];
-                        } else {
-				return;
-			}
-                }
-
-		profile_load($which);
-
-	}
-
-	function get($update = 0, $load = false) {
-
-		if(observer_prohibited(true)) {
-			return login();
-		}
-
-		if(! App::$profile) {
-			notice( t('Requested profile is not available.') . EOL );
-			App::$error = 404;
-			return;
-		}
-
-		if(! Apps::system_app_installed(App::$profile_uid, 'Articles')) {
-			//Do not display any associated widgets at this point
-			App::$pdl = '';
-
-			$o = '<b>' . t('Articles App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Create interactive articles');
-			return $o;
-		}
-
-		nav_set_selected('Articles');
-
-		head_add_link([
-			'rel'   => 'alternate',
-			'type'  => 'application/json+oembed',
-			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
-			'title' => 'oembed'
-		]);
-
-
-		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');
-
-		if($category) {
-			$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
-		}
-
-		$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
-		$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
-
-		$which = argv(1);
-
-		$selected_card = ((argc() > 2) ? argv(2) : '');
-
-		$_SESSION['return_url'] = App::$query_string;
-
-		$uid      = local_channel();
-		$owner    = App::$profile_uid;
-		$observer = App::get_observer();
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner,$ob_hash,'view_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = ($uid && $uid == $owner);
-
-		$channel = channelx_by_n($owner);
-
-		if($channel) {
-			$channel_acl = array(
-				'allow_cid' => $channel['channel_allow_cid'],
-				'allow_gid' => $channel['channel_allow_gid'],
-				'deny_cid'  => $channel['channel_deny_cid'],
-				'deny_gid'  => $channel['channel_deny_gid']
-			);
-		}
-		else {
-			$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
-		}
-
-
-
-		if(perm_is_allowed($owner,$ob_hash,'write_pages')) {
-
-			$x = [
-				'webpage'           => ITEM_TYPE_ARTICLE,
-				'is_owner'          => true,
-				'content_label'     => t('Add Article'),
-				'button'            => t('Save'),
-				'nickname'          => $channel['channel_address'],
-				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
-					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-				'acl'               => (($is_owner) ? populate_acl($channel_acl, false,
-					PermissionDescription::fromGlobalPermission('view_pages')) : ''),
-				'permissions'       => $channel_acl,
-				'showacl'           => (($is_owner) ? true : false),
-				'visitor'           => true,
-				'hide_location'     => false,
-				'hide_voting'       => false,
-				'profile_uid'       => intval($owner),
-				'mimetype'          => 'text/bbcode',
-				'mimeselect'        => false,
-				'layoutselect'      => false,
-				'expanded'          => false,
-				'novoting'          => false,
-				'catsenabled'       => feature_enabled($owner,'categories'),
-				'bbco_autocomplete' => 'bbcode',
-				'bbcode'            => true
-			];
-
-			if($_REQUEST['title'])
-				$x['title'] = $_REQUEST['title'];
-			if($_REQUEST['body'])
-				$x['body'] = $_REQUEST['body'];
-			$editor = status_editor($a,$x,false,'Articles');
-
-		}
-		else {
-			$editor = '';
-		}
-
-		$itemspage = get_pconfig(local_channel(),'system','itemspage');
-		App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
-		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
-
-
-		$sql_extra = item_permissions_sql($owner);
-		$sql_item = '';
-
-		if($selected_card) {
-			$r = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and iconfig.v = '%s' limit 1",
-				dbesc($selected_card)
-			);
-			if($r) {
-				$sql_item = "and item.id = " . intval($r[0]['iid']) . " ";
-			}
-		}
-		if($datequery) {
-			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
-			$order = 'post';
-		}
-		if($datequery2) {
-			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
-		}
-
-		if($datequery || $datequery2) {
-			$sql_extra2 .= " and item.item_thread_top != 0 ";
-		}
-
-		$r = q("select * from item
-			where item.uid = %d and item_type = %d
-			$sql_extra $sql_extra2 $sql_item order by item.created desc $pager_sql",
-			intval($owner),
-			intval(ITEM_TYPE_ARTICLE)
-		);
-
-		$item_normal = " and item.item_hidden = 0 and item.item_type in (0,7) and item.item_deleted = 0
-			and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
-			and item.item_blocked = 0 ";
-
-		if($r) {
-
-			$pager_total = count($r);
-
-			$parents_str = ids_to_querystr($r,'id');
-
-			$r = q("SELECT item.*, item.id AS item_id
-				FROM item
-				WHERE item.uid = %d $item_normal
-				AND item.parent IN ( %s )
-				$sql_extra $sql_extra2 ",
-				intval(App::$profile['profile_uid']),
-				dbesc($parents_str)
-			);
-			if($r) {
-				xchan_query($r);
-				$items = fetch_post_tags($r, true);
-				$items = conv_sort($items,'updated');
-			}
-			else
-				$items = [];
-		}
-
-		// Add Opengraph markup
-		opengraph_add_meta((! empty($items) ? $r[0] : []), $channel);
-
-		$mode = 'articles';
-
-		if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card))
-            $page_mode = 'pager_list';
-        else
-            $page_mode = 'traditional';
-
-     	$content = conversation($items,$mode,false,$page_mode);
-
-		$o = replace_macros(get_markup_template('cards.tpl'), [
-			'$title' => t('Articles'),
-			'$editor' => $editor,
-			'$content' => $content,
-			'$pager' => alt_pager($pager_total)
-		]);
-
-        return $o;
-    }
-
-}

Zotlabs/Module/Authtest.php

@@ -1,41 +1,38 @@
 <?php
 namespace Zotlabs\Module;
 
-require_once('include/zot.php');
-
-
 class Authtest extends \Zotlabs\Web\Controller {
 
 	function get() {
-	
-	
+
+
 		$auth_success = false;
 		$o .= '<h3>Magic-Auth Diagnostic</h3>';
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return $o;
 		}
-	
+
 		$o .= '<form action="authtest" method="get">';
 		$o .= 'Target URL: <input type="text" style="width: 250px;" name="dest" value="' . $_GET['dest'] .'" />';
-		$o .= '<input type="submit" name="submit" value="Submit" /></form>'; 
-	
+		$o .= '<input type="submit" name="submit" value="Submit" /></form>';
+
 		$o .= '<br /><br />';
-	
+
 		if(x($_GET,'dest')) {
 			if(strpos($_GET['dest'],'@')) {
 				$_GET['dest'] = $_REQUEST['dest'] = 'https://' . substr($_GET['dest'],strpos($_GET['dest'],'@')+1) . '/channel/' . substr($_GET['dest'],0,strpos($_GET['dest'],'@'));
 			}
-	
+
 			$_REQUEST['test'] = 1;
 			$mod = new Magic();
 			$x = $mod->init($a);
 
 			$o .= 'Local Setup returns: ' . print_r($x,true);
-	
-	
-	
+
+
+
 			if($x['url']) {
 				$z = z_fetch_url($x['url'] . '&test=1');
 				if($z['success']) {
@@ -50,12 +47,12 @@ class Authtest extends \Zotlabs\Web\Controller {
 					$o .= 'fetch url failure.' . print_r($z,true);
 				}
 			}
-	
+
 			if(! $auth_success)
 				$o .= 'Authentication Failed!' . EOL;
 		}
-	
+
 		return str_replace("\n",'<br />',$o);
 	}
-	
+
 }

Zotlabs/Module/Blocks.php

@@ -9,43 +9,43 @@ require_once('include/acl_selectors.php');
 class Blocks extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
 			$sys = get_sys_channel();
 			if($sys && intval($sys['channel_id'])) {
 				\App::$is_sys = true;
 			}
 		}
-	
+
 		if(argc() > 1)
 			$which = argv(1);
 		else
 			return;
-	
+
 		profile_load($which);
-	
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! \App::$profile) {
 			notice( t('Requested profile is not available.') . EOL );
 			\App::$error = 404;
 			return;
 		}
-	
+
 		$which = argv(1);
-	
+
 		$_SESSION['return_url'] = \App::$query_string;
-	
+
 		$uid = local_channel();
 		$owner = 0;
 		$channel = null;
 		$observer = \App::get_observer();
-	
+
 		$channel = \App::get_channel();
-	
+
 		if(\App::$is_sys && is_site_admin()) {
 			$sys = get_sys_channel();
 			if($sys && intval($sys['channel_id'])) {
@@ -54,7 +54,7 @@ class Blocks extends \Zotlabs\Web\Controller {
 				$observer = $sys;
 			}
 		}
-	
+
 		if(! $owner) {
 			// Figure out who the page owner is.
 			$r = q("select channel_id from channel where channel_address = '%s'",
@@ -64,24 +64,24 @@ class Blocks extends \Zotlabs\Web\Controller {
 				$owner = intval($r[0]['channel_id']);
 			}
 		}
-	
+
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-	
+
 		$perms = get_all_perms($owner,$ob_hash);
-	
+
 		if(! $perms['write_pages']) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
-		// Block design features from visitors 
-	
+
+		// Block design features from visitors
+
 		if((! $uid) || ($uid != $owner)) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
-		$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
+
+		$mimetype = ((isset($_REQUEST['mimetype']) && $_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
 
 		$x = array(
 			'webpage' => ITEM_TYPE_BLOCK,
@@ -101,27 +101,25 @@ class Blocks extends \Zotlabs\Web\Controller {
 			'bbco_autocomplete' => 'bbcode',
 			'bbcode' => true
 		);
-	
-		if($_REQUEST['title'])
-			$x['title'] = $_REQUEST['title'];
-		if($_REQUEST['body'])
-			$x['body'] = $_REQUEST['body'];
-		if($_REQUEST['pagetitle'])
-			$x['pagetitle'] = $_REQUEST['pagetitle'];
-	
-		$editor = status_editor($a,$x,false,'Blocks');
-	
 
-		$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig 
+		$x['title'] = $_REQUEST['title'] ?? '';
+		$x['body'] = $_REQUEST['body'] ?? '';
+		$x['pagetitle'] = $_REQUEST['pagetitle'] ?? '';
+
+		$a = '';
+		$editor = status_editor($a,$x,false,'Blocks');
+
+
+		$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig
 			left join item on iconfig.iid = item.id
-			where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' 
+			where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK'
 			and item_type = %d order by item.created desc",
 			intval($owner),
 			intval(ITEM_TYPE_BLOCK)
 		);
-	
+
 		$pages = null;
-	
+
 		if($r) {
 			$pages = array();
 			foreach($r as $rr) {
@@ -143,13 +141,13 @@ class Blocks extends \Zotlabs\Web\Controller {
 					'edited' => $rr['edited'],
 					'bb_element' => '[element]' . base64url_encode(json_encode($element_arr)) . '[/element]'
 				);
-			} 
+			}
 		}
-	
+
 		//Build the base URL for edit links
-		$url = z_root() . '/editblock/' . $which; 
-	
-		$o .= replace_macros(get_markup_template('blocklist.tpl'), array(
+		$url = z_root() . '/editblock/' . $which;
+
+		$o = replace_macros(get_markup_template('blocklist.tpl'), array(
 			'$baseurl'    => $url,
 			'$title'      => t('Blocks'),
 			'$name'       => t('Block Name'),
@@ -166,8 +164,8 @@ class Blocks extends \Zotlabs\Web\Controller {
 			'$view'       => t('View'),
 			'$preview'    => '1',
 		));
-	    
+
 		return $o;
 	}
-	
+
 }

Zotlabs/Module/Bookmarks.php

@@ -18,31 +18,31 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 
 		$item_id = (isset($_REQUEST['item']) ? $_REQUEST['item'] : false);
 		$burl    = (isset($_REQUEST['burl']) ? trim($_REQUEST['burl']) : '');
-	
+
 		if(! $item_id)
 			return;
-	
+
 		$u = \App::get_channel();
-	
+
 		$item_normal = item_normal();
-	
+
 		$i = q("select * from item where id = %d and uid = %d $item_normal limit 1",
 			intval($item_id),
 			intval(local_channel())
 		);
-	
+
 		if(! $i)
 			return;
-	
+
 		$i = fetch_post_tags($i);
-	
+
 		$item = $i[0];
-	
+
 		$terms = (x($item, 'term') ? get_terms_oftype($item['term'],TERM_BOOKMARK) : false);
-	
+
 		if($terms) {
 			require_once('include/bookmarks.php');
-	
+
 			$s = q("select * from xchan where xchan_hash = '%s' limit 1",
 				dbesc($item['author_xchan'])
 			);
@@ -58,13 +58,13 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 				}
 				else
 					bookmark_add($u,$s[0],$t,$item['item_private']);
-	
+
 				info( t('Bookmark added') . EOL);
 			}
 		}
 		killme();
 	}
-	
+
 	function get() {
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
@@ -74,49 +74,47 @@ class Bookmarks extends \Zotlabs\Web\Controller {
 		if(! Apps::system_app_installed(local_channel(), 'Bookmarks')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Bookmarks App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Bookmark links from posts and manage them');
-			return $o;
+			$papp = Apps::get_papp('Bookmarks');
+			return Apps::app_render($papp, 'module');
 		}
-	
+
 		require_once('include/menu.php');
 		require_once('include/conversation.php');
-	
+
 		$channel = \App::get_channel();
-	
+
 		$o = '';
-	
+
 		$o .= '<div class="generic-content-wrapper-styled">';
-	
-		$o .= '<h3>' . t('My Bookmarks') . '</h3>';
-	
+
+		$o .= '<h3>' . t('Bookmarks') . '</h3>';
+
 		$x = menu_list(local_channel(),'',MENU_BOOKMARK);
-	
+
 		if($x) {
 			foreach($x as $xx) {
 				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
 				$o .= menu_render($y,'',true);
 			}
 		}
-	
+
 		$o .= '<h3>' . t('My Connections Bookmarks') . '</h3>';
-	
-	
+
+
 		$x = menu_list(local_channel(),'',MENU_SYSTEM|MENU_BOOKMARK);
-	
+
 		if($x) {
 			foreach($x as $xx) {
 				$y = menu_fetch($xx['menu_name'],local_channel(),get_observer_hash());
 				$o .= menu_render($y,'',true);
 			}
 		}
-	
+
 		$o .= '</div>';
-	
+
 		return $o;
-	
+
 	}
-	
-	
+
+
 }

Zotlabs/Module/Cal.php

@@ -39,7 +39,7 @@ class Cal extends Controller {
 
 			head_set_icon(App::$data['channel']['xchan_photo_s']);
 
-			App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
+			App::$page['htmlhead'] = "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
 
 		}
 
@@ -65,13 +65,9 @@ class Cal extends Controller {
 
 		nav_set_selected('Calendar');
 
-		head_add_css('/library/fullcalendar/packages/core/main.min.css');
-		head_add_css('/library/fullcalendar/packages/daygrid/main.min.css');
+		head_add_js('/library/fullcalendar/dist/index.global.js');
 		head_add_css('cdav_calendar.css');
 
-		head_add_js('/library/fullcalendar/packages/core/main.min.js');
-		head_add_js('/library/fullcalendar/packages/daygrid/main.min.js');
-
 		$sql_extra = permissions_sql($channel['channel_id'], get_observer_hash(), 'event');
 
 		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts') || App::$profile['hide_friends'])

Zotlabs/Module/Card_edit.php

@@ -1,140 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/channel.php');
-require_once('include/acl_selectors.php');
-require_once('include/conversation.php');
-
-class Card_edit extends \Zotlabs\Web\Controller {
-
-
-	function get() {
-
-		// Figure out which post we're editing
-		$post_id = ((argc() > 1) ? intval(argv(1)) : 0);
-
-		if(! $post_id) {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$itm = q("SELECT * FROM item WHERE id = %d and item_type = %d LIMIT 1",
-			intval($post_id),
-			intval(ITEM_TYPE_CARD)
-		);
-		if($itm) {
-			$item_id = q("select * from iconfig where cat = 'system' and k = 'CARD' and iid = %d limit 1",
-				intval($itm[0]['id'])
-			);
-			if($item_id)
-				$card_title = $item_id[0]['v'];
-		}
-		else {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$owner = $itm[0]['uid'];
-		$uid = local_channel();
-
-		$observer = \App::get_observer();
-
-		$channel = channelx_by_n($owner);
-		if(! $channel) {
-			notice( t('Channel not found.') . EOL);
-			return;
-		}
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = (($uid && $uid == $owner) ? true : false);
-
-		$o = '';
-
-
-
-		$category = '';
-		$catsenabled = ((feature_enabled($owner,'categories')) ? 'categories' : '');
-
-		if ($catsenabled){
-		        $itm = fetch_post_tags($itm);
-
-	                $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-
-		        foreach ($cats as $cat) {
-		                if (strlen($category))
-		                        $category .= ', ';
-		                $category .= $cat['term'];
-		        }
-		}
-
-		if($itm[0]['attach']) {
-			$j = json_decode($itm[0]['attach'],true);
-			if($j) {
-				foreach($j as $jj) {
-					$itm[0]['body'] .= "\n" . '[attachment]' . basename($jj['href']) . ',' . $jj['revision'] . '[/attachment]' . "\n";
-				}
-			}
-		}
-
-
-		$mimetype = $itm[0]['mimetype'];
-
-		$content = $itm[0]['body'];
-
-
-
-		$rp = 'cards/' . $channel['channel_address'];
-
-		$x = array(
-			'nickname' => $channel['channel_address'],
-			'bbco_autocomplete'=> 'bbcode',
-			'return_path' => $rp,
-			'webpage' => ITEM_TYPE_CARD,
-			'button' => t('Edit'),
-			'writefiles' => perm_is_allowed($owner, get_observer_hash(), 'write_pages'),
-			'weblink' => t('Insert web link'),
-			'hide_voting' => false,
-			'hide_future' => false,
-			'hide_location' => false,
-			'hide_expire' => false,
-			'showacl' => true,
-			'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
-			'permissions' => $itm[0],
-			'lockstate' => (($itm[0]['allow_cid'] || $itm[0]['allow_gid'] || $itm[0]['deny_cid'] || $itm[0]['deny_gid']) ? 'lock' : 'unlock'),
-			'ptyp' => $itm[0]['type'],
-			'mimeselect' => false,
-			'mimetype' => $itm[0]['mimetype'],
-			'body' => undo_post_tagging($content),
-			'post_id' => $post_id,
-			'visitor' => true,
-			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
-			'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'),
-			'placeholdertitle' => t('Title (optional)'),
-			'pagetitle' => $card_title,
-			'profile_uid' => (intval($channel['channel_id'])),
-			'catsenabled' => $catsenabled,
-			'category' => $category,
-			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
-		);
-
-		$editor = status_editor($a, $x, false, 'Card_edit');
-
-		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
-			'$title' => t('Edit Card'),
-			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
-			'$id' => $itm[0]['id'],
-			'$cancel' => t('Cancel'),
-			'$editor' => $editor
-		));
-
-		return $o;
-
-	}
-
-}

Zotlabs/Module/Cards.php

@@ -1,216 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-use App;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Web\Controller;
-use Zotlabs\Lib\PermissionDescription;
-
-require_once('include/channel.php');
-require_once('include/conversation.php');
-require_once('include/acl_selectors.php');
-
-/**
- * @brief Provides the Cards module.
- *
- */
-class Cards extends Controller {
-
-	public function init() {
-
-		if(argc() > 1)
-			$which = argv(1);
-		else
-			return;
-
-		profile_load($which);
-	}
-
-	/**
-	 * {@inheritDoc}
-	 * @see \\Zotlabs\\Web\\Controller::get()
-	 *
-	 * @return string Parsed HTML from template 'cards.tpl'
-	 */
-	public function get($update = 0, $load = false) {
-
-		if(observer_prohibited(true)) {
-			return login();
-		}
-
-		if(! App::$profile) {
-			notice( t('Requested profile is not available.') . EOL );
-			App::$error = 404;
-			return;
-		}
-
-		if(! Apps::system_app_installed(App::$profile_uid, 'Cards')) {
-			//Do not display any associated widgets at this point
-			App::$pdl = '';
-
-			$o = '<b>' . t('Cards App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Create personal planning cards');
-			return $o;
-		}
-
-		nav_set_selected('Cards');
-
-		head_add_link([
-			'rel'   => 'alternate',
-			'type'  => 'application/json+oembed',
-			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
-			'title' => 'oembed'
-		]);
-
-
-		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');
-
-		if($category) {
-			$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY));
-		}
-
-
-		$which = argv(1);
-
-		$selected_card = ((argc() > 2) ? argv(2) : '');
-
-		$_SESSION['return_url'] = App::$query_string;
-
-		$uid      = local_channel();
-		$owner    = App::$profile_uid;
-		$observer = App::get_observer();
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner, $ob_hash, 'view_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = ($uid && $uid == $owner);
-
-		$channel = channelx_by_n($owner);
-
-		if($channel) {
-			$channel_acl = [
-				'allow_cid' => $channel['channel_allow_cid'],
-				'allow_gid' => $channel['channel_allow_gid'],
-				'deny_cid'  => $channel['channel_deny_cid'],
-				'deny_gid'  => $channel['channel_deny_gid']
-			];
-		}
-		else {
-			$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
-		}
-
-
-		if(perm_is_allowed($owner, $ob_hash, 'write_pages')) {
-
-			$x = [
-				'webpage'           => ITEM_TYPE_CARD,
-				'is_owner'          => true,
-				'content_label'     => t('Add Card'),
-				'button'            => t('Save'),
-				'nickname'          => $channel['channel_address'],
-				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
-					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-				'acl'               => (($is_owner) ? populate_acl($channel_acl, false,
-					PermissionDescription::fromGlobalPermission('view_pages')) : ''),
-				'permissions'       => $channel_acl,
-				'showacl'           => (($is_owner) ? true : false),
-				'visitor'           => true,
-				'hide_location'     => false,
-				'hide_voting'       => false,
-				'profile_uid'       => intval($owner),
-				'mimetype'          => 'text/bbcode',
-				'mimeselect'        => false,
-				'layoutselect'      => false,
-				'expanded'          => false,
-				'novoting'          => false,
-				'catsenabled'       => feature_enabled($owner, 'categories'),
-				'bbco_autocomplete' => 'bbcode',
-				'bbcode'            => true
-			];
-
-			if($_REQUEST['title'])
-				$x['title'] = $_REQUEST['title'];
-			if($_REQUEST['body'])
-				$x['body'] = $_REQUEST['body'];
-
-			$editor = status_editor($a, $x, false, 'Cards');
-		}
-		else {
-			$editor = '';
-		}
-
-
-		$itemspage = get_pconfig(local_channel(),'system','itemspage');
-		App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
-		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
-
-
-		$sql_extra = item_permissions_sql($owner);
-		$sql_item = '';
-
-		if($selected_card) {
-			$r = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = 'CARD' and iconfig.v = '%s' limit 1",
-				dbesc($selected_card)
-			);
-			if($r) {
-				$sql_item = "and item.id = " . intval($r[0]['iid']) . " ";
-			}
-		}
-
-		$r = q("select * from item
-			where uid = %d and item_type = %d
-			$sql_extra $sql_item order by item.created desc $pager_sql",
-			intval($owner),
-			intval(ITEM_TYPE_CARD)
-		);
-
-		$item_normal = " and item.item_hidden = 0 and item.item_type in (0,6) and item.item_deleted = 0
-			and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
-			and item.item_blocked = 0 ";
-
-		$items_result = [];
-		if($r) {
-
-			$pager_total = count($r);
-
-			$parents_str = ids_to_querystr($r, 'id');
-
-			$items = q("SELECT item.*, item.id AS item_id
-				FROM item
-				WHERE item.uid = %d $item_normal
-				AND item.parent IN ( %s )
-				$sql_extra $sql_extra2 ",
-				intval(App::$profile['profile_uid']),
-				dbesc($parents_str)
-			);
-			if($items) {
-				xchan_query($items);
-				$items = fetch_post_tags($items, true);
-				$items_result = conv_sort($items, 'updated');
-			}
-		}
-
-		$mode = 'cards';
-
-		if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card))
-			$page_mode = 'pager_list';
-		else
-			$page_mode = 'traditional';
-
-		$content = conversation($items_result, $mode, false, $page_mode);
-
-		$o = replace_macros(get_markup_template('cards.tpl'), [
-			'$title' => t('Cards'),
-			'$editor' => $editor,
-			'$content' => $content,
-			'$pager' => alt_pager($pager_total)
-		]);
-
-		return $o;
-	}
-
-}

Zotlabs/Module/Cdav.php

@@ -200,7 +200,7 @@ class Cdav extends Controller {
 						$etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false);
 
 						// delete
-						if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) {
+						if($httpmethod === 'DELETE' && $etag && isset($cdavdata['etag']) && $cdavdata['etag'] == $etag) {
 							Libsync::build_sync_packet($channel['channel_id'], [
 								$sync => [
 									'action' => 'delete_card',
@@ -210,7 +210,7 @@ class Cdav extends Controller {
 							]);
 						}
 						else {
-							if($etag && $cdavdata['etag'] !== $etag) {
+							if($etag && isset($cdavdata['etag']) && $cdavdata['etag'] !== $etag) {
 								// update
 								Libsync::build_sync_packet($channel['channel_id'], [
 									$sync => [
@@ -317,7 +317,7 @@ class Cdav extends Controller {
 			$calendars = $caldavBackend->getCalendarsForUser($principalUri);
 
 			//create new calendar
-			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['create']) {
+			if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && (isset($_REQUEST['create']) && $_REQUEST['create'])) {
 				do {
 					$duplicate = false;
 					$calendarUri = random_string(40);
@@ -332,9 +332,9 @@ class Cdav extends Controller {
 				} while ($duplicate == true);
 
 				$properties = [
-					'{DAV:}displayname' => $_REQUEST['{DAV:}displayname'],
-					'{http://apple.com/ns/ical/}calendar-color' => $_REQUEST['color'],
-					'{urn:ietf:params:xml:ns:caldav}calendar-description' => $channel['channel_name']
+					'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname']),
+					'{http://apple.com/ns/ical/}calendar-color' => escape_tags($_REQUEST['color']),
+					'{urn:ietf:params:xml:ns:caldav}calendar-description' => escape_tags($channel['channel_name'])
 				];
 
 				$id = $caldavBackend->createCalendar($principalUri, $calendarUri, $properties);
@@ -352,7 +352,7 @@ class Cdav extends Controller {
 			}
 
 			//create new calendar object via ajax request
-			if($_REQUEST['submit'] === 'create_event' && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
+			if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'create_event') && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
 
 				$id = explode(':', $_REQUEST['target']);
 
@@ -366,7 +366,7 @@ class Cdav extends Controller {
 
 				$allday = $_REQUEST['allday'];
 
-				$title = $_REQUEST['title'];
+				$title = escape_tags($_REQUEST['title']);
 				$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
 				$dtstart = new \DateTime($start);
 
@@ -374,8 +374,8 @@ class Cdav extends Controller {
 					$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
 					$dtend = new \DateTime($end);
 				}
-				$description = $_REQUEST['description'];
-				$location = $_REQUEST['location'];
+				$description = escape_tags($_REQUEST['description']);
+				$location = escape_tags($_REQUEST['location']);
 
 				do {
 					$duplicate = false;
@@ -431,7 +431,7 @@ class Cdav extends Controller {
 			}
 
 			//edit calendar name and color
-			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && $_REQUEST['id']) {
+			if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && $_REQUEST['edit'] && $_REQUEST['id']) {
 
 				$id = explode(':', $_REQUEST['id']);
 
@@ -441,8 +441,8 @@ class Cdav extends Controller {
 				$cdavdata = $this->get_cdav_data($id[0], 'calendarinstances');
 
 				$mutations = [
-					'{DAV:}displayname' => $_REQUEST['{DAV:}displayname'],
-					'{http://apple.com/ns/ical/}calendar-color' => $_REQUEST['color']
+					'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname']),
+					'{http://apple.com/ns/ical/}calendar-color' => escape_tags($_REQUEST['color'])
 				];
 
 				$patch = new \Sabre\DAV\PropPatch($mutations);
@@ -459,7 +459,7 @@ class Cdav extends Controller {
 			}
 
 			//edit calendar object via ajax request
-			if($_REQUEST['submit'] === 'update_event' && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
+			if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'update_event') && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
 
 				$id = explode(':', $_REQUEST['target']);
 
@@ -471,18 +471,18 @@ class Cdav extends Controller {
 				$timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : '');
 				$tz = (($timezone) ? $timezone : date_default_timezone_get());
 
-				$allday = $_REQUEST['allday'];
+				$allday = intval($_REQUEST['allday']);
 
-				$uri = $_REQUEST['uri'];
-				$title = $_REQUEST['title'];
+				$uri = escape_tags($_REQUEST['uri']);
+				$title = escape_tags($_REQUEST['title']);
 				$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
 				$dtstart = new \DateTime($start);
 				if($_REQUEST['dtend']) {
 					$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
 					$dtend = new \DateTime($end);
 				}
-				$description = $_REQUEST['description'];
-				$location = $_REQUEST['location'];
+				$description = escape_tags($_REQUEST['description']);
+				$location = escape_tags($_REQUEST['location']);
 
 				$object = $caldavBackend->getCalendarObject($id, $uri);
 
@@ -654,7 +654,7 @@ class Cdav extends Controller {
 						$duplicate = true;
 				} while ($duplicate == true);
 
-				$properties = ['{DAV:}displayname' => $_REQUEST['{DAV:}displayname']];
+				$properties = ['{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname'])];
 
 				$carddavBackend->createAddressBook($principalUri, $addressbookUri, $properties);
 
@@ -668,9 +668,9 @@ class Cdav extends Controller {
 			}
 
 			//edit addressbook
-			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && intval($_REQUEST['id'])) {
+			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && $_REQUEST['id']) {
 
-				$id = $_REQUEST['id'];
+				$id = intval($_REQUEST['id']);
 
 				if(! cdav_perms($id,$addressbooks))
 					return;
@@ -678,7 +678,7 @@ class Cdav extends Controller {
 				$cdavdata = $this->get_cdav_data($id, 'addressbooks');
 
 				$mutations = [
-					'{DAV:}displayname' => $_REQUEST['{DAV:}displayname']
+					'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname'])
 				];
 
 				$patch = new \Sabre\DAV\PropPatch($mutations);
@@ -873,10 +873,8 @@ class Cdav extends Controller {
 		if((argv(1) === 'addressbook') && (! Apps::system_app_installed(local_channel(), 'CardDAV'))) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('CardDAV App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('CalDAV capable addressbook');
-			return $o;
+			$papp = Apps::get_papp('CardDAV');
+			return Apps::app_render($papp, 'module');
 		}
 
 		App::$profile_uid = local_channel();
@@ -903,19 +901,10 @@ class Cdav extends Controller {
 
 		//Display calendar(s) here
 		if(argc() <= 3 && argv(1) === 'calendar') {
-
-			head_add_css('/library/fullcalendar/packages/core/main.min.css');
-			head_add_css('/library/fullcalendar/packages/daygrid/main.min.css');
-			head_add_css('/library/fullcalendar/packages/timegrid/main.min.css');
-			head_add_css('/library/fullcalendar/packages/list/main.min.css');
+			head_add_js('/library/fullcalendar/dist/index.global.js');
 			head_add_css('cdav_calendar.css');
 
-			head_add_js('/library/fullcalendar/packages/core/main.min.js');
-			head_add_js('/library/fullcalendar/packages/interaction/main.min.js');
-			head_add_js('/library/fullcalendar/packages/daygrid/main.min.js');
-			head_add_js('/library/fullcalendar/packages/timegrid/main.min.js');
-			head_add_js('/library/fullcalendar/packages/list/main.min.js');
-
+			$o = '';
 			$sources = '';
 			$resource_id = '';
 			$resource = null;
@@ -923,6 +912,8 @@ class Cdav extends Controller {
 			if(argc() == 3)
 				$resource_id = argv(2);
 
+			$categories = '';
+
 			if($resource_id) {
 				$r = q("SELECT event.*, item.author_xchan, item.owner_xchan, item.plink, item.id as item_id FROM event LEFT JOIN item ON event.event_hash = item.resource_id
 					WHERE event.uid = %d AND event.event_hash = '%s' LIMIT 1",
@@ -946,7 +937,6 @@ class Cdav extends Controller {
 					$resource = $r[0];
 
 					$catsenabled = feature_enabled(local_channel(),'categories');
-					$categories = '';
 					if($catsenabled){
 						if($r[0]['term']) {
 							$cats = get_terms_oftype($r[0]['term'], TERM_CATEGORY);
@@ -1059,6 +1049,7 @@ class Cdav extends Controller {
 				'$cancel' => t('Cancel'),
 				'$create' => t('Create'),
 				'$recurrence_warning' => t('Sorry! Editing of recurrent events is not yet implemented.'),
+				'$disabled_warning' => t('Could not fetch calendar resource. The selected calendar might be disabled.'),
 
 				'$channel_hash' => $channel['channel_hash'],
 				'$acl' => $acl,

Zotlabs/Module/Channel.php

@@ -31,8 +31,10 @@ class Channel extends Controller {
 			goaway(z_root() . '/search?f=&search=' . $_GET['search']);
 
 		$which = null;
-		if (argc() > 1)
+		if (argc() > 1) {
 			$which = argv(1);
+		}
+
 		if (!$which) {
 			if (local_channel()) {
 				$channel = App::get_channel();
@@ -40,9 +42,9 @@ class Channel extends Controller {
 					$which = $channel['channel_address'];
 			}
 		}
+
 		if (!$which) {
-			notice(t('You must be logged in to see this page.') . EOL);
-			return;
+			http_status_exit(404, 'Not found');
 		}
 
 		$profile = 0;
@@ -53,14 +55,7 @@ class Channel extends Controller {
 			$profile = argv(1);
 		}
 
-
-		// Do not use channelx_by_nick() here since it will dismiss deleted channels.
-		// We need to provide zotinfo for deleted channels so that directories can pick up the info.
-		$r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' LIMIT 1",
-			dbesc($which)
-		);
-
-		$channel = $r[0];
+		$channel = channelx_by_nick($which, true);
 
 		if (!$channel) {
 			http_status_exit(404, 'Not found');
@@ -73,8 +68,8 @@ class Channel extends Controller {
 			$sigdata = HTTPSig::verify(file_get_contents('php://input'), EMPTY_STR, 'zot6');
 
 			if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
-				$data = json_encode(Libzot::zotinfo(['address' => $channel['channel_address'], 'target_url' => $sigdata['signer']]));
-				$s    = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+				$data = json_encode(Libzot::zotinfo(['guid_hash' => $channel['channel_hash'], 'target_url' => $sigdata['signer']]));
+				$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc limit 1",
 					dbesc($sigdata['signer'])
 				);
 
@@ -99,7 +94,11 @@ class Channel extends Controller {
 		}
 
 		if ($channel['channel_removed']) {
-			http_status_exit(404, 'Not found');
+			http_status_exit(410, 'Gone');
+		}
+
+		if (get_pconfig($channel['channel_id'], 'system', 'index_opt_out')) {
+			App::$meta->set('robots', 'noindex, noarchive');
 		}
 
 		if (ActivityStreams::is_as_request($channel)) {
@@ -107,13 +106,11 @@ class Channel extends Controller {
 			// Somebody may attempt an ActivityStreams fetch on one of our message permalinks
 			// Make it do the right thing.
 
-			$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-			if ($mid && strpos($mid, 'b64.') === 0) {
-				$decoded = @base64url_decode(substr($mid, 4));
-				if ($decoded) {
-					$mid = $decoded;
-				}
+			$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+			if ($mid === false) {
+				http_status_exit(404, 'Not found');
 			}
+
 			if ($mid) {
 				$obj = null;
 				if (strpos($mid, z_root() . '/item/') === 0) {
@@ -158,15 +155,19 @@ class Channel extends Controller {
 		profile_load($which, $profile);
 
 		// Add Opengraph markup
-		$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-		if (strpos($mid, 'b64.') === 0)
-			$mid = @base64url_decode(substr($mid, 4));
+		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
 
-		if ($mid)
+		if ($mid === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}
+
+		if ($mid) {
 			$r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
 				dbesc($mid),
 				intval($channel['channel_id'])
 			);
+		}
 
 		opengraph_add_meta((isset($r) && count($r) ? $r[0] : []), $channel);
 	}
@@ -177,12 +178,11 @@ class Channel extends Controller {
 
 		$category = $datequery = $datequery2 = '';
 
-		$mid = ((x($_REQUEST, 'mid')) ? $_REQUEST['mid'] : '');
-
-		if (strpos($mid, 'b64.') === 0)
-			$decoded = @base64url_decode(substr($mid, 4));
-		if (isset($decoded))
-			$mid = $decoded;
+		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+		if ($mid === false) {
+			notice(t('Malformed message id.') . EOL);
+			return;
+		}
 
 		$datequery  = ((x($_GET, 'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
 		$datequery2 = ((x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
@@ -226,7 +226,7 @@ class Channel extends Controller {
 
 		if (!$update) {
 
-			nav_set_selected('Channel Home');
+			nav_set_selected('Channel');
 
 			// search terms header
 			if ($search) {
@@ -247,9 +247,7 @@ class Channel extends Controller {
 				$channel_acl = ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''];
 			}
 
-
 			if ($perms['post_wall']) {
-
 				$x = [
 					'is_owner'            => $is_owner,
 					'allow_location'      => ((($is_owner || $observer) && (intval(get_pconfig(App::$profile['profile_uid'], 'system', 'use_browser_location')))) ? true : false),
@@ -269,9 +267,16 @@ class Channel extends Controller {
 					'reset'               => t('Reset form')
 				];
 
+				$a = '';
 				$o .= status_editor($a, $x, false, 'Channel');
 			}
 
+			// Add pinned content
+			if (!x($_REQUEST, 'mid') && !$search) {
+				$pinned = new \Zotlabs\Widget\Pinned;
+				$r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]);
+				$o .= $r['html'];
+			}
 		}
 
 
@@ -295,7 +300,7 @@ class Channel extends Controller {
 		$abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " ";
 
 		$simple_update = '';
-		if ($update && $_SESSION['loadtime'])
+		if ($update && isset($_SESSION['loadtime']))
 			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
 
 		if ($search) {
@@ -422,19 +427,16 @@ class Channel extends Controller {
 			$items = [];
 		}
 
-		// Add pinned content
-		if (!x($_REQUEST, 'mid') && !$search) {
-			$pinned = new \Zotlabs\Widget\Pinned;
-			$r      = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]);
-			$o      .= $r['html'];
-		}
+
 
 		$mode = (($search) ? 'search' : 'channel');
 
 		if ((!$update) && (!$load)) {
 
-			if (isset($decoded))
-				$mid = 'b64.' . base64url_encode($mid);
+
+
+			//if we got a decoded hash we must encode it again before handing to javascript
+			$mid = gen_link_id($mid);
 
 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
 			// because browser prefetching might change it on us. We have to deliver it with the page.

Zotlabs/Module/Channel_calendar.php

@@ -30,7 +30,7 @@ class Channel_calendar extends Controller {
 
 		$xchan = ((x($_POST, 'xchan')) ? dbesc($_POST['xchan']) : '');
 
-		// only allow editing your own events. 
+		// only allow editing your own events.
 		if (($xchan) && ($xchan !== get_observer_hash()))
 			return;
 
@@ -55,8 +55,8 @@ class Channel_calendar extends Controller {
 
 		// Don't allow the event to finish before it begins.
 		// It won't hurt anything, but somebody will file a bug report
-		// and we'll waste a bunch of time responding to it. Time that 
-		// could've been spent doing something else. 
+		// and we'll waste a bunch of time responding to it. Time that
+		// could've been spent doing something else.
 
 		if (strcmp($finish, $start) < 0) {
 			notice(t('Event can not end before it has started.') . EOL);
@@ -319,12 +319,12 @@ class Channel_calendar extends Controller {
 				// fixed an issue with "nofinish" events not showing up in the calendar.
 				// There's still an issue if the finish date crosses the end of month.
 				// Noting this for now - it will need to be fixed here and in Friendica.
-				// Ultimately the finish date shouldn't be involved in the query. 
+				// Ultimately the finish date shouldn't be involved in the query.
 
 				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
-					from event left join item on event.event_hash = item.resource_id 
-					where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
-					AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) 
+					from event left join item on event.event_hash = item.resource_id
+					where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored
+					AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )
 					OR  (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) ",
 					intval(local_channel()),
 					dbesc($start),
@@ -357,7 +357,7 @@ class Channel_calendar extends Controller {
 					$catsenabled = feature_enabled(local_channel(), 'categories');
 					$categories  = '';
 					if ($catsenabled) {
-						if ($rr['term']) {
+						if (isset($rr['term']) && $rr['term']) {
 							$cats = get_terms_oftype($rr['term'], TERM_CATEGORY);
 							foreach ($cats as $cat) {
 								if (strlen($categories))
@@ -449,7 +449,7 @@ class Channel_calendar extends Controller {
 						}
 
 						// The site admin can delete any post/item on the site.
-						// If the item originated on this site+channel the deletion will propagate downstream. 
+						// If the item originated on this site+channel the deletion will propagate downstream.
 						// Otherwise just the local copy is removed.
 
 						if (is_site_admin()) {

Zotlabs/Module/Chanview.php

@@ -10,53 +10,52 @@ use Zotlabs\Lib\Zotfinger;
 class Chanview extends \Zotlabs\Web\Controller {
 
 	function get() {
-	
+
 		$observer = App::get_observer();
 		$xchan = null;
-	
+
 		$r = null;
-	
-		if($_REQUEST['hash']) {
-			$r = q("select * from xchan where xchan_hash = '%s'",
+
+		if(!empty($_REQUEST['hash'])) {
+			$r = q("select * from xchan where xchan_hash = '%s' and xchan_deleted = 0",
 				dbesc($_REQUEST['hash'])
 			);
 		}
-		if($_REQUEST['address']) {
-			$r = q("select * from xchan where xchan_addr = '%s'",
+		if(!empty($_REQUEST['address'])) {
+			$r = q("select * from xchan where xchan_addr = '%s' and xchan_deleted = 0",
 				dbesc(punify($_REQUEST['address']))
 			);
 		}
-		elseif(local_channel() && intval($_REQUEST['cid'])) {
-			$r = q("SELECT abook.*, xchan.* 
+		elseif(local_channel() && !empty($_REQUEST['cid'])) {
+			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
-				WHERE abook_channel = %d and abook_id = %d",
+				WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0",
 				intval(local_channel()),
 				intval($_REQUEST['cid'])
 			);
-		}	
-		elseif($_REQUEST['url']) {
-	
+		}
+		elseif(!empty($_REQUEST['url'])) {
 			// if somebody re-installed they will have more than one xchan, use the most recent name date as this is
-			// the most useful consistently ascending table item we have. 
-	
-			$r = q("select * from xchan where xchan_url = '%s' order by xchan_name_date desc",
+			// the most useful consistently ascending table item we have.
+
+			$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0 order by xchan_name_date desc",
 				dbesc($_REQUEST['url'])
 			);
 		}
 		if($r) {
 			App::$poi = Libzot::zot_record_preferred($r, 'xchan_network');
 		}
-	
-	
+
+
 		// Here, let's see if we have an xchan. If we don't, how we proceed is determined by what
-		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or 
-		// address, we can and should try to import it. If it's just a hash, we can't continue, but we 
+		// info we do have. If it's a URL, we can offer to visit it directly. If it's a webbie or
+		// address, we can and should try to import it. If it's just a hash, we can't continue, but we
 		// probably wouldn't have a hash if we don't already have an xchan for this channel.
-	
+
 		if(! App::$poi) {
 			logger('mod_chanview: fallback');
 
-			if($_REQUEST['address']) {
+			if(!empty($_REQUEST['address'])) {
 				$href = Webfinger::zot_url(punify($_REQUEST['address']));
 				if($href) {
 					$_REQUEST['url'] = $href;
@@ -65,13 +64,13 @@ class Chanview extends \Zotlabs\Web\Controller {
 
 			$r = null;
 
-			if($_REQUEST['url']) {
+			if(!empty($_REQUEST['url'])) {
 
-				$zf = Zotfinger::exec($_REQUEST['url'], null);
+				$zf = Zotfinger::exec($_REQUEST['url']);
 
 				if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) {
 					Libzot::import_xchan($zf['data']);
-					$r = q("select * from xchan where xchan_url = '%s'",
+					$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0",
 						dbesc($_REQUEST['url'])
 					);
 					if($r) {
@@ -79,8 +78,9 @@ class Chanview extends \Zotlabs\Web\Controller {
 					}
 				}
 				if(! $r) {
+
 					if(discover_by_webbie($_REQUEST['url'])) {
-						$r = q("select * from xchan where xchan_url = '%s'",
+						$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0",
 							dbesc($_REQUEST['url'])
 						);
 						if($r) {
@@ -90,7 +90,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		if(! App::$poi) {
 			notice( t('Channel not found.') . EOL);
 			return;
@@ -98,9 +98,9 @@ class Chanview extends \Zotlabs\Web\Controller {
 
 		$is_zot = false;
 		$connected = false;
-	
+
 		$url = App::$poi['xchan_url'];
-		if(in_array(App::$poi['xchan_network'], ['zot', 'zot6'])) {
+		if(App::$poi['xchan_network'] === 'zot6') {
 			$is_zot = true;
 		}
 		if(local_channel()) {
@@ -111,29 +111,29 @@ class Chanview extends \Zotlabs\Web\Controller {
 			if($c)
 				$connected = true;
 		}
-		
-		// We will load the chanview template if it's a foreign network, 
+
+		// We will load the chanview template if it's a foreign network,
 		// just so that we can provide a connect button along with a profile
 		// photo. Chances are we can't load the remote profile into an iframe
 		// because of cross-domain security headers. So provide a link to
-		// the remote profile. 
+		// the remote profile.
 		// If we are already connected, just go to the profile.
 		// Zot channels will usually have a connect link.
-	
+
 		if($is_zot || $connected) {
 			if($is_zot && $observer) {
 				$url = zid($url);
 			}
 			goaway($url);
 		}
-		else {	
+		else {
 			$o = replace_macros(get_markup_template('chanview.tpl'),array(
 				'$url' => $url,
 				'$full' => t('toggle full screen mode')
 			));
-	
+
 			return $o;
 		}
 	}
-	
+
 }

Zotlabs/Module/Chat.php

@@ -14,7 +14,7 @@ require_once('include/bookmarks.php');
 class Chat extends Controller {
 
 	function init() {
-	
+
 		$which = null;
 		if(argc() > 1)
 			$which = argv(1);
@@ -29,79 +29,77 @@ class Chat extends Controller {
 			notice( t('You must be logged in to see this page.') . EOL );
 			return;
 		}
-	
+
 		$profile = 0;
 		$channel = App::get_channel();
-	
+
 		if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 			$which = $channel['channel_address'];
-			$profile = argv(1);		
+			$profile = argv(1);
 		}
-		
+
 		// Run profile_load() here to make sure the theme is set before
 		// we start loading content
-	
+
 		profile_load($which,$profile);
-	
+
 	}
-	
+
 	function post() {
-	
+
 		if($_POST['room_name'])
-			$room = strip_tags(trim($_POST['room_name']));	
-	
+			$room = strip_tags(trim($_POST['room_name']));
+
 		if((! $room) || (! local_channel()))
 			return;
-	
+
 		$channel = App::get_channel();
-	
-	
+
+
 		if($_POST['action'] === 'drop') {
 			logger('delete chatroom');
 			Chatroom::destroy($channel,array('cr_name' => $room));
 			goaway(z_root() . '/chat/' . $channel['channel_address']);
 		}
-	
+
 		$acl = new AccessList($channel);
 		$acl->set_from_array($_REQUEST);
-	
+
 		$arr = $acl->get();
 		$arr['name'] = $room;
 		$arr['expire'] = intval($_POST['chat_expire']);
 		if(intval($arr['expire']) < 0)
 			$arr['expire'] = 0;
-	
+
 		Chatroom::create($channel,$arr);
-	
+
 		$x = q("select * from chatroom where cr_name = '%s' and cr_uid = %d limit 1",
 			dbesc($room),
 			intval(local_channel())
 		);
-	
+
 		Libsync::build_sync_packet(0, array('chatroom' => $x));
-	
+
 		if($x)
 			goaway(z_root() . '/chat/' . $channel['channel_address'] . '/' . $x[0]['cr_id']);
-	
+
 		// that failed. Try again perhaps?
-	
+
 		goaway(z_root() . '/chat/' . $channel['channel_address'] . '/new');
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
 
 		if(! Apps::system_app_installed(App::$profile_uid, 'Chatrooms')) {
 			//Do not display any associated widgets at this point
 			App::$pdl = '';
-
-			$o = '<b>' . t('Chatrooms App') . ' (' . t('Not Installed') . '):</b><br>';
-			$o .= t('Access Controlled Chatrooms');
-			return $o;
+			$papp = Apps::get_papp('Chatrooms');
+			return Apps::app_render($papp, 'module');
 		}
-	
+
 		if(local_channel()) {
 			$channel = App::get_channel();
 			nav_set_selected('Chatrooms');
@@ -113,24 +111,24 @@ class Chat extends Controller {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 		if(! perm_is_allowed(App::$profile['profile_uid'],$observer,'chat')) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-		
+
 		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'leave')) {
 			Chatroom::leave($observer,argv(2),$_SERVER['REMOTE_ADDR']);
 			goaway(z_root() . '/channel/' . argv(1));
 		}
-	
-	
+
+
 		if((argc() > 3) && intval(argv(2)) && (argv(3) === 'status')) {
 			$ret = array('success' => false);
 			$room_id = intval(argv(2));
 			if(! $room_id || ! $observer)
 				return;
-	
+
 			$r = q("select * from chatroom where cr_id = %d limit 1",
 				intval($room_id)
 			);
@@ -139,7 +137,7 @@ class Chat extends Controller {
 			}
 			require_once('include/security.php');
 			$sql_extra = permissions_sql($r[0]['cr_uid']);
-	
+
 			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
 				intval($room_id),
 				intval($r[0]['cr_uid'])
@@ -155,9 +153,9 @@ class Chat extends Controller {
 				$ret['chatroom'] = $r[0]['cr_name'];
 				$ret['inroom'] = $y[0]['total'];
 			}
-	
+
 			// figure out how to present a timestamp of the last activity, since we don't know the observer's timezone.
-	
+
 			$z = q("select created from chat where chat_room = %d order by created desc limit 1",
 				intval($room_id)
 			);
@@ -166,40 +164,41 @@ class Chat extends Controller {
 			}
 			json_return_and_die($ret);
 		}
-	
-	
+
+
 		if(argc() > 2 && intval(argv(2))) {
-	
+
 			$room_id = intval(argv(2));
 			$bookmark_link = get_bookmark_link($ob);
-	
+
 			$x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
 			if(! $x)
 				return;
-			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
+
+			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d limit 1",
 				intval($room_id),
 				intval(App::$profile['profile_uid'])
 			);
-	
+
 			if($x) {
 				$acl = new AccessList(false);
 				$acl->set($x[0]);
-	
+
 				$private = $acl->is_private();
 				$room_name = $x[0]['cr_name'];
 				if($bookmark_link)
-					$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1'; 
+					$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1';
 			}
 			else {
 				notice( t('Room not found') . EOL);
 				return;
 			}
-	
+
 			$cipher = get_pconfig(local_channel(),'system','default_cipher');
 			if(! $cipher)
 				$cipher = 'AES-128-CCM';
-	
-	
+
+
 			$o = replace_macros(get_markup_template('chat.tpl'),array(
 				'$is_owner' => ((local_channel() && local_channel() == $x[0]['cr_uid']) ? true : false),
 				'$room_name' => $room_name,
@@ -223,7 +222,7 @@ class Chat extends Controller {
 		}
 
 		require_once('include/conversation.php');
-	
+
 		$o = '';
 
 		$acl = new AccessList($channel);
@@ -246,12 +245,12 @@ class Chat extends Controller {
 				'$deny_gid' => acl2json($channel_acl['deny_gid']),
 				'$lockstate' => $lockstate,
 				'$submit' => t('Submit')
-	
+
 			));
 		}
 
 		$rooms = Chatroom::roomlist(App::$profile['profile_uid']);
-	
+
 		$o .= replace_macros(get_markup_template('chatrooms.tpl'), array(
 			'$header' => sprintf( t('%1$s\'s Chatrooms'), App::$profile['fullname']),
 			'$name' => t('Name'),
@@ -259,15 +258,15 @@ class Chat extends Controller {
 			'$nickname' => App::$profile['channel_address'],
 			'$rooms' => $rooms,
 			'$norooms' => t('No chatrooms available'),
-			'$newroom' => t('Create New'),
+			'$newroom' => t('Add Room'),
 			'$is_owner' => ((local_channel() && local_channel() == App::$profile['profile_uid']) ? 1 : 0),
 			'$chatroom_new' => $chatroom_new,
 			'$expire' => t('Expiration'),
 			'$expire_unit' => t('min') //minutes
 		));
-	 
+
 		return $o;
-	
+
 	}
-	
+
 }

Zotlabs/Module/Chatsvc.php

@@ -1,6 +1,6 @@
 <?php /** @file */
 
-namespace Zotlabs\Module; 
+namespace Zotlabs\Module;
 
 require_once('include/security.php');
 
@@ -9,76 +9,76 @@ use \Zotlabs\Lib as Zlib;
 class Chatsvc extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		//logger('chatsvc');
-	
+
 		$ret = array('success' => false);
-	
+
 		\App::$data['chat']['room_id'] = intval($_REQUEST['room_id']);
 		$x = q("select cr_uid from chatroom where cr_id = %d and cr_id != 0 limit 1",
 			intval(\App::$data['chat']['room_id'])
 		);
 		if(! $x)
 			json_return_and_die($ret);
-	
+
 		\App::$data['chat']['uid'] = $x[0]['cr_uid'];
-	
+
 		if(! perm_is_allowed(\App::$data['chat']['uid'],get_observer_hash(),'chat')) {
 	        json_return_and_die($ret);
 	    }
-	
+
 	}
-	
+
 	function post() {
-	
+
 		$ret = array('success' => false);
-	
+
 		$room_id = \App::$data['chat']['room_id'];
 		$text = escape_tags($_REQUEST['chat_text']);
 		if(! $text)
 			return;
-	
+
 		$sql_extra = permissions_sql(\App::$data['chat']['uid']);
-	
+
 		$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
 			intval(\App::$data['chat']['uid']),
 			intval(\App::$data['chat']['room_id'])
 		);
 		if(! $r)
 			json_return_and_die($ret);
-	
+
 		$arr = array(
 			'chat_room' => \App::$data['chat']['room_id'],
 			'chat_xchan' => get_observer_hash(),
 			'chat_text' => $text
 		);
-	
+
 		call_hooks('chat_post',$arr);
-	
+
 		$x = q("insert into chat ( chat_room, chat_xchan, created, chat_text )
 			values( %d, '%s', '%s', '%s' )",
 			intval(\App::$data['chat']['room_id']),
 			dbesc(get_observer_hash()),
 			dbesc(datetime_convert()),
-			dbesc(str_rot47(base64url_encode($arr['chat_text'])))		
+			dbesc(str_rot47(base64url_encode($arr['chat_text'])))
 		);
-	
+
 		$ret['success'] = true;
 		json_return_and_die($ret);
 	}
-	
+
 	function get() {
-	
-		$status = strip_tags($_REQUEST['status']);
+
+		$status = ((isset($_REQUEST['status'])) ? strip_tags($_REQUEST['status']) : '');
 		$room_id = intval(\App::$data['chat']['room_id']);
 		$stopped = ((x($_REQUEST,'stopped') && intval($_REQUEST['stopped'])) ? true : false);
-	
+
 		if($status && $room_id) {
-	
+
 			$x = q("select channel_address from channel where channel_id = %d limit 1",
 				intval(\App::$data['chat']['uid'])
-			);			
-	
+			);
+
 			$r = q("update chatpresence set cp_status = '%s', cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
 				dbesc($status),
 				dbesc(datetime_convert()),
@@ -86,27 +86,27 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 				dbesc(get_observer_hash()),
 				dbesc($_SERVER['REMOTE_ADDR'])
 			);
-	
-			goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id);		
+
+			goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id);
 		}
-	
+
 		if(! $stopped) {
-	
+
 			$lastseen = intval($_REQUEST['last']);
-	
+
 			$ret = array('success' => false);
-	
+
 			$sql_extra = permissions_sql(\App::$data['chat']['uid']);
-	
+
 			$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
 				intval(\App::$data['chat']['uid']),
 				intval(\App::$data['chat']['room_id'])
 			);
 			if(! $r)
 				json_return_and_die($ret);
-	
+
 			$inroom = array();
-	
+
 			$r = q("select * from chatpresence left join xchan on xchan_hash = cp_xchan where cp_room = %d order by xchan_name",
 				intval(\App::$data['chat']['room_id'])
 			);
@@ -120,9 +120,9 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 						$rv['xchan_url'] = z_root();
 						$rv['xchan_hidden'] = 1;
 						$rv['xchan_photo_mimetype'] = 'image/png';
-						$rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300); 
-						$rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80); 
-						$rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48); 
+						$rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300);
+						$rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80);
+						$rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48);
 
 					}
 
@@ -137,13 +137,13 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 							$status_class = 'online';
 							break;
 					}
-		
+
 					$inroom[] = array('img' => zid($rv['xchan_photo_m']), 'img_type' => $rv['xchan_photo_mimetype'],'name' => $rv['xchan_name'], 'status' => $status, 'status_class' => $status_class);
 				}
 			}
-	
+
 			$chats = array();
-	
+
 			$r = q("select * from chat left join xchan on chat_xchan = xchan_hash where chat_room = %d and chat_id > %d order by created",
 				intval(\App::$data['chat']['room_id']),
 				intval($lastseen)
@@ -152,7 +152,7 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 				foreach($r as $rr) {
 					$chats[] = array(
 						'id' => $rr['chat_id'],
-						'img' => zid($rr['xchan_photo_m']), 
+						'img' => zid($rr['xchan_photo_m']),
 						'img_type' => $rr['xchan_photo_mimetype'],
 						'name' => $rr['xchan_name'],
 						'isotime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'c'),
@@ -163,22 +163,22 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		$r = q("update chatpresence set cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
 			dbesc(datetime_convert()),
 			intval(\App::$data['chat']['room_id']),
 			dbesc(get_observer_hash()),
 			dbesc($_SERVER['REMOTE_ADDR'])
 		);
-	
+
 		$ret['success'] = true;
 		if(! $stopped) {
 			$ret['inroom'] = $inroom;
 			$ret['chats'] = $chats;
 		}
 		json_return_and_die($ret);
-	
+
 	}
-			 
-	
+
+
 }

Zotlabs/Module/Cloud.php

@@ -70,7 +70,7 @@ class Cloud extends Controller {
 			$_SESSION['cloud_sort'] = 'name';
 		}
 
-		$_SESSION['cloud_sort'] = (($_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);
+		$_SESSION['cloud_sort'] = ((isset($_REQUEST['sort']) && $_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);
 
 		$x = clean_query_string();
 		if($x !== \App::$query_string)
@@ -100,7 +100,6 @@ class Cloud extends Controller {
 
 
 		// over-ride the default XML output on thrown exceptions
-
 		$server->on('exception', [ $this, 'DAVException' ]);
 
 		// All we need to do now, is to fire up the server
@@ -117,21 +116,19 @@ class Cloud extends Controller {
 	function DAVException($err) {
 
 		if($err instanceof \Sabre\DAV\Exception\NotFound) {
-			notice( t('Not found') . EOL);
+			\App::$page['content'] = '<h2>404 Not found</h2>';
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\Forbidden) {
-			notice( t('Permission denied') . EOL);
+			\App::$page['content'] = '<h2>403 Forbidden</h2>';
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\NotImplemented) {
-			// notice( t('Please refresh page') . EOL);
 			goaway(z_root() . '/' . \App::$query_string);
 		}
 		else {
-			notice( t('Unknown error') . EOL);
+			\App::$page['content'] = '<h2>Unknown error</h2>';
 		}
 
 		construct_page();
-
 		killme();
 	}
 

Zotlabs/Module/Cloud_tiles.php

@@ -6,7 +6,7 @@ class Cloud_tiles extends \Zotlabs\Web\Controller {
 
 	function init() {
 
-		if(intval($_SESSION['cloud_tiles']))
+		if(isset($_SESSION['cloud_tiles']) && intval($_SESSION['cloud_tiles']))
 			$_SESSION['cloud_tiles'] = 0;
 		else
 			$_SESSION['cloud_tiles'] = 1;
@@ -18,4 +18,4 @@ class Cloud_tiles extends \Zotlabs\Web\Controller {
 		goaway(z_root() . '/' . hex2bin(argv(1)));
 
 	}
-}
+}

Zotlabs/Module/Connections.php

@@ -2,32 +2,32 @@
 namespace Zotlabs\Module;
 
 use App;
+use Zotlabs\Lib\Permcat;
 
 require_once('include/socgraph.php');
 require_once('include/selectors.php');
-require_once('include/group.php');
 
 class Connections extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		if(! local_channel())
 			return;
 
 		App::$profile_uid = local_channel();
-	
+
 		$channel = App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);
-	
+
 	}
-	
+
 	function get() {
-	
+
 		$sort_type = 0;
 		$o = '';
-	
-	
+
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return login();
@@ -44,13 +44,13 @@ class Connections extends \Zotlabs\Web\Controller {
 		$pending     = false;
 		$unconnected = false;
 		$all         = false;
-	
-		if(! $_REQUEST['aj'])
+
+		if(!(isset($_REQUEST['aj']) && $_REQUEST['aj']))
 			$_SESSION['return_url'] = App::$query_string;
-	
+
 		$search_flags = "";
 		$head = '';
-	
+
 		if(argc() == 2) {
 			switch(argv(1)) {
 				case 'active':
@@ -106,7 +106,7 @@ class Connections extends \Zotlabs\Web\Controller {
 	//				$head = t('Unconnected');
 	//				$unconnected = true;
 	//				break;
-	
+
 				case 'all':
 					$head = t('All');
 					break;
@@ -115,20 +115,22 @@ class Connections extends \Zotlabs\Web\Controller {
 					$active = true;
 					$head = t('Active');
 					break;
-	
+
 			}
-	
+
 			$sql_extra = $search_flags;
 			if(argv(1) === 'pending')
 				$sql_extra .= " and abook_ignored = 0 ";
-	
+
 		}
 		else {
 			$sql_extra = " and abook_blocked = 0 ";
 			$unblocked = true;
 		}
-	
-		switch($_REQUEST['order']) {
+
+		$order = $_REQUEST['order'] ?? '';
+
+		switch($order) {
 			case 'name_desc':
 				$sql_order = 'xchan_name DESC';
 				break;
@@ -143,32 +145,33 @@ class Connections extends \Zotlabs\Web\Controller {
 		}
 
 		$search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : '');
-	
+		$search_xchan = ((x($_REQUEST,'search_xchan')) ? notags(trim($_REQUEST['search_xchan'])) : '');
+
 		$tabs = array(
 			/*
 			array(
 				'label' => t('Suggestions'),
-				'url'   => z_root() . '/suggest', 
+				'url'   => z_root() . '/suggest',
 				'sel'   => '',
 				'title' => t('Suggest new connections'),
 			),
 			*/
-	
+
 			'active' => array(
 				'label' => t('Active Connections'),
-				'url'   => z_root() . '/connections/active', 
+				'url'   => z_root() . '/connections/active',
 				'sel'   => ($active) ? 'active' : '',
 				'title' => t('Show active connections'),
 			),
 
 			'pending' => array(
 				'label' => t('New Connections'),
-				'url'   => z_root() . '/connections/pending', 
+				'url'   => z_root() . '/connections/pending',
 				'sel'   => ($pending) ? 'active' : '',
 				'title' => t('Show pending (new) connections'),
 			),
-	
-	
+
+
 			/*
 			array(
 				'label' => t('Unblocked'),
@@ -177,68 +180,75 @@ class Connections extends \Zotlabs\Web\Controller {
 				'title' => t('Only show unblocked connections'),
 			),
 			*/
-	
+
 			'blocked' => array(
 				'label' => t('Blocked'),
 				'url'   => z_root() . '/connections/blocked',
 				'sel'   => ($blocked) ? 'active' : '',
 				'title' => t('Only show blocked connections'),
 			),
-	
+
 			'ignored' => array(
 				'label' => t('Ignored'),
 				'url'   => z_root() . '/connections/ignored',
 				'sel'   => ($ignored) ? 'active' : '',
 				'title' => t('Only show ignored connections'),
 			),
-	
+
 			'archived' => array(
 				'label' => t('Archived/Unreachable'),
 				'url'   => z_root() . '/connections/archived',
 				'sel'   => ($archived) ? 'active' : '',
 				'title' => t('Only show archived/unreachable connections'),
 			),
-	
+
 			'hidden' => array(
 				'label' => t('Hidden'),
 				'url'   => z_root() . '/connections/hidden',
 				'sel'   => ($hidden) ? 'active' : '',
 				'title' => t('Only show hidden connections'),
 			),
-	
+
 	//		array(
 	//			'label' => t('Unconnected'),
 	//			'url'   => z_root() . '/connections/unconnected',
 	//			'sel'   => ($unconnected) ? 'active' : '',
 	//			'title' => t('Only show one-way connections'),
 	//		),
-	
+
 
 			'all' => array(
 				'label' => t('All Connections'),
-				'url'   => z_root() . '/connections', 
+				'url'   => z_root() . '/connections',
 				'sel'   => ($all) ? 'active' : '',
 				'title' => t('Show all connections'),
 			),
-	
+
 		);
-	
+
 		//$tab_tpl = get_markup_template('common_tabs.tpl');
 		//$t = replace_macros($tab_tpl, array('$tabs'=>$tabs));
-	
+
 		$searching = false;
+		$search_hdr = '';
+
 		if($search) {
 			$search_hdr = $search;
-			$search_txt = dbesc(protect_sprintf(preg_quote($search)));
-			$searching = true;
+			$search_txt = (($search_xchan) ? urldecode($search_xchan) : preg_quote($search));
+
+			if ($search_xchan) {
+				$sql_extra .= " AND xchan_hash = '" . protect_sprintf(dbesc($search_txt)) . "' ";
+			}
+			else {
+				$sql_extra .= " AND xchan_name LIKE '%%" . protect_sprintf(dbesc($search_txt)) . "%%' ";
+			}
 		}
-		$sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : "");
-	
-		if($_REQUEST['gid']) {
+
+		if(isset($_REQUEST['gid']) && $_REQUEST['gid']) {
 			$sql_extra .= " and xchan_hash in ( select xchan from pgrp_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) ";
 		}
-	 	
-		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash 
+
+		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
 			where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ",
 			intval(local_channel())
 		);
@@ -246,32 +256,39 @@ class Connections extends \Zotlabs\Web\Controller {
 			App::set_pager_total($r[0]['total']);
 			$total = $r[0]['total'];
 		}
-	
+
 		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
 			WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ORDER BY $sql_order LIMIT %d OFFSET %d ",
 			intval(local_channel()),
 			intval(App::$pager['itemspage']),
 			intval(App::$pager['start'])
 		);
-	
+
+		$roles = new Permcat(local_channel());
+		$roles_list = $roles->listing();
+		$roles_dict = [];
+
+		foreach ($roles_list as $role) {
+			$roles_dict[$role['name']] = $role['localname'];
+		}
+
 		$contacts = array();
-	
+
 		if($r) {
 
-			vcard_query($r);
+			//vcard_query($r);
 
 
 			foreach($r as $rr) {
 				if($rr['xchan_url']) {
 
-					if(($rr['vcard']) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr'])
+					if((isset($rr['vcard'])) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr'])
 						$phone = $rr['vcard']['tels'][0]['nr'];
 					else
 						$phone = '';
-	
+
 					$status_str = '';
 					$status = array(
-						((intval($rr['abook_active'])) ? t('Active') : ''),
 						((intval($rr['abook_pending'])) ? t('Pending approval') : ''),
 						((intval($rr['abook_archived'])) ? t('Archived') : ''),
 						((intval($rr['abook_hidden'])) ? t('Hidden') : ''),
@@ -306,7 +323,7 @@ class Connections extends \Zotlabs\Web\Controller {
 						$perminfo['connperms'] .= t('Nothing');
 					}
 
-	
+
 					foreach($status as $str) {
 						if(!$str)
 							continue;
@@ -314,19 +331,16 @@ class Connections extends \Zotlabs\Web\Controller {
 						$status_str .= ', ';
 					}
 					$status_str = rtrim($status_str, ', ');
-	
+
 					$contacts[] = array(
 						'img_hover' => sprintf( t('%1$s [%2$s]'),$rr['xchan_name'],$rr['xchan_url']),
 						'edit_hover' => t('Edit connection'),
 						'edit' => t('Edit'),
 						'delete_hover' => t('Delete connection'),
 						'id' => $rr['abook_id'],
-						'thumb' => $rr['xchan_photo_m'], 
+						'thumb' => $rr['xchan_photo_m'],
 						'name' => $rr['xchan_name'],
 						'classes' => ((intval($rr['abook_archived']) || intval($rr['abook_not_here'])) ? 'archived' : ''),
-						'link' => z_root() . '/connedit/' . $rr['abook_id'],
-						'deletelink' => z_root() . '/connedit/' . intval($rr['abook_id']) . '/drop',
-						'delete' => t('Delete'),
 						'url' => chanlink_hash($rr['xchan_hash']),
 						'webbie_label' => t('Channel address'),
 						'webbie' => $rr['xchan_addr'],
@@ -337,6 +351,7 @@ class Connections extends \Zotlabs\Web\Controller {
 						'phone' => $phone,
 						'status_label' => t('Status'),
 						'status' => $status_str,
+						'states' => $status,
 						'connected_label' => t('Connected'),
 						'connected' => datetime_convert('UTC',date_default_timezone_get(),$rr['abook_created'], 'c'),
 						'approve_hover' => t('Approve connection'),
@@ -348,15 +363,24 @@ class Connections extends \Zotlabs\Web\Controller {
 						'oneway' => $oneway,
 						'perminfo' => $perminfo,
 						'connect' => (intval($rr['abook_not_here']) ? t('Connect') : ''),
-						'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=0',
-						'connect_hover' => t('Connect at this location')
+						'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=1',
+						'connect_hover' => t('Connect at this location'),
+						'role' => $roles_dict[$rr['abook_role']] ?? '',
+						'pending' => intval($rr['abook_pending'])
 					);
 				}
 			}
 		}
-		
-	
-		if($_REQUEST['aj']) {
+
+		$limit = service_class_fetch(local_channel(),'total_channels');
+		if($limit !== false) {
+			$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total, $limit);
+		}
+		else {
+			$abook_usage_message = '';
+ 		}
+
+		if(isset($_REQUEST['aj']) && $_REQUEST['aj']) {
 			if($contacts) {
 				$o = replace_macros(get_markup_template('contactsajax.tpl'),array(
 					'$contacts' => $contacts,
@@ -371,27 +395,30 @@ class Connections extends \Zotlabs\Web\Controller {
 		}
 		else {
 			$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
-			$o .= replace_macros(get_markup_template('connections.tpl'),array(
+			$o .= replace_macros(get_markup_template('connections.tpl'), [
 				'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
 				'$tabs' => $tabs,
 				'$total' => $total,
 				'$search' => $search_hdr,
 				'$label' => t('Search'),
-				'$desc' => t('Search your connections'),
-				'$finding' => (($searching) ? t('Connections search') . ": '" . $search . "'" : ""),
+				'$role_label' => t('Contact role'),
+				'$desc' => $search ?? t('Search your connections'),
+				'$finding' => (($searching) ? t('Contact search') . ": '" . $search . "'" : ""),
 				'$submit' => t('Find'),
 				'$edit' => t('Edit'),
+				'$approve' => t('Approve'),
 				'$cmd' => App::$cmd,
 				'$contacts' => $contacts,
 				'$paginate' => paginate($a),
-	
-			)); 
+				'$abook_usage_message' => $abook_usage_message,
+				'$group_label' => t('This is a group/forum channel')
+			]);
 		}
-	
+
 		if(! $contacts)
 			$o .= '<div id="content-complete"></div>';
-	
+
 		return $o;
 	}
-	
+
 }