TheRON/core
1
0
Fork 0
mirror of https://framagit.org/hubzilla/core.git synced 2026-06-22 09:17:57 -04:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: TheRON:7.6
Branches Tags
TheRON:master TheRON:dev TheRON:11.2RC
TheRON:11.2.1 TheRON:11.2 TheRON:11.0 TheRON:10.6.1 TheRON:10.6 TheRON:10.4.4 TheRON:10.4.3 TheRON:10.4.2 TheRON:10.4.1 TheRON:10.4 TheRON:10.2.3 TheRON:10.2.2 TheRON:10.2.1 TheRON:10.2 TheRON:10.0.8 TheRON:10.0.7 TheRON:10.0.6 TheRON:10.0.5 TheRON:10.0.4 TheRON:10.0.3 TheRON:10.0.2 TheRON:10.0.1 TheRON:10.0 TheRON:9.4.4 TheRON:9.4.3 TheRON:9.4.2 TheRON:9.4.1 TheRON:9.4 TheRON:9.2.1 TheRON:9.2 TheRON:9.0.2 TheRON:9.0.1 TheRON:9.0 TheRON:8.8.8 TheRON:8.8.7 TheRON:8.8.6 TheRON:8.8.5 TheRON:8.8.4 TheRON:8.8.3 TheRON:8.8.2 TheRON:8.8.1 TheRON:8.8 TheRON:8.6.3 TheRON:8.6.2 TheRON:8.6.1 TheRON:8.6 TheRON:8.4.2 TheRON:8.4.1 TheRON:8.4 TheRON:8.2 TheRON:8.0 TheRON:7.8.7 TheRON:7.8.6 TheRON:7.8.5 TheRON:7.8.4 TheRON:7.8.3 TheRON:7.8.2 TheRON:7.8.1 TheRON:7.8 TheRON:7.6.1 TheRON:7.6 TheRON:7.4 TheRON:7.2.2 TheRON:7.2.1 TheRON:7.2 TheRON:7.0.3 TheRON:7.0.2 TheRON:7.0.1 TheRON:7.0 TheRON:6.4.2 TheRON:6.4.1 TheRON:6.4 TheRON:6.2.2 TheRON:6.2.1 TheRON:6.2 TheRON:6.0.1 TheRON:6.0 TheRON:5.6.1 TheRON:5.6 TheRON:5.4.3 TheRON:5.4.2 TheRON:5.4.1 TheRON:5.4 TheRON:5.2.2 TheRON:5.2.1 TheRON:5.2 TheRON:5.0.8 TheRON:5.0.7 TheRON:5.0.6 TheRON:5.0.5 TheRON:5.0.4 TheRON:5.0.3 TheRON:5.0.2 TheRON:5.0.1 TheRON:5.0 TheRON:4.7.2 TheRON:4.6 TheRON:4.4.1 TheRON:4.4 TheRON:4.2.1 TheRON:4.2 TheRON:4.0.3 TheRON:4.0.2 TheRON:4.0.1 TheRON:4.0 TheRON:3.8.9 TheRON:3.8.8 TheRON:3.8.7 TheRON:3.8.6 TheRON:3.8.5 TheRON:3.8.4 TheRON:3.8.3 TheRON:3.8.2 TheRON:3.8.1 TheRON:3.8 TheRON:3.6.1 TheRON:3.6 TheRON:3.4.2 TheRON:3.4.1 TheRON:3.4 TheRON:3.2.2 TheRON:3.2.1 TheRON:3.2 TheRON:3.0.1 TheRON:3.0 TheRON:2.8.1 TheRON:2.8 TheRON:2.6.3 TheRON:2.6.2 TheRON:2.6.1 TheRON:2.6 TheRON:2.4.2 TheRON:2.4 TheRON:2.2 TheRON:2.0 TheRON:1.14.2 TheRON:1.14 TheRON:1.12 TheRON:1.10 TheRON:1.8 TheRON:1.6 TheRON:1.4 TheRON:1.3.1 TheRON:1.3 TheRON:1.2 TheRON:1.1 TheRON:1.0 TheRON:0.11 TheRON:0.10 TheRON:0.9 TheRON:0.8
...
compare: TheRON:7.8.5
Branches Tags
TheRON:dev TheRON:master TheRON:11.2RC
TheRON:11.2.1 TheRON:11.2 TheRON:11.0 TheRON:10.6.1 TheRON:10.6 TheRON:10.4.4 TheRON:10.4.3 TheRON:10.4.2 TheRON:10.4.1 TheRON:10.4 TheRON:10.2.3 TheRON:10.2.2 TheRON:10.2.1 TheRON:10.2 TheRON:10.0.8 TheRON:10.0.7 TheRON:10.0.6 TheRON:10.0.5 TheRON:10.0.4 TheRON:10.0.3 TheRON:10.0.2 TheRON:10.0.1 TheRON:10.0 TheRON:9.4.4 TheRON:9.4.3 TheRON:9.4.2 TheRON:9.4.1 TheRON:9.4 TheRON:9.2.1 TheRON:9.2 TheRON:9.0.2 TheRON:9.0.1 TheRON:9.0 TheRON:8.8.8 TheRON:8.8.7 TheRON:8.8.6 TheRON:8.8.5 TheRON:8.8.4 TheRON:8.8.3 TheRON:8.8.2 TheRON:8.8.1 TheRON:8.8 TheRON:8.6.3 TheRON:8.6.2 TheRON:8.6.1 TheRON:8.6 TheRON:8.4.2 TheRON:8.4.1 TheRON:8.4 TheRON:8.2 TheRON:8.0 TheRON:7.8.7 TheRON:7.8.6 TheRON:7.8.5 TheRON:7.8.4 TheRON:7.8.3 TheRON:7.8.2 TheRON:7.8.1 TheRON:7.8 TheRON:7.6.1 TheRON:7.6 TheRON:7.4 TheRON:7.2.2 TheRON:7.2.1 TheRON:7.2 TheRON:7.0.3 TheRON:7.0.2 TheRON:7.0.1 TheRON:7.0 TheRON:6.4.2 TheRON:6.4.1 TheRON:6.4 TheRON:6.2.2 TheRON:6.2.1 TheRON:6.2 TheRON:6.0.1 TheRON:6.0 TheRON:5.6.1 TheRON:5.6 TheRON:5.4.3 TheRON:5.4.2 TheRON:5.4.1 TheRON:5.4 TheRON:5.2.2 TheRON:5.2.1 TheRON:5.2 TheRON:5.0.8 TheRON:5.0.7 TheRON:5.0.6 TheRON:5.0.5 TheRON:5.0.4 TheRON:5.0.3 TheRON:5.0.2 TheRON:5.0.1 TheRON:5.0 TheRON:4.7.2 TheRON:4.6 TheRON:4.4.1 TheRON:4.4 TheRON:4.2.1 TheRON:4.2 TheRON:4.0.3 TheRON:4.0.2 TheRON:4.0.1 TheRON:4.0 TheRON:3.8.9 TheRON:3.8.8 TheRON:3.8.7 TheRON:3.8.6 TheRON:3.8.5 TheRON:3.8.4 TheRON:3.8.3 TheRON:3.8.2 TheRON:3.8.1 TheRON:3.8 TheRON:3.6.1 TheRON:3.6 TheRON:3.4.2 TheRON:3.4.1 TheRON:3.4 TheRON:3.2.2 TheRON:3.2.1 TheRON:3.2 TheRON:3.0.1 TheRON:3.0 TheRON:2.8.1 TheRON:2.8 TheRON:2.6.3 TheRON:2.6.2 TheRON:2.6.1 TheRON:2.6 TheRON:2.4.2 TheRON:2.4 TheRON:2.2 TheRON:2.0 TheRON:1.14.2 TheRON:1.14 TheRON:1.12 TheRON:1.10 TheRON:1.8 TheRON:1.6 TheRON:1.4 TheRON:1.3.1 TheRON:1.3 TheRON:1.2 TheRON:1.1 TheRON:1.0 TheRON:0.11 TheRON:0.10 TheRON:0.9 TheRON:0.8

167 Commits
7.6 ... 7.8.5

Author SHA1 Message Date
Mario
53152e2ef5 version 7.8.5 2022-11-13 19:44:08 +00:00
Mario
ca6ba92d82 Merge branch 'dev' 2022-11-13 19:43:12 +00:00
Mario
04516b787a update changelog 2022-11-13 19:42:07 +00:00
Mario
6e124a4d72 changelog 2022-11-13 19:40:03 +00:00
Mario
6da65c7ddc cast the type to update if it is an edit 2022-11-13 17:13:33 +00:00
Mario
9eb332f032 allow to look for pubstream items if we do not own one but make sure the permissons are checked correctly 2022-11-10 17:57:26 +00:00
Mario
30ddee65a4 fix wrong array key and undefined array key 2022-11-10 10:48:24 +00:00
Mario
63dc8d7fc4 fix undefined variable 2022-11-10 10:37:41 +00:00
Mario
a1a287bac7 fix typo in variable name 2022-11-10 10:34:05 +00:00
Mario
e9b786d5e8 Ãwrong array key 2022-11-09 13:05:48 +00:00
Mario
ad9fb411f6 address issue #1705 2022-11-09 11:52:55 +00:00
Mario
1ff982983e items_fetch(): check if set and if there is a value 2022-11-09 11:34:03 +00:00
Mario
8c6c43d762 items_fetch(): check if set and if there is a value 2022-11-09 11:33:10 +00:00
Mario
6baf197842 version 7.8.4 2022-11-09 09:38:09 +00:00
Mario
42e5a50e4f changelog and version 2022-11-09 09:33:18 +00:00
Mario
b713c9a491 fix new uuid created when editing post 2022-11-09 09:27:33 +00:00
Mario
64ade742d9 whitespace 2022-11-07 19:55:30 +00:00
Mario
1870c3c876 whitespace 2022-11-07 19:55:13 +00:00
Mario
23b272aafd merge conflict 2022-11-07 19:53:03 +00:00
Mario
057db41758 bump version 2022-11-07 19:50:55 +00:00
Mario
839c5a8e41 fix regression where automatically created directories were not public and pinned/featured state of apps was not displayed correctly 2022-11-07 19:41:22 +00:00
Mario
36b8b6bf6c Merge branch 'dev' 2022-11-06 08:27:18 +00:00
Mario
40d74fa779 fix case and german translation string 2022-11-06 08:27:00 +00:00
Mario
249bdeb642 Merge branch 'dev' 2022-11-05 10:26:14 +00:00
Mario
b4ee80d1ea changelog 2022-11-05 10:25:40 +00:00
Mario
96bf9d0769 version 7.8.2 2022-11-05 09:52:11 +00:00
Mario
7fc9c83986 Merge branch 'dev' 2022-11-05 09:50:55 +00:00
Mario
5502f1cc63 do not update the guid on xchan/hubloc updates and define some array keys 2022-11-04 10:31:05 +00:00
Mario
b55801323c fix warnings 2022-11-03 15:26:46 +00:00
Mario
818374c8cc wor around shares from streams not rendered correctly 2022-11-03 13:54:40 +00:00
Mario
e80191d4cd fix regression 2022-11-03 13:09:11 +00:00
Mario
c2a796b6ea rename variable and warning fixes 2022-11-03 11:57:35 +00:00
Mario
00694f0dfd css fixes 2022-11-02 19:19:24 +00:00
Mario
134f4c5b52 undefined array key 2022-11-02 18:59:47 +00:00
Mario
0840fc42f9 php warning 2022-11-02 18:49:36 +00:00
Mario
2650a647e9 php warnings 2022-11-02 18:32:52 +00:00
Mario Vavti
3311269162 throw a 404 if we could not determine which channel to load 2022-11-02 17:52:19 +01:00
Mario
b2172d39f6 re-install: if we have a cashed entry, make sure we fetch the latest 2022-11-02 15:54:12 +00:00
Mario Vavti
f4d39bd3c8 fix more php warnings 2022-11-02 16:52:42 +01:00
Mario Vavti
1cf659033b set hubloc_connected in mod fhublocs otherwise the hublocs might be removed by prune_hub_reinstalls() 2022-11-02 10:38:40 +01:00
Mario
3dc5527690 css variables 2022-10-31 14:01:00 +00:00
Mario
81b02d04b5 version 7.8.1 2022-10-26 21:57:53 +00:00
Mario
95f6f9e10a Merge branch 'dev' 2022-10-26 21:56:32 +00:00
Mario
9554f53519 update version and changelog 2022-10-26 21:54:29 +00:00
Mario
5d7081a224 fix php warnings 2022-10-26 21:40:27 +00:00
Mario
9cbdf3f31f wrong argument in documentation 2022-10-26 19:27:15 +00:00
Mario
c8bc1b560b missing field in query 2022-10-26 19:11:13 +00:00
Mario
40ae6b396f fix php warnings 2022-10-26 18:12:56 +00:00
Mario
9c117ffa05 fix php warnings 2022-10-26 15:56:41 +00:00
Mario Vavti
9e95f189ed fix php warnings 2022-10-26 17:56:04 +02:00
Mario Vavti
221b31bcc6 fix php warnings 2022-10-25 19:06:17 +02:00
Mario Vavti
8879776d64 fix php warnings 2022-10-23 14:02:19 +02:00
Mario
5edd13c6bb fix various issues 2022-10-21 11:20:23 +02:00
Mario
7ca289edd0 fix php warnings 2022-10-20 19:25:01 +00:00
Mario
bf434818d7 fix php warnings 2022-10-20 13:16:03 +00:00
Mario
03aeb88832 fix php warnings 2022-10-20 10:25:11 +00:00
Mario Vavti
bb5b33a0d3 fix more php warnings 2022-10-20 11:40:31 +02:00
Mario Vavti
53931017b9 fix php warnings 2022-10-20 11:15:06 +02:00
Mario Vavti
e9ca17cec1 fix php warnings 2022-10-18 12:39:13 +02:00
Mario
f70956964b fix php warning 2022-10-14 15:23:23 +00:00
Mario Vavti
4547a9d9d3 catch decryption failure edgecase 2022-10-14 17:13:23 +02:00
Mario Vavti
71accb6b0a fix php warnings 2022-10-13 16:38:18 +02:00
Mario Vavti
2a95500b65 fix more php warnings 2022-10-13 13:15:08 +02:00
Mario Vavti
2ddad66ce7 mod dirsearch: fix php warnings 2022-10-13 12:48:22 +02:00
Mario
108be24aed remove logging 2022-10-12 19:39:15 +00:00
Mario
71efb05658 fix php warnings 2022-10-12 19:36:24 +00:00
Mario
a9a36894cb fix php warnings 2022-10-12 12:15:30 +00:00
Mario
bc9778e02f poco: remove unused parameters 2022-10-12 10:02:18 +00:00
Mario
a83d2efe84 remove dead code and deal with conv privacy mismatches in Activity::store() 2022-10-12 09:47:47 +00:00
Mario
d3856caf81 composer update michelf/php-markdown 2022-10-12 09:09:55 +00:00
Mario
e1f9b1c47d composer update jbroadway/urlify 2022-10-12 09:01:22 +00:00
Mario
497c953d0e composer update bshaffer/oauth2-server-php 2022-10-12 08:54:51 +00:00
Mario
bec76bd057 composer update ezyang/htmlpurifier 2022-10-12 08:53:14 +00:00
Mario
54f4762e1a composer update symfony 2022-10-12 08:48:27 +00:00
Mario
8bf5c18425 composer update ramsey/uuid 2022-10-12 08:45:01 +00:00
Mario
c36bb17475 composer update sabre 2022-10-12 08:42:41 +00:00
Mario
2291fcdf11 composer update simplepie 2022-10-12 08:28:35 +00:00
Mario
4070c46d15 composer update smarty 2022-10-11 19:20:46 +00:00
Mario
a749db8d0f composer update twbs 2022-10-11 18:45:17 +00:00
Mario
10ba98c4f5 Revert "update composer libs" 
This reverts commit 108a3efe0b.
 2022-10-11 18:41:34 +00:00
Mario
108a3efe0b update composer libs 2022-10-11 18:34:03 +00:00
Mario
ccd826f63a Revert "update composer libs" 
This reverts commit 5e5f0aa955.
 2022-10-11 18:29:06 +00:00
Mario
5e5f0aa955 update composer libs 2022-10-11 18:18:57 +00:00
Mario
f9a4c53e3f jQuery.timeago.settings.strings should not be in document.ready 2022-10-11 10:03:05 +00:00
Mario
60b576568e more css fixes 2022-10-11 09:45:12 +00:00
Mario
d0e1b73205 css fixes 2022-10-11 09:18:40 +00:00
Mario
ef2448e17e Merge branch '7.8RC' 2022-10-10 18:05:26 +00:00
Mario
99a5cf1ad4 version 7.8 2022-10-10 18:03:48 +00:00
Mario
bc3113ae16 Merge branch 'dev' into 7.8RC 2022-10-10 16:50:04 +00:00
Mario
fb475da008 update changelog 2022-10-10 16:37:24 +00:00
Mario
d5fc3ad646 Merge branch 'dev' into 7.8RC 2022-10-10 16:29:50 +00:00
Mario
8b7da6e318 spanish translations as per Manuel 2022-10-10 15:06:48 +00:00
Mario
ed208c4bcc update changelog 2022-10-10 15:02:37 +00:00
Mario
6ab65519a0 when updating hubloc_connected also update hubloc_updated 
(cherry picked from commit 4549bc89ec)
 2022-10-05 10:49:19 +02:00
Mario
4549bc89ec when updating hubloc_connected also update hubloc_updated 2022-10-05 08:41:31 +00:00
Mario
a0430f91bd fix owa in case of hub reinstalls 2022-09-30 10:25:46 +00:00
Mario
624bb1db8d Merge branch 'dev' into 7.8RC 2022-09-30 07:56:24 +00:00
Mario
9f522bbe6c update strings 2022-09-30 07:54:46 +00:00
Mario
931da3b4f7 Merge branch 'dev' into 7.8RC 2022-09-30 07:38:47 +00:00
Mario
5a25fd54a4 fix issue #1694 2022-09-30 07:14:47 +00:00
Mario
9f0f4c50a4 update htconfig.tpl 2022-09-30 06:43:53 +00:00
Mario
0bf3d31578 make it an info 2022-09-29 15:36:02 +00:00
Mario Vavti
8ca293c3e4 Merge branch 'dev' of https://framagit.org/hubzilla/core into dev 2022-09-29 16:59:07 +02:00
Mario Vavti
ba0c877ffc fix menu item display issue 2022-09-29 16:56:54 +02:00
Mario
b8e00c2dc9 remove custom navbar override from repo 2022-09-29 14:19:14 +00:00
Mario
2dd48898a8 Merge branch 'dev' into 'dev' 
GERMAN TRANSLATION - fix for minutes, hours, years,... by polls in .po file and translation more competed  pdpr1 and SiteTOS added

See merge request hubzilla/core!2027
 2022-09-29 14:16:22 +00:00
Rock
66fc807655 GERMAN TRANSLATION - fix for minutes, hours, years,... by polls in .po file and translation more competed pdpr1 and SiteTOS added 2022-09-29 14:16:22 +00:00
Mario
653eb2909b Merge branch 'dev' into 7.8RC 2022-09-29 09:03:29 +00:00
Mario
72520a2dd9 fix hq widget displaying superblocked items 2022-09-29 08:58:36 +00:00
Mario
a7d4666a70 Merge branch 'dev' into 7.8RC 2022-09-28 15:21:34 +00:00
Mario
13476d5003 remove unnecessary check 2022-09-28 15:21:11 +00:00
Mario
879cdedec3 Merge branch 'dev' into 7.8RC 2022-09-28 10:35:36 +00:00
Mario
05bd2a1f9e one more hub reinstall fix 2022-09-28 10:35:09 +00:00
Mario
c49d1547c4 Merge branch 'dev' into 7.8RC 2022-09-28 10:27:58 +00:00
Mario
ad35363c2e hub reinstall issues 2022-09-28 10:27:35 +00:00
Mario
b3f70140e5 Merge branch 'dev' into 7.8RC 2022-09-27 08:59:44 +00:00
Mario
2f21dc50b4 fix mod poke 2022-09-27 08:59:08 +00:00
Mario
cbd8c2483b fix versionà 2022-09-26 08:33:47 +00:00
Mario
03475bfb15 Ãfix regression 2022-09-26 08:31:57 +00:00
Mario
bb9411e7dc update dev version 2022-09-26 07:16:11 +00:00
Mario
bce4e2d022 update version and strings 2022-09-26 07:13:01 +00:00
Mario
7cfc14fef7 emit a notice if an item was deleted - issue #1691 2022-09-22 12:50:11 +00:00
Mario
f220cf3173 fix issue #1687 2022-09-22 12:02:21 +00:00
Mario
725359b1aa fix issue #1690 2022-09-22 10:55:58 +00:00
Mario
937d6cb1ef php8: fix warnings 2022-09-22 06:31:35 +00:00
Mario
118a5edebc fix warnings and regressions 2022-09-15 09:19:55 +00:00
Mario
1b4333e8d9 chek permissions in get_things() - partly fixes issue #1686 a lot more work is requird though 2022-09-14 18:35:36 +00:00
Mario
d66a0b50e9 address issue #1688 2022-09-14 17:43:12 +00:00
Mario
1d56b9a1bb php8: warning fixes 2022-09-14 12:31:19 +00:00
Mario
96535ee4df make actor_store() fetch the actor object if none is provided, remove announce from the is_response array and provide a function to find the attributedTo url 2022-09-13 11:20:35 +00:00
Mario
b55f314d7e php8: fix warnings 2022-09-11 18:26:27 +00:00
Mario
480862d714 php8: fix more warnings 2022-09-11 14:58:40 +00:00
Mario
990a3af2a7 php8: random cleanup and warning fixes 2022-09-08 20:02:22 +00:00
Mario
1f5a23143a remove debug code 2022-09-07 18:07:38 +00:00
Mario
fcfb9e9758 fix random php warnings 2022-09-07 12:50:46 +00:00
Mario
9beee689ce fix display of star and dreport links 2022-09-06 11:32:27 +00:00
Mario
2c388c3833 add missing modal 2022-09-06 10:52:59 +00:00
Mario
1a75066616 revert: do not wrap multi line code blocks into pre tag 2022-09-06 10:27:01 +00:00
Mario
3dfb0bcae9 do not wrap multi line code blocks into pre tag 2022-09-06 09:21:39 +00:00
Mario
9ac0b77e92 fix missing closing div tag if there are no recent channel activities to display 2022-09-05 08:04:37 +00:00
Mario
6421a32520 fix issue where an unkown diaspora author was not imported if the comment arrived via a relayed activity and a minor css fix 2022-08-30 13:51:59 +00:00
Mario
fdcae52740 do not escape tags here since it will destroy additional query params 2022-08-21 18:21:05 +00:00
Mario
a8752844ef Activity: check for other forms of as:Public, Search: make sure to run htmlspecialchars_decode on the AP url so that previously encoded chars will be decoded again 2022-08-21 16:02:51 +00:00
Mario
e04ce5028e more css fixes 2022-08-20 15:53:09 +00:00
Mario
f2c4d80ac0 more css fixes 2022-08-20 15:10:16 +00:00
Mario
d8a6226805 fix syntax error 2022-08-20 11:26:28 +00:00
Mario
fedf60a32c redbasic dark: fixes 2022-08-20 11:23:46 +00:00
Mario
b3548fefc1 bump version 2022-08-20 10:07:57 +00:00
Mario
febd64c527 pdledit_gui: fix offcanvas 2022-08-20 10:06:04 +00:00
Mario
d67a5c5070 redbasic dark schema major cleanup 2022-08-20 09:56:23 +00:00
Mario
aefe7ddd8f redbasic: make use of css variables and implement link_hover_colour 2022-08-20 09:31:30 +00:00
Mario
254dea7558 more css fixes 2022-08-19 15:02:06 +00:00
Mario
b1550f7922 more css fixes 2022-08-19 14:34:09 +00:00
Mario
2d07c3e45d more bs upgrade fixes 2022-08-19 13:39:31 +00:00
Mario
e5f3406cb5 time for a new screenshot 2022-08-19 13:30:38 +00:00
Mario
185ddf1eaf update to bootstrap 5.2 and fixes 2022-08-19 13:15:48 +00:00
Mario Vavti
2734335869 version 2022-08-07 14:16:56 +02:00
Mario Vavti
0132c4e36e Merge branch 'dev' 2022-08-07 14:16:31 +02:00
Mario Vavti
7dee47183d changelog 2022-08-07 14:16:00 +02:00
Mario Vavti
9c4988c297 Merge branch 'dev' 2022-08-07 14:07:10 +02:00
Mario Vavti
3bfbc70587 check against null 2022-08-07 14:06:08 +02:00
Mario Vavti
34858fce1c Merge branch 'dev' 2022-08-07 12:17:56 +02:00
Mario Vavti
b47dab0ee9 update widget description 2022-08-05 12:45:43 +02:00
Mario Vavti
6eeb033b96 only decode attachment and iconfig for nonresponse activities 2022-08-04 12:42:35 +02:00
Mario Vavti
0679cb8e00 fix wrong attribution in unseen like notifications 2022-08-04 12:13:00 +02:00
Mario
3abc9ee387 fix regression in dark schema 
(cherry picked from commit 2e9211cf41)
 2022-07-27 09:29:22 +02:00
Mario
2e9211cf41 fix regression in dark schema 2022-07-27 07:27:51 +00:00
1050 changed files with 81377 additions and 78426 deletions
Expand all files Collapse all files

86
CHANGELOG
View File

@@ -1,5 +1,89 @@
Hubzilla 7.8.5 (2022-11-13)
- Fix outbound edit activity not of type update
- Fix mod display not falling through to fetch public item
- Fix more PHP warnings
- Fix regression in items_fetch() which resulted in empty atom feed
- Pubcrawl: cleanup and slightly restructre mod inbox
Hubzilla 7.8.4 (2022-11-09)
- Fix new uuid created when editing a post
Hubzilla 7.8.3 (2022-11-07)
- Fix regression where auto created directories were not created with public permissions
- Fix regression where pinned/featured state of apps was not displayed correctly
Hubzilla 7.8.2 (2022-11-05)
- Pubcrawl: fix regression in inbox
- Fix display issue of shares coming from streams
- Throw a 404 if we could not determine which channel to load
- If we have a cached xchan/hubloc entry, make sure we fetch the latest
- Gallery: paint the background grid with css
Hubzilla 7.8.1 (2022-10-26)
- Silence tons of PHP warnings in core
- Catch decryption failure edgecase in receiver
- Deal with conversation privacy mismatches in Activity::store()
- Composer libs updates
- Fix timeago strings not always translated
- Fix edit link regression in cards addon
- Fix edit link regression in article addon
Hubzilla 7.8 (2022-10-10)
- Updated spanish translations
- Always update hubloc_updated timestamp if a hubloc is updated
- Do better with re-installs in various situations
- Update htconfig templates
- Emit an info if an item is deleted manually (issue #1691)
- Updated german translations
- Make Activity::actor_store() fetch the actor object if none is provided
- Check for various forms of as:Public for compatibility
- Cleanup dark schema
- Make use of CSS variables in redbasic
- Implement link hover color in redbasic
- Update to bootstrap version 5.2 which implements CSS variables
Bugfixes
- Fix stream filter for polls and events does not work anymore (issue #1694)
- Fix item menu display issue
- Fix HQ widget displaying superblocked items
- Fix mod poke
- Fix link to article or card not processed correctly if umlauts are involved (issue #1687)
- Fix mod siteinfo containing a dead link (issue #1690)
- Fix permission issue when displaying things (issue #1686).
- Fix check for existing profiles (issue #1688)
- Fix modal missing for conversation settings
- Fix missing closing div tag if there are no recent channel activities
- Fix issue where an unkown diaspora author was not imported if the comment arrived via a relayed activity
- Fix mangled xchan_url due to escape_tags()
- Fix the AP url not decode bin mod search
- Fix some php warnings
Addons
- Wiki: move create_missing_page() from widget to module
- Superblock: implement blocking for messages widget_item
- Diaspora: fix verification of relayed comments and likes
- Pubcrawl: make sure to store the attributedTo actor in announce activities
- Diaspora: fix issue where an unkown author was not imported if the comment arrived via a relayed activity
Hubzilla 7.6.1 (2022-08-07)
Bugfixes
- Fix attachments displayed in visible response activities
- Fix wrong attribution in unseen like notifications
Addons
- Cards: fix widget not implemented via pdl file (requires re-install)
- Articles: fix widget not implemented via pdl file (requires re-install)
- Wiki: fix widget not implemented via pdl file (requires re-install)
Hubzilla 7.6 (2022-07-26)
- Add filter rule to check for false conition
- Add filter rule to check for false condition
- Implement HQ dashboard to display recently created content for various modules
- Updated spanish translations
- Implement a max oembed size which defaults to 1MB

5
Zotlabs/Access/AccessList.php
View File

@@ -139,6 +139,11 @@ class AccessList {
* @param boolean $explicit (optional) default true
*/
function set_from_array($arr, $explicit = true) {
$arr['contact_allow'] = $arr['contact_allow'] ?? [];
$arr['group_allow'] = $arr['group_allow'] ?? [];
$arr['contact_deny'] = $arr['contact_deny'] ?? [];
$arr['group_deny'] = $arr['group_deny'] ?? [];
$this->allow_cid = perms2str((is_array($arr['contact_allow']))
? $arr['contact_allow'] : explode(',', $arr['contact_allow']));
$this->allow_gid = perms2str((is_array($arr['group_allow']))

3
Zotlabs/Daemon/Checksites.php
View File

@@ -10,6 +10,9 @@ class Checksites {
logger('checksites: start');
$site_id = '';
$sql_options = '';
if (($argc > 1) && ($argv[1]))
$site_id = $argv[1];

2
Zotlabs/Daemon/Externals.php
View File

@@ -133,7 +133,7 @@ class Externals {
continue;
}
$obj_id = isset($message['object']['id']) ?? $message['object'];
$obj_id = $message['object']['id'] ?? $message['object'];
Libzot::fetch_conversation($importer, $obj_id);
$total++;

7
Zotlabs/Daemon/Gprobe.php
View File

@@ -38,10 +38,9 @@ class Gprobe {
if ($url) {
$zf = Zotfinger::exec($url, null);
}
if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) {
Libzot::import_xchan($zf['data']);
if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $url && intval($zf['signature']['header_valid'])) {
Libzot::import_xchan($zf['data']);
}
}
}

15
Zotlabs/Daemon/Notifier.php
View File

@@ -111,6 +111,12 @@ class Notifier {
$sys = get_sys_channel();
$normal_mode = true;
$upstream = false;
$uplink = false;
$target_item = null;
$parent_item = null;
$top_level_post = false;
$relay_to_owner = false;
if ($cmd === 'keychange') {
self::$channel = channelx_by_n($item_id);
@@ -360,8 +366,6 @@ class Notifier {
// the hostname in the message_id and provides a second (fallback) opinion.
$relay_to_owner = (!$top_level_post && intval($target_item['item_origin']) && comment_local_origin($target_item));
$uplink = false;
$upstream = false;
// $cmd === 'relay' indicates the owner is sending it to the original recipients
// don't allow the item in the relay command to relay to owner under any circumstances, it will loop
@@ -647,13 +651,14 @@ class Notifier {
// This shouldn't produce false positives on comment boosts that were generated on other platforms
// because we won't be delivering them.
if (isset($target_item) && isset($target_item['verb']) && $target_item['verb'] === 'Announce' && $target_item['author_xchan'] === $target_item['owner_xchan'] && ! intval($target_item['item_thread_top'])) {
if (isset($target_item['verb']) && $target_item['verb'] === 'Announce' && $target_item['author_xchan'] === $target_item['owner_xchan'] && ! intval($target_item['item_thread_top'])) {
continue;
}
$hash = new_uuid();
$env = (($hub_env && $hub_env[$hub['hubloc_site_id']]) ? $hub_env[$hub['hubloc_site_id']] : '');
$env = $hub_env[$hub['hubloc_site_id']] ?? '';
if ((self::$private) && (!$env)) {
continue;
}
@@ -690,7 +695,7 @@ class Notifier {
}
if ($normal_mode) {
if ($normal_mode && is_array($target_item)) {
// This wastes a process if there are no delivery hooks configured, so check this before launching the new process
$x = q("select * from hook where hook = 'notifier_normal'");
if ($x) {

3
Zotlabs/Daemon/Onepoll.php
View File

@@ -46,6 +46,7 @@ class Onepoll {
}
$contact = $contacts[0];
$importer_uid = $contact['abook_channel'];
$importer = channelx_by_n($importer_uid);
@@ -53,7 +54,7 @@ class Onepoll {
if (!$importer)
return;
logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
logger("onepoll: poll: ($contact_id) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
$last_update = ((($contact['abook_updated'] === $contact['abook_created']) || ($contact['abook_updated'] <= NULL_DATE))
? datetime_convert('UTC', 'UTC', 'now - 7 days')

4
Zotlabs/Lib/ASCollection.php
View File

@@ -24,6 +24,8 @@ class ASCollection {
$this->direction = $direction;
$this->limit = $limit;
$data = null;
if (is_array($obj)) {
$data = $obj;
}
@@ -147,4 +149,4 @@ class ASCollection {
}
logger('nextpage: ' . $this->nextpage, LOGGER_DEBUG);
}
}
}

15
Zotlabs/Lib/AbConfig.php
View File

@@ -6,12 +6,17 @@ namespace Zotlabs\Lib;
class AbConfig {
static public function Load($chan,$xhash,$family = '') {
if($family)
$where = '';
if($family) {
$where = sprintf(" and cat = '%s' ",dbesc($family));
}
$r = q("select * from abconfig where chan = %d and xchan = '%s' $where",
intval($chan),
dbesc($xhash)
);
return $r;
}
@@ -21,7 +26,7 @@ class AbConfig {
intval($chan),
dbesc($xhash),
dbesc($family),
dbesc($key)
dbesc($key)
);
if($r) {
return ((preg_match('|^a:[0-9]+:{.*}$|s', $r[0]['v'])) ? unserialize($r[0]['v']) : $r[0]['v']);
@@ -41,19 +46,19 @@ class AbConfig {
dbesc($xhash),
dbesc($family),
dbesc($key),
dbesc($dbvalue)
dbesc($dbvalue)
);
}
else {
$r = q("update abconfig set v = '%s' where chan = %d and xchan = '%s' and cat = '%s' and k = '%s' ",
dbesc($dbvalue),
dbesc($dbvalue),
dbesc($chan),
dbesc($xhash),
dbesc($family),
dbesc($key)
);
}
if($r)
return $value;
return false;

263
Zotlabs/Lib/Activity.php
View File

@@ -68,6 +68,10 @@ class Activity {
else {
$m = parse_url($url);
if (!$m) {
return null;
}
// handle bearcaps
if ($m['scheme'] === 'bear') {
$params = explode('&', $m['query']);
@@ -117,7 +121,7 @@ class Activity {
$y = json_decode($x['body'], true);
logger('returned: ' . json_encode($y, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES), LOGGER_DEBUG);
if (ActivityStreams::is_an_actor($y['type'])) {
if (isset($y['type']) && ActivityStreams::is_an_actor($y['type'])) {
XConfig::Set($y['id'], 'system', 'actor_record', $y);
}
@@ -415,7 +419,7 @@ class Activity {
$objtype = self::activity_obj_mapper($i['obj_type']);
}
if ($i['obj']) {
if (isset($i['obj']) && $i['obj']) {
$ret = Activity::encode_object($i['obj']);
}
@@ -430,7 +434,7 @@ class Activity {
return $ret;
}
if ($i['obj']) {
if (isset($i['obj']) && $i['obj']) {
if (is_array($i['obj'])) {
$ret = $i['obj'];
}
@@ -541,6 +545,7 @@ class Activity {
call_hooks('encode_item', $hookinfo);
return $hookinfo['encoded'];
}
@@ -646,15 +651,15 @@ class Activity {
$ret = [];
if (is_array($item['attachment']) && $item['attachment']) {
if (isset($item['attachment'])) {
$ptr = $item['attachment'];
if (!array_key_exists(0, $ptr)) {
$ptr = [$ptr];
}
foreach ($ptr as $att) {
$entry = [];
if ($att['type'] === 'PropertyValue') {
if (array_key_exists('name', $att) && $att['name']) {
if (isset($att['type']) && $att['type'] === 'PropertyValue') {
if (isset($att['name'])) {
$key = explode('.', $att['name']);
if (count($key) === 3 && $key[0] === 'zot') {
$entry['cat'] = $key[1];
@@ -674,7 +679,7 @@ class Activity {
$ret = [];
if (array_key_exists('attachment', $item) && is_array($item['attachment'])) {
if (isset($item['attachment'])) {
$ptr = $item['attachment'];
if (!array_key_exists(0, $ptr)) {
$ptr = [$ptr];
@@ -717,7 +722,7 @@ class Activity {
$ret['type'] = self::activity_mapper($i['verb']);
if (intval($i['item_deleted']) && !$recurse) {
if ((isset($i['item_deleted']) && intval($i['item_deleted'])) && !$recurse) {
$is_response = false;
if (ActivityStreams::is_response_activity($ret['type'])) {
@@ -801,10 +806,10 @@ class Activity {
$ret['diaspora:guid'] = $i['uuid'];
if ($i['title'])
if (isset($i['title']) && $i['title'])
$ret['name'] = html2plain(bbcode($i['title'], ['cache' => true]));
if ($i['summary'])
if (isset($i['summary']) && $i['summary'])
$ret['summary'] = bbcode($i['summary'], ['cache' => true]);
if ($ret['type'] === 'Announce') {
@@ -816,13 +821,18 @@ class Activity {
];
}
$ret['published'] = datetime_convert('UTC', 'UTC', $i['created'], ATOM_TIME);
if ($i['created'] !== $i['edited'])
$ret['published'] = ((isset($i['created'])) ? datetime_convert('UTC', 'UTC', $i['created'], ATOM_TIME) : datetime_convert());
if (isset($i['created'], $i['edited']) && $i['created'] !== $i['edited']) {
$ret['updated'] = datetime_convert('UTC', 'UTC', $i['edited'], ATOM_TIME);
if ($i['app']) {
if ($ret['type'] === 'Create') {
$ret['type'] = 'Update';
}
}
if (isset($i['app']) && $i['app']) {
$ret['generator'] = ['type' => 'Application', 'name' => $i['app']];
}
if ($i['location'] || $i['coord']) {
if (isset($i['location']) || isset($i['coord'])) {
$ret['location'] = ['type' => 'Place'];
if ($i['location']) {
$ret['location']['name'] = $i['location'];
@@ -851,7 +861,7 @@ class Activity {
else
return [];
if ($i['obj']) {
if (isset($i['obj']) && $i['obj']) {
if (!is_array($i['obj'])) {
$i['obj'] = json_decode($i['obj'], true);
}
@@ -879,7 +889,7 @@ class Activity {
$ret['type'] = 'Invite';
}
if ($i['target']) {
if (isset($i['target']) && $i['target']) {
if (!is_array($i['target'])) {
$i['target'] = json_decode($i['target'], true);
}
@@ -1523,22 +1533,31 @@ class Activity {
}
static function actor_store($url, $person_obj, $force = false) {
static function actor_store($url, $person_obj = null, $force = false) {
if ($person_obj === null) {
$tgt = self::fetch($url);
if (is_array($tgt) && ActivityStreams::is_an_actor($tgt['type'])) {
self::actor_store($tgt['id'], $tgt);
}
return;
}
if (!is_array($person_obj)) {
return;
}
/* not implemented
if (array_key_exists('movedTo',$person_obj) && $person_obj['movedTo'] && ! is_array($person_obj['movedTo'])) {
$tgt = self::fetch($person_obj['movedTo']);
if (is_array($tgt)) {
self::actor_store($person_obj['movedTo'],$tgt);
ActivityPub::move($person_obj['id'],$tgt);
}
return;
}
if (array_key_exists('movedTo',$person_obj) && $person_obj['movedTo'] && ! is_array($person_obj['movedTo'])) {
$tgt = self::fetch($person_obj['movedTo']);
if (is_array($tgt)) {
self::actor_store($person_obj['movedTo'],$tgt);
ActivityPub::move($person_obj['id'],$tgt);
}
return;
}
*/
$ap_hubloc = null;
$hublocs = self::get_actor_hublocs($url);
@@ -1587,29 +1606,32 @@ class Activity {
// we already store this in Activity::fetch()
// XConfig::Set($url, 'system', 'actor_record', $person_obj);
$name = $person_obj['name'];
$name = $person_obj['name'] ?? '';
if (!$name) {
$name = $person_obj['preferredUsername'];
$name = $person_obj['preferredUsername'] ?? '';
}
if (!$name) {
$name = t('Unknown');
}
$webfinger_addr = '';
$hostname = '';
$baseurl = '';
$site_url = '';
$m = parse_url($url);
if ($m) {
$hostname = $m['host'];
$baseurl = $m['scheme'] . '://' . $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
$baseurl = $m['scheme'] . '://' . $m['host'] . ((isset($m['port'])) ? ':' . $m['port'] : '');
$site_url = $m['scheme'] . '://' . $m['host'];
}
if (!empty($person_obj['preferredUsername']) && isset($parsed_url['host'])) {
if (!empty($person_obj['preferredUsername']) && $hostname) {
$webfinger_addr = escape_tags($person_obj['preferredUsername']) . '@' . $hostname;
}
$icon = z_root() . '/' . get_default_profile_photo(300);
if ($person_obj['icon']) {
if (isset($person_obj['icon'])) {
if (is_array($person_obj['icon'])) {
if (array_key_exists('url', $person_obj['icon'])) {
$icon = $person_obj['icon']['url'];
@@ -1631,7 +1653,7 @@ class Activity {
$links = false;
$profile = false;
if (is_array($person_obj['url'])) {
if (isset($person_obj['url']) && is_array($person_obj['url'])) {
if (!array_key_exists(0, $person_obj['url'])) {
$links = [$person_obj['url']];
}
@@ -1640,7 +1662,7 @@ class Activity {
}
}
if ($links) {
if (is_array($links) && $links) {
foreach ($links as $link) {
if (is_array($link) && array_key_exists('mediaType', $link) && $link['mediaType'] === 'text/html') {
$profile = $link['href'];
@@ -1685,9 +1707,8 @@ class Activity {
);
// update existing xchan record
q("update xchan set xchan_name = '%s', xchan_guid = '%s', xchan_pubkey = '%s', xchan_addr = '%s', xchan_network = 'activitypub', xchan_name_date = '%s' where xchan_hash = '%s'",
q("update xchan set xchan_name = '%s', xchan_pubkey = '%s', xchan_addr = '%s', xchan_network = 'activitypub', xchan_name_date = '%s' where xchan_hash = '%s'",
dbesc(escape_tags($name)),
dbesc($url),
dbesc(escape_tags($pubkey)),
dbesc(escape_tags($webfinger_addr)),
dbescdate(datetime_convert()),
@@ -1695,8 +1716,7 @@ class Activity {
);
// update existing hubloc record
q("update hubloc set hubloc_guid = '%s', hubloc_addr = '%s', hubloc_network = 'activitypub', hubloc_url = '%s', hubloc_host = '%s', hubloc_callback = '%s', hubloc_updated = '%s', hubloc_id_url = '%s' where hubloc_hash = '%s'",
dbesc($url),
q("update hubloc set hubloc_addr = '%s', hubloc_network = 'activitypub', hubloc_url = '%s', hubloc_host = '%s', hubloc_callback = '%s', hubloc_updated = '%s', hubloc_id_url = '%s' where hubloc_hash = '%s'",
dbesc(escape_tags($webfinger_addr)),
dbesc($baseurl),
dbesc($hostname),
@@ -1715,7 +1735,7 @@ class Activity {
'xchan_guid' => $url,
'xchan_pubkey' => escape_tags($pubkey),
'xchan_addr' => $webfinger_addr,
'xchan_url' => escape_tags($profile),
'xchan_url' => $profile,
'xchan_name' => escape_tags($name),
'xchan_name_date' => datetime_convert(),
'xchan_network' => 'activitypub'
@@ -1791,9 +1811,13 @@ class Activity {
// sort function width decreasing
static function vid_sort($a, $b) {
if ($a['width'] === $b['width'])
$a_width = $a['width'] ?? 0;
$b_width = $b['width'] ?? 0;
if ($a_width === $b_width)
return 0;
return (($a['width'] > $b['width']) ? -1 : 1);
return (($a_width > $b_width) ? -1 : 1);
}
static function create_note($channel, $observer_hash, $act) {
@@ -2187,6 +2211,8 @@ class Activity {
$s['owner_xchan'] = $act->actor['id'];
$s['author_xchan'] = $act->actor['id'];
$content = [];
if (is_array($act->obj)) {
$content = self::get_content($act->obj);
}
@@ -2239,26 +2265,30 @@ class Activity {
// over-ride the object timestamp with the activity
if ($act->data['published']) {
if (isset($act->data['published'])) {
$s['created'] = datetime_convert('UTC', 'UTC', $act->data['published']);
}
if ($act->data['updated']) {
if (isset($act->data['updated'])) {
$s['edited'] = datetime_convert('UTC', 'UTC', $act->data['updated']);
}
$obj_actor = ((isset($act->obj['actor'])) ? $act->obj['actor'] : $act->get_actor('attributedTo', $act->obj));
if (!isset($obj_actor['id'])) {
return false;
}
// ensure we store the original actor
self::actor_store($obj_actor['id'], $obj_actor);
$mention = self::get_actor_bbmention($obj_actor['id']);
if ($act->type === 'Like') {
$content['content'] = sprintf(t('Likes %1$s\'s %2$s'), $mention, $act->obj['type']) . "\n\n" . $content['content'];
$content['content'] = sprintf(t('Likes %1$s\'s %2$s'), $mention, $act->obj['type']) . "\n\n" . $content['content'] ?? '';
}
if ($act->type === 'Dislike') {
$content['content'] = sprintf(t('Doesn\'t like %1$s\'s %2$s'), $mention, $act->obj['type']) . "\n\n" . $content['content'];
$content['content'] = sprintf(t('Doesn\'t like %1$s\'s %2$s'), $mention, $act->obj['type']) . "\n\n" . $content['content'] ?? '';
}
// handle event RSVPs
@@ -2277,12 +2307,6 @@ class Activity {
}
}
if ($act->type === 'Announce') {
$s['author_xchan'] = $obj_actor['id'];
$s['mid'] = $act->obj['id'];
$s['parent_mid'] = $act->obj['id'];
}
if ($act->type === 'emojiReaction') {
$content['content'] = (($act->tgt && $act->tgt['type'] === 'Image') ? '[img=32x32]' . $act->tgt['url'] . '[/img]' : '&#x' . $act->tgt['name'] . ';');
}
@@ -2316,9 +2340,6 @@ class Activity {
if ($remainder) {
$s['comment_policy'] = $remainder;
}
if (!(isset($item['comment_policy']) && strlen($item['comment_policy']))) {
$s['comment_policy'] = 'contacts';
}
}
}
@@ -2417,7 +2438,7 @@ class Activity {
$s['app'] = escape_tags($generator['name']);
}
if (!$response_activity) {
if (is_array($act->obj) && !$response_activity) {
$a = self::decode_taxonomy($act->obj);
if ($a) {
$s['term'] = $a;
@@ -2429,16 +2450,16 @@ class Activity {
}
}
}
}
$a = self::decode_attachment($act->obj);
if ($a) {
$s['attach'] = $a;
}
$a = self::decode_attachment($act->obj);
if ($a) {
$s['attach'] = $a;
}
$a = self::decode_iconfig($act->obj);
if ($a) {
$s['iconfig'] = $a;
$a = self::decode_iconfig($act->obj);
if ($a) {
$s['iconfig'] = $a;
}
}
if (array_key_exists('type', $act->obj)) {
@@ -2461,12 +2482,17 @@ class Activity {
$s['comments_closed'] = datetime_convert('UTC', 'UTC', $act->obj['closed']);
}
// we will need a hook here to extract magnet links e.g. peertube
// right now just link to the largest mp4 we find that will fit in our
// standard content region
if (!$response_activity) {
if ($act->type === 'Announce') {
$s['author_xchan'] = self::get_attributed_to_actor_url($act);
$s['mid'] = $act->obj['id'];
$s['parent_mid'] = $act->obj['id'];
}
// we will need a hook here to extract magnet links e.g. peertube
// right now just link to the largest mp4 we find that will fit in our
// standard content region
if ($act->obj['type'] === 'Video') {
$vtypes = [
@@ -2673,15 +2699,14 @@ class Activity {
}
}
if (!$s['plink']) {
if (!(isset($s['plink']) && $s['plink'])) {
$s['plink'] = $s['mid'];
}
// assume this is private unless specifically told otherwise.
$s['item_private'] = 1;
if ($act->recips && in_array(ACTIVITY_PUBLIC_INBOX, $act->recips)) {
if ($act->recips && (in_array(ACTIVITY_PUBLIC_INBOX, $act->recips) || in_array('Public', $act->recips) || in_array('as:Public', $act->recips))) {
$s['item_private'] = 0;
}
@@ -2699,7 +2724,7 @@ class Activity {
// This is a zot6 packet and the raw activitypub or diaspora message json
// is possibly available in the attachement.
if (array_key_exists('signed', $raw_arr) && is_array($act->data['attachment'])) {
if (array_key_exists('signed', $raw_arr) && isset($act->data['attachment']) && is_array($act->data['attachment'])) {
foreach($act->data['attachment'] as $a) {
if (
isset($a['type']) && $a['type'] === 'PropertyValue' &&
@@ -2719,7 +2744,7 @@ class Activity {
}
// old style: can be removed after most hubs are on 7.0.2
elseif (array_key_exists('signed', $raw_arr) && is_array($act->obj) && is_array($act->obj['attachment'])) {
elseif (array_key_exists('signed', $raw_arr) && is_array($act->obj) && isset($act->data['attachment']) && is_array($act->obj['attachment'])) {
foreach($act->obj['attachment'] as $a) {
if (
isset($a['type']) && $a['type'] === 'PropertyValue' &&
@@ -2763,6 +2788,7 @@ class Activity {
set_iconfig($s, 'activitypub', 'recips', $act->raw_recips);
$hookinfo = [
'act' => $act,
's' => $s
@@ -2770,9 +2796,7 @@ class Activity {
call_hooks('decode_note', $hookinfo);
$s = $hookinfo['s'];
return $s;
return $hookinfo['s'];
}
@@ -2866,7 +2890,7 @@ class Activity {
// The $item['item_fetched'] flag is set in fetch_and_store_parents().
// In this case we should check against author permissions because sender is not owner.
if (perm_is_allowed($channel['channel_id'], (($item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || $is_sys_channel) {
if (perm_is_allowed($channel['channel_id'], ((isset($item['item_fetched']) && $item['item_fetched']) ? $item['author_xchan'] : $observer_hash), 'send_stream') || $is_sys_channel) {
$allowed = true;
}
// TODO: not implemented
@@ -2981,18 +3005,6 @@ class Activity {
set_iconfig($item, 'activitypub', 'recips', $act->raw_recips);
// TODO: inheritPrivacy should probably be set in encode activity. Zap does not do so yet - check what this is about
if (!(isset($act->data['inheritPrivacy']) && $act->data['inheritPrivacy'])) {
if ($item['item_private']) {
$item['item_restrict'] = $item['item_restrict'] & 1;
if ($is_child_node) {
$item['allow_cid'] = '<' . $channel['channel_hash'] . '>';
$item['allow_gid'] = $item['deny_cid'] = $item['deny_gid'] = '';
}
logger('restricted');
}
}
if (intval($act->sigok)) {
$item['item_verified'] = 1;
}
@@ -3005,30 +3017,34 @@ class Activity {
dbesc($item['parent_mid']),
intval($item['uid'])
);
if (!$parent) {
if (!plugin_is_installed('pubcrawl')) {
return;
}
else {
$fetch = false;
// TODO: debug
// if (perm_is_allowed($channel['channel_id'],$observer_hash,'send_stream') && (PConfig::Get($channel['channel_id'],'system','hyperdrive',true) || $act->type === 'Announce')) {
if (perm_is_allowed($channel['channel_id'], $observer_hash, 'send_stream') || $is_sys_channel) {
$fetch = (($fetch_parents) ? self::fetch_and_store_parents($channel, $observer_hash, $item, $force) : false);
}
if ($fetch) {
$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
dbesc($item['parent_mid']),
intval($item['uid'])
);
}
else {
logger('no parent');
return;
}
}
}
if (!$parent) {
logger('no parent');
return;
}
if ($parent[0]['parent_mid'] !== $item['parent_mid']) {
$item['thr_parent'] = $item['parent_mid'];
}
@@ -3036,7 +3052,24 @@ class Activity {
$item['thr_parent'] = $parent[0]['parent_mid'];
}
$item['parent_mid'] = $parent[0]['parent_mid'];
//$item['item_private'] = $parent[0]['item_private'];
/*
*
* Check for conversation privacy mismatches
* We can only do this if we have a channel and we have fetched the parent
*
*/
// public conversation, but this comment went rogue and was published privately
// hide it from everybody except the channel owner
if (intval($parent[0]['item_private']) === 0) {
if (intval($item['item_private'])) {
$item['item_restrict'] = $item['item_restrict'] | 1;
$item['allow_cid'] = '<' . $channel['channel_hash'] . '>';
$item['allow_gid'] = $item['deny_cid'] = $item['deny_gid'] = '';
}
}
}
@@ -3791,7 +3824,7 @@ class Activity {
}
if (array_path_exists('source/mediaType', $act) && array_path_exists('source/content', $act)) {
if ($act['source']['mediaType'] === 'text/bbcode') {
if (in_array($act['source']['mediaType'], ['text/bbcode', 'text/x-multicode'])) {
$content['bbcode'] = purify_html($act['source']['content']);
}
}
@@ -3875,6 +3908,19 @@ class Activity {
return $hookdata['actor'];
}
static function get_unknown_actor($act) {
// try other get_actor providers (e.g. diaspora)
$hookdata = [
'activity' => $act,
'actor' => null
];
call_hooks('get_actor_provider', $hookdata);
return $hookdata['actor'];
}
static function get_actor_hublocs($url, $options = 'all') {
switch ($options) {
@@ -3966,4 +4012,35 @@ class Activity {
return $ret;
}
static function get_attributed_to_actor_url($act) {
$url = '';
if (!isset($act->obj['attributedTo'])) {
return $url;
}
if (is_string($act->obj['attributedTo'])) {
$url = $act->obj['attributedTo'];
}
if (is_array($act->obj['attributedTo'])) {
foreach($act->obj['attributedTo'] as $a) {
if (is_array($a) && isset($a['type']) && $a['type'] === 'Person') {
if (isset($a['id'])) {
$url = $a['id'];
break;
}
}
elseif (is_string($a)) {
$url = $a;
break;
}
}
}
return $url;
}
}

17
Zotlabs/Lib/ActivityStreams.php
View File

@@ -116,17 +116,17 @@ class ActivityStreams {
$this->obj['object'] = $this->get_compound_property($this->obj['object']);
}
if ($this->obj && is_array($this->obj) && $this->obj['actor'])
if ($this->obj && is_array($this->obj) && isset($this->obj['actor']))
$this->obj['actor'] = $this->get_actor('actor', $this->obj);
if ($this->tgt && is_array($this->tgt) && $this->tgt['actor'])
if ($this->tgt && is_array($this->tgt) && isset($this->tgt['actor']))
$this->tgt['actor'] = $this->get_actor('actor', $this->tgt);
$this->parent_id = $this->get_property_obj('inReplyTo');
if ((!$this->parent_id) && is_array($this->obj)) {
if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['inReplyTo'])) {
$this->parent_id = $this->obj['inReplyTo'];
}
if ((!$this->parent_id) && is_array($this->obj)) {
if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['id'])) {
$this->parent_id = $this->obj['id'];
}
}
@@ -294,7 +294,7 @@ class ActivityStreams {
if (!$s) {
return false;
}
return (in_array($s, ['Like', 'Dislike', 'Flag', 'Block', 'Announce', 'Accept', 'Reject', 'TentativeAccept', 'TentativeReject', 'emojiReaction', 'EmojiReaction', 'EmojiReact']));
return (in_array($s, ['Like', 'Dislike', 'Flag', 'Block', 'Accept', 'Reject', 'TentativeAccept', 'TentativeReject', 'emojiReaction', 'EmojiReaction', 'EmojiReact']));
}
/**
@@ -308,20 +308,25 @@ class ActivityStreams {
function get_actor($property, $base = '', $namespace = '') {
$x = $this->get_property_obj($property, $base, $namespace);
if ($this->is_url($x)) {
$y = Activity::get_cached_actor($x);
if ($y) {
return $y;
}
}
$actor = $this->get_compound_property($property, $base, $namespace, true);
if (is_array($actor) && self::is_an_actor($actor['type'])) {
if (array_key_exists('id', $actor) && (!array_key_exists('inbox', $actor))) {
$actor = $this->fetch_property($actor['id']);
}
return $actor;
}
return null;
return Activity::get_unknown_actor($this->data);
}

24
Zotlabs/Lib/Apps.php
View File

@@ -159,7 +159,7 @@ class Apps {
foreach(self::$available_apps as $iapp) {
if($iapp['app_id'] == hash('whirlpool',$app['name'])) {
$notfound = false;
if(($iapp['app_version'] !== $app['version'])
if((isset($app['version']) && $iapp['app_version'] !== $app['version'])
|| ($app['plugin'] && (! $iapp['app_plugin']))) {
return intval($iapp['app_id']);
}
@@ -236,6 +236,7 @@ class Apps {
$ret['photo'] = $baseurl . '/' . get_default_profile_photo(80);
$ret['type'] = 'system';
$ret['plugin'] = '';
foreach($ret as $k => $v) {
if(strpos($v,'http') === 0) {
@@ -521,8 +522,13 @@ class Apps {
$hosturl = '';
if(local_channel()) {
if(self::app_installed(local_channel(),$papp) && !$papp['deleted'])
if(self::app_installed(local_channel(),$papp)) {
$installed = true;
}
if ($installed && isset($papp['deleted']) && $papp['deleted']) {
$installed = false;
}
$hosturl = z_root() . '/';
}
@@ -595,12 +601,12 @@ class Apps {
'$edit' => ((local_channel() && $installed && $mode == 'edit') ? t('Edit') : ''),
'$delete' => ((local_channel() && $mode == 'edit') ? t('Delete') : ''),
'$undelete' => ((local_channel() && $mode == 'edit') ? t('Undelete') : ''),
'$settings_url' => ((local_channel() && $installed && $mode == 'list') ? $papp['settings_url'] : ''),
'$deleted' => $papp['deleted'],
'$settings_url' => ((local_channel() && $installed && $mode == 'list' && isset($papp['settings_url'])) ? $papp['settings_url'] : ''),
'$deleted' => $papp['deleted'] ?? false,
'$feature' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
'$pin' => ((isset($papp['embed']) || $mode == 'edit') ? false : true),
'$featured' => ((strpos($papp['categories'], 'nav_featured_app') === false) ? false : true),
'$pinned' => ((strpos($papp['categories'], 'nav_pinned_app') === false) ? false : true),
'$featured' => ((isset($papp['categories']) && strpos($papp['categories'], 'nav_featured_app') !== false) ? true : false),
'$pinned' => ((isset($papp['categories']) && strpos($papp['categories'], 'nav_pinned_app') !== false) ? true : false),
'$mode' => $mode,
'$add' => t('Add to app-tray'),
'$remove' => t('Remove from app-tray'),
@@ -639,7 +645,7 @@ class Apps {
);
if($r) {
if($app['uid']) {
if($app['categories'] && (! $app['term'])) {
if((isset($app['categories']) && $app['categories']) && !(isset($app['term']) && $app['term'])) {
$r[0]['term'] = q("select * from term where otype = %d and oid = %d",
intval(TERM_OBJ_APP),
intval($r[0]['id'])
@@ -1184,7 +1190,7 @@ class Apps {
$ret['success'] = true;
$ret['app_id'] = $darray['app_id'];
}
if($arr['categories']) {
if(isset($arr['categories']) && $arr['categories']) {
$x = q("select id from app where app_id = '%s' and app_channel = %d limit 1",
dbesc($darray['app_id']),
intval($darray['app_channel'])
@@ -1282,7 +1288,7 @@ class Apps {
intval(TERM_OBJ_APP),
intval($x[0]['id'])
);
if($arr['categories']) {
if(isset($arr['categories']) && $arr['categories']) {
$y = explode(',',$arr['categories']);
if($y) {
foreach($y as $t) {

9
Zotlabs/Lib/Connect.php
View File

@@ -69,7 +69,7 @@ class Connect {
$xchan_hash = '';
$sql_options = (($protocol) ? " and xchan_network = '" . dbesc($protocol) . "' " : '');
$r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ",
$r = q("SELECT * FROM xchan LEFT JOIN hubloc ON xchan_hash = hubloc_hash WHERE ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s') $sql_options ORDER BY hubloc_id DESC",
dbesc($url),
dbesc($url),
dbesc($url)
@@ -80,12 +80,13 @@ class Connect {
// reset results to the best record or the first if we don't have the best
// note: this is a single record and not an array of results
$r = Libzot::zot_record_preferred($r,'xchan_network');
$r = Libzot::zot_record_preferred($r, 'xchan_network');
}
$singleton = false;
$d = false;
$wf = false;
if (! $r) {
@@ -111,7 +112,7 @@ class Connect {
// something was discovered - find the record which was just created.
$r = q("select * from xchan where ( xchan_hash = '%s' or xchan_url = '%s' or xchan_addr = '%s' ) $sql_options",
dbesc(($wf) ? $wf : $url),
dbesc($wf ?? $url),
dbesc($url),
dbesc($url)
);
@@ -119,7 +120,7 @@ class Connect {
// convert to a single record (once again preferring a zot solution in the case of multiples)
if ($r) {
$r = Libzot::zot_record_preferred($r,'xchan_network');
$r = Libzot::zot_record_preferred($r, 'xchan_network');
}
}

55
Zotlabs/Lib/Enotify.php
View File

@@ -122,8 +122,11 @@ class Enotify {
// e.g. "your post", "David's photo", etc.
$possess_desc = t('%s <!item_type!>');
$parent_mid = '';
$parent_item = [];
// @@TODO: consider using switch instead of those elseif
if ($params['type'] == NOTIFY_MAIL) {
if (isset($params['type']) && $params['type'] == NOTIFY_MAIL) {
logger('notification: mail');
$subject = sprintf( t('[$Projectname:Notify] New direct message received at %s'), $sitename);
@@ -135,7 +138,7 @@ class Enotify {
$itemlink = $siteurl . '/hq/' . gen_link_id($params['item']['mid']);
}
elseif ($params['type'] === NOTIFY_COMMENT) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_COMMENT) {
//logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
@@ -167,7 +170,7 @@ class Enotify {
}
$parent_mid = $params['parent_mid'];
$parent_mid = $params['parent_mid'] ?? '';
// Check to see if there was already a notify for this post.
// If so don't create a second notification
@@ -251,7 +254,7 @@ class Enotify {
}
elseif ($params['type'] === NOTIFY_LIKE) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_LIKE) {
// logger("notification: params = " . print_r($params, true), LOGGER_DEBUG);
$itemlink = $params['link'];
@@ -264,7 +267,7 @@ class Enotify {
}
}
$parent_mid = $params['parent_mid'];
$parent_mid = $params['parent_mid'] ?? '';
// Check to see if there was already a notify for this post.
// If so don't create a second notification
@@ -335,7 +338,7 @@ class Enotify {
elseif($params['type'] === NOTIFY_WALL) {
elseif(isset($params['type']) && $params['type'] === NOTIFY_WALL) {
$subject = sprintf( t('[$Projectname:Notify] %s posted to your profile wall') , $sender['xchan_name']);
$preamble = sprintf( t('%1$s posted to your profile wall at %2$s') , $sender['xchan_name'], $sitename);
@@ -350,7 +353,7 @@ class Enotify {
$itemlink = $params['link'];
}
elseif ($params['type'] === NOTIFY_TAGSELF) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_TAGSELF) {
$p = q("select id from notify where link = '%s' and uid = %d limit 1",
dbesc($params['link']),
@@ -374,7 +377,7 @@ class Enotify {
$itemlink = $params['link'];
}
elseif ($params['type'] === NOTIFY_POKE) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_POKE) {
$subject = sprintf( t('[$Projectname:Notify] %1$s poked you') , $sender['xchan_name']);
$preamble = sprintf( t('%1$s poked you at %2$s') , $sender['xchan_name'], $sitename);
$epreamble = sprintf( t('%1$s [zrl=%2$s]poked you[/zrl].') ,
@@ -391,7 +394,7 @@ class Enotify {
$itemlink = $params['link'];
}
elseif ($params['type'] === NOTIFY_TAGSHARE) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_TAGSHARE) {
$subject = sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
@@ -404,7 +407,7 @@ class Enotify {
$itemlink = $params['link'];
}
elseif ($params['type'] === NOTIFY_INTRO) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_INTRO) {
$subject = sprintf( t('[$Projectname:Notify] Introduction received'));
$preamble = sprintf( t('You\'ve received an new connection request from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a new connection request[/zrl] from %2$s.'),
@@ -418,7 +421,7 @@ class Enotify {
$itemlink = $params['link'];
}
elseif ($params['type'] === NOTIFY_SUGGEST) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_SUGGEST) {
$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
@@ -436,11 +439,11 @@ class Enotify {
$itemlink = $params['link'];
}
elseif ($params['type'] === NOTIFY_CONFIRM) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_CONFIRM) {
// ?
}
elseif ($params['type'] === NOTIFY_SYSTEM) {
elseif (isset($params['type']) && $params['type'] === NOTIFY_SYSTEM) {
// ?
}
@@ -495,12 +498,13 @@ class Enotify {
$datarray['link'] = $itemlink;
$datarray['parent'] = $parent_mid;
$datarray['parent_item'] = $parent_item;
$datarray['ntype'] = $params['type'];
$datarray['verb'] = $params['verb'];
$datarray['otype'] = $params['otype'];
$datarray['ntype'] = $params['type'] ?? '';
$datarray['verb'] = $params['verb'] ?? '';
$datarray['otype'] = $params['otype'] ?? '';
$datarray['abort'] = false;
$datarray['seen'] = 0;
$datarray['item'] = $params['item'];
$datarray['item'] = $params['item'] ?? [];
call_hooks('enotify_store', $datarray);
@@ -511,7 +515,6 @@ class Enotify {
// create notification entry in DB
$seen = 0;
// Mark some notifications as seen right away
// Note! The notification have to be created, because they are used to send emails
@@ -521,7 +524,7 @@ class Enotify {
if (!$always_show_in_notices) {
if (($params['type'] === NOTIFY_WALL) || ($params['type'] === NOTIFY_MAIL) || ($params['type'] === NOTIFY_INTRO)) {
$seen = 1;
$datarray['seen'] = 1;
}
}
@@ -537,7 +540,7 @@ class Enotify {
intval($datarray['uid']),
dbesc($datarray['link']),
dbesc($datarray['parent']),
intval($seen),
intval($datarray['seen']),
intval($datarray['ntype']),
dbesc($datarray['verb']),
dbesc($datarray['otype'])
@@ -613,8 +616,8 @@ class Enotify {
$datarray['preamble'] = $preamble;
$datarray['sitename'] = $sitename;
$datarray['siteurl'] = $siteurl;
$datarray['type'] = $params['type'];
$datarray['parent'] = $params['parent_mid'];
$datarray['type'] = $params['type'] ?? '';
$datarray['parent'] = $params['parent_mid'] ?? '';
$datarray['source_name'] = $sender['xchan_name'];
$datarray['source_link'] = $sender['xchan_url'];
$datarray['source_photo'] = $sender['xchan_photo_s'];
@@ -681,7 +684,6 @@ class Enotify {
'$source_name' => $datarray['source_name'],
'$source_link' => $datarray['source_link'],
'$source_photo' => $datarray['source_photo'],
'$username' => $datarray['to_name'],
'$hsitelink' => $datarray['hsitelink'],
'$hitemlink' => $datarray['hitemlink'],
'$thanks' => $datarray['thanks'],
@@ -703,7 +705,6 @@ class Enotify {
'$source_name' => $datarray['source_name'],
'$source_link' => $datarray['source_link'],
'$source_photo' => $datarray['source_photo'],
'$username' => $datarray['to_name'],
'$tsitelink' => $datarray['tsitelink'],
'$titemlink' => $datarray['titemlink'],
'$thanks' => $datarray['thanks'],
@@ -815,10 +816,10 @@ class Enotify {
localize_item($item);
if($item['shortlocalize']) {
if(isset($item['shortlocalize'])) {
$itemem_text = $item['shortlocalize'];
}
elseif($item['localize']) {
elseif(isset($item['localize'])) {
$itemem_text = $item['localize'];
}
else {
@@ -868,7 +869,7 @@ class Enotify {
$x = array(
'notify_link' => $item['llink'],
'name' => $item[$who]['xchan_name'],
'addr' => (($item[$who]['xchan_addr']) ? $item[$who]['xchan_addr'] : $item[$who]['xchan_url']),
'addr' => $item[$who]['xchan_addr'] ?? $item[$who]['xchan_url'],
'url' => $item[$who]['xchan_url'],
'photo' => $item[$who]['xchan_photo_s'],
'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])),

19
Zotlabs/Lib/Libsync.php
View File

@@ -184,6 +184,8 @@ class Libsync {
require_once('include/import.php');
hz_syslog(print_r($arr, true));
$result = [];
$keychange = ((array_key_exists('keychange', $arr)) ? true : false);
@@ -192,7 +194,10 @@ class Libsync {
dbesc($sender)
);
$DR = new DReport(z_root(), $sender, $d, 'sync');
$mid = 'sync';
$DR = new DReport(z_root(), $sender, $d, $mid);
if (!$r) {
$DR->update('recipient not found');
@@ -202,6 +207,7 @@ class Libsync {
$channel = $r[0];
$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
$max_friends = service_class_fetch($channel['channel_id'], 'total_channels');
@@ -293,8 +299,10 @@ class Libsync {
if (array_key_exists('event_item', $arr) && $arr['event_item'])
sync_items($channel, $arr['event_item'], ((array_key_exists('relocate', $arr)) ? $arr['relocate'] : null));
if (array_key_exists('item', $arr) && $arr['item'])
if (array_key_exists('item', $arr) && $arr['item']) {
sync_items($channel, $arr['item'], ((array_key_exists('relocate', $arr)) ? $arr['relocate'] : null));
$mid = $arr['item'][0]['message_id'] . '#sync';
}
// deprecated, maintaining for a few months for upward compatibility
// this should sync webpages, but the logic is a bit subtle
@@ -740,13 +748,12 @@ class Libsync {
*/
call_hooks('process_channel_sync_delivery', $addon);
$DR = new DReport(z_root(), $d, $d, 'sync', 'channel sync delivered');
$DR = new DReport(z_root(), $d, $d, $mid, 'channel sync processed');
$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');
$result[] = $DR->get();
}
return $result;
}
@@ -762,6 +769,8 @@ class Libsync {
static function sync_locations($sender, $arr, $absolute = false) {
$ret = [];
$what = '';
$changed = false;
// If a sender reports that the channel has been deleted, delete its hubloc
if (isset($arr['deleted_locally']) && intval($arr['deleted_locally'])) {
@@ -772,7 +781,7 @@ class Libsync {
);
}
if ($arr['locations']) {
if (isset($arr['locations']) && $arr['locations']) {
if ($absolute)
Libzot::check_location_move($sender['hash'], $arr['locations']);

228
Zotlabs/Lib/Libzot.php
View File

@@ -251,7 +251,7 @@ class Libzot {
$url = null;
if ($them['hubloc_id_url']) {
if (isset($them['hubloc_id_url']) && $them['hubloc_id_url']) {
$url = $them['hubloc_id_url'];
}
else {
@@ -304,8 +304,14 @@ class Libzot {
$record = Zotfinger::exec($url, $channel);
if (!$record) {
return false;
}
// Check the HTTP signature
$hsig = $record['signature'];
$hsig_valid = false;
if ($hsig && $hsig['signer'] === $url && $hsig['header_valid'] === true && $hsig['content_valid'] === true) {
$hsig_valid = true;
}
@@ -467,7 +473,7 @@ class Libzot {
unset($new_connection[0]['abook_account']);
unset($new_connection[0]['abook_channel']);
$abconfig = load_abconfig($channel['channel_id'], $new_connection['abook_xchan']);
$abconfig = load_abconfig($channel['channel_id'], $new_connection[0]['abook_xchan']);
if ($abconfig) {
$new_connection['abconfig'] = $abconfig;
@@ -583,8 +589,6 @@ class Libzot {
*/
static function register_hub($id) {
$hsig_valid = false;
$result = ['success' => false];
if (!$id) {
@@ -593,8 +597,14 @@ class Libzot {
$record = Zotfinger::exec($id);
if (!$record) {
return $result;
}
// Check the HTTP signature
$hsig_valid = false;
$hsig = $record['signature'];
if ($hsig['signer'] === $id && $hsig['header_valid'] === true && $hsig['content_valid'] === true) {
$hsig_valid = true;
@@ -635,6 +645,14 @@ class Libzot {
*/
static function import_xchan($arr, $ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
$ret = ['success' => false];
if (!is_array($arr)) {
logger('Not an array: ' . print_r($arr, true), LOGGER_DEBUG);
return $ret;
}
/**
* @hooks import_xchan
* Called when processing the result of zot_finger() to store the result
@@ -642,7 +660,6 @@ class Libzot {
*/
call_hooks('import_xchan', $arr);
$ret = ['success' => false];
$dirmode = intval(get_config('system', 'directory_mode'));
$changed = false;
@@ -662,7 +679,7 @@ class Libzot {
$verified = false;
if (!self::verify($arr['id'], $arr['id_sig'], $arr['public_key'])) {
logger('Unable to verify channel signature for ' . $arr['address']);
logger('Unable to verify channel signature for ' . $arr['primary_location']['address']);
return $ret;
}
else {
@@ -697,18 +714,18 @@ class Libzot {
$dirmode = get_config('system', 'directory_mode');
if ((($arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) && ($arr['site']['url'] != z_root()))
if (((isset($arr['site']['directory_mode']) && $arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) && ($arr['site']['url'] != z_root()))
$arr['searchable'] = false;
$hidden = (1 - intval($arr['searchable']));
$hidden_changed = $adult_changed = $deleted_changed = $pubforum_changed = 0;
if (intval($r[0]['xchan_hidden']) != (1 - intval($arr['searchable'])))
if (isset($arr['searchable']) && intval($r[0]['xchan_hidden']) != (1 - intval($arr['searchable'])))
$hidden_changed = 1;
if (intval($r[0]['xchan_selfcensored']) != intval($arr['adult_content']))
if (isset($arr['adult_content']) && intval($r[0]['xchan_selfcensored']) != intval($arr['adult_content']))
$adult_changed = 1;
if (intval($r[0]['xchan_deleted']) != intval($arr['deleted']))
if (isset($arr['xchan_deleted']) && intval($r[0]['xchan_deleted']) != intval($arr['deleted']))
$deleted_changed = 1;
// new style 6-MAR-2019
@@ -727,7 +744,7 @@ class Libzot {
// old style
if (intval($r[0]['xchan_pubforum']) != intval($arr['public_forum']))
if (isset($arr['public_forum']) && intval($r[0]['xchan_pubforum']) != intval($arr['public_forum']))
$pubforum_changed = 1;
@@ -755,10 +772,10 @@ class Libzot {
dbesc($arr['name_updated']),
dbesc($arr['primary_location']['connections_url']),
dbesc($arr['primary_location']['follow_url']),
dbesc($arr['primary_location']['connect_url']),
dbesc($arr['connect_url']),
intval(1 - intval($arr['searchable'])),
intval($arr['adult_content']),
intval($arr['deleted']),
intval($arr['deleted'] ?? 0),
intval($arr['public_forum']),
dbesc(escape_tags($arr['primary_location']['address'])),
dbesc(escape_tags($arr['primary_location']['url'])),
@@ -798,7 +815,7 @@ class Libzot {
'xchan_name_date' => $arr['name_updated'],
'xchan_hidden' => intval(1 - intval($arr['searchable'])),
'xchan_selfcensored' => $arr['adult_content'],
'xchan_deleted' => $arr['deleted'],
'xchan_deleted' => $arr['deleted'] ?? 0,
'xchan_pubforum' => $arr['public_forum']
]
);
@@ -879,7 +896,7 @@ class Libzot {
else {
$r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
where xchan_hash = '%s'",
dbescdate(datetime_convert('UTC', 'UTC', $arr['photo_updated'])),
dbescdate(datetime_convert('UTC', 'UTC', $arr['photo']['updated'])),
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
@@ -898,17 +915,17 @@ class Libzot {
$s = Libsync::sync_locations($arr, $arr);
if ($s) {
if ($s['change_message'])
if (isset($s['change_message']))
$what .= $s['change_message'];
if ($s['changed'])
if (isset($s['changed']))
$changed = $s['changed'];
if ($s['message'])
if (isset($s['message']))
$ret['message'] .= $s['message'];
}
// Which entries in the update table are we interested in updating?
$address = (($ud_arr && $ud_arr['ud_addr']) ? $ud_arr['ud_addr'] : $arr['address']);
$address = (($ud_arr && $ud_arr['ud_addr']) ? $ud_arr['ud_addr'] : $arr['primary_location']['address']);
// Are we a directory server of some kind?
@@ -1021,7 +1038,7 @@ class Libzot {
// handle remote validation issues
$b = q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s'",
dbesc(($x['message']) ? $x['message'] : 'unknown delivery error'),
dbesc($x['message'] ?? 'unknown delivery error'),
dbesc(datetime_convert()),
dbesc($outq['outq_hash'])
);
@@ -1155,10 +1172,14 @@ class Libzot {
return;
}
if (is_array($AS->obj)) {
$arr = Activity::decode_note($AS);
$item = Activity::decode_note($AS);
if (!$item) {
logger('Could not decode activity: ' . print_r($AS, true));
return;
}
}
else {
$arr = [];
$item = [];
}
logger($AS->debug(), LOGGER_DATA);
@@ -1227,7 +1248,7 @@ class Libzot {
return;
}
$r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s'",
$r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' order by hubloc_id desc",
dbesc($AS->actor['id'])
);
@@ -1235,7 +1256,7 @@ class Libzot {
// Author is unknown to this site. Perform channel discovery and try again.
$z = discover_by_webbie($AS->actor['id']);
if ($z) {
$r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s'",
$r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' order by hubloc_id desc",
dbesc($AS->actor['id'])
);
}
@@ -1243,84 +1264,84 @@ class Libzot {
if ($r) {
$r = self::zot_record_preferred($r);
$arr['author_xchan'] = $r['hubloc_hash'];
$item['author_xchan'] = $r['hubloc_hash'];
}
if (! $arr['author_xchan']) {
if (! $item['author_xchan']) {
logger('No author!');
return;
}
$arr['owner_xchan'] = $env['sender'];
$item['owner_xchan'] = $env['sender'];
if(filter_var($env['sender'], FILTER_VALIDATE_URL)) {
// in individual delivery, change owner if needed
$s = q("select hubloc_hash, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
$s = q("select hubloc_hash, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc limit 1",
dbesc($env['sender'])
);
if ($s) {
$arr['owner_xchan'] = $s[0]['hubloc_hash'];
$item['owner_xchan'] = $s[0]['hubloc_hash'];
}
}
if (! $arr['owner_xchan']) {
if (! $item['owner_xchan']) {
logger('No owner!');
return;
}
if ($private && (!intval($arr['item_private']))) {
$arr['item_private'] = 1;
if ($private && (!intval($item['item_private']))) {
$item['item_private'] = 1;
}
if ($arr['mid'] === $arr['parent_mid']) {
if ($item['mid'] === $item['parent_mid']) {
if (is_array($AS->obj) && array_key_exists('commentPolicy', $AS->obj)) {
$p = strstr($AS->obj['commentPolicy'], 'until=');
if ($p !== false) {
$comments_closed_at = datetime_convert('UTC', 'UTC', substr($p, 6));
if ($comments_closed_at === $arr['created']) {
$arr['item_nocomment'] = 1;
if ($comments_closed_at === $item['created']) {
$item['item_nocomment'] = 1;
}
else {
$arr['comments_closed'] = $comments_closed_at;
$arr['comment_policy'] = trim(str_replace($p, '', $AS->obj['commentPolicy']));
$item['comments_closed'] = $comments_closed_at;
$aritemr['comment_policy'] = trim(str_replace($p, '', $AS->obj['commentPolicy']));
}
}
else {
$arr['comment_policy'] = $AS->obj['commentPolicy'];
$item['comment_policy'] = $AS->obj['commentPolicy'];
}
}
}
if ($AS->meta['hubloc']) {
$arr['item_verified'] = true;
if (isset($AS->meta['hubloc']) && $AS->meta['hubloc']) {
$item['item_verified'] = true;
}
if (!array_key_exists('comment_policy', $arr)) {
$arr['comment_policy'] = 'authenticated';
if (!array_key_exists('comment_policy', $item)) {
$item['comment_policy'] = 'authenticated';
}
if ($AS->meta['signed_data']) {
IConfig::Set($arr, 'activitypub', 'signed_data', $AS->meta['signed_data'], false);
if (isset($AS->meta['signed_data']) && $AS->meta['signed_data']) {
IConfig::Set($item, 'activitypub', 'signed_data', $AS->meta['signed_data'], false);
}
logger('Activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
logger('Activity received: ' . print_r($item, true), LOGGER_DATA, LOG_DEBUG);
logger('Activity recipients: ' . print_r($deliveries, true), LOGGER_DATA, LOG_DEBUG);
$relay = (($env['type'] === 'response') ? true : false);
$result = self::process_delivery($env['sender'], $AS, $arr, $deliveries, $relay, false, $message_request);
$result = self::process_delivery($env['sender'], $AS, $item, $deliveries, $relay, false, $message_request);
}
elseif ($env['type'] === 'sync') {
// $arr = get_channelsync_elements($data);
// $item = get_channelsync_elements($data);
$arr = json_decode($data, true);
$item = json_decode($data, true);
logger('Channel sync received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
logger('Channel sync received: ' . print_r($item, true), LOGGER_DATA, LOG_DEBUG);
logger('Channel sync recipients: ' . print_r($deliveries, true), LOGGER_DATA, LOG_DEBUG);
if ($env['encoding'] === 'hz') {
$result = Libsync::process_channel_sync_delivery($env['sender'], $arr, $deliveries);
$result = Libsync::process_channel_sync_delivery($env['sender'], $item, $deliveries);
}
else {
logger('sync packet type not supported.');
@@ -1431,7 +1452,7 @@ class Libzot {
if ($check_mentions) {
// It's a top level post. Look at the tags. See if any of them are mentions and are on this hub.
if ($act && $act->obj) {
if (is_array($act->obj['tag']) && $act->obj['tag']) {
if (isset($act->obj['tag']) && is_array($act->obj['tag']) && $act->obj['tag']) {
foreach ($act->obj['tag'] as $tag) {
if ($tag['type'] === 'Mention' && (strpos($tag['href'], z_root()) !== false)) {
$address = basename($tag['href']);
@@ -1510,6 +1531,7 @@ class Libzot {
foreach ($deliveries as $d) {
$local_public = $public;
$item_result = null;
$DR = new DReport(z_root(), $sender, $d, $arr['mid']);
@@ -1738,7 +1760,7 @@ class Libzot {
if (in_array('undefined', $existing_route) || $last_hop == 'undefined' || $sender == 'undefined')
$last_hop = '';
$current_route = (($arr['route']) ? $arr['route'] . ',' : '') . $sender;
$current_route = ((isset($arr['route']) && $arr['route']) ? $arr['route'] . ',' : '') . $sender;
if ($last_hop && $last_hop != $sender) {
logger('comment route mismatch: parent route = ' . $r[0]['route'] . ' expected = ' . $current_route, LOGGER_DEBUG);
@@ -1763,7 +1785,7 @@ class Libzot {
dbesc($arr['author_xchan'])
);
if (intval($arr['item_deleted'])) {
if (isset($arr['item_deleted']) && $arr['item_deleted']) {
// remove_community_tag is a no-op if this isn't a community tag activity
self::remove_community_tag($sender, $arr, $channel['channel_id']);
@@ -1902,9 +1924,9 @@ class Libzot {
// preserve conversations with which you are involved from expiration
$stored = (($item_result && $item_result['item']) ? $item_result['item'] : false);
$stored = ((isset($item_result['item'])) ? $item_result['item'] : false);
if ((is_array($stored)) && ($stored['id'] != $stored['parent'])
&& ($stored['author_xchan'] === $channel['channel_hash'] || $stored['author_xchan'] === $channel['channel_hash'])) {
&& ($stored['author_xchan'] === $channel['channel_hash'])) {
retain_item($stored['item']['parent']);
}
@@ -1938,7 +1960,7 @@ class Libzot {
return false;
}
if ($a['data']['type'] !== 'OrderedCollection') {
if (isset($a['data']['type']) && $a['data']['type'] !== 'OrderedCollection') {
return false;
}
@@ -1972,13 +1994,18 @@ class Libzot {
logger('FOF Activity rejected: ' . print_r($activity, true));
continue;
}
$arr = Activity::decode_note($AS);
// logger($AS->debug());
if(empty($AS->actor['id'])) {
logger('No actor id!');
continue;
}
$r = q("select hubloc_hash, hubloc_network from hubloc where hubloc_id_url = '%s'",
dbesc($AS->actor['id'])
);
$r = self::zot_record_preferred($r);
if (!$r) {
@@ -1995,7 +2022,7 @@ class Libzot {
}
}
if ($AS->obj['actor'] && $AS->obj['actor']['id'] && $AS->obj['actor']['id'] !== $AS->actor['id']) {
if (isset($AS->obj['actor']['id']) && $AS->obj['actor']['id'] !== $AS->actor['id']) {
$y = import_author_xchan(['url' => $AS->obj['actor']['id']]);
if (!$y) {
logger('FOF Activity: no object actor');
@@ -2003,6 +2030,12 @@ class Libzot {
}
}
$arr = Activity::decode_note($AS);
if (!$arr) {
continue;
}
if ($r) {
$arr['author_xchan'] = $r['hubloc_hash'];
}
@@ -2014,11 +2047,11 @@ class Libzot {
$arr['owner_xchan'] = $a['signature']['signer'];
}
if ($AS->meta['hubloc'] || $arr['author_xchan'] === $arr['owner_xchan']) {
if (isset($AS->meta['hubloc']) || $arr['author_xchan'] === $arr['owner_xchan']) {
$arr['item_verified'] = true;
}
if ($AS->meta['signed_data']) {
if (isset($AS->meta['signed_data'])) {
IConfig::Set($arr, 'activitypub', 'signed_data', $AS->meta['signed_data'], false);
$j = json_decode($AS->meta['signed_data'], true);
if ($j) {
@@ -2472,32 +2505,32 @@ class Libzot {
}
$site_directory = 0;
if ($arr['directory_mode'] == 'normal')
if (isset($arr['directory_mode']) && $arr['directory_mode'] == 'normal')
$site_directory = DIRECTORY_MODE_NORMAL;
if ($arr['directory_mode'] == 'primary')
if (isset($arr['directory_mode']) && $arr['directory_mode'] == 'primary')
$site_directory = DIRECTORY_MODE_PRIMARY;
if ($arr['directory_mode'] == 'secondary')
if (isset($arr['directory_mode']) && $arr['directory_mode'] == 'secondary')
$site_directory = DIRECTORY_MODE_SECONDARY;
if ($arr['directory_mode'] == 'standalone')
if (isset($arr['directory_mode']) && $arr['directory_mode'] == 'standalone')
$site_directory = DIRECTORY_MODE_STANDALONE;
$register_policy = 0;
if ($arr['register_policy'] == 'closed')
if (isset($arr['register_policy']) && $arr['register_policy'] == 'closed')
$register_policy = REGISTER_CLOSED;
if ($arr['register_policy'] == 'open')
if (isset($arr['register_policy']) && $arr['register_policy'] == 'open')
$register_policy = REGISTER_OPEN;
if ($arr['register_policy'] == 'approve')
if (isset($arr['register_policy']) && $arr['register_policy'] == 'approve')
$register_policy = REGISTER_APPROVE;
$access_policy = 0;
if (array_key_exists('access_policy', $arr)) {
if ($arr['access_policy'] === 'private')
if (isset($arr['access_policy']) && $arr['access_policy'] === 'private')
$access_policy = ACCESS_PRIVATE;
if ($arr['access_policy'] === 'paid')
if (isset($arr['access_policy']) && $arr['access_policy'] === 'paid')
$access_policy = ACCESS_PAID;
if ($arr['access_policy'] === 'free')
if (isset($arr['access_policy']) && $arr['access_policy'] === 'free')
$access_policy = ACCESS_FREE;
if ($arr['access_policy'] === 'tiered')
if (isset($arr['access_policy']) && $arr['access_policy'] === 'tiered')
$access_policy = ACCESS_TIERED;
}
@@ -2512,14 +2545,14 @@ class Libzot {
$access_policy = ACCESS_PRIVATE;
}
$directory_url = htmlspecialchars((string)$arr['directory_url'], ENT_COMPAT, 'UTF-8', false);
$url = htmlspecialchars((string)strtolower($arr['url']), ENT_COMPAT, 'UTF-8', false);
$sellpage = htmlspecialchars((string)$arr['sellpage'], ENT_COMPAT, 'UTF-8', false);
$site_location = htmlspecialchars((string)$arr['location'], ENT_COMPAT, 'UTF-8', false);
$site_realm = htmlspecialchars((string)$arr['realm'], ENT_COMPAT, 'UTF-8', false);
$site_project = htmlspecialchars((string)$arr['project'], ENT_COMPAT, 'UTF-8', false);
$site_crypto = ((array_key_exists('encryption', $arr) && is_array($arr['encryption'])) ? htmlspecialchars((string)implode(',', $arr['encryption']), ENT_COMPAT, 'UTF-8', false) : '');
$site_version = ((array_key_exists('version', $arr)) ? htmlspecialchars((string)$arr['version'], ENT_COMPAT, 'UTF-8', false) : '');
$directory_url = ((isset($arr['directory_url'])) ? htmlspecialchars($arr['directory_url'], ENT_COMPAT, 'UTF-8', false) : '');
$url = ((isset($arr['url'])) ? htmlspecialchars(strtolower($arr['url']), ENT_COMPAT, 'UTF-8', false) : '');
$sellpage = ((isset($arr['sellpage'])) ? htmlspecialchars($arr['sellpage'], ENT_COMPAT, 'UTF-8', false) : '');
$site_location = ((isset($arr['location'])) ? htmlspecialchars($arr['location'], ENT_COMPAT, 'UTF-8', false) : '');
$site_realm = ((isset($arr['realm'])) ? htmlspecialchars($arr['realm'], ENT_COMPAT, 'UTF-8', false) : '');
$site_project = ((isset($arr['project'])) ? htmlspecialchars($arr['project'], ENT_COMPAT, 'UTF-8', false) : '');
$site_crypto = ((isset($arr['encryption']) && is_array($arr['encryption'])) ? htmlspecialchars(implode(',', $arr['encryption']), ENT_COMPAT, 'UTF-8', false) : '');
$site_version = ((isset($arr['version'])) ? htmlspecialchars($arr['version'], ENT_COMPAT, 'UTF-8', false) : '');
// You can have one and only one primary directory per realm.
// Downgrade any others claiming to be primary. As they have
@@ -2729,14 +2762,15 @@ class Libzot {
$token = ((x($arr, 'token')) ? $arr['token'] : '');
$feed = ((x($arr, 'feed')) ? intval($arr['feed']) : 0);
$ztarget_hash = EMPTY_STR;
if ($ztarget) {
$t = q("select * from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
$t = q("select * from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc limit 1",
dbesc($ztarget)
);
if ($t) {
$ztarget_hash = $t[0]['hubloc_hash'];
}
else {
@@ -2744,7 +2778,6 @@ class Libzot {
// permissions we would know about them and we only want to know who they are to
// enumerate their specific permissions
$ztarget_hash = EMPTY_STR;
}
}
@@ -2910,7 +2943,7 @@ class Libzot {
$ret['mail'] = map_scope(PermissionLimits::Get($e['channel_id'], 'post_mail'));
if ($deleted)
$ret['deleted'] = $deleted;
$ret['deleted'] = true;
if (intval($e['channel_removed'])) {
$ret['deleted_locally'] = true;
@@ -2920,12 +2953,11 @@ class Libzot {
// This is a template - %s will be replaced with the follow_url we discover for the return channel.
if ($special_channel) {
$ret['connect_url'] = (($e['xchan_connpage']) ? $e['xchan_connpage'] : z_root() . '/connect/' . $e['channel_address']);
$ret['connect_url'] = $e['xchan_connpage'] ?? z_root() . '/connect/' . $e['channel_address'];
}
// This is a template for our follow url, %s will be replaced with a webbie
if (!$ret['follow_url'])
$ret['follow_url'] = z_root() . '/follow?f=&url=%s';
$ret['follow_url'] = $ret['follow_url'] ?? z_root() . '/follow?f=&url=%s';
$permissions = get_all_perms($e['channel_id'], $ztarget_hash, false, false);
@@ -2983,18 +3015,17 @@ class Libzot {
$signing_key = get_config('system', 'prvkey');
$sig_method = get_config('system', 'signature_algorithm', 'sha256');
$ret = [];
$ret['site'] = [];
$ret['site']['url'] = z_root();
$ret['site']['site_sig'] = self::sign(z_root(), $signing_key);
$ret['site']['post'] = z_root() . '/zot';
$ret['site']['openWebAuth'] = z_root() . '/owa';
$ret['site']['authRedirect'] = z_root() . '/magic';
$ret['site']['sitekey'] = get_config('system', 'pubkey');
$ret = [];
$ret['site'] = [];
$ret['site']['url'] = z_root();
$ret['site']['site_sig'] = self::sign(z_root(), $signing_key);
$ret['site']['post'] = z_root() . '/zot';
$ret['site']['openWebAuth'] = z_root() . '/owa';
$ret['site']['authRedirect'] = z_root() . '/magic';
$ret['site']['sitekey'] = get_config('system', 'pubkey');
$ret['site']['directory_mode'] = 'normal';
$dirmode = get_config('system', 'directory_mode');
if (($dirmode === false) || ($dirmode == DIRECTORY_MODE_NORMAL))
$ret['site']['directory_mode'] = 'normal';
if ($dirmode == DIRECTORY_MODE_PRIMARY)
$ret['site']['directory_mode'] = 'primary';
@@ -3101,7 +3132,8 @@ class Libzot {
$t = datetime_convert('UTC', 'UTC', 'now - 15 minutes');
$r = q("update hubloc set hubloc_connected = '%s' where hubloc_id = %d and hubloc_site_id = '%s' and hubloc_connected < '%s' ",
q("update hubloc set hubloc_connected = '%s', hubloc_updated = '%s' where hubloc_id = %d and hubloc_site_id = '%s' and hubloc_connected < '%s' ",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($hub['hubloc_id']),
dbesc($site_id),
@@ -3193,7 +3225,7 @@ class Libzot {
}
foreach ($arr as $v) {
if ($v[$check] === 'zot6') {
if (isset($v[$check]) && $v[$check] === 'zot6') {
return $v;
}
}

41
Zotlabs/Lib/Libzotdir.php
View File

@@ -145,8 +145,8 @@ class Libzotdir {
if(! $directory_sort_order)
$directory_sort_order = 'date';
$current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : $directory_sort_order);
$suggest = (($_REQUEST['suggest']) ? '&suggest=' . $_REQUEST['suggest'] : '');
$current_order = $_REQUEST['order'] ?? $directory_sort_order;
$suggest = ((isset($_REQUEST['suggest'])) ? '&suggest=' . $_REQUEST['suggest'] : '');
$url = 'directory?f=';
@@ -453,22 +453,29 @@ class Libzotdir {
if (! $hash)
return false;
$arr = array();
$arr = [];
$arr['xprof_hash'] = $hash;
$arr['xprof_dob'] = (($profile['birthday'] === '0000-00-00') ? $profile['birthday'] : datetime_convert('','',$profile['birthday'],'Y-m-d')); // !!!! check this for 0000 year
$arr['xprof_age'] = (($profile['age']) ? intval($profile['age']) : 0);
$arr['xprof_desc'] = (($profile['description']) ? htmlspecialchars($profile['description'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_gender'] = (($profile['gender']) ? htmlspecialchars($profile['gender'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_marital'] = (($profile['marital']) ? htmlspecialchars($profile['marital'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_sexual'] = (($profile['sexual']) ? htmlspecialchars($profile['sexual'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_locale'] = (($profile['locale']) ? htmlspecialchars($profile['locale'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_region'] = (($profile['region']) ? htmlspecialchars($profile['region'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_postcode'] = (($profile['postcode']) ? htmlspecialchars($profile['postcode'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_country'] = (($profile['country']) ? htmlspecialchars($profile['country'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_about'] = (($profile['about']) ? htmlspecialchars($profile['about'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_homepage'] = (($profile['homepage']) ? htmlspecialchars($profile['homepage'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_hometown'] = (($profile['hometown']) ? htmlspecialchars($profile['hometown'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_hash'] = $hash;
$arr['xprof_dob'] = '0000-00-00';
if (isset($profile['birthday'])) {
$arr['xprof_dob'] = (($profile['birthday'] === '0000-00-00')
? $profile['birthday']
: datetime_convert('', '', $profile['birthday'], 'Y-m-d')); // !!!! check this for 0000 year
}
$arr['xprof_age'] = ((isset($profile['age']) && $profile['age']) ? intval($profile['age']) : 0);
$arr['xprof_desc'] = ((isset($profile['description']) && $profile['description']) ? htmlspecialchars($profile['description'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_gender'] = ((isset($profile['gender']) && $profile['gender']) ? htmlspecialchars($profile['gender'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_marital'] = ((isset($profile['marital']) && $profile['marital']) ? htmlspecialchars($profile['marital'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_sexual'] = ((isset($profile['sexual']) && $profile['sexual']) ? htmlspecialchars($profile['sexual'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_locale'] = ((isset($profile['locale']) && $profile['locale']) ? htmlspecialchars($profile['locale'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_region'] = ((isset($profile['region']) && $profile['region']) ? htmlspecialchars($profile['region'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_postcode'] = ((isset($profile['postcode']) && $profile['postcode']) ? htmlspecialchars($profile['postcode'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_country'] = ((isset($profile['country']) && $profile['country']) ? htmlspecialchars($profile['country'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_about'] = ((isset($profile['about']) && $profile['about']) ? htmlspecialchars($profile['about'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_homepage'] = ((isset($profile['homepage']) && $profile['homepage']) ? htmlspecialchars($profile['homepage'], ENT_COMPAT,'UTF-8',false) : '');
$arr['xprof_hometown'] = ((isset($profile['hometown']) && $profile['hometown']) ? htmlspecialchars($profile['hometown'], ENT_COMPAT,'UTF-8',false) : '');
$clean = array();
if (array_key_exists('keywords', $profile) and is_array($profile['keywords'])) {

25
Zotlabs/Lib/Queue.php
View File

@@ -110,21 +110,30 @@ class Queue {
return false;
}
$hash = $arr['hash'] ?? '';
$account_id = $arr['account_id'] ?? 0;
$channel_id = $arr['channel_id'] ?? 0;
$driver = $arr['driver'] ?? 'zot6';
$posturl = $arr['posturl'] ?? '';
$priority = $arr['priority'] ?? 0;
$notify = $arr['notify'] ?? '';
$msg = $arr['msg'] ?? '';
$x = q("insert into outq ( outq_hash, outq_account, outq_channel, outq_driver, outq_posturl, outq_async, outq_priority,
outq_created, outq_updated, outq_scheduled, outq_notify, outq_msg )
values ( '%s', %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s', '%s', '%s' )",
dbesc($arr['hash']),
intval($arr['account_id']),
intval($arr['channel_id']),
dbesc(($arr['driver']) ? $arr['driver'] : 'zot6'),
dbesc($arr['posturl']),
dbesc($hash),
intval($account_id),
intval($channel_id),
dbesc($driver),
dbesc($posturl),
intval(1),
intval(isset($arr['priority']) ? $arr['priority'] : 0),
intval($priority),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($arr['notify']),
dbesc(($arr['msg']) ? $arr['msg'] : '')
dbesc($notify),
dbesc($msg)
);
return $x;

16
Zotlabs/Lib/System.php
View File

@@ -16,13 +16,13 @@ class System {
}
static public function get_site_name() {
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['sitename'])
if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['sitename']))
return \App::$config['system']['sitename'];
return '';
}
static public function get_project_version() {
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['hide_version']))
return '';
if(is_array(\App::$config) && is_array(\App::$config['system']) && array_key_exists('std_version',\App::$config['system']))
return \App::$config['system']['std_version'];
@@ -31,33 +31,33 @@ class System {
}
static public function get_update_version() {
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['hide_version'])
if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['hide_version']))
return '';
return DB_UPDATE_VERSION;
}
static public function get_notify_icon() {
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['email_notify_icon_url'])
if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['email_notify_icon_url']))
return \App::$config['system']['email_notify_icon_url'];
return z_root() . DEFAULT_NOTIFY_ICON;
}
static public function get_site_icon() {
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['site_icon_url'])
if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['site_icon_url']))
return \App::$config['system']['site_icon_url'];
return z_root() . DEFAULT_PLATFORM_ICON ;
}
static public function get_project_link() {
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_link'])
if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['project_link']))
return \App::$config['system']['project_link'];
return 'https://hubzilla.org';
}
static public function get_project_srclink() {
if(is_array(\App::$config) && is_array(\App::$config['system']) && \App::$config['system']['project_srclink'])
if(is_array(\App::$config) && is_array(\App::$config['system']) && isset(\App::$config['system']['project_srclink']))
return \App::$config['system']['project_srclink'];
return 'https://framagit.org/hubzilla/core.git';
}
@@ -68,7 +68,7 @@ class System {
static public function get_zot_revision() {
$x = [ 'revision' => ZOT_REVISION ];
$x = [ 'revision' => ZOT_REVISION ];
call_hooks('zot_revision',$x);
return $x['revision'];
}

79
Zotlabs/Lib/ThreadItem.php
View File

@@ -84,10 +84,8 @@ class ThreadItem {
public function get_template_data($conv_responses, $thread_level=1, $conv_flags = []) {
$result = array();
$item = $this->get_data();
$result = [];
$item = $this->get_data();
$commentww = '';
$sparkle = '';
$buttons = '';
@@ -98,7 +96,7 @@ class ThreadItem {
$is_item = false;
$osparkle = '';
$total_children = $this->count_descendants();
$unseen_comments = (($item['real_uid']) ? 0 : $this->count_unseen_descendants());
$unseen_comments = ((isset($item['real_uid']) && $item['real_uid']) ? 0 : $this->count_unseen_descendants());
$conv = $this->get_conversation();
$observer = $conv->get_observer();
@@ -148,7 +146,7 @@ class ThreadItem {
}
if ($lock) {
if (($item['mid'] == $item['parent_mid']) && count(get_terms_oftype($item['term'],TERM_FORUM))) {
if (($item['mid'] == $item['parent_mid']) && isset($item['term']) && count(get_terms_oftype($item['term'], TERM_FORUM))) {
$privacy_warning = true;
$conv_flags['parent_privacy_warning'] = true;
}
@@ -180,7 +178,7 @@ class ThreadItem {
$dropping = false;
}
$drop = [];
if($dropping) {
$drop = array(
'dropping' => $dropping,
@@ -191,13 +189,6 @@ class ThreadItem {
$drop = [ 'dropping' => true, 'delete' => t('Admin Delete') ];
}
// FIXME
if($observer_is_pageowner) {
$multidrop = array(
'select' => t('Select'),
);
}
$filer = ((($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
$profile_avatar = $item['author']['xchan_photo_m'];
@@ -207,7 +198,6 @@ class ThreadItem {
$location = format_location($item);
$isevent = false;
$attend = null;
$canvote = false;
// process action responses - e.g. like/dislike/attend/agree/whatever
$response_verbs = array('like');
@@ -227,17 +217,6 @@ class ThreadItem {
$response_verbs[] = 'answer';
}
$consensus = (intval($item['item_consensus']) ? true : false);
if($consensus) {
$response_verbs[] = 'agree';
$response_verbs[] = 'disagree';
$response_verbs[] = 'abstain';
if($this->is_commentable() && $observer) {
$conlabels = array( t('I agree'), t('I disagree'), t('I abstain'));
$canvote = true;
}
}
if(! feature_enabled($conv->get_profile_owner(),'dislike'))
unset($conv_responses['dislike']);
@@ -245,7 +224,8 @@ class ThreadItem {
$my_responses = [];
foreach($response_verbs as $v) {
$my_responses[$v] = (($conv_responses[$v][$item['mid'] . '-m']) ? 1 : 0);
$my_responses[$v] = ((isset($conv_responses[$v][$item['mid'] . '-m'])) ? 1 : 0);
}
$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
@@ -258,6 +238,7 @@ class ThreadItem {
}
$like_button_label = tt('Like','Likes',$like_count,'noun');
$showdislike = '';
if (feature_enabled($conv->get_profile_owner(),'dislike')) {
$dislike_count = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid']] : '');
$dislike_list = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid'] . '-l'] : '');
@@ -268,11 +249,11 @@ class ThreadItem {
} else {
$dislike_list_part = '';
}
$showdislike = ((x($conv_responses['dislike'],$item['mid'])) ? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
}
$showlike = ((x($conv_responses['like'],$item['mid'])) ? format_like($conv_responses['like'][$item['mid']],$conv_responses['like'][$item['mid'] . '-l'],'like',$item['mid']) : '');
$showdislike = ((x($conv_responses['dislike'],$item['mid']) && feature_enabled($conv->get_profile_owner(),'dislike'))
? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
/*
* We should avoid doing this all the time, but it depends on the conversation mode
@@ -283,14 +264,11 @@ class ThreadItem {
$this->check_wall_to_wall();
if($this->is_toplevel()) {
// FIXME check this permission
if($conv->get_profile_owner() === local_channel() || intval($item['item_private']) === 0) {
$star = array(
if((local_channel() && $conv->get_profile_owner() === local_channel()) || (local_channel() && App::$module === 'pubstream')) {
$star = [
'toggle' => t("Toggle Star Status"),
'isstarred' => ((intval($item['item_starred'])) ? true : false),
);
];
}
}
else {
@@ -307,7 +285,7 @@ class ThreadItem {
$tagger = [];
// FIXME - check this permission
if($conv->get_profile_owner() == local_channel()) {
if(local_channel() && $conv->get_profile_owner() == local_channel()) {
/* disable until we agree on how to implemnt this in zot6/activitypub
$tagger = array(
'tagit' => t("Add Tag"),
@@ -319,7 +297,7 @@ class ThreadItem {
}
$has_bookmarks = false;
if(Apps::system_app_installed(local_channel(), 'Bookmarks') && is_array($item['term'])) {
if(Apps::system_app_installed(local_channel(), 'Bookmarks') && isset($item['term']) && is_array($item['term'])) {
foreach($item['term'] as $t) {
if(($t['ttype'] == TERM_BOOKMARK))
$has_bookmarks = true;
@@ -330,20 +308,26 @@ class ThreadItem {
if(($item['obj_type'] === ACTIVITY_OBJ_EVENT) && $conv->get_profile_owner() == local_channel())
$has_event = true;
$like = [];
$dislike = [];
$reply_to = [];
if($this->is_commentable() && $observer) {
$like = array( t("I like this \x28toggle\x29"), t("like"));
$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
$reply_to = array( t("Reply on this comment"), t("reply"), t("Reply to"));
}
$share = [];
$embed = [];
if ($shareable) {
// This actually turns out not to be possible in some protocol stacks without opening up hundreds of new issues.
// Will allow it only for uri resolvable sources.
if(strpos($item['mid'],'http') === 0) {
$share = []; //Not yet ready for primetime
//Not yet ready for primetime
//$share = array( t('Repeat This'), t('repeat'));
}
$embed = array( t('Share This'), t('share'));
$embed = [t('Share This'), t('share')];
}
$dreport = '';
@@ -352,11 +336,13 @@ class ThreadItem {
if($keep_reports === 0)
$keep_reports = 10;
if((! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
$dreport_link = '';
if((intval($item['item_type']) == ITEM_TYPE_POST) && (! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
$dreport = t('Delivery Report');
$dreport_link = gen_link_id($item['mid']);
}
$is_new = false;
if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0)
$is_new = true;
@@ -372,8 +358,8 @@ class ThreadItem {
if($conv->get_mode() === 'channel')
$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode(gen_link_id($item['mid']));
$comment_count_txt = sprintf( tt('%d comment','%d comments',$total_children),$total_children );
$list_unseen_txt = (($unseen_comments) ? sprintf( t('%d unseen'),$unseen_comments) : '');
$comment_count_txt = sprintf(tt('%d Comment', '%d Comments', $total_children), $total_children);
$list_unseen_txt = (($unseen_comments) ? sprintf(t('%d unseen'), $unseen_comments) : '');
$children = $this->get_children();
@@ -426,9 +412,6 @@ class ThreadItem {
'author_is_group_actor' => (($item['author']['xchan_pubforum']) ? t('Forum') : ''),
'isevent' => $isevent,
'attend' => $attend,
'consensus' => $consensus,
'conlabels' => $conlabels,
'canvote' => $canvote,
'linktitle' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
'olinktitle' => (($item['owner']['xchan_addr']) ? $item['owner']['xchan_addr'] : $item['owner']['xchan_url']),
'llink' => $item['llink'],
@@ -497,7 +480,6 @@ class ThreadItem {
'bookmark' => (($conv->get_profile_owner() == local_channel() && local_channel() && $has_bookmarks) ? t('Save Bookmarks') : ''),
'addtocal' => (($has_event) ? t('Add to Calendar') : ''),
'drop' => $drop,
'multidrop' => ((feature_enabled($conv->get_profile_owner(),'multi_delete')) ? $multidrop : ''),
'dropdown_extras' => $dropdown_extras,
// end toolbar buttons
'unseen_comments' => $unseen_comments,
@@ -520,7 +502,7 @@ class ThreadItem {
'modal_dismiss' => t('Close'),
'showlike' => $showlike,
'showdislike' => $showdislike,
'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box($indent)),
'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box()),
'previewing' => ($conv->is_preview() ? true : false ),
'preview_lbl' => t('This is an unsaved preview'),
'wait' => t('Please wait'),
@@ -814,7 +796,7 @@ class ThreadItem {
* _ The comment box string (empty if no comment box)
* _ false on failure
*/
private function get_comment_box($indent) {
private function get_comment_box() {
if(!$this->is_toplevel() && !get_config('system','thread_allow')) {
return '';
@@ -860,7 +842,6 @@ class ThreadItem {
'$edurl' => t('Insert Link'),
'$edvideo' => t('Video'),
'$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
'$indent' => $indent,
'$can_upload' => (perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage') && $conv->is_uploadable()),
'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
'$encrypt' => t('Encrypt text'),

6
Zotlabs/Lib/Webfinger.php
View File

@@ -53,10 +53,10 @@ class Webfinger {
if(strpos($resource,'http') === 0) {
$m = parse_url($resource);
if($m) {
if($m['scheme'] !== 'https') {
if(isset($m['scheme']) && $m['scheme'] !== 'https') {
return false;
}
self::$server = $m['host'] . (($m['port']) ? ':' . $m['port'] : '');
self::$server = $m['host'] . ((isset($m['port'])) ? ':' . $m['port'] : '');
}
else {
return false;
@@ -86,7 +86,7 @@ class Webfinger {
/**
* @brief fetch a webfinger resource and return a zot6 discovery url if present
*
*/
*/
static function zot_url($resource) {

2
Zotlabs/Lib/XConfig.php
View File

@@ -162,7 +162,7 @@ class XConfig {
*/
static public function Delete($xchan, $family, $key) {
if(x(\App::$config[$xchan][$family], $key))
if(isset(\App::$config[$xchan][$family][$key]))
unset(\App::$config[$xchan][$family][$key]);
$ret = q("DELETE FROM xconfig WHERE xchan = '%s' AND cat = '%s' AND k = '%s'",

18
Zotlabs/Module/Acl.php
View File

@@ -66,6 +66,11 @@ class Acl extends \Zotlabs\Web\Controller {
killme();
$permitted = [];
$sql_extra = '';
$sql_extra2 = '';
$sql_extra3 = '';
$sql_extra2_xchan = '';
$order_extra2 = '';
if(in_array($type, [ 'm', 'a', 'c', 'f' ])) {
@@ -81,7 +86,6 @@ class Acl extends \Zotlabs\Web\Controller {
}
if($search) {
$sql_extra = " AND pgrp.gname LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
$sql_extra2 = "AND ( xchan_name LIKE " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " OR xchan_addr LIKE " . protect_sprintf( "'%" . dbesc(punify($search)) . ((strpos($search,'@') === false) ? "%@%'" : "%'")) . ") ";
@@ -100,10 +104,6 @@ class Acl extends \Zotlabs\Web\Controller {
$sql_extra3 = "AND ( xchan_addr like " . protect_sprintf( "'%" . dbesc(punify($search)) . "%'" ) . " OR xchan_name like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ) ";
}
else {
$sql_extra = $sql_extra2 = $sql_extra3 = "";
}
$groups = array();
$contacts = array();
@@ -284,7 +284,7 @@ class Acl extends \Zotlabs\Web\Controller {
}
elseif($type == 'm') {
$r = array();
$z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
$z = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, abook_self
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d
and xchan_deleted = 0
@@ -304,7 +304,7 @@ class Acl extends \Zotlabs\Web\Controller {
}
elseif($type == 'a') {
$r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
$r = q("SELECT abook_id as id, xchan_name as name, xchan_network as net, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, xchan_addr as attag, abook_their_perms, abook_self FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d
and xchan_deleted = 0
$sql_extra3
@@ -342,7 +342,7 @@ class Acl extends \Zotlabs\Web\Controller {
$x = [];
foreach($r as $g) {
if(in_array($g['net'],['rss','anon','unknown']) && ($type != 'a'))
if(isset($g['net']) && in_array($g['net'], ['rss','anon','unknown']) && ($type != 'a'))
continue;
$g['hash'] = urlencode($g['hash']);
@@ -383,7 +383,7 @@ class Acl extends \Zotlabs\Web\Controller {
"self" => (intval($g['abook_self']) ? 'abook-self' : ''),
"taggable" => '',
"label" => '',
"net" => $g['net']
"net" => $g['net'] ?? ''
);
}
}

2
Zotlabs/Module/Activity.php
View File

@@ -182,7 +182,7 @@ class Activity extends Controller {
return;
}
$ob_authorise = false;
$ob_authorize = false;
$item_uid = 0;
$bear = ZlibActivity::token_from_request();

3
Zotlabs/Module/Admin/Addons.php
View File

@@ -77,6 +77,7 @@ class Addons {
} catch (\PHPGit\Exception\GitException $e) {
json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
}
break;
case 'removerepo':
if (array_key_exists('repoName', $_REQUEST)) {
$repoName = $_REQUEST['repoName'];
@@ -111,6 +112,7 @@ class Addons {
} else {
json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false));
}
break;
case 'installrepo':
if (array_key_exists('repoURL', $_REQUEST)) {
require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies
@@ -172,6 +174,7 @@ class Addons {
$repo = $git->probeRepo();
json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
}
break;
case 'addrepo':
if (array_key_exists('repoURL', $_REQUEST)) {
require_once('library/PHPGit.autoload.php'); // Load PHPGit dependencies

30
Zotlabs/Module/Admin/Dbsync.php
View File

@@ -5,11 +5,11 @@ namespace Zotlabs\Module\Admin;
class Dbsync {
function get() {
$o = '';
if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') {
// remove the old style config if it exists
del_config('database', 'update_r' . intval(argv(3)));
@@ -29,7 +29,7 @@ class Dbsync {
if(method_exists($c,'verify')) {
$retval = $c->verify();
if($retval === UPDATE_FAILED) {
$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s);
$o .= sprintf( t('Verification of update %s failed. Check system logs.'), $s);
}
elseif($retval === UPDATE_SUCCESS) {
$o .= sprintf( t('Update %s was successfully applied.'), $s);
@@ -44,20 +44,8 @@ class Dbsync {
}
else
$o .= sprintf( t('Update function %s could not be found.'), $s);
return $o;
// remove the old style config if it exists
del_config('database', 'update_r' . intval(argv(3)));
set_config('database', '_' . intval(argv(3)), 'success');
if(intval(get_config('system','db_version')) < intval(argv(3)))
set_config('system','db_version',intval(argv(3)));
info( t('Update has been marked successful') . EOL);
goaway(z_root() . '/admin/dbsync');
}
if(argc() > 2 && intval(argv(2))) {
@@ -68,7 +56,7 @@ class Dbsync {
$c = new $cls();
$retval = $c->run();
if($retval === UPDATE_FAILED) {
$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s);
$o .= sprintf( t('Executing update procedure %s failed. Check system logs.'), $s);
}
elseif($retval === UPDATE_SUCCESS) {
$o .= sprintf( t('Update %s was successfully applied.'), $s);
@@ -79,10 +67,10 @@ class Dbsync {
}
else
$o .= sprintf( t('Update function %s could not be found.'), $s);
return $o;
}
$failed = array();
$r = q("select * from config where cat = 'database' ");
if(count($r)) {
@@ -107,7 +95,7 @@ class Dbsync {
else {
return '<div class="generic-content-wrapper-styled"><h3>' . t('No failed updates.') . '</h3></div>';
}
return $o;
}
}
}

9
Zotlabs/Module/Admin/Queue.php
View File

@@ -12,18 +12,18 @@ class Queue {
$o = '';
$expert = ((array_key_exists('expert',$_REQUEST)) ? intval($_REQUEST['expert']) : 0);
$expert = $_REQUEST['expert'] ?? false;
if($_REQUEST['drophub']) {
if(isset($_REQUEST['drophub'])) {
hubloc_mark_as_down($_REQUEST['drophub']);
LibQueue::remove_by_posturl($_REQUEST['drophub']);
}
if($_REQUEST['emptyhub']) {
if(isset($_REQUEST['emptyhub'])) {
LibQueue::remove_by_posturl($_REQUEST['emptyhub']);
}
if($_REQUEST['deliverhub']) {
if(isset($_REQUEST['deliverhub'])) {
$hubq = q("SELECT * FROM outq WHERE outq_posturl = '%s'",
dbesc($_REQUEST['deliverhub'])
@@ -39,7 +39,6 @@ class Queue {
for($x = 0; $x < count($r); $x ++) {
$r[$x]['eurl'] = urlencode($r[$x]['outq_posturl']);
$r[$x]['connected'] = datetime_convert('UTC',date_default_timezone_get(),$r[$x]['connected'],'Y-m-d');
}
$o = replace_macros(get_markup_template('admin_queue.tpl'), array(

2
Zotlabs/Module/Admin/Site.php
View File

@@ -129,7 +129,7 @@ class Site {
set_config('system', 'register_duty', $this->register_duty);
set_config('system', 'register_duty_jso', $this->joo);
} else {
notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg;
notice('ZAR0130E,' . t('Errors') . ': ' . $this->error . EOL . $this->msgfg . EOL);
}
}
}

62
Zotlabs/Module/Appman.php
View File

@@ -13,7 +13,7 @@ class Appman extends \Zotlabs\Web\Controller {
if(! local_channel())
return;
if($_POST['url']) {
if(isset($_POST['url']) && $_POST['url']) {
$arr = array(
'uid' => intval($_REQUEST['uid']),
'url' => escape_tags($_REQUEST['url']),
@@ -50,7 +50,7 @@ class Appman extends \Zotlabs\Web\Controller {
return;
}
if($_POST['install']) {
if(isset($_POST['install']) && $_POST['install']) {
Apps::app_install(local_channel(),$papp);
if(Apps::app_installed(local_channel(),$papp))
info( t('App installed.') . EOL);
@@ -65,15 +65,15 @@ class Appman extends \Zotlabs\Web\Controller {
}
if (intval($sync[0]['app_system'])) {
Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
}
else {
Libsync::build_sync_packet($uid, ['app' => $sync]);
Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
}
}
if($_POST['delete']) {
if(isset($_POST['delete']) && $_POST['delete']) {
// Fetch the app for sync before it is deleted (if it is deletable))
$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
@@ -91,18 +91,18 @@ class Appman extends \Zotlabs\Web\Controller {
$sync[0]['app_deleted'] = 1;
if (intval($sync[0]['app_system'])) {
Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
}
else {
Libsync::build_sync_packet($uid, ['app' => $sync]);
Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
}
}
if($_POST['edit']) {
if(isset($_POST['edit']) && $_POST['edit']) {
return;
}
if($_POST['feature']) {
if(isset($_POST['feature']) && $_POST['feature']) {
Apps::app_feature(local_channel(), $papp, $_POST['feature']);
$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
@@ -111,14 +111,14 @@ class Appman extends \Zotlabs\Web\Controller {
);
if (intval($sync[0]['app_system'])) {
Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
}
else {
Libsync::build_sync_packet($uid, ['app' => $sync]);
Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
}
}
if($_POST['pin']) {
if(isset($_POST['pin']) && $_POST['pin']) {
Apps::app_feature(local_channel(), $papp, $_POST['pin']);
$sync = q("SELECT * FROM app WHERE app_channel = %d AND app_id = '%s' LIMIT 1",
@@ -127,14 +127,14 @@ class Appman extends \Zotlabs\Web\Controller {
);
if (intval($sync[0]['app_system'])) {
Libsync::build_sync_packet($uid, ['sysapp' => $sync]);
Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
}
else {
Libsync::build_sync_packet($uid, ['app' => $sync]);
Libsync::build_sync_packet(local_channel(), ['app' => $sync]);
}
}
if($_POST['aj']) {
if(isset($_POST['aj']) && $_POST['aj']) {
killme();
}
@@ -171,7 +171,7 @@ class Appman extends \Zotlabs\Web\Controller {
$app = null;
$embed = null;
if($_REQUEST['appid']) {
if(isset($_REQUEST['appid']) && $_REQUEST['appid']) {
$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1",
dbesc($_REQUEST['appid']),
dbesc(local_channel())
@@ -200,27 +200,25 @@ class Appman extends \Zotlabs\Web\Controller {
}
return replace_macros(get_markup_template('app_create.tpl'), array(
'$banner' => (($app) ? t('Edit App') : t('Create App')),
'$app' => $app,
'$guid' => (($app) ? $app['app_id'] : ''),
'$author' => (($app) ? $app['app_author'] : $channel['channel_hash']),
'$addr' => (($app) ? $app['app_addr'] : $channel['xchan_addr']),
'$name' => array('name', t('Name of app'),(($app) ? $app['app_name'] : ''), t('Required')),
'$url' => array('url', t('Location (URL) of app'),(($app) ? $app['app_url'] : ''), t('Required')),
'$desc' => array('desc', t('Description'),(($app) ? $app['app_desc'] : ''), ''),
'$photo' => array('photo', t('Photo icon URL'),(($app) ? $app['app_photo'] : ''), t('80 x 80 pixels - optional')),
'$categories' => array('categories',t('Categories (optional, comma separated list)'),(($app) ? $app['categories'] : ''),''),
'$version' => array('version', t('Version ID'),(($app) ? $app['app_version'] : ''), ''),
'$price' => array('price', t('Price of app'),(($app) ? $app['app_price'] : ''), ''),
'$page' => array('page', t('Location (URL) to purchase app'),(($app) ? $app['app_page'] : ''), ''),
'$system' => (($app) ? intval($app['app_system']) : 0),
'$plugin' => (($app) ? $app['app_plugin'] : ''),
'$requires' => (($app) ? $app['app_requires'] : ''),
'$guid' => $app['app_id'] ?? '',
'$author' => $app['app_author'] ?? $channel['channel_hash'],
'$addr' => $app['app_addr'] ?? $channel['xchan_addr'],
'$name' => array('name', t('Name of app'), $app['app_name'] ?? '', t('Required')),
'$url' => array('url', t('Location (URL) of app'), $app['app_url'] ?? '', t('Required')),
'$desc' => array('desc', t('Description'), $app['app_desc'] ?? '', ''),
'$photo' => array('photo', t('Photo icon URL'),$app['app_photo'] ?? '', t('80 x 80 pixels - optional')),
'$categories' => array('categories',t('Categories (optional, comma separated list)'), $app['categories'] ?? '',''),
'$version' => array('version', t('Version ID'), $app['app_version'] ?? '', ''),
'$price' => array('price', t('Price of app'), $app['app_price'] ?? '', ''),
'$page' => array('page', t('Location (URL) to purchase app'), $app['app_page'] ?? '', ''),
'$system' => $app['app_system'] ?? 0,
'$plugin' => $app['app_plugin'] ?? '',
'$requires' => $app['app_requires'] ?? '',
'$embed' => $embed,
'$submit' => t('Submit')
));
}
}

3
Zotlabs/Module/Apps.php
View File

@@ -19,7 +19,8 @@ class Apps extends \Zotlabs\Web\Controller {
$_SESSION['return_url'] = \App::$query_string;
$apps = array();
$apps = [];
$cat = [];
if(local_channel()) {
Zlib\Apps::import_system_apps();

82
Zotlabs/Module/Blocks.php
View File

@@ -9,43 +9,43 @@ require_once('include/acl_selectors.php');
class Blocks extends \Zotlabs\Web\Controller {
function init() {
if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
$sys = get_sys_channel();
if($sys && intval($sys['channel_id'])) {
\App::$is_sys = true;
}
}
if(argc() > 1)
$which = argv(1);
else
return;
profile_load($which);
}
function get() {
if(! \App::$profile) {
notice( t('Requested profile is not available.') . EOL );
\App::$error = 404;
return;
}
$which = argv(1);
$_SESSION['return_url'] = \App::$query_string;
$uid = local_channel();
$owner = 0;
$channel = null;
$observer = \App::get_observer();
$channel = \App::get_channel();
if(\App::$is_sys && is_site_admin()) {
$sys = get_sys_channel();
if($sys && intval($sys['channel_id'])) {
@@ -54,7 +54,7 @@ class Blocks extends \Zotlabs\Web\Controller {
$observer = $sys;
}
}
if(! $owner) {
// Figure out who the page owner is.
$r = q("select channel_id from channel where channel_address = '%s'",
@@ -64,24 +64,24 @@ class Blocks extends \Zotlabs\Web\Controller {
$owner = intval($r[0]['channel_id']);
}
}
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
$perms = get_all_perms($owner,$ob_hash);
if(! $perms['write_pages']) {
notice( t('Permission denied.') . EOL);
return;
}
// Block design features from visitors
// Block design features from visitors
if((! $uid) || ($uid != $owner)) {
notice( t('Permission denied.') . EOL);
return;
}
$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
$mimetype = ((isset($_REQUEST['mimetype']) && $_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
$x = array(
'webpage' => ITEM_TYPE_BLOCK,
@@ -101,27 +101,25 @@ class Blocks extends \Zotlabs\Web\Controller {
'bbco_autocomplete' => 'bbcode',
'bbcode' => true
);
if($_REQUEST['title'])
$x['title'] = $_REQUEST['title'];
if($_REQUEST['body'])
$x['body'] = $_REQUEST['body'];
if($_REQUEST['pagetitle'])
$x['pagetitle'] = $_REQUEST['pagetitle'];
$editor = status_editor($a,$x,false,'Blocks');
$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig
$x['title'] = $_REQUEST['title'] ?? '';
$x['body'] = $_REQUEST['body'] ?? '';
$x['pagetitle'] = $_REQUEST['pagetitle'] ?? '';
$a = '';
$editor = status_editor($a,$x,false,'Blocks');
$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig
left join item on iconfig.iid = item.id
where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK'
where uid = %d and iconfig.cat = 'system' and iconfig.k = 'BUILDBLOCK'
and item_type = %d order by item.created desc",
intval($owner),
intval(ITEM_TYPE_BLOCK)
);
$pages = null;
if($r) {
$pages = array();
foreach($r as $rr) {
@@ -143,13 +141,13 @@ class Blocks extends \Zotlabs\Web\Controller {
'edited' => $rr['edited'],
'bb_element' => '[element]' . base64url_encode(json_encode($element_arr)) . '[/element]'
);
}
}
}
//Build the base URL for edit links
$url = z_root() . '/editblock/' . $which;
$o .= replace_macros(get_markup_template('blocklist.tpl'), array(
$url = z_root() . '/editblock/' . $which;
$o = replace_macros(get_markup_template('blocklist.tpl'), array(
'$baseurl' => $url,
'$title' => t('Blocks'),
'$name' => t('Block Name'),
@@ -166,8 +164,8 @@ class Blocks extends \Zotlabs\Web\Controller {
'$view' => t('View'),
'$preview' => '1',
));
return $o;
}
}

2
Zotlabs/Module/Cal.php
View File

@@ -39,7 +39,7 @@ class Cal extends Controller {
head_set_icon(App::$data['channel']['xchan_photo_s']);
App::$page['htmlhead'] .= "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
App::$page['htmlhead'] = "<script> var profile_uid = " . ((App::$data['channel']) ? App::$data['channel']['channel_id'] : 0) . "; </script>" ;
}

50
Zotlabs/Module/Cdav.php
View File

@@ -200,7 +200,7 @@ class Cdav extends Controller {
$etag = (isset($_SERVER['HTTP_IF_MATCH']) ? $_SERVER['HTTP_IF_MATCH'] : false);
// delete
if($httpmethod === 'DELETE' && $cdavdata['etag'] == $etag) {
if($httpmethod === 'DELETE' && $etag && isset($cdavdata['etag']) && $cdavdata['etag'] == $etag) {
Libsync::build_sync_packet($channel['channel_id'], [
$sync => [
'action' => 'delete_card',
@@ -210,7 +210,7 @@ class Cdav extends Controller {
]);
}
else {
if($etag && $cdavdata['etag'] !== $etag) {
if($etag && isset($cdavdata['etag']) && $cdavdata['etag'] !== $etag) {
// update
Libsync::build_sync_packet($channel['channel_id'], [
$sync => [
@@ -317,7 +317,7 @@ class Cdav extends Controller {
$calendars = $caldavBackend->getCalendarsForUser($principalUri);
//create new calendar
if($_REQUEST['{DAV:}displayname'] && $_REQUEST['create']) {
if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && (isset($_REQUEST['create']) && $_REQUEST['create'])) {
do {
$duplicate = false;
$calendarUri = random_string(40);
@@ -332,9 +332,9 @@ class Cdav extends Controller {
} while ($duplicate == true);
$properties = [
'{DAV:}displayname' => $_REQUEST['{DAV:}displayname'],
'{http://apple.com/ns/ical/}calendar-color' => $_REQUEST['color'],
'{urn:ietf:params:xml:ns:caldav}calendar-description' => $channel['channel_name']
'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname']),
'{http://apple.com/ns/ical/}calendar-color' => escape_tags($_REQUEST['color']),
'{urn:ietf:params:xml:ns:caldav}calendar-description' => escape_tags($channel['channel_name'])
];
$id = $caldavBackend->createCalendar($principalUri, $calendarUri, $properties);
@@ -352,7 +352,7 @@ class Cdav extends Controller {
}
//create new calendar object via ajax request
if($_REQUEST['submit'] === 'create_event' && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'create_event') && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
$id = explode(':', $_REQUEST['target']);
@@ -366,7 +366,7 @@ class Cdav extends Controller {
$allday = $_REQUEST['allday'];
$title = $_REQUEST['title'];
$title = escape_tags($_REQUEST['title']);
$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
$dtstart = new \DateTime($start);
@@ -374,8 +374,8 @@ class Cdav extends Controller {
$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
$dtend = new \DateTime($end);
}
$description = $_REQUEST['description'];
$location = $_REQUEST['location'];
$description = escape_tags($_REQUEST['description']);
$location = escape_tags($_REQUEST['location']);
do {
$duplicate = false;
@@ -431,7 +431,7 @@ class Cdav extends Controller {
}
//edit calendar name and color
if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && $_REQUEST['id']) {
if((isset($_REQUEST['{DAV:}displayname']) && $_REQUEST['{DAV:}displayname']) && $_REQUEST['edit'] && $_REQUEST['id']) {
$id = explode(':', $_REQUEST['id']);
@@ -441,8 +441,8 @@ class Cdav extends Controller {
$cdavdata = $this->get_cdav_data($id[0], 'calendarinstances');
$mutations = [
'{DAV:}displayname' => $_REQUEST['{DAV:}displayname'],
'{http://apple.com/ns/ical/}calendar-color' => $_REQUEST['color']
'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname']),
'{http://apple.com/ns/ical/}calendar-color' => escape_tags($_REQUEST['color'])
];
$patch = new \Sabre\DAV\PropPatch($mutations);
@@ -459,7 +459,7 @@ class Cdav extends Controller {
}
//edit calendar object via ajax request
if($_REQUEST['submit'] === 'update_event' && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
if((isset($_REQUEST['submit']) && $_REQUEST['submit'] === 'update_event') && $_REQUEST['uri'] && $_REQUEST['title'] && $_REQUEST['target'] && $_REQUEST['dtstart']) {
$id = explode(':', $_REQUEST['target']);
@@ -471,18 +471,18 @@ class Cdav extends Controller {
$timezone = ((x($_POST,'timezone_select')) ? escape_tags(trim($_POST['timezone_select'])) : '');
$tz = (($timezone) ? $timezone : date_default_timezone_get());
$allday = $_REQUEST['allday'];
$allday = intval($_REQUEST['allday']);
$uri = $_REQUEST['uri'];
$title = $_REQUEST['title'];
$uri = escape_tags($_REQUEST['uri']);
$title = escape_tags($_REQUEST['title']);
$start = datetime_convert('UTC', 'UTC', $_REQUEST['dtstart']);
$dtstart = new \DateTime($start);
if($_REQUEST['dtend']) {
$end = datetime_convert('UTC', 'UTC', $_REQUEST['dtend']);
$dtend = new \DateTime($end);
}
$description = $_REQUEST['description'];
$location = $_REQUEST['location'];
$description = escape_tags($_REQUEST['description']);
$location = escape_tags($_REQUEST['location']);
$object = $caldavBackend->getCalendarObject($id, $uri);
@@ -654,7 +654,7 @@ class Cdav extends Controller {
$duplicate = true;
} while ($duplicate == true);
$properties = ['{DAV:}displayname' => $_REQUEST['{DAV:}displayname']];
$properties = ['{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname'])];
$carddavBackend->createAddressBook($principalUri, $addressbookUri, $properties);
@@ -668,9 +668,9 @@ class Cdav extends Controller {
}
//edit addressbook
if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && intval($_REQUEST['id'])) {
if($_REQUEST['{DAV:}displayname'] && $_REQUEST['edit'] && $_REQUEST['id']) {
$id = $_REQUEST['id'];
$id = intval($_REQUEST['id']);
if(! cdav_perms($id,$addressbooks))
return;
@@ -678,7 +678,7 @@ class Cdav extends Controller {
$cdavdata = $this->get_cdav_data($id, 'addressbooks');
$mutations = [
'{DAV:}displayname' => $_REQUEST['{DAV:}displayname']
'{DAV:}displayname' => escape_tags($_REQUEST['{DAV:}displayname'])
];
$patch = new \Sabre\DAV\PropPatch($mutations);
@@ -914,6 +914,7 @@ class Cdav extends Controller {
head_add_js('/library/fullcalendar/packages/timegrid/main.min.js');
head_add_js('/library/fullcalendar/packages/list/main.min.js');
$o = '';
$sources = '';
$resource_id = '';
$resource = null;
@@ -921,6 +922,8 @@ class Cdav extends Controller {
if(argc() == 3)
$resource_id = argv(2);
$categories = '';
if($resource_id) {
$r = q("SELECT event.*, item.author_xchan, item.owner_xchan, item.plink, item.id as item_id FROM event LEFT JOIN item ON event.event_hash = item.resource_id
WHERE event.uid = %d AND event.event_hash = '%s' LIMIT 1",
@@ -944,7 +947,6 @@ class Cdav extends Controller {
$resource = $r[0];
$catsenabled = feature_enabled(local_channel(),'categories');
$categories = '';
if($catsenabled){
if($r[0]['term']) {
$cats = get_terms_oftype($r[0]['term'], TERM_CATEGORY);

13
Zotlabs/Module/Channel.php
View File

@@ -31,8 +31,10 @@ class Channel extends Controller {
goaway(z_root() . '/search?f=&search=' . $_GET['search']);
$which = null;
if (argc() > 1)
if (argc() > 1) {
$which = argv(1);
}
if (!$which) {
if (local_channel()) {
$channel = App::get_channel();
@@ -40,9 +42,9 @@ class Channel extends Controller {
$which = $channel['channel_address'];
}
}
if (!$which) {
notice(t('You must be logged in to see this page.') . EOL);
return;
http_status_exit(404, 'Not found');
}
$profile = 0;
@@ -67,7 +69,7 @@ class Channel extends Controller {
if ($sigdata && $sigdata['signer'] && $sigdata['header_valid']) {
$data = json_encode(Libzot::zotinfo(['guid_hash' => $channel['channel_hash'], 'target_url' => $sigdata['signer']]));
$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' limit 1",
$s = q("select site_crypto, hubloc_sitekey from site left join hubloc on hubloc_url = site_url where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc limit 1",
dbesc($sigdata['signer'])
);
@@ -267,6 +269,7 @@ class Channel extends Controller {
'reset' => t('Reset form')
];
$a = '';
$o .= status_editor($a, $x, false, 'Channel');
}
@@ -293,7 +296,7 @@ class Channel extends Controller {
$abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " ";
$simple_update = '';
if ($update && $_SESSION['loadtime'])
if ($update && isset($_SESSION['loadtime']))
$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
if ($search) {

18
Zotlabs/Module/Channel_calendar.php
View File

@@ -30,7 +30,7 @@ class Channel_calendar extends Controller {
$xchan = ((x($_POST, 'xchan')) ? dbesc($_POST['xchan']) : '');
// only allow editing your own events.
// only allow editing your own events.
if (($xchan) && ($xchan !== get_observer_hash()))
return;
@@ -55,8 +55,8 @@ class Channel_calendar extends Controller {
// Don't allow the event to finish before it begins.
// It won't hurt anything, but somebody will file a bug report
// and we'll waste a bunch of time responding to it. Time that
// could've been spent doing something else.
// and we'll waste a bunch of time responding to it. Time that
// could've been spent doing something else.
if (strcmp($finish, $start) < 0) {
notice(t('Event can not end before it has started.') . EOL);
@@ -319,12 +319,12 @@ class Channel_calendar extends Controller {
// fixed an issue with "nofinish" events not showing up in the calendar.
// There's still an issue if the finish date crosses the end of month.
// Noting this for now - it will need to be fixed here and in Friendica.
// Ultimately the finish date shouldn't be involved in the query.
// Ultimately the finish date shouldn't be involved in the query.
$r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan, item.id as item_id
from event left join item on event.event_hash = item.resource_id
where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored
AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )
from event left join item on event.event_hash = item.resource_id
where item.resource_type = 'event' and event.uid = %d and event.uid = item.uid $ignored
AND (( event.adjust = 0 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )
OR ( event.adjust = 1 AND ( event.dtend >= '%s' or event.nofinish = 1 ) AND event.dtstart <= '%s' )) ",
intval(local_channel()),
dbesc($start),
@@ -357,7 +357,7 @@ class Channel_calendar extends Controller {
$catsenabled = feature_enabled(local_channel(), 'categories');
$categories = '';
if ($catsenabled) {
if ($rr['term']) {
if (isset($rr['term']) && $rr['term']) {
$cats = get_terms_oftype($rr['term'], TERM_CATEGORY);
foreach ($cats as $cat) {
if (strlen($categories))
@@ -449,7 +449,7 @@ class Channel_calendar extends Controller {
}
// The site admin can delete any post/item on the site.
// If the item originated on this site+channel the deletion will propagate downstream.
// If the item originated on this site+channel the deletion will propagate downstream.
// Otherwise just the local copy is removed.
if (is_site_admin()) {

12
Zotlabs/Module/Chanview.php
View File

@@ -16,17 +16,17 @@ class Chanview extends \Zotlabs\Web\Controller {
$r = null;
if($_REQUEST['hash']) {
if(isset($_REQUEST['hash']) && $_REQUEST['hash']) {
$r = q("select * from xchan where xchan_hash = '%s' and xchan_deleted = 0",
dbesc($_REQUEST['hash'])
);
}
if($_REQUEST['address']) {
if(isset($_REQUEST['address']) && $_REQUEST['address']) {
$r = q("select * from xchan where xchan_addr = '%s' and xchan_deleted = 0",
dbesc(punify($_REQUEST['address']))
);
}
elseif(local_channel() && intval($_REQUEST['cid'])) {
elseif(local_channel() && isset($_REQUEST['cid']) && $_REQUEST['cid']) {
$r = q("SELECT abook.*, xchan.*
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = %d and abook_id = %d and xchan_deleted = 0",
@@ -34,7 +34,7 @@ class Chanview extends \Zotlabs\Web\Controller {
intval($_REQUEST['cid'])
);
}
elseif($_REQUEST['url']) {
elseif(isset($_REQUEST['url']) && $_REQUEST['url']) {
// if somebody re-installed they will have more than one xchan, use the most recent name date as this is
// the most useful consistently ascending table item we have.
@@ -56,7 +56,7 @@ class Chanview extends \Zotlabs\Web\Controller {
if(! App::$poi) {
logger('mod_chanview: fallback');
if($_REQUEST['address']) {
if(isset($_REQUEST['address']) && $_REQUEST['address']) {
$href = Webfinger::zot_url(punify($_REQUEST['address']));
if($href) {
$_REQUEST['url'] = $href;
@@ -65,7 +65,7 @@ class Chanview extends \Zotlabs\Web\Controller {
$r = null;
if($_REQUEST['url']) {
if(isset($_REQUEST['url']) && $_REQUEST['url']) {
$zf = Zotfinger::exec($_REQUEST['url'], null);

3
Zotlabs/Module/Chat.php
View File

@@ -174,7 +174,8 @@ class Chat extends Controller {
$x = Chatroom::enter($observer,$room_id,'online',$_SERVER['REMOTE_ADDR']);
if(! $x)
return;
$x = q("select * from chatroom where cr_id = %d and cr_uid = %d $sql_extra limit 1",
$x = q("select * from chatroom where cr_id = %d and cr_uid = %d limit 1",
intval($room_id),
intval(App::$profile['profile_uid'])
);

90
Zotlabs/Module/Chatsvc.php
View File

@@ -1,6 +1,6 @@
<?php /** @file */
namespace Zotlabs\Module;
namespace Zotlabs\Module;
require_once('include/security.php');
@@ -9,76 +9,76 @@ use \Zotlabs\Lib as Zlib;
class Chatsvc extends \Zotlabs\Web\Controller {
function init() {
//logger('chatsvc');
$ret = array('success' => false);
\App::$data['chat']['room_id'] = intval($_REQUEST['room_id']);
$x = q("select cr_uid from chatroom where cr_id = %d and cr_id != 0 limit 1",
intval(\App::$data['chat']['room_id'])
);
if(! $x)
json_return_and_die($ret);
\App::$data['chat']['uid'] = $x[0]['cr_uid'];
if(! perm_is_allowed(\App::$data['chat']['uid'],get_observer_hash(),'chat')) {
json_return_and_die($ret);
}
}
function post() {
$ret = array('success' => false);
$room_id = \App::$data['chat']['room_id'];
$text = escape_tags($_REQUEST['chat_text']);
if(! $text)
return;
$sql_extra = permissions_sql(\App::$data['chat']['uid']);
$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
intval(\App::$data['chat']['uid']),
intval(\App::$data['chat']['room_id'])
);
if(! $r)
json_return_and_die($ret);
$arr = array(
'chat_room' => \App::$data['chat']['room_id'],
'chat_xchan' => get_observer_hash(),
'chat_text' => $text
);
call_hooks('chat_post',$arr);
$x = q("insert into chat ( chat_room, chat_xchan, created, chat_text )
values( %d, '%s', '%s', '%s' )",
intval(\App::$data['chat']['room_id']),
dbesc(get_observer_hash()),
dbesc(datetime_convert()),
dbesc(str_rot47(base64url_encode($arr['chat_text'])))
dbesc(str_rot47(base64url_encode($arr['chat_text'])))
);
$ret['success'] = true;
json_return_and_die($ret);
}
function get() {
$status = strip_tags($_REQUEST['status']);
$status = ((isset($_REQUEST['status'])) ? strip_tags($_REQUEST['status']) : '');
$room_id = intval(\App::$data['chat']['room_id']);
$stopped = ((x($_REQUEST,'stopped') && intval($_REQUEST['stopped'])) ? true : false);
if($status && $room_id) {
$x = q("select channel_address from channel where channel_id = %d limit 1",
intval(\App::$data['chat']['uid'])
);
);
$r = q("update chatpresence set cp_status = '%s', cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
dbesc($status),
dbesc(datetime_convert()),
@@ -86,27 +86,27 @@ class Chatsvc extends \Zotlabs\Web\Controller {
dbesc(get_observer_hash()),
dbesc($_SERVER['REMOTE_ADDR'])
);
goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id);
goaway(z_root() . '/chat/' . $x[0]['channel_address'] . '/' . $room_id);
}
if(! $stopped) {
$lastseen = intval($_REQUEST['last']);
$ret = array('success' => false);
$sql_extra = permissions_sql(\App::$data['chat']['uid']);
$r = q("select * from chatroom where cr_uid = %d and cr_id = %d $sql_extra",
intval(\App::$data['chat']['uid']),
intval(\App::$data['chat']['room_id'])
);
if(! $r)
json_return_and_die($ret);
$inroom = array();
$r = q("select * from chatpresence left join xchan on xchan_hash = cp_xchan where cp_room = %d order by xchan_name",
intval(\App::$data['chat']['room_id'])
);
@@ -120,9 +120,9 @@ class Chatsvc extends \Zotlabs\Web\Controller {
$rv['xchan_url'] = z_root();
$rv['xchan_hidden'] = 1;
$rv['xchan_photo_mimetype'] = 'image/png';
$rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300);
$rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80);
$rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48);
$rv['xchan_photo_l'] = z_root() . '/' . get_default_profile_photo(300);
$rv['xchan_photo_m'] = z_root() . '/' . get_default_profile_photo(80);
$rv['xchan_photo_s'] = z_root() . '/' . get_default_profile_photo(48);
}
@@ -137,13 +137,13 @@ class Chatsvc extends \Zotlabs\Web\Controller {
$status_class = 'online';
break;
}
$inroom[] = array('img' => zid($rv['xchan_photo_m']), 'img_type' => $rv['xchan_photo_mimetype'],'name' => $rv['xchan_name'], 'status' => $status, 'status_class' => $status_class);
}
}
$chats = array();
$r = q("select * from chat left join xchan on chat_xchan = xchan_hash where chat_room = %d and chat_id > %d order by created",
intval(\App::$data['chat']['room_id']),
intval($lastseen)
@@ -152,7 +152,7 @@ class Chatsvc extends \Zotlabs\Web\Controller {
foreach($r as $rr) {
$chats[] = array(
'id' => $rr['chat_id'],
'img' => zid($rr['xchan_photo_m']),
'img' => zid($rr['xchan_photo_m']),
'img_type' => $rr['xchan_photo_mimetype'],
'name' => $rr['xchan_name'],
'isotime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'c'),
@@ -163,22 +163,22 @@ class Chatsvc extends \Zotlabs\Web\Controller {
}
}
}
$r = q("update chatpresence set cp_last = '%s' where cp_room = %d and cp_xchan = '%s' and cp_client = '%s'",
dbesc(datetime_convert()),
intval(\App::$data['chat']['room_id']),
dbesc(get_observer_hash()),
dbesc($_SERVER['REMOTE_ADDR'])
);
$ret['success'] = true;
if(! $stopped) {
$ret['inroom'] = $inroom;
$ret['chats'] = $chats;
}
json_return_and_die($ret);
}
}

2
Zotlabs/Module/Cloud.php
View File

@@ -70,7 +70,7 @@ class Cloud extends Controller {
$_SESSION['cloud_sort'] = 'name';
}
$_SESSION['cloud_sort'] = (($_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);
$_SESSION['cloud_sort'] = ((isset($_REQUEST['sort']) && $_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);
$x = clean_query_string();
if($x !== \App::$query_string)

4
Zotlabs/Module/Cloud_tiles.php
View File

@@ -6,7 +6,7 @@ class Cloud_tiles extends \Zotlabs\Web\Controller {
function init() {
if(intval($_SESSION['cloud_tiles']))
if(isset($_SESSION['cloud_tiles']) && intval($_SESSION['cloud_tiles']))
$_SESSION['cloud_tiles'] = 0;
else
$_SESSION['cloud_tiles'] = 1;
@@ -18,4 +18,4 @@ class Cloud_tiles extends \Zotlabs\Web\Controller {
goaway(z_root() . '/' . hex2bin(argv(1)));
}
}
}

21
Zotlabs/Module/Connections.php
View File

@@ -45,7 +45,7 @@ class Connections extends \Zotlabs\Web\Controller {
$unconnected = false;
$all = false;
if(! $_REQUEST['aj'])
if(!(isset($_REQUEST['aj']) && $_REQUEST['aj']))
$_SESSION['return_url'] = App::$query_string;
$search_flags = "";
@@ -128,7 +128,9 @@ class Connections extends \Zotlabs\Web\Controller {
$unblocked = true;
}
switch($_REQUEST['order']) {
$order = $_REQUEST['order'] ?? '';
switch($order) {
case 'name_desc':
$sql_order = 'xchan_name DESC';
break;
@@ -227,6 +229,8 @@ class Connections extends \Zotlabs\Web\Controller {
//$t = replace_macros($tab_tpl, array('$tabs'=>$tabs));
$searching = false;
$search_hdr = '';
if($search) {
$search_hdr = $search;
$search_txt = dbesc(protect_sprintf(preg_quote($search)));
@@ -234,7 +238,7 @@ class Connections extends \Zotlabs\Web\Controller {
}
$sql_extra .= (($searching) ? protect_sprintf(" AND xchan_name like '%$search_txt%' ") : "");
if($_REQUEST['gid']) {
if(isset($_REQUEST['gid']) && $_REQUEST['gid']) {
$sql_extra .= " and xchan_hash in ( select xchan from pgrp_member where gid = " . intval($_REQUEST['gid']) . " and uid = " . intval(local_channel()) . " ) ";
}
@@ -272,14 +276,13 @@ class Connections extends \Zotlabs\Web\Controller {
foreach($r as $rr) {
if($rr['xchan_url']) {
if(($rr['vcard']) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr'])
if((isset($rr['vcard'])) && is_array($rr['vcard']['tels']) && $rr['vcard']['tels'][0]['nr'])
$phone = $rr['vcard']['tels'][0]['nr'];
else
$phone = '';
$status_str = '';
$status = array(
((intval($rr['abook_active'])) ? t('Active') : ''),
((intval($rr['abook_pending'])) ? t('Pending approval') : ''),
((intval($rr['abook_archived'])) ? t('Archived') : ''),
((intval($rr['abook_hidden'])) ? t('Hidden') : ''),
@@ -354,9 +357,9 @@ class Connections extends \Zotlabs\Web\Controller {
'oneway' => $oneway,
'perminfo' => $perminfo,
'connect' => (intval($rr['abook_not_here']) ? t('Connect') : ''),
'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=0',
'follow' => z_root() . '/follow/?f=&url=' . urlencode($rr['xchan_hash']) . '&interactive=1',
'connect_hover' => t('Connect at this location'),
'role' => $roles_dict[$rr['abook_role']],
'role' => $roles_dict[$rr['abook_role']] ?? '',
'pending' => intval($rr['abook_pending'])
);
}
@@ -365,13 +368,13 @@ class Connections extends \Zotlabs\Web\Controller {
$limit = service_class_fetch(local_channel(),'total_channels');
if($limit !== false) {
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $$total, $limit);
$abook_usage_message = sprintf( t("You have %1$.0f of %2$.0f allowed connections."), $total, $limit);
}
else {
$abook_usage_message = '';
}
if($_REQUEST['aj']) {
if(isset($_REQUEST['aj']) && $_REQUEST['aj']) {
if($contacts) {
$o = replace_macros(get_markup_template('contactsajax.tpl'),array(
'$contacts' => $contacts,

6
Zotlabs/Module/Contactedit.php
View File

@@ -103,7 +103,7 @@ class Contactedit extends Controller {
dbesc($profile_id),
intval(local_channel())
);
if (!count($r)) {
if (!$r) {
notice(t('Could not locate selected profile.') . EOL);
return;
}
@@ -452,8 +452,8 @@ class Contactedit extends Controller {
if (is_ajax()) {
json_return_and_die([
'success' => ((intval($_REQUEST['success'])) ? intval($_REQUEST['success']) : 1),
'message' => (($_REQUEST['success']) ? t('Contact updated') : t('Contact update failed')),
'success' => ((isset($_REQUEST['success'])) ? intval($_REQUEST['success']) : 1),
'message' => ((isset($_REQUEST['success'])) ? t('Contact updated') : t('Contact update failed')),
'id' => $contact_id,
'title' => $header_html,
'role' => ((intval($contact['abook_pending'])) ? '' : $roles_dict[$current_permcat]),

218
Zotlabs/Module/Cover_photo.php
View File

@@ -3,7 +3,7 @@ namespace Zotlabs\Module;
use Zotlabs\Lib\Libsync;
/*
/*
@file cover_photo.php
@brief Module-file with functions for handling of cover-photos
@@ -29,43 +29,43 @@ class Cover_photo extends \Zotlabs\Web\Controller {
if(! local_channel()) {
return;
}
$channel = \App::get_channel();
profile_load($channel['channel_address']);
profile_load($channel['channel_address']);
}
/**
* @brief Evaluate posted values
*
* @return void
*
*/
function post() {
if(! local_channel()) {
return;
}
$channel = \App::get_channel();
check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
// Remove cover photo
if(isset($_POST['remove'])) {
$r = q("SELECT resource_id FROM photo WHERE photo_usage = %d AND uid = %d LIMIT 1",
intval(PHOTO_COVER),
intval(local_channel())
);
if($r) {
q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
intval(PHOTO_NORMAL),
intval(PHOTO_COVER),
intval(local_channel())
);
$sync = attach_export_data($channel,$r[0]['resource_id']);
if($sync)
Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync)));
@@ -76,47 +76,47 @@ class Cover_photo extends \Zotlabs\Web\Controller {
goaway(z_root() . '/cover_photo');
}
if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) {
// phase 2 - we have finished cropping
if(argc() != 2) {
notice( t('Image uploaded but image cropping failed.') . EOL );
return;
}
$image_id = argv(1);
if(substr($image_id,-2,1) == '-') {
$scale = substr($image_id,-1,1);
$image_id = substr($image_id,0,-2);
}
$srcX = intval($_POST['xstart']);
$srcY = intval($_POST['ystart']);
$srcW = intval($_POST['xfinal']) - $srcX;
$srcH = intval($_POST['yfinal']) - $srcY;
$r = q("select gender from profile where uid = %d and is_default = 1 limit 1",
intval(local_channel())
);
if($r) {
$profile = $r[0];
}
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = 0 LIMIT 1",
dbesc($image_id),
intval(local_channel())
);
if($r) {
$max_thumb = intval(get_config('system','max_thumbnail',1600));
$iscaled = false;
if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) {
if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) {
$imagick_path = get_config('system','imagick_convert_path');
if($imagick_path && @file_exists($imagick_path) && intval($r[0]['os_storage'])) {
@@ -150,63 +150,63 @@ class Cover_photo extends \Zotlabs\Web\Controller {
$im = photo_factory($base_image['content'], $base_image['mimetype']);
if($im->is_valid()) {
// We are scaling and cropping the relative pixel locations to the original photo instead of the
// We are scaling and cropping the relative pixel locations to the original photo instead of the
// scaled photo we operated on.
// First load the scaled photo to check its size. (Should probably pass this in the post form and save
// a query.)
$g = q("select width, height from photo where resource_id = '%s' and uid = %d and imgscale = 3",
dbesc($image_id),
intval(local_channel())
);
$scaled_width = $g[0]['width'];
$scaled_height = $g[0]['height'];
if((! $scaled_width) || (! $scaled_height)) {
logger('potential divide by zero scaling cover photo');
return;
}
// unset all other cover photos
q("update photo set photo_usage = %d where photo_usage = %d and uid = %d",
intval(PHOTO_NORMAL),
intval(PHOTO_COVER),
intval(local_channel())
);
$orig_srcx = ( $base_image['width'] / $scaled_width ) * $srcX;
$orig_srcy = ( $base_image['height'] / $scaled_height ) * $srcY;
$orig_srcw = ( $srcW / $scaled_width ) * $base_image['width'];
$orig_srch = ( $srcH / $scaled_height ) * $base_image['height'];
$im->cropImageRect(1200,435,$orig_srcx, $orig_srcy, $orig_srcw, $orig_srch);
$aid = get_account_id();
$p = [
'aid' => $aid,
'uid' => local_channel(),
$p = [
'aid' => $aid,
'uid' => local_channel(),
'resource_id' => $base_image['resource_id'],
'filename' => $base_image['filename'],
'filename' => $base_image['filename'],
'album' => t('Cover Photos'),
'os_path' => $base_image['os_path'],
'display_path' => $base_image['display_path'],
'photo_usage' => PHOTO_COVER
];
$r1 = $im->storeThumbnail($p, PHOTO_RES_COVER_1200);
$im->doScaleImage(850,310);
$r2 = $im->storeThumbnail($p, PHOTO_RES_COVER_850);
$im->doScaleImage(425,160);
$r3 = $im->storeThumbnail($p, PHOTO_RES_COVER_425);
if($r1 === false || $r2 === false || $r3 === false) {
// if one failed, delete them all so we can start over.
notice( t('Image resize failed.') . EOL );
@@ -214,7 +214,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
dbesc($base_image['resource_id']),
local_channel()
);
$x = q("SELECT content FROM photo WHERE resource_id = '%s' AND uid = %d AND os_storage = 1 AND imgscale >= 7",
dbesc($base_image['resource_id']),
local_channel()
@@ -229,7 +229,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
}
$this->send_cover_photo_activity($channel,$base_image,$profile);
$sync = attach_export_data($channel,$base_image['resource_id']);
if($sync)
Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync)));
@@ -240,33 +240,33 @@ class Cover_photo extends \Zotlabs\Web\Controller {
else
notice( t('Unable to process image') . EOL);
}
goaway(z_root() . '/channel/' . $channel['channel_address']);
}
$hash = photo_new_resource();
$smallest = 0;
require_once('include/attach.php');
$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true));
logger('attach_store: ' . print_r($res,true));
if($res && intval($res['data']['is_photo'])) {
$i = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0",
dbesc($hash),
intval(local_channel())
);
if(! $i) {
notice( t('Image upload failed.') . EOL );
return;
}
$os_storage = false;
foreach($i as $ii) {
$smallest = intval($ii['imgscale']);
$os_storage = intval($ii['os_storage']);
@@ -274,91 +274,91 @@ class Cover_photo extends \Zotlabs\Web\Controller {
$filetype = $ii['mimetype'];
}
}
$imagedata = (($os_storage) ? @file_get_contents(dbunescbin($imagedata)) : dbunescbin($imagedata));
$ph = photo_factory($imagedata, $filetype);
if(! $ph->is_valid()) {
notice( t('Unable to process image.') . EOL );
return;
}
return $this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
}
function send_cover_photo_activity($channel,$photo,$profile) {
$arr = array();
$arr['item_thread_top'] = 1;
$arr['item_origin'] = 1;
$arr['item_wall'] = 1;
if($profile && stripos($profile['gender'],t('female')) !== false)
$t = t('%1$s updated her %2$s');
elseif($profile && stripos($profile['gender'],t('male')) !== false)
$t = t('%1$s updated his %2$s');
else
$t = t('%1$s updated their %2$s');
$ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('cover photo') . '[/zrl]';
$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]';
$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]';
$arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext;
$acl = new \Zotlabs\Access\AccessList($channel);
$x = $acl->get();
$arr['allow_cid'] = $x['allow_cid'];
$arr['allow_gid'] = $x['allow_gid'];
$arr['deny_cid'] = $x['deny_cid'];
$arr['deny_gid'] = $x['deny_gid'];
$arr['uid'] = $channel['channel_id'];
$arr['aid'] = $channel['channel_account_id'];
$arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $channel['channel_hash'];
post_activity_item($arr);
}
/**
* @brief Generate content of profile-photo view
*
* @return string
*
*/
function get() {
if(! local_channel()) {
notice( t('Permission denied.') . EOL );
return;
}
$channel = \App::get_channel();
$newuser = false;
if(argc() == 2 && argv(1) === 'new')
$newuser = true;
if(argv(1) === 'use') {
if (argc() < 3) {
notice( t('Permission denied.') . EOL );
return;
};
// check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
$resource_id = argv(2);
$r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC",
intval(local_channel()),
dbesc($resource_id)
@@ -372,22 +372,22 @@ class Cover_photo extends \Zotlabs\Web\Controller {
if($rr['imgscale'] == 7)
$havescale = true;
}
$r = q("SELECT content, mimetype, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1",
intval($r[0]['id']),
intval(local_channel())
);
if(! $r) {
notice( t('Photo not available.') . EOL );
return;
}
if(intval($r[0]['os_storage']))
$data = @file_get_contents(dbunescbin($r[0]['content']));
else
$data = dbunescbin($r[0]['content']);
$data = dbunescbin($r[0]['content']);
$ph = photo_factory($data, $r[0]['mimetype']);
$smallest = 0;
if($ph->is_valid()) {
@@ -396,7 +396,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
dbesc($r[0]['resource_id']),
intval(local_channel())
);
if($i) {
$hash = $i[0]['resource_id'];
foreach($i as $ii) {
@@ -404,15 +404,15 @@ class Cover_photo extends \Zotlabs\Web\Controller {
}
}
}
$this->cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
}
if(! x(\App::$data,'imagecrop')) {
$tpl = get_markup_template('cover_photo.tpl');
$o .= replace_macros($tpl,array(
'$user' => \App::$channel['channel_address'],
'$info' => t('Your cover photo may be visible to anybody on the internet'),
@@ -422,7 +422,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
'$title' => t('Change Cover Photo'),
'$submit' => t('Upload'),
'$remove' => t('Remove'),
'$profiles' => $profiles,
'$profiles' => false,
'$embedPhotos' => t('Use a photo from your albums'),
'$embedPhotosModalTitle' => t('Use a photo from your albums'),
'$embedPhotosModalCancel' => t('Cancel'),
@@ -434,13 +434,13 @@ class Cover_photo extends \Zotlabs\Web\Controller {
'$modalerrorlink' => t('Error getting photo link'),
'$modalerroralbum' => t('Error getting album'),
'$form_security_token' => get_form_security_token("cover_photo"),
/// @FIXME - yuk
/// @FIXME - yuk
'$select' => t('Select existing photo'),
));
call_hooks('cover_photo_content_end', $o);
return $o;
}
else {
@@ -459,10 +459,8 @@ class Cover_photo extends \Zotlabs\Web\Controller {
));
return $o;
}
return; // NOTREACHED
}
/* @brief Generate the UI for photo-cropping
*
* @param $a Current application
@@ -470,30 +468,30 @@ class Cover_photo extends \Zotlabs\Web\Controller {
* @return void
*
*/
function cover_photo_crop_ui_head(&$a, $ph, $hash, $smallest){
$max_length = get_config('system','max_image_length');
if(! $max_length)
$max_length = MAX_IMAGE_LENGTH;
if($max_length > 0)
$ph->scaleImage($max_length);
$width = $ph->getWidth();
$height = $ph->getHeight();
if($width < 300 || $height < 300) {
$ph->scaleImageUp(240);
$width = $ph->getWidth();
$height = $ph->getHeight();
}
\App::$data['imagecrop'] = $hash;
\App::$data['imagecrop_resolution'] = $smallest;
\App::$page['htmlhead'] .= replace_macros(get_markup_template("crophead.tpl"), array());
return;
}
}

1
Zotlabs/Module/Defperms.php
View File

@@ -258,7 +258,6 @@ class Defperms extends Controller {
'$sections' => $sections,
'$autolbl' => t('The permissions indicated on this page will be applied to all new connections.'),
'$autoapprove' => t('Automatic approval settings'),
'$unapproved' => $unapproved,
'$inherited' => t('inherited'),
'$submit' => t('Submit'),
'$me' => t('My Settings'),

51
Zotlabs/Module/Directory.php
View File

@@ -83,7 +83,7 @@ class Directory extends Controller {
$globaldir = Libzotdir::get_directory_setting($observer, 'globaldir');
// override your personal global search pref if we're doing a navbar search of the directory
if(intval($_REQUEST['navsearch']))
if(isset($_REQUEST['navsearch']) && intval($_REQUEST['navsearch']))
$globaldir = 1;
$safe_mode = Libzotdir::get_directory_setting($observer, 'safemode');
@@ -98,15 +98,18 @@ class Directory extends Controller {
else
$search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : '');
$advanced = '';
if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch'))
$advanced = $search;
$keywords = (($_GET['keywords']) ? $_GET['keywords'] : '');
$keywords = $_GET['keywords'] ?? '';
// Suggest channels if no search terms or keywords are given
$suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : '';
$addresses = [];
$common = [];
if($suggest) {
// the directory options have no effect in suggestion mode
@@ -123,8 +126,7 @@ class Directory extends Controller {
}
// Remember in which order the suggestions were
$addresses = array();
$common = array();
$index = 0;
foreach($r as $rr) {
$common[$rr['xchan_addr']] = ((intval($rr['total']) > 0) ? intval($rr['total']) - 1 : 0);
@@ -132,7 +134,7 @@ class Directory extends Controller {
}
// Build query to get info about suggested people
$advanced = '';
foreach(array_keys($addresses) as $address) {
$advanced .= "address=\"$address\" ";
}
@@ -147,6 +149,8 @@ class Directory extends Controller {
$directory_admin = false;
$url = '';
if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
$url = z_root() . '/dirsearch';
if (is_site_admin()) {
@@ -228,7 +232,7 @@ class Directory extends Controller {
$j = json_decode($x['body'],true);
if($j) {
if($j['results']) {
if(isset($j['results']) && $j['results']) {
$results = $j['results'];
if($suggest) {
@@ -275,19 +279,12 @@ class Directory extends Controller {
$page_type = '';
$rating_enabled = get_config('system','rating_enabled');
if($rr['total_ratings'] && $rating_enabled)
$total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']);
else
$total_ratings = '';
$profile = $rr;
if ((x($profile,'locale') == 1)
|| (x($profile,'region') == 1)
|| (x($profile,'postcode') == 1)
|| (x($profile,'country') == 1))
// if ((x($profile,'locale') == 1)
// || (x($profile,'region') == 1)
// || (x($profile,'postcode') == 1)
// || (x($profile,'country') == 1))
$gender = ((x($profile,'gender') == 1) ? t('Gender: ') . $profile['gender']: False);
@@ -312,7 +309,7 @@ class Directory extends Controller {
$keywords = str_replace(',',' ', $keywords);
$keywords = str_replace(' ',' ', $keywords);
$karr = explode(' ', $keywords);
$marr = [];
if($karr) {
if(local_channel()) {
$r = q("select keywords from profile where uid = %d and is_default = 1 limit 1",
@@ -352,9 +349,6 @@ class Directory extends Controller {
'location' => $location,
'location_label' => t('Location:'),
'gender' => $gender,
'total_ratings' => $total_ratings,
'viewrate' => true,
'canrate' => (($rating_enabled && local_channel()) ? true : false),
'pdesc' => $pdesc,
'pdesc_label' => t('Description:'),
'censor' => (($directory_admin) ? 'dircensor/' . $rr['hash'] : ''),
@@ -374,9 +368,9 @@ class Directory extends Controller {
'keywords' => $out,
'ignlink' => $suggest ? z_root() . '/directory?ignore=' . $rr['hash'] : '',
'ignore_label' => t('Don\'t suggest'),
'common_friends' => (($common[$rr['address']]) ? intval($common[$rr['address']]) : ''),
'common_friends' => $common[$rr['address']] ?? '',
'common_label' => t('Common connections (estimated):'),
'common_count' => intval($common[$rr['address']]),
'common_count' => $common[$rr['address']] ?? '',
'safe' => $safe_mode
);
@@ -402,14 +396,15 @@ class Directory extends Controller {
ksort($entries); // Sort array by key so that foreach-constructs work as expected
if($j['keywords']) {
if(isset($j['keywords']) && $j['keywords']) {
App::$data['directory_keywords'] = $j['keywords'];
}
logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA);
$aj = $_REQUEST['aj'] ?? '';
if($_REQUEST['aj']) {
if($aj) {
if($entries) {
$o = replace_macros(get_markup_template('directajax.tpl'),array(
'$entries' => $entries
@@ -449,12 +444,12 @@ class Directory extends Controller {
}
else {
if($_REQUEST['aj']) {
if(isset($_REQUEST['aj']) && $_REQUEST['aj']) {
$o = '<div id="content-complete"></div>';
echo $o;
killme();
}
if(App::$pager['page'] == 1 && $j['records'] == 0 && strpos($search,'@')) {
if(App::$pager['page'] == 1 && (isset($j['records']) && $j['records'] == 0) && strpos($search,'@')) {
goaway(z_root() . '/chanview/?f=&address=' . $search);
}
info( t("No entries (some entries may be hidden).") . EOL);

45
Zotlabs/Module/Dirsearch.php
View File

@@ -26,7 +26,7 @@ class Dirsearch extends Controller {
}
$access_token = $_REQUEST['t'];
$access_token = $_REQUEST['t'] ?? '';
$token = get_config('system','realm_token');
if($token && $access_token != $token) {
@@ -45,7 +45,7 @@ class Dirsearch extends Controller {
$tables = array('name','address','locale','region','postcode','country','gender','marital','sexual','keywords');
if($_REQUEST['query']) {
if(isset($_REQUEST['query']) && $_REQUEST['query']) {
$advanced = $this->dir_parse_query($_REQUEST['query']);
if($advanced) {
foreach($advanced as $adv) {
@@ -61,22 +61,23 @@ class Dirsearch extends Controller {
}
}
$hash = ((x($_REQUEST['hash'])) ? $_REQUEST['hash'] : '');
$hash = $_REQUEST['hash'] ?? '';
$name = $_REQUEST['name'] ?? '';
$hub = $_REQUEST['hub'] ?? '';
$address = $_REQUEST['address'] ?? '';
$locale = $_REQUEST['locale'] ?? '';
$region = $_REQUEST['region'] ?? '';
$postcode = $_REQUEST['postcode'] ?? '';
$country = $_REQUEST['country'] ?? '';
$gender = $_REQUEST['gender'] ?? '';
$marital = $_REQUEST['marital'] ?? '';
$sexual = $_REQUEST['sexual'] ?? '';
$keywords = $_REQUEST['keywords'] ?? '';
$agege = $_REQUEST['agege'] ?? 0;
$agele = $_REQUEST['agele'] ?? 0;
$kw = $_REQUEST['kw'] ?? 0;
$name = ((x($_REQUEST,'name')) ? $_REQUEST['name'] : '');
$hub = ((x($_REQUEST,'hub')) ? $_REQUEST['hub'] : '');
$address = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : '');
$locale = ((x($_REQUEST,'locale')) ? $_REQUEST['locale'] : '');
$region = ((x($_REQUEST,'region')) ? $_REQUEST['region'] : '');
$postcode = ((x($_REQUEST,'postcode')) ? $_REQUEST['postcode'] : '');
$country = ((x($_REQUEST,'country')) ? $_REQUEST['country'] : '');
$gender = ((x($_REQUEST,'gender')) ? $_REQUEST['gender'] : '');
$marital = ((x($_REQUEST,'marital')) ? $_REQUEST['marital'] : '');
$sexual = ((x($_REQUEST,'sexual')) ? $_REQUEST['sexual'] : '');
$keywords = ((x($_REQUEST,'keywords')) ? $_REQUEST['keywords'] : '');
$agege = ((x($_REQUEST,'agege')) ? intval($_REQUEST['agege']) : 0 );
$agele = ((x($_REQUEST,'agele')) ? intval($_REQUEST['agele']) : 0 );
$kw = ((x($_REQUEST,'kw')) ? intval($_REQUEST['kw']) : 0 );
$forums = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0);
if(get_config('system','disable_directory_keywords'))
@@ -109,7 +110,7 @@ class Dirsearch extends Controller {
$sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : '');
$joiner = ' OR ';
if($_REQUEST['and'])
if(isset($_REQUEST['and']) && $_REQUEST['and'])
$joiner = ' AND ';
if($name)
@@ -148,11 +149,11 @@ class Dirsearch extends Controller {
}
$perpage = (($_REQUEST['n']) ? $_REQUEST['n'] : 60);
$page = (($_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0);
$perpage = $_REQUEST['n'] ?? 60;
$page = ((isset($_REQUEST['p']) && $_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0);
$startrec = (($page+1) * $perpage) - $perpage;
$limit = (($_REQUEST['limit']) ? intval($_REQUEST['limit']) : 0);
$return_total = ((x($_REQUEST,'return_total')) ? intval($_REQUEST['return_total']) : 0);
$limit = $_REQUEST['limit'] ?? 0;
$return_total = $_REQUEST['return_total'] ?? 0;
// mtime is not currently working

134
Zotlabs/Module/Display.php
View File

@@ -36,7 +36,7 @@ class Display extends \Zotlabs\Web\Controller {
}
}
if($_REQUEST['mid']) {
if(isset($_REQUEST['mid']) && $_REQUEST['mid']) {
$item_hash = $_REQUEST['mid'];
}
@@ -56,6 +56,8 @@ class Display extends \Zotlabs\Web\Controller {
$observer_is_owner = false;
$o = '';
if(local_channel() && (! $update)) {
$channel = App::get_channel();
@@ -72,7 +74,7 @@ class Display extends \Zotlabs\Web\Controller {
'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
'permissions' => $channel_acl,
'bang' => '',
@@ -87,7 +89,8 @@ class Display extends \Zotlabs\Web\Controller {
'reset' => t('Reset form')
);
$o = '<div id="jot-popup">';
$o .= '<div id="jot-popup">';
$a = '';
$o .= status_editor($a,$x,false,'Display');
$o .= '</div>';
}
@@ -107,17 +110,21 @@ class Display extends \Zotlabs\Web\Controller {
dbesc($item_hash)
);
if($r) {
$target_item = $r[0];
if (!$r) {
notice( t('Item not found.') . EOL);
return '';
}
$target_item = $r[0];
/* not yet ready for prime time
$x = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($target_item['author_xchan'])
);
if($x) {
// not yet ready for prime time
// App::$poi = $x[0];
App::$poi = $x[0];
}
*/
//if the item is to be moderated redirect to /moderate
if($target_item['item_blocked'] == ITEM_MODERATED) {
@@ -206,27 +213,27 @@ class Display extends \Zotlabs\Web\Controller {
$observer_hash = get_observer_hash();
$item_normal = item_normal();
$item_normal_update = item_normal_update();
$sql_extra = ((local_channel()) ? EMPTY_STR : item_permissions_sql(0, $observer_hash));
$sql_extra = '';
$r = [];
if($noscript_content || $load) {
require_once('include/channel.php');
$sys = get_sys_channel();
// in case somebody turned off public access to sys channel content using permissions
// make that content unsearchable by ensuring the owner uid can't match
$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
$r = null;
if(local_channel()) {
$r = q("SELECT item.id AS item_id FROM item WHERE uid = %d AND mid = '%s' $item_normal LIMIT 1",
intval(local_channel()),
dbesc($target_item['parent_mid'])
);
}
if(!$r) {
$sql_extra = item_permissions_sql(0, $observer_hash);
$r = q("SELECT item.id AS item_id FROM item
WHERE ((mid = '%s'
AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = ''
@@ -250,7 +257,6 @@ class Display extends \Zotlabs\Web\Controller {
// make that content unsearchable by ensuring the owner uid can't match
$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
$r = null;
if(local_channel()) {
$r = q("SELECT item.parent AS item_id from item
WHERE uid = %d
@@ -263,7 +269,9 @@ class Display extends \Zotlabs\Web\Controller {
);
}
if(! $r) {
if(!$r) {
$sql_extra = item_permissions_sql(0, $observer_hash);
$r = q("SELECT item.id as item_id from item
WHERE ((parent_mid = '%s'
AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = ''
@@ -280,10 +288,6 @@ class Display extends \Zotlabs\Web\Controller {
}
}
else {
$r = [];
}
if($r) {
$parents_str = ids_to_querystr($r,'item_id');
if($parents_str) {
@@ -301,71 +305,71 @@ class Display extends \Zotlabs\Web\Controller {
$items = array();
}
switch($module_format) {
case 'html':
case 'html':
if ($update) {
$o .= conversation($items, 'display', $update, 'client');
}
else {
$o .= '<noscript>';
if($noscript_content) {
$o .= conversation($items, 'display', $update, 'traditional');
if ($update) {
$o .= conversation($items, 'display', $update, 'client');
}
else {
$o .= '<div class="section-content-warning-wrapper">' . t('You must enable javascript for your browser to be able to view this content.') . '</div>';
$o .= '<noscript>';
if($noscript_content) {
$o .= conversation($items, 'display', $update, 'traditional');
}
else {
$o .= '<div class="section-content-warning-wrapper">' . t('You must enable javascript for your browser to be able to view this content.') . '</div>';
}
$o .= '</noscript>';
if (isset($items[0]['title'])) {
App::$page['title'] = $items[0]['title'] . ' - ' . App::$page['title'];
}
$o .= conversation($items, 'display', $update, 'client');
}
$o .= '</noscript>';
App::$page['title'] = (($items[0]['title']) ? $items[0]['title'] . " - " . App::$page['title'] : App::$page['title']);
break;
$o .= conversation($items, 'display', $update, 'client');
}
case 'atom':
break;
$atom = replace_macros(get_markup_template('atom_feed.tpl'), array(
'$version' => xmlify(\Zotlabs\Lib\System::get_project_version()),
'$generator' => xmlify(\Zotlabs\Lib\System::get_platform_name()),
'$generator_uri' => 'https://hubzilla.org',
'$feed_id' => xmlify(App::$cmd),
'$feed_title' => xmlify(t('Article')),
'$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
'$author' => '',
'$owner' => '',
'$profile_page' => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])),
));
case 'atom':
$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];
call_hooks('atom_feed_top',$x);
$atom = replace_macros(get_markup_template('atom_feed.tpl'), array(
'$version' => xmlify(\Zotlabs\Lib\System::get_project_version()),
'$generator' => xmlify(\Zotlabs\Lib\System::get_platform_name()),
'$generator_uri' => 'https://hubzilla.org',
'$feed_id' => xmlify(App::$cmd),
'$feed_title' => xmlify(t('Article')),
'$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)),
'$author' => '',
'$owner' => '',
'$profile_page' => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])),
));
$atom = $x['xml'];
$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];
call_hooks('atom_feed_top',$x);
$atom = $x['xml'];
// a much simpler interface
call_hooks('atom_feed', $atom);
// a much simpler interface
call_hooks('atom_feed', $atom);
if($items) {
$type = 'html';
foreach($items as $item) {
if($item['item_private'])
continue;
$atom .= atom_entry($item, $type, null, '', true, '', false);
if($items) {
$type = 'html';
foreach($items as $item) {
if($item['item_private'])
continue;
$atom .= atom_entry($item, $type, null, '', true, '', false);
}
}
}
call_hooks('atom_feed_end', $atom);
call_hooks('atom_feed_end', $atom);
$atom .= '</feed>' . "\r\n";
header('Content-type: application/atom+xml');
echo $atom;
killme();
$atom .= '</feed>' . "\r\n";
header('Content-type: application/atom+xml');
echo $atom;
killme();
}
$o .= '<div id="content-complete"></div>';

7
Zotlabs/Module/Dreport.php
View File

@@ -56,10 +56,12 @@ class Dreport extends \Zotlabs\Web\Controller {
return;
}
$r = q("select * from dreport where dreport_xchan = '%s' and (dreport_mid = '%s' or dreport_mid = '%s')",
$r = q("select * from dreport where dreport_xchan = '%s' and (dreport_mid = '%s' or dreport_mid = '%s' or dreport_mid = '%s' or dreport_mid = '%s')",
dbesc($channel['channel_hash']),
dbesc($mid),
dbesc(str_replace('/item/', '/activity/', $mid))
dbesc($mid . '#sync'),
dbesc(str_replace('/item/', '/activity/', $mid)),
dbesc(str_replace('/item/', '/activity/', $mid) . '#sync')
);
if(! $r) {
@@ -94,6 +96,7 @@ class Dreport extends \Zotlabs\Web\Controller {
case 'updated':
$r[$x]['gravity'] = 5;
$r[$x]['dreport_result'] = t('updated');
break;
case 'update ignored':
$r[$x]['gravity'] = 6;
$r[$x]['dreport_result'] = t('update ignored');

21
Zotlabs/Module/Editpost.php
View File

@@ -57,15 +57,17 @@ class Editpost extends \Zotlabs\Web\Controller {
$catsenabled = ((feature_enabled($owner_uid,'categories')) ? 'categories' : '');
if ($catsenabled){
$itm = fetch_post_tags($itm);
$cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
foreach ($cats as $cat) {
if (strlen($category))
$category .= ', ';
$category .= $cat['term'];
}
$itm = fetch_post_tags($itm);
if (isset($itm[0]['term'])) {
$cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY);
if ($cats) {
foreach ($cats as $cat) {
if (strlen($category))
$category .= ', ';
$category .= $cat['term'];
}
}
}
}
if($itm[0]['attach']) {
@@ -104,6 +106,7 @@ class Editpost extends \Zotlabs\Web\Controller {
'bbcode' => true
);
$a = '';
$editor = status_editor($a, $x, false, 'Editpost');
$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(

31
Zotlabs/Module/Fhublocs.php
View File

@@ -60,25 +60,26 @@ class Fhublocs extends \Zotlabs\Web\Controller {
$h = hubloc_store_lowlevel(
[
'hubloc_guid' => $rr['channel_guid'],
'hubloc_guid_sig' => $rr['channel_guid_sig'],
'hubloc_hash' => $rr['channel_hash'],
'hubloc_id_url' => channel_url($rr),
'hubloc_addr' => channel_reddress($rr),
'hubloc_primary' => intval($primary),
'hubloc_url' => z_root(),
'hubloc_url_sig' => Libzot::sign(z_root(), $rr['channel_prvkey']),
'hubloc_site_id' => Libzot::make_xchan_hash(z_root(), $sitekey),
'hubloc_host' => \App::get_hostname(),
'hubloc_callback' => z_root() . '/zot',
'hubloc_sitekey' => $sitekey,
'hubloc_network' => 'zot6',
'hubloc_updated' => datetime_convert()
'hubloc_guid' => $rr['channel_guid'],
'hubloc_guid_sig' => $rr['channel_guid_sig'],
'hubloc_hash' => $rr['channel_hash'],
'hubloc_id_url' => channel_url($rr),
'hubloc_addr' => channel_reddress($rr),
'hubloc_primary' => intval($primary),
'hubloc_url' => z_root(),
'hubloc_url_sig' => Libzot::sign(z_root(), $rr['channel_prvkey']),
'hubloc_site_id' => Libzot::make_xchan_hash(z_root(), $sitekey),
'hubloc_host' => \App::get_hostname(),
'hubloc_callback' => z_root() . '/zot',
'hubloc_sitekey' => $sitekey,
'hubloc_network' => 'zot6',
'hubloc_updated' => datetime_convert(),
'hubloc_connected' => datetime_convert()
]
);
if($h)
$o . 'local hubloc created for ' . $rr['channel_name'] . EOL;
$o .= 'local hubloc created for ' . $rr['channel_name'] . EOL;
else
$o .= 'DB update failed for ' . $rr['channel_name'] . EOL;

10
Zotlabs/Module/File_upload.php
View File

@@ -30,12 +30,12 @@ class File_upload extends \Zotlabs\Web\Controller {
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
$_REQUEST['allow_cid'] = ((isset($_REQUEST['contact_allow'])) ? perms2str($_REQUEST['contact_allow']) : '');
$_REQUEST['allow_gid'] = ((isset($_REQUEST['group_allow'])) ? perms2str($_REQUEST['group_allow']) : '');
$_REQUEST['deny_cid'] = ((isset($_REQUEST['contact_deny'])) ? perms2str($_REQUEST['contact_deny']) : '');
$_REQUEST['deny_gid'] = ((isset($_REQUEST['group_deny'])) ? perms2str($_REQUEST['group_deny']) : '');
if($_REQUEST['filename']) {
if(isset($_REQUEST['filename']) && $_REQUEST['filename']) {
$r = attach_mkdir($channel, get_observer_hash(), $_REQUEST);
if($r['success']) {
$hash = $r['data']['hash'];

3
Zotlabs/Module/Follow.php
View File

@@ -72,8 +72,7 @@ class Follow extends Controller {
$uid = local_channel();
$url = notags(trim(punify($_REQUEST['url'])));
$return_url = $_SESSION['return_url'];
$confirm = intval($_REQUEST['confirm']);
$interactive = (($_REQUEST['interactive']) ? intval($_REQUEST['interactive']) : 1);
$interactive = $_REQUEST['interactive'] ?? 1;
$channel = App::get_channel();
$result = Connect::connect($channel,$url);

11
Zotlabs/Module/Help.php
View File

@@ -17,7 +17,9 @@ class Help extends \Zotlabs\Web\Controller {
function get() {
nav_set_selected('Help');
if($_REQUEST['search']) {
$o = '';
if(isset($_REQUEST['search']) && $_REQUEST['search']) {
$o .= '<div id="help-content" class="generic-content-wrapper">';
$o .= '<div class="section-title-wrapper">';
$o .= '<h2>' . t('Documentation Search') . ' - ' . htmlspecialchars($_REQUEST['search']) . '</h2>';
@@ -44,8 +46,8 @@ class Help extends \Zotlabs\Web\Controller {
return $o;
}
if(argc() > 2 && argv(argc()-2) === 'assets') {
$path = '';
for($x = 1; $x < argc(); $x ++) {
@@ -87,11 +89,12 @@ class Help extends \Zotlabs\Web\Controller {
'tutorials' => t('Tutorials')
];
$heading = '';
if(array_key_exists(argv(1), $headings))
$heading = $headings[argv(1)];
$content = get_help_content();
$language = determine_help_language()['language'];
return replace_macros(get_markup_template('help.tpl'), array(

2
Zotlabs/Module/Home.php
View File

@@ -36,7 +36,7 @@ class Home extends Controller {
$channel = App::get_channel();
if (local_channel() && $channel && $channel['xchan_url'] && !$splash) {
$dest = (($ret['startpage']) ? $ret['startpage'] : '');
$dest = $ret['startpage'] ?? '';
if (!$dest)
$dest = get_config('system', 'startpage');
if (!$dest)

23
Zotlabs/Module/Hq.php
View File

@@ -47,24 +47,11 @@ class Hq extends \Zotlabs\Web\Controller {
$sys = get_sys_channel();
$sys_item = false;
$sql_extra = '';
if(! $item_hash) {
//$r = q("SELECT mid FROM item
//WHERE uid = %d $item_normal
//AND mid = parent_mid
//AND item_private IN (0, 1)
//ORDER BY created DESC LIMIT 1",
//intval(local_channel())
//);
//if($r[0]['mid']) {
//$item_hash = $r[0]['mid'];
//}
}
$target_item = null;
$o = '';
if($item_hash) {
$target_item = null;
$r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1",
dbesc($item_hash)
);
@@ -115,7 +102,7 @@ class Hq extends \Zotlabs\Web\Controller {
];
$a = '';
$o = status_editor($a, $x, true);
$o .= status_editor($a, $x, true);
}
@@ -256,8 +243,8 @@ class Hq extends \Zotlabs\Web\Controller {
if (!local_channel())
return;
$options['offset'] = $_REQUEST['offset'];
$options['type'] = $_REQUEST['type'];
$options['offset'] = $_REQUEST['offset'] ?? 0;
$options['type'] = $_REQUEST['type'] ?? '';
$ret = Messages::get_messages_page($options);

7
Zotlabs/Module/Import_progress.php
View File

@@ -49,11 +49,6 @@ class Import_progress extends \Zotlabs\Web\Controller {
}
$ccompleted_str = t('Item sync completed but no items were found!');
if(argv(1) === 'resume_itemsync') {
Master::Summon(["Content_importer","0","0001-01-01 00:00:00","2021-10-02 19:49:14","ct5","https%3A%2F%2Fhub.somaton.com"]);
goaway('/import_progress');
}
}
$cprogress_str = ((intval($cprogress)) ? $cprogress . '%' : $cprogress);
@@ -76,8 +71,6 @@ class Import_progress extends \Zotlabs\Web\Controller {
Master::Summon($f['next_cmd']);
goaway('/import_progress');
}
}
else {
$fprogress = 'waiting to start...';

68
Zotlabs/Module/Item.php
View File

@@ -312,6 +312,21 @@ class Item extends Controller {
$observer = null;
$datarray = [];
$item_starred = false;
$item_uplink = false;
$item_notshown = false;
$item_nsfw = false;
$item_relay = false;
$item_mentionsme = false;
$item_verified = false;
$item_retained = false;
$item_rss = false;
$item_deleted = false;
$item_hidden = false;
$item_unpublished = false;
$item_delayed = false;
$item_pending_remove = false;
$item_blocked = false;
/**
* Is this a reply to something?
@@ -319,7 +334,7 @@ class Item extends Controller {
$parent = ((x($_REQUEST, 'parent')) ? intval($_REQUEST['parent']) : 0);
$parent_mid = ((x($_REQUEST, 'parent_mid')) ? trim($_REQUEST['parent_mid']) : '');
$mode = (($_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network');
$mode = ((isset($_REQUEST['conv_mode']) && $_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network');
$remote_xchan = ((x($_REQUEST, 'remote_xchan')) ? trim($_REQUEST['remote_xchan']) : false);
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
@@ -355,10 +370,10 @@ class Item extends Controller {
$api_source = ((x($_REQUEST, 'api_source') && $_REQUEST['api_source']) ? true : false);
$consensus = intval($_REQUEST['consensus']);
$nocomment = intval($_REQUEST['nocomment']);
$consensus = $_REQUEST['consensus'] ?? 0;
$nocomment = $_REQUEST['nocomment'] ?? 0;
$is_poll = ((trim((string)$_REQUEST['poll_answers'][0]) != '' && trim((string)$_REQUEST['poll_answers'][1]) != '') ? true : false);
$is_poll = ((isset($_REQUEST['poll_answers'][0]) && $_REQUEST['poll_answers'][0]) && (isset($_REQUEST['poll_answers'][1]) && $_REQUEST['poll_answers'][1]));
// 'origin' (if non-zero) indicates that this network is where the message originated,
// for the purpose of relaying comments to other conversation members.
@@ -378,7 +393,7 @@ class Item extends Controller {
$owner_hash = null;
$message_id = ((x($_REQUEST, 'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
$message_id = ((x($_REQUEST, 'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : null);
$created = ((x($_REQUEST, 'created')) ? datetime_convert(date_default_timezone_get(), 'UTC', $_REQUEST['created']) : datetime_convert());
$post_id = ((x($_REQUEST, 'post_id')) ? intval($_REQUEST['post_id']) : 0);
$app = ((x($_REQUEST, 'source')) ? strip_tags($_REQUEST['source']) : '');
@@ -387,7 +402,7 @@ class Item extends Controller {
$categories = ((x($_REQUEST, 'category')) ? escape_tags($_REQUEST['category']) : '');
$webpage = ((x($_REQUEST, 'webpage')) ? intval($_REQUEST['webpage']) : 0);
$item_obscured = ((x($_REQUEST, 'obscured')) ? intval($_REQUEST['obscured']) : 0);
$pagetitle = ((x($_REQUEST, 'pagetitle')) ? escape_tags(urlencode($_REQUEST['pagetitle'])) : '');
$pagetitle = ((x($_REQUEST, 'pagetitle')) ? escape_tags($_REQUEST['pagetitle']) : '');
$layout_mid = ((x($_REQUEST, 'layout_mid')) ? escape_tags($_REQUEST['layout_mid']) : '');
$plink = ((x($_REQUEST, 'permalink')) ? escape_tags($_REQUEST['permalink']) : '');
$obj_type = ((x($_REQUEST, 'obj_type')) ? escape_tags($_REQUEST['obj_type']) : ACTIVITY_OBJ_NOTE);
@@ -411,7 +426,7 @@ class Item extends Controller {
}
if ($pagetitle) {
$pagetitle = strtolower(URLify::transliterate($pagetitle));
$pagetitle = str_replace('/', '-', strtolower(URLify::transliterate($pagetitle)));
}
@@ -695,6 +710,7 @@ class Item extends Controller {
$expires = $orig_post['expires'];
$comments_closed = $orig_post['comments_closed'];
$mid = $orig_post['mid'];
$uuid = $orig_post['uuid'];
$thr_parent = $orig_post['thr_parent'];
$parent_mid = $orig_post['parent_mid'];
$plink = $orig_post['plink'];
@@ -720,18 +736,18 @@ class Item extends Controller {
}
$location = notags(trim((string)$_REQUEST['location']));
$coord = notags(trim((string)$_REQUEST['coord']));
$verb = notags(trim((string)$_REQUEST['verb']));
$title = escape_tags(trim((string)$_REQUEST['title']));
$summary = trim((string)$_REQUEST['summary']);
$body = trim((string)$_REQUEST['body']);
$body .= trim((string)$_REQUEST['attachment']);
$location = ((isset($_REQUEST['location'])) ? notags(trim($_REQUEST['location'])) : '');
$coord = ((isset($_REQUEST['coord'])) ? notags(trim($_REQUEST['coord'])) : '');
$verb = ((isset($_REQUEST['verb'])) ? notags(trim($_REQUEST['verb'])) : '');
$title = ((isset($_REQUEST['title'])) ? escape_tags(trim($_REQUEST['title'])) : '');
$summary = ((isset($_REQUEST['summary'])) ? trim($_REQUEST['summary']) : '');
$body = ((isset($_REQUEST['body'])) ? trim($_REQUEST['body']) : '');
$body .= ((isset($_REQUEST['attachment'])) ? trim($_REQUEST['attachment']) : '');
$postopts = '';
$allow_empty = ((array_key_exists('allow_empty', $_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0);
$private = (($private) ? $private : intval($acl->is_private() || ($public_policy)));
$private = ((isset($private) && $private) ? $private : intval($acl->is_private() || ($public_policy)));
// If this is a comment, set the permissions from the parent.
@@ -767,7 +783,8 @@ class Item extends Controller {
}
$mimetype = notags(trim((string)$_REQUEST['mimetype']));
$mimetype = ((isset($_REQUEST['mimetype'])) ? notags(trim($_REQUEST['mimetype'])) : '');
if (!$mimetype)
$mimetype = 'text/bbcode';
@@ -957,7 +974,7 @@ class Item extends Controller {
$item_unseen = ((local_channel() != $profile_uid) ? 1 : 0);
$item_wall = (($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment') ? 1 : 0);
$item_wall = ((isset($_REQUEST['type']) && ($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment')) ? 1 : 0);
$item_origin = (($origin) ? 1 : 0);
$item_consensus = (($consensus) ? 1 : 0);
$item_nocomment = (($nocomment) ? 1 : 0);
@@ -984,12 +1001,8 @@ class Item extends Controller {
$notify_type = (($parent) ? 'comment-new' : 'wall-new');
$uuid = (($message_id) ? $message_id : item_message_id());
if (!$mid) {
$mid = z_root() . '/item/' . $uuid;
}
$uuid = $uuid ?? $message_id ?? item_message_id();
$mid = $mid ?? z_root() . '/item/' . $uuid;
if ($is_poll) {
$poll = [
@@ -1045,7 +1058,7 @@ class Item extends Controller {
$plink = $mid;
}
if ($datarray['obj']) {
if (isset($datarray['obj']) && $datarray['obj']) {
$datarray['obj']['id'] = $mid;
}
@@ -1085,7 +1098,6 @@ class Item extends Controller {
$datarray['item_type'] = $webpage;
$datarray['item_private'] = intval($private);
$datarray['item_thread_top'] = intval($item_thread_top);
$datarray['item_unseen'] = intval($item_unseen);
$datarray['item_starred'] = intval($item_starred);
$datarray['item_uplink'] = intval($item_uplink);
$datarray['item_consensus'] = intval($item_consensus);
@@ -1285,7 +1297,7 @@ class Item extends Controller {
// This way we don't see every picture in your new photo album posted to your wall at once.
// They will show up as people comment on them.
if (intval($parent_item['item_hidden'])) {
if ($parent_item && intval($parent_item['item_hidden'])) {
$r = q("UPDATE item SET item_hidden = 0 WHERE id = %d",
intval($parent_item['id'])
);
@@ -1437,7 +1449,11 @@ class Item extends Controller {
if ($complex) {
tag_deliver($i[0]['uid'], $i[0]['id']);
}
}
killme();
}
}

24
Zotlabs/Module/Layouts.php
View File

@@ -72,7 +72,7 @@ class Layouts extends \Zotlabs\Web\Controller {
return;
}
// Block design features from visitors
// Block design features from visitors
if((! $uid) || ($uid != $owner)) {
notice( t('Permission denied.') . EOL);
@@ -95,8 +95,8 @@ class Layouts extends \Zotlabs\Web\Controller {
// Use the buildin share/install feature instead.
if((argc() > 3) && (argv(2) === 'share') && (argv(3))) {
$r = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig
left join item on item.id = iconfig.iid
$r = q("select iconfig.v, iconfig.k, mimetype, title, body from iconfig
left join item on item.id = iconfig.iid
where uid = %d and mid = '%s' and iconfig.cat = 'system' and iconfig.k = 'PDL' order by iconfig.v asc",
intval($owner),
dbesc(argv(3))
@@ -110,7 +110,7 @@ class Layouts extends \Zotlabs\Web\Controller {
}
// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages
// Nickname is set to the observers xchan, and profile_uid to the owners.
// Nickname is set to the observers xchan, and profile_uid to the owners.
// This lets you post pages at other people's channels.
$x = array(
@@ -134,16 +134,14 @@ class Layouts extends \Zotlabs\Web\Controller {
'bbco_autocomplete' => 'comanche'
);
if($_REQUEST['title'])
$x['title'] = $_REQUEST['title'];
if($_REQUEST['body'])
$x['body'] = $_REQUEST['body'];
if($_REQUEST['pagetitle'])
$x['pagetitle'] = $_REQUEST['pagetitle'];
$x['title'] = $_REQUEST['title'] ?? '';
$x['body'] = $_REQUEST['body'] ?? '';
$x['pagetitle'] = $_REQUEST['pagetitle'] ?? '';
$a = '';
$editor = status_editor($a,$x,false,'Layouts');
$r = q("select iconfig.iid, iconfig.v, mid, title, body, mimetype, created, edited, item_type from iconfig
$r = q("select iconfig.iid, iconfig.v, mid, title, body, mimetype, created, edited, item_type from iconfig
left join item on iconfig.iid = item.id
where uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' and item_type = %d order by item.created desc",
intval($owner),
@@ -178,9 +176,9 @@ class Layouts extends \Zotlabs\Web\Controller {
}
//Build the base URL for edit links
$url = z_root() . '/editlayout/' . $which;
$url = z_root() . '/editlayout/' . $which;
$o .= replace_macros(get_markup_template('layoutlist.tpl'), array(
$o = replace_macros(get_markup_template('layoutlist.tpl'), array(
'$title' => t('Layouts'),
'$create' => t('Create'),
'$help' => array('text' => t('Help'), 'url' => 'help/comanche', 'title' => t('Comanche page description language help')),

24
Zotlabs/Module/Like.php
View File

@@ -106,7 +106,7 @@ class Like extends Controller {
$o = EMPTY_STR;
$sys_channel = get_sys_channel();
$observer = App::get_observer();
$interactive = $_REQUEST['interactive'];
$interactive = $_REQUEST['interactive'] ?? false;
if ((!$observer) || ($interactive)) {
$o .= '<h1>' . t('Like/Dislike') . '</h1>';
@@ -140,7 +140,7 @@ class Like extends Controller {
$extended_like = false;
$object = $target = null;
$post_type = EMPTY_STR;
$objtype = EMPTY_STR;
$obj_type = EMPTY_STR;
if (argc() == 3) {
@@ -182,7 +182,7 @@ class Like extends Controller {
}
}
$post_type = t('channel');
$objtype = ACTIVITY_OBJ_PROFILE;
$obj_type = ACTIVITY_OBJ_PROFILE;
$profile = $r[0];
}
@@ -211,7 +211,7 @@ class Like extends Controller {
$public = false;
$post_type = t('thing');
$objtype = ACTIVITY_OBJ_PROFILE;
$obj_type = ACTIVITY_OBJ_PROFILE;
$tgttype = ACTIVITY_OBJ_THING;
$links = array();
@@ -273,7 +273,7 @@ class Like extends Controller {
intval($ch[0]['channel_id']),
dbesc($observer['xchan_hash']),
dbesc($activity),
dbesc(($tgttype) ? $tgttype : $objtype),
dbesc(($tgttype) ? $tgttype : $obj_type),
dbesc($obj_id)
);
@@ -446,10 +446,10 @@ class Like extends Controller {
if ($item['obj_type'] === ACTIVITY_OBJ_EVENT)
$post_type = t('event');
$objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE);
$obj_type = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE);
if ($objtype === ACTIVITY_OBJ_NOTE && (!intval($item['item_thread_top'])))
$objtype = ACTIVITY_OBJ_COMMENT;
if ($obj_type === ACTIVITY_OBJ_NOTE && (!intval($item['item_thread_top'])))
$obj_type = ACTIVITY_OBJ_COMMENT;
$object = json_encode(Activity::fetch_item(['id' => $item['mid']]));
@@ -508,7 +508,7 @@ class Like extends Controller {
$allow_gid = $item['allow_gid'];
$deny_cid = $item['deny_cid'];
$deny_gid = $item['deny_gid'];
$private = $item['private'];
$private = $item['item_private'];
}
@@ -533,7 +533,7 @@ class Like extends Controller {
}
$arr['verb'] = $activity;
$arr['obj_type'] = $objtype;
$arr['obj_type'] = $obj_type;
$arr['obj'] = $object;
if ($target) {
@@ -569,7 +569,7 @@ class Like extends Controller {
intval($post_id),
dbesc($arr['mid']),
dbesc($activity),
dbesc(($tgttype) ? $tgttype : $objtype),
dbesc(($tgttype) ? $tgttype : $obj_type),
dbesc($obj_id),
dbesc(($target) ? $target : $object)
);
@@ -578,7 +578,7 @@ class Like extends Controller {
dbesc($ch[0]['channel_hash']),
dbesc($arr['mid']),
dbesc($activity),
dbesc(($tgttype) ? $tgttype : $objtype),
dbesc(($tgttype) ? $tgttype : $obj_type),
dbesc($obj_id)
);
if ($r)

2
Zotlabs/Module/Lockview.php
View File

@@ -101,7 +101,7 @@ class Lockview extends Controller {
killme();
}
if (intval($item['item_private']) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid']))
if ((isset($item['item_private']) && intval($item['item_private'])) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid']))
&& (!strlen($item['deny_cid'])) && (!strlen($item['deny_gid']))) {
// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any

70
Zotlabs/Module/Lostpass.php
View File

@@ -6,32 +6,32 @@ namespace Zotlabs\Module;
class Lostpass extends \Zotlabs\Web\Controller {
function post() {
$loginame = notags(trim($_POST['login-name']));
if(! $loginame)
goaway(z_root());
$r = q("SELECT * FROM account WHERE account_email = '%s' LIMIT 1",
dbesc($loginame)
);
if(! $r) {
notice( t('No valid account found.') . EOL);
goaway(z_root());
}
$aid = $r[0]['account_id'];
$email = $r[0]['account_email'];
$hash = random_string();
$r = q("UPDATE account SET account_reset = '%s' WHERE account_id = %d",
dbesc($hash),
intval($aid)
);
if($r)
info( t('Password reset request issued. Check your email.') . EOL);
$email_tpl = get_intltext_template("lostpass_eml.tpl");
$message = replace_macros($email_tpl, array(
'$sitename' => get_config('system','sitename'),
@@ -40,11 +40,11 @@ class Lostpass extends \Zotlabs\Web\Controller {
'$email' => $email,
'$reset_link' => z_root() . '/lostpass?verify=' . $hash
));
$subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8');
$res = z_mail(
[
[
'toEmail' => $email,
'messageSubject' => sprintf( t('Password reset requested at %s'), get_config('system','sitename')),
'textVersion' => $message,
@@ -53,14 +53,14 @@ class Lostpass extends \Zotlabs\Web\Controller {
goaway(z_root());
}
function get() {
if(x($_GET,'verify')) {
$verify = $_GET['verify'];
$r = q("SELECT * FROM account WHERE account_reset = '%s' LIMIT 1",
dbesc($verify)
);
@@ -69,25 +69,25 @@ class Lostpass extends \Zotlabs\Web\Controller {
goaway(z_root());
return;
}
$aid = $r[0]['account_id'];
$email = $r[0]['account_email'];
$new_password = autoname(6) . mt_rand(100,9999);
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $new_password);
$r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d",
dbesc($salt),
dbesc($password_encoded),
intval(ACCOUNT_UNVERIFIED),
intval($aid)
);
if($r) {
$tpl = get_markup_template('pwdreset.tpl');
$o .= replace_macros($tpl,array(
$o = replace_macros($tpl,array(
'$lbl1' => t('Password Reset'),
'$lbl2' => t('Your password has been reset as requested.'),
'$lbl3' => t('Your new password is'),
@@ -96,23 +96,23 @@ class Lostpass extends \Zotlabs\Web\Controller {
'$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'),
'$newpass' => $new_password,
'$baseurl' => z_root()
));
info("Your password has been reset." . EOL);
$email_tpl = get_intltext_template("passchanged_eml.tpl");
$message = replace_macros($email_tpl, array(
'$sitename' => \App::$config['sitename'],
'$siteurl' => z_root(),
'$username' => sprintf( t('Site Member (%s)'), $email),
'$email' => $email,
'$new_password' => $new_password,
'$uid' => $newuid )
'$new_password' => $new_password
)
);
$res = z_mail(
[
[
'toEmail' => $email,
'messageSubject' => sprintf( t('Your password has changed at %s'), get_config('system','sitename')),
'textVersion' => $message,
@@ -121,21 +121,21 @@ class Lostpass extends \Zotlabs\Web\Controller {
return $o;
}
}
else {
$tpl = get_markup_template('lostpass.tpl');
$o .= replace_macros($tpl,array(
$o = replace_macros($tpl,array(
'$title' => t('Forgot your Password?'),
'$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'),
'$name' => t('Email Address'),
'$submit' => t('Reset')
'$submit' => t('Reset')
));
return $o;
}
}
}

2
Zotlabs/Module/Manage.php
View File

@@ -6,7 +6,7 @@ class Manage extends \Zotlabs\Web\Controller {
function get() {
if((! get_account_id()) || ($_SESSION['delegate'])) {
if((! get_account_id()) || (isset($_SESSION['delegate']) && $_SESSION['delegate'])) {
notice( t('Permission denied.') . EOL);
return;
}

66
Zotlabs/Module/Menu.php
View File

@@ -26,9 +26,9 @@ class Menu extends \Zotlabs\Web\Controller {
}
function post() {
if(! \App::$profile) {
return;
}
@@ -37,23 +37,23 @@ class Menu extends \Zotlabs\Web\Controller {
$uid = \App::$profile['channel_id'];
if(array_key_exists('sys', $_REQUEST) && $_REQUEST['sys'] && is_site_admin()) {
$sys = get_sys_channel();
$uid = intval($sys['channel_id']);
\App::$is_sys = true;
}
if(! $uid)
return;
$_REQUEST['menu_channel_id'] = $uid;
if($_REQUEST['menu_bookmark'])
$_REQUEST['menu_flags'] |= MENU_BOOKMARK;
if($_REQUEST['menu_system'])
$_REQUEST['menu_flags'] |= MENU_SYSTEM;
$menu_id = ((argc() > 2) ? intval(argv(2)) : 0);
if($menu_id) {
@@ -62,7 +62,7 @@ class Menu extends \Zotlabs\Web\Controller {
if($r) {
menu_sync_packet($uid,get_observer_hash(),$menu_id);
//info( t('Menu updated.') . EOL);
goaway(z_root() . '/mitem/' . $which . '/' . $menu_id . ((\App::$is_sys) ? '?f=&sys=1' : ''));
goaway(z_root() . '/mitem/' . $which . '/' . $menu_id . ((\App::$is_sys) ? '?f=&sys=1' : ''));
}
else
notice( t('Unable to update menu.'). EOL);
@@ -71,21 +71,21 @@ class Menu extends \Zotlabs\Web\Controller {
$r = menu_create($_REQUEST);
if($r) {
menu_sync_packet($uid,get_observer_hash(),$r);
//info( t('Menu created.') . EOL);
goaway(z_root() . '/mitem/' . $which . '/' . $r . ((\App::$is_sys) ? '?f=&sys=1' : ''));
goaway(z_root() . '/mitem/' . $which . '/' . $r . ((\App::$is_sys) ? '?f=&sys=1' : ''));
}
else
notice( t('Unable to create menu.'). EOL);
}
}
function get() {
if(! \App::$profile) {
@@ -101,8 +101,8 @@ class Menu extends \Zotlabs\Web\Controller {
$uid = local_channel();
$owner = 0;
$channel = null;
$sys = [];
$observer = \App::get_observer();
$channel = \App::get_channel();
if(\App::$is_sys && is_site_admin()) {
@@ -143,9 +143,9 @@ class Menu extends \Zotlabs\Web\Controller {
}
if(argc() == 2) {
$channel = (($sys) ? $sys : channelx_by_n($owner));
// list menus
$x = menu_list($owner);
if($x) {
@@ -156,7 +156,7 @@ class Menu extends \Zotlabs\Web\Controller {
$x[$y]['bookmark'] = (($x[$y]['menu_flags'] & MENU_BOOKMARK) ? true : false);
}
}
$create = replace_macros(get_markup_template('menuedit.tpl'), array(
'$menu_name' => array('menu_name', t('Menu Name'), '', t('Unique name (not visible on webpage) - required'), '*'),
'$menu_desc' => array('menu_desc', t('Menu Title'), '', t('Visible on webpage - leave empty for no title'), ''),
@@ -166,7 +166,7 @@ class Menu extends \Zotlabs\Web\Controller {
'$nick' => $which,
'$display' => 'none'
));
$o = replace_macros(get_markup_template('menulist.tpl'),array(
'$title' => t('Menus'),
'$create' => $create,
@@ -186,30 +186,30 @@ class Menu extends \Zotlabs\Web\Controller {
'$nick' => $which,
'$sys' => \App::$is_sys
));
return $o;
}
if(argc() > 2) {
if(intval(argv(2))) {
if(argc() == 4 && argv(3) == 'drop') {
menu_sync_packet($owner,get_observer_hash(),intval(argv(1)),true);
$r = menu_delete_id(intval(argv(2)),$owner);
if(!$r)
notice( t('Menu could not be deleted.'). EOL);
goaway(z_root() . '/menu/' . $which . ((\App::$is_sys) ? '?f=&sys=1' : ''));
}
$m = menu_fetch_id(intval(argv(2)),$owner);
if(! $m) {
notice( t('Menu not found.') . EOL);
return '';
}
$o = replace_macros(get_markup_template('menuedit.tpl'), array(
'$header' => t('Edit Menu'),
'$sys' => \App::$is_sys,
@@ -224,16 +224,16 @@ class Menu extends \Zotlabs\Web\Controller {
'$nick' => $which,
'$submit' => t('Submit and proceed')
));
return $o;
}
else {
notice( t('Not found.') . EOL);
return;
}
}
}
}

2
Zotlabs/Module/Mood.php
View File

@@ -24,7 +24,7 @@ class Mood extends Controller {
$uid = local_channel();
$channel = App::get_channel();
$verb = notags(trim($_GET['verb']));
$verb = ((isset($_GET['verb'])) ? notags(trim($_GET['verb'])) : '');
if(! $verb)
return;

8
Zotlabs/Module/Network.php
View File

@@ -129,6 +129,9 @@ class Network extends \Zotlabs\Web\Controller {
$pf = ((x($_GET, 'pf')) ? $_GET['pf'] : '');
$unseen = ((x($_GET, 'unseen')) ? $_GET['unseen'] : '');
$status_editor = '';
if (Apps::system_app_installed(local_channel(), 'Affinity Tool')) {
$affinity_locked = intval(get_pconfig(local_channel(), 'affinity', 'lock', 1));
if ($affinity_locked) {
@@ -208,6 +211,7 @@ class Network extends \Zotlabs\Web\Controller {
'reset' => t('Reset form')
);
$a = '';
$status_editor = status_editor($a, $x, false, 'Network');
$o .= $status_editor;
@@ -370,9 +374,9 @@ class Network extends \Zotlabs\Web\Controller {
// ActivityStreams specification.
if (substr($verb, 0, 1) === '.') {
$verb = substr($verb, 1);
$sql_verb = substr($verb, 1);
$sql_extra .= sprintf(" AND item.obj_type like '%s' ",
dbesc(protect_sprintf('%' . $verb . '%'))
dbesc(protect_sprintf('%' . $sql_verb . '%'))
);
}
else {

2
Zotlabs/Module/Notify.php
View File

@@ -10,7 +10,7 @@ class Notify extends Controller {
if(! local_channel())
return;
if($_REQUEST['notify_id']) {
if(isset($_REQUEST['notify_id']) && $_REQUEST['notify_id']) {
$update_notices_per_parent = PConfig::Get(local_channel(), 'system', 'update_notices_per_parent', 1);
if($update_notices_per_parent) {

37
Zotlabs/Module/Oep.php
View File

@@ -15,7 +15,7 @@ class Oep extends \Zotlabs\Web\Controller {
logger('oep: ' . print_r($_REQUEST,true), LOGGER_DEBUG, LOG_INFO);
$html = ((argc() > 1 && argv(1) === 'html') ? true : false);
if($_REQUEST['url']) {
if(isset($_REQUEST['url'])) {
$_REQUEST['url'] = strip_zids($_REQUEST['url']);
$url = $_REQUEST['url'];
}
@@ -23,9 +23,9 @@ class Oep extends \Zotlabs\Web\Controller {
if(! $url)
http_status_exit(404, 'Not found');
$maxwidth = $_REQUEST['maxwidth'];
$maxheight = $_REQUEST['maxheight'];
$format = $_REQUEST['format'];
$maxwidth = $_REQUEST['maxwidth'] ?? 0;
$maxheight = $_REQUEST['maxheight'] ?? 0;
$format = $_REQUEST['format'] ?? '';
if($format && $format !== 'json')
http_status_exit(501, 'Not implemented');
@@ -70,8 +70,8 @@ class Oep extends \Zotlabs\Web\Controller {
$ret = array();
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
if(preg_match('#//(.*?)/display/(.*?)(&|\?|$)#',$url,$matches)) {
$res = $matches[2];
@@ -159,8 +159,8 @@ class Oep extends \Zotlabs\Web\Controller {
$ret = [];
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
if(preg_match('#//(.*?)/cards/(.*?)/(.*?)(&|\?|$)#',$url,$matches)) {
$nick = $matches[2];
@@ -246,8 +246,8 @@ class Oep extends \Zotlabs\Web\Controller {
$ret = [];
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
if(preg_match('#//(.*?)/articles/(.*?)/(.*?)(&|\?|$)#',$url,$matches)) {
$nick = $matches[2];
@@ -333,8 +333,8 @@ class Oep extends \Zotlabs\Web\Controller {
$ret = array();
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
if(preg_match('#//(.*?)/(.*?)/(.*?)/(.*?)mid\=(.*?)(&|$)#',$url,$matches)) {
$chn = $matches[3];
@@ -343,6 +343,7 @@ class Oep extends \Zotlabs\Web\Controller {
if(! ($chn && $res))
return;
$c = q("select * from channel where channel_address = '%s' limit 1",
dbesc($chn)
);
@@ -454,8 +455,8 @@ class Oep extends \Zotlabs\Web\Controller {
$ret = array();
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
if(preg_match('|//(.*?)/(.*?)/(.*?)/album/|',$url,$matches)) {
$chn = $matches[3];
@@ -519,8 +520,8 @@ class Oep extends \Zotlabs\Web\Controller {
$ret = array();
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
if(preg_match('|//(.*?)/(.*?)/(.*?)$|',$url,$matches)) {
$chn = $matches[3];
@@ -582,8 +583,8 @@ class Oep extends \Zotlabs\Web\Controller {
$ret = array();
$url = $args['url'];
$maxwidth = intval($args['maxwidth']);
$maxheight = intval($args['maxheight']);
$maxwidth = ((isset($args['maxwidth'])) ? $args['maxwidth'] : 0);
$maxheight = ((isset($args['maxheight'])) ? $args['maxheight'] : 0);
if(preg_match('|//(.*?)/(.*?)/(.*?)/image/|',$url,$matches)) {
$chn = $matches[3];

2
Zotlabs/Module/Outbox.php
View File

@@ -76,7 +76,7 @@ class Outbox extends Controller {
App::set_pager_itemspage(30);
}
if (App::$pager['unset'] && $total > 30) {
if (isset(App::$pager['unset']) && $total > 30) {
$ret = Activity::paged_collection_init($total, App::$query_string);
}
else {

39
Zotlabs/Module/Owa.php
View File

@@ -32,14 +32,14 @@ class Owa extends Controller {
$keyId = $sigblock['keyId'];
if ($keyId) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ",
WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC",
dbesc($keyId)
);
if (! $r) {
$found = discover_by_webbie(str_replace('acct:','',$keyId));
$found = discover_by_webbie($keyId);
if ($found) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ",
WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ",
dbesc($keyId)
);
}
@@ -61,10 +61,43 @@ class Owa extends Controller {
logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']);
}
}
if (!$ret['success']) {
// Possible a reinstall?
// In this case we probably already have an old hubloc
// but not the new one yet.
$found = discover_by_webbie($keyId);
if ($found) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC LIMIT 1",
dbesc($keyId)
);
if ($r) {
$verified = HTTPSig::verify(file_get_contents('php://input'), $r[0]['xchan_pubkey']);
if ($verified && $verified['header_signed'] && $verified['header_valid'] && ($verified['content_valid'] || (! $verified['content_signed']))) {
logger('OWA header: ' . print_r($verified,true), LOGGER_DATA);
logger('OWA success: ' . $r[0]['hubloc_id_url'], LOGGER_DATA);
$ret['success'] = true;
$token = random_string(32);
Verify::create('owt', 0, $token, $r[0]['hubloc_id_url']);
$result = '';
openssl_public_encrypt($token, $result, $r[0]['xchan_pubkey']);
$ret['encrypted_token'] = base64url_encode($result);
} else {
logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_id_url']);
}
}
}
}
}
}
}
}
json_return_and_die($ret,'application/x-zot+json');
}
}

3
Zotlabs/Module/Pconfig.php
View File

@@ -13,8 +13,9 @@ class Pconfig extends \Zotlabs\Web\Controller {
return;
if($_SESSION['delegate'])
if(isset($_SESSION['delegate'])) {
return;
}
check_form_security_token_redirectOnErr('/pconfig', 'pconfig');

2
Zotlabs/Module/Permcats.php
View File

@@ -213,7 +213,7 @@ class Permcats extends Controller {
$thisperm = Permcat::find_permcat($existing, $k);
$checkinherited = PermissionLimits::Get(local_channel(), $k);
if ($existing[$k])
if (isset($existing[$k]) && $existing[$k])
$thisperm = 1;
$perms[] = [

80
Zotlabs/Module/Photos.php
View File

@@ -40,7 +40,7 @@ class Photos extends \Zotlabs\Web\Controller {
head_set_icon(\App::$data['channel']['xchan_photo_s']);
\App::$page['htmlhead'] .= "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ;
\App::$page['htmlhead'] = "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ;
}
@@ -74,18 +74,6 @@ class Photos extends \Zotlabs\Web\Controller {
return;
}
$s = abook_self($page_owner_uid);
if(! $s) {
notice( t('Page owner information could not be retrieved.') . EOL);
logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
if(is_ajax())
killme();
return;
}
$owner_record = $s[0];
$acl = new \Zotlabs\Access\AccessList(\App::$data['channel']);
if((argc() > 3) && (argv(2) === 'album')) {
@@ -467,7 +455,7 @@ class Photos extends \Zotlabs\Web\Controller {
if($partial) {
$x = save_chunk($channel,$matches[1],$matches[2],$matches[3]);
if($x['partial']) {
if(isset($x['partial']) && $x['partial']) {
header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0));
json_return_and_die($x);
}
@@ -545,6 +533,7 @@ class Photos extends \Zotlabs\Web\Controller {
//
$can_comment = perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'post_comments');
$datum = '';
if(argc() > 3) {
$datatype = argv(2);
@@ -552,7 +541,6 @@ class Photos extends \Zotlabs\Web\Controller {
} else {
if(argc() > 2) {
$datatype = argv(2);
$datum = '';
}
else
$datatype = 'summary';
@@ -576,8 +564,8 @@ class Photos extends \Zotlabs\Web\Controller {
$observer = \App::get_observer();
$can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'write_storage');
$can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_storage');
$can_post = perm_is_allowed($owner_uid,get_observer_hash(),'write_storage');
$can_view = perm_is_allowed($owner_uid,get_observer_hash(),'view_storage');
if(! $can_view) {
notice( t('Access to this item is restricted.') . EOL);
@@ -604,7 +592,10 @@ class Photos extends \Zotlabs\Web\Controller {
* Display upload form
*/
if( $can_post) {
$upload_form = '';
$usage_message = '';
if($can_post) {
$uploader = '';
@@ -620,14 +611,12 @@ class Photos extends \Zotlabs\Web\Controller {
intval(\App::$data['channel']['channel_account_id'])
);
$usage_message = sprintf( t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000 );
$limit = engr_units_to_bytes(service_class_fetch(\App::$data['channel']['channel_id'],'photo_upload_limit'));
if($limit !== false) {
$usage_message = sprintf( t("%1$.2f MB of %2$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000 );
}
else {
$usage_message = sprintf( t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000 );
}
if($_is_owner) {
$channel = \App::get_channel();
@@ -712,17 +701,17 @@ class Photos extends \Zotlabs\Web\Controller {
'title' => 'oembed'
]);
$folder_hash = '';
$album = '/';
if($x = photos_album_exists($owner_uid, get_observer_hash(), $datum)) {
$album = $x['display_path'];
}
else {
$album = '/';
//goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']);
$folder_hash = $x['hash'];
}
\App::set_pager_itemspage(30);
if($_GET['order'] === 'posted')
if(isset($_GET['order']) && $_GET['order'] === 'posted')
$order = 'ASC';
else
$order = 'DESC';
@@ -731,7 +720,7 @@ class Photos extends \Zotlabs\Web\Controller {
(SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
ORDER BY created $order LIMIT %d OFFSET %d",
dbesc($x['hash']),
dbesc($folder_hash),
intval($owner_uid),
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE),
@@ -763,7 +752,7 @@ class Photos extends \Zotlabs\Web\Controller {
}
if($_GET['order'] === 'posted')
if(isset($_GET['order']) && $_GET['order'] === 'posted')
$order = array(t('Show Newest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum);
else
$order = array(t('Show Oldest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum . '?f=&order=posted');
@@ -784,7 +773,7 @@ class Photos extends \Zotlabs\Web\Controller {
$desc_e = $rr['description'];
$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
. ((isset($_GET['order']) && $_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
$photos[] = array(
'id' => $rr['id'],
@@ -801,7 +790,7 @@ class Photos extends \Zotlabs\Web\Controller {
}
}
if($_REQUEST['aj']) {
if(isset($_REQUEST['aj']) && $_REQUEST['aj']) {
if($photos) {
$o = replace_macros(get_markup_template('photosajax.tpl'),array(
'$photos' => $photos,
@@ -831,7 +820,7 @@ class Photos extends \Zotlabs\Web\Controller {
}
if((! $photos) && ($_REQUEST['aj'])) {
if((! $photos) && (isset($_REQUEST['aj']) && $_REQUEST['aj'])) {
$o .= '<div id="content-complete"></div>';
echo $o;
killme();
@@ -1021,7 +1010,7 @@ class Photos extends \Zotlabs\Web\Controller {
// FIXME - remove this when we move to conversation module
$r = $r[0]['children'];
$r = $r[0]['children'] ?? [];
$edit = null;
if($can_post) {
@@ -1121,9 +1110,6 @@ class Photos extends \Zotlabs\Web\Controller {
'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title'))
);
if($r) {
foreach($r as $item) {
@@ -1266,19 +1252,19 @@ class Photos extends \Zotlabs\Web\Controller {
'$likebuttons' => $likebuttons,
'$like' => $like_e,
'$dislike' => $dislike_e,
'$like_count' => $like_count,
'$like_list' => $like_list,
'$like_list_part' => $like_list_part,
'$like_button_label' => $like_button_label,
'$like_count' => $like_count ?? '',
'$like_list' => $like_list ?? '',
'$like_list_part' => $like_list_part ?? '',
'$like_button_label' => $like_button_label ?? '',
'$like_modal_title' => t('Likes','noun'),
'$dislike_modal_title' => t('Dislikes','noun'),
'$dislike_count' => $dislike_count, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''),
'$dislike_list' => $dislike_list, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''),
'$dislike_list_part' => $dislike_list_part, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''),
'$dislike_button_label' => $dislike_button_label, //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''),
'$dislike_count' => $dislike_count ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''),
'$dislike_list' => $dislike_list ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''),
'$dislike_list_part' => $dislike_list_part ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''),
'$dislike_button_label' => $dislike_button_label ?? '', //((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''),
'$modal_dismiss' => t('Close'),
'$comments' => $comments,
'$commentbox' => $commentbox,
'$commentbox' => $commentbox ?? '',
'$paginate' => $paginate,
'$onclick' => $hookdata['onclick']
));
@@ -1345,7 +1331,7 @@ class Photos extends \Zotlabs\Web\Controller {
}
}
if($_REQUEST['aj']) {
if(isset($_REQUEST['aj']) && $_REQUEST['aj']) {
if($photos) {
$o = replace_macros(get_markup_template('photosajax.tpl'),array(
'$photos' => $photos,
@@ -1373,7 +1359,7 @@ class Photos extends \Zotlabs\Web\Controller {
}
if((! $photos) && ($_REQUEST['aj'])) {
if((! $photos) && (isset($_REQUEST['aj']) && $_REQUEST['aj'])) {
$o .= '<div id="content-complete"></div>';
echo $o;
killme();

4
Zotlabs/Module/Poco.php
View File

@@ -7,7 +7,7 @@ require_once('include/socgraph.php');
class Poco extends \Zotlabs\Web\Controller {
function init() {
poco($a,false);
poco();
}
}

36
Zotlabs/Module/Poke.php
View File

@@ -3,6 +3,7 @@ namespace Zotlabs\Module; /** @file */
use App;
use Zotlabs\Lib\Apps;
use Zotlabs\Lib\Activity;
use Zotlabs\Web\Controller;
/**
@@ -36,7 +37,7 @@ class Poke extends Controller {
$uid = local_channel();
$channel = App::get_channel();
$verb = notags(trim($_REQUEST['verb']));
$verb = ((isset($_GET['verb'])) ? notags(trim($_GET['verb'])) : '');
if(! $verb)
return;
@@ -107,11 +108,6 @@ class Poke extends Controller {
$deny_gid = (($item_private) ? '' : $channel['channel_deny_gid']);
}
$arr = array();
$arr['item_wall'] = 1;
$arr['owner_xchan'] = (($parent_item) ? $parent_item['owner_xchan'] : $channel['channel_hash']);
$arr['parent_mid'] = (($parent_mid) ? $parent_mid : '');
@@ -122,26 +118,14 @@ class Poke extends Controller {
$arr['deny_gid'] = $deny_gid;
$arr['verb'] = $activity;
$arr['item_private'] = $item_private;
$arr['obj_type'] = ACTIVITY_OBJ_PERSON;
$arr['obj_type'] = ACTIVITY_OBJ_NOTE;
$arr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t($verbs[$verb][0]) . ' ' . '[zrl=' . $target['xchan_url'] . ']' . $target['xchan_name'] . '[/zrl]';
$obj = array(
'type' => ACTIVITY_OBJ_PERSON,
'title' => $target['xchan_name'],
'id' => $target['xchan_hash'],
'link' => array(
array('rel' => 'alternate', 'type' => 'text/html', 'href' => $target['xchan_url']),
array('rel' => 'photo', 'type' => $target['xchan_photo_mimetype'], 'href' => $target['xchan_photo_l'])
),
);
$arr['obj'] = json_encode($obj);
$arr['item_origin'] = 1;
$arr['item_wall'] = 1;
$arr['item_unseen'] = 1;
if(! $parent_item)
$item['item_thread_top'] = 1;
$arr['item_thread_top'] = 1;
$arr['obj'] = Activity::encode_item($arr);
post_activity_item($arr);
@@ -170,7 +154,7 @@ class Poke extends Controller {
$name = '';
$id = '';
if(intval($_REQUEST['c'])) {
if(isset($_REQUEST['c']) && intval($_REQUEST['c'])) {
$r = q("select abook_id, xchan_name from abook left join xchan on abook_xchan = xchan_hash
where abook_id = %d and abook_channel = %d limit 1",
intval($_REQUEST['c']),
@@ -198,8 +182,8 @@ class Poke extends Controller {
$desc = t('Poke somebody');
}
else {
$title = t('Poke/Prod');
$desc = t('Poke, prod or do other things to somebody');
$title = t('Poke');
$desc = t('Poke or ping somebody');
}
$o = replace_macros(get_markup_template('poke_content.tpl'),array(
@@ -207,7 +191,7 @@ class Poke extends Controller {
'$poke_basic' => $poke_basic,
'$desc' => $desc,
'$clabel' => t('Recipient'),
'$choice' => t('Choose what you wish to do to recipient'),
'$choice' => t('Choose action'),
'$verbs' => $shortlist,
'$parent' => $parent,
'$prv_desc' => t('Make this post private'),

2
Zotlabs/Module/Profile.php
View File

@@ -110,7 +110,7 @@ class Profile extends Controller {
$is_owner = ((local_channel()) && (local_channel() == App::$profile['profile_uid']) ? true : false);
if (App::$profile['hidewall'] && (!$is_owner) && (!remote_channel())) {
if ((isset(App::$profile['hidewall']) && App::$profile['hidewall']) && (!$is_owner) && (!remote_channel())) {
notice(t('Permission denied.') . EOL);
return;
}

1
Zotlabs/Module/Profile_photo.php
View File

@@ -587,7 +587,6 @@ class Profile_photo extends Controller {
return $o;
}
return; // NOTREACHED
}
/* @brief Generate the UI for photo-cropping

4
Zotlabs/Module/Pubsites.php
View File

@@ -8,6 +8,8 @@ class Pubsites extends \Zotlabs\Web\Controller {
function get() {
$dirmode = intval(get_config('system','directory_mode'));
$url = '';
if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) {
$url = z_root() . '/dirsearch';
}
@@ -19,7 +21,7 @@ class Pubsites extends \Zotlabs\Web\Controller {
$rating_enabled = get_config('system','rating_enabled');
$o .= '<div class="generic-content-wrapper">';
$o = '<div class="generic-content-wrapper">';
$o .= '<div class="section-title-wrapper"><h2>' . t('Public Hubs') . '</h2></div>';

23
Zotlabs/Module/Pubstream.php
View File

@@ -75,7 +75,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''),
'default_location' => $channel['channel_location'],
'nickname' => $channel['channel_address'],
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
'permissions' => $channel_acl,
'bang' => '',
@@ -91,6 +91,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
);
$o .= '<div id="jot-popup">';
$a = '';
$o .= status_editor($a,$x,false,'Pubstream');
$o .= '</div>';
}
@@ -158,11 +159,13 @@ class Pubstream extends \Zotlabs\Web\Controller {
require_once('include/channel.php');
require_once('include/security.php');
$sys = get_sys_channel();
$abook_uids = " and abook.abook_channel = " . intval($sys['channel_id']) . " ";
if($site_firehose) {
$uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and item_wall = 1 ";
}
else {
$sys = get_sys_channel();
$uids = " and item.uid = " . intval($sys['channel_id']) . " ";
$sql_extra = item_permissions_sql($sys['channel_id']);
\App::$data['firehose'] = intval($sys['channel_id']);
@@ -181,14 +184,13 @@ class Pubstream extends \Zotlabs\Web\Controller {
$net_query = (($net) ? " left join xchan on xchan_hash = author_xchan " : '');
$net_query2 = (($net) ? " and xchan_network = '" . protect_sprintf(dbesc($net)) . "' " : '');
$abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " ";
$simple_update = '';
if($update && $_SESSION['loadtime'])
$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
//logger('update: ' . $update . ' load: ' . $load);
$items = [];
if($update) {
$ordering = get_config('system', 'pubstream_ordering', 'commented');
@@ -200,7 +202,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
$net_query
WHERE mid = '%s' $uids $item_normal
and (abook.abook_blocked = 0 or abook.abook_flags is null)
$sql_extra3 $sql_extra $sql_nets $net_query2",
$sql_extra $net_query2",
dbesc($mid)
);
}
@@ -211,7 +213,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
$net_query
WHERE true $uids and item.item_thread_top = 1 $item_normal
and (abook.abook_blocked = 0 or abook.abook_flags is null)
$sql_extra3 $sql_extra $sql_nets $net_query2
$sql_extra $net_query2
ORDER BY $ordering DESC $pager_sql "
);
}
@@ -223,7 +225,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
$net_query
WHERE mid = '%s' $uids $item_normal_update $simple_update
and (abook.abook_blocked = 0 or abook.abook_flags is null)
$sql_extra3 $sql_extra $sql_nets $net_query2",
$sql_extra $net_query2",
dbesc($mid)
);
}
@@ -234,7 +236,7 @@ class Pubstream extends \Zotlabs\Web\Controller {
WHERE true $uids $item_normal_update
$simple_update
and (abook.abook_blocked = 0 or abook.abook_flags is null)
$sql_extra3 $sql_extra $sql_nets $net_query2"
$sql_extra $net_query2"
);
}
}
@@ -259,9 +261,6 @@ class Pubstream extends \Zotlabs\Web\Controller {
$items = fetch_post_tags($items,true);
$items = conv_sort($items,$ordering);
}
else {
$items = array();
}
}

2
Zotlabs/Module/Regate.php
View File

@@ -443,7 +443,7 @@ class Regate extends \Zotlabs\Web\Controller {
$msg = t('Unknown or expired ID');
zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx);
$o = replace_macros(get_markup_template('plain.tpl'), [
'$title' => $title,
'$title' => $msg,
'$now' => $nowfmt,
'$infos' => $msg
]);

8
Zotlabs/Module/Register.php
View File

@@ -26,7 +26,7 @@ class Register extends Controller {
// created a channel, we'll try to revive the connection request
// and process it.
if($_REQUEST['connect'])
if(isset($_REQUEST['connect']))
$_SESSION['connect'] = $_REQUEST['connect'];
switch($cmd) {
@@ -87,7 +87,7 @@ class Register extends Controller {
$name_error = validate_channelname($name);
if($name_error) {
notice($name_error . EOL);
return $ret;
return;
}
$nick = mb_strtolower(escape_tags(trim($arr['nickname'])));
@@ -166,7 +166,7 @@ class Register extends Controller {
if(!empty($password_result['error'])) {
$msg = $password_result['message'];
notice($msg);
zar_log($msg . ' ' . $did2);
zar_log($msg);
return;
}
@@ -239,7 +239,7 @@ class Register extends Controller {
);
$msg = t('Invitation code succesfully applied');
zar_log('ZAR0237I ' . $msg) . ', ' . $email;
zar_log('ZAR0237I ' . $msg . ', ' . $email);
// msg!
info($msg . EOL);

54
Zotlabs/Module/Rmagic.php
View File

@@ -6,21 +6,21 @@ use Zotlabs\Lib\Libzot;
class Rmagic extends \Zotlabs\Web\Controller {
function init() {
if(local_channel())
goaway(z_root());
$me = get_my_address();
if($me) {
$r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
$r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($me)
);
);
if(! $r) {
$w = discover_by_webbie($me);
if($w) {
$r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
$r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($me)
);
);
}
}
@@ -33,39 +33,39 @@ class Rmagic extends \Zotlabs\Web\Controller {
}
}
}
function post() {
$address = trim($_REQUEST['address']);
if(strpos($address,'@') === false) {
$arr = array('address' => $address);
call_hooks('reverse_magic_auth', $arr);
call_hooks('reverse_magic_auth', $arr);
// if they're still here...
notice( t('Authentication failed.') . EOL);
notice( t('Authentication failed.') . EOL);
return;
}
else {
// Presumed Red identity. Perform reverse magic auth
if(strpos($address,'@') === false) {
notice('Invalid address.');
return;
}
$r = null;
if($address) {
$r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
$r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($address)
);
);
if(! $r) {
$w = discover_by_webbie($address);
if($w) {
$r = q("select hubloc_url from hubloc where hubloc_addr = '%s'",
$r = q("select hubloc_url, hubloc_network from hubloc where hubloc_addr = '%s' and hubloc_deleted = 0",
dbesc($address)
);
);
}
}
}
@@ -76,20 +76,20 @@ class Rmagic extends \Zotlabs\Web\Controller {
}
else {
$url = 'https://' . substr($address,strpos($address,'@')+1);
}
if($url) {
if($_SESSION['return_url'])
}
if($url) {
if($_SESSION['return_url'])
$dest = bin2hex(z_root() . '/' . str_replace('zid=','zid_=',$_SESSION['return_url']));
else
$dest = bin2hex(z_root() . '/' . str_replace([ 'rmagic', 'zid=' ] ,[ '', 'zid_='],\App::$query_string));
goaway($url . '/magic' . '?f=&owa=1&bdest=' . $dest);
}
}
}
function get() {
return replace_macros(get_markup_template('rmagic.tpl'),
[
@@ -97,6 +97,6 @@ class Rmagic extends \Zotlabs\Web\Controller {
'$address' => [ 'address', t('Enter your channel address (e.g. channel@example.com)'), '', '' ],
'$submit' => t('Authenticate')
]
);
);
}
}

17
Zotlabs/Module/Rpost.php
View File

@@ -151,7 +151,7 @@ class Rpost extends \Zotlabs\Web\Controller {
}
}
if($_REQUEST['remote_return']) {
if(isset($_REQUEST['remote_return']) && $_REQUEST['remote_return']) {
$_SESSION['remote_return'] = $_REQUEST['remote_return'];
}
if(argc() > 1 && argv(1) === 'return') {
@@ -162,14 +162,14 @@ class Rpost extends \Zotlabs\Web\Controller {
$plaintext = true;
if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') {
if(isset($_REQUEST['type']) && $_REQUEST['type'] === 'html') {
require_once('include/html2bbcode.php');
$_REQUEST['body'] = html2bbcode($_REQUEST['body']);
}
$channel = \App::get_channel();
if($_REQUEST['acl']) {
if(isset($_REQUEST['acl']) && $_REQUEST['acl']) {
$acl = new \Zotlabs\Access\AccessList([]);
$acl->set($_REQUEST['acl']);
$channel_acl = $acl->get();
@@ -180,13 +180,13 @@ class Rpost extends \Zotlabs\Web\Controller {
}
if($_REQUEST['url']) {
if(isset($_REQUEST['url']) && $_REQUEST['url']) {
$x = z_fetch_url(z_root() . '/linkinfo?f=&url=' . urlencode($_REQUEST['url']));
if($x['success'])
$_REQUEST['body'] = $_REQUEST['body'] . $x['body'];
}
if($_REQUEST['post_id']) {
if(isset($_REQUEST['post_id']) && $_REQUEST['post_id']) {
$_REQUEST['body'] .= '[share=' . intval($_REQUEST['post_id']) . '][/share]';
}
@@ -201,9 +201,9 @@ class Rpost extends \Zotlabs\Web\Controller {
'bang' => '',
'visitor' => true,
'profile_uid' => local_channel(),
'title' => $_REQUEST['title'],
'body' => $_REQUEST['body'],
'attachment' => $_REQUEST['attachment'],
'title' => $_REQUEST['title'] ?? '',
'body' => $_REQUEST['body'] ?? '',
'attachment' => $_REQUEST['attachment'] ?? '',
'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''),
'return_path' => 'rpost/return',
'bbco_autocomplete' => 'bbcode',
@@ -212,6 +212,7 @@ class Rpost extends \Zotlabs\Web\Controller {
'jotnets' => true
);
$a = '';
$editor = status_editor($a,$x,false,'Rpost');
$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(

32
Zotlabs/Module/Search.php
View File

@@ -33,7 +33,7 @@ class Search extends Controller {
require_once('include/security.php');
$format = (($_REQUEST['format']) ? $_REQUEST['format'] : '');
$format = $_REQUEST['format'] ?? '';
if ($format !== '') {
$update = $load = 1;
}
@@ -59,15 +59,18 @@ class Search extends Controller {
$o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false));
if (local_channel() && strpos($search, 'https://') === 0 && !$update && !$load) {
if (strpos($search, 'b64.') !== false) {
if (strpos($search, '?') !== false) {
$search = strtok($search, '?');
$url = htmlspecialchars_decode($search);
if (strpos($url, 'b64.') !== false) {
if (strpos($url, '?') !== false) {
$url = strtok($url, '?');
}
$search = unpack_link_id(basename($search));
$url = unpack_link_id(basename($url));
}
$f = Libzot::fetch_conversation(App::get_channel(), punify($search), true);
$f = Libzot::fetch_conversation(App::get_channel(), punify($url), true);
if ($f) {
$mid = $f[0]['message_id'];
@@ -83,7 +86,7 @@ class Search extends Controller {
else {
// try other fetch providers (e.g. diaspora, pubcrawl)
$hookdata = [
'url' => punify($search)
'url' => punify($url)
];
call_hooks('fetch_provider', $hookdata);
}
@@ -143,10 +146,10 @@ class Search extends Controller {
$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1))
. "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n";
App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), [
App::$page['htmlhead'] = replace_macros(get_markup_template("build_query.tpl"), [
'$baseurl' => z_root(),
'$pgtype' => 'search',
'$uid' => ((App::$profile['profile_uid']) ? App::$profile['profile_uid'] : '0'),
'$uid' => App::$profile['profile_uid'] ?? '0',
'$gid' => '0',
'$cid' => '0',
'$cmin' => '(-1)',
@@ -177,6 +180,8 @@ class Search extends Controller {
}
$r = null;
if (($update) && ($load)) {
$itemspage = get_pconfig(local_channel(), 'system', 'itemspage');
App::set_pager_itemspage(((intval($itemspage)) ? $itemspage : 10));
@@ -192,8 +197,6 @@ class Search extends Controller {
$sys_id = perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream') ? $sys['channel_id'] : 0;
if ($load) {
$r = null;
if (local_channel()) {
$r = q("SELECT mid, MAX(id) AS item_id FROM item
WHERE (( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item.item_private = 0 )
@@ -205,7 +208,7 @@ class Search extends Controller {
);
}
if (!$r) {
if ($r === null) {
$r = q("SELECT mid, MAX(id) AS item_id FROM item
WHERE (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item.item_private = 0 )
AND item.uid IN ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK | PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
@@ -222,11 +225,6 @@ class Search extends Controller {
$r = dbq("select *, id as item_id from item where id in ( " . $str . ") order by created desc");
}
}
else {
$r = [];
}
}
$items = [];

7
Zotlabs/Module/Settings.php
View File

@@ -11,8 +11,9 @@ class Settings extends \Zotlabs\Web\Controller {
if(! local_channel())
return;
if($_SESSION['delegate'])
if (isset($_SESSION['delegate']) && $_SESSION['delegate']) {
return;
}
\App::$profile_uid = local_channel();
@@ -33,7 +34,7 @@ class Settings extends \Zotlabs\Web\Controller {
if(! local_channel())
return;
if($_SESSION['delegate'])
if(isset($_SESSION['delegate']) && $_SESSION['delegate'])
return;
// logger('mod_settings: ' . print_r($_REQUEST,true));
@@ -54,7 +55,7 @@ class Settings extends \Zotlabs\Web\Controller {
nav_set_selected('Settings');
if((! local_channel()) || ($_SESSION['delegate'])) {
if((! local_channel()) || (isset($_SESSION['delegate']) && $_SESSION['delegate'])) {
notice( t('Permission denied.') . EOL );
return login();
}

9
Zotlabs/Module/Settings/Channel.php
View File

@@ -27,10 +27,10 @@ class Channel {
$photo_path = ((x($_POST, 'photo_path')) ? escape_tags(trim($_POST['photo_path'])) : '');
$attach_path = ((x($_POST, 'attach_path')) ? escape_tags(trim($_POST['attach_path'])) : '');
$allow_location = (((x($_POST, 'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1 : 0);
$post_newfriend = (($_POST['post_newfriend'] == 1) ? 1 : 0);
$post_joingroup = (($_POST['post_joingroup'] == 1) ? 1 : 0);
$post_profilechange = (($_POST['post_profilechange'] == 1) ? 1 : 0);
$adult = (($_POST['adult'] == 1) ? 1 : 0);
$post_newfriend = ((isset($_POST['post_newfriend']) && $_POST['post_newfriend'] == 1) ? 1 : 0);
$post_joingroup = ((isset($_POST['post_joingroup']) && $_POST['post_joingroup'] == 1) ? 1 : 0);
$post_profilechange = ((isset($_POST['post_profilechange']) && $_POST['post_profilechange'] == 1) ? 1 : 0);
$adult = ((isset($_POST['adult']) && $_POST['adult'] == 1) ? 1 : 0);
$mailhost = ((array_key_exists('mailhost', $_POST)) ? notags(trim($_POST['mailhost'])) : '');
$pageflags = $channel['channel_pageflags'];
$existing_adult = (($pageflags & PAGE_ADULT) ? 1 : 0);
@@ -152,6 +152,7 @@ class Channel {
Master::Summon(['Directory', local_channel()]);
Libsync::build_sync_packet();
$email_changed = false;
if ($email_changed && App::$config['system']['register_policy'] == REGISTER_VERIFY) {
// FIXME - set to un-verified, blocked and redirect to logout

10
Zotlabs/Module/Settings/Display.php
View File

@@ -90,8 +90,8 @@ class Display {
$default_theme = 'redbasic';
$themespec = explode(':', \App::$channel['channel_theme']);
$existing_theme = $themespec[0];
$existing_schema = $themespec[1];
$existing_theme = $themespec[0] ?? '';
$existing_schema = $themespec[1] ?? '';
$theme = (($existing_theme) ? $existing_theme : $default_theme);
@@ -207,12 +207,12 @@ class Display {
function get_theme_config_file($theme){
$base_theme = \App::$theme_info['extends'];
$base_theme = \App::$theme_info['extends'] ?? '';
if (file_exists("view/theme/$theme/php/config.php")){
if ($theme && file_exists("view/theme/$theme/php/config.php")){
return "view/theme/$theme/php/config.php";
}
if (file_exists("view/theme/$base_theme/php/config.php")){
if ($base_theme && file_exists("view/theme/$base_theme/php/config.php")){
return "view/theme/$base_theme/php/config.php";
}
return null;

14
Zotlabs/Module/Siteinfo.php
View File

@@ -5,19 +5,19 @@ namespace Zotlabs\Module;
class Siteinfo extends \Zotlabs\Web\Controller {
function init() {
if (argv(1) === 'json' || $_REQUEST['module_format'] === 'json') {
if (argv(1) === 'json' || (isset($_REQUEST['module_format']) && $_REQUEST['module_format'] === 'json')) {
$data = get_site_info();
json_return_and_die($data);
}
}
function get() {
$federated = [];
call_hooks('federated_transports',$federated);
$siteinfo = replace_macros(get_markup_template('siteinfo.tpl'),
[
[
'$title' => t('About this site'),
'$sitenametxt' => t('Site Name'),
'$sitename' => \Zotlabs\Lib\System::get_site_name(),
@@ -29,7 +29,7 @@ class Siteinfo extends \Zotlabs\Web\Controller {
'$prj_header' => t('Software and Project information'),
'$prj_name' => t('This site is powered by $Projectname'),
'$prj_transport' => t('Federated and decentralised networking and identity services provided by Zot'),
'$transport_link' => '<a href="https://zotlabs.com">https://zotlabs.com</a>',
'$transport_link' => '<a href="https://zotlabs.org">https://zotlabs.org</a>',
'$additional_text' => t('Additional federated transport protocols:'),
'$additional_fed' => implode(', ', $federated),
@@ -41,11 +41,11 @@ class Siteinfo extends \Zotlabs\Web\Controller {
]
);
call_hooks('about_hook', $siteinfo);
call_hooks('about_hook', $siteinfo);
return $siteinfo;
}
}

48
Zotlabs/Module/Sitelist.php
View File

@@ -5,63 +5,63 @@ namespace Zotlabs\Module; /** @file */
class Sitelist extends \Zotlabs\Web\Controller {
function init() {
$start = (($_REQUEST['start']) ? intval($_REQUEST['start']) : 0);
$limit = ((intval($_REQUEST['limit'])) ? intval($_REQUEST['limit']) : 30);
$order = (($_REQUEST['order']) ? $_REQUEST['order'] : 'random');
$open = (($_REQUEST['open']) ? intval($_REQUEST['open']) : false);
$start = ((isset($_REQUEST['start'])) ? intval($_REQUEST['start']) : 0);
$limit = ((isset($_REQUEST['limit'])) ? intval($_REQUEST['limit']) : 30);
$order = ((isset($_REQUEST['order'])) ? $_REQUEST['order'] : 'random');
$open = ((isset($_REQUEST['open'])) ? intval($_REQUEST['open']) : false);
$sql_order = " order by site_url ";
$rand = db_getfunc('rand');
if($order == 'random')
$sql_order = " order by $rand ";
$sql_limit = " LIMIT $limit OFFSET $start ";
$sql_extra = "";
if($open)
$sql_extra = " and site_register = " . intval(REGISTER_OPEN) . " ";
$realm = get_directory_realm();
if($realm == DIRECTORY_REALM) {
$sql_extra .= " and ( site_realm = '" . dbesc($realm) . "' or site_realm = '') ";
}
else
$sql_extra .= " and site_realm = '" . dbesc($realm) . "' ";
$result = array('success' => false);
$r = q("select count(site_url) as total from site where site_type = %d and site_dead = 0 $sql_extra ",
intval(SITE_TYPE_ZOT)
);
if($r)
$result['total'] = intval($r[0]['total']);
$result['start'] = $start;
$result['limit'] = $limit;
$result['limit'] = $limit;
$r = q("select * from site where site_type = %d and site_dead = 0 $sql_extra $sql_order $sql_limit",
intval(SITE_TYPE_ZOT)
);
$result['results'] = 0;
$result['entries'] = array();
if($r) {
$result['success'] = true;
$result['success'] = true;
$result['results'] = count($r);
foreach($r as $rr) {
$result['entries'][] = array('url' => $rr['site_url']);
}
}
echo json_encode($result);
killme();
}
}

8
Zotlabs/Module/Sse_bs.php
View File

@@ -41,7 +41,7 @@ class Sse_bs extends Controller {
self::$offset = 0;
self::$xchans = '';
if($_REQUEST['sse_rmids'])
if(isset($_REQUEST['sse_rmids']))
self::mark_read($_REQUEST['sse_rmids']);
if(!empty($_REQUEST['nquery']) && $_REQUEST['nquery'] !== '%') {
@@ -580,12 +580,12 @@ class Sse_bs extends Controller {
$forums[$x]['notify_link'] = z_root() . '/network/?f=&pf=1&unseen=1&cid=' . $forums[$x]['abook_id'];
$forums[$x]['name'] = $forums[$x]['xchan_name'];
$forums[$x]['addr'] = $forums[$x]['xchan_addr'];
$forums[$x]['addr'] = $forums[$x]['xchan_addr'] ?? $forums[$x]['xchan_url'];
$forums[$x]['url'] = $forums[$x]['xchan_url'];
$forums[$x]['photo'] = $forums[$x]['xchan_photo_s'];
$forums[$x]['unseen'] = count($b64mids);
$forums[$x]['private_forum'] = (($forums[$x]['private_forum']) ? 'lock' : '');
$forums[$x]['message'] = (($forums[$x]['private_forum']) ? t('Private forum') : t('Public forum'));
$forums[$x]['private_forum'] = ((isset($forums[$x]['private_forum']) && $forums[$x]['private_forum']) ? 'lock' : '');
$forums[$x]['message'] = ((isset($forums[$x]['private_forum']) && $forums[$x]['private_forum']) ? t('Private forum') : t('Public forum'));
$forums[$x]['mids'] = json_encode($b64mids);
unset($forums[$x]['abook_id']);

18
Zotlabs/Module/Sslify.php
View File

@@ -9,23 +9,27 @@ class Sslify extends \Zotlabs\Web\Controller {
if($x['success']) {
$h = explode("\n",$x['header']);
foreach ($h as $l) {
if (strpos($l, ':') === false) {
continue;
}
list($k,$v) = array_map("trim", explode(":", trim($l), 2));
$hdrs[strtolower($k)] = $v;
}
if (array_key_exists('content-type', $hdrs))
if (array_key_exists('content-type', $hdrs))
header('Content-Type: ' . $hdrs['content-type']);
if (array_key_exists('last-modified', $hdrs))
if (array_key_exists('last-modified', $hdrs))
header('Last-Modified: ' . $hdrs['last-modified']);
if (array_key_exists('cache-control', $hdrs))
if (array_key_exists('cache-control', $hdrs))
header('Cache-Control: ' . $hdrs['cache-control']);
if (array_key_exists('expires', $hdrs))
if (array_key_exists('expires', $hdrs))
header('Expires: ' . $hdrs['expires']);
echo $x['body'];
killme();
}
killme();
}
}
}

64
Zotlabs/Module/Tagger.php
View File

@@ -12,11 +12,11 @@ require_once('include/items.php');
class Tagger extends \Zotlabs\Web\Controller {
function get() {
if(! local_channel()) {
return;
}
$sys = get_sys_channel();
$observer_hash = get_observer_hash();
@@ -25,23 +25,23 @@ class Tagger extends \Zotlabs\Web\Controller {
//check if empty
if(! $term)
return;
$item_id = ((argc() > 1) ? notags(trim(argv(1))) : 0);
logger('tagger: tag ' . $term . ' item ' . $item_id);
$r = q("select * from item where id = %d and uid = %d limit 1",
intval($item_id),
intval(local_channel())
);
);
if(! $r) {
$r = q("select * from item where id = %d and uid = %d limit 1",
intval($item_id),
intval($sys['channel_id'])
);
);
if($r) {
$r = [ copy_of_pubitem($channel, $i[0]['mid']) ];
$r = [ copy_of_pubitem($channel, $r[0]['mid']) ];
$item_id = (($r) ? $r[0]['id'] : 0);
}
}
@@ -55,16 +55,16 @@ class Tagger extends \Zotlabs\Web\Controller {
intval($item_id),
intval(local_channel())
);
if((! $item_id) || (! $r)) {
logger('tagger: no item ' . $item_id);
return;
}
$item = $r[0];
$owner_uid = $item['uid'];
switch($item['resource_type']) {
case 'photo':
$targettype = ACTIVITY_OBJ_PHOTO;
@@ -81,13 +81,13 @@ class Tagger extends \Zotlabs\Web\Controller {
$post_type = t('comment');
break;
}
$clean_term = trim($term,'"\' ');
$links = array(array('rel' => 'alternate','type' => 'text/html',
$links = array(array('rel' => 'alternate','type' => 'text/html',
'href' => z_root() . '/display/' . gen_link_id($item['mid'])));
$target = json_encode(array(
'type' => $targettype,
'id' => $item['mid'],
@@ -106,10 +106,10 @@ class Tagger extends \Zotlabs\Web\Controller {
array('rel' => 'photo', 'type' => $item['xchan_photo_mimetype'], 'href' => $item['xchan_photo_m'])),
),
));
$tagid = z_root() . '/search?tag=' . $clean_term;
$objtype = ACTIVITY_OBJ_TAGTERM;
$obj = json_encode(array(
'type' => $objtype,
'id' => $tagid,
@@ -117,30 +117,30 @@ class Tagger extends \Zotlabs\Web\Controller {
'title' => $clean_term,
'content' => $clean_term
));
$bodyverb = t('%1$s tagged %2$s\'s %3$s with %4$s');
// saving here for reference
// also check out x22d5 and x2317 and x0d6b and x0db8 and x24d0 and xff20 !!!
$termlink = html_entity_decode('&#x22d5;') . '[zrl=' . z_root() . '/search?tag=' . urlencode($clean_term) . ']'. $clean_term . '[/zrl]';
$channel = \App::get_channel();
$arr = array();
$arr['owner_xchan'] = $item['owner_xchan'];
$arr['author_xchan'] = $channel['channel_hash'];
$arr['item_origin'] = 1;
$arr['item_wall'] = ((intval($item['item_wall'])) ? 1 : 0);
$ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]';
$alink = '[zrl=' . $item['xchan_url'] . ']' . $item['xchan_name'] . '[/zrl]';
$plink = '[zrl=' . $item['plink'] . ']' . $post_type . '[/zrl]';
$arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink, $termlink );
$arr['verb'] = ACTIVITY_TAG;
$arr['tgt_type'] = $targettype;
$arr['target'] = $target;
@@ -152,14 +152,14 @@ class Tagger extends \Zotlabs\Web\Controller {
if($ret['success']) {
Libsync::build_sync_packet(local_channel(),
[
[
'item' => [ encode_item($ret['activity'],true) ]
]
);
}
killme();
}
}

28
Zotlabs/Module/Theme_info.php
View File

@@ -9,7 +9,7 @@ class Theme_info extends \Zotlabs\Web\Controller {
$theme = argv(1);
if(! $theme)
killme();
$schemalist = array();
$theme_config = "";
@@ -40,32 +40,32 @@ class Theme_info extends \Zotlabs\Web\Controller {
$credits = '';
}
$ret = [
'theme' => $theme,
'img' => get_theme_screenshot($theme),
'desc' => $desc,
'version' => $version,
'credits' => $credits,
$ret = [
'theme' => $theme,
'img' => get_theme_screenshot($theme),
'desc' => $desc,
'version' => $version,
'credits' => $credits,
'schemas' => $schemalist,
'config' => $theme_config
];
json_return_and_die($ret);
}
function get_theme_config_file($theme){
$base_theme = \App::$theme_info['extends'];
if (file_exists("view/theme/$theme/php/config.php")){
$base_theme = \App::$theme_info['extends'] ?? '';
if ($theme && file_exists("view/theme/$theme/php/config.php")){
return "view/theme/$theme/php/config.php";
}
if (file_exists("view/theme/$base_theme/php/config.php")){
}
if ($base_theme && file_exists("view/theme/$base_theme/php/config.php")){
return "view/theme/$base_theme/php/config.php";
}
return null;
}
}
}

12
Zotlabs/Module/Tokens.php
View File

@@ -90,8 +90,8 @@ class Tokens extends Controller {
$r = q("select count(atoken_id) as total where atoken_uid = %d",
intval($channel['channel_id'])
);
if($r && intval($r[0]['total']) >= $max_tokens) {
notice( sprintf( t('This channel is limited to %d tokens'), $max_tokens) . EOL);
if($r && intval($r[0]['total']) >= $max_atokens) {
notice( sprintf( t('This channel is limited to %d tokens'), $max_atokens) . EOL);
return;
}
}
@@ -282,15 +282,15 @@ class Tokens extends Controller {
}
$tpl = get_markup_template("tokens.tpl");
$o .= replace_macros($tpl, array(
$o = replace_macros($tpl, array(
'$form_security_token' => get_form_security_token('tokens'),
'$permcat' => ['permcat', t('Select a role for this guest'), $current_permcat, '', $permcats],
'$title' => t('Guest Access'),
'$desc' => $desc,
'$atoken' => $atoken,
'$name' => array('name', t('Login Name') . ' <span class="required">*</span>', (($atoken) ? $atoken['atoken_name'] : ''),''),
'$token'=> array('token', t('Login Password') . ' <span class="required">*</span>',(($atoken) ? $atoken['atoken_token'] : new_token()), ''),
'$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), (($atoken['atoken_expires'] && $atoken['atoken_expires'] > NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
'$name' => array('name', t('Login Name') . ' <span class="required">*</span>', $atoken['atoken_name'] ?? '',''),
'$token'=> array('token', t('Login Password') . ' <span class="required">*</span>', $atoken['atoken_token'] ?? new_token(), ''),
'$expires'=> array('expires', t('Expires (yyyy-mm-dd)'), ((isset($atoken['atoken_expires']) && $atoken['atoken_expires'] > NULL_DATE) ? datetime_convert('UTC',date_default_timezone_get(),$atoken['atoken_expires']) : ''), ''),
'$submit' => t('Submit'),
'$delete' => t('Delete')
));

8
Zotlabs/Module/Update.php
View File

@@ -5,8 +5,8 @@ namespace Zotlabs\Module;
class Update extends \Zotlabs\Web\Controller {
function get() {
$profile_uid = intval($_GET['p']);
$profile_uid = $_GET['p'] ?? 0;
// it's probably safe to do this for all modules and not just a limited subset,
// but it needs to be verified.
@@ -23,7 +23,7 @@ class Update extends \Zotlabs\Web\Controller {
if(in_array(strtolower(argv(1)),['articles','cards']))
killme();
$module = "\\Zotlabs\\Module\\" . ucfirst(argv(1));
$module = "\\Zotlabs\\Module\\" . ucfirst(argv(1));
$load = (((argc() > 2) && (argv(2) == 'load')) ? 1 : 0);
$mod = new $module;
@@ -38,6 +38,6 @@ class Update extends \Zotlabs\Web\Controller {
echo "</section></body></html>\r\n";
killme();
}
}

6
Zotlabs/Module/Viewconnections.php
View File

@@ -37,7 +37,7 @@ class Viewconnections extends \Zotlabs\Web\Controller {
if(! $_REQUEST['aj'])
$_SESSION['return_url'] = \App::$query_string;
$o = '';
$is_owner = ((local_channel() && local_channel() == \App::$profile['uid']) ? true : false);
$abook_flags = " and abook_pending = 0 and abook_self = 0 and abook_blocked = 0 and abook_ignored = 0 ";
@@ -118,12 +118,12 @@ class Viewconnections extends \Zotlabs\Web\Controller {
if($_REQUEST['aj']) {
if($contacts) {
$o = replace_macros(get_markup_template('viewcontactsajax.tpl'),array(
$o .= replace_macros(get_markup_template('viewcontactsajax.tpl'),array(
'$contacts' => $contacts
));
}
else {
$o = '<div id="content-complete"></div>';
$o .= '<div id="content-complete"></div>';
}
echo $o;
killme();

22
Zotlabs/Module/Wall_upload.php
View File

@@ -11,10 +11,10 @@ require_once('include/photos.php');
class Wall_upload extends \Zotlabs\Web\Controller {
function post() {
$using_api = ((x($_FILES,'media')) ? true : false);
$using_api = ((x($_FILES,'media')) ? true : false);
if($using_api) {
require_once('include/api.php');
if(api_user())
@@ -24,32 +24,32 @@ class Wall_upload extends \Zotlabs\Web\Controller {
if(argc() > 1)
$channel = channelx_by_nick(argv(1));
}
if(! $channel) {
if($using_api)
return;
notice( t('Channel not found.') . EOL);
killme();
}
$observer = \App::get_observer();
$args = array( 'source' => 'editor', 'visible' => 0, 'contact_allow' => array($channel['channel_hash']));
$ret = photo_upload($channel,$observer,$args);
if(! $ret['success']) {
if($using_api)
return;
notice($ret['message']);
killme();
}
if($using_api)
return("\n\n" . $ret['body'] . "\n\n");
else
echo "\n\n" . $ret['body'] . "\n\n";
killme();
}
}

14
Zotlabs/Module/Webpages.php
View File

@@ -132,9 +132,9 @@ class Webpages extends Controller {
return;
}
$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
$mimetype = ((isset($_REQUEST['mimetype']) && $_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
$layout = (($_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout'));
$layout = ((isset($_REQUEST['layout']) && $_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout'));
// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages
// Nickname is set to the observers xchan, and profile_uid to the owner's.
@@ -182,12 +182,9 @@ class Webpages extends Controller {
'bbcode' => true
);
if($_REQUEST['title'])
$x['title'] = $_REQUEST['title'];
if($_REQUEST['body'])
$x['body'] = $_REQUEST['body'];
if($_REQUEST['pagetitle'])
$x['pagetitle'] = $_REQUEST['pagetitle'];
$x['title'] = $_REQUEST['title'] ?? '';
$x['body'] = $_REQUEST['body'] ?? '';
$x['pagetitle'] = $_REQUEST['pagetitle'] ?? '';
// Get a list of webpages. We can't display all them because endless scroll makes that unusable,
@@ -206,6 +203,7 @@ class Webpages extends Controller {
if(! $r)
$x['pagetitle'] = 'home';
$a = '';
$editor = status_editor($a,$x,false,'Webpages');
$pages = null;

17
Zotlabs/Module/Well_known.php
View File

@@ -34,7 +34,6 @@ class Well_known extends \Zotlabs\Web\Controller {
$module = new \Zotlabs\Module\Wfinger();
$module->init();
break;
case 'host-meta':
\App::$argc -= 1;
array_shift(\App::$argv);
@@ -42,7 +41,6 @@ class Well_known extends \Zotlabs\Web\Controller {
$module = new \Zotlabs\Module\Hostxrd();
$module->init();
break;
case 'oauth-authorization-server':
case 'openid-configuration':
\App::$argc -= 1;
@@ -51,18 +49,17 @@ class Well_known extends \Zotlabs\Web\Controller {
$module = new \Zotlabs\Module\Oauthinfo();
$module->init();
break;
case 'dnt-policy.txt':
echo file_get_contents('doc/dnt-policy.txt');
killme();
break;
case 'caldav':
case 'carddav':
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
http_status('301', 'moved permanently');
goaway(z_root() . '/cdav');
};
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
http_status('301', 'moved permanently');
goaway(z_root() . '/cdav');
};
break;
default:
if(file_exists(\App::$cmd)) {
echo file_get_contents(\App::$cmd);
@@ -71,10 +68,8 @@ class Well_known extends \Zotlabs\Web\Controller {
elseif(file_exists(\App::$cmd . '.php'))
require_once(\App::$cmd . '.php');
break;
}
}
http_status_exit(404);
}
}

2
Zotlabs/Module/Wfinger.php
View File

@@ -21,7 +21,7 @@ class Wfinger extends \Zotlabs\Web\Controller {
elseif(x($_SERVER,'HTTP_X_FORWARDED_PROTO') && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))
$scheme = 'https';
$zot = intval($_REQUEST['zot']);
$zot = $_REQUEST['zot'] ?? '';
if(($scheme !== 'https') && (! $zot)) {
header($_SERVER["SERVER_PROTOCOL"] . ' ' . 500 . ' ' . 'Webfinger requires HTTPS');

4
Zotlabs/Module/Xpoco.php
View File

@@ -7,7 +7,7 @@ require_once('include/socgraph.php');
class Xpoco extends \Zotlabs\Web\Controller {
function init() {
poco($a,true);
poco();
}
}

Some files were not shown because too many files have changed in this diff Show More