Merge branch '8.2RC'

(cherry picked from commit 95cbcf30d7)

.gitlab-ci.yml

@@ -1,7 +1,9 @@
 # Select image from https://hub.docker.com/_/php/
 #image: php:7.3
 # Use a prepared Hubzilla image to optimise pipeline duration
-image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+# image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+
+image: php:8.1
 
 stages:
   - test
@@ -35,7 +37,12 @@ before_script:
 - if [ -f /usr/local/etc/php/conf.d/z_prod.ini ]; then mv /usr/local/etc/php/conf.d/z_prod.ini /usr/local/etc/php/conf.d/z_prod.ini.off; fi
 # Install & enable Xdebug for code coverage reports
 - pecl install xdebug
+- apt-get update
+- apt-get install zip unzip libjpeg-dev libpng-dev -yqq
 - docker-php-ext-enable xdebug
+- docker-php-ext-install gd
+
+
 # Install composer
 - curl -sS https://getcomposer.org/installer | php
 # Install dev libraries from composer
@@ -43,31 +50,38 @@ before_script:
 # php.ini settings
 - echo 'xdebug.mode=coverage' >> /usr/local/etc/php/php.ini
 
-# hidden job definition with template for MySQL/MariaDB
-.job_template_mysql: &job_definition_mysql
+# hidden job definition with template for PHP
+.job_template_php: &job_definition_php
   stage: test
   script:
-  - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
-  - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
-  - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
   - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
 
+
+# hidden job definition with template for MySQL/MariaDB
+#.job_template_mysql: &job_definition_mysql
+#  stage: test
+#  script:
+#  - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+#  - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+#  - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
+#  - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
+
 # hidden job definition with template for PostgreSQL
-.job_template_postgres: &job_definition_postgres
-  stage: test
-  services:
-  - postgres:latest
-  script:
-  - export PGPASSWORD=$POSTGRES_PASSWORD
-  - psql --version
-  - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT VERSION();"
+#.job_template_postgres: &job_definition_postgres
+#  stage: test
+#  services:
+#  - postgres:latest
+#  script:
+#  - export PGPASSWORD=$POSTGRES_PASSWORD
+#  - psql --version
+#  - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT VERSION();"
   # Import hubzilla's DB schema
-  - psql -h "postgres" -U "$POSTGRES_USER" -v ON_ERROR_STOP=1 --quiet "$POSTGRES_DB" < ./install/schema_postgres.sql
+#  - psql -h "postgres" -U "$POSTGRES_USER" -v ON_ERROR_STOP=1 --quiet "$POSTGRES_DB" < ./install/schema_postgres.sql
   # Show databases and relations/tables of hubzilla's database
   #- psql -h "postgres" -U "$POSTGRES_USER" -l
   #- psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;"
   # Run the actual tests
-  - vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox
+#  - vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox
 
 # hidden job definition with artifacts config template
 .artifacts_template:
@@ -82,36 +96,41 @@ before_script:
       - tests/results/
 
 
-# PHP7.3 with MySQL 5.7
-php7.3_mysql5.7:
-  <<: *job_definition_mysql
-  services:
-  - mysql:5.7
+# PHP8.1
+php8.1:
+  <<: *job_definition_php
+
+# PHP8.0 with MySQL 5.7
+#php8.0_mysql5.7:
+#  <<: *job_definition_mysql
+#  services:
+#  - mysql:5.7
 
 
-# PHP7.3 with MySQL 8 (latest)
-php7.3_mysql8:
-  <<: *job_definition_mysql
-  services:
-  - name: mysql:8
-    command: ["--default-authentication-plugin=mysql_native_password"]
+# PHP8.0 with MySQL 8 (latest)
+#php8.0_mysql8:
+#  <<: *job_definition_mysql
+#  services:
+#  - name: mysql:8
+#    command: ["--default-authentication-plugin=mysql_native_password"]
 
 
-# PHP7.3 with MariaDB 10.2
-php7.3_mariadb10.2:
-  <<: *job_definition_mysql
-  services:
-  - name: mariadb:10.2
-    alias: mysql
+# PHP8.0 with MariaDB 10.2
+#php8.0_mariadb10.2:
+#  <<: *job_definition_mysql
+#  services:
+#  - name: mariadb:10.2
+#    alias: mysql
 
 
-# PHP7.3 with MariaDB 10.3 (latest)
-php7.3_mariadb10.3:
-  <<: *job_definition_mysql
-  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
-  services:
-  - name: mariadb:10.3
-    alias: mysql
+# PHP8.0 with MariaDB 10.3 (latest)
+#php8.0_mariadb10.3:
+#  <<: *job_definition_mysql
+#  image: php:8.0
+  #image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
+#  services:
+#  - name: mariadb:10.3
+#    alias: mysql
 
 
 # PHP7.3 with PostgreSQL latest (11)
@@ -131,7 +150,7 @@ php7.3_mariadb10.3:
 pages:
   stage: deploy
   cache: {}
-  image: php:7-cli-alpine
+  image: php:8-cli-alpine
   before_script:
     - apk update
     - apk add doxygen ttf-freefont graphviz

CHANGELOG

@@ -1,3 +1,403 @@
+Hubzilla 8.2 (2023-03-19)
+	- Remove redundant untranslated htconfig templates
+	- Implement workaround for friendica image/attachment construct
+	- Implement notification exception for forum posts repeated by group actors
+	- Updated es translations
+	- Rewrite totp multifactor auth and move it from addon to core (ported from streams)
+	- Implement page load progress indicator for pwa standalone mode
+	- Improved mod HQ logic to save some DB lookups
+	- Default owner_xchan to sender in Activity::store() except for fetched items
+	- Improved contact search
+	- Do not force new thread if announce comes from group actor
+	- Disable oembed in notes app
+	- Improved queue handling
+	- Slightly restructure conv item head
+	- Implemet author images in HQ widget
+	- Implement author filter in HQ widget
+	- Add config option db_skip_locked_supported which should be set if the DB backend supports skip locked
+	- Updated simple pie library
+	- Updated smarty library
+	- Updated forkawesome library
+	- Updated fullcalendar library
+	- Implement native dark/light mode in favour of dark/light schema
+	- Updated bootstrap library
+
+	Bugfixes
+	- Fix channel calendar location html not interpreted - issue #1728
+	- Fix max oembed size check if content length header is an array
+	- Fix group actor wall posts turned into direct messages when posting article or card
+	- Fix non zot profile mentions using zrl tag
+	- Fix message filter > and < not decoded
+	- Fix deleted hublocs included in author lookup
+	- Fix some more PHP warnings
+	- Fix syntax for get_compund_property()
+	- Fix xchan_pubforum not set on actor updates
+	- Fix duplicate directory entries for xchans with bogus second primary entry
+	- Fix missing created timestamp in like activity - issue #1729
+	- Fix messages not signed when posting from non primary locations
+	- Fix pinned post regression
+	- Fix autocomplete items not selectable on mobile
+	- Fix hubloc confusion in Libzot::fetch_conversation()
+	- Fix valid duplicate notification entries deduplicated
+	- Fix ics file import
+	- Fix recipients deduplication in some places
+	- Fix hashtag encoded with href instead of id
+
+	Addons
+	- Pubcrawl: re-implement encrypted content which got lost in transition
+	- Pubcrawl: flag fetched items
+	- Totp: removed from addons in favor of implementation in core
+	- Pubcrawl: fix delivery issues for relayed activities
+	- Cart: fix missing bootstrap namespace
+	- Gallery: do not inject gallery code in webpages
+	- Pubcrawl: fix sql error if mentions string is empty
+	- Cart: fix paypal order hash size
+
+
+Hubzilla 8.0 (2023-01-13)
+	- Updated ru strings
+	- Implement ability to edit addon PDL with pdledit_gui and pdledit
+	- Implement queueworker auto sleep time
+	- Always add sys channel to receivers for public items
+	- Improved server sent events loop
+	- Exclude not tagable xchan networks handle_tag()
+	- Add mark html tag to the html2bbcode parser
+	- Embed or attach uploaded files depending on file type
+	- Changed logic to enable site only public stream - please revisit admin setting
+	- Updated nb-no strings
+	- Moved queueworker to core
+	- Provide a PDL file for mod invite and set the profile
+	- Disabled outdated context help
+	- Mark unseen items seen after a certain amount of time (default 90 days)
+	- Slightly restructure lib webfinger
+	- Improved redbasic dark schema
+	- Implement unseen thread and unseen items count in HQ widget
+	- In unseen items notifications just count the first 99 and display 99+ if there are more
+
+	Bugfixes
+	- Fix race conditions when processing multiple choice polls
+	- Fix affinity slider updates - issue #1714
+	- Fix issue where accounts created with a did2 could change their password
+	- Fix no message displayed if file not found in mod cloud
+	- Fix pubstream tagcloud unthreaded view
+	- Fix french invite template
+	- Fix comment permission issue in site only public stream
+	- Fix privacy tag not referring to latest hubloc entry
+	- Fix selected item not highlighted
+	- Fix poll issue when special chars and spaces are involved
+	- Fix prune_hub_reinstalls() to only care about zot6 hublocs
+	- Fix redis session PHP warnings
+	- Fix remote visitor photo uploads
+	- Fix mod shredwithme not showing any items
+	- Fix api_auth not referring to latest hubloc entry
+	- Fix category widget URLs
+	- Fix poller always polling broken feeds
+	- Fix sse event always triggered if public stream notification are off or the app is not installed
+	- Fix more PHP8 warnings
+	- Fix wrong variable in tag_deliver()
+	- Fix mod follow use trim() after punify() - issue #1698
+
+	Addons
+	- Cards: update widget info
+	- Articles: update widget info
+	- Wiki: update widget info
+	- Sse: filter apporvals
+	- Cards: use html_entity_decode before purify and html2plain for summary
+	- Articles: use html_entity_decode before purify and html2plain for summary
+	- Wiki: use html_entity_decode before purify and html2plain for summary
+	- Cards: fix comments not displayed if filter by category
+	- Articles: fix comments not displayed if filter by category
+	- Sse: respect the site public stream setting
+	- Queueworker: moved to core
+	- Pubcrawl: move db query out of foreach loop
+	- Pubcrawl: add mentions and thread owner to recipients for public items
+
+
+Hubzilla 7.8.7 (2022-12-03)
+	- Fix regression when adding feed contacts
+	- Fix regression new channel calendar event not created
+
+
+Hubzilla 7.8.6 (2022-11-14)
+	- Fix typo in boot.php
+
+
+Hubzilla 7.8.5 (2022-11-13)
+	- Fix outbound edit activity not of type update
+	- Fix mod display not falling through to fetch public item
+	- Fix more PHP warnings
+	- Fix regression in items_fetch() which resulted in empty atom feed
+	- Pubcrawl: cleanup and slightly restructre mod inbox
+
+
+Hubzilla 7.8.4 (2022-11-09)
+	- Fix new uuid created when editing a post
+
+
+Hubzilla 7.8.3 (2022-11-07)
+	- Fix regression where auto created directories were not created with public permissions
+	- Fix regression where pinned/featured state of apps was not displayed correctly
+
+
+Hubzilla 7.8.2 (2022-11-05)
+	- Pubcrawl: fix regression in inbox
+	- Fix display issue of shares coming from streams
+	- Throw a 404 if we could not determine which channel to load
+	- If we have a cached xchan/hubloc entry, make sure we fetch the latest
+	- Gallery: paint the background grid with css
+
+
+Hubzilla 7.8.1 (2022-10-26)
+	- Silence tons of PHP warnings in core
+	- Catch decryption failure edgecase in receiver
+	- Deal with conversation privacy mismatches in Activity::store()
+	- Composer libs updates
+	- Fix timeago strings not always translated
+	- Fix edit link regression in cards addon
+	- Fix edit link regression in article addon
+
+
+Hubzilla 7.8 (2022-10-10)
+	- Updated spanish translations
+	- Always update hubloc_updated timestamp if a hubloc is updated
+	- Do better with re-installs in various situations
+	- Update htconfig templates
+	- Emit an info if an item is deleted manually (issue #1691)
+	- Updated german translations
+	- Make Activity::actor_store() fetch the actor object if none is provided
+	- Check for various forms of as:Public for compatibility
+	- Cleanup dark schema
+	- Make use of CSS variables in redbasic
+	- Implement link hover color in redbasic
+	- Update to bootstrap version 5.2 which implements CSS variables
+
+	Bugfixes
+	- Fix stream filter for polls and events does not work anymore (issue #1694)
+	- Fix item menu display issue
+	- Fix HQ widget displaying superblocked items
+	- Fix mod poke
+	- Fix link to article or card not processed correctly if umlauts are involved (issue #1687)
+	- Fix mod siteinfo containing a dead link (issue #1690)
+	- Fix permission issue when displaying things (issue #1686).
+	- Fix check for existing profiles (issue #1688)
+	- Fix modal missing for conversation settings
+	- Fix missing closing div tag if there are no recent channel activities
+	- Fix issue where an unkown diaspora author was not imported if the comment arrived via a relayed activity
+	- Fix mangled xchan_url due to escape_tags()
+	- Fix the AP url not decode bin mod search
+	- Fix some php warnings
+
+	Addons
+	- Wiki: move create_missing_page() from widget to module
+	- Superblock: implement blocking for messages widget_item
+	- Diaspora: fix verification of relayed comments and likes
+	- Pubcrawl: make sure to store the attributedTo actor in announce activities
+	- Diaspora: fix issue where an unkown author was not imported if the comment arrived via a relayed activity
+
+
+Hubzilla 7.6.1 (2022-08-07)
+	Bugfixes
+	- Fix attachments displayed in visible response activities
+	- Fix wrong attribution in unseen like notifications
+
+	Addons
+	- Cards: fix widget not implemented via pdl file (requires re-install)
+	- Articles: fix widget not implemented via pdl file (requires re-install)
+	- Wiki: fix widget not implemented via pdl file (requires re-install)
+
+
+Hubzilla 7.6 (2022-07-26)
+	- Add filter rule to check for false condition
+	- Implement HQ dashboard to display recently created content for various modules
+	- Updated spanish translations
+	- Implement a max oembed size which defaults to 1MB
+	- Update composer libs
+
+	Addons
+	- Cart: do not attempt oembed
+	- Cards: implement channel_activities_widget for HQ dashboard
+	- Articles: implement channel_activities_widget for HQ dashboard
+	- Wiki: implement channel_activities_widget for HQ dashboard
+
+	Bugfixes
+	- Fix language filter filtering ambigous results
+	- Fix vcard-card background for dark schema
+	- Fix contact edit dialog not displayed in chrome browser
+	- Fix readability of category pills in dark schema
+	- Fix opengraph images inside zmg opening tag
+	- Fix oembed attempted for text previews
+
+
+Hubzilla 7.4 (2022-06-01)
+	- Updated russian translations
+	- Raise min PHP version to 8.0
+	- Rewrite inbound attachment handling
+	- Move photo flag feature from addon to core
+	- Adjust default production php logging
+	- Update composer libs
+	- Add a hidden config to enable the hs2019 http signature algorithm
+	- Allow starring of pubstream items
+	- Update spanish translations
+	- Add the title in forum post reshares if applicable
+	- Implement inbound pleroma reactions
+	- Add real name info to the navbar template data
+	- Add the updated date to the icon url so that other platforms will pick it up on change
+	- Move wiki from core to addon
+	- Move articles from core to addon
+	- Move cards from core to addon
+
+	Addons
+	- Rendezvous: add missing default value to sql schema
+	- Wiki: moved from core to addons
+	- Articles: moved from core to addons
+	- Cards: moved from core to addons
+	- Photoflag: moved to core
+	- Sse: fix issue where notifications were emited for created tasks
+
+	Bugfixes
+	- Fix issue where inbound activitypub items lost image descriptions (issue 1679)
+	- Fix issue where observer tags were not rendered correctly in event items (issue 1674)
+	- Fix forum posts leaked into network stream
+	- Fix tags not found in search if not logged in (issue 1677)
+	- Fix dislikes causing stuck notifications (issue 1676)
+
+
+Hubzilla 7.2.2 (2022-04-26)
+	- Fix item_verified not set due to data structure changes
+
+
+Hubzilla 7.2.1 (2022-04-25)
+	- Fix changing profile image from new member widget - issue #1671
+	- Fix regression with incoming poll answers from activitypub introduced in 7.2
+	- Fix addons not removed from the DB when removed from the filesystem
+	- Fix regression in attaching images for activitypub introduced in 7.2
+	- Move activitypub addressing from core to the pubcrawl addon
+	- Fix hub re-install issues
+	- Fediwordle: slightly improved algorithm
+
+
+Hubzilla 7.2 (2022-03-29)
+	- Streamline comment policy with downstream project
+	- Add new function is_local_url()
+	- Add helper function to escape URLs
+	- Add signing algorithm to zotinfo()
+	- Store signing algorithm in import_xchan()
+	- Use bootstrap-nightfall for redbasic:dark schema
+	- Add support for hs2019
+	- Remove unused function script_path()
+	- Move login and register button into the hamburger menu for small screens
+	- Collect accept headers in an array instead of a concatenated string
+	- Update composer libs
+	- Enhanced content filters
+	- Improve mod gprobe to also deal with URLs
+	- Adapt unseen forum posts query in mod network to new forum post style
+	- Remove deprecated widgets
+	- Add inbound support for quoteUrl to Lib/Activity
+	- Add widget descriptions
+	- Add a GUI for the PDL editor
+
+	Addons
+	- Pubcrawl: deprecate as.php in favor of core libs
+	- Pubcrawl: rewrite/modernize mod inbox
+	- Pubcrawl: reflect core enhanced content filter changes
+	- Diaspora: reflect core enhanced content filter changes
+	- Fediwordle: new addon - a distributed word game inspired by wordle
+	- Pubcrawl: streamline post_local hook with diaspora
+
+	Bugfixes
+	- Fix comments_closed date on posts where comments are disabled
+	- Fix open redirect via rpath query param (CVE-2022-27256)
+	- Fix cross-site scripting via rpath query param (CVE-2022-27258)
+	- Fix local file inclusion in redbasic theme (CVE-2022-27257)
+	- Fix baseurl for css and js
+	- Fix duplicate IDs in login form
+	- Fix unknown author not fetched if w2w comment arrives
+	- Fix thr_parent lost across edits
+
+
+Hubzilla 7.0.3 (2022-02-10)
+	- Allow to override the charset for the PDO connection string via $db_charset in .htconfig.php
+
+
+Hubzilla 7.0.2 (2022-02-09)
+	- Update french templates
+	- Add charset to the PDO connection strings
+	- Introduce delete keytype for get_activitystreams_key()
+	- Fix PHP error in Daemon/Externals
+	- Improved actor cache handling
+	- Implement manual fetch of packed local links
+	- Add JSalmon data to the meta field instead of data in Lib/ActivityStreams
+	- Fix some PHP8.1 deprecation warnings
+	- Fix delivery report for likes not found in some cases
+	- Allow zotfinger to recurse through all known hublocs if the one we got does not exist (404) or got removed (410)
+	- Diaspora: improve relaying of comments
+	- Fix regression in mod hcard
+	- Add the LD signature in Daemon/Notifier in case where there is no signed data available
+	- Prevent zot6 packet being saved as AP raw message
+	- Attach iconfig to the activity instead of the activity object
+
+	Addons
+	- Pubcrawl: make sure the sys channel falls through the app installed check
+	- Pubcrawl: improve local delivery of shared inbox items
+
+
+Hubzilla 7.0.1 (2022-01-28)
+	- Fix removing contacts from privacy groups in the contact edit modal
+	- Fix escape_tags() messing with URLs in actor_store()
+	- Fix pagination in the cards module if a category is selected
+	- Remove unused entries in webfinger
+	- Remove deprecated mail app from apps
+	- Set item_hidden for forum comment announces
+	- Fix relaying of signed messages for activitypub
+	- Fix contact role permissions not re-assigned if the role permission has changed
+	- Fix default channel role not set in rare cases
+
+	Addons
+	- Pubcrawl: fix webfinger not returning the fetched URL
+	- Pubcrawl: improved queue handling for rejected deliveries
+
+
+Hubzilla 7.0 (2022-01-21)
+	- Provide theme_color and background_color in App::$theme_info for usage in page meta and manifest
+	- PWA improvements according to lighthouse
+	- Refactor mod profile_photo
+	- Remove core legacy mail code
+	- Set session samesite cookie flag
+	- Improve toc bbcode for more flexible usecases
+	- Deprecate include/group in favor of Lib/AccessList
+	- Deprecate AccessList::widget()
+	- Mark forum channel profile images with a small icon in the timelines
+	- Improve privacy groups UI/UX
+	- Do not show connections widget if there are no connections
+	- Remove suggestions widget from various modules
+	- Provide guest access links for private resources in lockview
+	- Improve pconfig syncing
+	- deprecate include/group in favor of Lib/AccessList
+	- Implement background deleting of items in contact_remove()
+	- Refactor guest access tokens for better usability and provide quick access
+	- Refactor permissions handling
+	- Improved poll rendering
+
+	Bugfixes
+	- Fix items not deleted on remote channel purge
+	- Fix plink in post_activity_item()
+	- Fix multiple update_poll() calls dismissed in queueworker
+	- Fix blocked or ignored contacts displayed in connections
+	- Fix polls for forum channels
+
+	Addons:
+	- Legacy mail: remove
+	- Deprecate include/group in favor of Lib/AccessList
+	- Pubcrawl: support pleroma end time for polls
+	- Pubcrawl: slightly adjust the way we check mastodon direct messages
+	- Socialauth: scope support and improvements
+
+
+Hubzilla 6.4.2 (2021-12-14)
+	- Fix issue in mod sse_bs where returning message id's were assumed to be base64 encoded
+	- Fix announce activity type not registered as response activity
+
+
 Hubzilla 6.4.1 (2021-12-03)
 	- Fix hubloc_site_id in fix_system_urls() on detected site rename events
 	- Fix duplicate deliveries if duplicate hublocs available

Zotlabs/Access/AccessList.php

@@ -139,6 +139,11 @@ class AccessList {
 	 * @param boolean $explicit (optional) default true
 	 */
 	function set_from_array($arr, $explicit = true) {
+		$arr['contact_allow'] = $arr['contact_allow'] ?? [];
+		$arr['group_allow'] = $arr['group_allow'] ?? [];
+		$arr['contact_deny'] = $arr['contact_deny'] ?? [];
+		$arr['group_deny'] = $arr['group_deny'] ?? [];
+
 		$this->allow_cid = perms2str((is_array($arr['contact_allow']))
 			? $arr['contact_allow'] : explode(',', $arr['contact_allow']));
 		$this->allow_gid = perms2str((is_array($arr['group_allow']))

Zotlabs/Access/PermissionLimits.php

@@ -89,4 +89,4 @@ class PermissionLimits {
 
 		return false;
 	}
-}
+}

Zotlabs/Access/PermissionRoles.php

@@ -17,7 +17,7 @@ class PermissionRoles {
 	 * @return number
 	 */
 	static public function version() {
-		return 2;
+		return 3;
 	}
 
 	static function role_perms($role) {
@@ -27,6 +27,54 @@ class PermissionRoles {
 		$ret['role'] = $role;
 
 		switch($role) {
+
+			case 'public':
+				$ret['default_collection'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'post_wall', 'chat', 'post_like', 'republish'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['post_comments'] = PERMS_AUTHED;
+				$ret['limits']['post_mail'] = PERMS_AUTHED;
+				$ret['limits']['post_like'] = PERMS_AUTHED;
+				$ret['limits']['chat'] = PERMS_AUTHED;
+				break;
+
+			// Hubzilla default role
+			case 'personal':
+				$ret['default_collection'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'chat', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['limits']['view_contacts'] = PERMS_SPECIFIC;
+				break;
+
+			case 'group':
+				$ret['default_collection'] = false;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage',
+					'view_pages', 'view_wiki', 'post_wall', 'post_comments',
+					'post_mail', 'post_like', 'chat'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				$ret['channel_type'] = 'group';
+				break;
+
+			// Provide some defaults for the custom role so that we do not start
+			// with no permissions at all if we create a new channel with this role
+			case 'custom':
+				$ret['default_collection'] = true;
+				$ret['perms_connect'] = [
+					'view_stream', 'view_profile', 'view_contacts', 'view_storage', 'view_pages', 'view_wiki',
+					'send_stream', 'post_comments', 'post_mail', 'chat', 'post_like'
+				];
+				$ret['limits'] = PermissionLimits::Std_Limits();
+				break;
+
+/*
 			case 'social':
 				$ret['perms_auto'] = false;
 				$ret['default_collection'] = false;
@@ -193,13 +241,14 @@ class PermissionRoles {
 				$ret['channel_type'] = 'group';
 
 				break;
+*/
 
-			case 'custom':
 			default:
 				break;
 		}
 
 		$x = get_config('system','role_perms');
+
 		// let system settings over-ride any or all
 		if($x && is_array($x) && array_key_exists($role,$x))
 			$ret = array_merge($ret,$x[$role]);
@@ -284,6 +333,7 @@ class PermissionRoles {
 	 */
 	static public function roles() {
 		$roles = [
+
 			t('Social Networking') => [
 				'social_federation' => t('Social - Federation'),
 				'social' => t('Social - Mostly Public'),
@@ -317,4 +367,29 @@ class PermissionRoles {
 		return $roles;
 	}
 
+	/**
+	 * @brief Array with translated role names and grouping.
+	 *
+	 * Return an associative array with role names that can be used
+	 * to create select groups like in \e field_select_grouped.tpl.
+	 *
+	 * @return array
+	 */
+	static public function channel_roles() {
+		$channel_roles = [
+			//'public' => [t('Public'), t('A very permissive role suited for participation in the fediverse')],
+			//'personal' => [t('Personal'), t('The $Projectname default role suited for a personal channel')],
+			//'forum' => [t('Community forum'), t('This role configures your channel to act as an community forum')],
+			//'custom' => [t('Custom'), t('This role comes with the presets of the personal role but allows you to configure it to your needs')]
+			'public' => t('Public'),
+			'personal' => t('Personal'),
+			'group' => t('Community forum'),
+			'custom' => t('Custom')
+		];
+
+		call_hooks('list_channel_roles', $channel_roles);
+
+		return $channel_roles;
+	}
+
 }

Zotlabs/Access/Permissions.php

@@ -41,7 +41,7 @@ class Permissions {
 	 * @return number
 	 */
 	static public function version() {
-		return 2;
+		return 3;
 	}
 
 	/**
@@ -67,9 +67,9 @@ class Permissions {
 			'post_comments' => t('Can comment on or like my posts'),
 			'post_mail'     => t('Can send me direct messages'),
 			'post_like'     => t('Can like/dislike profiles and profile things'),
-			'tag_deliver'   => t('Can forward direct messages to all my channel connections (forum)'),
 			'chat'          => t('Can chat with me'),
-			'republish'     => t('Can source my public posts in derived channels'),
+			'republish'     => t('Can source/mirror my public posts in derived channels'),
+			//'tag_deliver'   => t('Can forward to my contacts via direct messages (forum)'),
 			'delegate'      => t('Can administer my channel')
 		];
 
@@ -217,25 +217,23 @@ class Permissions {
 
 		$my_perms  = [];
 		$permcat   = null;
-		$automatic = 0;
+		$automatic = get_pconfig($channel_id, 'system', 'autoperms');
 
 		// If a default permcat exists, use that
 
-		$pc = ((feature_enabled($channel_id, 'permcats')) ? get_pconfig($channel_id, 'system', 'default_permcat') : 'default');
-		if (!in_array($pc, ['', 'default'])) {
-			$pcp     = new Zlib\Permcat($channel_id);
-			$permcat = $pcp->fetch($pc);
-			if ($permcat && $permcat['perms']) {
-				foreach ($permcat['perms'] as $p) {
-					$my_perms[$p['name']] = $p['value'];
-				}
+		$pc = get_pconfig($channel_id, 'system', 'default_permcat', 'default');
+		$pcp     = new Zlib\Permcat($channel_id);
+		$permcat = $pcp->fetch($pc);
+		if ($permcat && $permcat['perms']) {
+			foreach ($permcat['perms'] as $p) {
+				$my_perms[$p['name']] = $p['value'];
 			}
 		}
 
 		// look up the permission role to see if it specified auto-connect
 		// and if there was no permcat or a default permcat, set the perms
 		// from the role
-
+/*
 		$role = get_pconfig($channel_id, 'system', 'permissions_role');
 		if ($role) {
 			$xx = PermissionRoles::role_perms($role);
@@ -247,11 +245,12 @@ class Permissions {
 				$my_perms      = Permissions::FilledPerms($default_perms);
 			}
 		}
+*/
 
 		// If we reached this point without having any permission information,
 		// it is likely a custom permissions role. First see if there are any
 		// automatic permissions.
-
+/*
 		if (!$my_perms) {
 			$m = Permissions::FilledAutoperms($channel_id);
 			if ($m) {
@@ -259,11 +258,12 @@ class Permissions {
 				$my_perms  = $m;
 			}
 		}
-
+*/
 		// If we reached this point with no permissions, the channel is using
 		// custom perms but they are not automatic. They will be stored in abconfig with
 		// the channel's channel_hash (the 'self' connection).
 
+/*
 		if (!$my_perms) {
 			$r = q("select channel_hash from channel where channel_id = %d",
 				intval($channel_id)
@@ -280,10 +280,10 @@ class Permissions {
 				}
 			}
 		}
-
-		return (['perms' => $my_perms, 'automatic' => $automatic]);
+*/
+		return (['perms' => $my_perms, 'automatic' => $automatic, 'role' => $pc]);
 	}
-
+/*
 	static public function serialise($p) {
 		$n = [];
 		if ($p) {
@@ -295,4 +295,5 @@ class Permissions {
 		}
 		return implode(',', $n);
 	}
+*/
 }

Zotlabs/Daemon/Addon.php

@@ -7,6 +7,7 @@ class Addon {
 	static public function run($argc, $argv) {
 
 		call_hooks('daemon_addon', $argv);
+		return;
 
 	}
 

Zotlabs/Daemon/Cache_embeds.php

@@ -19,8 +19,10 @@ class Cache_embeds {
 		$item = $c[0];
 
 		// bbcode conversion by default processes embeds that aren't already cached.
-		// Ignore the returned html output. 
+		// Ignore the returned html output.
 
 		bbcode($item['body']);
+
+		return;
 	}
 }

Zotlabs/Daemon/Cache_query.php

@@ -24,7 +24,7 @@ class Cache_query {
 
 		array_shift($argv);
 		array_shift($argv);
-		
+
 		$arr = json_decode(base64_decode($argv[0]), true);
 
 		$r = call_user_func_array('q', $arr);
@@ -32,5 +32,7 @@ class Cache_query {
 			Cache::set($key, serialize($r));
 
 		del_config('procid', $key);
+
+		return;
 	}
 }

Zotlabs/Daemon/Checksites.php

@@ -10,6 +10,9 @@ class Checksites {
 
 		logger('checksites: start');
 
+		$site_id = '';
+		$sql_options = '';
+
 		if (($argc > 1) && ($argv[1]))
 			$site_id = $argv[1];
 

Zotlabs/Daemon/Cli_suggest.php

@@ -9,6 +9,7 @@ class Cli_suggest {
 	static public function run($argc,$argv) {
 
 		update_suggestions();
+		return;
 
 	}
 }

Zotlabs/Daemon/Convo.php

@@ -30,6 +30,7 @@ class Convo {
 			intval($channel_id),
 			dbesc($contact_hash)
 		);
+
 		if (!$r) {
 			return;
 		}
@@ -40,19 +41,26 @@ class Convo {
 
 		$messages = $obj->get();
 
-		if ($messages) {
-			foreach ($messages as $message) {
-				if (is_string($message)) {
-					$message = Activity::fetch($message, $channel);
-				}
-				// set client flag because comments will probably just be objects and not full blown activities
-				// and that lets us use implied_create
-				$AS = new ActivityStreams($message);
-				if ($AS->is_valid() && is_array($AS->obj)) {
-					$item = Activity::decode_note($AS);
-					Activity::store($channel, $contact['abook_xchan'], $AS, $item);
-				}
+		if (!$messages) {
+			return;
+		}
+
+		foreach ($messages as $message) {
+			if (is_string($message)) {
+				$message = Activity::fetch($message, $channel);
+			}
+
+			// set client flag because comments will probably just be objects and not full blown activities
+			// and that lets us use implied_create
+			$AS = new ActivityStreams($message);
+			if ($AS->is_valid() && is_array($AS->obj)) {
+				$item = Activity::decode_note($AS);
+				$item['item_fetched'] = true;
+				Activity::store($channel, $contact['abook_xchan'], $AS, $item);
 			}
 		}
+
+		return;
+
 	}
 }

Zotlabs/Daemon/Cron.php

@@ -19,6 +19,7 @@ class Cron {
 			}
 		}
 
+/*
 		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
 		$lockfile = 'store/[data]/cron';
 		if ((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600))
@@ -30,6 +31,7 @@ class Cron {
 		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
 		$x = '';
 		file_put_contents($lockfile, $x);
+*/
 
 		logger('cron: start');
 
@@ -50,7 +52,7 @@ class Cron {
 		require_once('include/account.php');
 		remove_expired_registrations();
 
-		$interval = get_config('system', 'delivery_interval', 3);
+		$interval = get_config('queueworker', 'queue_interval', 500000);
 
 		// expire any expired items
 
@@ -65,8 +67,10 @@ class Cron {
 				if ($rr['item_wall']) {
 					// The notifier isn't normally invoked unless item_drop is interactive.
 					Master::Summon(['Notifier', 'drop', $rr['id']]);
-					if ($interval)
-						@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($interval) {
+						usleep($interval);
+					}
 				}
 			}
 		}
@@ -96,8 +100,10 @@ class Cron {
 		if ($r) {
 			foreach ($r as $rr) {
 				Master::Summon(array('Directory', $rr['channel_id'], 'force'));
-				if ($interval)
-					@time_sleep_until(microtime(true) + (float)$interval);
+
+				if ($interval) {
+					usleep($interval);
+				}
 			}
 		}
 
@@ -151,8 +157,10 @@ class Cron {
 						);
 					}
 					Master::Summon(array('Notifier', 'wall-new', $rr['id']));
-					if ($interval)
-						@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($interval) {
+						usleep($interval);
+					}
 				}
 			}
 		}
@@ -203,10 +211,10 @@ class Cron {
 		}
 
 
-		// pull in some public posts
+		// pull in some public posts if allowed
 
-		$disable_discover_tab = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false;
-		if (!$disable_discover_tab)
+		$disable_externals = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false || get_config('system', 'site_firehose');
+		if (!$disable_externals)
 			Master::Summon(['Externals']);
 
 		$restart = false;
@@ -228,7 +236,7 @@ class Cron {
 		set_config('system', 'lastcron', datetime_convert());
 
 		//All done - clear the lockfile
-		@unlink($lockfile);
+		//@unlink($lockfile);
 
 		return;
 	}

Zotlabs/Daemon/Cron_daily.php

@@ -49,6 +49,22 @@ class Cron_daily {
 			dbesc('sse_id.%')
 		);
 
+		// Mark items seen after X days (default 90)
+
+		$r = dbq("select channel_id from channel where channel_removed = 0");
+		if ($r) {
+			foreach ($r as $rr) {
+				$mark_seen_days = get_pconfig($rr['channel_id'], 'system', 'mark_seen_days', 90);
+				q("UPDATE item SET item_unseen = 0 WHERE
+					uid = %d AND item_unseen = 1
+					AND created < %s - INTERVAL %s",
+					intval($rr['channel_id']),
+					db_utcnow(),
+					db_quoteinterval($mark_seen_days . ' DAY')
+				);
+			}
+		}
+
 		// Clean up emdedded content cache
 		q("DELETE FROM cache WHERE updated < %s - INTERVAL %s",
 			db_utcnow(),
@@ -103,5 +119,7 @@ class Cron_daily {
 		/**
 		 * End Cron Daily
 		 */
+
+		 return;
 	}
 }

Zotlabs/Daemon/Cron_weekly.php

@@ -22,12 +22,12 @@ class Cron_weekly {
 
 		mark_orphan_hubsxchans();
 
-		// Find channels that were removed in the last three weeks, but 
+		// Find channels that were removed in the last three weeks, but
 		// haven't been finally cleaned up. These should be older than 10
-		// days to ensure that "purgeall" messages have gone out or bounced 
-		// or timed out. 
+		// days to ensure that "purgeall" messages have gone out or bounced
+		// or timed out.
 
-		$r = q("select channel_id from channel where channel_removed = 1 and 
+		$r = q("select channel_id from channel where channel_removed = 1 and
 			channel_deleted >  %s - INTERVAL %s and channel_deleted < %s - INTERVAL %s",
 			db_utcnow(), db_quoteinterval('21 DAY'),
 			db_utcnow(), db_quoteinterval('10 DAY')
@@ -59,5 +59,6 @@ class Cron_weekly {
 		 * End Cron Weekly
 		 */
 
+		return;
 	}
-}
+}

Zotlabs/Daemon/Deliver.php

@@ -28,6 +28,8 @@ class Deliver {
 
 		}
 
+		return;
+
 	}
 
 }

Zotlabs/Daemon/Deliver_hooks.php

@@ -12,8 +12,12 @@ class Deliver_hooks {
 		$r = q("select * from item where id = '%d'",
 			intval($argv[1])
 		);
-		if ($r)
+
+		if ($r) {
 			call_hooks('notifier_normal', $r[0]);
+		}
+
+		return;
 
 	}
 }

Zotlabs/Daemon/Delxitems.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+require_once('include/connections.php');
+
+/*
+ * Daemon to remove 'item' resources in the background from a removed connection
+ */
+
+class Delxitems {
+
+	static public function run($argc, $argv) {
+
+		cli_startup();
+
+		if($argc != 3) {
+			return;
+		}
+
+		remove_abook_items($argv[1], $argv[2]);
+
+		return;
+	}
+}

Zotlabs/Daemon/Directory.php

@@ -97,5 +97,7 @@ class Directory {
 		if ($pushall) {
 			Master::Summon(array('Notifier', 'refresh_all', $channel['channel_id']));
 		}
+
+		return;
 	}
 }

Zotlabs/Daemon/Expire.php

@@ -103,5 +103,7 @@ class Expire {
 		}
 
 		del_config('procid', 'expire');
+
+		return;
 	}
 }

Zotlabs/Daemon/Externals.php

@@ -19,6 +19,7 @@ class Externals {
 		$importer = get_sys_channel();
 		$total    = 0;
 		$attempts = 0;
+		$url = '';
 
 		logger('externals: startup', LOGGER_DEBUG);
 
@@ -67,9 +68,8 @@ class Externals {
 					datetime_convert('UTC', 'UTC', 'now - 30 days')
 				);
 
-				$contact = $r[0];
-
-				if ($contact) {
+				if ($r) {
+					$contact = $r[0];
 					$url = $contact['hubloc_id_url'];
 				}
 			}
@@ -133,7 +133,9 @@ class Externals {
 								continue;
 							}
 
-							Libzot::fetch_conversation($importer, $message['object']['id']);
+							$obj_id = $message['object']['id'] ?? $message['object'];
+
+							Libzot::fetch_conversation($importer, $obj_id);
 							$total++;
 							continue;
 						}
@@ -141,7 +143,8 @@ class Externals {
 						$AS = new ActivityStreams($message);
 						if ($AS->is_valid() && is_array($AS->obj)) {
 							$item = Activity::decode_note($AS);
-							Activity::store($importer, $contact['abook_xchan'], $AS, $item);
+							$item['item_fetched'] = true;
+							Activity::store($importer, $contact['hubloc_hash'], $AS, $item);
 							$total++;
 						}
 					}

Zotlabs/Daemon/Gprobe.php

@@ -15,21 +15,32 @@ class Gprobe {
 			return;
 
 		$url = hex2bin($argv[1]);
+		$is_webbie = false;
+		$r = null;
 
-		if (!strpos($url, '@'))
-			return;
+		if (filter_var($url, FILTER_VALIDATE_EMAIL)) {
+			$is_webbie = true;
 
-		$r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_network = 'zot6' limit 1",
-			dbesc($url)
-		);
+			$r = q("select * from hubloc where hubloc_addr = '%s' and hubloc_network = 'zot6' limit 1",
+				dbesc($url)
+			);
+		}
+		elseif (filter_var($url, FILTER_VALIDATE_URL)) {
+			$r = q("select * from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+				dbesc($url)
+			);
+		}
 
 		if (!$r) {
-			$href = Webfinger::zot_url(punify($url));
-			if ($href) {
-				$zf = Zotfinger::exec($href, null);
+			if ($is_webbie) {
+				$url = Webfinger::zot_url(punify($url));
 			}
-			if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
-				Libzot::import_xchan($zf['data']);
+
+			if ($url) {
+				$zf = Zotfinger::exec($url, null);
+				if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $url && intval($zf['signature']['header_valid'])) {
+					Libzot::import_xchan($zf['data']);
+				}
 			}
 		}
 

Zotlabs/Daemon/Importdoc.php

@@ -11,6 +11,8 @@ class Importdoc {
 
 		self::update_docs_dir('doc/*');
 
+		return;
+
 	}
 
 	static public function update_docs_dir($s) {

Zotlabs/Daemon/Master.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\QueueWorker;
+
 if (array_search(__file__, get_included_files()) === 0) {
 	require_once('include/cli_startup.php');
 	array_shift($argv);
@@ -9,6 +11,7 @@ if (array_search(__file__, get_included_files()) === 0) {
 
 	if ($argc)
 		Master::Release($argc, $argv);
+
 	return;
 }
 
@@ -16,6 +19,10 @@ if (array_search(__file__, get_included_files()) === 0) {
 class Master {
 
 	static public function Summon($arr) {
+
+		QueueWorker::Summon($arr);
+		return;
+/*
 		$hookinfo = [
 			'argv' => $arr
 		];
@@ -32,11 +39,15 @@ class Master {
 
 		$phpbin = get_config('system', 'phpbin', 'php');
 		proc_run($phpbin, 'Zotlabs/Daemon/Master.php', $arr);
+*/
 	}
 
 	static public function Release($argc, $argv) {
 		cli_startup();
 
+		QueueWorker::Release($argv);
+		return;
+/*
 		$hookinfo = [
 			'argv' => $argv
 		];
@@ -54,5 +65,6 @@ class Master {
 		logger('Master: release: ' . json_encode($argv), LOGGER_ALL, LOG_DEBUG);
 		$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
 		$cls::run($argc, $argv);
+*/
 	}
 }

Zotlabs/Daemon/Notifier.php

@@ -5,6 +5,7 @@ namespace Zotlabs\Daemon;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Activity;
 use Zotlabs\Lib\Queue;
+use Zotlabs\Lib\LDSignatures;
 
 require_once('include/html2plain.php');
 require_once('include/conversation.php');
@@ -79,6 +80,7 @@ class Notifier {
 	static public $channel = null;
 	static public $private = false;
 
+
 	static public function run($argc, $argv) {
 
 		if ($argc < 3) {
@@ -88,7 +90,6 @@ class Notifier {
 		logger('notifier: invoked: ' . print_r($argv, true), LOGGER_DEBUG);
 
 		$cmd = $argv[1];
-
 		$item_id = $argv[2];
 
 		if (!$item_id) {
@@ -106,6 +107,12 @@ class Notifier {
 
 		$sys         = get_sys_channel();
 		$normal_mode = true;
+		$upstream = false;
+		$uplink = false;
+		$target_item = null;
+		$parent_item = null;
+		$top_level_post = false;
+		$relay_to_owner = false;
 
 		if ($cmd === 'keychange') {
 			self::$channel = channelx_by_n($item_id);
@@ -234,7 +241,7 @@ class Notifier {
 
 			$target_item = $r[0];
 
-			if (in_array($target_item['author']['xchan_network'], ['rss', 'anon'])) {
+			if (in_array($target_item['author']['xchan_network'], ['rss', 'anon', 'token'])) {
 				logger('notifier: target item author is not a fetchable actor', LOGGER_DEBUG);
 				return;
 			}
@@ -330,12 +337,14 @@ class Notifier {
 				self::$encoded_item = json_decode($m, true);
 			}
 			else {
+
 				self::$encoded_item = array_merge(['@context' => [
 					ACTIVITYSTREAMS_JSONLD_REV,
 					'https://w3id.org/security/v1',
 					z_root() . ZOT_APSCHEMA_REV
 				]], Activity::encode_activity($target_item)
 				);
+				self::$encoded_item['signature'] = LDSignatures::sign(self::$encoded_item, self::$channel);
 			}
 
 			logger('target_item: ' . print_r($target_item, true), LOGGER_DEBUG);
@@ -351,8 +360,6 @@ class Notifier {
 			// the hostname in the message_id and provides a second (fallback) opinion.
 
 			$relay_to_owner = (!$top_level_post && intval($target_item['item_origin']) && comment_local_origin($target_item));
-			$uplink         = false;
-			$upstream       = false;
 
 			// $cmd === 'relay' indicates the owner is sending it to the original recipients
 			// don't allow the item in the relay command to relay to owner under any circumstances, it will loop
@@ -496,6 +503,7 @@ class Notifier {
 		// public posts won't make it to the local public stream unless there's a recipient on this site.
 		// This code block sees if it's a public post and localhost is missing, and if so adds an entry for the local sys channel to the $hubs list
 
+		/* sys channel is now added in collect recipients
 		if (!self::$private) {
 			$found_localhost = false;
 			if ($hubs) {
@@ -516,6 +524,7 @@ class Notifier {
 				}
 			}
 		}
+		*/
 
 		if (!$hubs) {
 			logger('notifier: no hubs', LOGGER_NORMAL, LOG_NOTICE);
@@ -630,9 +639,22 @@ class Notifier {
 
 			// default: zot protocol
 
+			// Prevent zot6 delivery of group comment boosts, which are not required for conversational platforms.
+			// ActivityPub conversational platforms may wish to filter these if they don't want or require them.
+			// We will assume here that if $target_item exists and has a verb that it is an actual item structure
+			// so we won't need to check the existence of the other item fields prior to evaluation.
+
+			// This shouldn't produce false positives on comment boosts that were generated on other platforms
+			// because we won't be delivering them.
+
+			if (isset($target_item['verb']) && $target_item['verb'] === 'Announce' && $target_item['author_xchan'] === $target_item['owner_xchan'] && ! intval($target_item['item_thread_top'])) {
+				continue;
+			}
+
 			$hash = new_uuid();
 
-			$env = (($hub_env && $hub_env[$hub['hubloc_site_id']]) ? $hub_env[$hub['hubloc_site_id']] : '');
+			$env = $hub_env[$hub['hubloc_site_id']] ?? '';
+
 			if ((self::$private) && (!$env)) {
 				continue;
 			}
@@ -669,7 +691,7 @@ class Notifier {
 
 		}
 
-		if ($normal_mode) {
+		if ($normal_mode && is_array($target_item)) {
 			// This wastes a process if there are no delivery hooks configured, so check this before launching the new process
 			$x = q("select * from hook where hook = 'notifier_normal'");
 			if ($x) {

Zotlabs/Daemon/Onepoll.php

@@ -46,6 +46,7 @@ class Onepoll {
 		}
 
 		$contact      = $contacts[0];
+
 		$importer_uid = $contact['abook_channel'];
 
 		$importer = channelx_by_n($importer_uid);
@@ -53,7 +54,7 @@ class Onepoll {
 		if (!$importer)
 			return;
 
-		logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
+		logger("onepoll: poll: ($contact_id) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
 
 		$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] <= NULL_DATE))
 			? datetime_convert('UTC', 'UTC', 'now - 7 days')
@@ -63,12 +64,21 @@ class Onepoll {
 		if ($contact['xchan_network'] === 'rss') {
 			logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
 			$alive = handle_feed($importer['channel_id'], $contact_id, $contact['xchan_hash']);
-			if ($alive) {
-				q("update abook set abook_connected = '%s' where abook_id = %d",
+
+			if (!$alive) {
+				q("update abook set abook_updated = '%s' where abook_id = %d",
 					dbesc(datetime_convert()),
 					intval($contact['abook_id'])
 				);
+				return;
 			}
+
+			q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d",
+				dbesc(datetime_convert()),
+				dbesc(datetime_convert()),
+				intval($contact['abook_id'])
+			);
+
 			return;
 		}
 
@@ -162,6 +172,7 @@ class Onepoll {
 							$AS = new ActivityStreams($message);
 							if ($AS->is_valid() && is_array($AS->obj)) {
 								$item = Activity::decode_note($AS);
+								$item['item_fetched'] = true;
 								Activity::store($importer, $contact['abook_xchan'], $AS, $item);
 							}
 						}

Zotlabs/Daemon/Poller.php

@@ -17,9 +17,12 @@ class Poller {
 			}
 		}
 
-		$interval = intval(get_config('system', 'poll_interval'));
-		if (!$interval)
+		$interval = get_config('queueworker', 'queue_interval', 500000);
+
+/*
+		if (!$interval) {
 			$interval = ((get_config('system', 'delivery_interval') === false) ? 3 : intval(get_config('system', 'delivery_interval')));
+		}
 
 		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
 		$lockfile = 'store/[data]/poller';
@@ -32,6 +35,7 @@ class Poller {
 		// Create a lockfile.  Needs two vars, but $x doesn't need to contain anything.
 		$x = '';
 		file_put_contents($lockfile, $x);
+*/
 
 		logger('poller: start');
 
@@ -93,13 +97,24 @@ class Poller {
 						$min = intval(get_config('system', 'minimum_feedcheck_minutes'));
 					if (!$min)
 						$min = 60;
-					$x = datetime_convert('UTC', 'UTC', "now - $min minutes");
-					if ($c < $x) {
-						Master::Summon(['Onepoll', $contact['abook_id']]);
-						if ($interval)
-							@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($t !== $c) {
+						// if the last fetch failed only attempt fetch once a day
+						$min = 60 * 24;
 					}
+
+					$x = datetime_convert('UTC', 'UTC', "now - $min minutes");
+
+					if ($t < $x) {
+						Master::Summon(['Onepoll', $contact['abook_id']]);
+
+						if ($interval) {
+							usleep($interval);
+						}
+					}
+
 					continue;
+
 				}
 
 				if ($contact['xchan_network'] !== 'zot6')
@@ -158,9 +173,10 @@ class Poller {
 					continue;
 
 				Master::Summon(['Onepoll', $contact['abook_id']]);
-				if ($interval)
-					@time_sleep_until(microtime(true) + (float)$interval);
 
+				if ($interval) {
+					usleep($interval);
+				}
 			}
 		}
 
@@ -181,9 +197,12 @@ class Poller {
 					if ($rr['ud_last'] > NULL_DATE)
 						if ($rr['ud_last'] > datetime_convert('UTC', 'UTC', 'now - 1 day'))
 							continue;
+
 					Master::Summon(['Onedirsync', $rr['ud_id']]);
-					if ($interval)
-						@time_sleep_until(microtime(true) + (float)$interval);
+
+					if ($interval) {
+						usleep($interval);
+					}
 				}
 			}
 		}
@@ -191,9 +210,9 @@ class Poller {
 		set_config('system', 'lastpoll', datetime_convert());
 
 		//All done - clear the lockfile
-
+/*
 		@unlink($lockfile);
-
+*/
 		return;
 	}
 }

Zotlabs/Daemon/Queue.php

@@ -7,77 +7,56 @@ use Zotlabs\Lib\Queue as LibQueue;
 class Queue {
 
 	static public function run($argc, $argv) {
-
-		require_once('include/items.php');
-		require_once('include/bbcode.php');
-
-		if ($argc > 1)
-			$queue_id = $argv[1];
-		else
-			$queue_id = EMPTY_STR;
+		$queue_id = ($argc > 1) ? $argv[1] : '';
 
 		logger('queue: start');
 
 		// delete all queue items more than 3 days old
 		// but first mark these sites dead if we haven't heard from them in a month
 
-		$r = q("select outq_posturl from outq where outq_created < %s - INTERVAL %s",
-			db_utcnow(), db_quoteinterval('3 DAY')
+		$oldqItems = q("select outq_posturl from outq where outq_created < %s - INTERVAL %s",
+			db_utcnow(),
+			db_quoteinterval('3 DAY')
 		);
-		if ($r) {
-			foreach ($r as $rr) {
-				$h       = parse_url($rr['outq_posturl']);
-				$desturl = $h['scheme'] . '://' . $h['host'] . (isset($h['port']) ? ':' . $h['port'] : '');
+
+		if ($oldqItems) {
+			foreach ($oldqItems as $qItem) {
+				$h = parse_url($qItem['outq_posturl']);
+				$site_url = $h['scheme'] . '://' . $h['host'] . ((!empty($h['port'])) ? ':' . $h['port'] : '');
 				q("update site set site_dead = 1 where site_dead = 0 and site_url = '%s' and site_update < %s - INTERVAL %s",
-					dbesc($desturl),
-					db_utcnow(), db_quoteinterval('1 MONTH')
+					dbesc($site_url),
+					db_utcnow(),
+					db_quoteinterval('1 MONTH')
 				);
 			}
 		}
 
+		logger('Removing ' . count($oldqItems) . ' old queue entries');
 		q("DELETE FROM outq WHERE outq_created < %s - INTERVAL %s",
-			db_utcnow(), db_quoteinterval('3 DAY')
+			db_utcnow(),
+			db_quoteinterval('3 DAY')
 		);
 
+		$deliveries = [];
+
 		if ($queue_id) {
-			$r = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
+			$qItems = q("SELECT * FROM outq WHERE outq_hash = '%s' LIMIT 1",
 				dbesc($queue_id)
 			);
+			logger('queue deliver: ' . $qItems[0]['outq_hash'] . ' to ' . $qItems[0]['outq_posturl'], LOGGER_DEBUG);
+			LibQueue::deliver($qItems[0]);
 		}
 		else {
-
-			// For the first 12 hours we'll try to deliver every 15 minutes
-			// After that, we'll only attempt delivery once per hour.
-			// This currently only handles the default queue drivers ('zot' or '') which we will group by posturl
-			// so that we don't start off a thousand deliveries for a couple of dead hubs.
-			// The zot driver will deliver everything destined for a single hub once contact is made (*if* contact is made).
-			// Other drivers will have to do something different here and may need their own query.
-
-			// Note: this requires some tweaking as new posts to long dead hubs once a day will keep them in the
-			// "every 15 minutes" category. We probably need to prioritise them when inserted into the queue
-			// or just prior to this query based on recent and long-term delivery history. If we have good reason to believe
-			// the site is permanently down, there's no reason to attempt delivery at all, or at most not more than once
-			// or twice a day.
-
-			$sqlrandfunc = db_getfunc('rand');
-
-			$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
+			$qItems = q("SELECT * FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s ",
 				db_utcnow()
 			);
-			while ($r) {
-				foreach ($r as $rv) {
-					LibQueue::deliver($rv);
+			if ($qItems) {
+				foreach ($qItems as $qItem) {
+					$deliveries[] = $qItem['outq_hash'];
 				}
-				$r = q("SELECT *,$sqlrandfunc as rn FROM outq WHERE outq_delivered = 0 and outq_scheduled < %s order by rn limit 1",
-					db_utcnow()
-				);
+				do_delivery($deliveries, true);
 			}
-		}
-		if (!$r)
-			return;
-
-		foreach ($r as $rv) {
-			LibQueue::deliver($rv);
-		}
+		 }
 	}
+
 }

Zotlabs/Daemon/Thumbnail.php

@@ -73,5 +73,7 @@ class Thumbnail {
 				|| (filectime(dbunescbin($attach['content']) . 'thumb') < (time() - 60)))) {
 			$default_controller->Thumb($attach, $preview_style, $preview_width, $preview_height);
 		}
+
+		return;
 	}
 }

Zotlabs/Lib/ASCollection.php

@@ -24,6 +24,8 @@ class ASCollection {
 		$this->direction = $direction;
 		$this->limit     = $limit;
 
+		$data = null;
+
 		if (is_array($obj)) {
 			$data = $obj;
 		}
@@ -147,4 +149,4 @@ class ASCollection {
 		}
 		logger('nextpage: ' . $this->nextpage, LOGGER_DEBUG);
 	}
-}
+}

Zotlabs/Lib/AbConfig.php

@@ -6,12 +6,17 @@ namespace Zotlabs\Lib;
 class AbConfig {
 
 	static public function Load($chan,$xhash,$family = '') {
-		if($family)
+		$where = '';
+
+		if($family) {
 			$where = sprintf(" and cat = '%s' ",dbesc($family));
+		}
+
 		$r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
 			intval($chan),
 			dbesc($xhash)
 		);
+
 		return $r;
 	}
 
@@ -21,7 +26,7 @@ class AbConfig {
 			intval($chan),
 			dbesc($xhash),
 			dbesc($family),
-			dbesc($key)		
+			dbesc($key)
 		);
 		if($r) {
 			return ((preg_match('|^a:[0-9]+:{.*}$|s', $r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
@@ -41,19 +46,19 @@ class AbConfig {
 				dbesc($xhash),
 				dbesc($family),
 				dbesc($key),
-				dbesc($dbvalue)		
+				dbesc($dbvalue)
 			);
 		}
 		else {
 			$r = q("update abconfig set v = '%s' where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ",
-				dbesc($dbvalue),		
+				dbesc($dbvalue),
 				dbesc($chan),
 				dbesc($xhash),
 				dbesc($family),
 				dbesc($key)
 			);
 		}
-	
+
 		if($r)
 			return $value;
 		return false;

Zotlabs/Lib/AccessList.php

@@ -1,38 +1,37 @@
-<?php 
+<?php
 
 namespace Zotlabs\Lib;
 
-use Zotlabs\Lib\Libsync;
-
-
 class AccessList {
-	
-	static function add($uid,$name,$public = 0) {
 
-		$ret = false;
+	static function add($uid, $name, $public = 0) {
+
+		$ret  = false;
+		$hash = '';
 		if ($uid && $name) {
-			$r = self::byname($uid,$name); // check for dups
+			$r = self::by_name($uid, $name); // check for dups
 			if ($r !== false) {
 
-				// This could be a problem. 
+				// This could be a problem.
 				// Let's assume we've just created a list which we once deleted
 				// all the old members are gone, but the list remains so we don't break any security
 				// access lists. What we're doing here is reviving the dead list, but old content which
-				// was restricted to this list may now be seen by the new list members. 
+				// was restricted to this list may now be seen by the new list members.
 
 				$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
 					intval($r)
 				);
-				if(($z) && $z[0]['deleted']) {
+				if (($z) && $z[0]['deleted']) {
 					q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
-					notice( t('A deleted list with this name was revived. Existing item permissions <strong>may</strong> apply to this list and any future members. If this is not what you intended, please create another list with a different name.') . EOL); 
+					notice(t('A deleted privacy group with this name was revived. Existing item permissions <strong>may</strong> apply to this privacy group and any future members. If this is not what you intended, please create another privacy group with a different name.') . EOL);
 				}
-				return true;
+				$hash = self::by_id($uid, $r);
+				return $hash;
 			}
 
 			$hash = new_uuid();
 
-			$r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
+			$r   = q("INSERT INTO pgrp ( hash, uid, visible, gname )
 				VALUES( '%s', %d, %d, '%s' ) ",
 				dbesc($hash),
 				intval($uid),
@@ -42,12 +41,12 @@ class AccessList {
 			$ret = $r;
 		}
 
-		Libsync::build_sync_packet($uid,null,true);
-		return $ret;
+		Libsync::build_sync_packet($uid, null, true);
+
+		return (($ret) ? $hash : $ret);
 	}
 
-
-	static function remove($uid,$name) {
+	static function remove($uid, $name) {
 		$ret = false;
 		if ($uid && $name) {
 			$r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
@@ -55,36 +54,36 @@ class AccessList {
 				dbesc($name)
 			);
 			if ($r) {
-				$group_id = $r[0]['id'];
+				$group_id   = $r[0]['id'];
 				$group_hash = $r[0]['hash'];
 			}
 			else {
 				return false;
 			}
-			
+
 			// remove group from default posting lists
 			$r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
-			       intval($uid)
+				intval($uid)
 			);
 			if ($r) {
 				$user_info = array_shift($r);
-				$change = false;
+				$change    = false;
 
 				if ($user_info['channel_default_group'] == $group_hash) {
 					$user_info['channel_default_group'] = '';
-					$change = true;
+					$change                             = true;
 				}
 				if (strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
 					$user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
-					$change = true;
+					$change                         = true;
 				}
 				if (strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
 					$user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
-					$change = true;
+					$change                        = true;
 				}
 
 				if ($change) {
-					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' 
+					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s'
 						WHERE channel_id = %d",
 						intval($user_info['channel_default_group']),
 						dbesc($user_info['channel_allow_gid']),
@@ -110,16 +109,16 @@ class AccessList {
 
 		}
 
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 
 		return $ret;
 	}
 
 	// returns the integer id of an access group owned by $uid and named $name
 	// or false.
-	
-	static function byname($uid,$name) {
-		if (! ($uid && $name)) {
+
+	static function by_name($uid, $name) {
+		if (!($uid && $name)) {
 			return false;
 		}
 		$r = q("SELECT id FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
@@ -132,11 +131,11 @@ class AccessList {
 		return false;
 	}
 
-	static function by_id($uid,$id) {
-		if (! ($uid && $id)) {
+	static function by_id($uid, $id) {
+		if (!($uid && $id)) {
 			return false;
 		}
-		
+
 		$r = q("SELECT * FROM pgrp WHERE uid = %d AND id = %d and deleted = 0",
 			intval($uid),
 			intval($id)
@@ -147,10 +146,8 @@ class AccessList {
 		return false;
 	}
 
-
-
-	static function rec_byhash($uid,$hash) {
-		if (! ( $uid && $hash)) {
+	static function by_hash($uid, $hash) {
+		if (!($uid && $hash)) {
 			return false;
 		}
 		$r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
@@ -163,46 +160,46 @@ class AccessList {
 		return false;
 	}
 
+	static function member_remove($uid, $name, $member, $gid = 0) {
+		if (!$gid) {
+			$gid = self::by_name($uid, $name);
+		}
 
-	static function member_remove($uid,$name,$member) {
-		$gid = self::byname($uid,$name);
-		if (! $gid) {
-			return false;
-		}
-		if (! ($uid && $gid && $member)) {
+		if (!($uid && $gid && $member)) {
 			return false;
 		}
+
 		$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
 			intval($uid),
 			intval($gid),
 			dbesc($member)
 		);
 
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 
 		return $r;
 	}
 
-
-	static function member_add($uid,$name,$member,$gid = 0) {
-		if (! $gid) {
-			$gid = self::byname($uid,$name);
+	static function member_add($uid, $name, $member, $gid = 0) {
+		if (!$gid) {
+			$gid = self::by_name($uid, $name);
 		}
-		if (! ($gid && $uid && $member)) {
+		if (!($gid && $uid && $member)) {
 			return false;
 		}
 
-		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",	
+		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",
 			intval($uid),
 			intval($gid),
 			dbesc($member)
 		);
 		if ($r) {
-			return true;	// You might question this, but 
-				// we indicate success because the group member was in fact created
-				// -- It was just created at another time
+			return true;
+			// You might question this, but
+			// we indicate success because the group member was in fact created
+			// -- It was just created at another time
 		}
-	 	else {
+		else {
 			$r = q("INSERT INTO pgrp_member (uid, gid, xchan)
 				VALUES( %d, %d, '%s' ) ",
 				intval($uid),
@@ -210,15 +207,14 @@ class AccessList {
 				dbesc($member)
 			);
 		}
-		Libsync::build_sync_packet($uid,null,true);
+		Libsync::build_sync_packet($uid, null, true);
 		return $r;
 	}
 
-
 	static function members($uid, $gid) {
 		$ret = [];
 		if (intval($gid)) {
-			$r = q("SELECT * FROM pgrp_member 
+			$r = q("SELECT * FROM pgrp_member
 				LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
 				WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
 				intval($gid),
@@ -232,7 +228,7 @@ class AccessList {
 		return $ret;
 	}
 
-	static function members_xchan($uid,$gid) {
+	static function members_xchan($uid, $gid) {
 		$ret = [];
 		if (intval($gid)) {
 			$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
@@ -248,99 +244,75 @@ class AccessList {
 		return $ret;
 	}
 
-	static function members_profile_xchan($uid,$gid) {
+	static function profile_members_xchan($uid,$gid) {
 		$ret = [];
-		if (intval($gid)) {
+
+		if(intval($gid)) {
 			$r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
 				intval($gid),
 				intval($uid)
 			);
-			if ($r) {
-				foreach($r as $rv) {
-					$ret[] = $rv['xchan'];
+			if($r) {
+				foreach($r as $rr) {
+					$ret[] = $rr['xchan'];
 				}
 			}
 		}
 		return $ret;
 	}
 
+	static function select($uid, $options) {
 
+		$selected = $options['selected'] ?? '';
+		$form_id = $options['form_id'] ?? 'accesslist_select';
+		$label = $options['label'] ?? t('Select a privacy group');
+		$before = $options['before'] ?? [];
+		$after = $options['after'] ?? [];
 
-
-	static function select($uid,$group = '') {
-	
 		$grps = [];
+		$o = '';
+
+		$grps[] = [
+			'name' => '',
+			'id' => '0',
+			'selected' => false
+		];
+
+		if ($before) {
+			$grps[] = $before;
+		}
 
 		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
 			intval($uid)
 		);
-		$grps[] = [ 'name' => '', 'hash' => '0', 'selected' => '' ];
-		if ($r) {
-			foreach ($r as $rr) {
-				$grps[] = [ 'name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : '') ];
-			}
 
-		}
-		
-		return replace_macros(get_markup_template('group_selection.tpl'), [
-			'$label' => t('Add new connections to this access list'),
-			'$groups' => $grps 
-		]);
-	}
-
-
-	static function widget($every="connections",$each="lists",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
-
-		$o = '';
-
-		$groups = [];
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($_SESSION['uid'])
-		);
-		$member_of = [];
-		if ($cid) {
-			$member_of = self::containing(local_channel(),$cid);
-		} 
-
-		if ($r) {
-			foreach ($r as $rr) {
-				$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
-			
-				if ($edit) {
-					$groupedit = [ 'href' => "lists/".$rr['id'], 'title' => t('edit') ];
-				} 
-				else {
-					$groupedit = null;
-				}
-			
-				$groups[] = [
-					'id'		=> $rr['id'],
-					'enc_cid'   => base64url_encode($cid),
-					'cid'		=> $cid,
-					'text' 		=> $rr['gname'],
-					'selected' 	=> $selected,
-					'href'		=> (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
-					'edit'		=> $groupedit,
-					'ismember'	=> in_array($rr['id'],$member_of),
+		if($r) {
+			foreach($r as $rr) {
+				$grps[] = [
+					'name' => $rr['gname'],
+					'id' => $rr['hash'],
+					'selected' => ($selected == $rr['hash'])
 				];
 			}
 		}
-		
-		return replace_macros(get_markup_template('group_side.tpl'), [
-			'$title'		=> t('Lists'),
-			'$edittext'     => t('Edit list'),
-			'$createtext' 	=> t('Create new list'),
-			'$ungrouped'    => (($every === 'contacts') ? t('Channels not in any access list') : ''),
-			'$groups'		=> $groups,
-			'$add'			=> t('add'),
-		]);
 
+		if ($after) {
+			$grps[] = $after;
+		}
+
+		logger('select: ' . print_r($grps,true), LOGGER_DATA);
+
+		$o = replace_macros(get_markup_template('group_selection.tpl'), array(
+			'$label' => $label,
+			'$form_id' => $form_id,
+			'$groups' => $grps
+		));
+
+		return $o;
 	}
 
-
 	static function expand($g) {
-		if (! (is_array($g) && count($g))) {
+		if (!(is_array($g) && count($g))) {
 			return [];
 		}
 
@@ -350,8 +322,8 @@ class AccessList {
 		// private profile linked virtual groups
 
 		foreach ($g as $gv) {
-			if (substr($gv,0,3) === 'vp.') {
-				$profile_hash = substr($gv,3);
+			if (substr($gv, 0, 3) === 'vp.') {
+				$profile_hash = substr($gv, 3);
 				if ($profile_hash) {
 					$r = q("select abook_xchan from abook where abook_profile = '%s'",
 						dbesc($profile_hash)
@@ -366,10 +338,10 @@ class AccessList {
 			else {
 				$x[] = $gv;
 			}
-		}								 
+		}
 
 		if ($x) {
-			stringify_array_elms($x,true);
+			stringify_array_elms($x, true);
 			$groups = implode(',', $x);
 			if ($groups) {
 				$r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
@@ -383,9 +355,8 @@ class AccessList {
 		return $ret;
 	}
 
-
 	static function member_of($c) {
-		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id 
+		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id
 			WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname  ASC ",
 			dbesc($c)
 		);
@@ -393,7 +364,7 @@ class AccessList {
 		return $r;
 	}
 
-	static function containing($uid,$c) {
+	static function containing($uid, $c) {
 
 		$r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
 			intval($uid),
@@ -405,7 +376,8 @@ class AccessList {
 			foreach ($r as $rv)
 				$ret[] = $rv['gid'];
 		}
-		
+
 		return $ret;
 	}
-}
+
+}

Zotlabs/Lib/ActivityStreams.php

@@ -11,6 +11,7 @@ class ActivityStreams {
 
 	public $raw = null;
 	public $data = null;
+	public $meta = null;
 	public $valid = false;
 	public $deleted = false;
 	public $id = '';
@@ -36,10 +37,14 @@ class ActivityStreams {
 	 */
 	function __construct($string) {
 
+		if(!$string)
+			return;
+
 		$this->raw = $string;
 
 		if (is_array($string)) {
 			$this->data = $string;
+			$this->raw = json_encode($string, JSON_UNESCAPED_SLASHES);
 		}
 		else {
 			$this->data = json_decode($string, true);
@@ -56,18 +61,21 @@ class ActivityStreams {
 					if ($ret['signer']) {
 						$saved                     = json_encode($this->data, JSON_UNESCAPED_SLASHES);
 						$this->data                = $tmp;
-						$this->data['signer']      = $ret['signer'];
-						$this->data['signed_data'] = $saved;
+						$this->meta['signer']      = $ret['signer'];
+						$this->meta['signed_data'] = $saved;
 						if ($ret['hubloc']) {
-							$this->data['hubloc'] = $ret['hubloc'];
+							$this->meta['hubloc'] = $ret['hubloc'];
 						}
 					}
 				}
 			}
 
+			// This indicates only that we have sucessfully decoded JSON.
 			$this->valid = true;
 
-			if (array_key_exists('type', $this->data) && array_key_exists('actor', $this->data) && array_key_exists('object', $this->data)) {
+			// Special handling for Mastodon "delete actor" activities which will often fail to verify
+			// because the key cannot be fetched. We will catch this condition elsewhere.
+			if (is_array($this->data) && array_key_exists('type', $this->data) && array_key_exists('actor', $this->data) && array_key_exists('object', $this->data)) {
 				if ($this->data['type'] === 'Delete' && $this->data['actor'] === $this->data['object']) {
 					$this->deleted = $this->data['actor'];
 					$this->valid   = false;
@@ -76,6 +84,7 @@ class ActivityStreams {
 
 		}
 
+		// Attempt to assemble an Activity from what we were given.
 		if ($this->is_valid()) {
 			$this->id     = $this->get_property_obj('id');
 			$this->type   = $this->get_primary_type();
@@ -87,7 +96,7 @@ class ActivityStreams {
 
 			$this->ldsig = $this->get_compound_property('signature');
 			if ($this->ldsig) {
-				$this->signer = $this->get_compound_property('creator', $this->ldsig);
+				$this->signer = $this->get_actor('creator', $this->ldsig);
 				if ($this->signer && is_array($this->signer) && array_key_exists('publicKey', $this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
 					$this->sigok = LDSignatures::verify($this->data, $this->signer['publicKey']['publicKeyPem']);
 				}
@@ -104,20 +113,20 @@ class ActivityStreams {
 			// fetch recursive or embedded activities
 
 			if ($this->obj && is_array($this->obj) && array_key_exists('object', $this->obj)) {
-				$this->obj['object'] = $this->get_compound_property($this->obj['object']);
+				$this->obj['object'] = $this->get_compound_property('object', $this->obj);
 			}
 
-			if ($this->obj && is_array($this->obj) && $this->obj['actor'])
+			if ($this->obj && is_array($this->obj) && isset($this->obj['actor']))
 				$this->obj['actor'] = $this->get_actor('actor', $this->obj);
-			if ($this->tgt && is_array($this->tgt) && $this->tgt['actor'])
+			if ($this->tgt && is_array($this->tgt) && isset($this->tgt['actor']))
 				$this->tgt['actor'] = $this->get_actor('actor', $this->tgt);
 
 			$this->parent_id = $this->get_property_obj('inReplyTo');
 
-			if ((!$this->parent_id) && is_array($this->obj)) {
+			if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['inReplyTo'])) {
 				$this->parent_id = $this->obj['inReplyTo'];
 			}
-			if ((!$this->parent_id) && is_array($this->obj)) {
+			if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['id'])) {
 				$this->parent_id = $this->obj['id'];
 			}
 		}
@@ -136,36 +145,59 @@ class ActivityStreams {
 		$this->saved_recips = $arr;
 	}
 
+	/**
+	 * @brief get single property from Activity object
+	 *
+	 * @param string $property
+	 * @param mixed $default return value if property or object not set
+	 *    or object is a string id which could not be fetched.
+	 * @return mixed
+	 */
+	public function objprop(string $property, mixed $default = false): mixed {
+		$x = $this->get_property_obj($property,$this->obj);
+		return (isset($x)) ? $x : $default;
+	}
+
 	/**
 	 * @brief Collects all recipients.
 	 *
-	 * @param string $base
+	 * @param mixed $base
 	 * @param string $namespace (optional) default empty
 	 * @return array
 	 */
-	function collect_recips($base = '', $namespace = '') {
-		$x = [];
+	public function collect_recips(mixed $base = '', string $namespace = ''): array {
+		$result = [];
+		$tmp = [];
 
 		$fields = ['to', 'cc', 'bto', 'bcc', 'audience'];
-		foreach ($fields as $f) {
-			$y = $this->get_compound_property($f, $base, $namespace);
-			if ($y) {
-				if (!is_array($this->raw_recips)) {
-					$this->raw_recips = [];
-				}
-
-				if (!is_array($y)) {
-					$y = [$y];
-				}
-				$this->raw_recips[$f] = $y;
-				$x                    = array_merge($x, $y);
+		foreach ($fields as $field) {
+			// don't expand these yet
+			$values = $this->get_property_obj($field, $base, $namespace);
+			if ($values) {
+				$values = force_array($values);
+				$tmp[$field] = $values;
+				$result = array_values(array_unique(array_merge($result, $values)));
+			}
+			// Merge the object recipients if they exist.
+			$values = $this->objprop($field);
+			if ($values) {
+				$values = force_array($values);
+				$tmp[$field] = ((isset($tmp[$field])) ? array_merge($tmp[$field], $values) : $values);
+				$result = array_values(array_unique(array_merge($result, $values)));
+			}
+			// remove duplicates
+			if (isset($tmp[$field])) {
+				$tmp[$field] = array_values(array_unique($tmp[$field]));
 			}
 		}
-// not yet ready for prime time
-//		$x = $this->expand($x,$base,$namespace);
-		return $x;
+		$this->raw_recips = $tmp;
+
+		// not yet ready for prime time
+		//      $result = $this->expand($result,$base,$namespace);
+		return $result;
 	}
 
+
 	function expand($arr, $base = '', $namespace = '') {
 		$ret = [];
 
@@ -299,20 +331,25 @@ class ActivityStreams {
 
 	function get_actor($property, $base = '', $namespace = '') {
 		$x = $this->get_property_obj($property, $base, $namespace);
+
 		if ($this->is_url($x)) {
 			$y = Activity::get_cached_actor($x);
 			if ($y) {
 				return $y;
 			}
 		}
+
 		$actor = $this->get_compound_property($property, $base, $namespace, true);
+
 		if (is_array($actor) && self::is_an_actor($actor['type'])) {
 			if (array_key_exists('id', $actor) && (!array_key_exists('inbox', $actor))) {
 				$actor = $this->fetch_property($actor['id']);
 			}
 			return $actor;
 		}
-		return null;
+
+		return Activity::get_unknown_actor($this->data);
+
 	}
 
 
@@ -327,6 +364,7 @@ class ActivityStreams {
 	 */
 	function get_compound_property($property, $base = '', $namespace = '', $first = false) {
 		$x = $this->get_property_obj($property, $base, $namespace);
+
 		if ($this->is_url($x)) {
 			$y = $this->fetch_property($x);
 			if (is_array($y)) {
@@ -343,10 +381,10 @@ class ActivityStreams {
 				if ($ret['signer']) {
 					$saved            = json_encode($x, JSON_UNESCAPED_SLASHES);
 					$x                = $tmp;
-					$x['signer']      = $ret['signer'];
-					$x['signed_data'] = $saved;
+					$x['meta']['signer']      = $ret['signer'];
+					$x['meta']['signed_data'] = $saved;
 					if ($ret['hubloc']) {
-						$x['hubloc'] = $ret['hubloc'];
+						$x['meta']['hubloc'] = $ret['hubloc'];
 					}
 				}
 			}
@@ -417,15 +455,19 @@ class ActivityStreams {
 
 	static function get_accept_header_string($channel = null) {
 
+		$ret = '';
+
 		$hookdata = [];
 		if ($channel)
 			$hookdata['channel'] = $channel;
 
-		$hookdata['data'] = 'application/x-zot-activity+json';
+		$hookdata['data'] = ['application/x-zot-activity+json'];
 
 		call_hooks('get_accept_header_string', $hookdata);
 
-		return $hookdata['data'];
+		$ret = implode(', ', $hookdata['data']);
+
+		return $ret;
 
 	}
 

Zotlabs/Lib/Apps.php

@@ -67,17 +67,15 @@ class Apps {
 	static public function get_base_apps() {
 		$x = get_config('system','base_apps',[
 			'Connections',
+			'Contact Roles',
 			'Network',
-			'Settings',
 			'Files',
-			'Channel Home',
-			'View Profile',
+			'Channel',
 			'Photos',
 			'Calendar',
 			'Directory',
 			'Search',
 			'Help',
-			'Profile Photo',
 			'HQ',
 			'Post'
 		]);
@@ -161,7 +159,7 @@ class Apps {
 		foreach(self::$available_apps as $iapp) {
 			if($iapp['app_id'] == hash('whirlpool',$app['name'])) {
 				$notfound = false;
-				if(($iapp['app_version'] !== $app['version'])
+				if((isset($app['version']) && $iapp['app_version'] !== $app['version'])
 					|| ($app['plugin'] && (! $iapp['app_plugin']))) {
 					return intval($iapp['app_id']);
 				}
@@ -238,6 +236,7 @@ class Apps {
 			$ret['photo'] = $baseurl . '/' . get_default_profile_photo(80);
 
 		$ret['type'] = 'system';
+		$ret['plugin'] = '';
 
 		foreach($ret as $k => $v) {
 			if(strpos($v,'http') === 0) {
@@ -346,7 +345,7 @@ class Apps {
 			'Files' => t('Files'),
 			'Webpages' => t('Webpages'),
 			'Wiki' => t('Wiki'),
-			'Channel Home' => t('Channel Home'),
+			'Channel' => t('Channel'),
 			'View Profile' => t('View Profile'),
 			'Photos' => t('Photos'),
 			'Calendar' => t('Calendar'),
@@ -377,10 +376,10 @@ class Apps {
 			'OAuth Apps Manager' => t('OAuth Apps Manager'),
 			'OAuth2 Apps Manager' => t('OAuth2 Apps Manager'),
 			'PDL Editor' => t('PDL Editor'),
-			'Permission Categories' => t('Permission Categories'),
+			'Contact Roles' => t('Contact Roles'),
 			'Public Stream' => t('Public Stream'),
 			'My Chatrooms' => t('My Chatrooms'),
-			'Channel Export' => t('Channel Export'),
+			'Channel Export' => t('Channel Export')
 		);
 
 		if(array_key_exists('name',$arr)) {
@@ -428,7 +427,7 @@ class Apps {
 
 		self::translate_system_apps($papp);
 
-		if(trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin']))))
+		if(isset($papp['plugin']) && trim($papp['plugin']) && (! plugin_is_installed(trim($papp['plugin']))))
 			return '';
 
 		$papp['papp'] = self::papp_encode($papp);
@@ -523,8 +522,13 @@ class Apps {
 		$hosturl = '';
 
 		if(local_channel()) {
-			if(self::app_installed(local_channel(),$papp) && !$papp['deleted'])
+			if(self::app_installed(local_channel(),$papp)) {
 				$installed = true;
+			}
+
+			if ($installed && isset($papp['deleted']) && $papp['deleted']) {
+				$installed = false;
+			}
 
 			$hosturl = z_root() . '/';
 		}
@@ -597,12 +601,12 @@ class Apps {
 			'$edit' => ((local_channel() && $installed && $mode == 'edit') ? t('Edit') : ''),
 			'$delete' => ((local_channel() && $mode == 'edit') ? t('Delete') : ''),
 			'$undelete' => ((local_channel() && $mode == 'edit') ? t('Undelete') : ''),
-			'$settings_url' => ((local_channel() && $installed && $mode == 'list') ? $papp['settings_url'] : ''),
-			'$deleted' => $papp['deleted'],
+			'$settings_url' => ((local_channel() && $installed && $mode == 'list' && isset($papp['settings_url'])) ? $papp['settings_url'] : ''),
+			'$deleted' => $papp['deleted'] ?? false,
 			'$feature' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
 			'$pin' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
-			'$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true),
-			'$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true),
+			'$featured' => ((isset($papp['categories']) && strpos($papp['categories'], 'nav_featured_app') !== false) ? true : false),
+			'$pinned' => ((isset($papp['categories']) && strpos($papp['categories'], 'nav_pinned_app') !== false) ? true : false),
 			'$mode' => $mode,
 			'$add' => t('Add to app-tray'),
 			'$remove' => t('Remove from app-tray'),
@@ -641,7 +645,7 @@ class Apps {
 			);
 			if($r) {
 				if($app['uid']) {
-					if($app['categories'] && (! $app['term'])) {
+					if((isset($app['categories']) && $app['categories']) && !(isset($app['term']) && $app['term'])) {
 						$r[0]['term'] = q("select * from term where otype = %d and oid = %d",
 							intval(TERM_OBJ_APP),
 							intval($r[0]['id'])
@@ -1186,7 +1190,7 @@ class Apps {
 			$ret['success'] = true;
 			$ret['app_id'] = $darray['app_id'];
 		}
-		if($arr['categories']) {
+		if(isset($arr['categories']) && $arr['categories']) {
 			$x = q("select id from app where app_id = '%s' and app_channel = %d limit 1",
 				dbesc($darray['app_id']),
 				intval($darray['app_channel'])
@@ -1284,7 +1288,7 @@ class Apps {
 				intval(TERM_OBJ_APP),
 				intval($x[0]['id'])
 			);
-			if($arr['categories']) {
+			if(isset($arr['categories']) && $arr['categories']) {
 				$y = explode(',',$arr['categories']);
 				if($y) {
 					foreach($y as $t) {

Zotlabs/Lib/Connect.php

@@ -69,7 +69,7 @@ class Connect {
 		$xchan_hash = '';
 		$sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
 
-		$r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ",
+		$r = q("SELECT * FROM xchan LEFT JOIN hubloc ON xchan_hash = hubloc_hash WHERE ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ORDER BY hubloc_id DESC",
 			dbesc($url),
 			dbesc($url),
 			dbesc($url)
@@ -80,12 +80,13 @@ class Connect {
 			// reset results to the best record or the first if we don't have the best
 			// note: this is a single record and not an array of results
 
-			$r = Libzot::zot_record_preferred($r,'xchan_network');
+			$r = Libzot::zot_record_preferred($r, 'xchan_network');
 
 		}
 
 		$singleton = false;
 		$d = false;
+		$wf = false;
 
 		if (! $r) {
 
@@ -108,10 +109,12 @@ class Connect {
 
 		if ($wf || $d) {
 
+			$xchan_hash = (($wf) ? $wf : $url);
+
 			// something was discovered - find the record which was just created.
 
 			$r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s' ) $sql_options",
-				dbesc(($wf) ? $wf : $url),
+				dbesc($xchan_hash),
 				dbesc($url),
 				dbesc($url)
 			);
@@ -119,7 +122,7 @@ class Connect {
 			// convert to a single record (once again preferring a zot solution in the case of multiples)
 
 			if ($r) {
-				$r = Libzot::zot_record_preferred($r,'xchan_network');
+				$r = Libzot::zot_record_preferred($r, 'xchan_network');
 			}
 		}
 
@@ -261,7 +264,8 @@ class Connect {
 					'abook_feed'      => intval(($xchan['xchan_network'] === 'rss') ? 1 : 0),
 					'abook_created'   => datetime_convert(),
 					'abook_updated'   => datetime_convert(),
-					'abook_instance'  => (($singleton) ? z_root() : '')
+					'abook_instance'  => (($singleton) ? z_root() : ''),
+					'abook_role'      => get_pconfig($uid, 'system', 'default_permcat', 'default')
 				]
 			);
 		}
@@ -300,7 +304,7 @@ class Connect {
 		/** If there is a default group for this channel, add this connection to it */
 
 		if ($default_group) {
-			$g = AccessList::rec_byhash($uid,$default_group);
+			$g = AccessList::by_hash($uid,$default_group);
 			if ($g) {
 				AccessList::member_add($uid,'',$xchan_hash,$g['id']);
 			}

Zotlabs/Lib/Crypto.php

@@ -87,6 +87,10 @@ class Crypto {
 			return false;
 		}
 
+		if (!$alg) {
+			$alg = 'sha256';
+		}
+
 		try {
 			$verify = openssl_verify($data, $sig, $key, $alg);
 		} catch (Exception $e) {

Zotlabs/Lib/DReport.php

@@ -94,19 +94,6 @@ class DReport {
 		if(! $c)
 			return false;
 
-		// legacy zot recipients add a space and their name to the xchan. remove it if true.
-
-		$legacy_recipient = strpos($dr['recipient'], ' ');
-		if($legacy_recipient !== false) {
-			$legacy_recipient_parts = explode(' ', $dr['recipient'], 2);
-			$rxchan = $legacy_recipient_parts[0];
-		}
-		else {
-			$rxchan = $dr['recipient'];
-		}
-
-
-
 		// is the recipient one of our connections, or do we want to store every report?
 
 		$pcf = get_pconfig($c[0]['channel_id'],'system','dreport_store_all');
@@ -117,7 +104,7 @@ class DReport {
 		// So if a remote site says they can't find us, that's no big surprise
 		// and just creates a lot of extra report noise
 
-		if(($dr['location'] !== z_root()) && ($dr['sender'] === $rxchan) && ($dr['status'] === 'recipient not found'))
+		if(($dr['location'] !== z_root()) && ($dr['sender'] === $dr['recipient']) && ($dr['status'] === 'recipient not found'))
 			return false;
 
 		// If you have a private post with a recipient list, every single site is going to report
@@ -126,14 +113,14 @@ class DReport {
 		// have a channel on that site.
 
 		$r = q("select hubloc_id from hubloc where hubloc_hash = '%s' and hubloc_url = '%s'",
-			dbesc($rxchan),
+			dbesc($dr['recipient']),
 			dbesc($dr['location'])
 		);
 		if((! $r) && ($dr['status'] === 'recipient_not_found'))
 			return false;
 
 		$r = q("select abook_id from abook where abook_xchan = '%s' and abook_channel = %d limit 1",
-			dbesc($rxchan),
+			dbesc($dr['recipient']),
 			intval($c[0]['channel_id'])
 		);
 		if($r)

Zotlabs/Lib/Enotify.php

@@ -122,8 +122,11 @@ class Enotify {
 	// e.g. "your post", "David's photo", etc.
 	$possess_desc = t('%s <!item_type!>');
 
+	$parent_mid = '';
+	$parent_item = [];
+
 // @@TODO: consider using switch instead of those elseif
-	if ($params['type'] == NOTIFY_MAIL) {
+	if (isset($params['type']) && $params['type'] == NOTIFY_MAIL) {
 		logger('notification: mail');
 		$subject = 	sprintf( t('[$Projectname:Notify] New direct message received at %s'), $sitename);
 
@@ -135,7 +138,7 @@ class Enotify {
 		$itemlink = $siteurl . '/hq/' . gen_link_id($params['item']['mid']);
 	}
 
-	elseif ($params['type'] === NOTIFY_COMMENT) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_COMMENT) {
 		//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
 
 		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
@@ -167,7 +170,7 @@ class Enotify {
 
 		}
 
-		$parent_mid = $params['parent_mid'];
+		$parent_mid = $params['parent_mid'] ?? '';
 
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification
@@ -251,20 +254,20 @@ class Enotify {
 
 	}
 
-	elseif ($params['type'] === NOTIFY_LIKE) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_LIKE) {
 //		logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
 
 		$itemlink =  $params['link'];
 
-		if (array_key_exists('item',$params) && activity_match($params['item']['verb'],ACTIVITY_LIKE)) {
-			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE)) {
+		if (array_key_exists('item',$params) && (activity_match($params['item']['verb'], ACTIVITY_LIKE) || activity_match($params['item']['verb'], ACTIVITY_DISLIKE))) {
+			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE) || !feature_enabled($recip['channel_id'], 'dislike')) {
 				logger('notification: not a visible activity. Ignoring.');
 				pop_lang();
 				return;
 			}
 		}
 
-		$parent_mid = $params['parent_mid'];
+		$parent_mid = $params['parent_mid'] ?? '';
 
 		// Check to see if there was already a notify for this post.
 		// If so don't create a second notification
@@ -291,22 +294,29 @@ class Enotify {
 			);
 		}
 
+		if (!$p) {
+			pop_lang();
+			return;
+		}
+
 		xchan_query($p);
 
-//@@FIXME $p can be null (line 285)
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
 
 		$parent_item = $p[0];
 
+		$verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked'));
 
 		// "your post"
 		if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
-			$dest_str = sprintf(t('%1$s liked [zrl=%2$s]your %3$s[/zrl]'),
+			$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]your %4$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
+				$verb,
 				$itemlink,
-				$item_post_type);
+				$item_post_type
+			);
 		else {
 			pop_lang();
 			return;
@@ -328,7 +338,7 @@ class Enotify {
 
 
 
-	elseif($params['type'] === NOTIFY_WALL) {
+	elseif(isset($params['type']) && $params['type'] === NOTIFY_WALL) {
 		$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
 
 		$preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
@@ -343,7 +353,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	elseif ($params['type'] === NOTIFY_TAGSELF) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_TAGSELF) {
 
 		$p = q("select id from notify where link = '%s' and uid = %d limit 1",
 			dbesc($params['link']),
@@ -367,7 +377,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	elseif ($params['type'] === NOTIFY_POKE) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_POKE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
@@ -384,7 +394,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	elseif ($params['type'] === NOTIFY_TAGSHARE) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_TAGSHARE) {
 		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
@@ -397,7 +407,7 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	elseif ($params['type'] === NOTIFY_INTRO) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_INTRO) {
 		$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
 		$preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
@@ -411,7 +421,7 @@ class Enotify {
 		$itemlink = $params['link'];
 	}
 
-	elseif ($params['type'] === NOTIFY_SUGGEST) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_SUGGEST) {
 		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
 		$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
@@ -429,11 +439,11 @@ class Enotify {
 		$itemlink =  $params['link'];
 	}
 
-	elseif ($params['type'] === NOTIFY_CONFIRM) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_CONFIRM) {
 		// ?
 	}
 
-	elseif ($params['type'] === NOTIFY_SYSTEM) {
+	elseif (isset($params['type']) && $params['type'] === NOTIFY_SYSTEM) {
 		// ?
 	}
 
@@ -488,12 +498,13 @@ class Enotify {
 	$datarray['link']   = $itemlink;
 	$datarray['parent'] = $parent_mid;
 	$datarray['parent_item'] = $parent_item;
-	$datarray['ntype']   = $params['type'];
-	$datarray['verb']   = $params['verb'];
-	$datarray['otype']  = $params['otype'];
+	$datarray['ntype']   = $params['type'] ?? '';
+	$datarray['verb']   = $params['verb'] ?? '';
+	$datarray['otype']  = $params['otype'] ?? '';
  	$datarray['abort']  = false;
+	$datarray['seen'] = 0;
 
-	$datarray['item'] = $params['item'];
+	$datarray['item'] = $params['item'] ?? [];
 
 	call_hooks('enotify_store', $datarray);
 
@@ -504,7 +515,6 @@ class Enotify {
 
 
 	// create notification entry in DB
-	$seen = 0;
 
 	// Mark some notifications as seen right away
 	// Note! The notification have to be created, because they are used to send emails
@@ -514,7 +524,7 @@ class Enotify {
 
 	if (!$always_show_in_notices) {
 		if (($params['type'] === NOTIFY_WALL) || ($params['type'] === NOTIFY_MAIL) || ($params['type'] === NOTIFY_INTRO)) {
-			$seen = 1;
+			$datarray['seen'] = 1;
 		}
 	}
 
@@ -530,7 +540,7 @@ class Enotify {
 		intval($datarray['uid']),
 		dbesc($datarray['link']),
 		dbesc($datarray['parent']),
-		intval($seen),
+		intval($datarray['seen']),
 		intval($datarray['ntype']),
 		dbesc($datarray['verb']),
 		dbesc($datarray['otype'])
@@ -606,8 +616,8 @@ class Enotify {
 		$datarray['preamble']     = $preamble;
 		$datarray['sitename']     = $sitename;
 		$datarray['siteurl']      = $siteurl;
-		$datarray['type']         = $params['type'];
-		$datarray['parent']       = $params['parent_mid'];
+		$datarray['type']         = $params['type'] ?? '';
+		$datarray['parent']       = $params['parent_mid'] ?? '';
 		$datarray['source_name']  = $sender['xchan_name'];
 		$datarray['source_link']  = $sender['xchan_url'];
 		$datarray['source_photo'] = $sender['xchan_photo_s'];
@@ -674,7 +684,6 @@ class Enotify {
 			'$source_name'  => $datarray['source_name'],
 			'$source_link'  => $datarray['source_link'],
 			'$source_photo' => $datarray['source_photo'],
-			'$username'     => $datarray['to_name'],
 			'$hsitelink'    => $datarray['hsitelink'],
 			'$hitemlink'    => $datarray['hitemlink'],
 			'$thanks'       => $datarray['thanks'],
@@ -696,7 +705,6 @@ class Enotify {
 			'$source_name'  => $datarray['source_name'],
 			'$source_link'  => $datarray['source_link'],
 			'$source_photo' => $datarray['source_photo'],
-			'$username'     => $datarray['to_name'],
 			'$tsitelink'    => $datarray['tsitelink'],
 			'$titemlink'    => $datarray['titemlink'],
 			'$thanks'       => $datarray['thanks'],
@@ -808,10 +816,10 @@ class Enotify {
 
 		localize_item($item);
 
-		if($item['shortlocalize']) {
+		if(isset($item['shortlocalize'])) {
 			$itemem_text = $item['shortlocalize'];
 		}
-		elseif($item['localize']) {
+		elseif(isset($item['localize'])) {
 			$itemem_text = $item['localize'];
 		}
 		else {
@@ -820,10 +828,18 @@ class Enotify {
 				: (($item['obj_type'] === 'Answer') ? sprintf( t('voted on %s\'s poll'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]') : sprintf( t('commented on %s\'s post'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]'))
 			);
 
-			if($item['verb'] === ACTIVITY_SHARE) {
+			if($item['verb'] === ACTIVITY_SHARE && empty($item['owner']['xchan_pubforum'])) {
 				$itemem_text = sprintf( t('repeated %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
 			}
 
+			if($item['verb'] === ACTIVITY_LIKE) {
+				$itemem_text = sprintf( t('liked %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
+			}
+
+			if($item['verb'] === ACTIVITY_DISLIKE) {
+				$itemem_text = sprintf( t('disliked %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
+			}
+
 			if(in_array($item['obj_type'], ['Document', 'Video', 'Audio', 'Image'])) {
 				$itemem_text = t('shared a file with you');
 			}
@@ -844,12 +860,16 @@ class Enotify {
 
 		// convert this logic into a json array just like the system notifications
 
-		$who = (($item['verb'] === ACTIVITY_SHARE) ? 'owner' : 'author');
+		$who = (($item['verb'] === ACTIVITY_SHARE && empty($item['owner']['xchan_pubforum'])) ? 'owner' : 'author');
+		$body = html2plain(bbcode($item['body'], ['drop_media' => true, 'tryoembed' => false]), 75, true);
+		if ($body) {
+			$body = htmlentities($body, ENT_QUOTES, 'UTF-8', false);
+		}
 
 		$x = array(
 			'notify_link' => $item['llink'],
 			'name' => $item[$who]['xchan_name'],
-			'addr' => (($item[$who]['xchan_addr']) ? $item[$who]['xchan_addr'] : $item[$who]['xchan_url']),
+			'addr' => $item[$who]['xchan_addr'] ? $item[$who]['xchan_addr'] : $item[$who]['xchan_url'],
 			'url' => $item[$who]['xchan_url'],
 			'photo' => $item[$who]['xchan_photo_s'],
 			'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])),
@@ -858,7 +878,7 @@ class Enotify {
 			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? gen_link_id($item['thr_parent']) : gen_link_id($item['mid'])),
 			'thread_top' => (($item['item_thread_top']) ? true : false),
 			'message' => bbcode(escape_tags($itemem_text)),
-			'body' =>  htmlentities(html2plain(bbcode($item['body'], ['drop_media', true]), 75, true), ENT_QUOTES, 'UTF-8', false),
+			'body' => $body,
 			// these are for the superblock addon
 			'hash' => $item[$who]['xchan_hash'],
 			'uid' => $item['uid'],
@@ -902,7 +922,7 @@ class Enotify {
 	static public function format_intros($rr) {
 
 		return [
-			'notify_link' => z_root() . '/connections/ifpending',
+			'notify_link' => z_root() . '/connections#' . $rr['abook_id'],
 			'name' => $rr['xchan_name'],
 			'addr' => $rr['xchan_addr'],
 			'url' => $rr['xchan_url'],

Zotlabs/Lib/Group.php

@@ -1,405 +0,0 @@
-<?php 
-
-namespace Zotlabs\Lib;
-
-use Zotlabs\Lib\Libsync;
-
-
-class Group {
-	
-	static function add($uid,$name,$public = 0) {
-
-		$ret = false;
-		if(x($uid) && x($name)) {
-			$r = self::byname($uid,$name); // check for dups
-			if($r !== false) {
-
-				// This could be a problem. 
-				// Let's assume we've just created a group which we once deleted
-				// all the old members are gone, but the group remains so we don't break any security
-				// access lists. What we're doing here is reviving the dead group, but old content which
-				// was restricted to this group may now be seen by the new group members. 
-
-				$z = q("SELECT * FROM pgrp WHERE id = %d LIMIT 1",
-					intval($r)
-				);
-				if(($z) && $z[0]['deleted']) {
-					q('UPDATE pgrp SET deleted = 0 WHERE id = %d', intval($z[0]['id']));
-					notice( t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL); 
-				}
-				return true;
-			}
-
-			do {
-				$dups = false;
-				$hash = random_string(32) . str_replace(['<','>'],['.','.'], $name);
-
-				$r = q("SELECT id FROM pgrp WHERE hash = '%s' LIMIT 1", dbesc($hash));
-				if($r)
-					$dups = true;
-			} while($dups == true);
-
-
-			$r = q("INSERT INTO pgrp ( hash, uid, visible, gname )
-				VALUES( '%s', %d, %d, '%s' ) ",
-				dbesc($hash),
-				intval($uid),
-				intval($public),
-				dbesc($name)
-			);
-			$ret = $r;
-		}
-
-		Libsync::build_sync_packet($uid,null,true);
-		return $ret;
-	}
-
-
-	static function remove($uid,$name) {
-		$ret = false;
-		if(x($uid) && x($name)) {
-			$r = q("SELECT id, hash FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
-				intval($uid),
-				dbesc($name)
-			);
-			if($r) {
-				$group_id = $r[0]['id'];
-				$group_hash = $r[0]['hash'];
-			}
-
-			if(! $group_id)
-				return false;
-
-			// remove group from default posting lists
-			$r = q("SELECT channel_default_group, channel_allow_gid, channel_deny_gid FROM channel WHERE channel_id = %d LIMIT 1",
-			       intval($uid)
-			);
-			if($r) {
-				$user_info = $r[0];
-				$change = false;
-
-				if($user_info['channel_default_group'] == $group_hash) {
-					$user_info['channel_default_group'] = '';
-					$change = true;
-				}
-				if(strpos($user_info['channel_allow_gid'], '<' . $group_hash . '>') !== false) {
-					$user_info['channel_allow_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_allow_gid']);
-					$change = true;
-				}
-				if(strpos($user_info['channel_deny_gid'], '<' . $group_hash . '>') !== false) {
-					$user_info['channel_deny_gid'] = str_replace('<' . $group_hash . '>', '', $user_info['channel_deny_gid']);
-					$change = true;
-				}
-
-				if($change) {
-					q("UPDATE channel SET channel_default_group = '%s', channel_allow_gid = '%s', channel_deny_gid = '%s' 
-						WHERE channel_id = %d",
-						intval($user_info['channel_default_group']),
-						dbesc($user_info['channel_allow_gid']),
-						dbesc($user_info['channel_deny_gid']),
-						intval($uid)
-					);
-				}
-			}
-
-			// remove all members
-			$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d ",
-				intval($uid),
-				intval($group_id)
-			);
-
-			// remove group
-			$r = q("UPDATE pgrp SET deleted = 1 WHERE uid = %d AND gname = '%s'",
-				intval($uid),
-				dbesc($name)
-			);
-
-			$ret = $r;
-
-		}
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $ret;
-	}
-
-
-	static function byname($uid,$name) {
-		if((! $uid) || (! strlen($name)))
-			return false;
-		$r = q("SELECT * FROM pgrp WHERE uid = %d AND gname = '%s' LIMIT 1",
-			intval($uid),
-			dbesc($name)
-		);
-		if($r)
-			return $r[0]['id'];
-		return false;
-	}
-
-
-	static function rec_byhash($uid,$hash) {
-		if((! $uid) || (! strlen($hash)))
-			return false;
-		$r = q("SELECT * FROM pgrp WHERE uid = %d AND hash = '%s' LIMIT 1",
-			intval($uid),
-			dbesc($hash)
-		);
-		if($r)
-			return $r[0];
-		return false;
-	}
-
-
-	static function member_remove($uid,$name,$member) {
-		$gid = self::byname($uid,$name);
-		if(! $gid)
-			return false;
-		if(! ( $uid && $gid && $member))
-			return false;
-		$r = q("DELETE FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' ",
-			intval($uid),
-			intval($gid),
-			dbesc($member)
-		);
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $r;
-	}
-
-
-	static function member_add($uid,$name,$member,$gid = 0) {
-		if(! $gid)
-			$gid = self::byname($uid,$name);
-		if((! $gid) || (! $uid) || (! $member))
-			return false;
-
-		$r = q("SELECT * FROM pgrp_member WHERE uid = %d AND gid = %d AND xchan = '%s' LIMIT 1",	
-			intval($uid),
-			intval($gid),
-			dbesc($member)
-		);
-		if($r)
-			return true;	// You might question this, but 
-				// we indicate success because the group member was in fact created
-				// -- It was just created at another time
-	 	if(! $r)
-			$r = q("INSERT INTO pgrp_member (uid, gid, xchan)
-				VALUES( %d, %d, '%s' ) ",
-				intval($uid),
-				intval($gid),
-				dbesc($member)
-		);
-
-		Libsync::build_sync_packet($uid,null,true);
-
-		return $r;
-	}
-
-
-	static function members($gid) {
-		$ret = array();
-		if(intval($gid)) {
-			$r = q("SELECT * FROM pgrp_member 
-				LEFT JOIN abook ON abook_xchan = pgrp_member.xchan left join xchan on xchan_hash = abook_xchan
-				WHERE gid = %d AND abook_channel = %d and pgrp_member.uid = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 ORDER BY xchan_name ASC ",
-				intval($gid),
-				intval(local_channel()),
-				intval(local_channel())
-			);
-			if($r)
-				$ret = $r;
-		}
-		return $ret;
-	}
-
-	static function members_xchan($gid) {
-		$ret = [];
-		if(intval($gid)) {
-			$r = q("SELECT xchan FROM pgrp_member WHERE gid = %d AND uid = %d",
-				intval($gid),
-				intval(local_channel())
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$ret[] = $rr['xchan'];
-				}
-			}
-		}
-		return $ret;
-	}
-
-	static function members_profile_xchan($uid,$gid) {
-		$ret = [];
-
-		if(intval($gid)) {
-			$r = q("SELECT abook_xchan as xchan from abook left join profile on abook_profile = profile_guid where profile.id = %d and profile.uid = %d",
-				intval($gid),
-				intval($uid)
-			);
-			if($r) {
-				foreach($r as $rr) {
-					$ret[] = $rr['xchan'];
-				}
-			}
-		}
-		return $ret;
-	}
-
-
-
-
-	static function select($uid,$group = '') {
-	
-		$grps = [];
-		$o = '';
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($uid)
-		);
-		$grps[] = array('name' => '', 'hash' => '0', 'selected' => '');
-		if($r) {
-			foreach($r as $rr) {
-				$grps[] = array('name' => $rr['gname'], 'id' => $rr['hash'], 'selected' => (($group == $rr['hash']) ? 'true' : ''));
-			}
-
-		}
-		logger('select: ' . print_r($grps,true), LOGGER_DATA);
-
-		$o = replace_macros(get_markup_template('group_selection.tpl'), array(
-			'$label' => t('Add new connections to this privacy group'),
-			'$groups' => $grps 
-		));
-		return $o;
-	}
-
-
-
-
-	static function widget($every="connections",$each="group",$edit = false, $group_id = 0, $cid = '',$mode = 1) {
-
-		$o = '';
-
-		if(! (local_channel() && feature_enabled(local_channel(),'groups'))) {
-			return '';
-		}
-
-		$groups = array();
-
-		$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-			intval($_SESSION['uid'])
-		);
-		$member_of = array();
-		if($cid) {
-			$member_of = self::containing(local_channel(),$cid);
-		} 
-
-		if($r) {
-			foreach($r as $rr) {
-				$selected = (($group_id == $rr['id']) ? ' group-selected' : '');
-			
-				if ($edit) {
-					$groupedit = [ 'href' => "group/".$rr['id'], 'title' => t('edit') ];
-				} 
-				else {
-					$groupedit = null;
-				}
-			
-				$groups[] = [
-					'id'		=> $rr['id'],
-					'enc_cid'   => base64url_encode($cid),
-					'cid'		=> $cid,
-					'text' 		=> $rr['gname'],
-					'selected' 	=> $selected,
-					'href'		=> (($mode == 0) ? $each.'?f=&gid='.$rr['id'] : $each."/".$rr['id']) . ((x($_GET,'new')) ? '&new=' . $_GET['new'] : '') . ((x($_GET,'order')) ? '&order=' . $_GET['order'] : ''),
-					'edit'		=> $groupedit,
-					'ismember'	=> in_array($rr['id'],$member_of),
-				];
-			}
-		}
-	
-	
-		$tpl = get_markup_template("group_side.tpl");
-		$o = replace_macros($tpl, array(
-			'$title'		=> t('Privacy Groups'),
-			'$edittext'     => t('Edit group'),
-			'$createtext' 	=> t('Add privacy group'),
-			'$ungrouped'    => (($every === 'contacts') ? t('Channels not in any privacy group') : ''),
-			'$groups'		=> $groups,
-			'$add'			=> t('add'),
-		));
-		
-	
-		return $o;
-	}
-
-
-	static function expand($g) {
-		if(! (is_array($g) && count($g)))
-			return array();
-
-		$ret = [];
-		$x   = [];
-
-		// private profile linked virtual groups
-
-		foreach($g as $gv) {
-			if(substr($gv,0,3) === 'vp.') {
-				$profile_hash = substr($gv,3);
-				if($profile_hash) {
-					$r = q("select abook_xchan from abook where abook_profile = '%s'",
-						dbesc($profile_hash)
-					);
-					if($r) {
-						foreach($r as $rv) {
-							$ret[] = $rv['abook_xchan'];
-						}
-					}
-				}
-			}
-			else {
-				$x[] = $gv;
-			}
-		}								 
-
-		if($x) {
-			stringify_array_elms($x,true);
-			$groups = implode(',', $x);
-			if($groups) {
-				$r = q("SELECT xchan FROM pgrp_member WHERE gid IN ( select id from pgrp where hash in ( $groups ))");
-				if($r) {
-					foreach($r as $rr) {
-						$ret[] = $rr['xchan'];
-					}
-				}
-			}
-		}
-		return $ret;
-	}
-
-
-	static function member_of($c) {
-		$r = q("SELECT pgrp.gname, pgrp.id FROM pgrp LEFT JOIN pgrp_member ON pgrp_member.gid = pgrp.id WHERE pgrp_member.xchan = '%s' AND pgrp.deleted = 0 ORDER BY pgrp.gname  ASC ",
-			dbesc($c)
-		);
-
-		return $r;
-
-	}
-
-	static function containing($uid,$c) {
-
-		$r = q("SELECT gid FROM pgrp_member WHERE uid = %d AND pgrp_member.xchan = '%s' ",
-			intval($uid),
-			dbesc($c)
-		);
-
-		$ret = array();
-		if($r) {
-			foreach($r as $rr)
-				$ret[] = $rr['gid'];
-		}
-	
-		return $ret;
-	}
-}

Zotlabs/Lib/LDSignatures.php

@@ -75,22 +75,23 @@ class LDSignatures {
 	}
 
 	static function hash($obj) {
-
-		return hash('sha256',self::normalise($obj));
+		return hash('sha256', self::normalise($obj));
 	}
 
 	static function normalise($data) {
+		$ret = '';
+
 		if(is_string($data)) {
 			$data = json_decode($data);
 		}
 
 		if(! is_object($data))
-			return '';
+			return $ret;
 
 		jsonld_set_document_loader('jsonld_document_loader');
 
 		try {
-			$d = jsonld_normalize($data,[ 'algorithm' => 'URDNA2015', 'format' => 'application/nquads' ]);
+			$ret = jsonld_normalize($data,[ 'algorithm' => 'URDNA2015', 'format' => 'application/nquads' ]);
 		}
 		catch (\Exception $e) {
 			// Don't log the exception - this can exhaust memory
@@ -98,7 +99,7 @@ class LDSignatures {
 			logger('normalise error: ' . print_r($data,true));
 		}
 
-		return $d;
+		return $ret;
 	}
 
 	static function salmon_sign($data,$channel) {

Zotlabs/Lib/Libsync.php

@@ -135,8 +135,7 @@ class Libsync {
 				$info['collection_members'] = $r;
 		}
 
-		$interval = ((get_config('system', 'delivery_interval') !== false)
-			? intval(get_config('system', 'delivery_interval')) : 2);
+		$interval = get_config('queueworker', 'queue_interval', 500000);
 
 		logger('Packet: ' . print_r($info, true), LOGGER_DATA, LOG_DEBUG);
 
@@ -155,19 +154,26 @@ class Libsync {
 			]);
 
 
+			/*
 			$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
+
 			if (intval($x[0]['total']) > intval(get_config('system', 'force_queue_threshold', 3000))) {
 				logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
 				Queue::update($hash);
 				continue;
 			}
-
+			*/
 
 			Master::Summon(['Deliver', $hash]);
-			$total = $total - 1;
 
-			if ($interval && $total)
-				@time_sleep_until(microtime(true) + (float)$interval);
+			/*
+			$total = $total - 1;
+			*/
+
+			if ($interval) {
+				usleep($interval);
+			}
+
 		}
 	}
 
@@ -192,7 +198,10 @@ class Libsync {
 				dbesc($sender)
 			);
 
-			$DR = new DReport(z_root(), $sender, $d, 'sync');
+			$mid = 'sync';
+
+
+			$DR = new DReport(z_root(), $sender, $d, $mid);
 
 			if (!$r) {
 				$DR->update('recipient not found');
@@ -202,6 +211,7 @@ class Libsync {
 
 			$channel = $r[0];
 
+
 			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
 
 			$max_friends = service_class_fetch($channel['channel_id'], 'total_channels');
@@ -230,8 +240,35 @@ class Libsync {
 
 			if (array_key_exists('config', $arr) && is_array($arr['config']) && count($arr['config'])) {
 				foreach ($arr['config'] as $cat => $k) {
-					foreach ($arr['config'][$cat] as $k => $v)
-						set_pconfig($channel['channel_id'], $cat, $k, $v);
+					$pconfig_updated = [];
+
+					foreach($arr['config'][$cat] as $k => $v) {
+						if ($cat === 'hz_delpconfig' && strpos($k, 'b64.') === 0) {
+							$delpconfig = explode(':', unpack_link_id($k));
+
+							// delete the provided pconfig
+							del_pconfig($channel['channel_id'], $delpconfig[0], $delpconfig[1], $v);
+
+							// delete the messenger pconfig
+							del_pconfig($channel['channel_id'], 'hz_delpconfig', $k);
+						}
+
+						if (strpos($k,'pcfgud:') === 0) {
+							$realk = substr($k,7);
+							$pconfig_updated[$realk] = $v;
+							unset($arr['config'][$cat][$k]);
+						}
+					}
+
+					foreach($arr['config'][$cat] as $k => $v) {
+						if (!isset($pconfig_updated[$k])) {
+							$pconfig_updated[$k] = NULL;
+						}
+
+						if ($cat !== 'hz_delpconfig') {
+							set_pconfig($channel['channel_id'],$cat,$k,$v,$pconfig_updated[$k]);
+						}
+					}
 				}
 			}
 
@@ -266,8 +303,10 @@ class Libsync {
 			if (array_key_exists('event_item', $arr) && $arr['event_item'])
 				sync_items($channel, $arr['event_item'], ((array_key_exists('relocate', $arr)) ? $arr['relocate'] : null));
 
-			if (array_key_exists('item', $arr) && $arr['item'])
+			if (array_key_exists('item', $arr) && $arr['item']) {
 				sync_items($channel, $arr['item'], ((array_key_exists('relocate', $arr)) ? $arr['relocate'] : null));
+				$mid = $arr['item'][0]['message_id'] . '#sync';
+			}
 
 			// deprecated, maintaining for a few months for upward compatibility
 			// this should sync webpages, but the logic is a bit subtle
@@ -384,19 +423,42 @@ class Libsync {
 					// This relies on the undocumented behaviour that red sites send xchan info with the abook
 					// and import_author_xchan will look them up on all federated networks
 
-					if ($abook['abook_xchan'] && $abook['xchan_addr']) {
+					$found = false;
+					if ($abook['abook_xchan'] && $abook['xchan_addr'] && (! in_array($abook['xchan_network'], [ 'token', 'unknown' ]))) {
 						$h = Libzot::get_hublocs($abook['abook_xchan']);
-						if (!$h) {
+						if ($h) {
+							$found = true;
+						}
+						else {
 							$xhash = import_author_xchan(encode_item_xchan($abook));
-							if (!$xhash) {
+							if ($xhash) {
+								$found = true;
+							}
+							else {
 								logger('Import of ' . $abook['xchan_addr'] . ' failed.');
-								continue;
 							}
 						}
 					}
 
+					if (!$found && !in_array($abook['xchan_network'], ['zot6', 'activitypub', 'diaspora'])) {
+						// just import the record.
+						$xc = [];
+						foreach ($abook as $k => $v) {
+							if (strpos($k,'xchan_') === 0) {
+								$xc[$k] = $v;
+							}
+						}
+						$r = q("select * from xchan where xchan_hash = '%s'",
+							dbesc($xc['xchan_hash'])
+						);
+						if (! $r) {
+							xchan_store_lowlevel($xc);
+						}
+					}
+
+
 					foreach ($abook as $k => $v) {
-						if (in_array($k, $disallowed) || (strpos($k, 'abook') !== 0)) {
+						if (in_array($k, $disallowed) || (strpos($k, 'abook_') !== 0)) {
 							continue;
 						}
 						if (!in_array($k, $fields)) {
@@ -410,6 +472,13 @@ class Libsync {
 
 					if (array_key_exists('abook_instance', $clean) && $clean['abook_instance'] && strpos($clean['abook_instance'], z_root()) === false) {
 						$clean['abook_not_here'] = 1;
+
+						// guest pass or access token - don't try to probe since it is one-way
+						// we are relying on the undocumented behaviour that the abook record also contains the xchan
+						if ($abook['xchan_network'] === 'token') {
+							$clean['abook_instance'] .= ',';
+							$clean['abook_instance'] .= z_root();
+						}
 					}
 
 
@@ -683,13 +752,12 @@ class Libsync {
 			 */
 			call_hooks('process_channel_sync_delivery', $addon);
 
-			$DR = new DReport(z_root(), $d, $d, 'sync', 'channel sync delivered');
+			$DR = new DReport(z_root(), $d, $d, $mid, 'channel sync processed');
 
 			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
 
 			$result[] = $DR->get();
 		}
-
 		return $result;
 	}
 
@@ -698,13 +766,14 @@ class Libsync {
 	 *
 	 * @param array $sender
 	 * @param array $arr
-	 * @param boolean $absolute (optional) default false
 	 * @return array
 	 */
 
-	static function sync_locations($sender, $arr, $absolute = false) {
+	static function sync_locations($sender, $arr) {
 
 		$ret = [];
+		$what = '';
+		$changed = false;
 
 		// If a sender reports that the channel has been deleted, delete its hubloc
 		if (isset($arr['deleted_locally']) && intval($arr['deleted_locally'])) {
@@ -715,10 +784,7 @@ class Libsync {
 			);
 		}
 
-		if ($arr['locations']) {
-
-			if ($absolute)
-				Libzot::check_location_move($sender['hash'], $arr['locations']);
+		if (isset($arr['locations']) && $arr['locations']) {
 
 			$xisting = q("select * from hubloc where hubloc_hash = '%s'",
 				dbesc($sender['hash'])
@@ -792,7 +858,9 @@ class Libsync {
 						);
 					}
 
-					// update connection timestamp if this is the site we're talking to
+					// Update connection timestamp if this is the site we're talking to.
+					// Also mark all entries from the current site with different sitekeys
+					// deleted (the site has been re-installed)
 					// This only happens when called from import_xchan
 
 					$current_site = false;
@@ -806,6 +874,12 @@ class Libsync {
 							intval($r[0]['hubloc_id']),
 							dbesc($t)
 						);
+
+						q("update hubloc set hubloc_error = 1, hubloc_deleted = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s'",
+							dbesc($r[0]['hubloc_url']),
+							dbesc($r[0]['hubloc_sitekey'])
+						);
+
 						$current_site = true;
 					}
 
@@ -855,14 +929,7 @@ class Libsync {
 						$what    .= 'primary_hub ';
 						$changed = true;
 					}
-					elseif ($absolute) {
-						// Absolute sync - make sure the current primary is correctly reflected in the xchan
-						$pr = hubloc_change_primary($r[0]);
-						if ($pr) {
-							$what    .= 'xchan_primary ';
-							$changed = true;
-						}
-					}
+
 					if (intval($r[0]['hubloc_deleted']) && (!intval($location['deleted']))) {
 						q("update hubloc set hubloc_deleted = 0, hubloc_updated = '%s' where hubloc_id_url = '%s'",
 							dbesc(datetime_convert()),
@@ -931,9 +998,9 @@ class Libsync {
 				}
 			}
 
-			// get rid of any hubs we have for this channel which weren't reported.
+			// get rid of any hublocs we have for this channel which weren't reported.
 
-			if ($absolute && $xisting) {
+			if ($xisting) {
 				foreach ($xisting as $x) {
 					if (!array_key_exists('updated', $x)) {
 						logger('Deleting unreferenced hub location ' . $x['hubloc_addr']);

Zotlabs/Lib/Libzotdir.php

@@ -145,8 +145,8 @@ class Libzotdir {
 		if(! $directory_sort_order)
 			$directory_sort_order = 'date';
 
-		$current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : $directory_sort_order);
-		$suggest = (($_REQUEST['suggest']) ? '&suggest=' . $_REQUEST['suggest'] : '');
+		$current_order = $_REQUEST['order'] ?? $directory_sort_order;
+		$suggest = ((isset($_REQUEST['suggest'])) ? '&suggest=' . $_REQUEST['suggest'] : '');
 
 		$url = 'directory?f=';
 
@@ -453,22 +453,29 @@ class Libzotdir {
 		if (! $hash)
 			return false;
 
-		$arr = array();
+		$arr = [];
 
-		$arr['xprof_hash']         = $hash;
-		$arr['xprof_dob']          = (($profile['birthday'] === '0000-00-00') ? $profile['birthday'] : datetime_convert('','',$profile['birthday'],'Y-m-d')); // !!!! check this for 0000 year
-		$arr['xprof_age']          = (($profile['age'])         ? intval($profile['age']) : 0);
-		$arr['xprof_desc']         = (($profile['description']) ? htmlspecialchars($profile['description'], ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_gender']       = (($profile['gender'])      ? htmlspecialchars($profile['gender'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_marital']      = (($profile['marital'])     ? htmlspecialchars($profile['marital'],     ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_sexual']       = (($profile['sexual'])      ? htmlspecialchars($profile['sexual'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_locale']       = (($profile['locale'])      ? htmlspecialchars($profile['locale'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_region']       = (($profile['region'])      ? htmlspecialchars($profile['region'],      ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_postcode']     = (($profile['postcode'])    ? htmlspecialchars($profile['postcode'],    ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_country']      = (($profile['country'])     ? htmlspecialchars($profile['country'],     ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_about']        = (($profile['about'])       ? htmlspecialchars($profile['about'],       ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_homepage']     = (($profile['homepage'])    ? htmlspecialchars($profile['homepage'],    ENT_COMPAT,'UTF-8',false) : '');
-		$arr['xprof_hometown']     = (($profile['hometown'])    ? htmlspecialchars($profile['hometown'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_hash'] = $hash;
+		$arr['xprof_dob'] = '0000-00-00';
+
+		if (isset($profile['birthday'])) {
+			$arr['xprof_dob'] = (($profile['birthday'] === '0000-00-00')
+			? $profile['birthday']
+			: datetime_convert('', '', $profile['birthday'], 'Y-m-d')); // !!!! check this for 0000 year
+		}
+
+		$arr['xprof_age']          = ((isset($profile['age']) && $profile['age']) ? intval($profile['age']) : 0);
+		$arr['xprof_desc']         = ((isset($profile['description']) && $profile['description']) ? htmlspecialchars($profile['description'], ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_gender']       = ((isset($profile['gender']) && $profile['gender'])     ? htmlspecialchars($profile['gender'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_marital']      = ((isset($profile['marital']) && $profile['marital'])   ? htmlspecialchars($profile['marital'],     ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_sexual']       = ((isset($profile['sexual']) && $profile['sexual'])     ? htmlspecialchars($profile['sexual'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_locale']       = ((isset($profile['locale']) && $profile['locale'])     ? htmlspecialchars($profile['locale'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_region']       = ((isset($profile['region']) && $profile['region'])     ? htmlspecialchars($profile['region'],      ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_postcode']     = ((isset($profile['postcode']) && $profile['postcode']) ? htmlspecialchars($profile['postcode'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_country']      = ((isset($profile['country']) && $profile['country'])   ? htmlspecialchars($profile['country'],     ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_about']        = ((isset($profile['about']) && $profile['about'])       ? htmlspecialchars($profile['about'],       ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_homepage']     = ((isset($profile['homepage']) && $profile['homepage']) ? htmlspecialchars($profile['homepage'],    ENT_COMPAT,'UTF-8',false) : '');
+		$arr['xprof_hometown']     = ((isset($profile['hometown']) && $profile['hometown']) ? htmlspecialchars($profile['hometown'],    ENT_COMPAT,'UTF-8',false) : '');
 
 		$clean = array();
 		if (array_key_exists('keywords', $profile) and is_array($profile['keywords'])) {

Zotlabs/Lib/MessageFilter.php

@@ -2,85 +2,120 @@
 
 namespace Zotlabs\Lib;
 
-
+require_once('include/html2plain.php');
 
 class MessageFilter {
 
+	public static function evaluate($item, $incl, $excl) {
 
-	static public function evaluate($item,$incl,$excl) {
-
-		require_once('include/html2plain.php');
-
-		$text = prepare_text($item['body'],$item['mimetype']);
+		$text = prepare_text($item['body'],((isset($item['mimetype'])) ? $item['mimetype'] : 'text/bbcode'));
 		$text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);
 
-
 		$lang = null;
 
-		if((strpos($incl,'lang=') !== false) || (strpos($excl,'lang=') !== false) || (strpos($incl,'lang!=') !== false) || (strpos($excl,'lang!=') !== false)) {
+		if ((strpos($incl, 'lang=') !== false) || (strpos($excl, 'lang=') !== false) || (strpos($incl, 'lang!=') !== false) || (strpos($excl, 'lang!=') !== false)) {
 			$lang = detect_language($text);
 		}
 
-		$tags = ((is_array($item['term']) && count($item['term'])) ? $item['term'] : false);
+		$tags = ((isset($item['term']) && is_array($item['term']) && count($item['term'])) ? $item['term'] : false);
 
 		// exclude always has priority
 
-		$exclude = (($excl) ? explode("\n",$excl) : null);
+		$exclude = (($excl) ? explode("\n", $excl) : null);
 
-		if($exclude) {
-			foreach($exclude as $word) {
-				$word = trim($word);
-				if(! $word)
+		if ($exclude) {
+			foreach ($exclude as $word) {
+				$word = html_entity_decode(trim($word));
+				if (! $word) {
 					continue;
-				if(substr($word,0,1) === '#' && $tags) {
-					foreach($tags as $t)
-						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return false;
 				}
-				elseif(substr($word,0,1) === '$' && $tags) {
-					foreach($tags as $t)
-						if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return false;
+				if (isset($lang) && ((strpos($word, 'lang=') === 0) || (strpos($word, 'lang!=') === 0))) {
+					if (!strlen($lang)) {
+						// Result is ambiguous. As we are matching deny rules only at this time, continue tests.
+						// Any matching deny rule concludes testing.
+						continue;
+					}
+					if (strpos($word, 'lang=') === 0 && strcasecmp($lang, trim(substr($word, 5))) == 0) {
+						return false;
+					} elseif (strpos($word, 'lang!=') === 0 && strcasecmp($lang, trim(substr($word, 6))) != 0) {
+						return false;
+					}
 				}
-				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
+                elseif (substr($word, 0, 1) === '#' && $tags) {
+					foreach ($tags as $t) {
+						if ((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return false;
+						}
+					}
+				} elseif (substr($word, 0, 1) === '$' && $tags) {
+					foreach ($tags as $t) {
+						if (($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return false;
+						}
+					}
+				} elseif (substr($word, 0, 2) === '?+') {
+					if (self::test_condition(substr($word, 2), $item['obj'])) {
+						return false;
+					}
+				} elseif (substr($word, 0, 1) === '?') {
+					if (self::test_condition(substr($word, 1), $item)) {
+						return false;
+					}
+				} elseif ((strpos($word, '/') === 0) && preg_match($word, $text)) {
 					return false;
-				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
-					return false;
-				elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
-					return false;
-				elseif(stristr($text,$word) !== false)
+				} elseif (stristr($text, $word) !== false) {
 					return false;
+				}
 			}
 		}
 
-		$include = (($incl) ? explode("\n",$incl) : null);
+		$include = (($incl) ? explode("\n", $incl) : null);
 
-		if($include) {
-			foreach($include as $word) {
-				$word = trim($word);
-				if(! $word)
+		if ($include) {
+			foreach ($include as $word) {
+				$word = html_entity_decode(trim($word));
+				if (! $word) {
 					continue;
-				if(substr($word,0,1) === '#' && $tags) {
-					foreach($tags as $t)
-						if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return true;
 				}
-				elseif(substr($word,0,1) === '$' && $tags) {
-					foreach($tags as $t)
-						if(($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
-							return true;
+				if (isset($lang) && ((strpos($word, 'lang=') === 0) || (strpos($word, 'lang!=') === 0))) {
+					if (!strlen($lang))  {
+						// Result is ambiguous. However we are checking allow rules
+						// and an ambiguous language is always permitted.
+						return true;
+					}
+					if (strpos($word, 'lang=') === 0 && strcasecmp($lang, trim(substr($word, 5))) == 0) {
+						return true;
+					} elseif (strpos($word, 'lang!=') === 0 && strcasecmp($lang, trim(substr($word, 6))) != 0) {
+						return true;
+					}
 				}
-				elseif((strpos($word,'/') === 0) && preg_match($word,$text))
+                elseif (substr($word, 0, 1) === '#' && $tags) {
+					foreach ($tags as $t) {
+						if ((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return true;
+						}
+					}
+				} elseif (substr($word, 0, 1) === '$' && $tags) {
+					foreach ($tags as $t) {
+						if (($t['ttype'] == TERM_CATEGORY) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
+							return true;
+						}
+					}
+				} elseif (substr($word, 0, 2) === '?+') {
+					if (self::test_condition(substr($word, 2), $item['obj'])) {
+						return true;
+					}
+				} elseif (substr($word, 0, 1) === '?') {
+					if (self::test_condition(substr($word, 1), $item)) {
+						return true;
+					}
+				} elseif ((strpos($word, '/') === 0) && preg_match($word, $text)) {
 					return true;
-				elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
-					return true;
-				elseif((strpos($word,'lang!=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,6))) != 0))
-					return true;
-				elseif(stristr($text,$word) !== false)
+				} elseif (stristr($text, $word) !== false) {
 					return true;
+				}
 			}
-		}
-		else {
+		} else {
 			return true;
 		}
 
@@ -88,4 +123,123 @@ class MessageFilter {
 	}
 
 
+	/**
+	 * @brief Test for Conditional Execution conditions. Shamelessly ripped off from Code/Render/Comanche
+	 *
+	 * This is extensible. The first version of variable testing supports tests of the forms:
+	 *
+	 * - ?foo ~= baz which will check if item.foo contains the string 'baz';
+	 * - ?foo == baz which will check if item.foo is the string 'baz';
+	 * - ?foo != baz which will check if item.foo is not the string 'baz';
+	 * - ?foo >= 3 which will check if item.foo is greater than or equal to 3;
+	 * - ?foo > 3 which will check if item.foo is greater than 3;
+	 * - ?foo <= 3 which will check if item.foo is less than or equal to 3;
+	 * - ?foo < 3 which will check if item.foo is less than 3;
+	 *
+	 * - ?foo {} baz which will check if 'baz' is an array element in item.foo
+	 * - ?foo {*} baz which will check if 'baz' is an array key in item.foo
+	 * - ?foo which will check for a return of a true condition for item.foo;
+     * - ?!foo which will check for a return of a false condition for item.foo;
+     *
+	 * The values 0, '', an empty array, and an unset value will all evaluate to false.
+	 *
+	 * @param string $s
+	 * @param array $item
+	 * @return bool
+	 */
+
+	public static function test_condition($s,$item) {
+
+		if (preg_match('/(.*?)\s\~\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (stripos($x, trim($matches[2])) !== false) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\=\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x == trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\!\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x != trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\>\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x >= trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\<\=\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x <= trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\>\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x > trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\>\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x < trim($matches[2])) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/[\$](.*?)\s\{\}\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (is_array($x) && in_array(trim($matches[2]), $x)) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)\s\{\*\}\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (is_array($x) && array_key_exists(trim($matches[2]), $x)) {
+				return true;
+			}
+			return false;
+		}
+
+		// Ordering of this check (for falsiness) with relation to the following one (check for truthiness) is important.
+		if (preg_match('/\!(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if (!$x) {
+				return true;
+			}
+			return false;
+		}
+
+		if (preg_match('/(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			if ($x) {
+				return true;
+			}
+			return false;
+		}
+
+		return false;
+	}
+
 }

Zotlabs/Lib/NativeWiki.php

@@ -1,322 +0,0 @@
-<?php
-
-namespace Zotlabs\Lib;
-
-use Zotlabs\Lib\Libsync;
-
-define ( 'NWIKI_ITEM_RESOURCE_TYPE', 'nwiki' );
-
-class NativeWiki {
-
-
-	public static function listwikis($channel, $observer_hash) {
-
-		$sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash);
-		$wikis = q("SELECT * FROM item
-			WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra",
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			intval($channel['channel_id'])
-		);
-
-		if($wikis) {
-			foreach($wikis as &$w) {
-
-				$w['json_allow_cid']  = acl2json($w['allow_cid']);
-				$w['json_allow_gid']  = acl2json($w['allow_gid']);
-				$w['json_deny_cid']   = acl2json($w['deny_cid']);
-				$w['json_deny_gid']   = acl2json($w['deny_gid']);
-
-				$w['rawName']  = get_iconfig($w, 'wiki', 'rawName');
-				$w['htmlName'] = escape_tags($w['rawName']);
-				//$w['urlName']  = urlencode(urlencode($w['rawName']));
-				$w['urlName']  = self::name_encode($w['rawName']);
-				$w['mimeType'] = get_iconfig($w, 'wiki', 'mimeType');
-				$w['typelock'] = get_iconfig($w, 'wiki', 'typelock');
-				$w['lockstate']     = (($w['allow_cid'] || $w['allow_gid'] || $w['deny_cid'] || $w['deny_gid']) ? 'lock' : 'unlock');
-			}
-		}
-		// TODO: query db for wikis the observer can access. Return with two lists, for read and write access
-		return array('wikis' => $wikis);
-	}
-
-
-	public static function create_wiki($channel, $observer_hash, $wiki, $acl) {
-
-		$resource_id = new_uuid();
-		$uuid = new_uuid();
-
-		$ac = $acl->get();
-		$mid = z_root() . '/item/' . $uuid;
-
-		$arr = array();	// Initialize the array of parameters for the post
-		$item_hidden = ((intval($wiki['postVisible']) === 0) ? 1 : 0);
-		$wiki_url = z_root() . '/wiki/' . $channel['channel_address'] . '/' . $wiki['urlName'];
-		$arr['aid'] = $channel['channel_account_id'];
-		$arr['uuid'] = $uuid;
-		$arr['uid'] = $channel['channel_id'];
-		$arr['mid'] = $mid;
-		$arr['parent_mid'] = $mid;
-		$arr['item_hidden'] = $item_hidden;
-		$arr['resource_type'] = NWIKI_ITEM_RESOURCE_TYPE;
-		$arr['resource_id'] = $resource_id;
-		$arr['owner_xchan'] = $channel['channel_hash'];
-		$arr['author_xchan'] = $observer_hash;
-		$arr['plink'] = $mid;
-		$arr['llink'] = z_root() . '/display/' . gen_link_id($mid);
-		$arr['title'] = $wiki['htmlName'];  // name of new wiki;
-		$arr['allow_cid'] = $ac['allow_cid'];
-		$arr['allow_gid'] = $ac['allow_gid'];
-		$arr['deny_cid'] = $ac['deny_cid'];
-		$arr['deny_gid'] = $ac['deny_gid'];
-		$arr['item_wall'] = 1;
-		$arr['item_origin'] = 1;
-		$arr['item_thread_top'] = 1;
-		$arr['item_private'] = intval($acl->is_private());
-		$arr['verb'] = ACTIVITY_CREATE;
-		$arr['obj_type'] = 'Document';
-		$arr['body'] = '[table][tr][td][h1]New Wiki[/h1][/td][/tr][tr][td][zrl=' . $wiki_url . ']' . $wiki['htmlName'] . '[/zrl][/td][/tr][/table]';
-
-		$arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel['channel_id'],'view_wiki'),true);
-
-		// Save the wiki name information using iconfig. This is shareable.
-		if(! set_iconfig($arr, 'wiki', 'rawName', $wiki['rawName'], true)) {
-			return array('item' => null, 'success' => false);
-		}
-		if(! set_iconfig($arr, 'wiki', 'mimeType', $wiki['mimeType'], true)) {
-			return array('item' => null, 'success' => false);
-		}
-
-		set_iconfig($arr,'wiki','typelock',$wiki['typelock'],true);
-
-		$post = item_store($arr);
-
-		$item_id = $post['item_id'];
-
-		if($item_id) {
-			\Zotlabs\Daemon\Master::Summon(array('Notifier', 'activity', $item_id));
-			return array('item' => $post['item'], 'item_id' => $item_id, 'success' => true);
-		}
-		else {
-			return array('item' => null, 'success' => false);
-		}
-	}
-
-
-	public static function update_wiki($channel_id, $observer_hash, $arr, $acl) {
-
-		$w = self::get_wiki($channel_id, $observer_hash, $arr['resource_id']);
-		$item = $w['wiki'];
-
-		if(! $item) {
-			return array('item' => null, 'success' => false);
-		}
-
-		$x = $acl->get();
-
-		$item['allow_cid']    = $x['allow_cid'];
-		$item['allow_gid']    = $x['allow_gid'];
-		$item['deny_cid']     = $x['deny_cid'];
-		$item['deny_gid']     = $x['deny_gid'];
-		$item['item_private'] = intval($acl->is_private());
-
-		$update_title = false;
-
-		if($item['title'] !== $arr['updateRawName']) {
-			$update_title = true;
-			$item['title'] = $arr['updateRawName'];
-		}
-
-		$update = item_store_update($item);
-
-		$item_id = $update['item_id'];
-
-		// update acl for any existing wiki pages
-
-		q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where resource_type = 'nwikipage' and resource_id = '%s'",
-			dbesc($item['allow_cid']),
-			dbesc($item['allow_gid']),
-			dbesc($item['deny_cid']),
-			dbesc($item['deny_gid']),
-			dbesc($item['item_private']),
-			dbesc($arr['resource_id'])
-		);
-
-
-		if($update['item_id']) {
-			info( t('Wiki updated successfully'));
-			if($update_title) {
-				// Update the wiki name information using iconfig.
-				if(! set_iconfig($update['item_id'], 'wiki', 'rawName', $arr['updateRawName'], true)) {
-					return array('item' => null, 'success' => false);
-				}
-			}
-			return array('item' => $update['item'], 'item_id' => $update['item_id'], 'success' => $update['success']);
-		}
-		else {
-			return array('item' => null, 'success' => false);
-		}
-	}
-
-
-	public static function sync_a_wiki_item($uid,$id,$resource_id) {
-
-		$r = q("SELECT * from item WHERE uid = %d AND ( id = %d OR ( resource_type = '%s' and resource_id = '%s' )) ",
-			intval($uid),
-			intval($id),
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			dbesc($resource_id)
-		);
-		if($r) {
-
-			$q = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s'",
-				dbesc($r[0]['resource_id'])
-			);
-			if($q) {
-				$r = array_merge($r,$q);
-			}
-			xchan_query($r);
-			$sync_item = fetch_post_tags($r);
-			if($sync_item) {
-				$pkt = [];
-				foreach($sync_item as $w) {
-					$pkt[] = encode_item($w,true);
-				}
-				Libsync::build_sync_packet($uid,array('wiki' => $pkt));
-			}
-		}
-	}
-
-
-	public static function delete_wiki($channel_id,$observer_hash,$resource_id) {
-
-		$w = self::get_wiki($channel_id,$observer_hash,$resource_id);
-		if(! $w['wiki']) {
-			return [ 'success' => false ];
-		}
-		else {
-
-			$r = q("SELECT id FROM item WHERE uid = %s AND resource_id = '%s'",
-				intval($channel_id),
-				dbesc($resource_id)
-			);
-
-			$ids = array_column($r, 'id');
-			drop_items($ids, true, DROPITEM_PHASE1);
-
-			info(t('Wiki files deleted successfully'));
-
-			return [ 'success' => true ];
-		}
-	}
-
-
-	public static function get_wiki($channel_id, $observer_hash, $resource_id) {
-
-		$sql_extra = item_permissions_sql($channel_id,$observer_hash);
-
-		$item = q("SELECT * FROM item WHERE uid = %d AND resource_type = '%s' AND resource_id = '%s' AND item_deleted = 0
-			$sql_extra ORDER BY id LIMIT 1",
-			intval($channel_id),
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			dbesc($resource_id)
-		);
-		if(! $item) {
-			return [ 'wiki' => null ];
-		}
-		else {
-
-			$w = $item[0];	// wiki item table record
-			// Get wiki metadata
-			$rawName  = get_iconfig($w, 'wiki', 'rawName');
-			$mimeType = get_iconfig($w, 'wiki', 'mimeType');
-			$typelock = get_iconfig($w, 'wiki', 'typelock');
-
-			return array(
-				'wiki'     => $w,
-				'rawName'  => $rawName,
-				'htmlName' => escape_tags($rawName),
-				//'urlName'  => urlencode(urlencode($rawName)),
-				'urlName'  => self::name_encode($rawName),
-				'mimeType' => $mimeType,
-				'typelock' => $typelock
-			);
-		}
-	}
-
-
-	public static function exists_by_name($uid, $urlName) {
-
-		$sql_extra = item_permissions_sql($uid);
-
-		$item = q("SELECT item.id, resource_id FROM item left join iconfig on iconfig.iid = item.id
-			WHERE resource_type = '%s' AND iconfig.v = '%s' AND uid = %d
-			AND item_deleted = 0 $sql_extra limit 1",
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			//dbesc(urldecode($urlName)),
-			dbesc(self::name_decode($urlName)),
-			intval($uid)
-		);
-
-		if($item) {
-			return array('id' => $item[0]['id'], 'resource_id' => $item[0]['resource_id']);
-		}
-		else {
-			return array('id' => null, 'resource_id' => null);
-		}
-	}
-
-
-	public static function get_permissions($resource_id, $owner_id, $observer_hash) {
-
-		// TODO: For now, only the owner can edit
-		$sql_extra = item_permissions_sql($owner_id, $observer_hash);
-
-		if(local_channel() && local_channel() == $owner_id) {
-			return [ 'read' => true, 'write' => true, 'success' => true ];
-		}
-
-		$r = q("SELECT * FROM item WHERE uid = %d and resource_type = '%s' AND resource_id = '%s' $sql_extra LIMIT 1",
-			intval($owner_id),
-			dbesc(NWIKI_ITEM_RESOURCE_TYPE),
-			dbesc($resource_id)
-		);
-
-		if(! $r) {
-			return array('read' => false, 'write' => false, 'success' => true);
-		}
-		else {
-			$write = perm_is_allowed($owner_id, $observer_hash,'write_wiki');
-			return array('read' => true, 'write' => $write, 'success' => true);
-		}
-	}
-
-
-	public static function name_encode ($string) {
-
-		$string = html_entity_decode($string);
-		$encoding = mb_internal_encoding();
-		mb_internal_encoding("UTF-8");
-		$ret = mb_ereg_replace_callback ('[^A-Za-z0-9\-\_\.\~]',function ($char) {
-	                $charhex = unpack('H*',$char[0]);
-                	$ret = '('.$charhex[1].')';
-                	return $ret;
- 			}
-			,$string);
-		mb_internal_encoding($encoding);
-		return $ret;
-	}
-
-
-	public static function name_decode ($string) {
-
-		$encoding = mb_internal_encoding();
-		mb_internal_encoding("UTF-8");
-		$ret = mb_ereg_replace_callback ('(\(([0-9a-f]+)\))',function ($chars) {
-			return pack('H*',$chars[2]);
-			}
-			,$string);
-		mb_internal_encoding($encoding);
-		return $ret;
-	}
-
-}

Zotlabs/Lib/NativeWikiPage.php

@@ -1,725 +0,0 @@
-<?php
-
-namespace Zotlabs\Lib;
-
-use App;
-use Zotlabs\Access\PermissionLimits;
-
-class NativeWikiPage {
-
-	static public function page_list($channel_id, $observer_hash, $resource_id) {
-
-		// TODO: Create item table records for pages so that metadata like title can be applied
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		$pages[] = [
-			'resource_id' => '',
-			'title'       => 'Home',
-			'url'         => 'Home',
-			'link_id'     => 'id_wiki_home_0'
-		];
-
-		$sql_extra = item_permissions_sql($channel_id, $observer_hash);
-
-		$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and item_deleted = 0
-			$sql_extra order by title asc",
-			dbesc($resource_id),
-			intval($channel_id)
-		);
-		if ($r) {
-			$x = [];
-			$y = [];
-
-			foreach ($r as $rv) {
-				if (!in_array($rv['mid'], $x)) {
-					$y[] = $rv;
-					$x[] = $rv['mid'];
-				}
-			}
-
-			$items = fetch_post_tags($y, true);
-
-			foreach ($items as $page_item) {
-				$title = get_iconfig($page_item['id'], 'nwikipage', 'pagetitle', t('(No Title)'));
-				if (urldecode($title) !== 'Home') {
-					$pages[] = [
-						'resource_id' => $resource_id,
-						'title'       => escape_tags($title),
-						//'url'         => str_replace('%2F','/',urlencode(str_replace('%2F','/',urlencode($title)))),
-						'url'         => NativeWiki::name_encode($title),
-						'link_id'     => 'id_' . substr($resource_id, 0, 10) . '_' . $page_item['id']
-					];
-				}
-			}
-		}
-
-		return ['pages' => $pages, 'wiki' => $w];
-	}
-
-
-	static public function create_page($channel, $observer_hash, $name, $resource_id, $mimetype = 'text/bbcode') {
-
-		logger('mimetype: ' . $mimetype);
-
-		if (!in_array($mimetype, ['text/markdown', 'text/bbcode', 'text/plain', 'text/html']))
-			$mimetype = 'text/markdown';
-
-		$w = NativeWiki::get_wiki($channel['channel_id'], $observer_hash, $resource_id);
-
-		if (!$w['wiki']) {
-			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
-		}
-
-		// backslashes won't work well in the javascript functions
-		$name = str_replace('\\', '', $name);
-
-		$uuid = new_uuid();
-		$mid  = z_root() . '/item/' . $uuid;
-
-		// create an empty activity
-		$arr                    = [];
-		$arr['aid']             = $channel['channel_account_id'];
-		$arr['uid']             = $channel['channel_id'];
-		$arr['mid']             = $mid;
-		$arr['parent_mid']      = $w['wiki']['mid'];
-		$arr['parent']          = $w['wiki']['parent'];
-		$arr['uuid']            = $uuid;
-		$arr['item_hidden']     = $w['wiki']['item_hidden'];
-		$arr['plink']           = $mid;
-		$arr['llink']           = z_root() . '/display/' . gen_link_id($mid);
-		$arr['author_xchan']    = $observer_hash;
-		$arr['mimetype']        = $mimetype;
-		$arr['title']           = $name;
-		$arr['resource_type']   = 'nwikipage';
-		$arr['resource_id']     = $resource_id;
-		$arr['allow_cid']       = $w['wiki']['allow_cid'];
-		$arr['allow_gid']       = $w['wiki']['allow_gid'];
-		$arr['deny_cid']        = $w['wiki']['deny_cid'];
-		$arr['deny_gid']        = $w['wiki']['deny_gid'];
-		$arr['item_private']    = $w['wiki']['item_private'];
-		$arr['item_wall']       = 1;
-		$arr['item_origin']     = 1;
-		$arr['item_thread_top'] = 1;
-		$arr['verb']            = ACTIVITY_CREATE;
-		$arr['obj_type']        = 'Document';
-		// TODO: add an object?
-		$arr['public_policy'] = map_scope(PermissionLimits::Get($channel['channel_id'], 'view_wiki'), true);
-
-		// We may wish to change this some day.
-		$arr['item_unpublished'] = 1;
-
-		set_iconfig($arr, 'nwikipage', 'pagetitle', (($name) ? $name : t('(No Title)')), true);
-		$p = item_store($arr, false, false);
-
-		if ($p['item_id']) {
-			$page = [
-				'rawName'  => $name,
-				'htmlName' => escape_tags($name),
-				//'urlName'  => urlencode($name),
-				'urlName'  => NativeWiki::name_encode($name)
-
-			];
-
-			return ['page' => $page, 'item_id' => $p['item_id'], 'item' => $p['activity'], 'wiki' => $w, 'message' => '', 'success' => true];
-		}
-		return ['success' => false, 'message' => t('Wiki page create failed.')];
-	}
-
-
-	static public function rename_page($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
-		$pageNewName   = ((array_key_exists('pageNewName', $arr)) ? $arr['pageNewName'] : '');
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return ['message' => t('Wiki not found.'), 'success' => false];
-		}
-
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id
-			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageNewName)
-		);
-
-		if ($ic) {
-			return ['success' => false, 'message' => t('Destination name already exists')];
-		}
-
-
-		$ids = [];
-
-		$ic = q("select *, item.id as item_id from iconfig left join item on iconfig.iid = item.id
-			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-
-		if ($ic) {
-			foreach ($ic as $c) {
-				set_iconfig($c['item_id'], 'nwikipage', 'pagetitle', $pageNewName);
-				$ids[] = $c['item_id'];
-			}
-
-			$str_ids = implode(',', $ids);
-			q("update item set title = '%s' where id in ($str_ids)",
-				dbesc($pageNewName)
-			);
-
-			$page = [
-				'rawName'  => $pageNewName,
-				'htmlName' => escape_tags($pageNewName),
-				//'urlName'  => urlencode(escape_tags($pageNewName))
-				'urlName'  => NativeWiki::name_encode($pageNewName)
-			];
-
-			return ['success' => true, 'page' => $page];
-		}
-
-		return ['success' => false, 'message' => t('Page not found')];
-
-	}
-
-
-	static public function get_page_content($arr) {
-
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? intval($arr['channel_id']) : 0);
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
-		}
-
-		$item = self::load_page($arr);
-
-		if ($item) {
-			$content = $item['body'];
-
-			return [
-				'content'      => $content,
-				'mimeType'     => $w['mimeType'],
-				'pageMimeType' => $item['mimetype'],
-				'message'      => '',
-				'success'      => true
-			];
-		}
-
-		return ['content' => null, 'message' => t('Error reading page content'), 'success' => false];
-
-	}
-
-
-	static public function page_history($arr) {
-
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return ['history' => null, 'message' => 'Error reading wiki', 'success' => false];
-		}
-
-		$items = self::load_page_history($arr);
-
-		$history = [];
-
-		if ($items) {
-			$processed = 0;
-			foreach ($items as $item) {
-				if ($processed > 1000)
-					break;
-				$processed++;
-				$history[] = [
-					'revision' => $item['revision'],
-					'date'     => datetime_convert('UTC', date_default_timezone_get(), $item['edited']),
-					'name'     => $item['author']['xchan_name'],
-					'title'    => get_iconfig($item, 'nwikipage', 'commit_msg')
-				];
-
-			}
-
-			return ['success' => true, 'history' => $history];
-		}
-
-		return ['success' => false];
-
-	}
-
-
-	static public function load_page($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-		$revision      = ((array_key_exists('revision', $arr)) ? $arr['revision'] : (-1));
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		if (!$w['wiki']) {
-			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
-		}
-
-		$ids = '';
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-
-		if ($ic) {
-			foreach ($ic as $c) {
-				if ($ids)
-					$ids .= ',';
-				$ids .= intval($c['iid']);
-			}
-		}
-
-		$sql_extra = item_permissions_sql($channel_id, $observer_hash);
-
-		if ($revision == (-1))
-			$sql_extra .= " order by revision desc ";
-		elseif ($revision)
-			$sql_extra .= " and revision = " . intval($revision) . " ";
-
-		$r = null;
-
-
-		if ($ids) {
-			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) $sql_extra limit 1",
-				dbesc($resource_id),
-				intval($channel_id)
-			);
-
-			if ($r) {
-				$items = fetch_post_tags($r, true);
-				return $items[0];
-			}
-		}
-
-		return null;
-	}
-
-
-	static public function load_page_history($arr) {
-
-		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return ['content' => null, 'message' => 'Error reading wiki', 'success' => false];
-		}
-
-		$ids = '';
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-
-		if ($ic) {
-			foreach ($ic as $c) {
-				if ($ids)
-					$ids .= ',';
-				$ids .= intval($c['iid']);
-			}
-		}
-
-		$sql_extra = item_permissions_sql($channel_id, $observer_hash);
-
-		$sql_extra .= " order by revision desc ";
-
-		$r = null;
-		if ($ids) {
-			$r = q("select * from item where resource_type = 'nwikipage' and resource_id = '%s' and uid = %d and id in ( $ids ) and item_deleted = 0 $sql_extra",
-				dbesc($resource_id),
-				intval($channel_id)
-			);
-			if ($r) {
-				xchan_query($r);
-				$items = fetch_post_tags($r, true);
-				return $items;
-			}
-		}
-
-		return null;
-	}
-
-
-	static public function save_page($arr) {
-		$pageUrlName   = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
-		$content       = ((array_key_exists('content', $arr)) ? $arr['content'] : '');
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		if (!$w['wiki']) {
-			return ['message' => t('Error reading wiki'), 'success' => false];
-		}
-
-
-		// fetch the most recently saved revision.
-
-		$item = self::load_page($arr);
-
-		if (!$item) {
-			return ['message' => t('Page not found'), 'success' => false];
-		}
-
-		$mimetype = $item['mimetype'];
-
-		// change just the fields we need to change to create a revision;
-
-		unset($item['id']);
-		unset($item['author']);
-		$item['parent']       = 0;
-		$item['body']         = $content;
-		$item['author_xchan'] = $observer_hash;
-		$item['revision']     = (($arr['revision']) ? intval($arr['revision']) + 1 : intval($item['revision']) + 1);
-		$item['edited']       = datetime_convert();
-		$item['mimetype']     = $mimetype;
-
-		if ($item['iconfig'] && is_array($item['iconfig']) && count($item['iconfig'])) {
-			for ($x = 0; $x < count($item['iconfig']); $x++) {
-				unset($item['iconfig'][$x]['id']);
-				unset($item['iconfig'][$x]['iid']);
-			}
-		}
-
-		$ret = item_store($item, false, false);
-
-		if ($ret['item_id'])
-			return ['message' => '', 'item_id' => $ret['item_id'], 'filename' => $pageUrlName, 'success' => true];
-		else
-			return ['message' => t('Page update failed.'), 'success' => false];
-	}
-
-
-	static public function delete_page($arr) {
-
-		$pageUrlName   = (array_key_exists('pageUrlName', $arr) ? $arr['pageUrlName'] : '');
-		$resource_id   = (array_key_exists('resource_id', $arr) ? $arr['resource_id'] : '');
-		$observer_hash = (array_key_exists('observer_hash', $arr) ? $arr['observer_hash'] : '');
-		$channel_id    = (array_key_exists('channel_id', $arr) ? $arr['channel_id'] : 0);
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return ['success' => false, 'message' => t('Error reading wiki')];
-		}
-
-		$ids = [];
-
-		$ic = q("select * from iconfig left join item on iconfig.iid = item.id
-			where uid = %d and cat = 'nwikipage' and k = 'pagetitle' and v = '%s'",
-			intval($channel_id),
-			dbesc($pageUrlName)
-		);
-
-		if ($ic) {
-			foreach ($ic as $c) {
-				$ids[] = intval($c['iid']);
-			}
-		}
-
-		if ($ids) {
-			drop_items($ids, true, DROPITEM_PHASE1);
-			return ['success' => true];
-		}
-
-		return ['success' => false, 'message' => t('Nothing deleted')];
-	}
-
-
-	static public function revert_page($arr) {
-
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$commitHash    = ((array_key_exists('commitHash', $arr)) ? $arr['commitHash'] : null);
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-
-		if (!$commitHash) {
-			return ['message' => 'No commit was provided', 'success' => false];
-		}
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return ['message' => 'Error reading wiki', 'success' => false];
-		}
-
-		$x = $arr;
-
-		if (intval($commitHash) > 0) {
-			unset($x['commitHash']);
-			$x['revision'] = intval($commitHash) - 1;
-			$loaded        = self::load_page($x);
-
-			if ($loaded) {
-				$content = $loaded['body'];
-				return ['content' => $content, 'success' => true];
-			}
-			return ['success' => false];
-		}
-	}
-
-
-	static public function compare_page($arr) {
-
-		$resource_id   = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-		$compareCommit = ((array_key_exists('compareCommit', $arr)) ? $arr['compareCommit'] : 0);
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-
-		if (!$w['wiki']) {
-			return ['message' => t('Error reading wiki'), 'success' => false];
-		}
-
-		$x             = $arr;
-		$x['revision'] = (-1);
-
-		$currpage = self::load_page($x);
-		if ($currpage)
-			$currentContent = $currpage['body'];
-
-		$x['revision'] = $compareCommit;
-		$comppage      = self::load_page($x);
-		if ($comppage)
-			$compareContent = $comppage['body'];
-
-		if ($currpage && $comppage) {
-			require_once('library/class.Diff.php');
-			$diff = \Diff::toTable(\Diff::compare($currentContent, $compareContent));
-
-			return ['success' => true, 'diff' => $diff];
-		}
-		return ['success' => false, 'message' => t('Compare: object not found.')];
-
-	}
-
-
-	static public function commit($arr) {
-
-		$commit_msg    = ((array_key_exists('commit_msg', $arr)) ? $arr['commit_msg'] : t('Page updated'));
-		$observer_hash = ((array_key_exists('observer_hash', $arr)) ? $arr['observer_hash'] : '');
-		$channel_id    = ((array_key_exists('channel_id', $arr)) ? $arr['channel_id'] : 0);
-
-		if (array_key_exists('resource_id', $arr)) {
-			$resource_id = $arr['resource_id'];
-		}
-		else {
-			return ['message' => t('Wiki resource_id required for git commit'), 'success' => false];
-		}
-
-		$w = NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
-		if (!$w['wiki']) {
-			return ['message' => t('Error reading wiki'), 'success' => false];
-		}
-
-
-		$page = self::load_page($arr);
-
-		if ($page) {
-			set_iconfig($page['id'], 'nwikipage', 'commit_msg', escape_tags($commit_msg), true);
-			return ['success' => true, 'item_id' => $page['id'], 'page' => $page];
-		}
-
-		return ['success' => false, 'message' => t('Page not found.')];
-
-	}
-
-	static public function convert_links($s, $wikiURL) {
-
-		if (strpos($s, '[[') !== false) {
-			preg_match_all("/\[\[(.*?)\]\]/", $s, $match);
-			$pages = $pageURLs = [];
-			foreach ($match[1] as $m) {
-				// TODO: Why do we need to double urlencode for this to work?
-				//$pageURLs[] = urlencode(urlencode(escape_tags($m)));
-				$titleUri   = explode('|', $m);
-				$page       = $titleUri[0] ?? '';
-				$title      = $titleUri[1] ?? $page;
-				$pageURLs[] = NativeWiki::name_encode(escape_tags($page));
-				$pages[]    = $title;
-			}
-			$idx = 0;
-			while (strpos($s, '[[') !== false) {
-				$replace = '<a href="' . $wikiURL . '/' . $pageURLs[$idx] . '">' . $pages[$idx] . '</a>';
-				$s       = preg_replace("/\[\[(.*?)\]\]/", $replace, $s, 1);
-				$idx++;
-			}
-		}
-		return $s;
-	}
-
-	static public function render_page_history($arr) {
-
-		$pageUrlName = ((array_key_exists('pageUrlName', $arr)) ? $arr['pageUrlName'] : '');
-		$resource_id = ((array_key_exists('resource_id', $arr)) ? $arr['resource_id'] : '');
-
-		$pageHistory = self::page_history([
-			'channel_id'    => App::$profile_uid,
-			'observer_hash' => get_observer_hash(),
-			'resource_id'   => $resource_id,
-			'pageUrlName'   => $pageUrlName
-		]);
-
-		return replace_macros(get_markup_template('nwiki_page_history.tpl'), [
-			'$pageHistory' => $pageHistory['history'],
-			'$permsWrite'  => $arr['permsWrite'],
-			'$name_lbl'    => t('Name'),
-			'$msg_label'   => t('Message', 'wiki_history'),
-			'$date_lbl'    => t('Date'),
-			'$revert_btn'  => t('Revert'),
-			'$compare_btn' => t('Compare')
-		]);
-
-	}
-
-
-	/**
-	 * Replace the instances of the string [toc] with a list element that will be populated by
-	 * a table of contents by the JavaScript library
-	 * @param string $s
-	 * @return string
-	 */
-	static public function generate_toc($s) {
-		if (strpos($s, '[toc]') !== false) {
-			//$toc_md = wiki_toc($s);	// Generate Markdown-formatted list prior to HTML render
-			$toc_md = '<ul id="wiki-toc"></ul>'; // use the available jQuery plugin http://ndabas.github.io/toc/
-			$s      = preg_replace("/\[toc\]/", $toc_md, $s, -1);
-		}
-		return $s;
-	}
-
-
-	/**
-	 *  Converts a select set of bbcode tags. Much of the code is copied from include/bbcode.php
-	 * @param string $s
-	 * @return string
-	 */
-	static public function bbcode($s) {
-
-		$s = str_replace(['[baseurl]', '[sitename]'], [z_root(), get_config('system', 'sitename')], $s);
-
-		$s = preg_replace_callback("/\[observer\.language\=(.*?)\](.*?)\[\/observer\]/ism", 'oblanguage_callback', $s);
-
-		$s = preg_replace_callback("/\[observer\.language\!\=(.*?)\](.*?)\[\/observer\]/ism", 'oblanguage_necallback', $s);
-
-
-		$observer = App::get_observer();
-		if ($observer) {
-			$s1         = '<span class="bb_observer" title="' . t('Different viewers will see this text differently') . '">';
-			$s2         = '</span>';
-			$obsBaseURL = $observer['xchan_connurl'];
-			$obsBaseURL = preg_replace("/\/poco\/.*$/", '', $obsBaseURL);
-			$s          = str_replace('[observer.baseurl]', $obsBaseURL, $s);
-			$s          = str_replace('[observer.url]', $observer['xchan_url'], $s);
-			$s          = str_replace('[observer.name]', $s1 . $observer['xchan_name'] . $s2, $s);
-			$s          = str_replace('[observer.address]', $s1 . $observer['xchan_addr'] . $s2, $s);
-			$s          = str_replace('[observer.webname]', substr($observer['xchan_addr'], 0, strpos($observer['xchan_addr'], '@')), $s);
-			$s          = str_replace('[observer.photo]', '', $s);
-		}
-		else {
-			$s = str_replace('[observer.baseurl]', '', $s);
-			$s = str_replace('[observer.url]', '', $s);
-			$s = str_replace('[observer.name]', '', $s);
-			$s = str_replace('[observer.address]', '', $s);
-			$s = str_replace('[observer.webname]', '', $s);
-			$s = str_replace('[observer.photo]', '', $s);
-		}
-
-		return $s;
-	}
-
-
-	static public function get_file_ext($arr) {
-
-		if ($arr['mimetype'] === 'text/bbcode')
-			return '.bb';
-		elseif ($arr['mimetype'] === 'text/markdown')
-			return '.md';
-		elseif ($arr['mimetype'] === 'text/plain')
-			return '.txt';
-
-	}
-
-	// This function is derived from
-	// http://stackoverflow.com/questions/32068537/generate-table-of-contents-from-markdown-in-php
-	static public function toc($content) {
-		// ensure using only "\n" as line-break
-		$source = str_replace(["\r\n", "\r"], "\n", $content);
-
-		// look for markdown TOC items
-		preg_match_all(
-			'/^(?:=|-|#).*$/m',
-			$source,
-			$matches,
-			PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE
-		);
-
-		// preprocess: iterate matched lines to create an array of items
-		// where each item is an array(level, text)
-		$file_size = strlen($source);
-		foreach ($matches[0] as $item) {
-			$found_mark = substr($item[0], 0, 1);
-			if ($found_mark == '#') {
-				// text is the found item
-				$item_text  = $item[0];
-				$item_level = strrpos($item_text, '#') + 1;
-				$item_text  = substr($item_text, $item_level);
-			}
-			else {
-				// text is the previous line (empty if <hr>)
-				$item_offset      = $item[1];
-				$prev_line_offset = strrpos($source, "\n", -($file_size - $item_offset + 2));
-				$item_text        =
-					substr($source, $prev_line_offset, $item_offset - $prev_line_offset - 1);
-				$item_text        = trim($item_text);
-				$item_level       = $found_mark == '=' ? 1 : 2;
-			}
-			if (!trim($item_text) or strpos($item_text, '|') !== FALSE) {
-				// item is an horizontal separator or a table header, don't mind
-				continue;
-			}
-			$raw_toc[] = ['level' => $item_level, 'text' => trim($item_text)];
-		}
-		$o = '';
-		foreach ($raw_toc as $t) {
-			$level = intval($t['level']);
-			$text  = $t['text'];
-			switch ($level) {
-				case 1:
-					$li = '* ';
-					break;
-				case 2:
-					$li = '  * ';
-					break;
-				case 3:
-					$li = '    * ';
-					break;
-				case 4:
-					$li = '      * ';
-					break;
-				default:
-					$li = '* ';
-					break;
-			}
-			$o .= $li . $text . "\n";
-		}
-		return $o;
-	}
-
-}

Zotlabs/Lib/PConfig.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Lib;
 
+use App;
+
 /**
  * @brief Class for handling channel specific configurations.
  *
@@ -32,15 +34,15 @@ class PConfig {
 		if(is_null($uid) || $uid === false)
 			return false;
 
-		if(! is_array(\App::$config)) {
+		if(! is_array(App::$config)) {
 			btlogger('App::$config not an array');
 		}
 
-		if(! array_key_exists($uid, \App::$config)) {
-			\App::$config[$uid] = array();
+		if(! array_key_exists($uid, App::$config)) {
+			App::$config[$uid] = array();
 		}
 
-		if(! is_array(\App::$config[$uid])) {
+		if(! is_array(App::$config[$uid])) {
 			btlogger('App::$config[$uid] not an array: ' . $uid);
 		}
 
@@ -52,12 +54,12 @@ class PConfig {
 			foreach($r as $rr) {
 				$k = $rr['k'];
 				$c = $rr['cat'];
-				if(! array_key_exists($c, \App::$config[$uid])) {
-					\App::$config[$uid][$c] = array();
-					\App::$config[$uid][$c]['config_loaded'] = true;
+				if(! array_key_exists($c, App::$config[$uid])) {
+					App::$config[$uid][$c] = array();
+					App::$config[$uid][$c]['config_loaded'] = true;
 				}
-				\App::$config[$uid][$c][$k] = $rr['v'];
-				\App::$config[$uid][$c]['pcfgud:'.$k] = $rr['updated'];
+				App::$config[$uid][$c][$k] = $rr['v'];
+				App::$config[$uid][$c]['pcfgud:'.$k] = $rr['updated'];
 			}
 		}
 	}
@@ -86,15 +88,15 @@ class PConfig {
 		if(is_null($uid) || $uid === false)
 			return $default;
 
-		if(! array_key_exists($uid, \App::$config))
+		if(! array_key_exists($uid, App::$config))
 			self::Load($uid);
 
-		if((! array_key_exists($family, \App::$config[$uid])) || (! array_key_exists($key, \App::$config[$uid][$family])))
+		if((! array_key_exists($family, App::$config[$uid])) || (! array_key_exists($key, App::$config[$uid][$family])))
 			return $default;
 
-		return ((! is_array(\App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$uid][$family][$key]))
-			? unserialize(\App::$config[$uid][$family][$key])
-			: \App::$config[$uid][$family][$key]
+		return ((! is_array(App::$config[$uid][$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', App::$config[$uid][$family][$key]))
+			? unserialize(App::$config[$uid][$family][$key])
+			: App::$config[$uid][$family][$key]
 		);
 	}
 
@@ -133,6 +135,7 @@ class PConfig {
 		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
 		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
 		$new = false;
+		$update = false;
 
 		$now = datetime_convert();
 		if (! $updated) {
@@ -143,23 +146,22 @@ class PConfig {
 			$updated = datetime_convert('UTC','UTC','-2 seconds');
 		}
 
-		$hash = hash('sha256',$family.':'.$key);
+		$hash = gen_link_id($family.':'.$key);
 
 		if (self::Get($uid, 'hz_delpconfig', $hash) !== false) {
 			if (self::Get($uid, 'hz_delpconfig', $hash) > $now) {
 				logger('Refusing to update pconfig with outdated info (Item deleted more recently).', LOGGER_NORMAL, LOG_ERR);
 				return self::Get($uid,$family,$key);
 			} else {
-				self::Delete($uid,'hz_delpconfig',$hash);
+				self::Delete($uid, 'hz_delpconfig', $hash);
 			}
 		}
 
 		if(self::Get($uid, $family, $key) === false) {
-			if(! array_key_exists($uid, \App::$config))
-				\App::$config[$uid] = array();
-			if(! array_key_exists($family, \App::$config[$uid]))
-				\App::$config[$uid][$family] = array();
-
+			if(! array_key_exists($uid, App::$config))
+				App::$config[$uid] = array();
+			if(! array_key_exists($family, App::$config[$uid]))
+				App::$config[$uid][$family] = array();
 
 			$ret = q("INSERT INTO pconfig ( uid, cat, k, v, updated ) VALUES ( %d, '%s', '%s', '%s', '%s' ) ",
 				intval($uid),
@@ -177,13 +179,14 @@ class PConfig {
 				logger("Error: Insert to pconfig failed.",LOGGER_NORMAL, LOG_ERR);
 			}
 
-			\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+			$new = true;
+			App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
 
 		}
 		else {
-			$new = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);
+			$update = (App::$config[$uid][$family]['pcfgud:'.$key] < $now);
 
-			if ($new) {
+			if ($update) {
 
 				// @NOTE There is still a possible race condition under limited circumstances
 				// where a value will be updated by another thread with more current data than
@@ -198,7 +201,7 @@ class PConfig {
 					dbesc($key)
 				);
 
-				\App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
+				App::$config[$uid][$family]['pcfgud:'.$key] = $updated;
 
 			} else {
 				logger('Refusing to update pconfig with outdated info.', LOGGER_NORMAL, LOG_ERR);
@@ -211,16 +214,16 @@ class PConfig {
 		// set in the life of this page. We need this to
 		// synchronise channel clones.
 
-		if(! array_key_exists('transient', \App::$config[$uid]))
-			\App::$config[$uid]['transient'] = array();
-		if(! array_key_exists($family, \App::$config[$uid]['transient']))
-			\App::$config[$uid]['transient'][$family] = array();
+		if(! array_key_exists('transient', App::$config[$uid]))
+			App::$config[$uid]['transient'] = array();
+		if(! array_key_exists($family, App::$config[$uid]['transient']))
+			App::$config[$uid]['transient'][$family] = array();
 
-		\App::$config[$uid][$family][$key] = $value;
+		App::$config[$uid][$family][$key] = $value;
 
-		if ($new) {
-			\App::$config[$uid]['transient'][$family][$key] = $value;
-			\App::$config[$uid]['transient'][$family]['pcfgud:'.$key] = $updated;
+		if ($new || $update) {
+			App::$config[$uid]['transient'][$family][$key] = $value;
+			App::$config[$uid]['transient'][$family]['pcfgud:'.$key] = $updated;
 		}
 
 		if($ret)
@@ -253,7 +256,7 @@ class PConfig {
 
 		$updated = ($updated) ? $updated : datetime_convert('UTC','UTC','-2 seconds');
 		$now = datetime_convert();
-		$newer = (\App::$config[$uid][$family]['pcfgud:'.$key] < $now);
+		$newer = (App::$config[$uid][$family]['pcfgud:'.$key] < $now);
 
 		if (! $newer) {
 			logger('Refusing to delete pconfig with outdated delete request.', LOGGER_NORMAL, LOG_ERR);
@@ -262,12 +265,12 @@ class PConfig {
 
 		$ret = false;
 
-		if (isset(\App::$config[$uid][$family][$key])) {
-			unset(\App::$config[$uid][$family][$key]);
+		if (isset(App::$config[$uid][$family][$key])) {
+			unset(App::$config[$uid][$family][$key]);
 		}
 
-		if (isset(\App::$config[$uid][$family]['pcfgud:'.$key])) {
-			unset(\App::$config[$uid][$family]['pcfgud:'.$key]);
+		if (isset(App::$config[$uid][$family]['pcfgud:'.$key])) {
+			unset(App::$config[$uid][$family]['pcfgud:'.$key]);
 		}
 
 		$ret = q("DELETE FROM pconfig WHERE uid = %d AND cat = '%s' AND k = '%s'",
@@ -278,9 +281,9 @@ class PConfig {
 
 		// Synchronize delete with clones.
 
-		if ($family != 'hz_delpconfig') {
-			$hash = hash('sha256',$family.':'.$key);
-			set_pconfig($uid,'hz_delpconfig',$hash,$updated);
+		if ($family !== 'hz_delpconfig') {
+			$hash = gen_link_id($family.':'.$key);
+			set_pconfig($uid, 'hz_delpconfig', $hash, $updated);
 		}
 
 		return $ret;

Zotlabs/Lib/Permcat.php

@@ -4,6 +4,7 @@ namespace Zotlabs\Lib;
 
 use Zotlabs\Access\PermissionRoles;
 use Zotlabs\Access\Permissions;
+use Zotlabs\Daemon\Master;
 
 /**
  * @brief Permission Categories. Permission rules for various classes of connections.
@@ -38,33 +39,33 @@ class Permcat {
 
 		// first check role perms for a perms_connect setting
 
-		$role = get_pconfig($channel_id,'system','permissions_role');
-		if($role) {
+		$role = get_pconfig($channel_id, 'system', 'permissions_role');
+		if ($role) {
 			$x = PermissionRoles::role_perms($role);
-			if($x['perms_connect']) {
+			if ($x['perms_connect']) {
 				$perms = Permissions::FilledPerms($x['perms_connect']);
 			}
 		}
 
 		// if no role perms it may be a custom role, see if there any autoperms
 
-		if(! $perms) {
+		if (!$perms) {
 			$perms = Permissions::FilledAutoPerms($channel_id);
 		}
 
 		// if no autoperms it may be a custom role with manual perms
 
-		if(! $perms) {
+		if (!$perms) {
 			$r = q("select channel_hash from channel where channel_id = %d",
 				intval($channel_id)
 			);
-			if($r) {
+			if ($r) {
 				$x = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'my_perms'",
 					intval($channel_id),
 					dbesc($r[0]['channel_hash'])
 				);
-				if($x) {
-					foreach($x as $xv) {
+				if ($x) {
+					foreach ($x as $xv) {
 						$perms[$xv['k']] = intval($xv['v']);
 					}
 				}
@@ -73,25 +74,27 @@ class Permcat {
 
 		// nothing was found - create a filled permission array where all permissions are 0
 
-		if(! $perms) {
+		if (!$perms) {
 			$perms = Permissions::FilledPerms([]);
 		}
 
 		$this->permcats[] = [
 			'name'      => 'default',
-			'localname' => t('default','permcat'),
+			'localname' => t('Default', 'permcat'),
 			'perms'     => Permissions::Operms($perms),
+			'raw_perms' => $perms,
 			'system'    => 1
 		];
 
 
 		$p = $this->load_permcats($channel_id);
-		if($p) {
-			for($x = 0; $x < count($p); $x++) {
+		if ($p) {
+			for ($x = 0; $x < count($p); $x++) {
 				$this->permcats[] = [
 					'name'      => $p[$x][0],
 					'localname' => $p[$x][1],
 					'perms'     => Permissions::Operms(Permissions::FilledPerms($p[$x][2])),
+					'raw_perms' => Permissions::FilledPerms($p[$x][2]),
 					'system'    => intval($p[$x][3])
 				];
 			}
@@ -116,9 +119,9 @@ class Permcat {
 	 *   * \e bool \b error if $name not found in permcats true
 	 */
 	public function fetch($name) {
-		if($name && $this->permcats) {
-			foreach($this->permcats as $permcat) {
-				if(strcasecmp($permcat['name'], $name) === 0) {
+		if ($name && $this->permcats) {
+			foreach ($this->permcats as $permcat) {
+				if (strcasecmp($permcat['name'], $name) === 0) {
 					return $permcat;
 				}
 			}
@@ -128,31 +131,28 @@ class Permcat {
 	}
 
 	public function load_permcats($uid) {
-
+		/*
 		$permcats = [
-			[ 'follower', t('follower','permcat'),
-				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
-				  'post_like' ], 1
-			],
-			[ 'contributor', t('contributor','permcat'),
-				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
-				  'post_wall','post_comments','write_wiki','post_like','tag_deliver','chat' ], 1
-			],
-			[ 'publisher', t('publisher','permcat'),
+			[ 'contributor', t('Contributor','permcat'),
 				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages',
-				  'write_storage','post_wall','write_pages','write_wiki','post_comments','post_like','tag_deliver',
-				  'chat', 'republish' ], 1
-			]
+				  'write_storage','post_wall','write_pages','write_wiki','post_comments', 'post_mail', 'post_like',
+				  'chat' ], 1
+			],
+			[ 'muted', t('Muted','permcat'),
+				[ 'view_stream','view_profile','view_contacts','view_storage','view_pages','view_wiki',
+				  'post_comments','write_wiki','post_like' ], 1
+			],
 		];
-
-		if($uid) {
+		*/
+		if ($uid) {
 			$x = q("select * from pconfig where uid = %d and cat = 'permcat'",
 				intval($uid)
 			);
-			if($x) {
-				foreach($x as $xv) {
-					$value = ((preg_match('|^a:[0-9]+:{.*}$|s', $xv['v'])) ? unserialize($xv['v']) : $xv['v']);
-					$permcats[] = [ $xv['k'], $xv['k'], $value, 0 ];
+
+			if ($x) {
+				foreach ($x as $xv) {
+					$value      = ((preg_match('|^a:[0-9]+:{.*}$|s', $xv['v'])) ? unserialize($xv['v']) : $xv['v']);
+					$permcats[] = [$xv['k'], $xv['k'], $value, 0];
 				}
 			}
 		}
@@ -167,11 +167,11 @@ class Permcat {
 	}
 
 	static public function find_permcat($arr, $name) {
-		if((! $arr) || (! $name))
+		if ((!$arr) || (!$name))
 			return false;
 
-		foreach($arr as $p)
-			if($p['name'] == $name)
+		foreach ($arr as $p)
+			if ($p['name'] == $name)
 				return $p['value'];
 	}
 
@@ -183,4 +183,105 @@ class Permcat {
 		PConfig::Delete($channel_id, 'permcat', $name);
 	}
 
-}
+	/**
+	 * @brief assign a contact role to contacts
+	 *
+	 * @param array $channel
+	 * @param string $role the name of the role
+	 * @param array $contacts an array of contact hashes
+	 */
+	public static function assign($channel, $role, $contacts) {
+
+		if (!isset($channel['channel_id'])) {
+			return;
+		}
+
+		if (!is_array($contacts) || empty($contacts)) {
+			return;
+		}
+
+		if (!$role) {
+			// lookup the default
+			$role = get_pconfig($channel['channel_id'], 'system', 'default_permcat', 'default');
+		}
+
+
+		// Doublecheck that we do not assign a role to ourself.
+		// It does not make a difference but could be confusing.
+		if (in_array($channel['channel_hash'], $contacts)) {
+			$contacts = array_diff($contacts, [$channel['channel_hash']]);
+		}
+
+		$all_perms  = Permissions::Perms();
+		$permcats   = new Permcat($channel['channel_id']);
+		$role_perms = $permcats->fetch($role);
+
+		if (isset($role_perms['error'])) {
+			return false;
+		}
+
+		$perms = $role_perms['raw_perms'];
+
+		$values_sql = '';
+		stringify_array_elms($contacts, true);
+
+		if ($all_perms && $perms) {
+
+			foreach ($contacts as $contact) {
+				foreach ($all_perms as $perm => $desc) {
+					if (array_key_exists($perm, $perms)) {
+						$values_sql .= " (" . intval($channel['channel_id']) . ", " . protect_sprintf($contact) . ", 'my_perms', '" . dbesc($perm) . "', " . intval($perms[$perm]) . "),";
+					}
+					else {
+						$values_sql .= " (" . intval($channel['channel_id']) . ", " . protect_sprintf($contact) . ", 'my_perms', '" . dbesc($perm) . "', 0), ";
+					}
+				}
+			}
+		}
+
+		$values_sql = rtrim($values_sql, ',');
+
+		dbq("DELETE FROM abconfig WHERE chan = " . intval($channel['channel_id']) . " AND cat = 'my_perms' AND xchan IN (" . protect_sprintf(implode(',', $contacts)) . ")");
+
+		dbq("INSERT INTO abconfig ( chan, xchan, cat, k, v ) VALUES $values_sql");
+
+		q("UPDATE abook SET abook_role = '%s'
+			WHERE abook_xchan IN (" . protect_sprintf(implode(',', $contacts)) . ") AND abook_channel = %d",
+			dbesc($role),
+			intval($channel['channel_id'])
+		);
+
+		$r = q("SELECT abook.*, xchan.* FROM abook LEFT JOIN xchan ON abook.abook_xchan = xchan.xchan_hash WHERE abook.abook_xchan IN (" . protect_sprintf(implode(',', $contacts)) . ") AND abook.abook_channel = %d AND abook_self = 0",
+			intval($channel['channel_id'])
+		);
+
+		foreach ($r as $rr) {
+
+			if (intval($rr['abook_self'])) {
+				continue;
+			}
+
+			Master::Summon([
+				'Notifier',
+				'permission_update',
+				$rr['abook_id']
+			]);
+
+			$clone = $rr;
+
+			unset($clone['abook_id']);
+			unset($clone['abook_account']);
+			unset($clone['abook_channel']);
+
+			$abconfig = load_abconfig($channel['channel_id'], $clone['abook_xchan']);
+			if ($abconfig)
+				$clone['abconfig'] = $abconfig;
+
+			Libsync::build_sync_packet(0 /* use the current local_channel */, ['abook' => [$clone]]);
+
+		}
+
+		return true;
+	}
+
+}

Zotlabs/Lib/Queue.php

@@ -65,16 +65,51 @@ class Queue {
 		);
 	}
 
-
-	static function remove($id,$channel_id = 0) {
-		logger('queue: remove queue item ' . $id,LOGGER_DEBUG);
+	public static function remove($id, $channel_id = 0) {
+		logger('queue: remove queue item ' . $id, LOGGER_DEBUG);
 		$sql_extra = (($channel_id) ? " and outq_channel = " . intval($channel_id) . " " : '');
 
-		q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
+		// figure out what endpoint it is going to.
+		$record = q("select outq_posturl from outq where outq_hash = '%s' $sql_extra",
 			dbesc($id)
 		);
-	}
 
+		if ($record) {
+			q("DELETE FROM outq WHERE outq_hash = '%s' $sql_extra",
+				dbesc($id)
+			);
+
+			// If there's anything remaining in the queue for this site, move one of them to the next active
+			// queue run by setting outq_scheduled back to the present. We may be attempting to deliver it
+			// as a 'piled_up' delivery, but this ensures the site has an active queue entry as long as queued
+			// entries still exist for it. This fixes an issue where one immediate delivery left everything
+			// else for that site undeliverable since all the other entries had been pushed far into the future.
+
+			$x = null;
+			$sql_quirks = ((get_config('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
+
+			q("START TRANSACTION");
+
+			$r = q("SELECT outq_hash FROM outq WHERE outq_posturl = '%s' LIMIT 1 FOR UPDATE $sql_quirks",
+				dbesc($record[0]['outq_posturl'])
+			);
+
+			if ($r) {
+				$x = q("UPDATE outq SET outq_scheduled = '%s' WHERE outq_hash = '%s'",
+					dbesc(datetime_convert()),
+					dbesc($r[0]['outq_hash'])
+				);
+			}
+
+			if ($x) {
+				q("COMMIT");
+			}
+			else {
+				q("ROLLBACK");
+			}
+
+		}
+	}
 
 	static function remove_by_posturl($posturl) {
 		logger('queue: remove queue posturl ' . $posturl,LOGGER_DEBUG);
@@ -84,8 +119,6 @@ class Queue {
 		);
 	}
 
-
-
 	static function set_delivered($id,$channel = 0) {
 		logger('queue: set delivered ' . $id,LOGGER_DEBUG);
 		$sql_extra = (($channel['channel_id']) ? " and outq_channel = " . intval($channel['channel_id']) . " " : '');
@@ -110,21 +143,30 @@ class Queue {
 			return false;
 		}
 
+		$hash = $arr['hash'] ?? '';
+		$account_id = $arr['account_id'] ?? 0;
+		$channel_id = $arr['channel_id'] ?? 0;
+		$driver = $arr['driver'] ?? 'zot6';
+		$posturl = $arr['posturl'] ?? '';
+		$priority = $arr['priority'] ?? 0;
+		$notify = $arr['notify'] ?? '';
+		$msg = $arr['msg'] ?? '';
+
 		$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
 			outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg )
 			values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
-			dbesc($arr['hash']),
-			intval($arr['account_id']),
-			intval($arr['channel_id']),
-			dbesc(($arr['driver']) ? $arr['driver'] : 'zot6'),
-			dbesc($arr['posturl']),
+			dbesc($hash),
+			intval($account_id),
+			intval($channel_id),
+			dbesc($driver),
+			dbesc($posturl),
 			intval(1),
-			intval(isset($arr['priority']) ? $arr['priority'] : 0),
+			intval($priority),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
-			dbesc($arr['notify']),
-			dbesc(($arr['msg']) ? $arr['msg'] : '')
+			dbesc($notify),
+			dbesc($msg)
 		);
 		return $x;
 
@@ -143,17 +185,19 @@ class Queue {
 			$y = q("select site_update, site_dead from site where site_url = '%s' ",
 				dbesc($base)
 			);
-			if($y) {
-				if(intval($y[0]['site_dead'])) {
+
+			if ($y) {
+				// Don't bother delivering if the site is dead.
+				// And if we haven't heard from the site in over a month - let them through but 3 strikes you're out.
+				if (intval($y[0]['site_dead']) || ($y[0]['site_update'] < datetime_convert('UTC', 'UTC', 'now - 1 month') && $outq['outq_priority'] > 20)) {
+					q("update dreport set dreport_result = '%s' where dreport_queue = '%s'",
+						dbesc('site dead'),
+						dbesc($outq['outq_hash'])
+					);
 					self::remove_by_posturl($outq['outq_posturl']);
 					logger('dead site ignored ' . $base);
 					return;
 				}
-				if($y[0]['site_update'] < datetime_convert('UTC','UTC','now - 1 month')) {
-					self::update($outq['outq_hash'], 10);
-					logger('immediate delivery deferred for site ' . $base);
-					return;
-				}
 			}
 			else {
 
@@ -202,7 +246,7 @@ class Queue {
 
 			if($channel && $base) {
 				$h = q("SELECT hubloc_sitekey, site_crypto FROM hubloc LEFT JOIN site ON hubloc_url = site_url
-					WHERE site_url = '%s' AND hubloc_network = 'zot6' ORDER BY hubloc_id DESC LIMIT 1",
+					WHERE site_url = '%s' AND hubloc_network = 'zot6' AND hubloc_deleted = 0 ORDER BY hubloc_primary DESC, hubloc_id DESC LIMIT 1",
 					dbesc($base)
 				);
 				if($h) {

Zotlabs/Lib/QueueWorker.php

@@ -0,0 +1,373 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Ramsey\Uuid\Uuid;
+use Ramsey\Uuid\Exception\UnableToBuildUuidException;
+
+class QueueWorker {
+
+	public static $queueworker = null;
+	public static $maxworkers = 0;
+	public static $workermaxage = 0;
+	public static $workersleep = 100;
+	public static $default_priorities = [
+		'Notifier'         => 10,
+		'Deliver'          => 10,
+		'Cache_query'      => 10,
+		'Content_importer' => 1,
+		'File_importer'    => 1,
+		'Channel_purge'    => 1,
+		'Directory'        => 1
+	];
+
+	// Exceptions for processtimeout ($workermaxage) value.
+	// Currently the value is overriden with 3600 seconds (1h).
+	public static $long_running_cmd = [
+		'Queue'
+	];
+
+	private static function qstart() {
+		q('START TRANSACTION');
+	}
+
+	private static function qcommit() {
+		q("COMMIT");
+	}
+
+	private static function qrollback() {
+		q("ROLLBACK");
+	}
+
+	public static function Summon($argv) {
+
+		if ($argv[0] !== 'Queueworker') {
+
+			$priority = 0; // @TODO allow reprioritization
+
+			if (isset(self::$default_priorities[$argv[0]])) {
+				$priority = self::$default_priorities[$argv[0]];
+			}
+
+			$workinfo      = ['argc' => count($argv), 'argv' => $argv];
+			$workinfo_json = json_encode($workinfo);
+			$uuid          = self::getUuid($workinfo_json);
+
+			$r = q("SELECT * FROM workerq WHERE workerq_uuid = '%s'",
+				dbesc($uuid)
+			);
+			if ($r) {
+				logger("Summon: Ignoring duplicate workerq task", LOGGER_DEBUG);
+				logger(print_r($workinfo, true));
+				return;
+			}
+
+			self::qstart();
+			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
+				intval($priority),
+				$workinfo_json,
+				dbesc($uuid),
+				dbesc($argv[0])
+			);
+			if (!$r) {
+				self::qrollback();
+				logger("INSERT FAILED", LOGGER_DEBUG);
+				return;
+			}
+			self::qcommit();
+			logger('INSERTED: ' . $workinfo_json, LOGGER_DEBUG);
+		}
+
+		$workers = self::GetWorkerCount();
+		if ($workers < self::$maxworkers) {
+			logger($workers . '/' . self::$maxworkers . ' workers active', LOGGER_DEBUG);
+			$phpbin = get_config('system', 'phpbin', 'php');
+			proc_run($phpbin, 'Zotlabs/Daemon/Master.php', ['Queueworker']);
+		}
+	}
+
+	public static function Release($argv) {
+
+		if ($argv[0] !== 'Queueworker') {
+
+			$priority = 0; // @TODO allow reprioritization
+			if (isset(self::$default_priorities[$argv[0]])) {
+				$priority = self::$default_priorities[$argv[0]];
+			}
+
+			$workinfo      = ['argc' => count($argv), 'argv' => $argv];
+			$workinfo_json = json_encode($workinfo);
+			$uuid          = self::getUuid($workinfo_json);
+
+			$r = q("SELECT * FROM workerq WHERE workerq_uuid = '%s'",
+				dbesc($uuid)
+			);
+			if ($r) {
+				logger("Release: Duplicate task - do not insert.", LOGGER_DEBUG);
+				logger(print_r($workinfo, true));
+				return;
+			}
+
+			self::qstart();
+			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
+				intval($priority),
+				$workinfo_json,
+				dbesc($uuid),
+				dbesc($argv[0])
+			);
+			if (!$r) {
+				self::qrollback();
+				logger("Insert failed: " . $workinfo_json, LOGGER_DEBUG);
+				return;
+			}
+			self::qcommit();
+			logger('INSERTED: ' . $workinfo_json, LOGGER_DEBUG);
+		}
+
+		self::Process();
+	}
+
+	public static function GetWorkerCount() {
+		if (self::$maxworkers == 0) {
+			self::$maxworkers = get_config('queueworker', 'max_queueworkers', 4);
+			self::$maxworkers = self::$maxworkers > 3 ? self::$maxworkers : 4;
+		}
+		if (self::$workermaxage == 0) {
+			self::$workermaxage = get_config('queueworker', 'max_queueworker_age');
+			self::$workermaxage = self::$workermaxage > 120 ? self::$workermaxage : 300;
+		}
+
+		self::qstart();
+
+		// skip locked is preferred but is not supported by mariadb < 10.6 which is still used a lot - hence make it optional
+		$sql_quirks = ((get_config('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
+
+		$r = q("SELECT workerq_id FROM workerq WHERE workerq_reservationid IS NOT NULL AND workerq_processtimeout < %s FOR UPDATE $sql_quirks",
+			db_utcnow()
+		);
+
+		if ($r) {
+			$ids = ids_to_querystr($r, 'workerq_id');
+			$u = dbq("update workerq set workerq_reservationid = null where workerq_id in ($ids)");
+		}
+
+		self::qcommit();
+
+		//q("update workerq set workerq_reservationid = null where workerq_reservationid is not null and workerq_processtimeout < %s",
+			//db_utcnow()
+		//);
+
+		//usleep(self::$workersleep);
+
+		$workers = dbq("select count(distinct workerq_reservationid) as total from workerq where workerq_reservationid is not null");
+		logger("WORKERCOUNT: " . $workers[0]['total'], LOGGER_DEBUG);
+
+		return intval($workers[0]['total']);
+	}
+
+	public static function GetWorkerID() {
+		if (self::$queueworker) {
+			return self::$queueworker;
+		}
+
+		$wid = uniqid('', true);
+
+		usleep(mt_rand(300000, 1000000)); //Sleep .3 - 1 seconds before creating a new worker.
+
+		$workers = self::GetWorkerCount();
+
+		if ($workers >= self::$maxworkers) {
+			logger("Too many active workers ($workers) max = " . self::$maxworkers, LOGGER_DEBUG);
+			return false;
+		}
+
+		self::$queueworker = $wid;
+
+		return $wid;
+	}
+
+	private static function getWorkId() {
+		self::GetWorkerCount();
+
+		self::qstart();
+
+		// skip locked is preferred but is not supported by mariadb < 10.6 which is still used a lot - hence make it optional
+		$sql_quirks = ((get_config('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
+
+		$work = dbq("SELECT workerq_id, workerq_cmd FROM workerq WHERE workerq_reservationid IS NULL ORDER BY workerq_priority DESC, workerq_id ASC LIMIT 1 FOR UPDATE $sql_quirks");
+
+		if (!$work) {
+			self::qcommit();
+			return false;
+		}
+
+		$id = $work[0]['workerq_id'];
+		$cmd = $work[0]['workerq_cmd'];
+		$age = self::$workermaxage;
+
+		if (in_array($cmd, self::$long_running_cmd)) {
+			$age = 3600; // 1h TODO: make this configurable
+		}
+
+		$work = q("UPDATE workerq SET workerq_reservationid = '%s', workerq_processtimeout = %s + INTERVAL %s WHERE workerq_id = %d",
+			self::$queueworker,
+			db_utcnow(),
+			db_quoteinterval($age . " SECOND"),
+			intval($id)
+		);
+
+		if (!$work) {
+			self::qrollback();
+			logger("Could not update workerq.", LOGGER_DEBUG);
+			return false;
+		}
+
+		logger("GOTWORK: " . json_encode($work), LOGGER_DEBUG);
+		self::qcommit();
+
+		return $id;
+	}
+
+	public static function Process() {
+		$sleep = intval(get_config('queueworker', 'queue_worker_sleep', 100));
+		$auto_queue_worker_sleep = get_config('queueworker', 'auto_queue_worker_sleep', 0);
+
+		if (!self::GetWorkerID()) {
+			if ($auto_queue_worker_sleep) {
+				set_config('queueworker', 'queue_worker_sleep', $sleep + 100);
+			}
+
+			logger('Unable to get worker ID. Exiting.', LOGGER_DEBUG);
+			killme();
+		}
+
+		if ($auto_queue_worker_sleep && $sleep > 100) {
+			$next_sleep = $sleep - 100;
+			set_config('queueworker', 'queue_worker_sleep', (($next_sleep < 100) ? 100 : $next_sleep));
+		}
+
+		$jobs               = 0;
+		$workid             = self::getWorkId();
+		$load_average_sleep = false;
+		self::$workersleep  = $sleep;
+		self::$workersleep  = ((intval(self::$workersleep) > 100) ? intval(self::$workersleep) : 100);
+
+		if (function_exists('sys_getloadavg') && get_config('queueworker', 'load_average_sleep')) {
+			// very experimental!
+			$load_average_sleep = true;
+		}
+
+		while ($workid) {
+
+			if ($load_average_sleep) {
+				$load_average      = sys_getloadavg();
+				self::$workersleep = intval($load_average[0]) * 10000;
+
+				if (!self::$workersleep) {
+					self::$workersleep = 100;
+				}
+			}
+
+			logger('queue_worker_sleep: ' . self::$workersleep, LOGGER_DEBUG);
+
+			usleep(self::$workersleep);
+
+			$workitem = dbq("SELECT * FROM workerq WHERE workerq_id = $workid");
+
+			if ($workitem) {
+				// At least SOME work to do.... in case there's more, let's ramp up workers.
+				$workers = self::GetWorkerCount();
+
+				if ($workers < self::$maxworkers) {
+					logger($workers . '/' . self::$maxworkers . ' workers active', LOGGER_DEBUG);
+					$phpbin = get_config('system', 'phpbin', 'php');
+					proc_run($phpbin, 'Zotlabs/Daemon/Master.php', ['Queueworker']);
+				}
+
+				$jobs++;
+
+				logger("Workinfo: " . $workitem[0]['workerq_data'], LOGGER_DEBUG);
+
+				$workinfo = json_decode($workitem[0]['workerq_data'], true);
+				$argv     = $workinfo['argv'];
+
+				$cls  = '\\Zotlabs\\Daemon\\' . $argv[0];
+				$argv = flatten_array_recursive($argv);
+				$argc = count($argv);
+				$rnd = random_string();
+
+				logger('PROCESSING: ' . $rnd . ' ' . print_r($argv[0], true));
+
+				$cls::run($argc, $argv);
+
+				logger('COMPLETED: ' . $rnd);
+
+				// @FIXME: Right now we assume that if we get a return, everything is OK.
+				// At some point we may want to test whether the run returns true/false
+				// and requeue the work to be tried again if needed.  But we probably want
+				// to implement some sort of "retry interval" first.
+
+				dbq("delete from workerq where workerq_id = $workid");
+			}
+			else {
+				logger("NO WORKITEM!", LOGGER_DEBUG);
+			}
+			$workid = self::getWorkId();
+		}
+		logger('Master: Worker Thread: queue items processed:' . $jobs, LOGGER_DEBUG);
+	}
+
+	public static function ClearQueue() {
+		$work = q("select * from workerq");
+		while ($work) {
+			foreach ($work as $workitem) {
+				$workinfo = json_decode($workitem['v'], true);
+				$argc     = $workinfo['argc'];
+				$argv     = $workinfo['argv'];
+
+				logger('Master: process: ' . print_r($argv, true), LOGGER_ALL, LOG_DEBUG);
+
+				if (!isset($argv[0])) {
+					q("delete from workerq where workerq_id = %d",
+						$work[0]['workerq_id']
+					);
+					continue;
+				}
+
+				$cls = '\\Zotlabs\\Daemon\\' . $argv[0];
+				$cls::run($argc, $argv);
+
+				q("delete from workerq where workerq_id = %d",
+					$work[0]['workerq_id']
+				);
+
+				//Give the server .3 seconds to catch its breath between tasks.
+				//This will hopefully keep it from crashing to it's knees entirely
+				//if the last task ended up initiating other parallel processes
+				//(eg. polling remotes)
+				usleep(300000);
+			}
+
+			//Make sure nothing new came in
+			$work = q("select * from workerq");
+		}
+	}
+
+	/**
+	 * @brief Generate a name-based v5 UUID with custom namespace
+	 *
+	 * @param string $data
+	 * @return string $uuid
+	 */
+	private static function getUuid(string $data) {
+		$namespace = '3a112e42-f147-4ccf-a78b-f6841339ea2a';
+		try {
+			$uuid = Uuid::uuid5($namespace, $data)->toString();
+		} catch (UnableToBuildUuidException $e) {
+			logger('UUID generation failed');
+			return '';
+		}
+		return $uuid;
+	}
+
+}

Zotlabs/Lib/System.php

@@ -16,13 +16,13 @@ class System {
 	}
 
 	static public function get_site_name() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['sitename'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['sitename']))
 			return \App::$config['system']['sitename'];
 		return '';
 	}
 
 	static public function get_project_version() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['hide_version']))
 			return '';
 		if(is_array(\App::$config) && is_array(\App::$config['system']) && array_key_exists('std_version',\App::$config['system']))
 			return \App::$config['system']['std_version'];
@@ -31,33 +31,33 @@ class System {
 	}
 
 	static public function get_update_version() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['hide_version']))
 			return '';
 		return DB_UPDATE_VERSION;
 	}
 
 
 	static public function get_notify_icon() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['email_notify_icon_url'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['email_notify_icon_url']))
 			return \App::$config['system']['email_notify_icon_url'];
 		return z_root() . DEFAULT_NOTIFY_ICON;
 	}
 
 	static public function get_site_icon() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['site_icon_url'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['site_icon_url']))
 			return \App::$config['system']['site_icon_url'];
 		return z_root() . DEFAULT_PLATFORM_ICON ;
 	}
 
 
 	static public function get_project_link() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_link'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['project_link']))
 			return \App::$config['system']['project_link'];
 		return 'https://hubzilla.org';
 	}
 
 	static public function get_project_srclink() {
-		if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_srclink'])
+		if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['project_srclink']))
 			return \App::$config['system']['project_srclink'];
 		return 'https://framagit.org/hubzilla/core.git';
 	}
@@ -68,7 +68,7 @@ class System {
 
 
 	static public function get_zot_revision() {
-		$x = [ 'revision' => ZOT_REVISION ]; 
+		$x = [ 'revision' => ZOT_REVISION ];
 		call_hooks('zot_revision',$x);
 		return $x['revision'];
 	}

Zotlabs/Lib/ThreadItem.php

@@ -2,7 +2,9 @@
 
 namespace Zotlabs\Lib;
 
+use App;
 use Zotlabs\Lib\Apps;
+use Zotlabs\Access\AccessList;
 
 require_once('include/text.php');
 
@@ -58,6 +60,9 @@ class ThreadItem {
 				$child = new ThreadItem($item);
 				$this->add_child($child);
 			}
+
+			// performance: we have already added the children
+			unset($this->data['children']);
 		}
 
 		// allow a site to configure the order and content of the reaction emoji list
@@ -79,10 +84,8 @@ class ThreadItem {
 
 	public function get_template_data($conv_responses, $thread_level=1, $conv_flags = []) {
 
-		$result = array();
-
-		$item     = $this->get_data();
-
+		$result = [];
+		$item = $this->get_data();
 		$commentww = '';
 		$sparkle = '';
 		$buttons = '';
@@ -93,16 +96,30 @@ class ThreadItem {
 		$is_item = false;
 		$osparkle = '';
 		$total_children = $this->count_descendants();
-		$unseen_comments = (($item['real_uid']) ? 0 : $this->count_unseen_descendants());
+		$unseen_comments = ((isset($item['real_uid']) && $item['real_uid']) ? 0 : $this->count_unseen_descendants());
 
  		$conv = $this->get_conversation();
 		$observer = $conv->get_observer();
 
-		$lock = (((intval($item['item_private'])) || (($item['uid'] == local_channel()) && (strlen($item['allow_cid']) || strlen($item['allow_gid'])
-			|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
-			? t('Private Message')
+		$acl = new AccessList(false);
+		$acl->set($item);
+
+		$lock = ((intval($item['item_private']) || ($item['uid'] == local_channel() && $acl->is_private()))
+			? t('Restricted message')
 			: false);
-		$locktype = $item['item_private'];
+
+		// 1 = restricted message, 2 = direct message
+		$locktype = intval($item['item_private']);
+
+		if ($locktype === 2) {
+			$lock = t('Direct message');
+		}
+
+		// 0 = limited based on public policy
+		if ($item['uid'] == local_channel() && intval($item['item_private']) && !$acl->is_private() && strlen($item['public_policy'])) {
+			$lock = t('Public Policy');
+			$locktype = 0;
+		}
 
 		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false);
 
@@ -110,16 +127,20 @@ class ThreadItem {
 		if($item['author']['xchan_network'] === 'rss')
 			$shareable = true;
 
-		$privacy_warning = false;
-		if(intval($item['item_private']) && ($item['owner']['xchan_network'] === 'activitypub')) {
-			$recips = get_iconfig($item['parent'], 'activitypub', 'recips');
+		// @fixme
+		// Have recently added code to properly handle polls in group reshares by redirecting all of the poll responses to the group.
+		// Sharing a poll using a regular embedded share is harder because the poll will need to fork. This is due to comment permissions.
+		// The original poll author may not accept responses from strangers. Forking the poll will receive responses from the sharer's
+		// followers, but there's no elegant way to merge these two sets of results together. For now, we'll disable sharing polls.
 
-			if(! is_array($recips['to']) || ! in_array($observer['xchan_url'], $recips['to']))
-				$privacy_warning = true;
+		if ($item['obj_type'] === 'Question') {
+			$shareable = false;
 		}
 
+		$privacy_warning = ($item['owner']['xchan_network'] === 'activitypub' && intval($item['item_private']) === 1);
+
 		if ($lock) {
- 			if (($item['mid'] == $item['parent_mid']) && count(get_terms_oftype($item['term'],TERM_FORUM))) {
+ 			if (($item['mid'] == $item['parent_mid']) && isset($item['term']) && count(get_terms_oftype($item['term'], TERM_FORUM))) {
  				$privacy_warning = true;
 				$conv_flags['parent_privacy_warning'] = true;
  			}
@@ -133,24 +154,11 @@ class ThreadItem {
 
 		$mode = $conv->get_mode();
 
-		switch($item['item_type']) {
-			case ITEM_TYPE_CARD:
-				$edlink = 'card_edit';
-				break;
-			case ITEM_TYPE_ARTICLE:
-				$edlink = 'article_edit';
-				break;
-			default:
-				$edlink = 'editpost';
-				break;
-		}
-
 		if(local_channel() && $observer['xchan_hash'] === $item['author_xchan'])
-			$edpost = array(z_root() . '/' . $edlink . '/' . $item['id'], t('Edit'));
+			$edpost = array(z_root() . '/editpost/' . $item['id'], t('Edit'));
 		else
 			$edpost = false;
 
-
 		if($observer && $observer['xchan_hash']
 			&& ($observer['xchan_hash'] == $this->get_data_value('author_xchan')
 			|| $observer['xchan_hash'] == $this->get_data_value('owner_xchan')
@@ -164,7 +172,7 @@ class ThreadItem {
 			$dropping = false;
 		}
 
-
+		$drop = [];
 		if($dropping) {
 			$drop = array(
 				'dropping' => $dropping,
@@ -175,13 +183,6 @@ class ThreadItem {
 			$drop = [ 'dropping' => true, 'delete' => t('Admin Delete') ];
 		}
 
-// FIXME
-		if($observer_is_pageowner) {
-			$multidrop = array(
-				'select' => t('Select'),
-			);
-		}
-
 		$filer = ((($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
 
 		$profile_avatar = $item['author']['xchan_photo_m'];
@@ -191,7 +192,6 @@ class ThreadItem {
 		$location = format_location($item);
 		$isevent = false;
 		$attend = null;
-		$canvote = false;
 
 		// process action responses - e.g. like/dislike/attend/agree/whatever
 		$response_verbs = array('like');
@@ -211,17 +211,6 @@ class ThreadItem {
 			$response_verbs[] = 'answer';
 		}
 
-		$consensus = (intval($item['item_consensus']) ? true : false);
-		if($consensus) {
-			$response_verbs[] = 'agree';
-			$response_verbs[] = 'disagree';
-			$response_verbs[] = 'abstain';
-			if($this->is_commentable() && $observer) {
-				$conlabels = array( t('I agree'), t('I disagree'), t('I abstain'));
-				$canvote = true;
-			}
-		}
-
 		if(! feature_enabled($conv->get_profile_owner(),'dislike'))
 			unset($conv_responses['dislike']);
 
@@ -229,7 +218,8 @@ class ThreadItem {
 
 		$my_responses = [];
 		foreach($response_verbs as $v) {
-			$my_responses[$v] = (($conv_responses[$v][$item['mid'] . '-m']) ? 1 : 0);
+
+			$my_responses[$v] = ((isset($conv_responses[$v][$item['mid'] . '-m'])) ? 1 : 0);
 		}
 
 		$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
@@ -242,6 +232,7 @@ class ThreadItem {
 		}
 		$like_button_label = tt('Like','Likes',$like_count,'noun');
 
+		$showdislike = '';
 		if (feature_enabled($conv->get_profile_owner(),'dislike')) {
 			$dislike_count = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid']] : '');
 			$dislike_list = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid'] . '-l'] : '');
@@ -252,11 +243,11 @@ class ThreadItem {
 			} else {
 				$dislike_list_part = '';
 			}
+
+			$showdislike = ((x($conv_responses['dislike'],$item['mid'])) ? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
 		}
 
 		$showlike    = ((x($conv_responses['like'],$item['mid'])) ? format_like($conv_responses['like'][$item['mid']],$conv_responses['like'][$item['mid'] . '-l'],'like',$item['mid']) : '');
-		$showdislike = ((x($conv_responses['dislike'],$item['mid']) && feature_enabled($conv->get_profile_owner(),'dislike'))
-				? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
 
 		/*
 		 * We should avoid doing this all the time, but it depends on the conversation mode
@@ -267,14 +258,11 @@ class ThreadItem {
 		$this->check_wall_to_wall();
 
 		if($this->is_toplevel()) {
-			// FIXME check this permission
-			if(($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) {
-
-				$star = array(
+			if((local_channel() && $conv->get_profile_owner() === local_channel()) || (local_channel() && App::$module === 'pubstream')) {
+				$star = [
 					'toggle' => t("Toggle Star Status"),
 					'isstarred' => ((intval($item['item_starred'])) ? true : false),
-				);
-
+				];
 			}
 		}
 		else {
@@ -291,7 +279,7 @@ class ThreadItem {
 		$tagger = [];
 
 		// FIXME - check this permission
-		if($conv->get_profile_owner() == local_channel()) {
+		if(local_channel() && $conv->get_profile_owner() == local_channel()) {
 			/* disable until we agree on how to implemnt this in zot6/activitypub
 			$tagger = array(
 				'tagit' => t("Add Tag"),
@@ -303,7 +291,7 @@ class ThreadItem {
 		}
 
 		$has_bookmarks = false;
-		if(Apps::system_app_installed(local_channel(), 'Bookmarks') && is_array($item['term'])) {
+		if(Apps::system_app_installed(local_channel(), 'Bookmarks') && isset($item['term']) && is_array($item['term'])) {
 			foreach($item['term'] as $t) {
 				if(($t['ttype'] == TERM_BOOKMARK))
 					$has_bookmarks = true;
@@ -314,20 +302,26 @@ class ThreadItem {
 		if(($item['obj_type'] === ACTIVITY_OBJ_EVENT) && $conv->get_profile_owner() == local_channel())
 			$has_event = true;
 
+		$like = [];
+		$dislike = [];
+		$reply_to = [];
+
 		if($this->is_commentable() && $observer) {
 			$like = array( t("I like this \x28toggle\x29"), t("like"));
 			$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
 			$reply_to = array( t("Reply on this comment"), t("reply"), t("Reply to"));
 		}
 
+		$share = [];
+		$embed = [];
 		if ($shareable) {
 			// This actually turns out not to be possible in some protocol stacks without opening up hundreds of new issues.
 			// Will allow it only for uri resolvable sources.
 			if(strpos($item['mid'],'http') === 0) {
-				$share = []; //Not yet ready for primetime
+				//Not yet ready for primetime
 				//$share = array( t('Repeat This'), t('repeat'));
 			}
-			$embed = array( t('Share This'), t('share'));
+			$embed = [t('Share This'), t('share')];
 		}
 
 		$dreport = '';
@@ -336,11 +330,13 @@ class ThreadItem {
 		if($keep_reports === 0)
 			$keep_reports = 10;
 
-		if((! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
+		$dreport_link = '';
+		if((intval($item['item_type']) == ITEM_TYPE_POST) && (! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
 			$dreport = t('Delivery Report');
 			$dreport_link = gen_link_id($item['mid']);
 		}
 
+		$is_new = false;
 		if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
 			$is_new = true;
 
@@ -356,8 +352,8 @@ class ThreadItem {
 		if($conv->get_mode() === 'channel')
 			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode(gen_link_id($item['mid']));
 
-		$comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
-		$list_unseen_txt = (($unseen_comments) ? sprintf( t('%d unseen'),$unseen_comments) : '');
+		$comment_count_txt = sprintf(tt('%d Comment', '%d Comments', $total_children), $total_children);
+		$list_unseen_txt = (($unseen_comments) ? sprintf(t('%d unseen'), $unseen_comments) : '');
 
 		$children = $this->get_children();
 
@@ -384,6 +380,12 @@ class ThreadItem {
 		$pinned_items = ($allowed_type ? get_pconfig($item['uid'], 'pinned', $item['item_type'], []) : []);
 		$pinned = ((!empty($pinned_items) && in_array($midb64, $pinned_items)) ? true : false);
 
+		$contact = [];
+
+		if(App::$contacts && array_key_exists($item['author_xchan'], App::$contacts)) {
+			$contact = App::$contacts[$item['author_xchan']];
+		}
+
 		$tmp_item = array(
 			'template' => $this->get_template(),
 			'mode' => $mode,
@@ -401,11 +403,9 @@ class ThreadItem {
 			'mids' => $json_mids,
 			'parent' => $item['parent'],
 			'author_id' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
+			'author_is_group_actor' => (($item['author']['xchan_pubforum']) ? t('Forum') : ''),
 			'isevent' => $isevent,
 			'attend' => $attend,
-			'consensus' => $consensus,
-			'conlabels' => $conlabels,
-			'canvote' => $canvote,
 			'linktitle' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
 			'olinktitle' => (($item['owner']['xchan_addr']) ? $item['owner']['xchan_addr'] : $item['owner']['xchan_url']),
 			'llink' => $item['llink'],
@@ -474,7 +474,6 @@ class ThreadItem {
 			'bookmark'  => (($conv->get_profile_owner() == local_channel() && local_channel() && $has_bookmarks) ? t('Save Bookmarks') : ''),
 			'addtocal'  => (($has_event) ? t('Add to Calendar') : ''),
 			'drop'      => $drop,
-			'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
 			'dropdown_extras' => $dropdown_extras,
 // end toolbar buttons
 			'unseen_comments' => $unseen_comments,
@@ -497,13 +496,15 @@ class ThreadItem {
 			'modal_dismiss' => t('Close'),
 			'showlike' => $showlike,
 			'showdislike' => $showdislike,
-			'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box($indent)),
+			'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box()),
 			'previewing' => ($conv->is_preview() ? true : false ),
 			'preview_lbl' => t('This is an unsaved preview'),
 			'wait' => t('Please wait'),
 			'thread_level' => $thread_level,
 			'settings' => $settings,
-			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : '')
+			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : ''),
+			'contact_id' => (($contact) ? $contact['abook_id'] : '')
+
 		);
 
 		$arr = array('item' => $item, 'output' => $tmp_item);
@@ -789,7 +790,7 @@ class ThreadItem {
 	 *      _ The comment box string (empty if no comment box)
 	 *      _ false on failure
 	 */
-	private function get_comment_box($indent) {
+	private function get_comment_box() {
 
 		if(!$this->is_toplevel() && !get_config('system','thread_allow')) {
 			return '';
@@ -835,7 +836,6 @@ class ThreadItem {
 			'$edurl' => t('Insert Link'),
 			'$edvideo' => t('Video'),
 			'$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
-			'$indent' => $indent,
 			'$can_upload' => (perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage') && $conv->is_uploadable()),
 			'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
 			'$encrypt' => t('Encrypt text'),

Zotlabs/Lib/ThreadStream.php

@@ -69,12 +69,12 @@ class ThreadStream {
 			case 'cards':
 				$this->profile_owner = \App::$profile['profile_uid'];
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
-				$this->reload = $_SESSION['return_url'];
+				//$this->reload = $_SESSION['return_url'];
 				break;
 			case 'articles':
 				$this->profile_owner = \App::$profile['profile_uid'];
 				$this->writable = perm_is_allowed($this->profile_owner,$ob_hash,'post_comments');
-				$this->reload = $_SESSION['return_url'];
+				//$this->reload = $_SESSION['return_url'];
 				break;
 			case 'display':
 				// in this mode we set profile_owner after initialisation (from conversation()) and then

Zotlabs/Lib/Webfinger.php

@@ -52,15 +52,21 @@ class Webfinger {
 
 		if(strpos($resource,'http') === 0) {
 			$m = parse_url($resource);
-			if($m) {
-				if($m['scheme'] !== 'https') {
-					return false;
-				}
-				self::$server = $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
-			}
-			else {
+
+			if (!$m) {
 				return false;
 			}
+
+			if(isset($m['scheme']) && $m['scheme'] !== 'https') {
+				return false;
+			}
+
+			if(!isset($m['host'])) {
+				return false;
+			}
+
+			self::$server = $m['host'] . ((isset($m['port'])) ? ':' . $m['port'] : '');
+
 		}
 		elseif(strpos($resource,'tag:') === 0) {
 			$arr = explode(':',$resource); // split the tag
@@ -86,7 +92,7 @@ class Webfinger {
 	/**
 	 * @brief fetch a webfinger resource and return a zot6 discovery url if present
 	 *
-	 */ 
+	 */
 
 	static function zot_url($resource) {
 

Zotlabs/Lib/XConfig.php

@@ -162,7 +162,7 @@ class XConfig {
 	 */
 	static public function Delete($xchan, $family, $key) {
 
-		if(x(\App::$config[$xchan][$family], $key))
+		if(isset(\App::$config[$xchan][$family][$key]))
 			unset(\App::$config[$xchan][$family][$key]);
 
 		$ret = q("DELETE FROM xconfig WHERE xchan = '%s' AND cat = '%s' AND k = '%s'",

Zotlabs/Lib/ZotURL.php

@@ -87,4 +87,4 @@ class ZotURL {
 		return ids_to_array($r,'hubloc_url');
 	}
 
-}
+}

Zotlabs/Lib/Zotfinger.php

@@ -6,7 +6,7 @@ use Zotlabs\Web\HTTPSig;
 
 class Zotfinger {
 
-	static function exec($resource,$channel = null, $verify = true) {
+	static function exec($resource, $channel = null, $verify = true, $recurse = true) {
 
 		if(! $resource) {
 			return false;
@@ -39,6 +39,30 @@ class Zotfinger {
 
 		logger('fetch: ' . print_r($x,true));
 
+        if (in_array(intval($x['return_code']), [ 404, 410 ]) && $recurse) {
+
+            // The resource has been deleted or doesn't exist at this location.
+            // Try to find another nomadic resource for this channel and return that.
+
+            // First, see if there's a hubloc for this site. Fetch that record to
+            // obtain the nomadic identity hash. Then use that to find any additional
+            // nomadic locations.
+
+            $h = Activity::get_actor_hublocs($resource, 'zot6');
+            if ($h) {
+                // mark this location deleted
+                hubloc_delete($h[0]);
+                $hubs = Activity::get_actor_hublocs($h[0]['hubloc_hash']);
+                if ($hubs) {
+                    foreach ($hubs as $hub) {
+                        if ($hub['hubloc_id_url'] !== $resource && !$hub['hubloc_deleted']) {
+                            return self::exec($hub['hubloc_id_url'], $channel, $verify);
+                        }
+                    }
+                }
+            }
+        }
+
 		if($x['success']) {
 			if ($verify) {
 				$result['signature'] = HTTPSig::verify($x, EMPTY_STR, 'zot6');

Zotlabs/Module/Acl.php

@@ -3,9 +3,9 @@
 namespace Zotlabs\Module;
 
 use Zotlabs\Lib\Libzotdir;
+use Zotlabs\Lib\AccessList;
 
 require_once 'include/acl_selectors.php';
-require_once 'include/group.php';
 
 /**
  * @brief ACL selector json backend.
@@ -66,6 +66,11 @@ class Acl extends \Zotlabs\Web\Controller {
 			killme();
 
 		$permitted = [];
+		$sql_extra = '';
+		$sql_extra2 = '';
+		$sql_extra3 = '';
+		$sql_extra2_xchan = '';
+		$order_extra2 = '';
 
 		if(in_array($type, [ 'm', 'a', 'c', 'f' ])) {
 
@@ -81,7 +86,6 @@ class Acl extends \Zotlabs\Web\Controller {
 
 		}
 
-
 		if($search) {
 			$sql_extra = " AND pgrp.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
 			$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'"  : "%'")) . ") ";
@@ -100,10 +104,6 @@ class Acl extends \Zotlabs\Web\Controller {
 			$sql_extra3 = "AND ( xchan_addr like " . protect_sprintf( "'%" . dbesc(punify($search)) . "%'" ) . " OR xchan_name like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ) ";
 
 		}
-		else {
-			$sql_extra = $sql_extra2 = $sql_extra3 = "";
-		}
-
 
 		$groups = array();
 		$contacts = array();
@@ -123,7 +123,7 @@ class Acl extends \Zotlabs\Web\Controller {
 						"name"  => t('Profile','acl') . ' ' . $rv['profile_name'],
 						"id"	=> 'vp' . $rv['id'],
 						"xid"   => 'vp.' . $rv['profile_guid'],
-						"uids"  => group_get_profile_members_xchan(local_channel(), $rv['id']),
+						"uids"  => AccessList::profile_members_xchan(local_channel(), $rv['id']),
 						"link"  => ''
 					);
 				}
@@ -146,14 +146,14 @@ class Acl extends \Zotlabs\Web\Controller {
 
 			if($r) {
 				foreach($r as $g){
-		//		logger('acl: group: ' . $g['gname'] . ' members: ' . group_get_members_xchan($g['id']));
+		//		logger('acl: group: ' . $g['gname'] . ' members: ' . AccessList::members_xchan(local_channel(), $g['id']));
 					$groups[] = array(
 						"type"  => "g",
 						"photo" => "images/twopeople.png",
 						"name"  => $g['gname'],
 						"id"	=> $g['id'],
 						"xid"   => $g['hash'],
-						"uids"  => group_get_members_xchan($g['id']),
+						"uids"  => AccessList::members_xchan(local_channel(), $g['id']),
 						"link"  => ''
 					);
 				}
@@ -284,7 +284,7 @@ class Acl extends \Zotlabs\Web\Controller {
 		}
 		elseif($type == 'm') {
 			$r = array();
-			$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
+			$z = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, abook_self
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
@@ -304,7 +304,7 @@ class Acl extends \Zotlabs\Web\Controller {
 		}
 		elseif($type == 'a') {
 
-			$r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
+			$r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag, abook_their_perms, abook_self FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d
 				and xchan_deleted = 0
 				$sql_extra3
@@ -342,7 +342,7 @@ class Acl extends \Zotlabs\Web\Controller {
 			$x = [];
 			foreach($r as $g) {
 
-				if(in_array($g['net'],['rss','anon','unknown']) && ($type != 'a'))
+				if(isset($g['net']) && in_array($g['net'], ['rss','anon','unknown']) && ($type != 'a'))
 					continue;
 
 				$g['hash'] = urlencode($g['hash']);
@@ -378,12 +378,13 @@ class Acl extends \Zotlabs\Web\Controller {
 							"name"     => $g['name'],
 							"id"	   => urlencode($g['id']),
 							"xid"      => $g['hash'],
+							"url"      => $g['url'],
 							"link"     => $clink,
 							"nick"     => ((strpos($g['nick'],'@')) ? substr($g['nick'],0,strpos($g['nick'],'@')) : $g['nick']),
 							"self"     => (intval($g['abook_self']) ? 'abook-self' : ''),
 							"taggable" => '',
 							"label"    => '',
-							"net"      => $g['net']
+							"net"      => $g['net'] ?? ''
 						);
 					}
 				}

Zotlabs/Module/Activity.php

@@ -182,7 +182,7 @@ class Activity extends Controller {
 				return;
 			}
 
-			$ob_authorise = false;
+			$ob_authorize = false;
 			$item_uid = 0;
 
 			$bear = ZlibActivity::token_from_request();

Zotlabs/Module/Admin/Addons.php

@@ -77,6 +77,7 @@ class Addons {
 					} catch (\PHPGit\Exception\GitException $e) {
 						json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
 					}
+					break;
 				case 'removerepo':
 					if (array_key_exists('repoName', $_REQUEST)) {
 						$repoName = $_REQUEST['repoName'];
@@ -111,6 +112,7 @@ class Addons {
 					} else {
 						json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false));
 					}
+					break;
 				case 'installrepo':
 					if (array_key_exists('repoURL', $_REQUEST)) {
 						require_once('library/PHPGit.autoload.php');			// Load PHPGit dependencies
@@ -172,6 +174,7 @@ class Addons {
 						$repo = $git->probeRepo();
 						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
 					}
+					break;
 				case 'addrepo':
 					if (array_key_exists('repoURL', $_REQUEST)) {
 						require_once('library/PHPGit.autoload.php');	 // Load PHPGit dependencies

Zotlabs/Module/Admin/Dbsync.php

@@ -5,11 +5,11 @@ namespace Zotlabs\Module\Admin;
 
 
 class Dbsync {
-	
+
 
 	function get() {
 		$o = '';
-	
+
 		if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') {
 			// remove the old style config if it exists
 			del_config('database', 'update_r' . intval(argv(3)));
@@ -29,7 +29,7 @@ class Dbsync {
 				if(method_exists($c,'verify')) {
 					$retval = $c->verify();
 					if($retval === UPDATE_FAILED) {
-						$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s); 
+						$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s);
 					}
 					elseif($retval === UPDATE_SUCCESS) {
 						$o .= sprintf( t('Update %s was successfully applied.'), $s);
@@ -44,20 +44,8 @@ class Dbsync {
 			}
 			else
 				$o .= sprintf( t('Update function %s could not be found.'), $s);
-	
+
 			return $o;
-
-
-
-
-
-			// remove the old style config if it exists
-			del_config('database', 'update_r' . intval(argv(3)));
-			set_config('database', '_' . intval(argv(3)), 'success');
-			if(intval(get_config('system','db_version')) < intval(argv(3)))
-				set_config('system','db_version',intval(argv(3)));
-			info( t('Update has been marked successful') . EOL);
-			goaway(z_root() . '/admin/dbsync');
 		}
 
 		if(argc() > 2 && intval(argv(2))) {
@@ -68,7 +56,7 @@ class Dbsync {
 				$c =  new $cls();
 				$retval = $c->run();
 				if($retval === UPDATE_FAILED) {
-					$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s); 
+					$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s);
 				}
 				elseif($retval === UPDATE_SUCCESS) {
 					$o .= sprintf( t('Update %s was successfully applied.'), $s);
@@ -79,10 +67,10 @@ class Dbsync {
 			}
 			else
 				$o .= sprintf( t('Update function %s could not be found.'), $s);
-	
+
 			return $o;
 		}
-	
+
 		$failed = array();
 		$r = q("select * from config where cat = 'database' ");
 		if(count($r)) {
@@ -107,7 +95,7 @@ class Dbsync {
 		else {
 			return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>';
 		}
-	
+
 		return $o;
 	}
-}
+}

Zotlabs/Module/Admin/Queue.php

@@ -12,23 +12,33 @@ class Queue {
 
 		$o = '';
 
-		$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
+		$expert = $_REQUEST['expert'] ?? false;
 
-		if($_REQUEST['drophub']) {
+		if(isset($_REQUEST['drophub'])) {
 			hubloc_mark_as_down($_REQUEST['drophub']);
 			LibQueue::remove_by_posturl($_REQUEST['drophub']);
 		}
 
-		if($_REQUEST['emptyhub']) {
+		if(isset($_REQUEST['emptyhub'])) {
 			LibQueue::remove_by_posturl($_REQUEST['emptyhub']);
 		}
 
-		$r = q("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq
+		if(isset($_REQUEST['deliverhub'])) {
+
+			$hubq = q("SELECT * FROM outq WHERE outq_posturl = '%s'",
+				dbesc($_REQUEST['deliverhub'])
+			);
+
+			foreach ($hubq as $q) {
+				LibQueue::deliver($q, true);
+			}
+		}
+
+		$r = dbq("select count(outq_posturl) as total, max(outq_priority) as priority, outq_posturl from outq
 			where outq_delivered = 0 group by outq_posturl order by total desc");
 
 		for($x = 0; $x < count($r); $x ++) {
 			$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
-			$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
 		}
 
 		$o = replace_macros(get_markup_template('admin_queue.tpl'), array(
@@ -37,6 +47,7 @@ class Queue {
 			'$priority' => t('Priority'),
 			'$desturl' => t('Destination URL'),
 			'$nukehub' => t('Mark hub permanently offline'),
+			'$deliverhub' => t('Retry delivery to this hub'),
 			'$empty' => t('Empty queue for this hub'),
 			'$lastconn' => t('Last known contact'),
 			'$hasentries' => ((count($r)) ? true : false),

Zotlabs/Module/Admin/Queueworker.php

@@ -0,0 +1,121 @@
+<?php
+
+namespace Zotlabs\Module\Admin;
+
+use App;
+use Zotlabs\Web\Controller;
+
+class Queueworker extends Controller {
+
+	function init() {
+
+	}
+
+	function post() {
+
+		check_form_security_token('form_security_token', 'queueworker');
+
+		$maxqueueworkers = intval($_POST['queueworker_maxworkers']);
+		$maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4;
+		set_config('queueworker', 'max_queueworkers', $maxqueueworkers);
+
+		$maxworkerage = intval($_POST['queueworker_max_age']);
+		$maxworkerage = ($maxworkerage >= 120) ? $maxworkerage : 300;
+		set_config('queueworker', 'queueworker_max_age', $maxworkerage);
+
+		$queueworkersleep = intval($_POST['queue_worker_sleep']);
+		$queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100;
+		set_config('queueworker', 'queue_worker_sleep', $queueworkersleep);
+
+		$auto_queue_worker_sleep = intval($_POST['auto_queue_worker_sleep']);
+		set_config('queueworker', 'auto_queue_worker_sleep', $auto_queue_worker_sleep);
+
+		goaway(z_root() . '/admin/queueworker');
+	}
+
+	function get() {
+
+		$content = "<H1>Queue Status</H1>\n";
+
+		$r = q('select count(*) as total from workerq');
+
+		$content .= "<H4>There are " . $r[0]['total'] . " queue items to be processed.</H4>";
+
+		$r = dbq("select count(distinct workerq_reservationid) as qworkers from workerq where workerq_reservationid is not null");
+
+		$content .= "<H4>Active workers: " . $r[0]['qworkers'] . "</H4>";
+
+		$r = dbq("select workerq_cmd, count(*) as total from workerq where true group by workerq_cmd");
+
+		if ($r) {
+			$content .= "<H4>Work items</H4>";
+			foreach($r as $rr) {
+				$content .= $rr['workerq_cmd'] . ': ' . $rr['total'] . '<br>';
+			}
+		}
+
+		$maxqueueworkers = get_config('queueworker', 'max_queueworkers', 4);
+		$maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4;
+
+		$sc = '';
+
+		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
+			'$field' => [
+				'queueworker_maxworkers',
+				t('Max queueworker threads'),
+				$maxqueueworkers,
+				t('Minimum 4, default 4')
+			]
+		]);
+
+		$workermaxage = get_config('queueworker', 'queueworker_max_age');
+		$workermaxage = ($workermaxage >= 120) ? $workermaxage : 300;
+
+		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
+			'$field' => [
+				'queueworker_max_age',
+				t('Assume workers dead after'),
+				$workermaxage,
+				t('Minimum 120, default 300 seconds')
+			]
+		]);
+
+		$queueworkersleep = get_config('queueworker', 'queue_worker_sleep');
+		$queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100;
+
+		$auto_queue_worker_sleep = get_config('queueworker', 'auto_queue_worker_sleep', 0);
+
+		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
+			'$field' => [
+				'queue_worker_sleep',
+				t('Pause before starting next task'),
+				$queueworkersleep,
+				t('Minimum 100, default 100 microseconds'),
+				'',
+				(($auto_queue_worker_sleep) ? 'disabled' : '')
+			]
+		]);
+
+		$sc .= replace_macros(get_markup_template('field_checkbox.tpl'), [
+			'$field' => [
+				'auto_queue_worker_sleep',
+				t('Automatically adjust pause before starting next task'),
+				$auto_queue_worker_sleep,
+			]
+		]);
+
+		$tpl = get_markup_template('settings_addon.tpl');
+		$content .= replace_macros($tpl, [
+				'$action_url' => 'admin/queueworker',
+				'$form_security_token' => get_form_security_token('queueworker'),
+				'$title' => t('Queueworker Settings'),
+				'$content' => $sc,
+				'$baseurl' => z_root(),
+				'$submit' => t('Save')
+			]
+		);
+
+		return $content;
+
+	}
+}

Zotlabs/Module/Admin/Site.php

@@ -100,7 +100,7 @@ class Site {
 		$reg_expire 	   = (preg_match('/^[a-z]{1,1}$/', $regexpireu) ? $regexpiren . $regexpireu : '');
 
 		$imagick_path      = ((x($_POST,'imagick_path'))     ? trim($_POST['imagick_path'])   : '');
-		$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
+		//$force_queue       = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue'])   : 3000);
 		$pub_incl = escape_tags(trim($_POST['pub_incl']));
 		$pub_excl = escape_tags(trim($_POST['pub_excl']));
 
@@ -129,7 +129,7 @@ class Site {
 					set_config('system', 'register_duty', $this->register_duty);
 					set_config('system', 'register_duty_jso', $this->joo);
 				} else {
-					notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg;
+					notice('ZAR0130E,' . t('Errors') . ': ' . $this->error . EOL . $this->msgfg . EOL);
 				}
 			}
 		}
@@ -205,7 +205,7 @@ class Site {
 		set_config('system','disable_discover_tab', $disable_discover_tab);
 		set_config('system','site_firehose', $site_firehose);
 		set_config('system','open_pubstream', $open_pubstream);
-		set_config('system','force_queue_threshold', $force_queue);
+		//set_config('system','force_queue_threshold', $force_queue);
 		if ($global_directory == '') {
 			del_config('system', 'directory_submit_url');
 		} else {
@@ -339,12 +339,15 @@ class Site {
 		// now invert the logic for the setting.
 		$discover_tab = (1 - $discover_tab);
 
-		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
-		$default_role = get_config('system','default_permissions_role','social');
+		$perm_roles = \Zotlabs\Access\PermissionRoles::channel_roles();
+		$default_role = get_config('system', 'default_permissions_role', 'personal');
+
+		if (!in_array($default_role, array_keys($perm_roles))) {
+			$default_role = 'personal';
+		}
 
 		$role = array('permissions_role' , t('Default permission role for new accounts'), $default_role, t('This role will be used for the first channel created after registration.'),$perm_roles);
 
-
 		$homelogin = get_config('system','login_on_homepage');
 		$enable_context_help = get_config('system','enable_context_help');
 
@@ -505,10 +508,10 @@ class Site {
 			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
 			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
 			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
-			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory.")),
-			'$disable_discover_tab'	=> array('disable_discover_tab', t('Import Public Streams'), $discover_tab, t('Import and allow access to public content pulled from other sites. Warning: this content is unmoderated.')),
-			'$site_firehose'	=> array('site_firehose', t('Site only Public Streams'), get_config('system','site_firehose'), t('Allow access to public content originating only from this site if Imported Public Streams are disabled.')),
-			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the Public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing. Warning: this content is unmoderated.')),
+			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory")),
+			'$disable_discover_tab'	=> array('disable_discover_tab', t('Enable public stream'), $discover_tab, t('Enable the public stream. Warning: this content is unmoderated')),
+			'$site_firehose'	=> array('site_firehose', t('Site only public stream'), get_config('system','site_firehose'), t('Restrict the public stream to content originating at this site')),
+			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing')),
 			'$incl'           => array('pub_incl',t('Only import Public stream posts with this text'), get_config('system','pubstream_incl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
 			'$excl'           => array('pub_excl',t('Do not import Public stream posts with this text'), get_config('system','pubstream_excl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
 
@@ -529,7 +532,7 @@ class Site {
 			'$timeout'			=> array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
 			'$delivery_interval'			=> array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
 			'$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")),
-			'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
+			//'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
 			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
 			'$imagick_path'			=> array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")),
 			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),

Zotlabs/Module/Appman.php

@@ -13,7 +13,7 @@ class Appman extends \Zotlabs\Web\Controller {
 		if(! local_channel())
 			return;
 
-		if($_POST['url']) {
+		if(isset($_POST['url']) && $_POST['url']) {
 			$arr = array(
 				'uid' => intval($_REQUEST['uid']),
 				'url' => escape_tags($_REQUEST['url']),
@@ -50,7 +50,7 @@ class Appman extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		if($_POST['install']) {
+		if(isset($_POST['install']) && $_POST['install']) {
 			Apps::app_install(local_channel(),$papp);
 			if(Apps::app_installed(local_channel(),$papp))
 				info( t('App installed.') . EOL);
@@ -65,15 +65,15 @@ class Appman extends \Zotlabs\Web\Controller {
 			}
 
 			if (intval($sync[0]['app_system'])) {
-				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
 			}
 			else {
-				Libsync::build_sync_packet($uid, ['app' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
 			}
 
 		}
 
-		if($_POST['delete']) {
+		if(isset($_POST['delete']) && $_POST['delete']) {
 
 			// Fetch the app for sync before it is deleted (if it is deletable))
 			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
@@ -91,18 +91,18 @@ class Appman extends \Zotlabs\Web\Controller {
 			$sync[0]['app_deleted'] = 1;
 
 			if (intval($sync[0]['app_system'])) {
-				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
 			}
 			else {
-				Libsync::build_sync_packet($uid, ['app' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
 			}
 		}
 
-		if($_POST['edit']) {
+		if(isset($_POST['edit']) && $_POST['edit']) {
 			return;
 		}
 
-		if($_POST['feature']) {
+		if(isset($_POST['feature']) && $_POST['feature']) {
 			Apps::app_feature(local_channel(), $papp, $_POST['feature']);
 
 			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
@@ -111,14 +111,14 @@ class Appman extends \Zotlabs\Web\Controller {
 			);
 
 			if (intval($sync[0]['app_system'])) {
-				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
 			}
 			else {
-				Libsync::build_sync_packet($uid, ['app' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
 			}
 		}
 
-		if($_POST['pin']) {
+		if(isset($_POST['pin']) && $_POST['pin']) {
 			Apps::app_feature(local_channel(), $papp, $_POST['pin']);
 
 			$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
@@ -127,14 +127,14 @@ class Appman extends \Zotlabs\Web\Controller {
 			);
 
 			if (intval($sync[0]['app_system'])) {
-				Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
 			}
 			else {
-				Libsync::build_sync_packet($uid, ['app' => $sync]);
+				Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
 			}
 		}
 
-		if($_POST['aj']) {
+		if(isset($_POST['aj']) && $_POST['aj']) {
 			killme();
 		}
 
@@ -171,7 +171,7 @@ class Appman extends \Zotlabs\Web\Controller {
 
 		$app = null;
 		$embed = null;
-		if($_REQUEST['appid']) {
+		if(isset($_REQUEST['appid']) && $_REQUEST['appid']) {
 			$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
 				dbesc($_REQUEST['appid']),
 				dbesc(local_channel())
@@ -200,27 +200,25 @@ class Appman extends \Zotlabs\Web\Controller {
 		}
 
 		return replace_macros(get_markup_template('app_create.tpl'), array(
-
 			'$banner' => (($app) ? t('Edit App') : t('Create App')),
 			'$app' => $app,
-			'$guid' => (($app) ? $app['app_id'] : ''),
-			'$author' => (($app) ? $app['app_author'] : $channel['channel_hash']),
-			'$addr' => (($app) ? $app['app_addr'] : $channel['xchan_addr']),
-			'$name' => array('name', t('Name of app'),(($app) ? $app['app_name'] : ''), t('Required')),
-			'$url' => array('url', t('Location (URL) of app'),(($app) ? $app['app_url'] : ''), t('Required')),
-	 		'$desc' => array('desc', t('Description'),(($app) ? $app['app_desc'] : ''), ''),
-			'$photo' => array('photo', t('Photo icon URL'),(($app) ? $app['app_photo'] : ''), t('80 x 80 pixels - optional')),
-			'$categories' => array('categories',t('Categories (optional, comma separated list)'),(($app) ? $app['categories'] : ''),''),
-			'$version' => array('version', t('Version ID'),(($app) ? $app['app_version'] : ''), ''),
-			'$price' => array('price', t('Price of app'),(($app) ? $app['app_price'] : ''), ''),
-			'$page' => array('page', t('Location (URL) to purchase app'),(($app) ? $app['app_page'] : ''), ''),
-			'$system' => (($app) ? intval($app['app_system']) : 0),
-			'$plugin' => (($app) ? $app['app_plugin'] : ''),
-			'$requires' => (($app) ? $app['app_requires'] : ''),
+			'$guid' => $app['app_id'] ?? '',
+			'$author' => $app['app_author'] ?? $channel['channel_hash'],
+			'$addr' => $app['app_addr'] ?? $channel['xchan_addr'],
+			'$name' => array('name', t('Name of app'), $app['app_name'] ?? '', t('Required')),
+			'$url' => array('url', t('Location (URL) of app'), $app['app_url'] ?? '', t('Required')),
+	 		'$desc' => array('desc', t('Description'), $app['app_desc'] ?? '', ''),
+			'$photo' => array('photo', t('Photo icon URL'),$app['app_photo'] ?? '', t('80 x 80 pixels - optional')),
+			'$categories' => array('categories',t('Categories (optional, comma separated list)'), $app['categories'] ?? '',''),
+			'$version' => array('version', t('Version ID'), $app['app_version'] ?? '', ''),
+			'$price' => array('price', t('Price of app'), $app['app_price'] ?? '', ''),
+			'$page' => array('page', t('Location (URL) to purchase app'), $app['app_page'] ?? '', ''),
+			'$system' => $app['app_system'] ?? 0,
+			'$plugin' => $app['app_plugin'] ?? '',
+			'$requires' => $app['app_requires'] ?? '',
 			'$embed' => $embed,
 			'$submit' => t('Submit')
 		));
-
 	}
 
 }

Zotlabs/Module/Apps.php

@@ -19,7 +19,8 @@ class Apps extends \Zotlabs\Web\Controller {
 
 		$_SESSION['return_url'] = \App::$query_string;
 
-		$apps = array();
+		$apps = [];
+		$cat = [];
 
 		if(local_channel()) {
 			Zlib\Apps::import_system_apps();

Zotlabs/Module/Apschema.php

@@ -14,7 +14,7 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'zot'              => z_root() . '/apschema#',
 				'id'               => '@id',
 				'type'             => '@type',
-				'commentPolicy'    => 'as:commentPolicy',
+				'commentPolicy'    => 'zot:commentPolicy',
 				'meData'           => 'zot:meData',
 				'meDataType'       => 'zot:meDataType',
 				'meEncoding'       => 'zot:meEncoding',
@@ -33,6 +33,9 @@ class Apschema extends \Zotlabs\Web\Controller {
 				'PropertyValue'    => 'schema:PropertyValue',
 				'value'            => 'schema:value',
 
+				'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
+
+
 				'magicEnv' => [
 					'@id'   => 'zot:magicEnv',
 					'@type' => '@id'

Zotlabs/Module/Article_edit.php

@@ -1,138 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/channel.php');
-require_once('include/acl_selectors.php');
-require_once('include/conversation.php');
-
-class Article_edit extends \Zotlabs\Web\Controller {
-
-
-	function get() {
-
-		// Figure out which post we're editing
-		$post_id = ((argc() > 1) ? intval(argv(1)) : 0);
-
-		if(! $post_id) {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$itm = q("SELECT * FROM item WHERE id = %d and item_type = %d LIMIT 1",
-			intval($post_id),
-			intval(ITEM_TYPE_ARTICLE)
-		);
-		if($itm) {
-			$item_id = q("select * from iconfig where cat = 'system' and k = 'ARTICLE' and iid = %d limit 1",
-				intval($itm[0]['id'])
-			);
-			if($item_id)
-				$card_title = $item_id[0]['v'];
-		}
-		else {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$owner = $itm[0]['uid'];
-		$uid = local_channel();
-
-		$observer = \App::get_observer();
-
-		$channel = channelx_by_n($owner);
-		if(! $channel) {
-			notice( t('Channel not found.') . EOL);
-			return;
-		}
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = (($uid && $uid == $owner) ? true : false);
-
-		$o = '';
-
-
-
-		$category = '';
-		$catsenabled = ((feature_enabled($owner,'categories')) ? 'categories' : '');
-
-		if ($catsenabled){
-		        $itm = fetch_post_tags($itm);
-
-	                $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-
-		        foreach ($cats as $cat) {
-		                if (strlen($category))
-		                        $category .= ', ';
-		                $category .= $cat['term'];
-		        }
-		}
-
-		if($itm[0]['attach']) {
-			$j = json_decode($itm[0]['attach'],true);
-			if($j) {
-				foreach($j as $jj) {
-					$itm[0]['body'] .= "\n" . '[attachment]' . basename($jj['href']) . ',' . $jj['revision'] . '[/attachment]' . "\n";
-				}
-			}
-		}
-
-
-		$mimetype = $itm[0]['mimetype'];
-
-		$content = $itm[0]['body'];
-
-		$rp = 'articles/' . $channel['channel_address'];
-
-		$x = array(
-			'nickname' => $channel['channel_address'],
-			'bbco_autocomplete'=> 'bbcode',
-			'return_path' => $rp,
-			'webpage' => ITEM_TYPE_ARTICLE,
-			'button' => t('Edit'),
-			'writefiles' => perm_is_allowed($owner, get_observer_hash(), 'write_pages'),
-			'weblink' => t('Insert web link'),
-			'hide_voting' => false,
-			'hide_future' => false,
-			'hide_location' => false,
-			'hide_expire' => false,
-			'showacl' => true,
-			'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
-			'permissions' => $itm[0],
-			'lockstate' => (($itm[0]['allow_cid'] || $itm[0]['allow_gid'] || $itm[0]['deny_cid'] || $itm[0]['deny_gid']) ? 'lock' : 'unlock'),
-			'ptyp' => $itm[0]['type'],
-			'mimeselect' => false,
-			'mimetype' => $itm[0]['mimetype'],
-			'body' => undo_post_tagging($content),
-			'post_id' => $post_id,
-			'visitor' => true,
-			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
-			'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'),
-			'placeholdertitle' => t('Title (optional)'),
-			'pagetitle' => $card_title,
-			'profile_uid' => (intval($channel['channel_id'])),
-			'catsenabled' => $catsenabled,
-			'category' => $category,
-			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
-		);
-
-		$editor = status_editor($a, $x, false, 'Article_edit');
-
-		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
-			'$title' => t('Edit Article'),
-			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
-			'$id' => $itm[0]['id'],
-			'$cancel' => t('Cancel'),
-			'$editor' => $editor
-		));
-
-		return $o;
-
-	}
-
-}

Zotlabs/Module/Articles.php

@@ -1,232 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-use App;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Web\Controller;
-use Zotlabs\Lib\PermissionDescription;
-
-require_once('include/channel.php');
-require_once('include/conversation.php');
-require_once('include/acl_selectors.php');
-require_once('include/opengraph.php');
-
-
-class Articles extends Controller {
-
-	function init() {
-
-		if(argc() > 1)
-			$which = argv(1);
-
-                if(! $which) {
-                        if(local_channel()) {
-                                $channel = App::get_channel();
-                                if($channel && $channel['channel_address'])
-                                $which = $channel['channel_address'];
-                        } else {
-				return;
-			}
-                }
-
-		profile_load($which);
-
-	}
-
-	function get($update = 0, $load = false) {
-
-		if(observer_prohibited(true)) {
-			return login();
-		}
-
-		if(! App::$profile) {
-			notice( t('Requested profile is not available.') . EOL );
-			App::$error = 404;
-			return;
-		}
-
-		if(! Apps::system_app_installed(App::$profile_uid, 'Articles')) {
-			//Do not display any associated widgets at this point
-			App::$pdl = '';
-			$papp = Apps::get_papp('Articles');
-			return Apps::app_render($papp, 'module');
-		}
-
-		nav_set_selected('Articles');
-
-		head_add_link([
-			'rel'   => 'alternate',
-			'type'  => 'application/json+oembed',
-			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
-			'title' => 'oembed'
-		]);
-
-
-		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');
-
-		if($category) {
-			$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'],'item', $category, TERM_CATEGORY));
-		}
-
-		$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
-		$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
-
-		$which = argv(1);
-
-		$selected_card = ((argc() > 2) ? argv(2) : '');
-
-		$_SESSION['return_url'] = App::$query_string;
-
-		$uid      = local_channel();
-		$owner    = App::$profile_uid;
-		$observer = App::get_observer();
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner,$ob_hash,'view_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = ($uid && $uid == $owner);
-
-		$channel = channelx_by_n($owner);
-
-		if($channel) {
-			$channel_acl = array(
-				'allow_cid' => $channel['channel_allow_cid'],
-				'allow_gid' => $channel['channel_allow_gid'],
-				'deny_cid'  => $channel['channel_deny_cid'],
-				'deny_gid'  => $channel['channel_deny_gid']
-			);
-		}
-		else {
-			$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
-		}
-
-
-
-		if(perm_is_allowed($owner,$ob_hash,'write_pages')) {
-
-			$x = [
-				'webpage'           => ITEM_TYPE_ARTICLE,
-				'is_owner'          => true,
-				'content_label'     => t('Add Article'),
-				'button'            => t('Save'),
-				'nickname'          => $channel['channel_address'],
-				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
-					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-				'acl'               => (($is_owner) ? populate_acl($channel_acl, false,
-					PermissionDescription::fromGlobalPermission('view_pages')) : ''),
-				'permissions'       => $channel_acl,
-				'showacl'           => (($is_owner) ? true : false),
-				'visitor'           => true,
-				'hide_location'     => false,
-				'hide_voting'       => false,
-				'profile_uid'       => intval($owner),
-				'mimetype'          => 'text/bbcode',
-				'mimeselect'        => false,
-				'layoutselect'      => false,
-				'expanded'          => false,
-				'novoting'          => false,
-				'catsenabled'       => feature_enabled($owner,'categories'),
-				'bbco_autocomplete' => 'bbcode',
-				'bbcode'            => true
-			];
-
-			if($_REQUEST['title'])
-				$x['title'] = $_REQUEST['title'];
-			if($_REQUEST['body'])
-				$x['body'] = $_REQUEST['body'];
-			$editor = status_editor($a,$x,false,'Articles');
-
-		}
-		else {
-			$editor = '';
-		}
-
-		$itemspage = get_pconfig(local_channel(),'system','itemspage');
-		App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
-		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
-
-
-		$sql_extra = item_permissions_sql($owner);
-		$sql_item = '';
-
-		if($selected_card) {
-			$r = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and iconfig.v = '%s' limit 1",
-				dbesc($selected_card)
-			);
-			if($r) {
-				$sql_item = "and item.id = " . intval($r[0]['iid']) . " ";
-			}
-		}
-		if($datequery) {
-			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
-			$order = 'post';
-		}
-		if($datequery2) {
-			$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
-		}
-
-		if($datequery || $datequery2) {
-			$sql_extra2 .= " and item.item_thread_top != 0 ";
-		}
-
-		$r = q("select * from item
-			where item.uid = %d and item_type = %d
-			$sql_extra $sql_extra2 $sql_item order by item.created desc $pager_sql",
-			intval($owner),
-			intval(ITEM_TYPE_ARTICLE)
-		);
-
-		$item_normal = " and item.item_hidden = 0 and item.item_type in (0,7) and item.item_deleted = 0
-			and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
-			and item.item_blocked = 0 ";
-
-		if($r) {
-
-			$pager_total = count($r);
-
-			$parents_str = ids_to_querystr($r,'id');
-
-			$r = q("SELECT item.*, item.id AS item_id
-				FROM item
-				WHERE item.uid = %d $item_normal
-				AND item.parent IN ( %s )
-				$sql_extra $sql_extra2 ",
-				intval(App::$profile['profile_uid']),
-				dbesc($parents_str)
-			);
-			if($r) {
-				xchan_query($r);
-				$items = fetch_post_tags($r, true);
-				$items = conv_sort($items,'updated');
-			}
-			else
-				$items = [];
-		}
-
-		// Add Opengraph markup
-		opengraph_add_meta((! empty($items) ? $r[0] : []), $channel);
-
-		$mode = 'articles';
-
-		if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card))
-            $page_mode = 'pager_list';
-        else
-            $page_mode = 'traditional';
-
-     	$content = conversation($items,$mode,false,$page_mode);
-
-		$o = replace_macros(get_markup_template('cards.tpl'), [
-			'$title' => t('Articles'),
-			'$editor' => $editor,
-			'$content' => $content,
-			'$pager' => alt_pager($pager_total)
-		]);
-
-        return $o;
-    }
-
-}

Zotlabs/Module/Blocks.php

@@ -9,43 +9,43 @@ require_once('include/acl_selectors.php');
 class Blocks extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
 			$sys = get_sys_channel();
 			if($sys && intval($sys['channel_id'])) {
 				\App::$is_sys = true;
 			}
 		}
-	
+
 		if(argc() > 1)
 			$which = argv(1);
 		else
 			return;
-	
+
 		profile_load($which);
-	
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! \App::$profile) {
 			notice( t('Requested profile is not available.') . EOL );
 			\App::$error = 404;
 			return;
 		}
-	
+
 		$which = argv(1);
-	
+
 		$_SESSION['return_url'] = \App::$query_string;
-	
+
 		$uid = local_channel();
 		$owner = 0;
 		$channel = null;
 		$observer = \App::get_observer();
-	
+
 		$channel = \App::get_channel();
-	
+
 		if(\App::$is_sys && is_site_admin()) {
 			$sys = get_sys_channel();
 			if($sys && intval($sys['channel_id'])) {
@@ -54,7 +54,7 @@ class Blocks extends \Zotlabs\Web\Controller {
 				$observer = $sys;
 			}
 		}
-	
+
 		if(! $owner) {
 			// Figure out who the page owner is.
 			$r = q("select channel_id from channel where channel_address = '%s'",
@@ -64,24 +64,24 @@ class Blocks extends \Zotlabs\Web\Controller {
 				$owner = intval($r[0]['channel_id']);
 			}
 		}
-	
+
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-	
+
 		$perms = get_all_perms($owner,$ob_hash);
-	
+
 		if(! $perms['write_pages']) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
-		// Block design features from visitors 
-	
+
+		// Block design features from visitors
+
 		if((! $uid) || ($uid != $owner)) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
-		$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
+
+		$mimetype = ((isset($_REQUEST['mimetype']) && $_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
 
 		$x = array(
 			'webpage' => ITEM_TYPE_BLOCK,
@@ -101,27 +101,25 @@ class Blocks extends \Zotlabs\Web\Controller {
 			'bbco_autocomplete' => 'bbcode',
 			'bbcode' => true
 		);
-	
-		if($_REQUEST['title'])
-			$x['title'] = $_REQUEST['title'];
-		if($_REQUEST['body'])
-			$x['body'] = $_REQUEST['body'];
-		if($_REQUEST['pagetitle'])
-			$x['pagetitle'] = $_REQUEST['pagetitle'];
-	
-		$editor = status_editor($a,$x,false,'Blocks');
-	
 
-		$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig 
+		$x['title'] = $_REQUEST['title'] ?? '';
+		$x['body'] = $_REQUEST['body'] ?? '';
+		$x['pagetitle'] = $_REQUEST['pagetitle'] ?? '';
+
+		$a = '';
+		$editor = status_editor($a,$x,false,'Blocks');
+
+
+		$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig
 			left join item on iconfig.iid = item.id
-			where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK' 
+			where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK'
 			and item_type = %d order by item.created desc",
 			intval($owner),
 			intval(ITEM_TYPE_BLOCK)
 		);
-	
+
 		$pages = null;
-	
+
 		if($r) {
 			$pages = array();
 			foreach($r as $rr) {
@@ -143,13 +141,13 @@ class Blocks extends \Zotlabs\Web\Controller {
 					'edited' => $rr['edited'],
 					'bb_element' => '[element]' . base64url_encode(json_encode($element_arr)) . '[/element]'
 				);
-			} 
+			}
 		}
-	
+
 		//Build the base URL for edit links
-		$url = z_root() . '/editblock/' . $which; 
-	
-		$o .= replace_macros(get_markup_template('blocklist.tpl'), array(
+		$url = z_root() . '/editblock/' . $which;
+
+		$o = replace_macros(get_markup_template('blocklist.tpl'), array(
 			'$baseurl'    => $url,
 			'$title'      => t('Blocks'),
 			'$name'       => t('Block Name'),
@@ -166,8 +164,8 @@ class Blocks extends \Zotlabs\Web\Controller {
 			'$view'       => t('View'),
 			'$preview'    => '1',
 		));
-	    
+
 		return $o;
 	}
-	
+
 }

Zotlabs/Module/Cal.php

@@ -39,7 +39,7 @@ class Cal extends Controller {
 
 			head_set_icon(App::$data['channel']['xchan_photo_s']);
 
-			App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
+			App::$page['htmlhead'] = "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
 
 		}
 
@@ -65,13 +65,9 @@ class Cal extends Controller {
 
 		nav_set_selected('Calendar');
 
-		head_add_css('/library/fullcalendar/packages/core/main.min.css');
-		head_add_css('/library/fullcalendar/packages/daygrid/main.min.css');
+		head_add_js('/library/fullcalendar/dist/index.global.js');
 		head_add_css('cdav_calendar.css');
 
-		head_add_js('/library/fullcalendar/packages/core/main.min.js');
-		head_add_js('/library/fullcalendar/packages/daygrid/main.min.js');
-
 		$sql_extra = permissions_sql($channel['channel_id'], get_observer_hash(), 'event');
 
 		if(! perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts') || App::$profile['hide_friends'])

Zotlabs/Module/Card_edit.php

@@ -1,140 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-require_once('include/channel.php');
-require_once('include/acl_selectors.php');
-require_once('include/conversation.php');
-
-class Card_edit extends \Zotlabs\Web\Controller {
-
-
-	function get() {
-
-		// Figure out which post we're editing
-		$post_id = ((argc() > 1) ? intval(argv(1)) : 0);
-
-		if(! $post_id) {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$itm = q("SELECT * FROM item WHERE id = %d and item_type = %d LIMIT 1",
-			intval($post_id),
-			intval(ITEM_TYPE_CARD)
-		);
-		if($itm) {
-			$item_id = q("select * from iconfig where cat = 'system' and k = 'CARD' and iid = %d limit 1",
-				intval($itm[0]['id'])
-			);
-			if($item_id)
-				$card_title = $item_id[0]['v'];
-		}
-		else {
-			notice( t('Item not found') . EOL);
-			return;
-		}
-
-		$owner = $itm[0]['uid'];
-		$uid = local_channel();
-
-		$observer = \App::get_observer();
-
-		$channel = channelx_by_n($owner);
-		if(! $channel) {
-			notice( t('Channel not found.') . EOL);
-			return;
-		}
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = (($uid && $uid == $owner) ? true : false);
-
-		$o = '';
-
-
-
-		$category = '';
-		$catsenabled = ((feature_enabled($owner,'categories')) ? 'categories' : '');
-
-		if ($catsenabled){
-		        $itm = fetch_post_tags($itm);
-
-	                $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-
-		        foreach ($cats as $cat) {
-		                if (strlen($category))
-		                        $category .= ', ';
-		                $category .= $cat['term'];
-		        }
-		}
-
-		if($itm[0]['attach']) {
-			$j = json_decode($itm[0]['attach'],true);
-			if($j) {
-				foreach($j as $jj) {
-					$itm[0]['body'] .= "\n" . '[attachment]' . basename($jj['href']) . ',' . $jj['revision'] . '[/attachment]' . "\n";
-				}
-			}
-		}
-
-
-		$mimetype = $itm[0]['mimetype'];
-
-		$content = $itm[0]['body'];
-
-
-
-		$rp = 'cards/' . $channel['channel_address'];
-
-		$x = array(
-			'nickname' => $channel['channel_address'],
-			'bbco_autocomplete'=> 'bbcode',
-			'return_path' => $rp,
-			'webpage' => ITEM_TYPE_CARD,
-			'button' => t('Edit'),
-			'writefiles' => perm_is_allowed($owner, get_observer_hash(), 'write_pages'),
-			'weblink' => t('Insert web link'),
-			'hide_voting' => false,
-			'hide_future' => false,
-			'hide_location' => false,
-			'hide_expire' => false,
-			'showacl' => true,
-			'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')),
-			'permissions' => $itm[0],
-			'lockstate' => (($itm[0]['allow_cid'] || $itm[0]['allow_gid'] || $itm[0]['deny_cid'] || $itm[0]['deny_gid']) ? 'lock' : 'unlock'),
-			'ptyp' => $itm[0]['type'],
-			'mimeselect' => false,
-			'mimetype' => $itm[0]['mimetype'],
-			'body' => undo_post_tagging($content),
-			'post_id' => $post_id,
-			'visitor' => true,
-			'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
-			'summary' => htmlspecialchars($itm[0]['summary'],ENT_COMPAT,'UTF-8'),
-			'placeholdertitle' => t('Title (optional)'),
-			'pagetitle' => $card_title,
-			'profile_uid' => (intval($channel['channel_id'])),
-			'catsenabled' => $catsenabled,
-			'category' => $category,
-			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
-		);
-
-		$editor = status_editor($a, $x, false, 'Card_edit');
-
-		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
-			'$title' => t('Edit Card'),
-			'$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false),
-			'$id' => $itm[0]['id'],
-			'$cancel' => t('Cancel'),
-			'$editor' => $editor
-		));
-
-		return $o;
-
-	}
-
-}

Zotlabs/Module/Cards.php

@@ -1,214 +0,0 @@
-<?php
-namespace Zotlabs\Module;
-
-use App;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Web\Controller;
-use Zotlabs\Lib\PermissionDescription;
-
-require_once('include/channel.php');
-require_once('include/conversation.php');
-require_once('include/acl_selectors.php');
-
-/**
- * @brief Provides the Cards module.
- *
- */
-class Cards extends Controller {
-
-	public function init() {
-
-		if(argc() > 1)
-			$which = argv(1);
-		else
-			return;
-
-		profile_load($which);
-	}
-
-	/**
-	 * {@inheritDoc}
-	 * @see \\Zotlabs\\Web\\Controller::get()
-	 *
-	 * @return string Parsed HTML from template 'cards.tpl'
-	 */
-	public function get($update = 0, $load = false) {
-
-		if(observer_prohibited(true)) {
-			return login();
-		}
-
-		if(! App::$profile) {
-			notice( t('Requested profile is not available.') . EOL );
-			App::$error = 404;
-			return;
-		}
-
-		if(! Apps::system_app_installed(App::$profile_uid, 'Cards')) {
-			//Do not display any associated widgets at this point
-			App::$pdl = '';
-			$papp = Apps::get_papp('Cards');
-			return Apps::app_render($papp, 'module');
-		}
-
-		nav_set_selected('Cards');
-
-		head_add_link([
-			'rel'   => 'alternate',
-			'type'  => 'application/json+oembed',
-			'href'  => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . App::$query_string),
-			'title' => 'oembed'
-		]);
-
-
-		$category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : '');
-
-		if($category) {
-			$sql_extra2 .= protect_sprintf(term_item_parent_query(App::$profile['profile_uid'], 'item', $category, TERM_CATEGORY));
-		}
-
-
-		$which = argv(1);
-
-		$selected_card = ((argc() > 2) ? argv(2) : '');
-
-		$_SESSION['return_url'] = App::$query_string;
-
-		$uid      = local_channel();
-		$owner    = App::$profile_uid;
-		$observer = App::get_observer();
-
-		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-		if(! perm_is_allowed($owner, $ob_hash, 'view_pages')) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-
-		$is_owner = ($uid && $uid == $owner);
-
-		$channel = channelx_by_n($owner);
-
-		if($channel) {
-			$channel_acl = [
-				'allow_cid' => $channel['channel_allow_cid'],
-				'allow_gid' => $channel['channel_allow_gid'],
-				'deny_cid'  => $channel['channel_deny_cid'],
-				'deny_gid'  => $channel['channel_deny_gid']
-			];
-		}
-		else {
-			$channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ];
-		}
-
-
-		if(perm_is_allowed($owner, $ob_hash, 'write_pages')) {
-
-			$x = [
-				'webpage'           => ITEM_TYPE_CARD,
-				'is_owner'          => true,
-				'content_label'     => t('Add Card'),
-				'button'            => t('Save'),
-				'nickname'          => $channel['channel_address'],
-				'lockstate'         => (($channel['channel_allow_cid'] || $channel['channel_allow_gid']
-					|| $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-				'acl'               => (($is_owner) ? populate_acl($channel_acl, false,
-					PermissionDescription::fromGlobalPermission('view_pages')) : ''),
-				'permissions'       => $channel_acl,
-				'showacl'           => (($is_owner) ? true : false),
-				'visitor'           => true,
-				'hide_location'     => false,
-				'hide_voting'       => false,
-				'profile_uid'       => intval($owner),
-				'mimetype'          => 'text/bbcode',
-				'mimeselect'        => false,
-				'layoutselect'      => false,
-				'expanded'          => false,
-				'novoting'          => false,
-				'catsenabled'       => feature_enabled($owner, 'categories'),
-				'bbco_autocomplete' => 'bbcode',
-				'bbcode'            => true
-			];
-
-			if($_REQUEST['title'])
-				$x['title'] = $_REQUEST['title'];
-			if($_REQUEST['body'])
-				$x['body'] = $_REQUEST['body'];
-
-			$editor = status_editor($a, $x, false, 'Cards');
-		}
-		else {
-			$editor = '';
-		}
-
-
-		$itemspage = get_pconfig(local_channel(),'system','itemspage');
-		App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
-		$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
-
-
-		$sql_extra = item_permissions_sql($owner);
-		$sql_item = '';
-
-		if($selected_card) {
-			$r = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = 'CARD' and iconfig.v = '%s' limit 1",
-				dbesc($selected_card)
-			);
-			if($r) {
-				$sql_item = "and item.id = " . intval($r[0]['iid']) . " ";
-			}
-		}
-
-		$r = q("select * from item
-			where uid = %d and item_type = %d
-			$sql_extra $sql_item order by item.created desc $pager_sql",
-			intval($owner),
-			intval(ITEM_TYPE_CARD)
-		);
-
-		$item_normal = " and item.item_hidden = 0 and item.item_type in (0,6) and item.item_deleted = 0
-			and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
-			and item.item_blocked = 0 ";
-
-		$items_result = [];
-		if($r) {
-
-			$pager_total = count($r);
-
-			$parents_str = ids_to_querystr($r, 'id');
-
-			$items = q("SELECT item.*, item.id AS item_id
-				FROM item
-				WHERE item.uid = %d $item_normal
-				AND item.parent IN ( %s )
-				$sql_extra $sql_extra2 ",
-				intval(App::$profile['profile_uid']),
-				dbesc($parents_str)
-			);
-			if($items) {
-				xchan_query($items);
-				$items = fetch_post_tags($items, true);
-				$items_result = conv_sort($items, 'updated');
-			}
-		}
-
-		$mode = 'cards';
-
-		if(get_pconfig(local_channel(),'system','articles_list_mode') && (! $selected_card))
-			$page_mode = 'pager_list';
-		else
-			$page_mode = 'traditional';
-
-		$content = conversation($items_result, $mode, false, $page_mode);
-
-		$o = replace_macros(get_markup_template('cards.tpl'), [
-			'$title' => t('Cards'),
-			'$editor' => $editor,
-			'$content' => $content,
-			'$pager' => alt_pager($pager_total)
-		]);
-
-		return $o;
-	}
-
-}

Zotlabs/Module/Cdav.php

@@ -200,7 +200,7 @@ class Cdav extends Controller {
 						$etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false);
 
 						// delete
-						if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) {
+						if($httpmethod === 'DELETE' && $etag && isset($cdavdata['etag']) && $cdavdata['etag'] == $etag) {
 							Libsync::build_sync_packet($channel['channel_id'], [
 								$sync => [
 									'action' => 'delete_card',
@@ -210,7 +210,7 @@ class Cdav extends Controller {
 							]);
 						}
 						else {
-							if($etag && $cdavdata['etag'] !== $etag) {
+							if($etag && isset($cdavdata['etag']) && $cdavdata['etag'] !== $etag) {
 								// update
 								Libsync::build_sync_packet($channel['channel_id'], [
 									$sync => [
@@ -317,7 +317,7 @@ class Cdav extends Controller {
 			$calendars = $caldavBackend->getCalendarsForUser($principalUri);
 
 			//create new calendar
-			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['create']) {
+			if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && (isset($_REQUEST['create']) && $_REQUEST['create'])) {
 				do {
 					$duplicate = false;
 					$calendarUri = random_string(40);
@@ -332,9 +332,9 @@ class Cdav extends Controller {
 				} while ($duplicate == true);
 
 				$properties = [
-					'{DAV:}displayname' => $_REQUEST['{DAV:}displayname'],
-					'{http://apple.com/ns/ical/}calendar-color' => $_REQUEST['color'],
-					'{urn:ietf:params:xml:ns:caldav}calendar-description' => $channel['channel_name']
+					'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname']),
+					'{http://apple.com/ns/ical/}calendar-color' => escape_tags($_REQUEST['color']),
+					'{urn:ietf:params:xml:ns:caldav}calendar-description' => escape_tags($channel['channel_name'])
 				];
 
 				$id = $caldavBackend->createCalendar($principalUri, $calendarUri, $properties);
@@ -352,7 +352,7 @@ class Cdav extends Controller {
 			}
 
 			//create new calendar object via ajax request
-			if($_REQUEST['submit'] === 'create_event' && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
+			if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'create_event') && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
 
 				$id = explode(':', $_REQUEST['target']);
 
@@ -366,7 +366,7 @@ class Cdav extends Controller {
 
 				$allday = $_REQUEST['allday'];
 
-				$title = $_REQUEST['title'];
+				$title = escape_tags($_REQUEST['title']);
 				$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
 				$dtstart = new \DateTime($start);
 
@@ -374,8 +374,8 @@ class Cdav extends Controller {
 					$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
 					$dtend = new \DateTime($end);
 				}
-				$description = $_REQUEST['description'];
-				$location = $_REQUEST['location'];
+				$description = escape_tags($_REQUEST['description']);
+				$location = escape_tags($_REQUEST['location']);
 
 				do {
 					$duplicate = false;
@@ -431,7 +431,7 @@ class Cdav extends Controller {
 			}
 
 			//edit calendar name and color
-			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && $_REQUEST['id']) {
+			if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && $_REQUEST['edit'] && $_REQUEST['id']) {
 
 				$id = explode(':', $_REQUEST['id']);
 
@@ -441,8 +441,8 @@ class Cdav extends Controller {
 				$cdavdata = $this->get_cdav_data($id[0], 'calendarinstances');
 
 				$mutations = [
-					'{DAV:}displayname' => $_REQUEST['{DAV:}displayname'],
-					'{http://apple.com/ns/ical/}calendar-color' => $_REQUEST['color']
+					'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname']),
+					'{http://apple.com/ns/ical/}calendar-color' => escape_tags($_REQUEST['color'])
 				];
 
 				$patch = new \Sabre\DAV\PropPatch($mutations);
@@ -459,7 +459,7 @@ class Cdav extends Controller {
 			}
 
 			//edit calendar object via ajax request
-			if($_REQUEST['submit'] === 'update_event' && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
+			if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'update_event') && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
 
 				$id = explode(':', $_REQUEST['target']);
 
@@ -471,18 +471,18 @@ class Cdav extends Controller {
 				$timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : '');
 				$tz = (($timezone) ? $timezone : date_default_timezone_get());
 
-				$allday = $_REQUEST['allday'];
+				$allday = intval($_REQUEST['allday']);
 
-				$uri = $_REQUEST['uri'];
-				$title = $_REQUEST['title'];
+				$uri = escape_tags($_REQUEST['uri']);
+				$title = escape_tags($_REQUEST['title']);
 				$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
 				$dtstart = new \DateTime($start);
 				if($_REQUEST['dtend']) {
 					$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
 					$dtend = new \DateTime($end);
 				}
-				$description = $_REQUEST['description'];
-				$location = $_REQUEST['location'];
+				$description = escape_tags($_REQUEST['description']);
+				$location = escape_tags($_REQUEST['location']);
 
 				$object = $caldavBackend->getCalendarObject($id, $uri);
 
@@ -654,7 +654,7 @@ class Cdav extends Controller {
 						$duplicate = true;
 				} while ($duplicate == true);
 
-				$properties = ['{DAV:}displayname' => $_REQUEST['{DAV:}displayname']];
+				$properties = ['{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname'])];
 
 				$carddavBackend->createAddressBook($principalUri, $addressbookUri, $properties);
 
@@ -668,9 +668,9 @@ class Cdav extends Controller {
 			}
 
 			//edit addressbook
-			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && intval($_REQUEST['id'])) {
+			if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && $_REQUEST['id']) {
 
-				$id = $_REQUEST['id'];
+				$id = intval($_REQUEST['id']);
 
 				if(! cdav_perms($id,$addressbooks))
 					return;
@@ -678,7 +678,7 @@ class Cdav extends Controller {
 				$cdavdata = $this->get_cdav_data($id, 'addressbooks');
 
 				$mutations = [
-					'{DAV:}displayname' => $_REQUEST['{DAV:}displayname']
+					'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname'])
 				];
 
 				$patch = new \Sabre\DAV\PropPatch($mutations);
@@ -901,19 +901,10 @@ class Cdav extends Controller {
 
 		//Display calendar(s) here
 		if(argc() <= 3 && argv(1) === 'calendar') {
-
-			head_add_css('/library/fullcalendar/packages/core/main.min.css');
-			head_add_css('/library/fullcalendar/packages/daygrid/main.min.css');
-			head_add_css('/library/fullcalendar/packages/timegrid/main.min.css');
-			head_add_css('/library/fullcalendar/packages/list/main.min.css');
+			head_add_js('/library/fullcalendar/dist/index.global.js');
 			head_add_css('cdav_calendar.css');
 
-			head_add_js('/library/fullcalendar/packages/core/main.min.js');
-			head_add_js('/library/fullcalendar/packages/interaction/main.min.js');
-			head_add_js('/library/fullcalendar/packages/daygrid/main.min.js');
-			head_add_js('/library/fullcalendar/packages/timegrid/main.min.js');
-			head_add_js('/library/fullcalendar/packages/list/main.min.js');
-
+			$o = '';
 			$sources = '';
 			$resource_id = '';
 			$resource = null;
@@ -921,6 +912,8 @@ class Cdav extends Controller {
 			if(argc() == 3)
 				$resource_id = argv(2);
 
+			$categories = '';
+
 			if($resource_id) {
 				$r = q("SELECT event.*, item.author_xchan, item.owner_xchan, item.plink, item.id as item_id FROM event LEFT JOIN item ON event.event_hash = item.resource_id
 					WHERE event.uid = %d AND event.event_hash = '%s' LIMIT 1",
@@ -944,7 +937,6 @@ class Cdav extends Controller {
 					$resource = $r[0];
 
 					$catsenabled = feature_enabled(local_channel(),'categories');
-					$categories = '';
 					if($catsenabled){
 						if($r[0]['term']) {
 							$cats = get_terms_oftype($r[0]['term'], TERM_CATEGORY);

Zotlabs/Module/Channel.php

@@ -31,8 +31,10 @@ class Channel extends Controller {
 			goaway(z_root() . '/search?f=&search=' . $_GET['search']);
 
 		$which = null;
-		if (argc() > 1)
+		if (argc() > 1) {
 			$which = argv(1);
+		}
+
 		if (!$which) {
 			if (local_channel()) {
 				$channel = App::get_channel();
@@ -40,9 +42,9 @@ class Channel extends Controller {
 					$which = $channel['channel_address'];
 			}
 		}
+
 		if (!$which) {
-			notice(t('You must be logged in to see this page.') . EOL);
-			return;
+			http_status_exit(404, 'Not found');
 		}
 
 		$profile = 0;
@@ -67,7 +69,7 @@ class Channel extends Controller {
 
 			if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
 				$data = json_encode(Libzot::zotinfo(['guid_hash' => $channel['channel_hash'], 'target_url' => $sigdata['signer']]));
-				$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
+				$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc limit 1",
 					dbesc($sigdata['signer'])
 				);
 
@@ -95,6 +97,10 @@ class Channel extends Controller {
 			http_status_exit(410, 'Gone');
 		}
 
+		if (get_pconfig($channel['channel_id'], 'system', 'index_opt_out')) {
+			App::$meta->set('robots', 'noindex, noarchive');
+		}
+
 		if (ActivityStreams::is_as_request($channel)) {
 
 			// Somebody may attempt an ActivityStreams fetch on one of our message permalinks
@@ -241,9 +247,7 @@ class Channel extends Controller {
 				$channel_acl = ['allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''];
 			}
 
-
 			if ($perms['post_wall']) {
-
 				$x = [
 					'is_owner'            => $is_owner,
 					'allow_location'      => ((($is_owner || $observer) && (intval(get_pconfig(App::$profile['profile_uid'], 'system', 'use_browser_location')))) ? true : false),
@@ -263,9 +267,16 @@ class Channel extends Controller {
 					'reset'               => t('Reset form')
 				];
 
+				$a = '';
 				$o .= status_editor($a, $x, false, 'Channel');
 			}
 
+			// Add pinned content
+			if (!x($_REQUEST, 'mid') && !$search) {
+				$pinned = new \Zotlabs\Widget\Pinned;
+				$r = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]);
+				$o .= $r['html'];
+			}
 		}
 
 
@@ -289,7 +300,7 @@ class Channel extends Controller {
 		$abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " ";
 
 		$simple_update = '';
-		if ($update && $_SESSION['loadtime'])
+		if ($update && isset($_SESSION['loadtime']))
 			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
 
 		if ($search) {
@@ -416,17 +427,14 @@ class Channel extends Controller {
 			$items = [];
 		}
 
-		// Add pinned content
-		if (!x($_REQUEST, 'mid') && !$search) {
-			$pinned = new \Zotlabs\Widget\Pinned;
-			$r      = $pinned->widget(intval(App::$profile['profile_uid']), [ITEM_TYPE_POST]);
-			$o      .= $r['html'];
-		}
+
 
 		$mode = (($search) ? 'search' : 'channel');
 
 		if ((!$update) && (!$load)) {
 
+
+
 			//if we got a decoded hash we must encode it again before handing to javascript
 			$mid = gen_link_id($mid);
 

Zotlabs/Module/Channel_calendar.php

@@ -30,7 +30,7 @@ class Channel_calendar extends Controller {
 
 		$xchan = ((x($_POST, 'xchan')) ? dbesc($_POST['xchan']) : '');
 
-		// only allow editing your own events. 
+		// only allow editing your own events.
 		if (($xchan) && ($xchan !== get_observer_hash()))
 			return;
 
@@ -55,8 +55,8 @@ class Channel_calendar extends Controller {
 
 		// Don't allow the event to finish before it begins.
 		// It won't hurt anything, but somebody will file a bug report
-		// and we'll waste a bunch of time responding to it. Time that 
-		// could've been spent doing something else. 
+		// and we'll waste a bunch of time responding to it. Time that
+		// could've been spent doing something else.
 
 		if (strcmp($finish, $start) < 0) {
 			notice(t('Event can not end before it has started.') . EOL);
@@ -319,12 +319,12 @@ class Channel_calendar extends Controller {
 				// fixed an issue with "nofinish" events not showing up in the calendar.
 				// There's still an issue if the finish date crosses the end of month.
 				// Noting this for now - it will need to be fixed here and in Friendica.
-				// Ultimately the finish date shouldn't be involved in the query. 
+				// Ultimately the finish date shouldn't be involved in the query.
 
 				$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
-					from event left join item on event.event_hash = item.resource_id 
-					where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored 
-					AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' ) 
+					from event left join item on event.event_hash = item.resource_id
+					where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored
+					AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )
 					OR  (  event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) ",
 					intval(local_channel()),
 					dbesc($start),
@@ -357,7 +357,7 @@ class Channel_calendar extends Controller {
 					$catsenabled = feature_enabled(local_channel(), 'categories');
 					$categories  = '';
 					if ($catsenabled) {
-						if ($rr['term']) {
+						if (isset($rr['term']) && $rr['term']) {
 							$cats = get_terms_oftype($rr['term'], TERM_CATEGORY);
 							foreach ($cats as $cat) {
 								if (strlen($categories))
@@ -449,7 +449,7 @@ class Channel_calendar extends Controller {
 						}
 
 						// The site admin can delete any post/item on the site.
-						// If the item originated on this site+channel the deletion will propagate downstream. 
+						// If the item originated on this site+channel the deletion will propagate downstream.
 						// Otherwise just the local copy is removed.
 
 						if (is_site_admin()) {

Zotlabs/Module/Chanview.php

@@ -16,17 +16,17 @@ class Chanview extends \Zotlabs\Web\Controller {
 
 		$r = null;
 
-		if($_REQUEST['hash']) {
+		if(!empty($_REQUEST['hash'])) {
 			$r = q("select * from xchan where xchan_hash = '%s' and xchan_deleted = 0",
 				dbesc($_REQUEST['hash'])
 			);
 		}
-		if($_REQUEST['address']) {
+		if(!empty($_REQUEST['address'])) {
 			$r = q("select * from xchan where xchan_addr = '%s' and xchan_deleted = 0",
 				dbesc(punify($_REQUEST['address']))
 			);
 		}
-		elseif(local_channel() && intval($_REQUEST['cid'])) {
+		elseif(local_channel() && !empty($_REQUEST['cid'])) {
 			$r = q("SELECT abook.*, xchan.*
 				FROM abook left join xchan on abook_xchan = xchan_hash
 				WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0",
@@ -34,8 +34,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 				intval($_REQUEST['cid'])
 			);
 		}
-		elseif($_REQUEST['url']) {
-
+		elseif(!empty($_REQUEST['url'])) {
 			// if somebody re-installed they will have more than one xchan, use the most recent name date as this is
 			// the most useful consistently ascending table item we have.
 
@@ -56,7 +55,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 		if(! App::$poi) {
 			logger('mod_chanview: fallback');
 
-			if($_REQUEST['address']) {
+			if(!empty($_REQUEST['address'])) {
 				$href = Webfinger::zot_url(punify($_REQUEST['address']));
 				if($href) {
 					$_REQUEST['url'] = $href;
@@ -65,9 +64,9 @@ class Chanview extends \Zotlabs\Web\Controller {
 
 			$r = null;
 
-			if($_REQUEST['url']) {
+			if(!empty($_REQUEST['url'])) {
 
-				$zf = Zotfinger::exec($_REQUEST['url'], null);
+				$zf = Zotfinger::exec($_REQUEST['url']);
 
 				if(array_path_exists('signature/signer',$zf) && $zf['signature']['signer'] === $_REQUEST['url'] && intval($zf['signature']['header_valid'])) {
 					Libzot::import_xchan($zf['data']);
@@ -79,6 +78,7 @@ class Chanview extends \Zotlabs\Web\Controller {
 					}
 				}
 				if(! $r) {
+
 					if(discover_by_webbie($_REQUEST['url'])) {
 						$r = q("select * from xchan where xchan_url = '%s' and xchan_deleted = 0",
 							dbesc($_REQUEST['url'])

Zotlabs/Module/Chat.php

@@ -174,7 +174,8 @@ class Chat extends Controller {
 			$x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
 			if(! $x)
 				return;
-			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
+
+			$x = q("select * from chatroom where cr_id = %d and cr_uid = %d limit 1",
 				intval($room_id),
 				intval(App::$profile['profile_uid'])
 			);

Zotlabs/Module/Chatsvc.php

@@ -1,6 +1,6 @@
 <?php /** @file */
 
-namespace Zotlabs\Module; 
+namespace Zotlabs\Module;
 
 require_once('include/security.php');
 
@@ -9,76 +9,76 @@ use \Zotlabs\Lib as Zlib;
 class Chatsvc extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		//logger('chatsvc');
-	
+
 		$ret = array('success' => false);
-	
+
 		\App::$data['chat']['room_id'] = intval($_REQUEST['room_id']);
 		$x = q("select cr_uid from chatroom where cr_id = %d and cr_id != 0 limit 1",
 			intval(\App::$data['chat']['room_id'])
 		);
 		if(! $x)
 			json_return_and_die($ret);
-	
+
 		\App::$data['chat']['uid'] = $x[0]['cr_uid'];
-	
+
 		if(! perm_is_allowed(\App::$data['chat']['uid'],get_observer_hash(),'chat')) {
 	        json_return_and_die($ret);
 	    }
-	
+
 	}
-	
+
 	function post() {
-	
+
 		$ret = array('success' => false);
-	
+
 		$room_id = \App::$data['chat']['room_id'];
 		$text = escape_tags($_REQUEST['chat_text']);
 		if(! $text)
 			return;
-	
+
 		$sql_extra = permissions_sql(\App::$data['chat']['uid']);
-	
+
 		$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
 			intval(\App::$data['chat']['uid']),
 			intval(\App::$data['chat']['room_id'])
 		);
 		if(! $r)
 			json_return_and_die($ret);
-	
+
 		$arr = array(
 			'chat_room' => \App::$data['chat']['room_id'],
 			'chat_xchan' => get_observer_hash(),
 			'chat_text' => $text
 		);
-	
+
 		call_hooks('chat_post',$arr);
-	
+
 		$x = q("insert into chat ( chat_room, chat_xchan, created, chat_text )
 			values( %d, '%s', '%s', '%s' )",
 			intval(\App::$data['chat']['room_id']),
 			dbesc(get_observer_hash()),
 			dbesc(datetime_convert()),
-			dbesc(str_rot47(base64url_encode($arr['chat_text'])))		
+			dbesc(str_rot47(base64url_encode($arr['chat_text'])))
 		);
-	
+
 		$ret['success'] = true;
 		json_return_and_die($ret);
 	}
-	
+
 	function get() {
-	
-		$status = strip_tags($_REQUEST['status']);
+
+		$status = ((isset($_REQUEST['status'])) ? strip_tags($_REQUEST['status']) : '');
 		$room_id = intval(\App::$data['chat']['room_id']);
 		$stopped = ((x($_REQUEST,'stopped') && intval($_REQUEST['stopped'])) ? true : false);
-	
+
 		if($status && $room_id) {
-	
+
 			$x = q("select channel_address from channel where channel_id = %d limit 1",
 				intval(\App::$data['chat']['uid'])
-			);			
-	
+			);
+
 			$r = q("update chatpresence set cp_status = '%s', cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
 				dbesc($status),
 				dbesc(datetime_convert()),
@@ -86,27 +86,27 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 				dbesc(get_observer_hash()),
 				dbesc($_SERVER['REMOTE_ADDR'])
 			);
-	
-			goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id);		
+
+			goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id);
 		}
-	
+
 		if(! $stopped) {
-	
+
 			$lastseen = intval($_REQUEST['last']);
-	
+
 			$ret = array('success' => false);
-	
+
 			$sql_extra = permissions_sql(\App::$data['chat']['uid']);
-	
+
 			$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
 				intval(\App::$data['chat']['uid']),
 				intval(\App::$data['chat']['room_id'])
 			);
 			if(! $r)
 				json_return_and_die($ret);
-	
+
 			$inroom = array();
-	
+
 			$r = q("select * from chatpresence left join xchan on xchan_hash = cp_xchan where cp_room = %d order by xchan_name",
 				intval(\App::$data['chat']['room_id'])
 			);
@@ -120,9 +120,9 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 						$rv['xchan_url'] = z_root();
 						$rv['xchan_hidden'] = 1;
 						$rv['xchan_photo_mimetype'] = 'image/png';
-						$rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300); 
-						$rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80); 
-						$rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48); 
+						$rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300);
+						$rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80);
+						$rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48);
 
 					}
 
@@ -137,13 +137,13 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 							$status_class = 'online';
 							break;
 					}
-		
+
 					$inroom[] = array('img' => zid($rv['xchan_photo_m']), 'img_type' => $rv['xchan_photo_mimetype'],'name' => $rv['xchan_name'], 'status' => $status, 'status_class' => $status_class);
 				}
 			}
-	
+
 			$chats = array();
-	
+
 			$r = q("select * from chat left join xchan on chat_xchan = xchan_hash where chat_room = %d and chat_id > %d order by created",
 				intval(\App::$data['chat']['room_id']),
 				intval($lastseen)
@@ -152,7 +152,7 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 				foreach($r as $rr) {
 					$chats[] = array(
 						'id' => $rr['chat_id'],
-						'img' => zid($rr['xchan_photo_m']), 
+						'img' => zid($rr['xchan_photo_m']),
 						'img_type' => $rr['xchan_photo_mimetype'],
 						'name' => $rr['xchan_name'],
 						'isotime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'c'),
@@ -163,22 +163,22 @@ class Chatsvc extends \Zotlabs\Web\Controller {
 				}
 			}
 		}
-	
+
 		$r = q("update chatpresence set cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
 			dbesc(datetime_convert()),
 			intval(\App::$data['chat']['room_id']),
 			dbesc(get_observer_hash()),
 			dbesc($_SERVER['REMOTE_ADDR'])
 		);
-	
+
 		$ret['success'] = true;
 		if(! $stopped) {
 			$ret['inroom'] = $inroom;
 			$ret['chats'] = $chats;
 		}
 		json_return_and_die($ret);
-	
+
 	}
-			 
-	
+
+
 }

Zotlabs/Module/Cloud.php

@@ -70,7 +70,7 @@ class Cloud extends Controller {
 			$_SESSION['cloud_sort'] = 'name';
 		}
 
-		$_SESSION['cloud_sort'] = (($_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);
+		$_SESSION['cloud_sort'] = ((isset($_REQUEST['sort']) && $_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);
 
 		$x = clean_query_string();
 		if($x !== \App::$query_string)
@@ -100,7 +100,6 @@ class Cloud extends Controller {
 
 
 		// over-ride the default XML output on thrown exceptions
-
 		$server->on('exception', [ $this, 'DAVException' ]);
 
 		// All we need to do now, is to fire up the server
@@ -117,21 +116,19 @@ class Cloud extends Controller {
 	function DAVException($err) {
 
 		if($err instanceof \Sabre\DAV\Exception\NotFound) {
-			notice( t('Not found') . EOL);
+			\App::$page['content'] = '<h2>404 Not found</h2>';
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\Forbidden) {
-			notice( t('Permission denied') . EOL);
+			\App::$page['content'] = '<h2>403 Forbidden</h2>';
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\NotImplemented) {
-			// notice( t('Please refresh page') . EOL);
 			goaway(z_root() . '/' . \App::$query_string);
 		}
 		else {
-			notice( t('Unknown error') . EOL);
+			\App::$page['content'] = '<h2>Unknown error</h2>';
 		}
 
 		construct_page();
-
 		killme();
 	}
 

Zotlabs/Module/Cloud_tiles.php

@@ -6,7 +6,7 @@ class Cloud_tiles extends \Zotlabs\Web\Controller {
 
 	function init() {
 
-		if(intval($_SESSION['cloud_tiles']))
+		if(isset($_SESSION['cloud_tiles']) && intval($_SESSION['cloud_tiles']))
 			$_SESSION['cloud_tiles'] = 0;
 		else
 			$_SESSION['cloud_tiles'] = 1;
@@ -18,4 +18,4 @@ class Cloud_tiles extends \Zotlabs\Web\Controller {
 		goaway(z_root() . '/' . hex2bin(argv(1)));
 
 	}
-}
+}

Zotlabs/Module/Connections.php

@@ -2,32 +2,32 @@
 namespace Zotlabs\Module;
 
 use App;
+use Zotlabs\Lib\Permcat;
 
 require_once('include/socgraph.php');
 require_once('include/selectors.php');
-require_once('include/group.php');
 
 class Connections extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 		if(! local_channel())
 			return;
 
 		App::$profile_uid = local_channel();
-	
+
 		$channel = App::get_channel();
 		if($channel)
 			head_set_icon($channel['xchan_photo_s']);
-	
+
 	}
-	
+
 	function get() {
-	
+
 		$sort_type = 0;
 		$o = '';
-	
-	
+
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return login();
@@ -44,13 +44,13 @@ class Connections extends \Zotlabs\Web\Controller {
 		$pending     = false;
 		$unconnected = false;
 		$all         = false;
-	
-		if(! $_REQUEST['aj'])
+
+		if(!(isset($_REQUEST['aj']) && $_REQUEST['aj']))
 			$_SESSION['return_url'] = App::$query_string;
-	
+
 		$search_flags = "";
 		$head = '';
-	
+
 		if(argc() == 2) {
 			switch(argv(1)) {
 				case 'active':
@@ -106,7 +106,7 @@ class Connections extends \Zotlabs\Web\Controller {
 	//				$head = t('Unconnected');
 	//				$unconnected = true;
 	//				break;
-	
+
 				case 'all':
 					$head = t('All');
 					break;
@@ -115,20 +115,22 @@ class Connections extends \Zotlabs\Web\Controller {
 					$active = true;
 					$head = t('Active');
 					break;
-	
+
 			}
-	
+
 			$sql_extra = $search_flags;
 			if(argv(1) === 'pending')
 				$sql_extra .= " and abook_ignored = 0 ";
-	
+
 		}
 		else {
 			$sql_extra = " and abook_blocked = 0 ";
 			$unblocked = true;
 		}
-	
-		switch($_REQUEST['order']) {
+
+		$order = $_REQUEST['order'] ?? '';
+
+		switch($order) {
 			case 'name_desc':
 				$sql_order = 'xchan_name DESC';
 				break;
@@ -143,32 +145,33 @@ class Connections extends \Zotlabs\Web\Controller {
 		}
 
 		$search = ((x($_REQUEST,'search')) ? notags(trim($_REQUEST['search'])) : '');
-	
+		$search_xchan = ((x($_REQUEST,'search_xchan')) ? notags(trim($_REQUEST['search_xchan'])) : '');
+
 		$tabs = array(
 			/*
 			array(
 				'label' => t('Suggestions'),
-				'url'   => z_root() . '/suggest', 
+				'url'   => z_root() . '/suggest',
 				'sel'   => '',
 				'title' => t('Suggest new connections'),
 			),
 			*/
-	
+
 			'active' => array(
 				'label' => t('Active Connections'),
-				'url'   => z_root() . '/connections/active', 
+				'url'   => z_root() . '/connections/active',
 				'sel'   => ($active) ? 'active' : '',
 				'title' => t('Show active connections'),
 			),
 
 			'pending' => array(
 				'label' => t('New Connections'),
-				'url'   => z_root() . '/connections/pending', 
+				'url'   => z_root() . '/connections/pending',
 				'sel'   => ($pending) ? 'active' : '',
 				'title' => t('Show pending (new) connections'),
 			),
-	
-	
+
+
 			/*
 			array(
 				'label' => t('Unblocked'),
@@ -177,68 +180,75 @@ class Connections extends \Zotlabs\Web\Controller {
 				'title' => t('Only show unblocked connections'),
 			),
 			*/
-	
+
 			'blocked' => array(
 				'label' => t('Blocked'),
 				'url'   => z_root() . '/connections/blocked',
 				'sel'   => ($blocked) ? 'active' : '',
 				'title' => t('Only show blocked connections'),
 			),
-	
+
 			'ignored' => array(
 				'label' => t('Ignored'),
 				'url'   => z_root() . '/connections/ignored',
 				'sel'   => ($ignored) ? 'active' : '',
 				'title' => t('Only show ignored connections'),
 			),
-	
+
 			'archived' => array(
 				'label' => t('Archived/Unreachable'),
 				'url'   => z_root() . '/connections/archived',
 				'sel'   => ($archived) ? 'active' : '',
 				'title' => t('Only show archived/unreachable connections'),
 			),
-	
+
 			'hidden' => array(
 				'label' => t('Hidden'),
 				'url'   => z_root() . '/connections/hidden',
 				'sel'   => ($hidden) ? 'active' : '',
 				'title' => t('Only show hidden connections'),
 			),
-	
+
 	//		array(
 	//			'label' => t('Unconnected'),
 	//			'url'   => z_root() . '/connections/unconnected',
 	//			'sel'   => ($unconnected) ? 'active' : '',
 	//			'title' => t('Only show one-way connections'),
 	//		),
-	
+
 
 			'all' => array(
 				'label' => t('All Connections'),
-				'url'   => z_root() . '/connections', 
+				'url'   => z_root() . '/connections',
 				'sel'   => ($all) ? 'active' : '',
 				'title' => t('Show all connections'),
 			),
-	
+
 		);
-	
+
 		//$tab_tpl = get_markup_template('common_tabs.tpl');
 		//$t = replace_macros($tab_tpl, array('$tabs'=>$tabs));
-	
+
 		$searching = false;
+		$search_hdr = '';
+
 		if($search) {
 			$search_hdr = $search;
-			$search_txt = dbesc(protect_sprintf(preg_quote($search)));
-			$searching = true;
+			$search_txt = (($search_xchan) ? urldecode($search_xchan) : preg_quote($search));
+
+			if ($search_xchan) {
+				$sql_extra .= " AND xchan_hash = '" . protect_sprintf(dbesc($search_txt)) . "' ";
+			}
+			else {
+				$sql_extra .= " AND xchan_name LIKE '%%" . protect_sprintf(dbesc($search_txt)) . "%%' ";
+			}
 		}
-		$sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : "");
-	
-		if($_REQUEST['gid']) {
+
+		if(isset($_REQUEST['gid']) && $_REQUEST['gid']) {
 			$sql_extra .= " and xchan_hash in ( select xchan from pgrp_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) ";
 		}
-	 	
-		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash 
+
+		$r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
 			where abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ",
 			intval(local_channel())
 		);
@@ -246,32 +256,39 @@ class Connections extends \Zotlabs\Web\Controller {
 			App::set_pager_total($r[0]['total']);
 			$total = $r[0]['total'];
 		}
-	
+
 		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
 			WHERE abook_channel = %d and abook_self = 0 and xchan_deleted = 0 and xchan_orphan = 0 $sql_extra ORDER BY $sql_order LIMIT %d OFFSET %d ",
 			intval(local_channel()),
 			intval(App::$pager['itemspage']),
 			intval(App::$pager['start'])
 		);
-	
+
+		$roles = new Permcat(local_channel());
+		$roles_list = $roles->listing();
+		$roles_dict = [];
+
+		foreach ($roles_list as $role) {
+			$roles_dict[$role['name']] = $role['localname'];
+		}
+
 		$contacts = array();
-	
+
 		if($r) {
 
-			vcard_query($r);
+			//vcard_query($r);
 
 
 			foreach($r as $rr) {
 				if($rr['xchan_url']) {
 
-					if(($rr['vcard']) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr'])
+					if((isset($rr['vcard'])) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr'])
 						$phone = $rr['vcard']['tels'][0]['nr'];
 					else
 						$phone = '';
-	
+
 					$status_str = '';
 					$status = array(
-						((intval($rr['abook_active'])) ? t('Active') : ''),
 						((intval($rr['abook_pending'])) ? t('Pending approval') : ''),
 						((intval($rr['abook_archived'])) ? t('Archived') : ''),
 						((intval($rr['abook_hidden'])) ? t('Hidden') : ''),
@@ -306,7 +323,7 @@ class Connections extends \Zotlabs\Web\Controller {
 						$perminfo['connperms'] .= t('Nothing');
 					}
 
-	
+
 					foreach($status as $str) {
 						if(!$str)
 							continue;
@@ -314,19 +331,16 @@ class Connections extends \Zotlabs\Web\Controller {
 						$status_str .= ', ';
 					}
 					$status_str = rtrim($status_str, ', ');
-	
+
 					$contacts[] = array(
 						'img_hover' => sprintf( t('%1$s [%2$s]'),$rr['xchan_name'],$rr['xchan_url']),
 						'edit_hover' => t('Edit connection'),
 						'edit' => t('Edit'),
 						'delete_hover' => t('Delete connection'),
 						'id' => $rr['abook_id'],
-						'thumb' => $rr['xchan_photo_m'], 
+						'thumb' => $rr['xchan_photo_m'],
 						'name' => $rr['xchan_name'],
 						'classes' => ((intval($rr['abook_archived']) || intval($rr['abook_not_here'])) ? 'archived' : ''),
-						'link' => z_root() . '/connedit/' . $rr['abook_id'],
-						'deletelink' => z_root() . '/connedit/' . intval($rr['abook_id']) . '/drop',
-						'delete' => t('Delete'),
 						'url' => chanlink_hash($rr['xchan_hash']),
 						'webbie_label' => t('Channel address'),
 						'webbie' => $rr['xchan_addr'],
@@ -337,6 +351,7 @@ class Connections extends \Zotlabs\Web\Controller {
 						'phone' => $phone,
 						'status_label' => t('Status'),
 						'status' => $status_str,
+						'states' => $status,
 						'connected_label' => t('Connected'),
 						'connected' => datetime_convert('UTC',date_default_timezone_get(),$rr['abook_created'], 'c'),
 						'approve_hover' => t('Approve connection'),
@@ -348,15 +363,24 @@ class Connections extends \Zotlabs\Web\Controller {
 						'oneway' => $oneway,
 						'perminfo' => $perminfo,
 						'connect' => (intval($rr['abook_not_here']) ? t('Connect') : ''),
-						'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=0',
-						'connect_hover' => t('Connect at this location')
+						'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=1',
+						'connect_hover' => t('Connect at this location'),
+						'role' => $roles_dict[$rr['abook_role']] ?? '',
+						'pending' => intval($rr['abook_pending'])
 					);
 				}
 			}
 		}
-		
-	
-		if($_REQUEST['aj']) {
+
+		$limit = service_class_fetch(local_channel(),'total_channels');
+		if($limit !== false) {
+			$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total, $limit);
+		}
+		else {
+			$abook_usage_message = '';
+ 		}
+
+		if(isset($_REQUEST['aj']) && $_REQUEST['aj']) {
 			if($contacts) {
 				$o = replace_macros(get_markup_template('contactsajax.tpl'),array(
 					'$contacts' => $contacts,
@@ -371,27 +395,30 @@ class Connections extends \Zotlabs\Web\Controller {
 		}
 		else {
 			$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
-			$o .= replace_macros(get_markup_template('connections.tpl'),array(
+			$o .= replace_macros(get_markup_template('connections.tpl'), [
 				'$header' => t('Connections') . (($head) ? ': ' . $head : ''),
 				'$tabs' => $tabs,
 				'$total' => $total,
 				'$search' => $search_hdr,
 				'$label' => t('Search'),
-				'$desc' => t('Search your connections'),
-				'$finding' => (($searching) ? t('Connections search') . ": '" . $search . "'" : ""),
+				'$role_label' => t('Contact role'),
+				'$desc' => $search ?? t('Search your connections'),
+				'$finding' => (($searching) ? t('Contact search') . ": '" . $search . "'" : ""),
 				'$submit' => t('Find'),
 				'$edit' => t('Edit'),
+				'$approve' => t('Approve'),
 				'$cmd' => App::$cmd,
 				'$contacts' => $contacts,
 				'$paginate' => paginate($a),
-	
-			)); 
+				'$abook_usage_message' => $abook_usage_message,
+				'$group_label' => t('This is a group/forum channel')
+			]);
 		}
-	
+
 		if(! $contacts)
 			$o .= '<div id="content-complete"></div>';
-	
+
 		return $o;
 	}
-	
+
 }

Zotlabs/Module/Contactedit.php

@@ -0,0 +1,675 @@
+<?php
+
+namespace Zotlabs\Module;
+
+/* @file Cobtactedit.php
+ * @brief In this file the connection-editor form is generated and evaluated.
+ *
+ *
+ */
+
+use App;
+use Sabre\VObject\Reader;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Libzot;
+use Zotlabs\Lib\Libsync;
+use Zotlabs\Daemon\Master;
+use Zotlabs\Web\Controller;
+use Zotlabs\Access\Permissions;
+use Zotlabs\Access\PermissionLimits;
+use Zotlabs\Web\HTTPHeaders;
+use Zotlabs\Lib\Permcat;
+use Zotlabs\Lib\AccessList;
+
+require_once('include/socgraph.php');
+require_once('include/selectors.php');
+require_once('include/group.php');
+require_once('include/photos.php');
+
+class Contactedit extends Controller {
+
+	/* @brief Initialize the connection-editor
+	 *
+	 *
+	 */
+
+	function init() {
+
+		if (!local_channel())
+			return;
+
+		if ((argc() >= 2) && intval(argv(1))) {
+			$r = q("SELECT abook.*, xchan.* FROM abook LEFT JOIN xchan ON abook_xchan = xchan_hash
+				WHERE abook_channel = %d AND abook_id = %d AND abook_self = 0 AND xchan_deleted = 0",
+				intval(local_channel()),
+				intval(argv(1))
+			);
+			if (!$r) {
+				json_return_and_die([
+					'success' => false,
+					'message' => t('Invalid abook_id')
+				]);
+			}
+
+			App::$poi = $r[0];
+
+		}
+	}
+
+
+	/* @brief Evaluate posted values and set changes
+	 *
+	 */
+
+	function post() {
+
+		if (!local_channel())
+			return;
+
+		$contact_id = intval(argv(1));
+		if (!$contact_id)
+			return;
+
+		$channel = App::get_channel();
+
+		$contact = App::$poi;
+
+		if (!$contact) {
+			notice(t('Could not access contact record.') . EOL);
+			killme();
+		}
+
+		call_hooks('contact_edit_post', $_REQUEST);
+
+		if (Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
+			$pgrp_ids = q("SELECT id FROM pgrp WHERE deleted = 0 AND uid = %d",
+				intval(local_channel())
+			);
+
+			foreach($pgrp_ids as $pgrp) {
+				if (array_key_exists('pgrp_id_' . $pgrp['id'], $_REQUEST)) {
+					AccessList::member_add(local_channel(), '', $contact['abook_xchan'], $pgrp['id']);
+				}
+				else {
+					AccessList::member_remove(local_channel(), '', $contact['abook_xchan'], $pgrp['id']);
+				}
+			}
+		}
+
+		$profile_id = ((array_key_exists('profile_assign', $_REQUEST)) ? $_REQUEST['profile_assign'] : $contact['abook_profile']);
+
+		if ($profile_id) {
+			$r = q("SELECT profile_guid FROM profile WHERE profile_guid = '%s' AND uid = %d LIMIT 1",
+				dbesc($profile_id),
+				intval(local_channel())
+			);
+			if (!$r) {
+				notice(t('Could not locate selected profile.') . EOL);
+				return;
+			}
+		}
+
+		$abook_incl = ((array_key_exists('abook_incl', $_REQUEST)) ? escape_tags($_REQUEST['abook_incl']) : $contact['abook_incl']);
+		$abook_excl = ((array_key_exists('abook_excl', $_REQUEST)) ? escape_tags($_REQUEST['abook_excl']) : $contact['abook_excl']);
+		$abook_role = ((array_key_exists('permcat', $_REQUEST)) ? escape_tags($_REQUEST['permcat']) : $contact['abook_role']);
+
+		if (!array_key_exists('closeness', $_REQUEST)) {
+			$_REQUEST['closeness'] = 80;
+		}
+
+		$closeness = intval($_REQUEST['closeness']);
+
+		if ($closeness < 0 || $closeness > 99) {
+			$closeness = 80;
+		}
+
+		$new_friend = ((intval($contact['abook_pending'])) ? true : false);
+
+		\Zotlabs\Lib\Permcat::assign($channel, $abook_role, [$contact['abook_xchan']]);
+
+		$abook_pending = (($new_friend) ? 0 : $contact['abook_pending']);
+
+		$r = q("UPDATE abook SET abook_profile = '%s', abook_closeness = %d, abook_pending = %d,
+			abook_incl = '%s', abook_excl = '%s'
+			where abook_id = %d AND abook_channel = %d",
+			dbesc($profile_id),
+			intval($closeness),
+			intval($abook_pending),
+			dbesc($abook_incl),
+			dbesc($abook_excl),
+			intval($contact_id),
+			intval(local_channel())
+		);
+
+		$_REQUEST['success'] = false;
+
+		if ($r) {
+			$_REQUEST['success'] = true;
+		}
+
+
+		if (!intval($contact['abook_self'])) {
+			if ($new_friend) {
+				Master::Summon(['Notifier', 'permission_accept', $contact_id]);
+			}
+
+			Master::Summon([
+				'Notifier',
+				(($new_friend) ? 'permission_create' : 'permission_update'),
+				$contact_id
+			]);
+		}
+
+		if ($new_friend) {
+			$default_group = $channel['channel_default_group'];
+			if ($default_group) {
+				$g = AccessList::by_hash(local_channel(), $default_group);
+				if ($g) {
+					AccessList::member_add(local_channel(), '', $contact['abook_xchan'], $g['id']);
+				}
+			}
+
+			// Check if settings permit ("post new friend activity" is allowed, and
+			// friends in general or this friend in particular aren't hidden)
+			// and send out a new friend activity
+
+			$pr = q("select * from profile where uid = %d and is_default = 1 and hide_friends = 0",
+				intval($channel['channel_id'])
+			);
+			if (($pr) && (!intval($contact['abook_hidden'])) && (intval(get_pconfig($channel['channel_id'], 'system', 'post_newfriend')))) {
+				$xarr = [];
+
+				$xarr['item_wall']       = 1;
+				$xarr['item_origin']     = 1;
+				$xarr['item_thread_top'] = 1;
+				$xarr['owner_xchan']     = $xarr['author_xchan'] = $channel['channel_hash'];
+				$xarr['allow_cid']       = $channel['channel_allow_cid'];
+				$xarr['allow_gid']       = $channel['channel_allow_gid'];
+				$xarr['deny_cid']        = $channel['channel_deny_cid'];
+				$xarr['deny_gid']        = $channel['channel_deny_gid'];
+				$xarr['item_private']    = (($xarr['allow_cid'] || $xarr['allow_gid'] || $xarr['deny_cid'] || $xarr['deny_gid']) ? 1 : 0);
+
+				$xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . $contact['xchan_url'] . ']' . $contact['xchan_name'] . '[/zrl]';
+
+				$xarr['body'] .= "\n\n\n" . '[zrl=' . $contact['xchan_url'] . '][zmg=80x80]' . $contact['xchan_photo_m'] . '[/zmg][/zrl]';
+
+				post_activity_item($xarr);
+
+			}
+
+			// pull in a bit of content if there is any to pull in
+			Master::Summon(['Onepoll', $contact_id]);
+
+		}
+
+		// Refresh the structure in memory with the new data
+		$this->init();
+
+		if ($new_friend) {
+			$arr = ['channel_id' => local_channel(), 'abook' => App::$poi];
+			call_hooks('accept_follow', $arr);
+		}
+
+		$this->contactedit_clone();
+		$this->get();
+
+		killme();
+
+		return;
+
+	}
+
+
+	/* @brief Generate content of contact edit page
+	 *
+	 *
+	 */
+
+	function get() {
+
+		if (!local_channel()) {
+			killme();
+		}
+
+		if (!App::$poi) {
+			killme();
+		}
+
+
+		$channel = App::get_channel();
+		$contact_id = App::$poi['abook_id'];
+		$contact    = App::$poi;
+		$section = ((array_key_exists('section', $_REQUEST)) ? $_REQUEST['section'] : 'roles');
+		$sub_section = ((array_key_exists('sub_section', $_REQUEST)) ? $_REQUEST['sub_section'] : '');
+
+
+		if (argc() == 3) {
+			$cmd = argv(2);
+			$ret = $this->do_action($contact, $cmd);
+			$contact = App::$poi;
+
+			$tools_html =  replace_macros(get_markup_template("contact_edit_tools.tpl"), [
+				'$tools_label'      => t('Contact Tools'),
+				'$tools'            => $this->get_tools($contact),
+			]);
+
+			$ret['tools'] = $tools_html;
+
+			json_return_and_die($ret);
+		}
+
+		$groups = [];
+
+		if (Apps::system_app_installed(local_channel(), 'Privacy Groups')) {
+
+			$r = q("SELECT * FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
+				intval(local_channel())
+			);
+
+			$member_of = AccessList::containing(local_channel(), $contact['xchan_hash']);
+
+			if ($r) {
+				foreach ($r as $rr) {
+					$default_group = false;
+					if ($rr['hash'] === $channel['channel_default_group']) {
+						$default_group = true;
+					}
+
+					$groups[] = [
+						'pgrp_id_' . $rr['id'],
+						$rr['gname'],
+						// if it's a new contact preset the default group if we have one
+						(($default_group && $contact['abook_pending']) ? 1 : in_array($rr['id'], $member_of)),
+						'',
+						[t('No'), t('Yes')]
+					];
+				}
+			}
+		}
+
+		$slide = '';
+
+		if (Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
+
+			$labels = [
+				t('Me'),
+				t('Family'),
+				t('Friends'),
+				t('Acquaintances'),
+				t('All')
+			];
+			call_hooks('affinity_labels', $labels);
+			$label_str = '';
+
+			if ($labels) {
+				foreach ($labels as $l) {
+					if ($label_str) {
+						$label_str .= ", '|'";
+						$label_str .= ", '" . $l . "'";
+					}
+					else
+						$label_str .= "'" . $l . "'";
+				}
+			}
+
+			$slider_tpl = get_markup_template('contact_slider.tpl');
+
+			$slideval = intval($contact['abook_closeness']);
+
+			$slide = replace_macros($slider_tpl, [
+				'$min'    => 1,
+				'$val'    => $slideval,
+				'$labels' => $label_str,
+			]);
+		}
+
+		$perms        = [];
+		$global_perms = Permissions::Perms();
+		$existing     = get_all_perms(local_channel(), $contact['abook_xchan'], false);
+		$unapproved   = ['pending', t('Approve this contact'), '', t('Accept contact to allow communication'), [t('No'), ('Yes')]];
+		$multiprofs   = ((feature_enabled(local_channel(), 'multi_profiles')) ? true : false);
+
+		$theirs = q("select * from abconfig where chan = %d and xchan = '%s' and cat = 'their_perms'",
+			intval(local_channel()),
+			dbesc($contact['abook_xchan'])
+		);
+
+		$their_perms = [];
+		if ($theirs) {
+			foreach ($theirs as $t) {
+				$their_perms[$t['k']] = $t['v'];
+			}
+		}
+
+		foreach ($global_perms as $k => $v) {
+			$thisperm       = $existing[$k];
+			$checkinherited = PermissionLimits::Get(local_channel(), $k);
+			$perms[]        = ['perms_' . $k, $v, ((array_key_exists($k, $their_perms)) ? intval($their_perms[$k]) : ''), $thisperm, 1, (($checkinherited & PERMS_SPECIFIC) ? '0' : '1'), '', $checkinherited];
+		}
+
+		$pcat            = new Permcat(local_channel());
+		$pcatlist        = $pcat->listing();
+		$default_role    = get_pconfig(local_channel(), 'system', 'default_permcat');
+		$current_permcat = (($contact['abook_pending']) ? $default_role : $contact['abook_role']);
+
+		$roles_dict = [];
+		foreach ($pcatlist as $role) {
+			$roles_dict[$role['name']] = $role['localname'];
+		}
+
+
+		if (!$current_permcat) {
+			notice(t('Please select a role for this contact!') . EOL);
+			$permcats[] = '';
+		}
+
+		if ($pcatlist) {
+			foreach ($pcatlist as $pc) {
+				$permcats[$pc['name']] = $pc['localname'];
+			}
+		}
+
+		$locstr = locations_by_netid($contact['xchan_hash']);
+		if (!$locstr) {
+			$locstr = unpunify($contact['xchan_url']);
+		}
+
+		$clone_warn = '';
+		$clonable   = in_array($contact['xchan_network'], ['zot6', 'rss']);
+		if (!$clonable) {
+			$clone_warn = '<strong>';
+			$clone_warn .= ((intval($contact['abook_not_here']))
+				? t('This contact is unreachable from this location.')
+				: t('This contact may be unreachable from other channel locations.')
+			);
+			$clone_warn .= '</strong><br>' . t('Location independence is not supported by their network.');
+		}
+
+		$header_card = '<img src="' . $contact['xchan_photo_s'] . '" class="rounded" style="width: 3rem; height: 3rem;">&nbsp; ' . $contact['xchan_name'];
+
+		$header_html =  replace_macros(get_markup_template("contact_edit_header.tpl"), [
+			'$img_src' => $contact['xchan_photo_s'],
+			'$name' => $contact['xchan_name'],
+			'$addr' => (($contact['xchan_addr']) ? $contact['xchan_addr'] : $contact['xchan_url']),
+			'$href' => ((is_matrix_url($contact['xchan_url'])) ? zid($contact['xchan_url']) : $contact['xchan_url']),
+			'$link_label' => t('View profile'),
+			'$is_group' => $contact['xchan_pubforum'],
+			'$group_label' => t('This is a group/forum channel')
+		]);
+
+		$tools_html =  replace_macros(get_markup_template("contact_edit_tools.tpl"), [
+			'$tools_label'      => t('Contact Tools'),
+			'$tools'            => $this->get_tools($contact),
+		]);
+
+		$tpl = get_markup_template("contact_edit.tpl");
+
+		$o = replace_macros($tpl, [
+			'$permcat'          => ['permcat', t('Select a role for this contact'), $current_permcat, '', $permcats],
+			'$permcat_new'      => t('Contact roles'),
+			'$permcat_value'    => bin2hex($current_permcat),
+//			'$addr'             => unpunify($contact['xchan_addr']),
+//			'$primeurl'         => unpunify($contact['xchan_url']),
+			'$section'          => $section,
+			'$sub_section'      => $sub_section,
+			'$groups'           => $groups,
+//			'$addr_text'        => t('This contacts\'s primary address is'),
+//			'$loc_text'         => t('Available locations:'),
+//			'$locstr'           => $locstr,
+//			'$unclonable'       => $clone_warn,
+			'$lbl_slider'       => t('Slide to adjust your degree of friendship'),
+			'$connfilter'       => feature_enabled(local_channel(), 'connfilter'),
+			'$connfilter_label' => t('Custom Filter'),
+			'$incl'             => ['abook_incl', t('Only import posts with this text'), $contact['abook_incl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')],
+			'$excl'             => ['abook_excl', t('Do not import posts with this text'), $contact['abook_excl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')],
+			'$slide'            => $slide,
+//			'$pending_label'    => t('Contact Pending Approval'),
+//			'$is_pending'       => (intval($contact['abook_pending']) ? 1 : ''),
+//			'$unapproved'       => $unapproved,
+			'$submit'           => ((intval($contact['abook_pending'])) ? t('Approve contact') : t('Submit')),
+			'$close'            => (($contact['abook_closeness']) ? $contact['abook_closeness'] : 80),
+			'$them'             => t('Their'),
+			'$me'               => t('My'),
+			'$perms'            => $perms,
+//			'$lastupdtext'      => t('Last update:'),
+//			'$last_update'      => relative_date($contact['abook_connected']),
+			'$profile_select'   => contact_profile_assign($contact['abook_profile']),
+			'$multiprofs'       => $multiprofs,
+			'$contact_id'       => $contact['abook_id'],
+//			'$name'             => $contact['xchan_name'],
+			'$roles_label'	    => t('Roles'),
+			'$compare_label'    => t('Compare permissions'),
+			'$permission_label' => t('Permission'),
+			'$pgroups_label'    => t('Privacy groups'),
+			'$profiles_label'   => t('Profiles'),
+			'$affinity_label'   => t('Affinity'),
+			'$filter_label'	    => t('Content filter')
+		]);
+
+		$arr = ['contact' => $contact, 'output' => $o];
+
+		call_hooks('contact_edit', $arr);
+
+		if (is_ajax()) {
+			json_return_and_die([
+				'success' => ((isset($_REQUEST['success'])) ? intval($_REQUEST['success']) : 1),
+				'message' => ((isset($_REQUEST['success'])) ? t('Contact updated') : t('Contact update failed')),
+				'id' => $contact_id,
+				'title' => $header_html,
+				'role' => ((intval($contact['abook_pending'])) ? '' : $roles_dict[$current_permcat]),
+				'body' => $arr['output'],
+				'tools' => $tools_html,
+				'submit' => ((intval($contact['abook_pending'])) ? t('Approve connection') : t('Submit')),
+				'pending' => intval($contact['abook_pending'])
+			]);
+		}
+
+		return $arr['output'];
+
+	}
+
+	function contactedit_clone() {
+
+		if (!App::$poi)
+			return;
+
+		$channel = App::get_channel();
+
+		$clone = App::$poi;
+
+		unset($clone['abook_id']);
+		unset($clone['abook_account']);
+		unset($clone['abook_channel']);
+
+		$abconfig = load_abconfig($channel['channel_id'], $clone['abook_xchan']);
+		if ($abconfig)
+			$clone['abconfig'] = $abconfig;
+
+		Libsync::build_sync_packet(0 /* use the current local_channel */, ['abook' => [$clone]]);
+	}
+
+	function do_action($contact, $cmd) {
+		$ret = [
+			'sucess' => false,
+			'message' => ''
+		];
+
+		if ($cmd === 'resetphoto') {
+			q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s'",
+				dbesc($contact['xchan_hash'])
+			);
+			$cmd = 'refresh';
+		}
+
+		if ($cmd === 'refresh') {
+			if ($contact['xchan_network'] === 'zot6') {
+				if (Libzot::refresh($contact, App::get_channel())) {
+					$ret['success'] = true;
+					$ret['message'] = t('Refresh succeeded');
+				}
+				else {
+					$ret['message'] = t('Refresh failed - channel is currently unavailable');
+				}
+			}
+			else {
+				// if you are on a different network we'll force a refresh of the connection basic info
+				Master::Summon(['Notifier', 'permission_update', $contact['abook_id']]);
+				$ret['success'] = true;
+				$ret['message'] = t('Refresh succeeded');
+			}
+
+			return $ret;
+		}
+
+		if ($cmd === 'block') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_BLOCKED)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Block status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Block failed');
+			}
+			return $ret;
+		}
+
+		if ($cmd === 'ignore') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_IGNORED)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Ignore status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Ignore failed');
+			}
+			return $ret;
+		}
+
+		if ($cmd === 'archive') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_ARCHIVED)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Archive status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Archive failed');
+			}
+			return $ret;
+		}
+
+		if ($cmd === 'hide') {
+			if (abook_toggle_flag($contact, ABOOK_FLAG_HIDDEN)) {
+				$this->init(); // refresh data
+
+				$this->contactedit_clone();
+				$ret['success'] = true;
+				$ret['message'] = t('Hide status updated');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Hide failed');
+			}
+			return $ret;
+		}
+
+		// We'll prevent somebody from unapproving an already approved contact.
+		// Though maybe somebody will want this eventually (??)
+
+		//if ($cmd === 'approve') {
+			//if (intval($contact['abook_pending'])) {
+				//if (abook_toggle_flag($contact, ABOOK_FLAG_PENDING)) {
+					//$this->contactedit_clone();
+				//}
+				//else
+					//notice(t('Unable to set address book parameters.') . EOL);
+			//}
+			//goaway(z_root() . '/connedit/' . $contact_id);
+		//}
+
+
+		if ($cmd === 'drop') {
+
+			if (contact_remove(local_channel(), $contact['abook_id'])) {
+
+				Master::Summon(['Notifier', 'purge', local_channel(), $contact['xchan_hash']]);
+				Libsync::build_sync_packet(0 /* use the current local_channel */,
+					['abook' => [
+						[
+							'abook_xchan'   => $contact['abook_xchan'],
+							'entry_deleted' => true
+						]
+					]
+				]);
+
+				$ret['success'] = true;
+				$ret['message'] = t('Contact removed');
+			}
+			else {
+				$ret['success'] = false;
+				$ret['message'] = t('Delete failed');
+			}
+			return $ret;
+		}
+	}
+
+	function get_tools($contact) {
+		return [
+
+			'refresh' => [
+				'label' => t('Refresh Permissions'),
+				'title' => t('Fetch updated permissions'),
+			],
+
+			'rephoto' => [
+				'label' => t('Refresh Photo'),
+				'title' => t('Fetch updated photo'),
+			],
+
+
+			'block' => [
+				'label' => (intval($contact['abook_blocked']) ? t('Unblock') : t('Block')),
+				'sel'   => (intval($contact['abook_blocked']) ? 'active' : ''),
+				'title' => t('Block (or Unblock) all communications with this connection'),
+				'info'  => (intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''),
+			],
+
+			'ignore' => [
+				'label' => (intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore')),
+				'sel'   => (intval($contact['abook_ignored']) ? 'active' : ''),
+				'title' => t('Ignore (or Unignore) all inbound communications from this connection'),
+				'info'  => (intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''),
+			],
+
+			'archive' => [
+				'label' => (intval($contact['abook_archived']) ? t('Unarchive') : t('Archive')),
+				'sel'   => (intval($contact['abook_archived']) ? 'active' : ''),
+				'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'),
+				'info'  => (intval($contact['abook_archived']) ? t('This connection is archived!') : ''),
+			],
+
+			'hide' => [
+				'label' => (intval($contact['abook_hidden']) ? t('Unhide') : t('Hide')),
+				'sel'   => (intval($contact['abook_hidden']) ? 'active' : ''),
+				'title' => t('Hide or Unhide this connection from your other connections'),
+				'info'  => (intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''),
+			],
+
+			'delete' => [
+				'label' => t('Delete'),
+				'sel'   => '',
+				'title' => t('Delete this connection'),
+			],
+
+		];
+	}
+
+}

Zotlabs/Module/Contactgroup.php

@@ -1,17 +1,17 @@
 <?php
 namespace Zotlabs\Module;
 
-require_once('include/group.php');
+use Zotlabs\Lib\AccessList;
+use Zotlabs\Web\Controller;
 
-
-class Contactgroup extends \Zotlabs\Web\Controller {
+class Contactgroup extends Controller {
 
 	function get() {
-	
+
 		if(! local_channel()) {
 			killme();
 		}
-	
+
 		if((argc() > 2) && (intval(argv(1))) && (argv(2))) {
 			$r = q("SELECT abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1",
 				dbesc(base64url_decode(argv(2))),
@@ -20,9 +20,9 @@ class Contactgroup extends \Zotlabs\Web\Controller {
 			if($r)
 				$change = $r[0]['abook_xchan'];
 		}
-	
+
 		if((argc() > 1) && (intval(argv(1)))) {
-	
+
 			$r = q("SELECT * FROM pgrp WHERE id = %d AND uid = %d AND deleted = 0 LIMIT 1",
 				intval(argv(1)),
 				intval(local_channel())
@@ -30,25 +30,25 @@ class Contactgroup extends \Zotlabs\Web\Controller {
 			if(! $r) {
 				killme();
 			}
-	
+
 			$group = $r[0];
-			$members = group_get_members($group['id']);
+			$members = AccessList::members(local_channel(), $group['id']);
 			$preselected = array();
 			if(count($members))	{
 				foreach($members as $member)
 					$preselected[] = $member['xchan_hash'];
 			}
-	
+
 			if($change) {
 				if(in_array($change,$preselected)) {
-					group_rmv_member(local_channel(),$group['gname'],$change);
+					AccessList::member_remove(local_channel(),$group['gname'],$change);
 				}
 				else {
-					group_add_member(local_channel(),$group['gname'],$change);
+					AccessList::member_add(local_channel(),$group['gname'],$change);
 				}
 			}
 		}
-	
+
 		killme();
 	}
 }

Zotlabs/Module/Cover_photo.php

@@ -3,7 +3,7 @@ namespace Zotlabs\Module;
 
 use Zotlabs\Lib\Libsync;
 
-/* 
+/*
    @file cover_photo.php
    @brief Module-file with functions for handling of cover-photos
 
@@ -29,43 +29,43 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 		if(! local_channel()) {
 			return;
 		}
-	
+
 		$channel = \App::get_channel();
-		profile_load($channel['channel_address']);	
+		profile_load($channel['channel_address']);
 	}
-	
+
 	/**
 	 * @brief Evaluate posted values
 	 *
 	 * @return void
 	 *
 	 */
-	
+
 	function post() {
-	
+
 		if(! local_channel()) {
 			return;
 		}
-	
+
 		$channel = \App::get_channel();
-		
+
 		check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
 
 		// Remove cover photo
 		if(isset($_POST['remove'])) {
-			
+
 			$r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1",
 				intval(PHOTO_COVER),
 				intval(local_channel())
 			);
-			
+
 			if($r) {
 			    q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
 			    	intval(PHOTO_NORMAL),
 				    intval(PHOTO_COVER),
 				    intval(local_channel())
 			    );
-			
+
 				$sync = attach_export_data($channel,$r[0]['resource_id']);
 				if($sync)
 				    Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync)));
@@ -76,47 +76,47 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 
 			goaway(z_root() . '/cover_photo');
 		}
-	        
+
 		if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) {
-	
+
 			// phase 2 - we have finished cropping
-	
+
 			if(argc() != 2) {
 				notice( t('Image uploaded but image cropping failed.') . EOL );
 				return;
 			}
-	
+
 			$image_id = argv(1);
-	
+
 			if(substr($image_id,-2,1) == '-') {
 				$scale = substr($image_id,-1,1);
 				$image_id = substr($image_id,0,-2);
 			}
-				
+
 
 
 			$srcX = intval($_POST['xstart']);
 			$srcY = intval($_POST['ystart']);
 			$srcW = intval($_POST['xfinal']) - $srcX;
 			$srcH = intval($_POST['yfinal']) - $srcY;
-	
+
 			$r = q("select gender from profile where uid = %d and is_default = 1 limit 1",
 				intval(local_channel())
 			);
 			if($r) {
 				$profile = $r[0];
 			}
-	
+
 			$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = 0 LIMIT 1",
 				dbesc($image_id),
 				intval(local_channel())
 			);
-	
+
 			if($r) {
 
 				$max_thumb = intval(get_config('system','max_thumbnail',1600));
 				$iscaled = false;
-				if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) { 
+				if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) {
 					$imagick_path = get_config('system','imagick_convert_path');
 					if($imagick_path && @file_exists($imagick_path) && intval($r[0]['os_storage'])) {
 
@@ -150,63 +150,63 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 
 				$im = photo_factory($base_image['content'], $base_image['mimetype']);
 				if($im->is_valid()) {
-	
-					// We are scaling and cropping the relative pixel locations to the original photo instead of the 
+
+					// We are scaling and cropping the relative pixel locations to the original photo instead of the
 					// scaled photo we operated on.
-	
+
 					// First load the scaled photo to check its size. (Should probably pass this in the post form and save
 					// a query.)
-	
+
 					$g = q("select width, height from photo where resource_id = '%s' and uid = %d and imgscale = 3",
 						dbesc($image_id),
 						intval(local_channel())
 					);
-	
-	
+
+
 					$scaled_width = $g[0]['width'];
 					$scaled_height = $g[0]['height'];
-	
+
 					if((! $scaled_width) || (! $scaled_height)) {
 						logger('potential divide by zero scaling cover photo');
 						return;
 					}
-	
+
 					// unset all other cover photos
-	
+
 					q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
 						intval(PHOTO_NORMAL),
 						intval(PHOTO_COVER),
 						intval(local_channel())
 					);
-	
+
 					$orig_srcx = ( $base_image['width'] / $scaled_width ) * $srcX;
 					$orig_srcy = ( $base_image['height'] / $scaled_height ) * $srcY;
 	 				$orig_srcw = ( $srcW / $scaled_width ) * $base_image['width'];
 	 				$orig_srch = ( $srcH / $scaled_height ) * $base_image['height'];
-	
+
 					$im->cropImageRect(1200,435,$orig_srcx, $orig_srcy, $orig_srcw, $orig_srch);
-	
+
 					$aid = get_account_id();
-	
-					$p = [ 
-						'aid'          => $aid, 
-						'uid'          => local_channel(), 
+
+					$p = [
+						'aid'          => $aid,
+						'uid'          => local_channel(),
 						'resource_id'  => $base_image['resource_id'],
-						'filename'     => $base_image['filename'], 
+						'filename'     => $base_image['filename'],
 						'album'        => t('Cover Photos'),
 						'os_path'      => $base_image['os_path'],
 						'display_path' => $base_image['display_path'],
 						'photo_usage'  => PHOTO_COVER
 					];
-					
+
 					$r1 = $im->storeThumbnail($p, PHOTO_RES_COVER_1200);
-	
+
 					$im->doScaleImage(850,310);
 					$r2 = $im->storeThumbnail($p, PHOTO_RES_COVER_850);
-	
+
 					$im->doScaleImage(425,160);
 					$r3 = $im->storeThumbnail($p, PHOTO_RES_COVER_425);
-					
+
 					if($r1 === false || $r2 === false || $r3 === false) {
 						// if one failed, delete them all so we can start over.
 						notice( t('Image resize failed.') . EOL );
@@ -214,7 +214,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 							dbesc($base_image['resource_id']),
 							local_channel()
 						);
-						
+
 						$x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale >= 7",
 							dbesc($base_image['resource_id']),
 							local_channel()
@@ -229,7 +229,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 					}
 
 					$this->send_cover_photo_activity($channel,$base_image,$profile);
-					
+
 					$sync = attach_export_data($channel,$base_image['resource_id']);
 					if($sync)
 					    Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync)));
@@ -240,33 +240,33 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				else
 					notice( t('Unable to process image') . EOL);
 			}
-	
+
 			goaway(z_root() . '/channel/' . $channel['channel_address']);
-	
+
 		}
-	
-	
+
+
 		$hash = photo_new_resource();
 		$smallest = 0;
-	
+
 		require_once('include/attach.php');
-	
+
 		$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true));
-	
+
 		logger('attach_store: ' . print_r($res,true));
-	
+
 		if($res && intval($res['data']['is_photo'])) {
 			$i = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0",
 				dbesc($hash),
 				intval(local_channel())
 			);
-	
+
 			if(! $i) {
 				notice( t('Image upload failed.') . EOL );
 				return;
 			}
 			$os_storage = false;
-	
+
 			foreach($i as $ii) {
 				$smallest   = intval($ii['imgscale']);
 				$os_storage = intval($ii['os_storage']);
@@ -274,91 +274,91 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				$filetype   = $ii['mimetype'];
 			}
 		}
-	
+
 		$imagedata = (($os_storage) ? @file_get_contents(dbunescbin($imagedata)) : dbunescbin($imagedata));
 		$ph = photo_factory($imagedata, $filetype);
-	
+
 		if(! $ph->is_valid()) {
 			notice( t('Unable to process image.') . EOL );
 			return;
 		}
-	
+
 		return $this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
-		
+
 	}
-	
+
 	function send_cover_photo_activity($channel,$photo,$profile) {
-	
+
 		$arr = array();
 		$arr['item_thread_top'] = 1;
 		$arr['item_origin'] = 1;
 		$arr['item_wall'] = 1;
-	
+
 		if($profile && stripos($profile['gender'],t('female')) !== false)
 			$t = t('%1$s updated her %2$s');
 		elseif($profile && stripos($profile['gender'],t('male')) !== false)
 			$t = t('%1$s updated his %2$s');
 		else
 			$t = t('%1$s updated their %2$s');
-	
+
 		$ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('cover photo') . '[/zrl]';
-	
-		$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]'; 
-	
+
+		$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]';
+
 		$arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext;
-	
+
 		$acl = new \Zotlabs\Access\AccessList($channel);
 		$x = $acl->get();
 		$arr['allow_cid'] = $x['allow_cid'];
-	
+
 		$arr['allow_gid'] = $x['allow_gid'];
 		$arr['deny_cid'] = $x['deny_cid'];
 		$arr['deny_gid'] = $x['deny_gid'];
-	
+
 		$arr['uid'] = $channel['channel_id'];
 		$arr['aid'] = $channel['channel_account_id'];
-	
+
 		$arr['owner_xchan'] = $channel['channel_hash'];
 		$arr['author_xchan'] = $channel['channel_hash'];
-	
+
 		post_activity_item($arr);
-	
-	
+
+
 	}
-	
-	
+
+
 	/**
 	 * @brief Generate content of profile-photo view
 	 *
 	 * @return string
 	 *
 	 */
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL );
 			return;
 		}
-	
+
 		$channel = \App::get_channel();
-	
+
 		$newuser = false;
-	
+
 		if(argc() == 2 && argv(1) === 'new')
 			$newuser = true;
-	
+
 		if(argv(1) === 'use') {
 			if (argc() < 3) {
 				notice( t('Permission denied.') . EOL );
 				return;
 			};
-			
+
 	//		check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
-	        
+
 			$resource_id = argv(2);
-	
+
 			$r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC",
 				intval(local_channel()),
 				dbesc($resource_id)
@@ -372,22 +372,22 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				if($rr['imgscale'] == 7)
 					$havescale = true;
 			}
-	
+
 			$r = q("SELECT content, mimetype, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1",
 				intval($r[0]['id']),
 				intval(local_channel())
-	
+
 			);
 			if(! $r) {
 				notice( t('Photo not available.') . EOL );
 				return;
 			}
-	
+
 			if(intval($r[0]['os_storage']))
 				$data = @file_get_contents(dbunescbin($r[0]['content']));
 			else
-				$data = dbunescbin($r[0]['content']); 
-	
+				$data = dbunescbin($r[0]['content']);
+
 			$ph = photo_factory($data, $r[0]['mimetype']);
 			$smallest = 0;
 			if($ph->is_valid()) {
@@ -396,7 +396,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 					dbesc($r[0]['resource_id']),
 					intval(local_channel())
 				);
-	
+
 				if($i) {
 					$hash = $i[0]['resource_id'];
 					foreach($i as $ii) {
@@ -404,15 +404,15 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 					}
 	            }
 	        }
-	 
+
 			$this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
 		}
-	
-	
+
+
 		if(! x(\App::$data,'imagecrop')) {
-	
+
 			$tpl = get_markup_template('cover_photo.tpl');
-	
+
 			$o .= replace_macros($tpl,array(
 				'$user'                => \App::$channel['channel_address'],
 				'$info'                => t('Your cover photo may be visible to anybody on the internet'),
@@ -422,7 +422,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				'$title'               => t('Change Cover Photo'),
 				'$submit'              => t('Upload'),
 				'$remove'              => t('Remove'),
-				'$profiles'            => $profiles,
+				'$profiles'            => false,
 				'$embedPhotos' => t('Use a photo from your albums'),
 				'$embedPhotosModalTitle' => t('Use a photo from your albums'),
 				'$embedPhotosModalCancel' => t('Cancel'),
@@ -434,13 +434,13 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				'$modalerrorlink' => t('Error getting photo link'),
 				'$modalerroralbum' => t('Error getting album'),
 				'$form_security_token' => get_form_security_token("cover_photo"),
-					/// @FIXME - yuk  
+					/// @FIXME - yuk
 				'$select' => t('Select existing photo'),
 
 			));
-			
+
 			call_hooks('cover_photo_content_end', $o);
-			
+
 			return $o;
 		}
 		else {
@@ -459,10 +459,8 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 			));
 			return $o;
 		}
-	
-		return; // NOTREACHED
 	}
-	
+
 	/* @brief Generate the UI for photo-cropping
 	 *
 	 * @param $a Current application
@@ -470,30 +468,30 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 	 * @return void
 	 *
 	 */
-	
+
 	function cover_photo_crop_ui_head(&$a, $ph, $hash, $smallest){
-	
+
 		$max_length = get_config('system','max_image_length');
 		if(! $max_length)
 			$max_length = MAX_IMAGE_LENGTH;
 		if($max_length > 0)
 			$ph->scaleImage($max_length);
-	
+
 		$width  = $ph->getWidth();
 		$height = $ph->getHeight();
-	
+
 		if($width < 300 || $height < 300) {
 			$ph->scaleImageUp(240);
 			$width  = $ph->getWidth();
 			$height = $ph->getHeight();
 		}
-	
-	
+
+
 		\App::$data['imagecrop'] = $hash;
 		\App::$data['imagecrop_resolution'] = $smallest;
 		\App::$page['htmlhead'] .= replace_macros(get_markup_template("crophead.tpl"), array());
 		return;
 	}
-	
-	
+
+
 }

Zotlabs/Module/Defperms.php

@@ -8,7 +8,6 @@ use Zotlabs\Lib\Libsync;
 
 require_once('include/socgraph.php');
 require_once('include/selectors.php');
-require_once('include/group.php');
 require_once('include/photos.php');
 
 class Defperms extends Controller {
@@ -23,8 +22,8 @@ class Defperms extends Controller {
 		if(! local_channel())
 			return;
 
-		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
-			return;
+		//if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
+		//	return;
 
 		$r = q("SELECT abook.*, xchan.*
 			FROM abook left join xchan on abook_xchan = xchan_hash
@@ -50,8 +49,8 @@ class Defperms extends Controller {
 		if(! local_channel())
 			return;
 
-		if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
-			return;
+		//if(! Apps::system_app_installed(local_channel(), 'Default Permissions'))
+		//	return;
 
 		$contact_id = intval(argv(1));
 		if(! $contact_id)
@@ -183,12 +182,12 @@ class Defperms extends Controller {
 			return login();
 		}
 
-		if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) {
-			//Do not display any associated widgets at this point
-			App::$pdl = '';
-			$papp = Apps::get_papp('Default Permissions');
-			return Apps::app_render($papp, 'module');
-		}
+		//~ if(! Apps::system_app_installed(local_channel(), 'Default Permissions')) {
+			//~ //Do not display any associated widgets at this point
+			//~ App::$pdl = '';
+			//~ $papp = Apps::get_papp('Default Permissions');
+			//~ return Apps::app_render($papp, 'module');
+		//~ }
 
 		$section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : '');
 		$channel = App::get_channel();
@@ -259,7 +258,6 @@ class Defperms extends Controller {
 				'$sections'       => $sections,
 				'$autolbl'        => t('The permissions indicated on this page will be applied to all new connections.'),
 				'$autoapprove'    => t('Automatic approval settings'),
-				'$unapproved'     => $unapproved,
 				'$inherited'      => t('inherited'),
 				'$submit'         => t('Submit'),
 				'$me'             => t('My Settings'),

Zotlabs/Module/Directory.php

@@ -83,7 +83,7 @@ class Directory extends Controller {
 		$globaldir = Libzotdir::get_directory_setting($observer, 'globaldir');
 
 		// override your personal global search pref if we're doing a navbar search of the directory
-		if(intval($_REQUEST['navsearch']))
+		if(isset($_REQUEST['navsearch']) && intval($_REQUEST['navsearch']))
 			$globaldir = 1;
 
 		$safe_mode = Libzotdir::get_directory_setting($observer, 'safemode');
@@ -98,15 +98,18 @@ class Directory extends Controller {
 		else
 			$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
 
-
+		$advanced = '';
 		if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch'))
 			$advanced = $search;
 
-		$keywords = (($_GET['keywords']) ? $_GET['keywords'] : '');
+		$keywords = $_GET['keywords'] ?? '';
 
 		// Suggest channels if no search terms or keywords are given
 		$suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : '';
 
+		$addresses = [];
+		$common = [];
+
 		if($suggest) {
 
 			// the directory options have no effect in suggestion mode
@@ -123,8 +126,7 @@ class Directory extends Controller {
 			}
 
 			// Remember in which order the suggestions were
-			$addresses = array();
-			$common = array();
+
 			$index = 0;
 			foreach($r as $rr) {
 				$common[$rr['xchan_addr']] = ((intval($rr['total']) > 0) ? intval($rr['total']) - 1 : 0);
@@ -132,7 +134,7 @@ class Directory extends Controller {
 			}
 
 			// Build query to get info about suggested people
-			$advanced = '';
+
 			foreach(array_keys($addresses) as $address) {
 				$advanced .= "address=\"$address\" ";
 			}
@@ -147,6 +149,8 @@ class Directory extends Controller {
 
 		$directory_admin = false;
 
+		$url = '';
+
 		if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
 			$url = z_root() . '/dirsearch';
 			if (is_site_admin()) {
@@ -228,7 +232,7 @@ class Directory extends Controller {
 				$j = json_decode($x['body'],true);
 				if($j) {
 
-					if($j['results']) {
+					if(isset($j['results']) && $j['results']) {
 
 						$results = $j['results'];
 						if($suggest) {
@@ -254,40 +258,33 @@ class Directory extends Controller {
 								$connect_link = '';
 
 							$location = '';
-							if(strlen($rr['locale']))
+							if(isset($rr['locale']))
 								$location .= $rr['locale'];
-							if(strlen($rr['region'])) {
-								if(strlen($rr['locale']))
+							if(isset($rr['region'])) {
+								if($location)
 									$location .= ', ';
 								$location .= $rr['region'];
 							}
-							if(strlen($rr['country'])) {
-								if(strlen($location))
+							if(isset($rr['country'])) {
+								if($location)
 									$location .= ', ';
 								$location .= $rr['country'];
 							}
 
 							$age = '';
-							if(strlen($rr['birthday'])) {
+							if(isset($rr['birthday'])) {
 								if(($years = age($rr['birthday'],'UTC','')) > 0)
 									$age = $years;
 							}
 
 							$page_type = '';
 
-							$rating_enabled = get_config('system','rating_enabled');
-
-							if($rr['total_ratings'] && $rating_enabled)
-								$total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']);
-							else
-								$total_ratings = '';
-
 							$profile = $rr;
 
-							if ((x($profile,'locale') == 1)
-								|| (x($profile,'region') == 1)
-								|| (x($profile,'postcode') == 1)
-								|| (x($profile,'country') == 1))
+					//		if ((x($profile,'locale') == 1)
+					//			|| (x($profile,'region') == 1)
+					//			|| (x($profile,'postcode') == 1)
+					//			|| (x($profile,'country') == 1))
 
 							$gender = ((x($profile,'gender') == 1) ? t('Gender: ') . $profile['gender']: False);
 
@@ -312,7 +309,7 @@ class Directory extends Controller {
 								$keywords = str_replace(',',' ', $keywords);
 								$keywords = str_replace('  ',' ', $keywords);
 								$karr = explode(' ', $keywords);
-
+								$marr = [];
 								if($karr) {
 									if(local_channel()) {
 										$r = q("select keywords from profile where uid = %d and is_default = 1 limit 1",
@@ -352,9 +349,6 @@ class Directory extends Controller {
 								'location' => $location,
 								'location_label' => t('Location:'),
 								'gender'   => $gender,
-								'total_ratings' => $total_ratings,
-								'viewrate' => true,
-								'canrate' => (($rating_enabled && local_channel()) ? true : false),
 								'pdesc'	=> $pdesc,
 								'pdesc_label' => t('Description:'),
 								'censor' => (($directory_admin) ? 'dircensor/' . $rr['hash'] : ''),
@@ -374,9 +368,9 @@ class Directory extends Controller {
 								'keywords' => $out,
 								'ignlink' => $suggest ? z_root() . '/directory?ignore=' . $rr['hash'] : '',
 								'ignore_label' => t('Don\'t suggest'),
-								'common_friends' => (($common[$rr['address']]) ? intval($common[$rr['address']]) : ''),
+								'common_friends' => $common[$rr['address']] ?? '',
 								'common_label' => t('Common connections (estimated):'),
-								'common_count' => intval($common[$rr['address']]),
+								'common_count' => $common[$rr['address']] ?? '',
 								'safe' => $safe_mode
 							);
 
@@ -402,14 +396,15 @@ class Directory extends Controller {
 
 						ksort($entries); // Sort array by key so that foreach-constructs work as expected
 
-						if($j['keywords']) {
+						if(isset($j['keywords']) && $j['keywords']) {
 							App::$data['directory_keywords'] = $j['keywords'];
 						}
 
 						logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA);
 
+						$aj = $_REQUEST['aj'] ?? '';
 
-						if($_REQUEST['aj']) {
+						if($aj) {
 							if($entries) {
 								$o = replace_macros(get_markup_template('directajax.tpl'),array(
 									'$entries' => $entries
@@ -449,12 +444,12 @@ class Directory extends Controller {
 
 					}
 					else {
-						if($_REQUEST['aj']) {
+						if(isset($_REQUEST['aj']) && $_REQUEST['aj']) {
 							$o = '<div id="content-complete"></div>';
 							echo $o;
 							killme();
 						}
-						if(App::$pager['page'] == 1 && $j['records'] == 0 && strpos($search,'@')) {
+						if(App::$pager['page'] == 1 && (isset($j['records']) && $j['records'] == 0) && strpos($search,'@')) {
 							goaway(z_root() . '/chanview/?f=&address=' . $search);
 						}
 						info( t("No entries (some entries may be hidden).") . EOL);

Zotlabs/Module/Dirsearch.php

@@ -26,7 +26,7 @@ class Dirsearch extends Controller {
 		}
 
 
-		$access_token = $_REQUEST['t'];
+		$access_token = $_REQUEST['t'] ?? '';
 
 		$token = get_config('system','realm_token');
 		if($token && $access_token != $token) {
@@ -45,7 +45,7 @@ class Dirsearch extends Controller {
 
 		$tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords');
 
-		if($_REQUEST['query']) {
+		if(isset($_REQUEST['query']) && $_REQUEST['query']) {
 			$advanced = $this->dir_parse_query($_REQUEST['query']);
 			if($advanced) {
 				foreach($advanced as $adv) {
@@ -61,22 +61,23 @@ class Dirsearch extends Controller {
 			}
 		}
 
-		$hash     = ((x($_REQUEST['hash']))    ? $_REQUEST['hash']     : '');
+		$hash     = $_REQUEST['hash'] ?? '';
+
+		$name     = $_REQUEST['name'] ?? '';
+		$hub      = $_REQUEST['hub'] ?? '';
+		$address  = $_REQUEST['address'] ?? '';
+		$locale   = $_REQUEST['locale'] ?? '';
+		$region   = $_REQUEST['region'] ?? '';
+		$postcode = $_REQUEST['postcode'] ?? '';
+		$country  = $_REQUEST['country'] ?? '';
+		$gender   = $_REQUEST['gender'] ?? '';
+		$marital  = $_REQUEST['marital'] ?? '';
+		$sexual   = $_REQUEST['sexual'] ?? '';
+		$keywords = $_REQUEST['keywords'] ?? '';
+		$agege    = $_REQUEST['agege'] ?? 0;
+		$agele    = $_REQUEST['agele'] ?? 0;
+		$kw       = $_REQUEST['kw'] ?? 0;
 
-		$name     = ((x($_REQUEST,'name'))     ? $_REQUEST['name']     : '');
-		$hub      = ((x($_REQUEST,'hub'))      ? $_REQUEST['hub']      : '');
-		$address  = ((x($_REQUEST,'address'))  ? $_REQUEST['address']  : '');
-		$locale   = ((x($_REQUEST,'locale'))   ? $_REQUEST['locale']   : '');
-		$region   = ((x($_REQUEST,'region'))   ? $_REQUEST['region']   : '');
-		$postcode = ((x($_REQUEST,'postcode')) ? $_REQUEST['postcode'] : '');
-		$country  = ((x($_REQUEST,'country'))  ? $_REQUEST['country']  : '');
-		$gender   = ((x($_REQUEST,'gender'))   ? $_REQUEST['gender']   : '');
-		$marital  = ((x($_REQUEST,'marital'))  ? $_REQUEST['marital']  : '');
-		$sexual   = ((x($_REQUEST,'sexual'))   ? $_REQUEST['sexual']   : '');
-		$keywords = ((x($_REQUEST,'keywords')) ? $_REQUEST['keywords'] : '');
-		$agege    = ((x($_REQUEST,'agege'))    ? intval($_REQUEST['agege']) : 0 );
-		$agele    = ((x($_REQUEST,'agele'))    ? intval($_REQUEST['agele']) : 0 );
-		$kw       = ((x($_REQUEST,'kw'))       ? intval($_REQUEST['kw'])    : 0 );
 		$forums   = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0);
 
 		if(get_config('system','disable_directory_keywords'))
@@ -109,7 +110,7 @@ class Dirsearch extends Controller {
 		$sort_order  = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : '');
 
 		$joiner = ' OR ';
-		if($_REQUEST['and'])
+		if(isset($_REQUEST['and']) && $_REQUEST['and'])
 			$joiner = ' AND ';
 
 		if($name)
@@ -148,11 +149,11 @@ class Dirsearch extends Controller {
 		}
 
 
-	    $perpage      = (($_REQUEST['n'])              ? $_REQUEST['n']                    : 60);
-	    $page         = (($_REQUEST['p'])              ? intval($_REQUEST['p'] - 1)        : 0);
+	    $perpage      = $_REQUEST['n'] ?? 60;
+	    $page         = ((isset($_REQUEST['p']) && $_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0);
 	    $startrec     = (($page+1) * $perpage) - $perpage;
-		$limit        = (($_REQUEST['limit'])          ? intval($_REQUEST['limit'])        : 0);
-		$return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0);
+		$limit        = $_REQUEST['limit'] ?? 0;
+		$return_total = $_REQUEST['return_total'] ?? 0;
 
 		// mtime is not currently working
 
@@ -262,7 +263,7 @@ class Dirsearch extends Controller {
 				xprof.xprof_homepage as homepage,
 				xprof.xprof_hometown as hometown,
 				xprof.xprof_keywords as keywords
-				from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on hubloc_hash = xchan_hash
+				from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on (hubloc_id_url = xchan_url and hubloc_hash = xchan_hash)
 				where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
 				$safesql $order $qlimit",
 				db_utcnow(),

Zotlabs/Module/Display.php

@@ -36,7 +36,7 @@ class Display extends \Zotlabs\Web\Controller {
 			}
 		}
 
-		if($_REQUEST['mid']) {
+		if(isset($_REQUEST['mid']) && $_REQUEST['mid']) {
 			$item_hash = $_REQUEST['mid'];
 		}
 
@@ -56,6 +56,8 @@ class Display extends \Zotlabs\Web\Controller {
 
 		$observer_is_owner = false;
 
+		$o = '';
+
 		if(local_channel() && (! $update)) {
 
 			$channel = App::get_channel();
@@ -72,7 +74,7 @@ class Display extends \Zotlabs\Web\Controller {
 				'allow_location'      => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
 				'default_location'    => $channel['channel_location'],
 				'nickname'            => $channel['channel_address'],
-				'lockstate'           => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
+				'lockstate'           => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
 				'acl'                 => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
 				'permissions'         => $channel_acl,
 				'bang'                => '',
@@ -87,7 +89,8 @@ class Display extends \Zotlabs\Web\Controller {
 				'reset'               => t('Reset form')
 			);
 
-			$o = '<div id="jot-popup">';
+			$o .= '<div id="jot-popup">';
+			$a = '';
 			$o .= status_editor($a,$x,false,'Display');
 			$o .= '</div>';
 		}
@@ -107,17 +110,21 @@ class Display extends \Zotlabs\Web\Controller {
 			dbesc($item_hash)
 		);
 
-		if($r) {
-			$target_item = $r[0];
+		if (!$r) {
+			notice( t('Item not found.') . EOL);
+			return '';
 		}
 
+		$target_item = $r[0];
+
+		/* not yet ready for prime time
 		$x = q("select * from xchan where xchan_hash = '%s' limit 1",
 			dbesc($target_item['author_xchan'])
 		);
 		if($x) {
-// not yet ready for prime time
-//			App::$poi = $x[0];
+			App::$poi = $x[0];
 		}
+		*/
 
 		//if the item is to be moderated redirect to /moderate
 		if($target_item['item_blocked'] == ITEM_MODERATED) {
@@ -143,48 +150,8 @@ class Display extends \Zotlabs\Web\Controller {
 			 	return '';
 			}
 		}
-		if($target_item['item_type']  == ITEM_TYPE_ARTICLE) {
-			$x = q("select * from channel where channel_id = %d limit 1",
-				intval($target_item['uid'])
-			);
-			$y = q("select * from iconfig left join item on iconfig.iid = item.id
-				where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'ARTICLE' and item.id = %d limit 1",
-				intval($target_item['uid']),
-				intval($target_item['parent'])
-			);
-			if($x && $y) {
-				goaway(z_root() . '/articles/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
-			}
-			else {
-				notice( t('Page not found.') . EOL);
-			 	return '';
-			}
-		}
-		if($target_item['item_type']  == ITEM_TYPE_CARD) {
 
-			$x = q("select * from channel where channel_id = %d limit 1",
-				intval($target_item['uid'])
-			);
-
-			$y = q("select * from iconfig left join item on iconfig.iid = item.id
-				where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'CARD' and item.id = %d limit 1",
-				intval($target_item['uid']),
-				intval($target_item['parent'])
-			);
-
-			if($x && $y) {
-				goaway(z_root() . '/cards/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
-			}
-			else {
-				notice( t('Page not found.') . EOL);
-			 	return '';
-			}
-		}
-		if ($target_item['item_type'] == ITEM_TYPE_CUSTOM) {
-			call_hooks('item_custom_display',$target_item);
-			notice( t('Page not found.') . EOL);
-			return '';
-		}
+		call_hooks('item_custom_display', $target_item);
 
 		$simple_update = '';
 		if($update && $_SESSION['loadtime'])
@@ -246,27 +213,27 @@ class Display extends \Zotlabs\Web\Controller {
 		$observer_hash = get_observer_hash();
 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
-
-		$sql_extra = ((local_channel()) ? EMPTY_STR : item_permissions_sql(0, $observer_hash));
+		$sql_extra = '';
+		$r = [];
 
 		if($noscript_content || $load) {
-
 			require_once('include/channel.php');
 			$sys = get_sys_channel();
 			// in case somebody turned off public access to sys channel content using permissions
 			// make that content unsearchable by ensuring the owner uid can't match
 			$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
 
-			$r = null;
-
 			if(local_channel()) {
 				$r = q("SELECT item.id AS item_id FROM item WHERE uid = %d AND mid = '%s' $item_normal LIMIT 1",
 					intval(local_channel()),
 					dbesc($target_item['parent_mid'])
 				);
+
 			}
 
 			if(!$r) {
+				$sql_extra = item_permissions_sql(0, $observer_hash);
+
 				$r = q("SELECT item.id AS item_id FROM item
 					WHERE ((mid = '%s'
 					AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid  = ''
@@ -290,7 +257,6 @@ class Display extends \Zotlabs\Web\Controller {
 			// make that content unsearchable by ensuring the owner uid can't match
 			$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
 
-			$r = null;
 			if(local_channel()) {
 				$r = q("SELECT item.parent AS item_id from item
 					WHERE uid = %d
@@ -303,7 +269,9 @@ class Display extends \Zotlabs\Web\Controller {
 				);
 			}
 
-			if(! $r) {
+			if(!$r) {
+				$sql_extra = item_permissions_sql(0, $observer_hash);
+
 				$r = q("SELECT item.id as item_id from item
 					WHERE ((parent_mid = '%s'
 					AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid  = ''
@@ -320,10 +288,6 @@ class Display extends \Zotlabs\Web\Controller {
 			}
 		}
 
-		else {
-			$r = [];
-		}
-
 		if($r) {
 			$parents_str = ids_to_querystr($r,'item_id');
 			if($parents_str) {
@@ -341,71 +305,71 @@ class Display extends \Zotlabs\Web\Controller {
 			$items = array();
 		}
 
-
 		switch($module_format) {
 
-		case 'html':
+			case 'html':
 
-			if ($update) {
-				$o .= conversation($items, 'display', $update, 'client');
-			}
-			else {
-				$o .= '<noscript>';
-				if($noscript_content) {
-					$o .= conversation($items, 'display', $update, 'traditional');
+				if ($update) {
+					$o .= conversation($items, 'display', $update, 'client');
 				}
 				else {
-					$o .= '<div class="section-content-warning-wrapper">' . t('You must enable javascript for your browser to be able to view this content.') . '</div>';
+					$o .= '<noscript>';
+					if($noscript_content) {
+						$o .= conversation($items, 'display', $update, 'traditional');
+					}
+					else {
+						$o .= '<div class="section-content-warning-wrapper">' . t('You must enable javascript for your browser to be able to view this content.') . '</div>';
+					}
+					$o .= '</noscript>';
+
+					if (isset($items[0]['title'])) {
+						App::$page['title'] = $items[0]['title'] . ' - ' . App::$page['title'];
+					}
+
+					$o .= conversation($items, 'display', $update, 'client');
 				}
-				$o .= '</noscript>';
 
-				App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . App::$page['title'] : App::$page['title']);
+				break;
 
-				$o .= conversation($items, 'display', $update, 'client');
-			}
+			case 'atom':
 
-			break;
+				$atom = replace_macros(get_markup_template('atom_feed.tpl'), array(
+					'$version'       => xmlify(\Zotlabs\Lib\System::get_project_version()),
+					'$generator'     => xmlify(\Zotlabs\Lib\System::get_platform_name()),
+					'$generator_uri' => 'https://hubzilla.org',
+					'$feed_id'       => xmlify(App::$cmd),
+					'$feed_title'    => xmlify(t('Article')),
+					'$feed_updated'  => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
+					'$author'        => '',
+					'$owner'         => '',
+					'$profile_page'  => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])),
+				));
 
-		case 'atom':
+				$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];
+				call_hooks('atom_feed_top',$x);
 
-			$atom = replace_macros(get_markup_template('atom_feed.tpl'), array(
-				'$version'       => xmlify(\Zotlabs\Lib\System::get_project_version()),
-				'$generator'     => xmlify(\Zotlabs\Lib\System::get_platform_name()),
-				'$generator_uri' => 'https://hubzilla.org',
-				'$feed_id'       => xmlify(App::$cmd),
-				'$feed_title'    => xmlify(t('Article')),
-				'$feed_updated'  => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
-				'$author'        => '',
-				'$owner'         => '',
-				'$profile_page'  => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])),
-			));
+				$atom = $x['xml'];
 
-			$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];
-			call_hooks('atom_feed_top',$x);
-
-			$atom = $x['xml'];
-
-			// a much simpler interface
-			call_hooks('atom_feed', $atom);
+				// a much simpler interface
+				call_hooks('atom_feed', $atom);
 
 
-			if($items) {
-				$type = 'html';
-				foreach($items as $item) {
-					if($item['item_private'])
-						continue;
-					$atom .= atom_entry($item, $type, null, '', true, '', false);
+				if($items) {
+					$type = 'html';
+					foreach($items as $item) {
+						if($item['item_private'])
+							continue;
+						$atom .= atom_entry($item, $type, null, '', true, '', false);
+					}
 				}
-			}
 
-			call_hooks('atom_feed_end', $atom);
+				call_hooks('atom_feed_end', $atom);
 
-			$atom .= '</feed>' . "\r\n";
-
-			header('Content-type: application/atom+xml');
-			echo $atom;
-			killme();
+				$atom .= '</feed>' . "\r\n";
 
+				header('Content-type: application/atom+xml');
+				echo $atom;
+				killme();
 		}
 
 		$o .= '<div id="content-complete"></div>';

Zotlabs/Module/Dreport.php

@@ -56,9 +56,12 @@ class Dreport extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		$r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
+		$r = q("select * from dreport where dreport_xchan = '%s' and (dreport_mid = '%s' or dreport_mid = '%s' or dreport_mid = '%s' or dreport_mid = '%s')",
 			dbesc($channel['channel_hash']),
-			dbesc($mid)
+			dbesc($mid),
+			dbesc($mid . '#sync'),
+			dbesc(str_replace('/item/', '/activity/', $mid)),
+			dbesc(str_replace('/item/', '/activity/', $mid) . '#sync')
 		);
 
 		if(! $r) {
@@ -93,6 +96,7 @@ class Dreport extends \Zotlabs\Web\Controller {
 				case 'updated':
 					$r[$x]['gravity'] = 5;
 					$r[$x]['dreport_result'] = t('updated');
+					break;
 				case 'update ignored':
 					$r[$x]['gravity'] = 6;
 					$r[$x]['dreport_result'] = t('update ignored');

Zotlabs/Module/Editpost.php

@@ -57,15 +57,17 @@ class Editpost extends \Zotlabs\Web\Controller {
 		$catsenabled = ((feature_enabled($owner_uid,'categories')) ? 'categories' : '');
 
 		if ($catsenabled){
-		        $itm = fetch_post_tags($itm);
-
-	                $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
-
-		        foreach ($cats as $cat) {
-		                if (strlen($category))
-		                        $category .= ', ';
-		                $category .= $cat['term'];
-		        }
+			$itm = fetch_post_tags($itm);
+			if (isset($itm[0]['term'])) {
+				$cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
+				if ($cats) {
+					foreach ($cats as $cat) {
+						if (strlen($category))
+								$category .= ', ';
+						$category .= $cat['term'];
+					}
+				}
+			}
 		}
 
 		if($itm[0]['attach']) {
@@ -104,6 +106,7 @@ class Editpost extends \Zotlabs\Web\Controller {
 			'bbcode' => true
 		);
 
+		$a = '';
 		$editor = status_editor($a, $x, false, 'Editpost');
 
 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(

Zotlabs/Module/Fhublocs.php

@@ -60,25 +60,26 @@ class Fhublocs extends \Zotlabs\Web\Controller {
 
 				$h = hubloc_store_lowlevel(
 					[
-						'hubloc_guid'     => $rr['channel_guid'],
-						'hubloc_guid_sig' => $rr['channel_guid_sig'],
-						'hubloc_hash'     => $rr['channel_hash'],
-						'hubloc_id_url'   => channel_url($rr),
-						'hubloc_addr'     => channel_reddress($rr),
-						'hubloc_primary'  => intval($primary),
-						'hubloc_url'      => z_root(),
-						'hubloc_url_sig'  => Libzot::sign(z_root(), $rr['channel_prvkey']),
-						'hubloc_site_id'  => Libzot::make_xchan_hash(z_root(), $sitekey),
-						'hubloc_host'     => \App::get_hostname(),
-						'hubloc_callback' => z_root() . '/zot',
-						'hubloc_sitekey'  => $sitekey,
-						'hubloc_network'  => 'zot6',
-						'hubloc_updated'  => datetime_convert()
+						'hubloc_guid'      => $rr['channel_guid'],
+						'hubloc_guid_sig'  => $rr['channel_guid_sig'],
+						'hubloc_hash'      => $rr['channel_hash'],
+						'hubloc_id_url'    => channel_url($rr),
+						'hubloc_addr'      => channel_reddress($rr),
+						'hubloc_primary'   => intval($primary),
+						'hubloc_url'       => z_root(),
+						'hubloc_url_sig'   => Libzot::sign(z_root(), $rr['channel_prvkey']),
+						'hubloc_site_id'   => Libzot::make_xchan_hash(z_root(), $sitekey),
+						'hubloc_host'      => \App::get_hostname(),
+						'hubloc_callback'  => z_root() . '/zot',
+						'hubloc_sitekey'   => $sitekey,
+						'hubloc_network'   => 'zot6',
+						'hubloc_updated'   => datetime_convert(),
+						'hubloc_connected' => datetime_convert()
 					]
 				);
 
 				if($h)
-					$o . 'local hubloc created for ' . $rr['channel_name'] . EOL;
+					$o .= 'local hubloc created for ' . $rr['channel_name'] . EOL;
 				else
 					$o .= 'DB update failed for ' . $rr['channel_name'] . EOL;
 

Zotlabs/Module/File_upload.php

@@ -30,12 +30,12 @@ class File_upload extends \Zotlabs\Web\Controller {
 			$_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
 		}
 
-		$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
-		$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
-		$_REQUEST['deny_cid']  = perms2str($_REQUEST['contact_deny']);
-		$_REQUEST['deny_gid']  = perms2str($_REQUEST['group_deny']);
+		$_REQUEST['allow_cid'] = ((isset($_REQUEST['contact_allow'])) ? perms2str($_REQUEST['contact_allow']) : '');
+		$_REQUEST['allow_gid'] = ((isset($_REQUEST['group_allow'])) ? perms2str($_REQUEST['group_allow']) : '');
+		$_REQUEST['deny_cid']  = ((isset($_REQUEST['contact_deny'])) ? perms2str($_REQUEST['contact_deny']) : '');
+		$_REQUEST['deny_gid']  = ((isset($_REQUEST['group_deny'])) ? perms2str($_REQUEST['group_deny']) : '');
 
-		if($_REQUEST['filename']) {
+		if(isset($_REQUEST['filename']) && $_REQUEST['filename']) {
 			$r = attach_mkdir($channel, get_observer_hash(), $_REQUEST);
 			if($r['success']) {
 				$hash = $r['data']['hash'];

Zotlabs/Module/Follow.php

@@ -70,13 +70,12 @@ class Follow extends Controller {
 		}
 
 		$uid = local_channel();
-		$url = notags(trim(punify($_REQUEST['url'])));
+		$url = notags(punify(trim($_REQUEST['url'])));
 		$return_url = $_SESSION['return_url'];
-		$confirm = intval($_REQUEST['confirm']);
-		$interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1);
+		$interactive = $_REQUEST['interactive'] ?? 1;
 		$channel = App::get_channel();
 
-		$result = Connect::connect($channel,$url);
+		$result = Connect::connect($channel, $url);
 
 		if ($result['success'] == false) {
 			if ($result['message']) {
@@ -108,7 +107,7 @@ class Follow extends Controller {
 		}
 		Libsync::build_sync_packet(0, [ 'abook' => [ $clone ] ], true);
 
-		$can_view_stream = their_perms_contains($channel['channel_id'],$clone['abook_xchan'],'view_stream');
+		$can_view_stream = intval(get_abconfig($channel['channel_id'], $clone['abook_xchan'], 'their_perms', 'view_stream'));
 
 		// If we can view their stream, pull in some posts
 
@@ -117,7 +116,7 @@ class Follow extends Controller {
 		}
 
 		if ($interactive) {
-			goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?follow=1');
+			goaway(z_root() . '/connections#' . $result['abook']['abook_id']);
 		}
 		else {
 			json_return_and_die([ 'success' => true ]);

Zotlabs/Module/Group.php

@@ -5,8 +5,7 @@ use App;
 use Zotlabs\Web\Controller;
 use Zotlabs\Lib\Apps;
 use Zotlabs\Lib\Libsync;
-
-require_once('include/group.php');
+use Zotlabs\Lib\AccessList;
 
 class Group extends Controller {
 
@@ -41,16 +40,17 @@ class Group extends Controller {
 
 			$name = notags(trim($_POST['groupname']));
 			$public = intval($_POST['public']);
-			$r = group_add(local_channel(),$name,$public);
+			$r = AccessList::add(local_channel(),$name,$public);
+			$group_hash = $r;
+
 			if($r) {
 				info( t('Privacy group created.') . EOL );
 			}
 			else {
 				notice( t('Could not create privacy group.') . EOL );
 			}
-			goaway(z_root() . '/group');
-
 		}
+
 		if((argc() == 2) && (intval(argv(1)))) {
 			check_form_security_token_redirectOnErr('/group', 'group_edit');
 
@@ -65,10 +65,11 @@ class Group extends Controller {
 			}
 			$group = $r[0];
 			$groupname = notags(trim($_POST['groupname']));
+			$group_hash = $group['hash'];
 			$public = intval($_POST['public']);
 
 			$hookinfo = [ 'pgrp_extras' => '', 'group'=>$group['id'] ];
-                       	call_hooks ('privacygroup_extras_post',$hookinfo);
+			call_hooks('privacygroup_extras_post',$hookinfo);
 
 			if((strlen($groupname))  && (($groupname != $group['gname']) || ($public != $group['visible']))) {
 				$r = q("UPDATE pgrp SET gname = '%s', visible = %d  WHERE uid = %d AND id = %d",
@@ -79,13 +80,25 @@ class Group extends Controller {
 				);
 				if($r)
 					info( t('Privacy group updated.') . EOL );
-
-
-				Libsync::build_sync_packet(local_channel(),null,true);
 			}
-
-			goaway(z_root() . '/group/' . argv(1) . '/' . argv(2));
 		}
+
+		$channel = App::get_channel();
+
+		$default_group = ((isset($_POST['set_default_group'])) ? $group_hash : (($channel['channel_default_group'] === $group_hash) ? '' : $channel['channel_default_group']));
+		$default_acl = ((isset($_POST['set_default_acl'])) ? '<' . $group_hash . '>' : (($channel['channel_allow_gid'] === '<' . $group_hash . '>') ? '' : $channel['channel_allow_gid']));
+
+		q("update channel set channel_default_group = '%s', channel_allow_gid = '%s'
+			where channel_id = %d",
+			dbesc($default_group),
+			dbesc($default_acl),
+			intval(local_channel())
+		);
+
+		Libsync::build_sync_packet(local_channel(),null,true);
+
+		goaway(z_root() . '/group/' . argv(1) . ((argv(2)) ? '/' . argv(2) : ''));
+
 		return;
 	}
 
@@ -117,51 +130,32 @@ class Group extends Controller {
 
 		if((argc() == 1) || ((argc() == 2) && (argv(1) === 'new'))) {
 
-			$new = (((argc() == 2) && (argv(1) === 'new')) ? true : false);
-
-			$groups = q("SELECT id, gname FROM pgrp WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
-				intval(local_channel())
-			);
-
-			$i = 0;
-			foreach($groups as $group) {
-				$entries[$i]['name'] = $group['gname'];
-				$entries[$i]['id'] = $group['id'];
-				$entries[$i]['count'] = count(group_get_members($group['id']));
-				$i++;
-			}
-
 			$hookinfo = [ 'pgrp_extras' => '', 'group'=>argv(1) ];
 			call_hooks ('privacygroup_extras',$hookinfo);
 			$pgrp_extras = $hookinfo['pgrp_extras'];
 
+			$is_default_acl = ['set_default_acl', t('Post to this group by default'), 0, '', [t('No'), t('Yes')]];
+			$is_default_group = ['set_default_group', t('Add new contacts to this group by default'), 0, '', [t('No'), t('Yes')]];
+
+
 			$tpl = get_markup_template('privacy_groups.tpl');
 			$o = replace_macros($tpl, [
 				'$title' => t('Privacy Groups'),
-				'$add_new_label' => t('Add Group'),
-				'$new' => $new,
 
 				// new group form
 				'$gname' => array('groupname',t('Privacy group name')),
-				'$public' => array('public',t('Members are visible to other channels'), false),
+				'$public' => array('public',t('Members are visible to other channels'), 0, '', [t('No'), t('Yes')]),
 				'$pgrp_extras' => $pgrp_extras,
 				'$form_security_token' => get_form_security_token("group_edit"),
 				'$submit' => t('Submit'),
-
-				// groups list
-				'$title' => t('Privacy Groups'),
-				'$name_label' => t('Name'),
-				'$count_label' => t('Members'),
-				'$entries' => $entries
+				'$is_default_acl' => $is_default_acl,
+				'$is_default_group' => $is_default_group,
 			]);
 
 			return $o;
 
 		}
 
-
-
-
 		$context = array('$submit' => t('Submit'));
 		$tpl = get_markup_template('group_edit.tpl');
 
@@ -174,7 +168,7 @@ class Group extends Controller {
 					intval(local_channel())
 				);
 				if($r)
-					$result = group_rmv(local_channel(),$r[0]['gname']);
+					$result = AccessList::remove(local_channel(),$r[0]['gname']);
 				if($result) {
 					$hookinfo = [ 'pgrp_extras' => '', 'group' => argv(2) ];
 					call_hooks ('privacygroup_extras_drop',$hookinfo);
@@ -215,7 +209,7 @@ class Group extends Controller {
 			$group = $r[0];
 
 
-			$members = group_get_members($group['id']);
+			$members = AccessList::members(local_channel(), $group['id']);
 
 			$preselected = array();
 			if(count($members))	{
@@ -227,13 +221,13 @@ class Group extends Controller {
 			if($change) {
 
 				if(in_array($change,$preselected)) {
-					group_rmv_member(local_channel(),$group['gname'],$change);
+					AccessList::member_remove(local_channel(),$group['gname'],$change);
 				}
 				else {
-					group_add_member(local_channel(),$group['gname'],$change);
+					AccessList::member_add(local_channel(),$group['gname'],$change);
 				}
 
-				$members = group_get_members($group['id']);
+				$members = AccessList::members(local_channel(), $group['id']);
 
 				$preselected = array();
 				if(count($members))	{
@@ -252,9 +246,9 @@ class Group extends Controller {
 				'$gname' => array('groupname',t('Privacy group name: '),$group['gname'], ''),
 				'$gid' => $group['id'],
 				'$drop' => $drop_txt,
-				'$public' => array('public',t('Members are visible to other channels'), $group['visible'], ''),
+				'$public' => array('public',t('Members are visible to other channels'), $group['visible'], '', [t('No'), t('Yes')]),
 				'$form_security_token_edit' => get_form_security_token('group_edit'),
-				'$delete' => t('Delete Group'),
+				'$delete' => t('Delete'),
 				'$form_security_token_drop' => get_form_security_token("group_drop"),
 				'$pgrp_extras' => $pgrp_extras,
 			);
@@ -280,7 +274,7 @@ class Group extends Controller {
 				$groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode);
 			}
 			else
-				group_rmv_member(local_channel(),$group['gname'],$member['xchan_hash']);
+				AccessList::member_remove(local_channel(),$group['gname'],$member['xchan_hash']);
 		}
 
 		$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc",
@@ -302,6 +296,12 @@ class Group extends Controller {
 		$context['$desc'] = t('Click a channel to toggle membership');
 		$context['$pgrp_extras'] = $pgrp_extras;
 
+		$channel = App::get_channel();
+
+		$context['$is_default_acl'] = ['set_default_acl', t('Post to this group by default'), intval($group['hash'] === trim($channel['channel_allow_gid'], '<>')), '', [t('No'), t('Yes')]];
+		$context['$is_default_group'] = ['set_default_group', t('Add new contacts to this group by default'), intval($group['hash'] === $channel['channel_default_group']), '', [t('No'), t('Yes')]];
+
+
 		if($change) {
 			$tpl = get_markup_template('groupeditor.tpl');
 			echo replace_macros($tpl, $context);

Zotlabs/Module/Hcard.php

@@ -5,7 +5,7 @@ namespace Zotlabs\Module;
 class Hcard extends \Zotlabs\Web\Controller {
 
 	function init() {
-	
+
 	   if(argc() > 1)
 	        $which = argv(1);
 	    else {
@@ -13,12 +13,12 @@ class Hcard extends \Zotlabs\Web\Controller {
 	        \App::$error = 404;
 	        return;
 	    }
-	
+
 		logger('hcard_request: ' . $which, LOGGER_DEBUG);
 
 	    $profile = '';
 	    $channel = \App::get_channel();
-	
+
 	    if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
 	        $which = $channel['channel_address'];
 	        $profile = argv(1);
@@ -30,22 +30,22 @@ class Hcard extends \Zotlabs\Web\Controller {
 	            $profile = '';
 	        $profile = $r[0]['profile_guid'];
 	    }
-	
-		head_add_link( [ 
-			'rel'   => 'alternate', 
+
+		head_add_link( [
+			'rel'   => 'alternate',
 			'type'  => 'application/atom+xml',
 			'title' => t('Posts and comments'),
 			'href'  => z_root() . '/feed/' . $which
 		]);
 
-		head_add_link( [ 
-			'rel'   => 'alternate', 
+		head_add_link( [
+			'rel'   => 'alternate',
 			'type'  => 'application/atom+xml',
 			'title' => t('Only posts'),
 			'href'  => z_root() . '/feed/' . $which . '?f=&top=1'
 		]);
 
-	
+
 	    if(! $profile) {
 	        $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1",
 	            dbesc(argv(1))
@@ -54,20 +54,20 @@ class Hcard extends \Zotlabs\Web\Controller {
 	            \App::$profile = $x[0];
 	        }
 	    }
-	
+
 		profile_load($which,$profile);
-	
-	
+
+
 	}
-	
-	
+
+
 	function get() {
 
-		$x = new \Zotlabs\Widget\Profile();	
+		$x = new \Zotlabs\Widget\Fullprofile();
 		return $x->widget(array());
-	
+
 	}
-	
-	
-	
+
+
+
 }

Zotlabs/Module/Help.php

@@ -17,7 +17,9 @@ class Help extends \Zotlabs\Web\Controller {
 	function get() {
 		nav_set_selected('Help');
 
-		if($_REQUEST['search']) {
+		$o = '';
+
+		if(isset($_REQUEST['search']) && $_REQUEST['search']) {
 			$o .= '<div id="help-content" class="generic-content-wrapper">';
 			$o .= '<div class="section-title-wrapper">';
 			$o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>';
@@ -44,8 +46,8 @@ class Help extends \Zotlabs\Web\Controller {
 
 			return $o;
 		}
-				
-				
+
+
 		if(argc() > 2 && argv(argc()-2) === 'assets') {
 			$path = '';
 			for($x = 1; $x < argc(); $x ++) {
@@ -87,11 +89,12 @@ class Help extends \Zotlabs\Web\Controller {
 			'tutorials' => t('Tutorials')
 		];
 
+		$heading = '';
 		if(array_key_exists(argv(1), $headings))
 			$heading = $headings[argv(1)];
 
 		$content =  get_help_content();
-		
+
 		$language = determine_help_language()['language'];
 
 		return replace_macros(get_markup_template('help.tpl'), array(

Zotlabs/Module/Home.php

@@ -36,7 +36,7 @@ class Home extends Controller {
 
 		$channel = App::get_channel();
 		if (local_channel() && $channel && $channel['xchan_url'] && !$splash) {
-			$dest = (($ret['startpage']) ? $ret['startpage'] : '');
+			$dest = $ret['startpage'] ?? '';
 			if (!$dest)
 				$dest = get_config('system', 'startpage');
 			if (!$dest)