Merge branch '9.2RC'

Add module test helper expectRedirectTo + api docs

See merge request hubzilla/core!2138

.debianinstall/README.md

@@ -0,0 +1,158 @@
+
+# How to use
+
+## Disclaimers
+
+- **This script does work with a fresh install of Debian 12 only**.
+- Do not use if you have already installed and configured a webserver or sql server that was not installed by this script.
+
+### Keep it Simple and Stupid
+
+The script keeps everything as simple as possible (KISS):
+
+- Apache as webserver (there is no choice to use another webserver like nginx)
+- default PHP version of Debian
+- one single Hubzilla intance only
+- re-running the script does no harm
+
+### When to use other Scripts
+
+Use the scripts under [homeinstall](https://framagit.org/hubzilla/core/-/tree/master/.homeinstall)
+if you look for more choices. The main differences are:
+
+- Apache or nginx as webserver
+- install multiple instances (domains) that run side by side on the server
+- adds apache vhosts (instead of using the standard doc root /var/www/html)
+- install PHP from https://packages.sury.org/php/ (instead of using the Debian repository)
+- graphical installer whiptail
+- The script stops (fails) if it finds results of a previous installation. (The [debian-setup.sh](https://framagit.org/ojrandom/core/-/tree/dev/.debianinstall) will just jump over it.)
+- If something fails the script tries to clean up everything that was installed up to the point of failure. (That might cause trouble if certbot registered a certificate already.)
+- The script under [homeinstall](https://framagit.org/hubzilla/core/-/tree/master/.homeinstall) seems to be an older version of the scripts used for Streams
+  + [autoinstall](https://codeberg.org/streams/streams/src/branch/dev/contrib/autoinstall)
+  + [easyinstall](https://codeberg.org/streams/streams/src/branch/dev/contrib/easyinstall)
+
+## Preconditions
+
+Hardware
+
++ internet connection and router at home
++ computer connected to your router (a Raspberry 3 will do for very small Hubs)
+
+Software
+
++ fresh installation of Debian 12 (bookworm)
++ router with open ports 80 and 443 for your web server
+
+You can of course run the script on a VPS or any distant server as long as the above sotfware requirements are satisfied.
+
+## How to run the script
+
++ Register your own domain (for example at selfHOST) or a free subdomain (for example at freeDNS)
++ Log on to your fresh Debian
+  - apt-get install git
+  - mkdir -p /var/www
+  - cd /var/www
+  - git clone https://framagit.org/hubzilla/core.git html
+  - cd html/.debianinstall
+  - cp config.txt.template config.txt
+  - nano config.txt
+    - read the comments carefully
+    - enter your values: db pass, domain
+    - (optionally) Enter your values for dyn DNS
+  - ./debian-setup.sh as root
+    - ... wait, wait, wait until the script is finished
++ Open your domain with a browser and step throught the initial configuration of your hubzilla instance.
+  - default database name = hubzilla
+  - default dababase user = hubzilla
+
+## Optional - Switch verification of email on/off
+
+Do this just before you register the first user without email verification.
+
+In a terminal
+
+    su -
+    cd /var/www/html
+
+Check the current setting 
+
+    util/config system verify_email
+
+Switch the verification off
+
+    util/config system verify_email 0
+
+## What the script will do for you...
+
++ install everything required by your hubzilla instance, basically a web server (Apache), PHP, a database (MySQL), certbot,...
++ create a database
++ run certbot to have everything for a secure connection (httpS)
++ create a script for daily maintenance
+  - renew certfificate (letsencrypt)
+  - update of your hubzilla instance for core and addons (git)
+  - update of Debian
+  - restart
++ create cron jobs for
+  - DynDNS (selfHOST.de or freedns.afraid.org) every 5 minutes
+  - Master.php for your hubzilla instance every 10 minutes
+  - daily maintenance script every day at 05:30
+
+The script is known to work without adjustments with
+
++ Hardware
+  - standard PC with Debian 12 (bookworm)
+  - Raspberry 4 with Raspbian, Debian 12 (TODO: needs confirmation after swich to Debian12)
+  - for tesing purposes: under localhost inside a virtual machine, [KVM](https://wiki.debian.org/KVM)
++ DynDNS
+  - selfHOST.de
+  - freedns.afraid.org
+
+# Step-by-Step - some Details
+
+## Preparations
+
+## Configure your Router
+
+Your webserver has to be visible in the internet.  
+
+Open the ports 80 and 443 on your router for your Debian. Make sure your web server is marked as "exposed host".
+
+## Preparations Dynamic IP Address
+
+Follow the instructions in .debianinstall/config.txt.  
+
+In short...  
+
+Your Hubzilla server must be reachable by a domain that you can type in your browser
+
+    cooldomain.org
+
+You can use subdomains as well
+
+    my.cooldomain.org
+
+There are two ways to get a domain...
+
+### Method 1: Buy a Domain 
+
+...for example buy at selfHOST.de  
+
+The cost is 1,50 € per month (2019).
+
+### Method 2: Register a free subdomain
+
+...for example register at freedns.afraid.org
+
+## Note on Rasperry 
+
+It is recommended to run the Raspi without graphical frontend (X-Server). Use...
+
+    sudo raspi-config
+
+to boot the Rapsi to the client console.
+
+DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!
+
+## Reminder for Different Web Wervers
+
+For those of you who feel adventurous enough to use a different web server (i.e. Lighttpd...), don't forget that this script will install Apache or Nginx and that you can only have one web server listening to ports 80 & 443. Also, don't forget to tweak your daily shell script in /var/www/ accordingly.

.debianinstall/config.txt.template

@@ -0,0 +1,111 @@
+
+###############################################
+### MANDATORY - database password #############
+#
+# Please give your database password
+# It is better to not use blanks inside the password.
+#   Example: db_pass=pass_word_with_no_blanks_in_it
+db_pass=
+
+###############################################
+### MANDATORY - let's encrypt #################
+#
+# Zot requires encrypted communication via secure HTTP (HTTPS).
+# This script automates installation of an SSL certificate from
+# Let's Encrypt (https://letsencrypt.org)
+#
+# Please give the domain name of your hub/instance
+#
+#     Example: my.cooldomain.org
+#     Example: cooldomain.org
+#
+# You might use "localhost" for a LOCAL TEST installation.
+# This is usefull if you want to debug the server inside a VM.
+#
+#     Example: localhost
+#
+# Email is optional if you use "localhost".
+#
+#
+le_domain=
+le_email=
+
+
+###############################################
+### OPTIONAL - selfHOST - dynamic IP address ##
+#
+# 1. Register a domain at selfhost.de
+#    - choose offer "DOMAIN dynamisch" 1,50€/mon at 04/2019
+# 2. Get your configuration for dynamic IP update
+#    - Log in at selfhost.de
+#    - go to "DynDNS Accounte"
+#    - klick "Details" of your (freshly) registered domain
+#    - You will find the configuration there
+#      - Benutzername (user name) > use this for "selfhost_user="
+#      - Passwort (pass word) > use this for "selfhost_pass="
+#
+#
+selfhost_user=
+selfhost_pass=
+
+###############################################
+### OPTIONAL - FreeDNS - dynamic IP address ###
+#
+# Please give the alpha-numeric-key of freedns
+#
+# Get a free subdomain from freedns and use it for your dynamic ip address
+# Documentation under http://www.techjawab.com/2013/06/setup-dynamic-dns-dyndns-for-free-on.html
+#
+# - Register for a Free domain at http://freedns.afraid.org/signup/
+# - WATCH THIS: Make sure you choose a domain with as less subdomains as
+#   possible. Why? Let's encrpyt issues a limited count of certificates each
+#   day. Possible other users of this domain will try to issue a certificate
+#   at the same day.
+# - Logon to FreeDNS (where you just registered)
+# - Goto http://freedns.afraid.org/dynamic/
+# - Right click on "Direct Link" and copy the URL and paste it somewhere.
+# - You should notice a large and unique alpha-numeric key in the URL
+#
+#       http://freedns.afraid.org/dynamic/update.php?alpha-numeric-key
+#
+#   Provided your url from freedns is
+#
+#	http://freedns.afraid.org/dynamic/update.php?U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
+#
+#   Then you have to provide
+#
+#       freedns_key=U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
+#
+#
+freedns_key=
+
+
+###############################################
+### OPTIONAL - do not mess with things below ##
+#              (...if you are not certain)
+#
+# Usually you are done here
+# Everything below is OPTIONAL
+#
+###############################################
+#
+# Database for your hub/instance
+# If left empty, both your database and user will be named after your zot instance (hubzilla, zap or misty)
+# Use custom name, at least fo the database, if you plan to run more than one hub/instance on the same server
+#
+zotserver_db_name=
+zotserver_db_user=
+zotserver_db_pass=$db_pass
+# 
+#
+# Password for package mysql-server
+#   Example: mysqlpass=aberhallo
+#   Example: mysqlpass="aber hallo has blanks in it"
+#
+mysqlpass=$db_pass
+
+# Password for package phpmyadmin
+#   Example: phpmyadminpass=aberhallo
+#   Example: phpmyadminpass="aber hallo has blanks in it"
+phpmyadminpass=$db_pass
+

.debianinstall/debian-setup.sh

@@ -0,0 +1,527 @@
+#!/bin/bash
+#
+# How to use
+# ----------
+#
+# This file automates the installation of hubzilla: https://framagit.org/hubzilla/core
+# under Debian Linux "bookworm"
+#
+# 1) Copy the file "config.txt.template" to "config.txt"
+#       Follow the instuctions there
+#
+# 2) Switch to user "root" by typing "su -"
+#
+# 3) Run with "./debian-setup.sh"
+#       If this fails check if you can execute the script.
+#       - To make it executable type "chmod +x debian-setup.sh"
+#       - or run "bash debian-setup.sh"
+#
+#
+# What does this script do basically?
+# -----------------------------------
+#
+# This file automates the installation of a Hubzilla instance under Debian Linux
+# - install
+#        * apache webserver,
+#        * php,
+#        * mariadb,
+#        * adminer,
+#        * addons
+# - configure cron
+#        * "Master.php" for regular background processes of your hubzilla instance
+#        * "apt-get update" and "apt-get dist-upgrade" and "apt-get autoremove" to keep linux up-to-date
+#        * run command to keep the IP up-to-date > DynDNS provided by selfHOST.de or freedns.afraid.org
+# - run letsencrypt to create, register and use a certifacte for https
+#
+#
+# Credits
+# -------
+#
+# The script is derived from the easyinstall script of the Streams repository, which is based on
+# - Tom Wiedenhöfts (OJ Random) script homeinstall (for Hubzilla, ZAP,...) that was based on
+# - Thomas Willinghams script "debian-setup.sh" which he used to install the red#matrix.
+
+function check_sanity {
+    # Do some sanity checking.
+    print_info "Sanity check..."
+    if [ $(/usr/bin/id -u) != "0" ]
+    then
+        die 'Must be run by root user'
+    fi
+
+    if [ -f /etc/lsb-release ]
+    then
+        die "Distribution is not supported"
+    fi
+    if [ ! -f /etc/debian_version ]
+    then
+        die "Debian is supported only"
+    fi
+    if ! grep -q 'Linux 12' /etc/issue
+    then
+        die "Linux 12 (bookworm) is supported only"x
+    fi
+}
+
+function check_config {
+    print_info "config check..."
+    # Check for required parameters
+    if [ -z "$db_pass" ]
+    then
+        die "db_pass not set in $configfile"
+    fi
+    if [ -z "$le_domain" ]
+    then
+        die "le_domain not set in $configfile"
+    fi
+}
+
+function die {
+    echo "ERROR: $1" > /dev/null 1>&2
+    exit 1
+}
+
+
+function update_upgrade {
+    print_info "updated and upgrade..."
+    # Run through the apt-get update/upgrade first. This should be done before
+    # we try to install any package
+    apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove
+    print_info "updated and upgraded linux"
+}
+
+function nocheck_install {
+    # export DEBIAN_FRONTEND=noninteractive ... answers from the package configuration database
+    # - q ... without progress information
+    # - y ... answer interactive questions with "yes"
+    # DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -q -y install $2
+    # DEBIAN_FRONTEND=noninteractive apt-get --install-suggests -q -y install $1
+    DEBIAN_FRONTEND=noninteractive apt-get -q -y install $1
+    print_info "installed $1"
+}
+
+
+function print_info {
+    echo -n -e '\e[1;34m'
+    echo -n $1
+    echo -e '\e[0m'
+}
+
+function print_warn {
+    echo -n -e '\e[1;31m'
+    echo -n $1
+    echo -e '\e[0m'
+}
+
+function stop_zotserver {
+    print_info "stopping apache..."
+    systemctl stop apache2
+    print_info "stopping mysql db..."
+    systemctl stop mariadb
+}
+
+function install_apache {
+    print_info "installing apache..."
+    nocheck_install "apache2 apache2-utils"
+    a2enmod rewrite
+    systemctl restart apache2
+}
+
+function install_imagemagick {
+    print_info "installing imagemagick..."
+    nocheck_install "imagemagick"
+}
+
+function install_curl {
+    print_info "installing curl..."
+    nocheck_install "curl"
+}
+
+function install_wget {
+    print_info "installing wget..."
+    nocheck_install "wget"
+}
+
+function install_sendmail {
+    print_info "installing sendmail..."
+    nocheck_install "sendmail sendmail-bin"
+}
+
+function install_php {
+    # openssl and mbstring are included in libapache2-mod-php
+    print_info "installing php..."
+    nocheck_install "libapache2-mod-php php php-pear php-curl php-gd php-mbstring php-xml php-zip"
+    phpversion=$(php -v|grep --only-matching --perl-regexp "(PHP )\d+\.\\d+\.\\d+"|cut -c 5-7)
+    sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/$phpversion/apache2/php.ini
+    sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/$phpversion/apache2/php.ini
+}
+
+function install_composer {
+    print_info "We check if Composer is already downloaded"
+    if [ ! -f /usr/local/bin/composer ]
+    then
+        EXPECTED_CHECKSUM="$(php -r 'copy("https://composer.github.io/installer.sig", "php://stdout");')"
+        php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+        ACTUAL_CHECKSUM="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
+        if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
+        then
+            >&2 echo 'ERROR: Invalid installer checksum'
+            rm composer-setup.php
+            die 'ERROR: Invalid installer checksum'
+        fi
+        php composer-setup.php --quiet
+        RESULT=$?
+        rm composer-setup.php
+        # exit $RESULT
+        # We install Composer globally
+        mv composer.phar /usr/local/bin/composer
+        print_info "Composer was successfully downloaded."
+    else
+        print_info "Composer is already downloaded on this system."
+    fi
+    cd $install_path
+    export COMPOSER_ALLOW_SUPERUSER=1;
+    /usr/local/bin/composer install --no-dev
+    /usr/local/bin/composer show
+    export COMPOSER_ALLOW_SUPERUSER=0;
+}
+
+
+function install_mysql {
+    print_info "installing mysql..."
+    if [ -z "$mysqlpass" ]
+    then
+        die "mysqlpass not set in $configfile"
+    fi
+	if type mysql ; then
+        echo "Yes, mysql is installed"
+	else
+        echo "mariadb-server"
+        nocheck_install "mariadb-server"
+        systemctl status mariadb
+        systemctl start mariadb
+        mysql --user=root <<_EOF_
+UPDATE mysql.user SET Password=PASSWORD('${mysqlpass}') WHERE User='root';
+DELETE FROM mysql.user WHERE User='';
+DROP DATABASE IF EXISTS test;
+DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
+FLUSH PRIVILEGES;
+_EOF_
+    fi
+}
+
+function install_adminer {
+    print_info "installing adminer..."
+    nocheck_install "adminer"
+    if [ ! -f /etc/adminer/adminer.conf ]
+    then
+        echo "Alias /adminer /usr/share/adminer/adminer" > /etc/adminer/adminer.conf
+        ln -s /etc/adminer/adminer.conf /etc/apache2/conf-available/adminer.conf
+    else
+        print_info "file /etc/adminer/adminer.conf exists already"
+    fi
+
+    a2enmod rewrite
+
+    if [ ! -f /etc/apache2/apache2.conf ]
+    then
+        die "could not find file /etc/apache2/apache2.conf"
+    fi
+    sed -i \
+        "s/AllowOverride None/AllowOverride all/" \
+        /etc/apache2/apache2.conf
+
+    a2enconf adminer
+    systemctl restart mariadb
+    systemctl reload apache2
+}
+
+function create_zotserver_db {
+    print_info "creating zotserver database..."
+    if [ -z "$db_name" ]
+    then
+        die "db_name not set in $configfile"
+    fi
+    if [ -z "$db_user" ]
+    then
+        die "db_user not set in $configfile"
+    fi
+    if [ -z "$db_pass" ]
+    then
+        die "db_pass not set in $configfile"
+    fi
+    systemctl restart mariadb
+    # Make sure we don't write over an already existing database if we install more than one Zot hub/instance
+    if [ -z $(mysql -h localhost -u root -p$mysqlpass -e "SHOW DATABASES;" | grep $db_name) ]
+    then
+        Q1="CREATE DATABASE IF NOT EXISTS $db_name;"
+        Q2="GRANT USAGE ON *.* TO $db_user@localhost IDENTIFIED BY '$db_pass';"
+        Q3="GRANT ALL PRIVILEGES ON $name.* to $db_user@localhost identified by '$db_pass';"
+        Q4="FLUSH PRIVILEGES;"
+        SQL="${Q1}${Q2}${Q3}${Q4}"
+        mysql -uroot -p$mysqlpass -e "$SQL"
+    else
+        echo "database $db_name does exist already"
+    fi
+}
+
+function run_freedns {
+    print_info "run freedns (dynamic IP)..."
+    if [ -z "$freedns_key" ]
+    then
+        print_info "freedns was not started because 'freedns_key' is empty in $configfile"
+    else
+        if [ -n "$selfhost_user" ]
+        then
+            die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)"
+        fi
+        wget --no-check-certificate -O - http://freedns.afraid.org/dynamic/update.php?$freedns_key
+    fi
+}
+
+function install_run_selfhost {
+    print_info "install and start selfhost (dynamic IP)..."
+    if [ -z "$selfhost_user" ]
+    then
+        print_info "selfHOST was not started because 'selfhost_user' is empty in $configfile"
+    else
+        if [ -n "$freedns_key" ]
+        then
+            die "You can not use freeDNS AND selfHOST for dynamic IP updates ('freedns_key' AND 'selfhost_user' set in $configfile)"
+        fi
+        if [ -z "$selfhost_pass" ]
+        then
+            die "selfHOST was not started because 'selfhost_pass' is empty in $configfile"
+        fi
+        if [ ! -d $selfhostdir ]
+        then
+            mkdir $selfhostdir
+        fi
+        # the old way
+        # https://carol.selfhost.de/update?username=123456&password=supersafe
+        #
+        # the prefered way
+        wget --output-document=$selfhostdir/$selfhostscript http://jonaspasche.de/selfhost-updater
+        echo "router" > $selfhostdir/device
+        echo "$selfhost_user" > $selfhostdir/user
+        echo "$selfhost_pass" > $selfhostdir/pass
+        bash $selfhostdir/$selfhostscript update
+    fi
+}
+
+function ping_domain {
+    print_info "ping domain $domain..."
+    # Is the domain resolved? Try to ping 6 times à 10 seconds
+    COUNTER=0
+    for i in {1..6}
+    do
+        print_info "loop $i for ping -c 1 $domain ..."
+        if ping -c 4 -W 1 $le_domain
+        then
+            print_info "$le_domain resolved"
+            break
+        else
+            if [ $i -gt 5 ]
+            then
+                die "Failed to: ping -c 1 $domain not resolved"
+            fi
+        fi
+        sleep 10
+    done
+    sleep 5
+}
+
+function configure_cron_freedns {
+    print_info "configure cron for freedns..."
+    if [ -z "$freedns_key" ]
+    then
+        print_info "freedns is not configured because freedns_key is empty in $configfile"
+    else
+        # Use cron for dynamich ip update
+        #   - at reboot
+        #   - every 30 minutes
+        if [ -z "`grep 'freedns.afraid.org' /etc/crontab`" ]
+        then
+            echo "@reboot root http://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab
+            echo "*/30 * * * * root wget --no-check-certificate -O - http://freedns.afraid.org/dynamic/update.php?$freedns_key > /dev/null 2>&1" >> /etc/crontab
+        else
+            print_info "cron for freedns was configured already"
+        fi
+    fi
+}
+
+function configure_cron_selfhost {
+    print_info "configure cron for selfhost..."
+    if [ -z "$selfhost_user" ]
+    then
+        print_info "selfhost is not configured because selfhost_key is empty in $configfile"
+    else
+        # Use cron for dynamich ip update
+        #   - at reboot
+        #   - every 5 minutes
+        if [ -z "`grep 'selfhost-updater.sh' /etc/crontab`" ]
+        then
+            echo "@reboot root bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
+            echo "*/5 * * * * root /bin/bash /etc/selfhost/selfhost-updater.sh update > /dev/null 2>&1" >> /etc/crontab
+        else
+            print_info "cron for selfhost was configured already"
+        fi
+    fi
+}
+
+function install_letsencrypt {
+    print_info "installing let's encrypt ..."
+    # check if user gave domain
+    if [ -z "$le_domain" ]
+    then
+        die "Failed to install let's encrypt: 'le_domain' is empty in $configfile"
+    fi
+    if [ -z "$le_email" ]
+    then
+        die "Failed to install let's encrypt: 'le_email' is empty in $configfile"
+    fi
+    nocheck_install "certbot python-certbot-apache"
+    print_info "run certbot ..."
+    certbot --apache -w $install_path -d $le_domain -m $le_email --agree-tos --non-interactive --redirect --hsts --uir
+    service apache2 restart
+}
+
+function check_https {
+    print_info "checking httpS > testing ..."
+    url_https=https://$le_domain
+    wget_output=$(wget -nv --spider --max-redirect 0 $url_https)
+    if [ $? -ne 0 ]
+    then
+        print_warn "check not ok"
+    else
+        print_info "check ok"
+    fi
+}
+
+function install_zotserver {
+    print_info "installing addons..."
+    cd $install_path
+    util/add_addon_repo https://framagit.org/hubzilla/addons hzaddons
+    mkdir -p "store/[data]/smarty3"
+    # chmod -R 777 store
+    touch .htconfig.php
+    # The next run of $cron_job (daily-update script) will correct the permissions of the next line
+    chmod ou+w .htconfig.php  
+    cd /var/www/
+    chown -R www-data:www-data $install_path
+	chown root:www-data $install_path/
+	chown root:www-data $install_path/.htaccess
+	chmod 0644 $install_path/.htaccess
+    print_info "installed addons"
+}
+
+function configure_cron_daily {
+    print_info "configuring cron..."
+    # every 10 min for poller.php
+    if [ -z "`grep 'php Zotlabs/Daemon/Master.php' /etc/crontab`" ]
+    then
+        echo "*/10 * * * * www-data cd $install_path; php Zotlabs/Daemon/Master.php Cron >> /dev/null 2>&1" >> /etc/crontab
+    fi
+    # Run external script daily at 05:30
+    # - stop apache/nginx and mysql-server
+    # - renew the certificate of letsencrypt
+    # - update repository core and addon
+    # - update and upgrade linux
+    # - reboot is done by "shutdown -h now" because "reboot" hangs sometimes depending on the system
+    echo "#!/bin/sh" > /var/www/$cron_job
+    echo "#" >> /var/www/$cron_job
+    echo "echo \" \"" >> /var/www/$cron_job
+    echo "echo \"+++ \$(date) +++\"" >> /var/www/$cron_job
+    echo "echo \" \"" >> /var/www/$cron_job
+    echo "echo \"\$(date) - stopping apache and mysql...\"" >> /var/www/$cron_job
+    echo "service apache2 stop" >> /var/www/$cron_job
+    echo "/etc/init.d/mysql stop # to avoid inconsistencies" >> /var/www/$cron_job
+    echo "#" >> /var/www/$cron_job
+    echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$cron_job
+    echo "certbot renew --noninteractive" >> /var/www/$cron_job
+    echo "#" >> /var/www/$cron_job
+    echo "echo \"\$(date) - db size...\"" >> /var/www/$cron_job
+    echo "du -h /var/lib/mysql/ | grep mysql/" >> /var/www/$cron_job
+    echo "#" >> /var/www/$cron_job    
+    echo "# update of $le_domain Zot hub/instance" >> /var/www/$cron_job
+    echo "echo \"\$(date) - updating core and addons...\"" >> /var/www/$cron_job
+    echo "echo \"reaching git repository for $le_domain $zotserver hub/instance...\"" >> /var/www/$cron_job
+    echo "(cd $install_path ; util/udall)" >> /var/www/$cron_job
+    echo "chown -R www-data:www-data $install_path # make all accessible for the webserver" >> /var/www/$cron_job
+    echo "chown root:www-data $install_path/.htaccess" >> /var/www/$cron_job
+    echo "chmod 0644 $install_path/.htaccess # www-data can read but not write it" >> /var/www/$cron_job    
+    echo "echo \"\$(date) - updating linux...\"" >> /var/www/$cron_job
+    echo "apt-get -q -y update && apt-get -q -y dist-upgrade && apt-get -q -y autoremove # update linux and upgrade" >> /var/www/$cron_job
+    echo "echo \"\$(date) - Update finished. Rebooting...\"" >> /var/www/$cron_job
+    echo "#" >> /var/www/$cron_job
+    echo "shutdown -r now" >> /var/www/$cron_job
+
+    chmod a+x /var/www/$cron_job
+
+    # If global cron job does not exist we add it to /etc/crontab
+    if grep -q $cron_job /etc/crontab
+    then
+        echo "cron job already in /etc/crontab"
+    else
+        echo "30 05 * * * root /bin/bash /var/www/$cron_job >> /var/www/daily-updates.log 2>&1" >> /etc/crontab
+        echo "0 0 1 * * root rm /var/www/daily-updates.log" >> /etc/crontab
+    fi
+
+    # This is active after either "reboot" or cron reload"
+    systemctl restart cron
+    print_info "configured cron for updates/upgrades"
+}
+
+########################################################################
+# START OF PROGRAM
+########################################################################
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin
+check_sanity
+
+print_info "We're installing a $zotserver instance"
+install_path="$(dirname "$(pwd)")"
+
+# Read config file edited by user
+configfile=config.txt
+source $configfile
+
+selfhostdir=/etc/selfhost
+selfhostscript=selfhost-updater.sh
+cron_job="cron_job.sh"
+
+#set -x    # activate debugging from here
+
+zotserver=hubzilla
+check_config
+stop_zotserver
+update_upgrade
+install_curl
+install_wget
+install_sendmail
+install_apache
+install_imagemagick
+install_php
+install_composer
+install_mysql
+install_adminer
+create_zotserver_db
+run_freedns
+install_run_selfhost
+ping_domain
+configure_cron_freedns
+configure_cron_selfhost
+
+if [ "$le_domain" != "localhost" ]
+then
+    install_letsencrypt
+    check_https
+else
+    print_info "is localhost - skipped installation of letsencrypt and configuration of apache for https"
+fi
+
+install_zotserver
+
+configure_cron_daily
+
+
+#set +x    # stop debugging from here

.gitignore

@@ -49,6 +49,8 @@ doc/html/
 # external repositories for themes/addons
 extend/
 # files generated by phpunit
+tests/.cache
+tests/.phpunit.result.cache
 tests/results/
 
 ## exclude IDE files
@@ -78,5 +80,36 @@ composer.phar
 vendor/**/tests/
 vendor/**/Test/
 vendor/sabre/*/examples/
+
+# Exclude dev dependencies
+vendor/bin/pdepend
+vendor/bin/php-parse
+vendor/bin/phpcbf
+vendor/bin/phpcs
+vendor/bin/phpmd
+vendor/bin/phpunit
+vendor/composer/pcre/
+vendor/composer/xdebug-handler/
+vendor/dms/
+vendor/doctrine/
+vendor/myclabs/
+vendor/nikic/
+vendor/pdepend/
+vendor/phar-io/
+vendor/php-mock/
+vendor/phpmd/
+vendor/phpunit/
+vendor/psr/container/
+vendor/sebastian/
+vendor/squizlabs/
+vendor/symfony/config/
+vendor/symfony/dependency-injection/
+vendor/symfony/deprecation-contracts/
+vendor/symfony/filesystem/
+vendor/symfony/polyfill-ctype/
+vendor/symfony/polyfill-mbstring/
+vendor/symfony/polyfill-php80/
+vendor/symfony/service-contracts/
+vendor/theseer/
 # /info is a directory containing site-specific HTML documents
 /info/

.gitlab-ci.yml

@@ -1,10 +1,3 @@
-# Select image from https://hub.docker.com/_/php/
-#image: php:7.3
-# Use a prepared Hubzilla image to optimise pipeline duration
-# image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
-
-image: php:8.1
-
 stages:
   - test
   - deploy
@@ -24,6 +17,7 @@ variables:
   # Ignore a Composer warning
   COMPOSER_ALLOW_SUPERUSER: 1
   # Configure MySQL/MariaDB service (https://hub.docker.com/_/mysql/, https://hub.docker.com/_/mariadb/)
+  DB_HOST: mysql
   MYSQL_DATABASE: hello_world_test
   MYSQL_ROOT_PASSWORD: mysql
   # Configure PostgreSQL service (https://hub.docker.com/_/postgres/)
@@ -33,59 +27,69 @@ variables:
 
 
 before_script:
-# pecl and composer do not work with PHP production restrictions (from Hubzilla Docker image)
-- if [ -f /usr/local/etc/php/conf.d/z_prod.ini ]; then mv /usr/local/etc/php/conf.d/z_prod.ini /usr/local/etc/php/conf.d/z_prod.ini.off; fi
-# Install & enable Xdebug for code coverage reports
-- pecl install xdebug
-- apt-get update
-- apt-get install zip unzip libjpeg-dev libpng-dev -yqq
-- docker-php-ext-enable xdebug
-- docker-php-ext-install gd
-
-
-# Install composer
-- curl -sS https://getcomposer.org/installer | php
-# Install dev libraries from composer
-- php ./composer.phar install --no-progress
-# php.ini settings
-- echo 'xdebug.mode=coverage' >> /usr/local/etc/php/php.ini
-
-# hidden job definition with template for PHP
-.job_template_php: &job_definition_php
-  stage: test
-  script:
-  - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
+  # Install & enable Xdebug for code coverage reports
+  - apt-get update
+  - apt-get install -yqq libicu-dev libjpeg-dev libpng-dev libpq-dev libyaml-dev libzip-dev mariadb-client postgresql-client unzip zip
+  - pecl install xdebug yaml
+  - docker-php-ext-enable xdebug yaml
+  - docker-php-ext-install gd bcmath intl pdo_mysql pdo_pgsql zip
 
+  # Install composer
+  - curl -sS https://getcomposer.org/installer | php
+  # Install dev libraries from composer
+  - php ./composer.phar install --no-progress
+  # php.ini settings
+  - echo 'xdebug.mode=coverage' >> /usr/local/etc/php/php.ini
 
 # hidden job definition with template for MySQL/MariaDB
-#.job_template_mysql: &job_definition_mysql
-#  stage: test
-#  script:
-#  - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
-#  - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
-#  - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mysql "$MYSQL_DATABASE"
-#  - vendor/bin/phpunit --configuration tests/phpunit.xml --coverage-text
+.job_template_mysql: &job_definition_mysql
+  stage: test
+  variables:
+    HZ_TEST_DB_HOST: $DB_HOST
+    HZ_TEST_DB_TYPE: mysql
+    HZ_TEST_DB_USER: root
+    HZ_TEST_DB_PASS: $MYSQL_ROOT_PASSWORD
+    HZ_TEST_DB_DATABASE: $MYSQL_DATABASE
+  script:
+    # Import hubzilla's DB schema
+    - echo "USE $MYSQL_DATABASE; $(cat ./install/schema_mysql.sql)" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host="$DB_HOST" "$MYSQL_DATABASE"
+    # Show databases and relations/tables of hubzilla's database
+    - echo "SHOW DATABASES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host="$DB_HOST" "$MYSQL_DATABASE"
+    - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host="$DB_HOST" "$MYSQL_DATABASE"
+    # Run the actual tests
+    - touch dbfail.out
+    - vendor/bin/phpunit --configuration tests/phpunit.xml --no-progress --stop-on-error --coverage-text --colors=never --log-junit tests/results/junit.xml || exit_code=$?
+    - if [ $exit_code -ne 0 ]; then echo "Test barfed!"; cat dbfail.out; exit $exit_code; fi
+  coverage: '/^\s*Lines:\s*\d+.\d+\%/'
+
 
 # hidden job definition with template for PostgreSQL
-#.job_template_postgres: &job_definition_postgres
-#  stage: test
-#  services:
-#  - postgres:latest
-#  script:
-#  - export PGPASSWORD=$POSTGRES_PASSWORD
-#  - psql --version
-#  - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT VERSION();"
-  # Import hubzilla's DB schema
-#  - psql -h "postgres" -U "$POSTGRES_USER" -v ON_ERROR_STOP=1 --quiet "$POSTGRES_DB" < ./install/schema_postgres.sql
-  # Show databases and relations/tables of hubzilla's database
-  #- psql -h "postgres" -U "$POSTGRES_USER" -l
-  #- psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;"
-  # Run the actual tests
-#  - vendor/bin/phpunit --configuration tests/phpunit-pgsql.xml --testdox
+.job_template_postgres: &job_definition_postgres
+  stage: test
+  variables:
+    HZ_TEST_DB_HOST: postgres
+    HZ_TEST_DB_TYPE: postgres
+    HZ_TEST_DB_USER: $POSTGRES_USER
+    HZ_TEST_DB_PASS: $POSTGRES_PASSWORD
+    HZ_TEST_DB_DATABASE: $POSTGRES_DB
+  script:
+    - export PGPASSWORD=$POSTGRES_PASSWORD
+    - psql --version
+    - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT VERSION();"
+    # Import hubzilla's DB schema
+    - psql -h "postgres" -U "$POSTGRES_USER" -v ON_ERROR_STOP=1 --quiet "$POSTGRES_DB" < ./install/schema_postgres.sql
+    # Show databases and relations/tables of hubzilla's database
+    - psql -h "postgres" -U "$POSTGRES_USER" -l
+    - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;"
+    # Run the actual tests
+    - touch dbfail.out
+    - vendor/bin/phpunit --configuration tests/phpunit.xml --no-progress --stop-on-error --coverage-text --colors=never --log-junit tests/results/junit.xml || exit_code=$?
+    - if [ $exit_code -ne 0 ]; then echo "Test barfed!"; cat dbfail.out; exit $exit_code; fi
+  coverage: '/^\s*Lines:\s*\d+.\d+\%/'
 
 # hidden job definition with artifacts config template
-.artifacts_template:
-  artifacts: &artifacts_template
+.artifacts_template: &artifacts_template
+  artifacts:
     expire_in: 1 week
     # Gitlab should show the results, but has problems parsing PHPUnit's junit file.
     reports:
@@ -96,54 +100,30 @@ before_script:
       - tests/results/
 
 
-# PHP8.1
-php8.1:
-  <<: *job_definition_php
+# PHP8.1 with MySQL 8.0
+php8.1_mysql8.0.22:
+  image: php:8.1
+  services:
+    - mysql:8.0
+  <<: *job_definition_mysql
+  <<: *artifacts_template
 
-# PHP8.0 with MySQL 5.7
-#php8.0_mysql5.7:
-#  <<: *job_definition_mysql
-#  services:
-#  - mysql:5.7
+# PHP8.1 with MariaDB 10.6
+php8.1_mariadb10.6:
+  image: php:8.1
+  services:
+    - name: mariadb:10.6
+      alias: mysql
+  <<: *job_definition_mysql
+  <<: *artifacts_template
 
-
-# PHP8.0 with MySQL 8 (latest)
-#php8.0_mysql8:
-#  <<: *job_definition_mysql
-#  services:
-#  - name: mysql:8
-#    command: ["--default-authentication-plugin=mysql_native_password"]
-
-
-# PHP8.0 with MariaDB 10.2
-#php8.0_mariadb10.2:
-#  <<: *job_definition_mysql
-#  services:
-#  - name: mariadb:10.2
-#    alias: mysql
-
-
-# PHP8.0 with MariaDB 10.3 (latest)
-#php8.0_mariadb10.3:
-#  <<: *job_definition_mysql
-#  image: php:8.0
-  #image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
-#  services:
-#  - name: mariadb:10.3
-#    alias: mysql
-
-
-# PHP7.3 with PostgreSQL latest (11)
-#php7.3_postgres11:
-#  <<: *job_definition_postgres
-#  artifacts: *artifacts_template
-
-
-# PHP7.3 with PostgreSQL latest (11)
-#php7.3_postgres11:
-#  <<: *job_definition_postgres
-#  image: registry.gitlab.com/dawnbreak/hubzilla/core:php7.3
-#  artifacts: *artifacts_template
+# PHP8.1 with PostgreSQL 12
+php8.1_postgres12:
+  image: php:8.1
+  services:
+    - postgres:12-alpine
+  <<: *job_definition_postgres
+  <<: *artifacts_template
 
 
 # Generate Doxygen API Documentation and deploy it as GitLab pages

.htaccess

@@ -25,10 +25,10 @@ AddType audio/ogg .oga
   # in CGI mode.
 
   RewriteCond %{REQUEST_URI} ^/\.well\-known/.*
-  RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
+  RewriteRule ^(.*)$ index.php?q=$1 "[E=REMOTE_USER:%{HTTP:Authorization},L,QSA,B= ?]"
 
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
-  RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
+  RewriteRule ^(.*)$ index.php?q=$1 "[E=REMOTE_USER:%{HTTP:Authorization},L,QSA,B= ?]"
 </IfModule>
 

.phpcs.xml

@@ -0,0 +1,78 @@
+<?xml version="1.0"?>
+<ruleset
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    name="PHP_CodeSniffer"
+    xsi:noNamespaceSchemaLocation="phpcs.xsd"
+    >
+
+	<description>PHP CodeSniffer config for Hubzilla</description>
+
+    <file>app</file>
+    <file>boot.php</file>
+	<file>include</file>
+	<file>index.php</file>
+	<file>install</file>
+	<file>library</file>
+	<file>tests</file>
+	<file>util</file>
+	<file>view</file>
+	<file>Zotlabs</file>
+
+    <rule ref="Generic">
+        <exclude name="Generic.Arrays.ArrayIndent"/>
+        <exclude name="Generic.Arrays.DisallowLongArraySyntax"/>
+        <exclude name="Generic.Arrays.DisallowShortArraySyntax"/>
+        <exclude name="Generic.Files.EndFileNoNewline"/>
+        <exclude name="Generic.Files.LowercasedFilename"/>
+        <exclude name="Generic.Formatting.MultipleStatementAlignment"/>
+        <exclude name="Generic.Formatting.SpaceAfterNot"/>
+        <exclude name="Generic.Functions.FunctionCallArgumentSpacing"/>
+        <exclude name="Generic.Functions.OpeningFunctionBraceBsdAllman"/>
+        <exclude name="Generic.NamingConventions.CamelCapsFunctionName"/>
+        <exclude name="Generic.PHP.ClosingPHPTag"/>
+        <exclude name="Generic.PHP.RequireStrictTypes"/>
+        <exclude name="Generic.PHP.UpperCaseConstant"/>
+        <exclude name="Generic.WhiteSpace.DisallowTabIndent"/>
+        <exclude name="Generic.WhiteSpace.ScopeIndent"/>
+        <exclude name="Generic.Commenting.DocComment.ContentAfterOpen"/>
+        <exclude name="Generic.Commenting.DocComment.ContentBeforeClose"/>
+        <exclude name="Generic.Commenting.DocComment.LongNotCapital"/>
+        <exclude name="Generic.Commenting.DocComment.MissingShort"/>
+        <exclude name="Generic.Commenting.DocComment.NonParamGroup"/>
+        <exclude name="Generic.Commenting.DocComment.ParamNotFirst"/>
+        <exclude name="Generic.Commenting.DocComment.ShortNotCapital"/>
+        <exclude name="Generic.Commenting.DocComment.SpacingAfter"/>
+        <exclude name="Generic.Commenting.DocComment.SpacingBeforeShort"/>
+        <exclude name="Generic.Commenting.DocComment.TagValueIndent"/>
+        <exclude name="Generic.ControlStructures.InlineControlStructure.NotAllowed"/>
+        <exclude name="Generic.Files.OneClassPerFile.MultipleFound"/>
+        <exclude name="Generic.Files.OneObjectStructurePerFile.MultipleFound"/>
+        <exclude name="Generic.Formatting.SpaceAfterCast.NoSpace"/>
+    </rule>
+
+	<!--
+		Warn about lines longer than 100 columns, lines longer than 150
+		columns will flag an error.
+	-->
+	<rule ref="Generic.Files.LineLength">
+		<properties>
+			<property name="lineLimit" value="100" />
+			<property name="absoluteLineLimit" value="150" />
+		</properties>
+	</rule>
+
+    <!--
+        Mark deprecated functions.
+    -->
+    <rule ref="Generic.PHP.DeprecatedFunctions">
+        <properties>
+            <property name="forbiddenFunctions" type="array" extend="true">
+                <element key="load_config" value="Zotlabs\Lib\Config::Load" />
+                <element key="get_config" value="Zotlabs\Lib\Config::Get" />
+                <element key="set_config" value="Zotlabs\Lib\Config::Set" />
+                <element key="del_config" value="Zotlabs\Lib\Config::Delete" />
+            </property>
+        </properties>
+    </rule>
+
+</ruleset>

CHANGELOG

@@ -1,3 +1,354 @@
+Hubzilla 9.2 (2024-??-??)
+	- Fail to import more gracefully if a channel has already been imported at some point but was deleted again
+	- Use the doubleleft template by default for admin pages to work around some display issues
+	- Reflect the censored state in the local xchan
+	- Exclude toplevel posts by censored channels in the public stream
+	- Update API docs for Module test case base class
+	- Add helper expectRedirectTo to module test class
+	- Refactor is_local_url() and add api doc
+	- Use empty() to check if array entry exist in create_identity()
+	- Add basic test for create_identity function
+	- Allow passing callable as array to hooks
+	- Use DbaTransaction class for db transactions in queueworker
+	- Remove obsolete stubs from Permissions tests
+	- Refactor mod rpost to fix open redirect issue and add tests
+	- Configure system.baseurl for tests
+	- Add basic test and fix session access for mod rpost
+	- Add config file and rules for PHP Code Sniffer
+	- Refactor mod setup
+	- Pass the force argument to the xchan_photo daemon
+	- Declare arg and return types for unparse_url()
+	- Skip checking MFA status for WebDAV and CardDAV requests
+	- Upgrade test framework to PHPUnit 10.5
+	- Minor style update for the .abook-self CSS class
+	- Update docs on tags and mentions.
+	- Refactor and cleanup Rbmark module and add tests
+	- Remove unused Toggle_(safesearch|mobile) modules
+	- Make mod regate return to system.workflow_channel_next
+	- Show register message field only if registration is set to register_approve
+	- Add bbcode support for the HTML5 del tag
+	- Rename HelpHelper to HelpHelperTrait
+	- Remove jgrowl in favour of bootstrap toast
+	- Refactor mod help
+	- Reduce some global state and add some docs
+	- Make save_chunk() deal with userfile and file array keys
+	- Update siteinfo to remove traces of zotlabs.org
+	- Minor refactor for in mod import and store import host for possible later use
+	- Allow to kick off import sync process in case it did not start at all
+	- Updated spanish translations
+
+	Bugfixes
+	- Fix possible PHP error in zid()
+	- Fix display issue for doubleleft template
+	- Fix issue where event items were parsed multiple times on display
+	- Fix return to blank page after editing post under some circumstances
+	- Fix missing include in QueueWorker
+	- Fix warnings exposed by tests
+	- Fix timestamp handling in menu_create()
+	- Fix updated arg not supported in pconfig wrapper function
+	- Fix default timeouts for z_(fetch|post)_url
+	- Fix hcard addon markup not available if profile entries were missing
+	- Fix nested lists parsing
+	- Fix help menu CSS
+	- Fix get_rpost_path() broken for URL's with no port
+	- Fix passing an empty filter to deliverable_abook_xchans() will return all deliverable abook xchans
+
+	Addons
+	- Wiki: fix revert if editor is not ace
+	- Wiki: do not slate deleted wiki pages for download
+	- Pubcrawl: do not use mentions for addressing if post is restricted
+
+
+Hubzilla 9.0.2 (2024-06-07)
+	- Fix buttons in event viewer
+	- Fix some PHP warnings and errors
+	- Fix issue when inReplyTo field is an array
+	- Fix possible queueworker crash
+	- Fix missing pdl file for mod home
+	- Reduced default directory result set
+	- Fix fatal error in likebanner addon
+	- Fix fatal error in hilite addon
+
+
+Hubzilla 9.0.1 (2024-03-26)
+	- Fix an issue where after an update initiated from a modal the modal backdrop would remain
+	- Fix bootstrap namespace in conv list templates
+	- Fix link to delivery report in conv list templates
+	- Slightly improved handling of linefeeds in some bbcode block elements and added tests
+	- Fix categories_widget() cache not being observer aware
+	- Allow to run additional site specific commands at the end of util/udall in util/udall_extra
+	- Fix linefeeds in table and list content removed
+	- Pubcrawl: do not attrmpt to sign wall to wall messages - they will appear misattributed in mastodons
+	- Pubcrawl: default to Note activity type for now
+
+
+Hubzilla 9.0 (2024-03-22)
+	- Refactor browser to browser encryption based on sodium plus library
+	- Added developer docs for the refactored test system
+	- Move escape_tags() to Lib/Text::escape_tags() and add test
+	- Messages are now sent as articles instead of notes - this can be configured for activitypub
+	- Implement support for custom emojis
+	- Add test for Lib/Activity::get_textfield()
+	- Refactor mod things to be AS2 compliant
+	- Implement basic bbcode tests and minor refactor
+	- Refactor profile activities to be AS2 complient
+	- Removed poke and moods app
+	- Cleanup deprecated/unused activity types
+	- Update doxygen config for generating online API docs
+	- Make DBA driver transaction aware
+	- Deprecate internal usage of ActivityStreams1 in favor of ActivityStreams2
+	- Introduce Lib/Activity::get_actor() force flag to omit cache
+	- Refactor mod contactedit refresh
+	- Require intl PHP extension
+	- Improved checks in Web/HTTPSig::find_headers()
+	- Implement custom sass bootstrap builds for channels and site
+	- Mark items verified in zot delivery if either JSalmon, LDSignature or EddsaSignature verified
+	- Added support for code blocks with language in markdown and html
+	- Improved conversation item design
+	- Start using uuid for internal reference instead of base64 encoded mid
+	- Store seen mids in session instead of cache
+	- Increase sess_data DB column to medium text
+	- Introduce Lib/Activity::init_background_fetch()
+	- Refactor zotconvo daemon
+	- Implement short time object cache to reduce network calls (performance)
+	- Refactor Lib/Activity::fetch_and_store_parents()
+	- Introduce the fetchparents daemon
+	- Refactor Libzot::process_delivery()
+	- Start processing source xchan in xchan_query()
+	- Added CI job for MariaDB 10.6
+	- Store the original announce actor (the one that pushed the item into our stream first) in source_xchan instead of owner_xchan to preserve the original owner
+	- Added optional circle person avatar
+	- Added min supported DB backends to administrator docs: MySql v >= 8.0.22, MariaDB v >= 10.6, PostgreSql v >= 12
+	- Added CI job for MySql 8.0
+	- Improved validate_email()
+	- Implement fep-8b32 - object integrity proofs
+	- Implement native repeats
+	- Updated spanish strings
+	- Add tests for check_account_email()
+	- Vastly improved unit tests including the database
+	- Require sodium PHP extension
+	- Require bcmath or gmp PHP extension
+	- Deprecate simplepie idna_convert()
+	- Update apache rewite rule to fix issue with recent apache versions - issue #1822
+	- Display selected mid in an open state - issue #1425
+	- Add bookmark and category to AP schema
+
+	Bugfixes
+	- Fix cover photos not uploaded into folder due to missing source option
+	- Fix regression where config returned default value in some cases
+	- Fix attachments listed in reverse order
+	- Fix unterminated entity reference error when dealing with domxpath and add a test
+	- Fix obsolete system language selector in admin/site
+	- Fix imagick readImageBlob() exception not handled
+	- Fix content not moved to new location if folder was renamed via webdav
+	- Fix bootstrap namespaces not up-to-date in htmlpurifier
+	- Fix inReplyTo field in Lib/Activity not dealing with arrays
+	- Fix round buttons not being round
+	- Fix import from ical if timezone was not set in the source data
+	- Fix hard linebreaks from markdown and html not preserved in bbcode conversion
+	- Fix indentation from markdown and html not preserved in bbcode conversion
+	- Fix images with alt text from markdown and not preserved in bbcode conversion
+	- Fix custom emoji reactions arriving from pleroma
+	- Fix issue where if an item is created and deleted again before the notifier has completed the queueworker will dismiss the delete because it looks like a duplicate entry
+	- Fix handling HTML entities via mbstring is deprecated
+	- Fix various PHP deprecation warnings
+	- Fix apache rewite rule to fix issue with recent apache versions - issue #1822
+	- Fix display selected mid in an open state - issue #1425
+
+	Addons
+	- Removed smileybutton addon
+	- Removed smiley_pack addon
+	- Pubcrawl: refactor presentation of encrypted messages
+	- Removed deprecated cryptojs addon
+	- Removed emojione addon
+	- New addon emoji which can provide different emoji sets via config.system.emoji_set variable - emojitwo (default), openmoji, mutant are currently supported
+	- Removed addon moremoods
+	- Removed addon morepokes
+	- Pubcrawl: implement actor_refetch hook
+	- Diaspora: implement actor_refetch hook
+	- Navbanner_options: fix PHP warnings
+	- Pubcrawl: add assertionMethod to encode_person()
+	- Socialauth: cleanup unused files
+	- Openstreetmap: adjust URLs
+
+
+Hubzilla 8.8.8 (2024-02-29)
+	- Streams compatibility fixes
+
+
+Hubzilla 8.8.7 (2024-01-19)
+	- Fix regression in Activity::actor_store()
+
+
+Hubzilla 8.8.6 (2024-01-11)
+	- Provide more builtin jsonld files
+	- Development branch compatibility in Libsync
+
+
+Hubzilla 8.8.5 (2024-01-01)
+	- Fix possible loop if DB is not reachable (introduced in 8.8.3)
+	- Fix some errors and deprecation warnings with PHP 8.2
+	- Deprecate simplepie idna_convert in favor of PHP native function
+	- Fix double processed quoted strings in get_tags()
+
+
+Hubzilla 8.8.4 (2023-12-20)
+	- Fix regression introduced in version 8.8.3
+	- Add test for Lib/Config
+	- Add active addons and blocked sites to siteinfo
+
+
+Hubzilla 8.8.3 (2023-12-17)
+	- Check return from Config::Load() and retry on failure
+	- Libzot::import() do not prozess items where we could not fetch the author
+	- Translation updates for Norwegian Bokmål (nb_NO)
+	- Add the app terms before syncing, otherwise the terms will be reset at the other end
+	- Addon statistics: deprecate nodeinfo 1.0 and implement nodeinfo 2.1
+	- Addon cards: fix PHP error
+
+
+Hubzilla 8.8.2 (2023-12-06)
+	- Fix missing includes - issue #1820
+	- Addon logger_stats: improved performance reading big log files
+
+
+Hubzilla 8.8.1 (2023-11-27)
+	- Fix error in cards addon
+	- Fix error in articles addon
+	- Fix double left and right template css
+
+
+Hubzilla 8.8 (2023-11-25)
+	- Add additional observer and channel info for nav templates
+	- Do not provide confidential channel info for templates
+	- Add link to profile to vcard
+	- Improved switch colors for better visibility
+	- Raise cache.v column from text to mediumtext for MYSQL
+	- Implement low level support for native repeats
+	- Color mode related code moved to theme_init.php in redbasic
+	- Do not overrule default list style when parsing bbcode
+	- Introduce Activity::get_actor() which will check for the cache record in xconfig before fetching
+	- Refactor Activity::actor_store()
+	- Use new language detect library which supports many more languages
+	- Use Activity::encode_person() instead of plain xchan_url to set attributedTo
+	- Update composer libraries
+	- Move right aside into bottom of left aside if screen width is < 1200px in redbasic
+	- When parsing events, use event object in first place and use the body bbcode as backup
+	- Make OWA compatible with mastodon style keyId
+	- Add sourced item events to the channel calendar
+	- Make activity filter widget portable to other modules
+	- Deprecate remains of the unused $a variable which has been replaced by the App class ages ago
+	- Return object instead of json string in the custom jsonld document loader
+	- Only show theme switch icon if switching is supported by the theme
+	- Store the actor cache date with the actor record so we can easily invalidate it after a period of time
+	- Allow themes to manipulate app icons (photos) via hook
+	- Also look for widgets in view/theme/themename/widget
+	- Cache seen pubstream item mids so that they can be hidden from notifications
+	- Theme fixes to make barebones bootstrap themes work slightly better
+	- Update Norwegian Bokmål strings
+	- Update Spanish strings
+	- Transparent background for colorbox controls icons
+	- Use body background color for colorboxes in redbasic
+
+	Bugfixes
+	- Remove fragment from actor urls
+	- HTTPsig case insensitive digest algorithm
+	- Fix possible privacy mismatch when processing zot requests
+	- Fix @someone in URL turned into mention in some situations - issue #1816
+	- Fix fatal error in simplepie with PHP8.2
+	- Fix tools visible allthough permission has been revoked for observer in files app
+	- Fix updates entry not removed if a channel was removed
+	- Fix form reset button not visible in mod rpost
+	- Fix missing columns for updates table in install script
+	- Fix for item widget not respecting ACL if added by title - issue #1799
+	- Fix sabre/dav caldav php warnings
+	- Fix public stream comments/reactions not allowed if item_fetched is set
+
+	Addons
+	- Superblock: fix php warnings
+	- Pubcrawl: restrict mod ap_probe to admin and add checkbox for signed requests
+	- Wiki: fix wiki_list widget not registered
+	- Deprecate remains of the unused $a variable which has been replaced by the App class ages ago
+	- Pubcrawl: reflect core delivery changes for repeated items
+	- Cart fix regression
+	- Logger_stats: new addon for admins to track hub activities
+	- Pubcrawl: check if we have the record in the short term cache before actually fetching it
+	- Pubcrawl: reflect core changes to Activity::actor_store()
+	- Gallery: update to photoswipe 5
+	- Pubcrawl: some platforms are sending activities without an object - return error 400
+	- HSSE: update sce-editor to latest version
+	- SSE: sse: do not process items that are older than last login date or in case we are not logged in older than 10 minutes
+	- Faces: new addon for face recognision in uploaded photos
+
+
+Hubzilla 8.6.3 (2023-09-16)
+	- Fix regression in jsonld_document_loader()
+	- Improve type checking for announce activities
+	- Improve query in drop_item() to prevent possible memory exhaustion
+	- Addon gallery: only add gallery code if the module is supported
+	- Addon hsse: port to bootstrap 5 namespaces - core issue #1793
+
+
+Hubzilla 8.6.2 (2023-08-27)
+	- Fix public stream comments/reactions fetching
+	- Fix notification text for likes in cases where obj.actor is not set
+	- Fix missing pdl file for mod cover_photo
+	- Fix unable to create folders with name 0
+	- Fix index name mixup in mysql schema file
+	- Fix missing semicolon in mysql schema file
+	- Removed unused variable
+	- Fix typo in manifest
+	- Fix cached jsonld files fetched via network
+	- Page rendering performance improvements
+	- Fix internal follow activity possibly creating notification items
+	- Fix admin table highlight color for dark mode
+	- Pubcrawl: do not handle not implemented listen activity
+	- Diaspora: fix unshare not implemented
+
+
+Hubzilla 8.6.1 (2023-07-18)
+	- Fix diaspora discovery
+
+
+Hubzilla 8.6 (2023-07-11)
+	- Update fullcalendar library
+	- Improve and unify selection of deliverable abook xchans
+	- Remove unused pseudo_abook()
+	- Implement optional moderation for unsolicited items
+	- Hardened comment permission handling for unsolicited items
+	- Remove unused templates
+	- Deprecate ActivityStreams::fetch() and provide the possibility to fetch local items directly
+	- Add simplified version of automated install script
+	- Shuffle queue deliveries for more randomness
+	- Update composer libraries
+	- Add new 2-column templates
+	- Implement optional OCAP for items to allow access to restricted media without OWA
+
+	Bugfixes
+	- Fix content in nobb and noparse text linkified - issue #1776
+	- Fix editing an event changes the set time - issue #1771
+	- Fix person object with mixed up hubloc info - issue #1770
+	- Fix $escape variable not passed on to stringify_array_elms()
+	- Fix relaying and syncing in Activity::drop()
+	- Fix allow code not sticking after channel sync - issue #1769
+	- Fix channel oembed regressions
+
+	Addons
+	- Diaspora: fix signature check for likes
+	- Diaspora: fix relaying retractions
+	- Diaspora: port to core unsolicited comments option
+	- Gallery: add an exception for streams reshares
+	- Pubcrawl: dismiss comments that are expected to arrive via owner relay
+	- Pubcrawl: improved inbox handling
+	- Pubcrawl: catch gup.pe updates to followers collection
+	- Pubcrawl: fix follow allow hook
+	- Diaspora: fix follow allow hook
+	- Content_import: fix crash in post handler
+	- Pubcrawl: store follow url when fetching webfinger
+	- Diaspora: store follow url when fetching webfinger
+	- Pubcrawl: move addressing to separate function
+
+
 Hubzilla 8.4.2 (2023-06-02)
 	- Update bootstrap to stable version 5.3.0
 	- Fix hubloc confusion in mod rmagic

Zotlabs/Access/AccessList.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Access;
 
+
 /**
  * @brief AccessList class which represents individual content ACLs.
  *
@@ -17,29 +18,48 @@ class AccessList {
 	 * @brief Allow contacts
 	 * @var string
 	 */
-	private $allow_cid;
+	private ?string $allow_cid;
 	/**
 	 * @brief Allow groups
 	 * @var string
 	 */
-	private $allow_gid;
+	private ?string $allow_gid;
 	/**
 	 * @brief Deny contacts
 	 * @var string
 	 */
-	private $deny_cid;
+	private ?string $deny_cid;
 	/**
 	 * @brief Deny groups
 	 * @var string
 	 */
-	private $deny_gid;
+	private ?string $deny_gid;
 	/**
 	 * @brief Indicates if we are using the default constructor values or
 	 * values that have been set explicitly.
 	 * @var boolean
 	 */
-	private $explicit;
+	private bool $explicit;
 
+	/**
+	 * @brief Keys required by the constructor if the channel array is given.
+	 */
+	private const REQUIRED_KEYS_CONSTRUCTOR = [
+		'channel_allow_cid',
+		'channel_allow_gid',
+		'channel_deny_cid',
+		'channel_deny_gid'
+	];
+
+	/**
+	 * @brief Keys required by the set method.
+	 */
+	private const REQUIRED_KEYS_SET = [
+		'allow_cid',
+		'allow_gid',
+		'deny_cid',
+		'deny_gid'
+	];
 
 	/**
 	 * @brief Constructor for AccessList class.
@@ -53,8 +73,9 @@ class AccessList {
 	 *   * \e string \b channel_deny_cid => string of denied cids
 	 *   * \e string \b channel_deny_gid => string of denied gids
 	 */
-	function __construct($channel) {
+	function __construct(array $channel) {
 		if ($channel) {
+			$this->validate_input_array($channel, self::REQUIRED_KEYS_CONSTRUCTOR);
 			$this->allow_cid = $channel['channel_allow_cid'];
 			$this->allow_gid = $channel['channel_allow_gid'];
 			$this->deny_cid  = $channel['channel_deny_cid'];
@@ -70,13 +91,24 @@ class AccessList {
 		$this->explicit = false;
 	}
 
+	private function validate_input_array(array $arr, array $required_keys) : void {
+		$missing_keys = array_diff($required_keys, array_keys($arr));
+
+		if (!empty($missing_keys)) {
+			throw new \Exception(
+				'Invalid AccessList object: Expected array with keys: '
+				. implode(', ', $missing_keys)
+			);
+		}
+	}
+
 	/**
 	 * @brief Get if we are using the default constructor values
 	 * or values that have been set explicitly.
 	 *
 	 * @return boolean
 	 */
-	function get_explicit() {
+	function get_explicit() : bool {
 		return $this->explicit;
 	}
 
@@ -94,7 +126,9 @@ class AccessList {
 	 *   * \e string \b deny_gid  => string of denied gids
 	 * @param boolean $explicit (optional) default true
 	 */
-	function set($arr, $explicit = true) {
+	function set(array $arr, bool $explicit = true) : void {
+		$this->validate_input_array($arr, self::REQUIRED_KEYS_SET);
+
 		$this->allow_cid = $arr['allow_cid'];
 		$this->allow_gid = $arr['allow_gid'];
 		$this->deny_cid  = $arr['deny_cid'];
@@ -112,7 +146,7 @@ class AccessList {
 	 *   * \e string \b deny_cid  => string of denied cids
 	 *   * \e string \b deny_gid  => string of denied gids
 	 */
-	function get() {
+	function get() : array {
 		return [
 			'allow_cid' => $this->allow_cid,
 			'allow_gid' => $this->allow_gid,
@@ -138,7 +172,7 @@ class AccessList {
 	 *   * \e array|string \b group_deny    => array with gids or comma-seperated string
 	 * @param boolean $explicit (optional) default true
 	 */
-	function set_from_array($arr, $explicit = true) {
+	function set_from_array(array $arr, bool $explicit = true) : void {
 		$arr['contact_allow'] = $arr['contact_allow'] ?? [];
 		$arr['group_allow'] = $arr['group_allow'] ?? [];
 		$arr['contact_deny'] = $arr['contact_deny'] ?? [];
@@ -161,7 +195,7 @@ class AccessList {
 	 *
 	 * @return boolean Return true if any of allow_* deny_* values is set.
 	 */
-	function is_private() {
+	function is_private() : bool {
 		return (($this->allow_cid || $this->allow_gid || $this->deny_cid || $this->deny_gid) ? true : false);
 	}
 

Zotlabs/Access/PermissionRoles.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Access;
 
+use Zotlabs\Lib\Config;
+
 /**
  * @brief PermissionRoles class.
  *
@@ -247,7 +249,7 @@ class PermissionRoles {
 				break;
 		}
 
-		$x = get_config('system','role_perms');
+		$x = Config::Get('system','role_perms');
 
 		// let system settings over-ride any or all
 		if($x && is_array($x) && array_key_exists($role,$x))

Zotlabs/Daemon/Cache_query.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Daemon;
 
 use Zotlabs\Lib\Cache;
+use Zotlabs\Lib\Config;
 
 class Cache_query {
 
@@ -11,16 +12,17 @@ class Cache_query {
 		if(! $argc == 3)
 			return;
 
+		$r = null;
 		$key = $argv[1];
 
-		$pid = get_config('procid', $key, false);
+		$pid = Config::Get('procid', $key, false);
 		if ($pid && (function_exists('posix_kill') ? posix_kill($pid, 0) : true)) {
 			logger($key . ': procedure already run with pid ' . $pid, LOGGER_DEBUG);
 			return;
 		}
 
 		$pid = getmypid();
-		set_config('procid', $key, $pid);
+		Config::Set('procid', $key, $pid);
 
 		array_shift($argv);
 		array_shift($argv);
@@ -28,10 +30,12 @@ class Cache_query {
 		$arr = json_decode(base64_decode($argv[0]), true);
 
 		$r = call_user_func_array('q', $arr);
-		if($r)
-			Cache::set($key, serialize($r));
 
-		del_config('procid', $key);
+		if(is_array($r)) {
+			Cache::set($key, serialize($r));
+		}
+
+		Config::Delete('procid', $key);
 
 		return;
 	}

Zotlabs/Daemon/Checksites.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
+
 require_once('include/hubloc.php');
 
 class Checksites {
@@ -19,7 +21,7 @@ class Checksites {
 		if ($site_id)
 			$sql_options = " and site_url = '" . dbesc($argv[1]) . "' ";
 
-		$days = intval(get_config('system', 'sitecheckdays'));
+		$days = intval(Config::Get('system', 'sitecheckdays'));
 		if ($days < 1)
 			$days = 30;
 

Zotlabs/Daemon/Cron.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libsync;
 use Zotlabs\Lib\Libzotdir;
 
@@ -9,7 +10,7 @@ class Cron {
 
 	static public function run($argc, $argv) {
 
-		$maxsysload = intval(get_config('system', 'maxloadavg'));
+		$maxsysload = intval(Config::Get('system', 'maxloadavg'));
 		if ($maxsysload < 1)
 			$maxsysload = 50;
 		if (function_exists('sys_getloadavg')) {
@@ -24,7 +25,7 @@ class Cron {
 		// Check for a lockfile.  If it exists, but is over an hour old, it's stale.  Ignore it.
 		$lockfile = 'store/[data]/cron';
 		if ((file_exists($lockfile)) && (filemtime($lockfile) > (time() - 3600))
-			&& (!get_config('system', 'override_cron_lockfile'))) {
+			&& (!Config::Get('system', 'override_cron_lockfile'))) {
 			logger("cron: Already running");
 			return;
 		}
@@ -41,7 +42,7 @@ class Cron {
 		// Pull remote changes and push local changes.
 		// potential issue: how do we keep from creating an endless update loop?
 
-		$dirmode = get_config('system', 'directory_mode');
+		$dirmode = Config::Get('system', 'directory_mode');
 
 		if ($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
 			Libzotdir::sync_directories($dirmode);
@@ -64,7 +65,7 @@ class Cron {
 		require_once('include/account.php');
 		remove_expired_registrations();
 
-		$interval = get_config('queueworker', 'queue_interval', 500000);
+		$interval = Config::Get('queueworker', 'queue_interval', 500000);
 
 		// expire any expired items
 
@@ -124,13 +125,13 @@ class Cron {
 		$r = q("SELECT DISTINCT xchan, content FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s",
 			intval(PHOTO_CACHE),
 			db_utcnow(),
-			db_quoteinterval(get_config('system', 'active_expire_days', '30') . ' DAY')
+			db_quoteinterval(Config::Get('system', 'cache_expire_days', 7) . ' DAY')
 		);
 		if ($r) {
 			q("DELETE FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s",
 				intval(PHOTO_CACHE),
 				db_utcnow(),
-				db_quoteinterval(get_config('system', 'active_expire_days', '30') . ' DAY')
+				db_quoteinterval(Config::Get('system', 'cache_expire_days', 7) . ' DAY')
 			);
 			foreach ($r as $rr) {
 				$file = dbunescbin($rr['content']);
@@ -185,13 +186,13 @@ class Cron {
 		// FIXME: add birthday updates, both locally and for xprof for use
 		// by directory servers
 
-		$d1 = intval(get_config('system', 'last_expire_day'));
+		$d1 = intval(Config::Get('system', 'last_expire_day'));
 		$d2 = intval(datetime_convert('UTC', 'UTC', 'now', 'd'));
 
 		// Allow somebody to staggger daily activities if they have more than one site on their server,
 		// or if it happens at an inconvenient (busy) hour.
 
-		$h1 = intval(get_config('system', 'cron_hour'));
+		$h1 = intval(Config::Get('system', 'cron_hour'));
 		$h2 = intval(datetime_convert('UTC', 'UTC', 'now', 'G'));
 
 
@@ -225,7 +226,7 @@ class Cron {
 
 		// pull in some public posts if allowed
 
-		$disable_externals = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false || get_config('system', 'site_firehose');
+		$disable_externals = Config::Get('system', 'disable_discover_tab') || Config::Get('system', 'disable_discover_tab') === false || Config::Get('system', 'site_firehose');
 		if (!$disable_externals)
 			Master::Summon(['Externals']);
 
@@ -245,7 +246,7 @@ class Cron {
 		if (!$restart)
 			Master::Summon(array('Cronhooks'));
 
-		set_config('system', 'lastcron', datetime_convert());
+		Config::Set('system', 'lastcron', datetime_convert());
 
 		//All done - clear the lockfile
 		//@unlink($lockfile);

Zotlabs/Daemon/Cron_daily.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libzotdir;
 
 class Cron_daily {
@@ -65,10 +66,10 @@ class Cron_daily {
 			}
 		}
 
-		// Clean up emdedded content cache
+		// Clean up cache
 		q("DELETE FROM cache WHERE updated < %s - INTERVAL %s",
 			db_utcnow(),
-			db_quoteinterval(get_config('system', 'active_expire_days', '30') . ' DAY')
+			db_quoteinterval(Config::Get('system', 'cache_expire_days', 7) . ' DAY')
 		);
 
 		//update statistics in config
@@ -82,7 +83,7 @@ class Cron_daily {
 
 		// expire old delivery reports
 
-		$keep_reports = intval(get_config('system', 'expire_delivery_reports'));
+		$keep_reports = intval(Config::Get('system', 'expire_delivery_reports'));
 		if ($keep_reports === 0)
 			$keep_reports = 10;
 
@@ -103,7 +104,7 @@ class Cron_daily {
 		$date = datetime_convert();
 		call_hooks('cron_daily', $date);
 
-		set_config('system', 'last_expire_day', intval(datetime_convert('UTC', 'UTC', 'now', 'd')));
+		Config::Set('system', 'last_expire_day', intval(datetime_convert('UTC', 'UTC', 'now', 'd')));
 
 		/**
 		 * End Cron Daily

Zotlabs/Daemon/Cron_weekly.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
+
 class Cron_weekly {
 
 	static public function run($argc, $argv) {
@@ -44,7 +46,7 @@ class Cron_weekly {
 			db_utcnow(), db_quoteinterval('14 DAY')
 		);
 
-		$dirmode = intval(get_config('system', 'directory_mode'));
+		$dirmode = intval(Config::Get('system', 'directory_mode'));
 		if ($dirmode === DIRECTORY_MODE_SECONDARY || $dirmode === DIRECTORY_MODE_PRIMARY) {
 			logger('regdir: ' . print_r(z_fetch_url(get_directory_primary() . '/regdir?f=&url=' . urlencode(z_root()) . '&realm=' . urlencode(get_directory_realm())), true));
 		}

Zotlabs/Daemon/Directory.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Libzotdir;
 use Zotlabs\Lib\Queue;
@@ -25,7 +26,7 @@ class Directory {
 
 		logger('directory update', LOGGER_DEBUG);
 
-		$dirmode = get_config('system', 'directory_mode');
+		$dirmode = Config::Get('system', 'directory_mode');
 		if ($dirmode === false)
 			$dirmode = DIRECTORY_MODE_NORMAL;
 

Zotlabs/Daemon/Expire.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
+
 require_once('include/items.php');
 
 class Expire {
@@ -10,14 +12,14 @@ class Expire {
 
 		cli_startup();
 
-		$pid = get_config('procid', 'expire', false);
+		$pid = Config::Get('procid', 'expire', false);
 		if ($pid && (function_exists('posix_kill') ? posix_kill($pid, 0) : true)) {
 			logger('procedure already run with pid ' . $pid, LOGGER_DEBUG);
 			return;
 		}
 
 		$pid = getmypid();
-		set_config('procid', 'expire', $pid);
+		Config::Set('procid', 'expire', $pid);
 
 		// perform final cleanup on previously delete items
 
@@ -38,13 +40,13 @@ class Expire {
 			db_quoteinterval('36 DAY')
 		);
 
-		if (intval(get_config('system', 'optimize_items')))
+		if (intval(Config::Get('system', 'optimize_items')))
 			q("optimize table item");
 
 		logger('expire: start with pid ' . $pid, LOGGER_DEBUG);
 
-		$site_expire    = intval(get_config('system', 'default_expire_days'));
-		$commented_days = intval(get_config('system', 'active_expire_days'));
+		$site_expire    = intval(Config::Get('system', 'default_expire_days', 30));
+		$commented_days = intval(Config::Get('system', 'active_expire_days', 7));
 
 		logger('site_expire: ' . $site_expire);
 
@@ -84,7 +86,7 @@ class Expire {
 
 			// this should probably just fetch the channel_expire_days from the sys channel,
 			// but there's no convenient way to set it.
-			$expire_days = get_config('system', 'sys_expire_days');
+			$expire_days = Config::Get('system', 'sys_expire_days');
 			if ($expire_days === false)
 				$expire_days = 30;
 
@@ -101,7 +103,7 @@ class Expire {
 			logger('Expire: sys: done', LOGGER_DEBUG);
 		}
 
-		del_config('procid', 'expire');
+		Config::Delete('procid', 'expire');
 
 		return;
 	}

Zotlabs/Daemon/Fetchparents.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace Zotlabs\Daemon;
+
+use Zotlabs\Lib\Activity;
+
+class Fetchparents {
+
+	static public function run($argc, $argv) {
+
+		logger('Fetchparents invoked: ' . print_r($argv, true));
+
+		if ($argc < 4) {
+			return;
+		}
+
+		$channels = explode(',', $argv[1]);
+		if (!$channels) {
+			return;
+		}
+
+		$observer_hash = $argv[2];
+		if (!$observer_hash) {
+			return;
+		}
+
+		$mid = $argv[3];
+		if (!$mid) {
+			return;
+		}
+
+		$force = $argv[4] ?? false;
+
+		foreach ($channels as $channel_id) {
+			$channel = channelx_by_n($channel_id);
+			Activity::fetch_and_store_parents($channel, $observer_hash, $mid, null, $force);
+		}
+
+		return;
+
+	}
+}

Zotlabs/Daemon/Master.php

@@ -37,7 +37,7 @@ class Master {
 			return;
 		}
 
-		$phpbin = get_config('system', 'phpbin', 'php');
+		$phpbin = Config::Get('system', 'phpbin', 'php');
 		proc_run($phpbin, 'Zotlabs/Daemon/Master.php', $arr);
 */
 	}

Zotlabs/Daemon/Notifier.php

@@ -2,10 +2,10 @@
 
 namespace Zotlabs\Daemon;
 
-use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Activity;
+use Zotlabs\Lib\Config;
+use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Queue;
-use Zotlabs\Lib\LDSignatures;
 
 require_once('include/html2plain.php');
 require_once('include/conversation.php');
@@ -271,14 +271,13 @@ class Notifier {
 			// Check for non published items, but allow an exclusion for transmitting hidden file activities
 
 			if (intval($target_item['item_unpublished']) || intval($target_item['item_delayed']) ||
-				intval($target_item['item_blocked']) ||
-				(intval($target_item['item_hidden']) && ($target_item['obj_type'] !== ACTIVITY_OBJ_FILE))) {
+				intval($target_item['item_blocked']) || intval($target_item['item_hidden'])) {
 				logger('notifier: target item not published, so not forwardable', LOGGER_DEBUG);
 				return;
 			}
 
 			// follow/unfollow is for internal use only
-			if (in_array($target_item['verb'], [ACTIVITY_FOLLOW, ACTIVITY_UNFOLLOW])) {
+			if (in_array($target_item['verb'], ['Follow', 'Ignore', ACTIVITY_FOLLOW, ACTIVITY_UNFOLLOW])) {
 				logger('not fowarding follow/unfollow note activity');
 				return;
 			}
@@ -300,6 +299,11 @@ class Notifier {
 				return;
 			}
 
+			if ($target_item['verb'] === ACTIVITY_SHARE) {
+				// Provide correct representation across the wire. Internally this is treated as a comment.
+				$target_item['parent_mid'] = $target_item['thr_parent'] = $target_item['mid'];
+			}
+
 			if ($target_item['mid'] === $target_item['parent_mid']) {
 				$parent_item    = $target_item;
 				$top_level_post = true;
@@ -337,14 +341,7 @@ class Notifier {
 				self::$encoded_item = json_decode($m, true);
 			}
 			else {
-
-				self::$encoded_item = array_merge(['@context' => [
-					ACTIVITYSTREAMS_JSONLD_REV,
-					'https://w3id.org/security/v1',
-					z_root() . ZOT_APSCHEMA_REV
-				]], Activity::encode_activity($target_item)
-				);
-				self::$encoded_item['signature'] = LDSignatures::sign(self::$encoded_item, self::$channel);
+				self::$encoded_item = Activity::build_packet(Activity::encode_activity($target_item), self::$channel, false);
 			}
 
 			logger('target_item: ' . print_r($target_item, true), LOGGER_DEBUG);
@@ -377,6 +374,7 @@ class Notifier {
 
 			if (($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
 				logger('notifier: followup relay', LOGGER_DEBUG);
+				// If the Parent item is an Announce the real owner is the parent author
 				$sendto            = (($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']);
 				self::$recipients  = [$sendto];
 				self::$private     = true;
@@ -409,7 +407,7 @@ class Notifier {
 				self::$private    = false;
 				self::$recipients = collect_recipients($parent_item, self::$private);
 
-				if ($top_level_post) {
+				if ($top_level_post && intval($target_item['item_wall'])) {
 					// remove clones who will receive the post via sync
 					self::$recipients = array_values(array_diff(self::$recipients, [$target_item['owner_xchan']]));
 				}
@@ -671,7 +669,7 @@ class Notifier {
 			);
 
 			// only create delivery reports for normal undeleted items
-			if (is_array($target_item) && (!$target_item['item_deleted']) && (!get_config('system', 'disable_dreport'))) {
+			if (is_array($target_item) && (!$target_item['item_deleted']) && (!Config::Get('system', 'disable_dreport'))) {
 				q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan, dreport_queue )
 					values ( '%s', '%s','%s','%s','%s','%s','%s','%s' ) ",
 					dbesc($target_item['mid']),
@@ -701,7 +699,7 @@ class Notifier {
 			do_delivery(self::$deliveries);
 		}
 
-		if ($dead_hosts && is_array($target_item) && (!$target_item['item_deleted']) && (!get_config('system', 'disable_dreport'))) {
+		if ($dead_hosts && is_array($target_item) && (!$target_item['item_deleted']) && (!Config::Get('system', 'disable_dreport'))) {
 			foreach ($dead_hosts as $deceased_host) {
 				$r = q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_name, dreport_result, dreport_time, dreport_xchan, dreport_queue )
 					values ( '%s', '%s','%s','%s','%s','%s','%s','%s' ) ",

Zotlabs/Daemon/Onepoll.php

@@ -5,6 +5,7 @@ namespace Zotlabs\Daemon;
 use Zotlabs\Lib\Activity;
 use Zotlabs\Lib\ActivityStreams;
 use Zotlabs\Lib\ASCollection;
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libzot;
 
 require_once('include/socgraph.php');
@@ -25,7 +26,7 @@ class Onepoll {
 		}
 
 		$sql_extra = '';
-		$allow_feeds = get_config('system', 'feed_contacts');
+		$allow_feeds = Config::Get('system', 'feed_contacts');
 		if(!$allow_feeds) {
 			$sql_extra = ' and abook_feed = 0 ';
 		}
@@ -125,7 +126,7 @@ class Onepoll {
 
 		if ($fetch_feed) {
 
-			$max = intval(get_config('system', 'max_imported_posts', 30));
+			$max = intval(Config::Get('system', 'max_imported_posts', 30));
 
 			if (intval($max)) {
 				$cl = Activity::get_actor_collections($contact['abook_xchan']);

Zotlabs/Daemon/Poller.php

@@ -2,11 +2,13 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
+
 class Poller {
 
 	static public function run($argc, $argv) {
 
-		$maxsysload = intval(get_config('system', 'maxloadavg'));
+		$maxsysload = intval(Config::Get('system', 'maxloadavg'));
 		if ($maxsysload < 1)
 			$maxsysload = 50;
 		if (function_exists('sys_getloadavg')) {
@@ -17,7 +19,7 @@ class Poller {
 			}
 		}
 
-		$interval = get_config('queueworker', 'queue_interval', 500000);
+		$interval = Config::Get('queueworker', 'queue_interval', 500000);
 
 		logger('poller: start');
 
@@ -43,13 +45,13 @@ class Poller {
 		reload_plugins();
 
 		// Only poll from those with suitable relationships
-		$abandon_days = intval(get_config('system', 'account_abandon_days', 0));
+		$abandon_days = intval(Config::Get('system', 'account_abandon_days', 0));
 		$abandon_sql = (($abandon_days)
 			? sprintf(" AND account_lastlog > %s - INTERVAL %s ", db_utcnow(), db_quoteinterval(intval($abandon_days) . ' DAY'))
 			: ''
 		);
 
-		$allow_feeds = get_config('system', 'feed_contacts');
+		$allow_feeds = Config::Get('system', 'feed_contacts');
 		if(!$allow_feeds) {
 			$sql_extra .= ' and abook_feed = 0 ';
 		}
@@ -81,7 +83,7 @@ class Poller {
 				if (intval($contact['abook_feed'])) {
 					$min = service_class_fetch($contact['abook_channel'], 'minimum_feedcheck_minutes');
 					if (!$min)
-						$min = intval(get_config('system', 'minimum_feedcheck_minutes'));
+						$min = intval(Config::Get('system', 'minimum_feedcheck_minutes'));
 					if (!$min)
 						$min = 60;
 
@@ -167,7 +169,7 @@ class Poller {
 			}
 		}
 
-		$dirmode = intval(get_config('system', 'directory_mode'));
+		$dirmode = intval(Config::Get('system', 'directory_mode'));
 
 		if ($dirmode == DIRECTORY_MODE_SECONDARY || $dirmode == DIRECTORY_MODE_PRIMARY) {
 			$r = q("SELECT * FROM updates WHERE ud_update = 1 AND (ud_last = '%s' OR ud_last > %s - INTERVAL %s)",
@@ -195,7 +197,7 @@ class Poller {
 			}
 		}
 
-		set_config('system', 'lastpoll', datetime_convert());
+		Config::Set('system', 'lastpoll', datetime_convert());
 
 		return;
 	}

Zotlabs/Daemon/Queue.php

@@ -55,6 +55,8 @@ class Queue {
 				foreach ($qItems as $qItem) {
 					$deliveries[] = $qItem['outq_hash'];
 				}
+
+				shuffle($deliveries);
 				do_delivery($deliveries, true);
 			}
 		 }

Zotlabs/Daemon/Thumbnail.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Daemon;
 
+use Zotlabs\Lib\Config;
 
 class Thumbnail {
 
@@ -19,9 +20,9 @@ class Thumbnail {
 
 		$attach = $c[0];
 
-		$preview_style  = intval(get_config('system', 'thumbnail_security', 0));
-		$preview_width  = intval(get_config('system', 'thumbnail_width', 300));
-		$preview_height = intval(get_config('system', 'thumbnail_height', 300));
+		$preview_style  = intval(Config::Get('system', 'thumbnail_security', 0));
+		$preview_width  = intval(Config::Get('system', 'thumbnail_width', 300));
+		$preview_height = intval(Config::Get('system', 'thumbnail_height', 300));
 
 		$p = [
 			'attach'         => $attach,

Zotlabs/Daemon/Xchan_photo.php

@@ -0,0 +1,37 @@
+<?php
+
+/** @file */
+
+namespace Zotlabs\Daemon;
+
+class Xchan_photo {
+
+	static public function run($argc, $argv) {
+
+		if ($argc < 3) {
+			return;
+		}
+
+		$url   = hex2bin($argv[1]);
+		$xchan = hex2bin($argv[2]);
+		$force = $argv[3];
+
+		$photos = import_xchan_photo($url, $xchan, false, $force);
+		if ($photos) {
+			$result = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'",
+				dbescdate(datetime_convert()),
+				dbesc($photos[0]),
+				dbesc($photos[1]),
+				dbesc($photos[2]),
+				dbesc($photos[3]),
+				dbesc($xchan)
+			);
+
+			if (! $result) {
+				logger("xchan photo update failed for $url");
+			}
+		}
+
+		return;
+	}
+}

Zotlabs/Daemon/Zotconvo.php

@@ -10,7 +10,12 @@ class Zotconvo {
 
 		logger('Zotconvo invoked: ' . print_r($argv, true));
 
-		if ($argc != 3) {
+		if ($argc < 3) {
+			return;
+		}
+
+		$channels = explode(',', $argv[1]);
+		if (!$channels) {
 			return;
 		}
 
@@ -19,12 +24,12 @@ class Zotconvo {
 			return;
 		}
 
-		$channel = channelx_by_n(intval($argv[1]));
-		if (!$channel) {
-			return;
-		}
+		$force = $argv[3] ?? false;
 
-		Libzot::fetch_conversation($channel, $mid);
+		foreach ($channels as $channel_id) {
+			$channel = channelx_by_n($channel_id);
+			Libzot::fetch_conversation($channel, $mid, $force);
+		}
 
 		return;
 

Zotlabs/Extend/Route.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Extend;
 
+use Zotlabs\Lib\Config;
 
 class Route {
 
@@ -38,11 +39,11 @@ class Route {
 	}
 
 	static function get() {
-		return get_config('system','routes',[]);
+		return Config::Get('system','routes',[]);
 	}
 
 	static function set($r) {
-		return set_config('system','routes',$r);
+		return Config::Set('system','routes',$r);
 	}
 }
 

Zotlabs/Extend/Widget.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Extend;
 
+use Zotlabs\Lib\Config;
 
 class Widget {
 
@@ -38,10 +39,10 @@ class Widget {
 	}
 
 	static function get() {
-		return get_config('system','widgets',[]);
+		return Config::Get('system','widgets',[]);
 	}
 
 	static function set($r) {
-		return set_config('system','widgets',$r);
+		return Config::Set('system','widgets',$r);
 	}
 }

Zotlabs/Identity/OAuth2Server.php

@@ -2,6 +2,8 @@
 
 namespace Zotlabs\Identity;
 
+use Zotlabs\Lib\Config;
+
 class OAuth2Server extends \OAuth2\Server {
 
 	public function __construct(OAuth2Storage $storage, $config = null) {
@@ -24,8 +26,8 @@ class OAuth2Server extends \OAuth2\Server {
 
 		$keyStorage = new \OAuth2\Storage\Memory( [
 			'keys' => [
-				'public_key'  => get_config('system', 'pubkey'),
-				'private_key' => get_config('system', 'prvkey')
+				'public_key'  => Config::Get('system', 'pubkey'),
+				'private_key' => Config::Get('system', 'prvkey')
 			]
 		]);
 

Zotlabs/Lib/ASCache.php

@@ -0,0 +1,33 @@
+<?php /** @file */
+
+namespace Zotlabs\Lib;
+
+	/**
+	 *  A wrapper for the cache api
+	 */
+
+class ASCache {
+	public static function isEnabled() {
+		return Config::Get('system', 'as_object_cache_enabled', true);
+	}
+
+	public static function getAge() {
+		return Config::Get('system', 'as_object_cache_time', '10 MINUTE');
+	}
+
+	public static function Get($key) {
+		if (!self::isEnabled()) {
+			return;
+		}
+
+		return Cache::get($key, self::getAge());
+	}
+
+	public static function Set($key, $value) {
+		if (!self::isEnabled()) {
+			return;
+		}
+
+		Cache::set($key, $value);
+	}
+}

Zotlabs/Lib/ActivityStreams.php

@@ -14,6 +14,7 @@ class ActivityStreams {
 	public $meta = null;
 	public $valid = false;
 	public $deleted = false;
+	public $portable_id = null;
 	public $id = '';
 	public $parent_id = '';
 	public $type = '';
@@ -23,10 +24,11 @@ class ActivityStreams {
 	public $origin = null;
 	public $owner = null;
 	public $signer = null;
-	public $ldsig = null;
+	public $sig = null;
 	public $sigok = false;
 	public $recips = null;
 	public $raw_recips = null;
+	public $saved_recips = null;
 
 	/**
 	 * @brief Constructor for ActivityStreams.
@@ -35,12 +37,13 @@ class ActivityStreams {
 	 *
 	 * @param string $string
 	 */
-	function __construct($string) {
+	function __construct($string, $portable_id = null) {
 
 		if(!$string)
 			return;
 
 		$this->raw = $string;
+		$this->portable_id = $portable_id;
 
 		if (is_array($string)) {
 			$this->data = $string;
@@ -86,7 +89,16 @@ class ActivityStreams {
 
 		// Attempt to assemble an Activity from what we were given.
 		if ($this->is_valid()) {
-			$this->id     = $this->get_property_obj('id');
+			$this->id = $this->get_property_obj('id');
+
+			if  (!$this->id) {
+				logger('Data with mmissing id: ' . print_r($this->data, true));
+				return;
+			}
+
+			// cache for future use
+			ASCache::Set($this->id, 'json:' . $this->raw);
+
 			$this->type   = $this->get_primary_type();
 			$this->actor  = $this->get_actor('actor', '', '');
 			$this->obj    = $this->get_compound_property('object');
@@ -94,11 +106,19 @@ class ActivityStreams {
 			$this->origin = $this->get_compound_property('origin');
 			$this->recips = $this->collect_recips();
 
-			$this->ldsig = $this->get_compound_property('signature');
-			if ($this->ldsig) {
-				$this->signer = $this->get_actor('creator', $this->ldsig);
-				if ($this->signer && is_array($this->signer) && array_key_exists('publicKey', $this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
-					$this->sigok = LDSignatures::verify($this->data, $this->signer['publicKey']['publicKeyPem']);
+			$this->sig = $this->get_compound_property('proof');
+			if ($this->sig) {
+				$this->checkEddsaSignature(); // will set signer and sigok if everything works out
+			}
+
+			// Try LDSignatures if edsig failed
+			if (!$this->sigok) {
+				$this->sig = $this->get_compound_property('signature');
+				if ($this->sig) {
+					$this->signer = $this->get_actor('creator', $this->sig);
+					if ($this->signer && is_array($this->signer) && array_key_exists('publicKey', $this->signer) && is_array($this->signer['publicKey']) && $this->signer['publicKey']['publicKeyPem']) {
+						$this->sigok = LDSignatures::verify($this->data, $this->signer['publicKey']['publicKeyPem']);
+					}
 				}
 			}
 
@@ -110,26 +130,34 @@ class ActivityStreams {
 				}
 			}
 
-			// fetch recursive or embedded activities
+			// Fetch recursive or embedded activities
 
 			if ($this->obj && is_array($this->obj) && array_key_exists('object', $this->obj)) {
 				$this->obj['object'] = $this->get_compound_property('object', $this->obj);
 			}
 
-			if ($this->obj && is_array($this->obj) && isset($this->obj['actor']))
+			// Enumerate and store actors in referenced objects
+
+			if ($this->obj && is_array($this->obj) && isset($this->obj['actor'])) {
 				$this->obj['actor'] = $this->get_actor('actor', $this->obj);
-			if ($this->tgt && is_array($this->tgt) && isset($this->tgt['actor']))
-				$this->tgt['actor'] = $this->get_actor('actor', $this->tgt);
-
-			$this->parent_id = $this->get_property_obj('inReplyTo');
-
-			if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['inReplyTo'])) {
-				$this->parent_id = $this->obj['inReplyTo'];
 			}
 
-			if ((!$this->parent_id) && is_array($this->obj) && isset($this->obj['id'])) {
+			if ($this->tgt && is_array($this->tgt) && isset($this->tgt['actor'])) {
+				$this->tgt['actor'] = $this->get_actor('actor', $this->tgt);
+			}
+
+			// Determine if this is a followup or response activity
+
+			$this->parent_id = ((is_array($this->get_property_obj('inReplyTo'))) ? $this->get_property_obj('inReplyTo')['id'] : $this->get_property_obj('inReplyTo'));
+
+			if (!$this->parent_id && isset($this->obj['inReplyTo'])) {
+				$this->parent_id = ((is_array($this->obj['inReplyTo'])) ? $this->obj['inReplyTo']['id'] : $this->obj['inReplyTo']);
+			}
+
+			if (!$this->parent_id && isset($this->obj['id'])) {
 				$this->parent_id = $this->obj['id'];
 			}
+
 		}
 	}
 
@@ -302,12 +330,27 @@ class ActivityStreams {
 	 * @return NULL|mixed
 	 */
 
-	function fetch_property($url) {
-		return self::fetch($url);
-	}
+	function fetch_property($url, $channel = null) {
+		$x = null;
 
-	static function fetch($url, $channel = null) {
-		return Activity::fetch($url, $channel);
+		if (str_starts_with($url, z_root() . '/item/')) {
+			$x = Activity::fetch_local($url, $this->portable_id ?? '');
+			logger('local: ' . print_r($x,true));
+		}
+
+		if (!$x) {
+			$x = Activity::fetch($url, $channel);
+			if ($x === null && strpos($url, '/channel/')) {
+				// look for other nomadic channels which might be alive
+				$zf = Zotfinger::exec($url, $channel);
+				if ($zf) {
+					$url = $zf['signature']['signer'];
+					$x = Activity::fetch($url, $channel);
+				}
+			}
+		}
+
+		return $x;
 	}
 
 	static function is_an_actor($s) {
@@ -318,7 +361,7 @@ class ActivityStreams {
 		if (!$s) {
 			return false;
 		}
-		return (in_array($s, ['Like', 'Dislike', 'Flag', 'Block', 'Accept', 'Reject', 'TentativeAccept', 'TentativeReject', 'emojiReaction', 'EmojiReaction', 'EmojiReact']));
+		return (in_array($s, ['Announce', 'Like', 'Dislike', 'Flag', 'Block', 'Accept', 'Reject', 'TentativeAccept', 'TentativeReject', 'emojiReaction', 'EmojiReaction', 'EmojiReact']));
 	}
 
 	/**
@@ -334,7 +377,7 @@ class ActivityStreams {
 		$x = $this->get_property_obj($property, $base, $namespace);
 
 		if ($this->is_url($x)) {
-			$y = Activity::get_cached_actor($x);
+			$y = Activity::get_actor($x);
 			if ($y) {
 				return $y;
 			}
@@ -367,12 +410,24 @@ class ActivityStreams {
 		$x = $this->get_property_obj($property, $base, $namespace);
 
 		if ($this->is_url($x)) {
-			$y = $this->fetch_property($x);
+			$cached = ASCache::Get($x);
+			if ($cached) {
+				// logger('AS cached: ' . $x);
+				$y = unserialise($cached);
+			}
+			else {
+				// logger('AS fetching: ' . $x);
+				$y = $this->fetch_property($x);
+				if ($y) {
+					ASCache::Set($x, serialise($y));
+				}
+			}
 			if (is_array($y)) {
 				$x = $y;
 			}
 		}
 
+
 		// verify and unpack JSalmon signature if present
 
 		if (is_array($x) && array_key_exists('signed', $x)) {
@@ -472,4 +527,58 @@ class ActivityStreams {
 
 	}
 
+	public function checkEddsaSignature() {
+		$signer = $this->get_property_obj('verificationMethod', $this->sig);
+
+		$parseUrl = parse_url($signer);
+
+		if (isset($parseUrl['fragment'])) {
+			if (str_starts_with($parseUrl['fragment'], 'z6Mk')) {
+				$publicKey = $parseUrl['fragment'];
+			}
+			unset($parseUrl['fragment']);
+		}
+
+		if (isset($parseUrl['query'])) {
+			unset($parseUrl['query']);
+		}
+
+		$url = unparse_url($parseUrl);
+
+		$hublocs = Activity::get_actor_hublocs($url);
+
+		$hasStoredKey = false;
+		if ($hublocs) {
+			foreach ($hublocs as $hubloc) {
+				if ($publicKey && $hubloc['xchan_epubkey'] === $publicKey) {
+					$hasStoredKey = true;
+					break;
+				}
+			}
+		}
+
+		if (!$hasStoredKey) {
+			$this->signer = Activity::get_actor($url);
+
+			if (isset($this->signer['assertionMethod'])) {
+				if (!isset($this->signer['assertionMethod'][0])) {
+					$this->signer['assertionMethod'] = [$this->signer['assertionMethod']];
+				}
+
+				foreach($this->signer['assertionMethod'] as $am) {
+					if ($url === $am['controller'] &&
+						$am['type'] === 'Multikey' &&
+						str_starts_with($am['publicKeyMultibase'], 'z6Mk')
+					) {
+						$publicKey = $am['publicKeyMultibase'];
+					}
+				}
+			}
+		}
+
+		if ($publicKey) {
+			$this->sigok = (new JcsEddsa2022)->verify($this->data, $publicKey);
+		}
+	}
+
 }

Zotlabs/Lib/Apps.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Lib;
 
 use App;
+use Zotlabs\Lib\Config;
 
 require_once('include/plugin.php');
 require_once('include/channel.php');
@@ -65,7 +66,7 @@ class Apps {
 	}
 
 	static public function get_base_apps() {
-		$x = get_config('system','base_apps',[
+		$x = Config::Get('system','base_apps',[
 			'Connections',
 			'Contact Roles',
 			'Network',
@@ -301,7 +302,7 @@ class Apps {
 						break;
 					default:
 						if($config)
-							$unset = ((get_config('system', $require[0]) == $require[1]) ? false : true);
+							$unset = ((Config::Get('system', $require[0]) == $require[1]) ? false : true);
 						else
 							$unset = ((local_channel() && feature_enabled(local_channel(),$require)) ? false : true);
 						if($unset)
@@ -352,8 +353,6 @@ class Apps {
 			'Directory' => t('Directory'),
 			'Help' => t('Help'),
 			'Mail' => t('Mail'),
-			'Mood' => t('Mood'),
-			'Poke' => t('Poke'),
 			'Chat' => t('Chat'),
 			'Search' => t('Search'),
 			'Probe' => t('Probe'),
@@ -419,11 +418,28 @@ class Apps {
 	static public function app_render($papp, $mode = 'view') {
 		$installed = false;
 
-		if(! $papp)
+		if(!$papp) {
 			return;
+		}
 
-		if(! $papp['photo'])
+		/**
+		 * @hooks app_render_before
+		 * Hook to manipulate the papp array before rendering
+		 */
+
+		$hookinfo = [
+			'name' => $papp['name'],
+			'photo' => $papp['photo']
+		];
+
+		call_hooks('app_render_manipulate_photo', $hookinfo);
+
+		// We will only allow to manipulate the photo
+		$papp['photo'] = $hookinfo['photo'];
+
+		if(!$papp['photo']) {
 			$papp['photo'] = 'icon:gear';
+		}
 
 		self::translate_system_apps($papp);
 
@@ -508,7 +524,7 @@ class Apps {
 							break;
 						default:
 							if($config)
-								$unset = ((get_config('system', $require[0]) === $require[1]) ? false : true);
+								$unset = ((Config::Get('system', $require[0]) === $require[1]) ? false : true);
 							else
 								$unset = ((local_channel() && feature_enabled(local_channel(),$require)) ? false : true);
 							if($unset)
@@ -945,7 +961,7 @@ class Apps {
 
 		$conf = (($menu === 'nav_featured_app') ? 'app_order' : 'app_pin_order');
 
-		$x = (($uid) ? get_pconfig($uid,'system',$conf) : get_config('system',$conf));
+		$x = (($uid) ? get_pconfig($uid,'system',$conf) : Config::Get('system',$conf));
 		if(($x) && (! is_array($x))) {
 			$y = explode(',',$x);
 			$y = array_map('trim',$y);

Zotlabs/Lib/Cache.php

@@ -2,53 +2,56 @@
 
 namespace Zotlabs\Lib;
 
-	/**
-	 *  cache api
-	 */
-	 
+use Zotlabs\Lib\Config;
+
+/**
+ *  cache api
+ */
 class Cache {
-    
+
     /**
      * @brief Returns cached content
-     * 
+     *
      * @param string $key
      * @param string $age in SQL format, default is '30 DAY'
      * @return string
      */
-    
-	public static function get($key, $age = '') {
 
-		$hash = hash('whirlpool',$key);
+	public static function get($key, $age = '') {
+//		$hash = hash('whirlpool',$key);
+		$hash = uuid_from_url($key);
 
 		$r = q("SELECT v FROM cache WHERE k = '%s' AND updated > %s - INTERVAL %s LIMIT 1",
 			dbesc($hash),
 			db_utcnow(),
-			db_quoteinterval(($age ? $age : get_config('system','object_cache_days', '30') . ' DAY'))
+			db_quoteinterval(($age ? $age : Config::Get('system','object_cache_days', '30') . ' DAY'))
 		);
-			
+
 		if ($r)
 			return $r[0]['v'];
 		return null;
 	}
-		
+
 	public static function set($key,$value) {
+//		$hash = hash('whirlpool',$key);
+		$hash = uuid_from_url($key);
 
-		$hash = hash('whirlpool',$key);
-
-		$r = q("SELECT * FROM cache WHERE k = '%s' limit 1",
+		$r = q("SELECT * FROM cache WHERE k = '%s' LIMIT 1",
 			dbesc($hash)
 		);
 		if($r) {
 			q("UPDATE cache SET v = '%s', updated = '%s' WHERE k = '%s'",
 				dbesc($value),
 				dbesc(datetime_convert()),
-				dbesc($hash));
+				dbesc($hash)
+			);
 		}
 		else {
-			q("INSERT INTO cache ( k, v, updated) VALUES ('%s','%s','%s')",
+			q("INSERT INTO cache (k, v, updated) VALUES ('%s', '%s', '%s')",
 				dbesc($hash),
 				dbesc($value),
-				dbesc(datetime_convert()));
+				dbesc(datetime_convert())
+			);
 		}
 	}
 }

Zotlabs/Lib/Config.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Lib;
 
+use App;
 
 class Config {
 
@@ -14,20 +15,41 @@ class Config {
 	 * @param string $family
 	 *  The category of the configuration value
 	 */
-	static public function Load($family) {
-		if(! array_key_exists($family, \App::$config))
-			\App::$config[$family] = array();
+	public static function Load($family, $recursionCounter = 0) {
+		if (! array_key_exists($family, App::$config)) {
+			App::$config[$family] = [];
+		}
 
-		if(! array_key_exists('config_loaded', \App::$config[$family])) {
+		// We typically continue when presented with minor DB issues,
+		// but loading the site configuration is more important.
+
+		// Check for query returning false and give it approx 30 seconds
+		// to recover if there's a problem. This is intended to fix a
+		// rare issue on Galera where temporary sync issues were causing
+		// the site encryption keys to be regenerated, which was causing
+		// communication issues for members.
+
+		// This code probably belongs at the database layer, but we don't
+		// necessarily want to shut the site down for problematic queries
+		// caused by bad data. That could be used in a denial of service
+		// attack. Those do need to be (and they are) logged.
+
+		if (! array_key_exists('config_loaded', App::$config[$family])) {
 			$r = q("SELECT * FROM config WHERE cat = '%s'", dbesc($family));
-			if($r !== false) {
-				if($r) {
-					foreach($r as $rr) {
-						$k = $rr['k'];
-						\App::$config[$family][$k] = $rr['v'];
-					}
+			if ($r === false && !App::$install) {
+				sleep(3);
+				$recursionCounter ++;
+				if ($recursionCounter > 10) {
+					system_unavailable();
 				}
-				\App::$config[$family]['config_loaded'] = true;
+				self::Load($family, $recursionCounter);
+			}
+			elseif (is_array($r)) {
+				foreach ($r as $rr) {
+					$k = $rr['k'];
+					App::$config[$family][$k] = $rr['v'];
+				}
+				App::$config[$family]['config_loaded'] = true;
 			}
 		}
 	}
@@ -46,19 +68,19 @@ class Config {
 	 * @return mixed
 	 *  Return the set value, or false if the database update failed
 	 */
-	static public function Set($family, $key, $value) {
+	public static function Set($family, $key, $value) {
 		// manage array value
-		$dbvalue = ((is_array($value))  ? serialize($value) : $value);
+		$dbvalue = ((is_array($value))  ? 'json:' . json_encode($value) : $value);
 		$dbvalue = ((is_bool($dbvalue)) ? intval($dbvalue)  : $dbvalue);
 
-		if(self::Get($family, $key) === false || (! self::get_from_storage($family, $key))) {
+		if (self::Get($family, $key) === false || (! self::get_from_storage($family, $key))) {
 			$ret = q("INSERT INTO config ( cat, k, v ) VALUES ( '%s', '%s', '%s' ) ",
 				dbesc($family),
 				dbesc($key),
 				dbesc($dbvalue)
 			);
-			if($ret) {
-				\App::$config[$family][$key] = $value;
+			if ($ret) {
+				App::$config[$family][$key] = $value;
 				$ret = $value;
 			}
 			return $ret;
@@ -70,8 +92,8 @@ class Config {
 			dbesc($key)
 		);
 
-		if($ret) {
-			\App::$config[$family][$key] = $value;
+		if ($ret) {
+			App::$config[$family][$key] = $value;
 			$ret = $value;
 		}
 
@@ -93,21 +115,37 @@ class Config {
 	 *  The category of the configuration value
 	 * @param string $key
 	 *  The configuration key to query
-	 * @param string $default (optional) default false
+	 * @param mixed $default (optional) default false
 	 * @return mixed Return value or false on error or if not set
 	 */
-	static public function Get($family, $key, $default = false) {
-		if((! array_key_exists($family, \App::$config)) || (! array_key_exists('config_loaded', \App::$config[$family])))
-			self::Load($family);
+	public static function Get($family, $key, $default = false) {
 
-		if(array_key_exists('config_loaded', \App::$config[$family])) {
-			if(! array_key_exists($key, \App::$config[$family])) {
+		if ((! array_key_exists($family, App::$config)) || (! array_key_exists('config_loaded', App::$config[$family]))) {
+			self::Load($family);
+		}
+
+		if (array_key_exists('config_loaded', App::$config[$family])) {
+			if (! array_key_exists($key, App::$config[$family])) {
 				return $default;
 			}
-			return ((! is_array(\App::$config[$family][$key])) && (preg_match('|^a:[0-9]+:{.*}$|s', \App::$config[$family][$key]))
-				? unserialize(\App::$config[$family][$key])
-				: \App::$config[$family][$key]
-			);
+
+			$value = App::$config[$family][$key];
+
+			if (! is_array($value)) {
+				if (substr($value, 0, 5) == 'json:') {
+					return json_decode(substr($value, 5), true);
+				} else if (preg_match('|^a:[0-9]+:{.*}$|s', $value)) {
+					// Unserialize in inherently unsafe. Try to mitigate by not
+					// allowing unserializing objects. Only kept for backwards
+					// compatibility. JSON serialization should be prefered.
+					return unserialize($value, array('allowed_classes' => false));
+				} else {
+					return $value;
+				}
+			}
+			else {
+				return $value;
+			}
 		}
 
 		return $default;
@@ -125,12 +163,13 @@ class Config {
 	 *  The configuration key to delete
 	 * @return mixed
 	 */
-	static public function Delete($family, $key) {
+	public static function Delete($family, $key) {
 
 		$ret = false;
 
-		if(array_key_exists($family, \App::$config) && array_key_exists($key, \App::$config[$family]))
-			unset(\App::$config[$family][$key]);
+		if (array_key_exists($family, App::$config) && array_key_exists($key, App::$config[$family])) {
+			unset(App::$config[$family][$key]);
+		}
 
 		$ret = q("DELETE FROM config WHERE cat = '%s' AND k = '%s'",
 			dbesc($family),
@@ -153,7 +192,7 @@ class Config {
 	 *  The configuration key to query
 	 * @return mixed
 	 */
-	static private function get_from_storage($family,$key) {
+	private static function get_from_storage($family, $key) {
 		$ret = q("SELECT * FROM config WHERE cat = '%s' AND k = '%s' LIMIT 1",
 			dbesc($family),
 			dbesc($key)
@@ -161,5 +200,4 @@ class Config {
 
 		return $ret;
 	}
-
 }

Zotlabs/Lib/Connect.php

@@ -5,8 +5,7 @@ namespace Zotlabs\Lib;
 use App;
 use Zotlabs\Access\Permissions;
 use Zotlabs\Daemon\Master;
-
-
+use Zotlabs\Lib\Config;
 
 class Connect {
 
@@ -96,7 +95,7 @@ class Connect {
 			$wf = discover_by_webbie($url,$protocol);
 
 			if (! $wf) {
-				$feeds = get_config('system','feed_contacts');
+				$feeds = Config::Get('system','feed_contacts');
 
 				if (($feeds) && (in_array($protocol, [ '', 'feed', 'rss' ]))) {
 					$d = discover_by_url($url);

Zotlabs/Lib/Crypto.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Lib;
 
 use Exception;
+use Zotlabs\Lib\Config;
 
 class Crypto {
 
@@ -44,7 +45,7 @@ class Crypto {
 			'encrypt_key'      => false
 		];
 
-		$conf = get_config('system', 'openssl_conf_file');
+		$conf = Config::Get('system', 'openssl_conf_file');
 
 		if ($conf) {
 			$openssl_options['config'] = $conf;

Zotlabs/Lib/DB_Upgrade.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Lib;
 
+use Zotlabs\Lib\Config;
 
 class DB_Upgrade {
 
@@ -13,9 +14,9 @@ class DB_Upgrade {
 		$this->config_name = 'db_version';
 		$this->func_prefix = '_';
 
-		$build = get_config('system', 'db_version', 0);
+		$build = Config::Get('system', 'db_version', 0);
 		if(! intval($build))
-			$build = set_config('system', 'db_version', $db_revision);
+			$build = Config::Set('system', 'db_version', $db_revision);
 
 		if($build == $db_revision) {
 			// Nothing to be done.
@@ -27,7 +28,7 @@ class DB_Upgrade {
 				logger('Critical: check_config unable to determine database schema version');
 				return;
 			}
-		
+
 			$current = intval($db_revision);
 
 			if($stored < $current) {
@@ -38,7 +39,7 @@ class DB_Upgrade {
 				for($x = $stored + 1; $x <= $current; $x ++) {
 					$s = '_' . $x;
 					$cls = '\\Zotlabs\Update\\' . $s ;
-					if(! class_exists($cls)) {					
+					if(! class_exists($cls)) {
 						return;
 					}
 
@@ -52,10 +53,10 @@ class DB_Upgrade {
 
 					Config::Load('database');
 
-					if(get_config('database', $s))
+					if(Config::Get('database', $s))
 						break;
-					set_config('database',$s, '1');
-					
+					Config::Set('database',$s, '1');
+
 
 					$c =  new $cls();
 
@@ -65,10 +66,10 @@ class DB_Upgrade {
 
 
 						$source = t('Source code of failed update: ') . "\n\n" . @file_get_contents('Zotlabs/Update/' . $s . '.php');
-												
+
 
 						// Prevent sending hundreds of thousands of emails by creating
-						// a lockfile.  
+						// a lockfile.
 
 						$lockfile = 'store/[data]/mailsent';
 
@@ -77,7 +78,7 @@ class DB_Upgrade {
 						@unlink($lockfile);
 						//send the administrator an e-mail
 						file_put_contents($lockfile, $x);
-							
+
 						$r = q("select account_language from account where account_email = '%s' limit 1",
 							dbesc(\App::$config['system']['admin_email'])
 						);
@@ -86,7 +87,7 @@ class DB_Upgrade {
 							[
 								'toEmail'        => \App::$config['system']['admin_email'],
 								'messageSubject' => sprintf( t('Update Error at %s'), z_root()),
-								'textVersion'    => replace_macros(get_intltext_template('update_fail_eml.tpl'), 
+								'textVersion'    => replace_macros(get_intltext_template('update_fail_eml.tpl'),
 									[
 										'$sitename' => \App::$config['system']['sitename'],
 										'$siteurl' =>  z_root(),
@@ -104,11 +105,11 @@ class DB_Upgrade {
 						pop_lang();
 					}
 					else {
-						set_config('database',$s, 'success');
+						Config::Set('database',$s, 'success');
 					}
 				}
 			}
-			set_config('system', 'db_version', $db_revision);
+			Config::Set('system', 'db_version', $db_revision);
 		}
 	}
-}
+}

Zotlabs/Lib/DReport.php

@@ -1,28 +1,33 @@
 <?php
 namespace Zotlabs\Lib;
 
+use Zotlabs\Lib\Config;
+
 class DReport {
 
 	private $location;
 	private $sender;
 	private $recipient;
+	private $name;
 	private $message_id;
+	private $message_uuid;
 	private $status;
 	private $date;
 
-	function __construct($location,$sender,$recipient,$message_id,$status = 'deliver') {
-		$this->location   = $location;
-		$this->sender     = $sender;
-		$this->recipient  = $recipient;
-		$this->name       = EMPTY_STR;
-		$this->message_id = $message_id;
-		$this->status     = $status;
-		$this->date       = datetime_convert();
+	function __construct($location, $sender, $recipient, $message_id, $message_uuid = '', $status = 'deliver') {
+		$this->location     = $location;
+		$this->sender       = $sender;
+		$this->recipient    = $recipient;
+		$this->name         = EMPTY_STR;
+		$this->message_id   = $message_id;
+		$this->message_uuid = $message_uuid;
+		$this->status       = $status;
+		$this->date         = datetime_convert();
 	}
 
 	function update($status) {
-		$this->status     = $status;
-		$this->date       = datetime_convert();
+		$this->status = $status;
+		$this->date   = datetime_convert();
 	}
 
 	function set_name($name) {
@@ -35,24 +40,26 @@ class DReport {
 
 
 	function set($arr) {
-		$this->location   = $arr['location'];
-		$this->sender     = $arr['sender'];
-		$this->recipient  = $arr['recipient'];
-		$this->name       = $arr['name'];
-		$this->message_id = $arr['message_id'];
-		$this->status     = $arr['status'];
-		$this->date       = $arr['date'];
+		$this->location     = $arr['location'];
+		$this->sender       = $arr['sender'];
+		$this->recipient    = $arr['recipient'];
+		$this->name         = $arr['name'];
+		$this->message_id   = $arr['message_id'];
+		$this->message_uuid = $arr['message_uuid'] ?? '';
+		$this->status       = $arr['status'];
+		$this->date         = $arr['date'];
 	}
 
 	function get() {
 		return array(
-			'location'   => $this->location,
-			'sender'     => $this->sender,
-			'recipient'  => $this->recipient,
-			'name'       => $this->name,
-			'message_id' => $this->message_id,
-			'status'     => $this->status,
-			'date'       => $this->date
+			'location'     => $this->location,
+			'sender'       => $this->sender,
+			'recipient'    => $this->recipient,
+			'name'         => $this->name,
+			'message_id'   => $this->message_id,
+			'message_uuid' => $this->message_uuid,
+			'status'       => $this->status,
+			'date'         => $this->date
 		);
 	}
 
@@ -65,7 +72,7 @@ class DReport {
 
 	static function is_storable($dr) {
 
-		if(get_config('system', 'disable_dreport'))
+		if(Config::Get('system', 'disable_dreport'))
 			return false;
 
 		/**

Zotlabs/Lib/Enotify.php

@@ -6,6 +6,7 @@ namespace Zotlabs\Lib;
  * @brief File with functions and a class for generating system and email notifications.
  */
 
+use Zotlabs\Lib\Config;
 
 class Enotify {
 
@@ -61,7 +62,7 @@ class Enotify {
 		$product    = t('$projectname'); // PLATFORM_NAME;
 		$siteurl    = z_root();
 		$thanks     = t('Thank You,');
-		$sitename   = get_config('system','sitename');
+		$sitename   = Config::Get('system','sitename');
 		$site_admin = sprintf( t('%s Administrator'), $sitename);
 		$opt_out1   = sprintf( t('This email was sent by %1$s at %2$s.'), t('$Projectname'), \App::get_hostname());
 		$opt_out2   = sprintf( t('To stop receiving these messages, please adjust your Notification Settings at %s'), z_root() . '/settings');
@@ -73,15 +74,15 @@ class Enotify {
 
 		// Do not translate 'noreply' as it must be a legal 7-bit email address
 
-		$reply_email = get_config('system', 'reply_address');
+		$reply_email = Config::Get('system', 'reply_address');
 		if(! $reply_email)
 			$reply_email = 'noreply' . '@' . $hostname;
 
-		$sender_email = get_config('system', 'from_email');
+		$sender_email = Config::Get('system', 'from_email');
 		if(! $sender_email)
 			$sender_email = 'Administrator' . '@' . $hostname;
 
-		$sender_name = get_config('system', 'from_email_name');
+		$sender_name = Config::Get('system', 'from_email_name');
 		if(! $sender_name)
 			$sender_name = \Zotlabs\Lib\System::get_site_name();
 
@@ -145,11 +146,11 @@ class Enotify {
 
 		$itemlink = $params['link'];
 
-		$action = t('commented on');
+		$action = (($moderated) ? t('requested to comment on') : t('commented on'));
 
 		if(array_key_exists('item',$params)) {
 
-			if(in_array($params['item']['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
+			if(in_array($params['item']['verb'], ['Like', 'Dislike', ACTIVITY_LIKE, ACTIVITY_DISLIKE, ACTIVITY_SHARE])) {
 
 				if(! $always_show_in_notices || !($vnotify & VNOTIFY_LIKE)) {
 					logger('notification: not a visible activity. Ignoring.');
@@ -157,11 +158,14 @@ class Enotify {
 					return;
 				}
 
-				if(activity_match($params['verb'], ACTIVITY_LIKE))
-					$action = t('liked');
+				if(activity_match($params['verb'], ['Like', ACTIVITY_LIKE]))
+					$action = (($moderated) ? t('requested to like') : t('liked'));
 
-				if(activity_match($params['verb'], ACTIVITY_DISLIKE))
-					$action = t('disliked');
+				if(activity_match($params['verb'], ['Dislike', ACTIVITY_DISLIKE]))
+					$action = (($moderated) ? t('requested to dislike') : t('disliked'));
+
+				if(activity_match($params['verb'], ACTIVITY_SHARE))
+					$action = t('repeated');
 
 			}
 
@@ -259,7 +263,7 @@ class Enotify {
 
 		$itemlink =  $params['link'];
 
-		if (array_key_exists('item',$params) && (activity_match($params['item']['verb'], ACTIVITY_LIKE) || activity_match($params['item']['verb'], ACTIVITY_DISLIKE))) {
+		if (array_key_exists('item',$params) && (activity_match($params['item']['verb'], ['Like', 'Dislike', ACTIVITY_LIKE, ACTIVITY_DISLIKE]))) {
 			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE) || !feature_enabled($recip['channel_id'], 'dislike')) {
 				logger('notification: not a visible activity. Ignoring.');
 				pop_lang();
@@ -307,7 +311,14 @@ class Enotify {
 
 		$parent_item = $p[0];
 
-		$verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked'));
+		//$verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked'));
+		$moderated = (($params['item']['item_blocked'] == ITEM_MODERATED) ? true : false);
+
+		if(activity_match($params['item']['verb'], ['Like', ACTIVITY_LIKE]))
+			$verb = (($moderated) ? t('requested to like') : t('liked'));
+
+		if(activity_match($params['item']['verb'], ['Dislike', ACTIVITY_DISLIKE]))
+			$verb = (($moderated) ? t('requested to dislike') : t('disliked'));
 
 		// "your post"
 		if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
@@ -476,6 +487,8 @@ class Enotify {
 
 	require_once('include/html2bbcode.php');
 
+/*
+
 	do {
 		$dups = false;
 		$hash = random_string();
@@ -484,10 +497,12 @@ class Enotify {
 		if ($r)
 			$dups = true;
 	} while ($dups === true);
+*/
+
 
 
 	$datarray = [];
-	$datarray['hash']   = $hash;
+	$datarray['hash']   = $params['item']['uuid'] ?? new_uuid();
 	$datarray['sender_hash'] = $sender['xchan_hash'];
 	$datarray['xname']   = $sender['xchan_name'];
 	$datarray['url']    = $sender['xchan_url'];
@@ -498,7 +513,7 @@ class Enotify {
 	$datarray['link']   = $itemlink;
 	$datarray['parent'] = $parent_mid;
 	$datarray['parent_item'] = $parent_item;
-	$datarray['ntype']   = $params['type'] ?? '';
+	$datarray['ntype']   = $params['type'] ?? 0;
 	$datarray['verb']   = $params['verb'] ?? '';
 	$datarray['otype']  = $params['otype'] ?? '';
  	$datarray['abort']  = false;
@@ -546,8 +561,9 @@ class Enotify {
 		dbesc($datarray['otype'])
 	);
 
-	$r = q("select id from notify where hash = '%s' and uid = %d limit 1",
-		dbesc($hash),
+	$r = q("select id from notify where hash = '%s' and ntype = %d and uid = %d limit 1",
+		dbesc($datarray['hash']),
+		intval($datarray['ntype']),
 		intval($recip['channel_id'])
 	);
 	if ($r) {
@@ -828,18 +844,6 @@ class Enotify {
 				: (($item['obj_type'] === 'Answer') ? sprintf( t('voted on %s\'s poll'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]') : sprintf( t('commented on %s\'s post'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]'))
 			);
 
-			if($item['verb'] === ACTIVITY_SHARE && empty($item['owner']['xchan_pubforum'])) {
-				$itemem_text = sprintf( t('repeated %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
-			}
-
-			if($item['verb'] === ACTIVITY_LIKE) {
-				$itemem_text = sprintf( t('liked %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
-			}
-
-			if($item['verb'] === ACTIVITY_DISLIKE) {
-				$itemem_text = sprintf( t('disliked %s\'s post'), '[bdi]' . $item['author']['xchan_name'] . '[/bdi]');
-			}
-
 			if(in_array($item['obj_type'], ['Document', 'Video', 'Audio', 'Image'])) {
 				$itemem_text = t('shared a file with you');
 			}
@@ -860,7 +864,6 @@ class Enotify {
 
 		// convert this logic into a json array just like the system notifications
 
-		$who = (($item['verb'] === ACTIVITY_SHARE && empty($item['owner']['xchan_pubforum'])) ? 'owner' : 'author');
 		$body = html2plain(bbcode($item['body'], ['drop_media' => true, 'tryoembed' => false]), 75, true);
 		if ($body) {
 			$body = htmlentities($body, ENT_QUOTES, 'UTF-8', false);
@@ -868,19 +871,20 @@ class Enotify {
 
 		$x = array(
 			'notify_link' => $item['llink'],
-			'name' => $item[$who]['xchan_name'],
-			'addr' => $item[$who]['xchan_addr'] ? $item[$who]['xchan_addr'] : $item[$who]['xchan_url'],
-			'url' => $item[$who]['xchan_url'],
-			'photo' => $item[$who]['xchan_photo_s'],
+			'name' => $item['author']['xchan_name'],
+			'addr' => $item['author']['xchan_addr'] ? $item['author']['xchan_addr'] : $item['author']['xchan_url'],
+			'url' => $item['author']['xchan_url'],
+			'photo' => $item['author']['xchan_photo_s'],
 			'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])),
 			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
-			'b64mid' => (($item['mid']) ? gen_link_id($item['mid']) : ''),
+		//	'b64mid' => (($item['mid']) ? gen_link_id($item['mid']) : ''),
+			'b64mid' => (($item['uuid']) ? $item['uuid'] : ''),
 			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? gen_link_id($item['thr_parent']) : gen_link_id($item['mid'])),
 			'thread_top' => (($item['item_thread_top']) ? true : false),
 			'message' => bbcode(escape_tags($itemem_text)),
 			'body' => $body,
 			// these are for the superblock addon
-			'hash' => $item[$who]['xchan_hash'],
+			'hash' => $item['author']['xchan_hash'],
 			'uid' => $item['uid'],
 			'display' => true
 		);
@@ -900,9 +904,6 @@ class Enotify {
 		if(strpos($message, $tt['xname']) === 0)
 			$message = substr($message, strlen($tt['xname']) + 1);
 
-		$mid = basename($tt['link']);
-
-		$b64mid = gen_link_id($mid);
 		$x = [
 			'notify_link' => (($tt['ntype'] === NOTIFY_MAIL) ? $tt['link'] : z_root() . '/notify/view/' . $tt['id']),
 			'name' => $tt['xname'],
@@ -910,7 +911,7 @@ class Enotify {
 			'photo' => $tt['photo'],
 			'when' => datetime_convert('UTC', date_default_timezone_get(), $tt['created']),
 			'hclass' => (($tt['seen']) ? 'notify-seen' : 'notify-unseen'),
-			'b64mid' => (($tt['otype'] == 'item') ? $b64mid : ''),
+			'b64mid' => (($tt['otype'] == 'item') ? $tt['hash'] : ''),
 			'notify_id' => (($tt['otype'] == 'item') ? $tt['id'] : ''),
 			'message' => $message
 		];

Zotlabs/Lib/IConfig.php

@@ -13,7 +13,7 @@ class IConfig {
 	static public function Get(&$item, $family, $key, $default = false) {
 
 		$is_item = false;
-	
+
 		if(is_array($item)) {
 			$is_item = true;
 			if((! array_key_exists('iconfig',$item)) || (! is_array($item['iconfig'])))
@@ -22,7 +22,7 @@ class IConfig {
 			if(array_key_exists('item_id',$item))
 				$iid = $item['item_id'];
 			else
-				$iid = $item['id'];
+				$iid = $item['id'] ?? 0;
 		}
 		elseif(intval($item))
 			$iid = $item;
@@ -36,7 +36,7 @@ class IConfig {
 					return $c['v'];
 			}
 		}
-		 
+
 		$r = q("select * from iconfig where iid = %d and cat = '%s' and k = '%s' limit 1",
 			intval($iid),
 			dbesc($family),
@@ -63,11 +63,11 @@ class IConfig {
 	 * $value - value of meta variable
 	 * $sharing - boolean (default false); if true the meta information is propagated with the item
 	 *   to other sites/channels, mostly useful when $item is an array and has not yet been stored/delivered.
-	 *   If the meta information is added after delivery and you wish it to be shared, it may be necessary to 
-	 *   alter the item edited timestamp and invoke the delivery process on the updated item. The edited 
+	 *   If the meta information is added after delivery and you wish it to be shared, it may be necessary to
+	 *   alter the item edited timestamp and invoke the delivery process on the updated item. The edited
 	 *   timestamp needs to be altered in order to trigger an item_store_update() at the receiving end.
 	 */
- 
+
 
 	static public function Set(&$item, $family, $key, $value, $sharing = false) {
 
@@ -162,4 +162,4 @@ class IConfig {
 
 	}
 
-}
+}

Zotlabs/Lib/JSalmon.php

@@ -52,7 +52,7 @@ class JSalmon {
 			. base64url_encode($x['alg'],true);
 
 		$key = HTTPSig::get_key(EMPTY_STR,'zot6',base64url_decode($x['sigs']['key_id']));
-		 logger('key: ' . print_r($key,true));
+		logger('key: ' . print_r($key,true), LOGGER_DATA);
 		if($key['portable_id'] && $key['public_key']) {
 			if(Crypto::verify($signed_data,base64url_decode($x['sigs']['value']),$key['public_key'])) {
 				logger('verified');

Zotlabs/Lib/JcsEddsa2022.php

@@ -0,0 +1,92 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Mmccook\JsonCanonicalizator\JsonCanonicalizatorFactory;
+use StephenHill\Base58;
+
+class JcsEddsa2022 {
+
+	public  function  __construct() {
+		return $this;
+	}
+
+	public function sign($data, $channel): array {
+		$base58 = new Base58();
+		$pubkey = (new Multibase())->publicKey($channel['channel_epubkey']);
+		$options = [
+			'type' => 'DataIntegrityProof',
+			'cryptosuite' => 'eddsa-jcs-2022',
+			'created' => datetime_convert('UTC', 'UTC', 'now', ATOM_TIME),
+			'verificationMethod' => channel_url($channel) . '#' . $pubkey,
+			'proofPurpose' => 'assertionMethod',
+		];
+
+		$optionsHash = $this->hash($this->signableOptions($options), true);
+		$dataHash = $this->hash($this->signableData($data), true);
+
+		$options['proofValue'] = 'z' . $base58->encode(sodium_crypto_sign_detached($optionsHash . $dataHash,
+				sodium_base642bin($channel['channel_eprvkey'], SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING)));
+
+		return $options;
+	}
+
+	public function verify($data, $publicKey) {
+		$base58 = new Base58();
+		$encodedSignature = $data['proof']['proofValue'] ?? '';
+		if (!str_starts_with($encodedSignature,'z')) {
+			return false;
+		}
+
+		$encodedSignature = substr($encodedSignature, 1);
+		$optionsHash = $this->hash($this->signableOptions($data['proof']), true);
+		$dataHash = $this->hash($this->signableData($data),true);
+
+		try {
+			$result = sodium_crypto_sign_verify_detached($base58->decode($encodedSignature), $optionsHash . $dataHash,
+				(new Multibase())->decode($publicKey, true));
+		}
+		catch (\Exception $e) {
+			logger('verify exception:' .  $e->getMessage());
+		}
+
+		logger('SignatureVerify (eddsa-jcs-2022) ' . (($result) ? 'true' : 'false'));
+
+		return $result;
+	}
+
+	public function signableData($data) {
+		$signableData = [];
+		if ($data) {
+			foreach ($data as $k => $v) {
+				if (!in_array($k, ['proof', 'signature'])) {
+					$signableData[$k] = $v;
+				}
+			}
+		}
+		return $signableData;
+	}
+
+	public function signableOptions($options) {
+		$signableOptions = [];
+
+		if ($options) {
+			foreach ($options as $k => $v) {
+				if ($k !== 'proofValue') {
+					$signableOptions[$k] = $v;
+				}
+			}
+		}
+		return $signableOptions;
+	}
+
+	public function hash($obj, $binary = false) {
+		return hash('sha256', $this->canonicalize($obj), $binary);
+	}
+
+	public function canonicalize($data) {
+		$canonicalization = JsonCanonicalizatorFactory::getInstance();
+		return $canonicalization->canonicalize($data);
+	}
+
+}

Zotlabs/Lib/Libsync.php

@@ -5,6 +5,7 @@ namespace Zotlabs\Lib;
 
 use App;
 use Zotlabs\Daemon\Master;
+use Zotlabs\Lib\Config;
 
 class Libsync {
 
@@ -135,7 +136,7 @@ class Libsync {
 				$info['collection_members'] = $r;
 		}
 
-		$interval = get_config('queueworker', 'queue_interval', 500000);
+		$interval = Config::Get('queueworker', 'queue_interval', 500000);
 
 		logger('Packet: ' . print_r($info, true), LOGGER_DATA, LOG_DEBUG);
 
@@ -157,7 +158,7 @@ class Libsync {
 			/*
 			$x = q("select count(outq_hash) as total from outq where outq_delivered = 0");
 
-			if (intval($x[0]['total']) > intval(get_config('system', 'force_queue_threshold', 3000))) {
+			if (intval($x[0]['total']) > intval(Config::Get('system', 'force_queue_threshold', 3000))) {
 				logger('immediate delivery deferred.', LOGGER_DEBUG, LOG_INFO);
 				Queue::update($hash);
 				continue;
@@ -266,7 +267,7 @@ class Libsync {
 						}
 
 						if ($cat !== 'hz_delpconfig') {
-							set_pconfig($channel['channel_id'],$cat,$k,$v,$pconfig_updated[$k]);
+							set_pconfig($channel['channel_id'], $cat, $k, $v, $pconfig_updated[$k]);
 						}
 					}
 				}
@@ -325,10 +326,7 @@ class Libsync {
 
 			if (array_key_exists('channel', $arr) && is_array($arr['channel']) && count($arr['channel'])) {
 
-				$remote_channel               = $arr['channel'];
-				$remote_channel['channel_id'] = $channel['channel_id'];
-
-				if (array_key_exists('channel_pageflags', $arr['channel']) && intval($arr['channel']['channel_pageflags'])) {
+				if (array_key_exists('channel_pageflags', $arr['channel'])) {
 
 					// Several pageflags are site-specific and cannot be sync'd.
 					// Only allow those bits which are shareable from the remote and then
@@ -339,6 +337,8 @@ class Libsync {
 
 				}
 
+				$columns = db_columns('channel');
+
 				$disallowed = [
 					'channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey',
 					'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted',
@@ -349,16 +349,21 @@ class Libsync {
 					'channel_a_delegate'
 				];
 
-				$clean = [];
-				foreach ($arr['channel'] as $k => $v) {
-					if (in_array($k, $disallowed))
-						continue;
-					$clean[$k] = $v;
+				if (empty($channel['channel_epubkey']) && empty($channel['channel_eprvkey'])) {
+					$eckey = sodium_crypto_sign_keypair();
+					$channel['channel_epubkey'] = sodium_bin2base64(sodium_crypto_sign_publickey($eckey), SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING);
+					$channel['channel_eprvkey'] = sodium_bin2base64(sodium_crypto_sign_secretkey($eckey), SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING);
 				}
-				if (count($clean)) {
-					foreach ($clean as $k => $v) {
-						dbq("UPDATE channel set " . dbesc($k) . " = '" . dbesc($v) . "' where channel_id = " . intval($channel['channel_id']));
+
+				foreach ($arr['channel'] as $k => $v) {
+					if (in_array($k, $disallowed)) {
+						continue;
 					}
+					if (!in_array($k, $columns)) {
+						continue;
+					}
+					$r = dbq("UPDATE channel set " . dbesc($k) . " = '" . dbesc($v)
+						. "' where channel_id = " . intval($channel['channel_id']));
 				}
 			}
 

Zotlabs/Lib/Libzot.php

@@ -2,10 +2,12 @@
 
 namespace Zotlabs\Lib;
 
-use Zotlabs\Web\HTTPSig;
-use Zotlabs\Access\Permissions;
+use App;
 use Zotlabs\Access\PermissionLimits;
+use Zotlabs\Access\Permissions;
 use Zotlabs\Daemon\Master;
+use Zotlabs\Lib\Config;
+use Zotlabs\Web\HTTPSig;
 
 require_once('include/crypto.php');
 
@@ -100,12 +102,12 @@ class Libzot {
 	 */
 	static function build_packet($channel, $type = 'activity', $recipients = null, $msg = [], $encoding = 'activitystreams', $remote_key = null, $methods = '') {
 
-		$sig_method = get_config('system', 'signature_algorithm', 'sha256');
+		$sig_method = Config::Get('system', 'signature_algorithm', 'sha256');
 		$data = [
 			'type'     => $type,
 			'encoding' => $encoding,
 			'sender'   => $channel['channel_hash'],
-			'site_id'  => self::make_xchan_hash(z_root(), get_config('system', 'pubkey')),
+			'site_id'  => self::make_xchan_hash(z_root(), Config::Get('system', 'pubkey')),
 			'version'  => System::get_zot_revision(),
 		];
 
@@ -660,7 +662,7 @@ class Libzot {
 		 */
 		call_hooks('import_xchan', $arr);
 
-		$dirmode = intval(get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL));
+		$dirmode = intval(Config::Get('system', 'directory_mode', DIRECTORY_MODE_NORMAL));
 
 		$changed = false;
 		$what    = '';
@@ -709,7 +711,7 @@ class Libzot {
 			// if we import an entry from a site that's not ours and either or both of us is off the grid - hide the entry.
 			/** @TODO: check if we're the same directory realm, which would mean we are allowed to see it */
 
-			$dirmode = get_config('system', 'directory_mode');
+			$dirmode = Config::Get('system', 'directory_mode');
 
 			if (((isset($arr['site']['directory_mode']) && $arr['site']['directory_mode'] === 'standalone') || ($dirmode & DIRECTORY_MODE_STANDALONE)) && ($arr['site']['url'] != z_root()))
 				$arr['searchable'] = false;
@@ -759,12 +761,13 @@ class Libzot {
 				|| ($r[0]['xchan_connurl'] != $arr['primary_location']['connections_url'])
 				|| ($r[0]['xchan_addr'] != $arr['primary_location']['address'])
 				|| ($r[0]['xchan_follow'] != $arr['primary_location']['follow_url'])
+				|| (isset($arr['ed25519_key']) && $r[0]['xchan_epubkey'] != $arr['ed25519_key'])
 				|| ($r[0]['xchan_connpage'] != $arr['connect_url'])
 				|| ($r[0]['xchan_url'] != $arr['primary_location']['url'])
 				|| $hidden_changed || $adult_changed || $deleted_changed || $pubforum_changed) {
 				$rup = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_connurl = '%s', xchan_follow = '%s',
 					xchan_connpage = '%s', xchan_hidden = %d, xchan_selfcensored = %d, xchan_deleted = %d, xchan_pubforum = %d,
-					xchan_addr = '%s', xchan_url = '%s' where xchan_hash = '%s'",
+					xchan_addr = '%s', xchan_url = '%s', xchan_epubkey = '%s' where xchan_hash = '%s'",
 					dbesc(($arr['name']) ? escape_tags($arr['name']) : '-'),
 					dbesc($arr['name_updated']),
 					dbesc($arr['primary_location']['connections_url']),
@@ -776,6 +779,7 @@ class Libzot {
 					intval($arr['public_forum']),
 					dbesc(escape_tags($arr['primary_location']['address'])),
 					dbesc(escape_tags($arr['primary_location']['url'])),
+					dbesc($arr['ed25519_key'] ?? ''),
 					dbesc($xchan_hash)
 				);
 
@@ -799,6 +803,7 @@ class Libzot {
 					'xchan_guid'           => $arr['id'],
 					'xchan_guid_sig'       => $arr['id_sig'],
 					'xchan_pubkey'         => $arr['public_key'],
+					'xchan_epubkey'        => $arr['xchan_epubkey'] ?? '',
 					'xchan_photo_mimetype' => $arr['photo']['type'],
 					'xchan_photo_l'        => $arr['photo']['url'],
 					'xchan_addr'           => escape_tags($arr['primary_location']['address']),
@@ -1004,7 +1009,7 @@ class Libzot {
 			logger('Headers: ' . print_r($arr['header'], true), LOGGER_DATA, LOG_DEBUG);
 		}
 
-		$x = Crypto::unencapsulate($x, get_config('system', 'prvkey'));
+		$x = Crypto::unencapsulate($x, Config::Get('system', 'prvkey'));
 
 		if ($x && !is_array($x)) {
 			$x = json_decode($x, true);
@@ -1114,6 +1119,7 @@ class Libzot {
 	 */
 	static function import($arr) {
 
+
 		$env     = $arr;
 		$private = false;
 		$return  = [];
@@ -1138,7 +1144,6 @@ class Libzot {
 		if ($env['encoding'] === 'activitystreams') {
 
 			$AS = new ActivityStreams($data);
-
 			if (!$AS->is_valid()) {
 				logger('Activity rejected: ' . print_r($data, true));
 				return;
@@ -1153,7 +1158,6 @@ class Libzot {
 			else {
 				$item = [];
 			}
-
 			logger($AS->debug(), LOGGER_DATA);
 
 		}
@@ -1200,7 +1204,6 @@ class Libzot {
 			// @fixme;
 
 			$deliveries = self::public_recips($env, $AS);
-
 		}
 
 		$deliveries = array_unique($deliveries);
@@ -1219,29 +1222,26 @@ class Libzot {
 					return;
 				}
 
-				$r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_deleted = 0 order by hubloc_id desc",
-					dbesc($AS->actor['id'])
-				);
+				$author_url = $AS->actor['id'];
 
-				if (! $r) {
+				$r = Activity::get_actor_hublocs($author_url);
+
+				if (!$r) {
 					// Author is unknown to this site. Perform channel discovery and try again.
-					$z = discover_by_webbie($AS->actor['id']);
+					$z = discover_by_webbie($author_url);
 					if ($z) {
-						$r = q("select hubloc_hash, hubloc_network, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_deleted = 0 order by hubloc_id desc",
-							dbesc($AS->actor['id'])
-						);
+						$r = Activity::get_actor_hublocs($author_url);
+					}
+
+					if (!$r) {
+						logger('Could not fetch author');
+						return;
 					}
 				}
 
-				if ($r) {
-					$r = self::zot_record_preferred($r);
-					$item['author_xchan'] = $r['hubloc_hash'];
-				}
+				$r = self::zot_record_preferred($r);
 
-				if (! $item['author_xchan']) {
-					logger('No author!');
-					return;
-				}
+				$item['author_xchan'] = $r['hubloc_hash'];
 
 				$item['owner_xchan'] = $env['sender'];
 
@@ -1284,7 +1284,7 @@ class Libzot {
 					}
 				}
 
-				if (isset($AS->meta['hubloc']) && $AS->meta['hubloc']) {
+				if (!empty($AS->meta['hubloc']) || $AS->sigok) {
 					$item['item_verified'] = true;
 				}
 
@@ -1302,6 +1302,8 @@ class Libzot {
 				$relay = (($env['type'] === 'response') ? true : false);
 
 				$result = self::process_delivery($env['sender'], $AS, $item, $deliveries, $relay, false, $message_request);
+
+				Activity::init_background_fetch($env['sender']);
 			}
 			elseif ($env['type'] === 'sync') {
 				// $item = get_channelsync_elements($data);
@@ -1322,6 +1324,7 @@ class Libzot {
 		if ($result) {
 			$return = array_merge($return, $result);
 		}
+
 		return $return;
 	}
 
@@ -1364,11 +1367,13 @@ class Libzot {
 
 	static function find_parent_owner_hashes($env, $act) {
 		$r = [];
-		$thread_parent = self::find_parent($env, $act);
-		if ($thread_parent) {
-			$uids = q("SELECT uid FROM item WHERE thr_parent = '%s' OR parent_mid = '%s'",
-				dbesc($thread_parent),
-				dbesc($thread_parent)
+		$parent = self::find_parent($env, $act);
+
+		if ($parent) {
+			$uids = q("SELECT uid FROM item WHERE thr_parent = '%s' OR parent_mid = '%s' OR mid = '%s'",
+				dbesc($parent),
+				dbesc($parent),
+				dbesc($parent)
 			);
 
 			if ($uids) {
@@ -1412,7 +1417,7 @@ class Libzot {
 		$include_sys    = false;
 
 		if ($msg['type'] === 'activity') {
-			$disable_discover_tab = get_config('system', 'disable_discover_tab') || get_config('system', 'disable_discover_tab') === false;
+			$disable_discover_tab = Config::Get('system', 'disable_discover_tab') || Config::Get('system', 'disable_discover_tab') === false;
 			if (!$disable_discover_tab)
 				$include_sys = true;
 
@@ -1452,7 +1457,7 @@ class Libzot {
 			if ($act && $act->obj) {
 				if (isset($act->obj['tag']) && is_array($act->obj['tag']) && $act->obj['tag']) {
 					foreach ($act->obj['tag'] as $tag) {
-						if ($tag['type'] === 'Mention' && (strpos($tag['href'], z_root()) !== false)) {
+						if (isset($tag['type'], $tag['href']) && $tag['type'] === 'Mention' && (strpos($tag['href'], z_root()) !== false)) {
 							$address = basename($tag['href']);
 							if ($address) {
 								$z = q("select channel_hash as hash from channel where channel_address = '%s' and channel_hash != '%s'
@@ -1513,11 +1518,9 @@ class Libzot {
 	 */
 
 	static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false, $force = false) {
-
 		$result = [];
 
 		// We've validated the sender. Now make sure that the sender is the owner or author
-
 		if (!$public) {
 			if ($sender != $arr['owner_xchan'] && $sender != $arr['author_xchan']) {
 				logger("Sender $sender is not owner {$arr['owner_xchan']} or author {$arr['author_xchan']} - mid {$arr['mid']}");
@@ -1530,7 +1533,7 @@ class Libzot {
 			$local_public = $public;
 			$item_result = null;
 
-			$DR = new DReport(z_root(), $sender, $d, $arr['mid']);
+			$DR = new DReport(z_root(), $sender, $d, $arr['mid'], $arr['uuid']);
 
 			$channel = channelx_by_hash($d);
 
@@ -1581,6 +1584,39 @@ class Libzot {
 				continue;
 			}
 
+			$arr['item_wall'] = 0;
+
+			// This is our own post, possibly coming from a channel clone
+			if ($arr['owner_xchan'] === $d) {
+				$arr['item_wall'] = 1;
+			}
+
+			if (isset($arr['item_deleted']) && $arr['item_deleted']) {
+
+				// remove_community_tag is a no-op if this isn't a community tag activity
+				// self::remove_community_tag($sender, $arr, $channel['channel_id']);
+
+				// set these just in case we need to store a fresh copy of the deleted post.
+				// This could happen if the delete got here before the original post did.
+
+				$arr['aid'] = $channel['channel_account_id'];
+				$arr['uid'] = $channel['channel_id'];
+
+				$item_id = self::delete_imported_item($sender, $act, $arr, $channel['channel_id'], $relay);
+				$DR->update(($item_id) ? 'deleted' : 'delete_failed');
+				$result[] = $DR->get();
+
+				if ($relay && $item_id) {
+					logger('process_delivery: invoking relay');
+					Master::Summon(['Notifier', 'relay', intval($item_id), 'delete']);
+					$DR->update('relayed');
+					$result[] = $DR->get();
+				}
+
+				continue;
+			}
+
+
 			// allow public postings to the sys channel regardless of permissions, but not
 			// for comments travelling upstream. Wait and catch them on the way down.
 			// They may have been blocked by the owner.
@@ -1597,8 +1633,8 @@ class Libzot {
 					continue;
 				}
 
-				$incl = get_config('system','pubstream_incl');
-				$excl = get_config('system','pubstream_excl');
+				$incl = Config::Get('system','pubstream_incl');
+				$excl = Config::Get('system','pubstream_excl');
 
 				if(($incl || $excl) && !MessageFilter::evaluate($arr, $incl, $excl)) {
 					$local_public = false;
@@ -1607,110 +1643,23 @@ class Libzot {
 			}
 
 			$tag_delivery = tgroup_check($channel['channel_id'], $arr);
-			$perm         = 'send_stream';
-			if (($arr['mid'] !== $arr['parent_mid']) && ($relay))
-				$perm = 'post_comments';
 
-			// This is our own post, possibly coming from a channel clone
-
-			if ($arr['owner_xchan'] == $d) {
-				$arr['item_wall'] = 1;
-			}
-			else {
-				$arr['item_wall'] = 0;
-			}
-
-			$friendofriend = false;
-
-			if ((!$tag_delivery) && (!$local_public)) {
-				$allowed = (perm_is_allowed($channel['channel_id'], $sender, $perm));
-
-				$permit_mentions = intval(PConfig::Get($channel['channel_id'], 'system', 'permit_all_mentions') && i_am_mentioned($channel, $arr));
-
-				if (!$allowed) {
-					if ($perm === 'post_comments') {
-						$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
-							dbesc($arr['parent_mid']),
-							intval($channel['channel_id'])
-						);
-						if ($parent) {
-							$allowed = can_comment_on_post($sender, $parent[0]);
-							if (!$allowed && $permit_mentions) {
-								$allowed = true;
-							}
-						}
-
-					} elseif ($permit_mentions) {
-						$allowed = true;
-					}
-				}
-
-				if ($request) {
-
-					// Conversation fetches (e.g. $request == true) take place for
-					//   a) new comments on expired posts
-					//   b) hyperdrive (friend-of-friend) conversations
-					//   c) Repeats of posts by others
-
-
-					// over-ride normal connection permissions for hyperdrive (friend-of-friend) conversations
-					// (if hyperdrive is enabled) and repeated posts by a friend.
-					// If $allowed is already true, this is probably the conversation of a direct friend or a
-					// conversation fetch for a new comment on an expired post
-					// Comments of all these activities are allowed and will only be rejected (later) if the parent
-					// doesn't exist.
-
-					if ($perm === 'send_stream') {
-						if ($force || get_pconfig($channel['channel_id'], 'system', 'hyperdrive', false)) {
-							$allowed = true;
-						}
-					}
-					else {
-						$allowed = true;
-					}
-
-					$friendofriend = true;
-				}
-
-				if (intval($arr['item_private']) === 2) {
-					if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
-						$allowed = false;
-					}
-				}
-
-				if (!$allowed) {
-					logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
-					$DR->update('permission denied');
-					$result[] = $DR->get();
-					continue;
-				}
-			}
-
-			//	logger('item: ' . print_r($arr,true), LOGGER_DATA);
+			$perm = 'send_stream';
 
 			if ($arr['mid'] !== $arr['parent_mid']) {
 
-				logger('checking source: "' . $arr['mid'] . '" != "' . $arr['parent_mid'] . '"');
+				if ($relay)
+					$perm = 'post_comments';
 
-				// check source route.
-				// We are only going to accept comments from this sender if the comment has the same route as the top-level-post,
-				// this is so that permissions mismatches between senders apply to the entire conversation
-				// As a side effect we will also do a preliminary check that we have the top-level-post, otherwise
-				// processing it is pointless.
-
-				$r = q("select route, id, parent_mid, mid, owner_xchan, item_private, obj_type from item where mid = '%s' and uid = %d limit 1",
+				$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
 					dbesc($arr['parent_mid']),
 					intval($channel['channel_id'])
 				);
 
-				if (!$r) {
+				if (!$parent) {
 					$DR->update('comment parent not found');
 					$result[] = $DR->get();
 
-					if ($relay || $request || $local_public) {
-						continue;
-					}
-
 					// We don't seem to have a copy of this conversation or at least the parent
 					// - so request a copy of the entire conversation to date.
 					// Don't do this if it's a relay post as we're the ones who are supposed to
@@ -1722,24 +1671,40 @@ class Libzot {
 					// the top level post is unlikely to be imported and
 					// this is just an exercise in futility.
 
-					if (perm_is_allowed($channel['channel_id'], $sender, 'send_stream')) {
-						Master::Summon(['Zotconvo', $channel['channel_id'], $arr['parent_mid']]);
+					if ($relay || $request || (!$local_public && !perm_is_allowed($channel['channel_id'], $sender, 'send_stream'))) {
+						continue;
+					}
+
+					if ($arr['verb'] === 'Announce') {
+						App::$cache['as_fetch_objects'][$arr['mid']]['channels'][] = $channel['channel_id'];
+						App::$cache['as_fetch_objects'][$arr['mid']]['force'] = true;
+					}
+					else {
+						App::$cache['zot_fetch_objects'][$arr['mid']]['channels'][] = $channel['channel_id'];
+						App::$cache['zot_fetch_objects'][$arr['mid']]['force'] = false;
 					}
 
 					continue;
 				}
 
-				if ($r[0]['obj_type'] === 'Question') {
+				logger('checking source: "' . $arr['mid'] . '" != "' . $arr['parent_mid'] . '"');
+
+				// check source route.
+				// We are only going to accept comments from this sender if the comment has the same route as the top-level-post,
+				// this is so that permissions mismatches between senders apply to the entire conversation
+				// As a side effect we will also do a preliminary check that we have the top-level-post, otherwise
+				// processing it is pointless.
+
+				if ($parent[0]['obj_type'] === 'Question') {
 					// route checking doesn't work correctly here because we've changed the privacy
-					$r[0]['route'] = EMPTY_STR;
+					$parent[0]['route'] = EMPTY_STR;
 					// If this is a poll response, convert the obj_type to our (internal-only) "Answer" type
-					if ($arr['obj_type'] === ACTIVITY_OBJ_COMMENT && $arr['title'] && (!$arr['body'])) {
+					if (in_array($arr['obj_type'], ['Note', ACTIVITY_OBJ_COMMENT]) && $arr['title'] && (!$arr['body'])) {
 						$arr['obj_type'] = 'Answer';
 					}
 				}
 
-
-				if ($relay || $friendofriend || (intval($r[0]['item_private']) === 0 && intval($arr['item_private']) === 0)) {
+				if ($relay || (intval($parent[0]['item_private']) === 0 && intval($arr['item_private']) === 0)) {
 					// reset the route in case it travelled a great distance upstream
 					// use our parent's route so when we go back downstream we'll match
 					// with whatever route our parent has.
@@ -1747,8 +1712,8 @@ class Libzot {
 					// but we are now getting comments via listener delivery
 					// and if there is no privacy on this or the parent, we don't care about the route,
 					// so just set the owner and route accordingly.
-					$arr['route']       = $r[0]['route'];
-					$arr['owner_xchan'] = $r[0]['owner_xchan'];
+					$arr['route']       = $parent[0]['route'];
+					$arr['owner_xchan'] = $parent[0]['owner_xchan'];
 				}
 				else {
 
@@ -1758,7 +1723,7 @@ class Libzot {
 					// only compare the last hop since it could have arrived at the last location any number of ways.
 					// Always accept empty routes and firehose items (route contains 'undefined') .
 
-					$existing_route = explode(',', $r[0]['route']);
+					$existing_route = explode(',', $parent[0]['route']);
 					$routes         = count($existing_route);
 					if ($routes) {
 						$last_hop         = array_pop($existing_route);
@@ -1775,8 +1740,8 @@ class Libzot {
 					$current_route = ((isset($arr['route']) && $arr['route']) ? $arr['route'] . ',' : '') . $sender;
 
 					if ($last_hop && $last_hop != $sender) {
-						logger('comment route mismatch: parent route = ' . $r[0]['route'] . ' expected = ' . $current_route, LOGGER_DEBUG);
-						logger('comment route mismatch: parent msg = ' . $r[0]['id'], LOGGER_DEBUG);
+						logger('comment route mismatch: parent route = ' . $parent[0]['route'] . ' expected = ' . $current_route, LOGGER_DEBUG);
+						logger('comment route mismatch: parent msg = ' . $parent[0]['id'], LOGGER_DEBUG);
 						$DR->update('comment route mismatch');
 						$result[] = $DR->get();
 						continue;
@@ -1789,6 +1754,70 @@ class Libzot {
 				}
 			}
 
+			if (!$tag_delivery && !$local_public) {
+				$allowed = perm_is_allowed($channel['channel_id'], $sender, $perm);
+
+				$permit_mentions = intval(PConfig::Get($channel['channel_id'], 'system', 'permit_all_mentions') && i_am_mentioned($channel, $arr));
+
+				if (!$allowed) {
+					if ($parent && $perm === 'send_stream') {
+						// if we own the parent we will accept its comments
+						$allowed = true;
+					}
+
+					elseif ($parent && $perm === 'post_comments') {
+						$allowed = can_comment_on_post($sender, $parent[0]);
+
+						if (!$allowed && $permit_mentions) {
+							$allowed = true;
+						}
+
+						if (!$allowed) {
+							if (PConfig::Get($channel['channel_id'], 'system', 'moderate_unsolicited_comments') && $arr['obj_type'] !== 'Answer') {
+								$arr['item_blocked'] = ITEM_MODERATED;
+								$allowed = true;
+							}
+						}
+
+					}
+					elseif ($permit_mentions) {
+						$allowed = true;
+					}
+				}
+
+				if ($request) {
+					// Conversation fetches (e.g. $request == true) take place for
+					// a) new comments on expired posts
+					// b) manual import of posts via search (in this case force will be true)
+					// c) import of conversations from friends of friends (they can currently arriuve from streams if a channel is configured to do so)
+
+					// Comments of all these activities are allowed and will only be rejected (later) if the parent
+					// doesn't exist.
+
+					if ($perm === 'send_stream') {
+						if ($force) {
+							$allowed = true;
+						}
+					}
+					else {
+						$allowed = true;
+					}
+				}
+
+				if (intval($arr['item_private']) === 2) {
+					if (!perm_is_allowed($channel['channel_id'], $sender, 'post_mail')) {
+						$allowed = false;
+					}
+				}
+
+				if (!$allowed) {
+					logger("permission denied for delivery to channel {$channel['channel_id']} {$channel['channel_address']}");
+					$DR->update('permission denied');
+					$result[] = $DR->get();
+					continue;
+				}
+			}
+
 			// This is used to fetch allow/deny rules if either the sender
 			// or  owner is  a connection. post_is_importable() evaluates all of them
 			$abook = q("select * from abook where abook_channel = %d and ( abook_xchan = '%s' OR abook_xchan = '%s' )",
@@ -1797,34 +1826,8 @@ class Libzot {
 				dbesc($arr['author_xchan'])
 			);
 
-			if (isset($arr['item_deleted']) && $arr['item_deleted']) {
-
-				// remove_community_tag is a no-op if this isn't a community tag activity
-				self::remove_community_tag($sender, $arr, $channel['channel_id']);
-
-				// set these just in case we need to store a fresh copy of the deleted post.
-				// This could happen if the delete got here before the original post did.
-
-				$arr['aid'] = $channel['channel_account_id'];
-				$arr['uid'] = $channel['channel_id'];
-
-				$item_id = self::delete_imported_item($sender, $act, $arr, $channel['channel_id'], $relay);
-				$DR->update(($item_id) ? 'deleted' : 'delete_failed');
-				$result[] = $DR->get();
-
-				if ($relay && $item_id) {
-					logger('process_delivery: invoking relay');
-					Master::Summon(['Notifier', 'relay', intval($item_id)]);
-					$DR->update('relayed');
-					$result[] = $DR->get();
-				}
-
-				continue;
-			}
-
 			// reactions such as like and dislike could	have an	mid with /activity/ in it.
 			// Check for both forms in order to prevent duplicates.
-
 			$r = q("select * from item where mid in ('%s','%s') and uid = %d limit 1",
 				dbesc($arr['mid']),
 				dbesc(str_replace(z_root() . '/activity/', z_root() . '/item/', $arr['mid'])),
@@ -1832,14 +1835,12 @@ class Libzot {
 			);
 
 			if ($r) {
-				// We already have this post.
 				$item_id = $r[0]['id'];
 
 				if (intval($r[0]['item_deleted'])) {
 					// It was deleted locally.
 					$DR->update('update ignored');
 					$result[] = $DR->get();
-
 					continue;
 				}
 				// Maybe it has been edited?
@@ -1847,17 +1848,17 @@ class Libzot {
 					$arr['id']  = $r[0]['id'];
 					$arr['uid'] = $channel['channel_id'];
 
-                    if (post_is_importable($channel['channel_id'], $arr, $abook)) {
-                        $item_result = self::update_imported_item($sender, $arr, $r[0], $channel['channel_id'], $tag_delivery);
-                        $DR->update('updated');
-                        $result[] = $DR->get();
-                        if (!$relay) {
-                            add_source_route($item_id, $sender);
-                        }
-                    } else {
-                        $DR->update('update ignored');
-                        $result[] = $DR->get();
-                    }
+					if (post_is_importable($channel['channel_id'], $arr, $abook)) {
+						$item_result = self::update_imported_item($sender, $arr, $r[0], $channel['channel_id'], $tag_delivery);
+						$DR->update('updated');
+						$result[] = $DR->get();
+						if (!$relay) {
+							add_source_route($item_id, $sender);
+						}
+					} else {
+						$DR->update('update ignored');
+						$result[] = $DR->get();
+					}
 				}
 				else {
 					$DR->update('update ignored');
@@ -1875,8 +1876,9 @@ class Libzot {
 
 				// if it's a sourced post, call the post_local hooks as if it were
 				// posted locally so that crosspost connectors will be triggered.
+				$item_source = check_item_source($arr['uid'], $arr);
 
-				if (check_item_source($arr['uid'], $arr) || ($channel['xchan_pubforum'] == 1)) {
+				if ($item_source || ($channel['xchan_pubforum'] == 1)) {
 					/**
 					 * @hooks post_local
 					 *   Called when an item has been posted on this machine via mod/item.php (also via API).
@@ -1889,12 +1891,12 @@ class Libzot {
 
 				$maxlen = get_max_import_size();
 
-				if ($maxlen && mb_strlen($arr['body']) > $maxlen) {
+				if ($maxlen && isset($arr['body']) && mb_strlen($arr['body']) > $maxlen) {
 					$arr['body'] = mb_substr($arr['body'], 0, $maxlen, 'UTF-8');
 					logger('message length exceeds max_import_size: truncated');
 				}
 
-				if ($maxlen && mb_strlen($arr['summary']) > $maxlen) {
+				if ($maxlen && isset($arr['summary']) && mb_strlen($arr['summary']) > $maxlen) {
 					$arr['summary'] = mb_substr($arr['summary'], 0, $maxlen, 'UTF-8');
 					logger('message summary length exceeds max_import_size: truncated');
 				}
@@ -1903,6 +1905,11 @@ class Libzot {
 					$item_result = item_store($arr);
 					if ($item_result['success']) {
 						$item_id = $item_result['item_id'];
+
+						if ($item_source && in_array($item_result['item']['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) {
+							event_addtocal($item_id, $channel['channel_id']);
+						}
+
 						$parr = [
 							'item_id' => $item_id,
 							'item' => $arr,
@@ -1925,7 +1932,8 @@ class Libzot {
 							add_source_route($item_id, $sender);
 						}
 					}
-					$DR->update(($item_id) ? 'posted' : 'storage failed: ' . $item_result['message']);
+
+					$DR->update(($item_id) ? (($item_result['item']['item_blocked'] === ITEM_MODERATED) ? 'accepted for moderation' : 'posted') : 'storage failed: ' . $item_result['message']);
 					$result[] = $DR->get();
 				} else {
 					$DR->update('post ignored');
@@ -1937,12 +1945,13 @@ class Libzot {
 			// preserve conversations with which you are involved from expiration
 
 			$stored = ((isset($item_result['item'])) ? $item_result['item'] : false);
+
 			if ((is_array($stored)) && ($stored['id'] != $stored['parent'])
 				&& ($stored['author_xchan'] === $channel['channel_hash'])) {
 				retain_item($stored['item']['parent']);
 			}
 
-			if ($relay && $item_id) {
+			if ($relay && $item_id && $stored['item_blocked'] !== ITEM_MODERATED) {
 				logger('Invoking relay');
 				Master::Summon(['Notifier', 'relay', intval($item_id)]);
 				$DR->addto_update('relayed');
@@ -1985,11 +1994,14 @@ class Libzot {
 
 		$ret = [];
 
-
 		$signer = q("select hubloc_hash, hubloc_url from hubloc where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc limit 1",
 			dbesc($a['signature']['signer'])
 		);
 
+		$signer_hash = $signer[0]['hubloc_hash'] ?? $a['signature']['signer'];
+		$conv_owner = $signer_hash;
+
+		$i = 0;
 
 		foreach ($items as $activity) {
 
@@ -2003,14 +2015,14 @@ class Libzot {
 			}
 
 			if (!$AS->is_valid()) {
-				logger('FOF Activity rejected: ' . print_r($activity, true));
+				logger('Fetched activity rejected: ' . print_r($activity, true));
 				continue;
 			}
 
 			// logger($AS->debug());
 
 			if(empty($AS->actor['id'])) {
-				logger('No actor id!');
+				logger('Fetched activity no actor id: ' . print_r($AS, true));
 				continue;
 			}
 
@@ -2023,7 +2035,7 @@ class Libzot {
 					$r = self::zot_record_preferred($r);
 				}
 				if (!$r) {
-					logger('FOF Activity: no actor');
+					logger('Fetched activity: no actor');
 					continue;
 				}
 			}
@@ -2038,7 +2050,7 @@ class Libzot {
 						$ro = self::zot_record_preferred($ro);
 					}
 					if (!$ro) {
-						logger('FOF Activity: no obj actor');
+						logger('Fetched activity: no obj actor');
 						continue;
 					}
 				}
@@ -2053,14 +2065,18 @@ class Libzot {
 
 			$arr['author_xchan'] = $r['hubloc_hash'];
 
-			if ($signer) {
-				$arr['owner_xchan'] = $signer[0]['hubloc_hash'];
-			}
-			else {
-				$arr['owner_xchan'] = $a['signature']['signer'];
+			if ($i === 0) {
+				// Set the author of the toplevel post as conv_owner
+				$conv_owner = $r['hubloc_hash'];
 			}
 
-			if (isset($AS->meta['hubloc']) || $arr['author_xchan'] === $arr['owner_xchan']) {
+			$arr['owner_xchan'] = $conv_owner;
+			$arr['source_xchan'] = $signer_hash;
+
+			// WARNING: the presence of both source_xchan and non-zero item_uplink here will cause a delivery loop
+			$arr['item_uplink'] = 0;
+
+			if (!empty($AS->meta['hubloc']) || $arr['author_xchan'] === $arr['owner_xchan'] || $AS->sigok) {
 				$arr['item_verified'] = true;
 			}
 
@@ -2072,13 +2088,15 @@ class Libzot {
 				}
 			}
 
-			logger('FOF Activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
-			logger('FOF Activity recipient: ' . $channel['channel_hash'], LOGGER_DATA, LOG_DEBUG);
+			logger('Fetched activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
+			logger('Fetched activity recipient: ' . $channel['channel_hash'], LOGGER_DATA, LOG_DEBUG);
 
 			$result = self::process_delivery($arr['owner_xchan'], $AS, $arr, [$channel['channel_hash']], false, false, true, $force);
 			if ($result) {
 				$ret = array_merge($ret, $result);
 			}
+
+			$i++;
 		}
 
 		return $ret;
@@ -2300,12 +2318,20 @@ class Libzot {
 				// this information from the metadata should have no other discernible impact.
 
 				if (($stored['id'] != $stored['parent']) && intval($stored['item_origin'])) {
-					q("update item set item_origin = 0 where id = %d and uid = %d",
-						intval($stored['id']),
-						intval($stored['uid'])
+					q("update item set item_origin = 0 where id = %d",
+						intval($stored['id'])
 					);
 				}
-			}
+			} else {
+                if ($stored['id'] !== $stored['parent']) {
+                    q(
+                        "update item set commented = '%s', changed = '%s' where id = %d",
+                        dbesc(datetime_convert()),
+                        dbesc(datetime_convert()),
+                        intval($stored['parent'])
+                    );
+                }
+            }
 
 
 			// Use phased deletion to set the deleted flag, call both tag_deliver and the notifier to notify downstream channels
@@ -2543,9 +2569,14 @@ class Libzot {
 		if (!$observer)
 			return '';
 
-		$parsed = parse_url($observer['xchan_url']);
+		$url = $observer['xchan_url'];
+		if (preg_match('|^https?://|', $url) === 0) {
+			$url = "https://{$url}";
+		}
 
-		return $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '') . '/rpost?f=';
+		$parsed = parse_url($url);
+
+		return $parsed['scheme'] . '://' . $parsed['host'] . (isset($parsed['port']) ? ':' . $parsed['port'] : '') . '/rpost?f=';
 	}
 
 	/**
@@ -2794,6 +2825,7 @@ class Libzot {
 		];
 
 		$ret['public_key']   = $e['channel_pubkey'];
+		$ret['ed25519_key']  = $e['xchan_epubkey'];
 		$ret['signing_algorithm'] = 'rsa-sha256';
 		$ret['username']     = $e['channel_address'];
 		$ret['name']         = $e['channel_name'];
@@ -2898,8 +2930,8 @@ class Libzot {
 	 */
 	static function site_info() {
 
-		$signing_key = get_config('system', 'prvkey');
-		$sig_method  = get_config('system', 'signature_algorithm', 'sha256');
+		$signing_key = Config::Get('system', 'prvkey');
+		$sig_method  = Config::Get('system', 'signature_algorithm', 'sha256');
 
 		$ret                           = [];
 		$ret['site']                   = [];
@@ -2908,10 +2940,10 @@ class Libzot {
 		$ret['site']['post']           = z_root() . '/zot';
 		$ret['site']['openWebAuth']    = z_root() . '/owa';
 		$ret['site']['authRedirect']   = z_root() . '/magic';
-		$ret['site']['sitekey']        = get_config('system', 'pubkey');
+		$ret['site']['sitekey']        = Config::Get('system', 'pubkey');
 		$ret['site']['directory_mode'] = 'normal';
 
-		$dirmode = get_config('system', 'directory_mode');
+		$dirmode = Config::Get('system', 'directory_mode');
 
 		if ($dirmode == DIRECTORY_MODE_PRIMARY)
 			$ret['site']['directory_mode'] = 'primary';
@@ -2930,7 +2962,7 @@ class Libzot {
 
 		if ($dirmode != DIRECTORY_MODE_STANDALONE) {
 
-			$register_policy = intval(get_config('system', 'register_policy'));
+			$register_policy = intval(Config::Get('system', 'register_policy'));
 
 			if ($register_policy == REGISTER_CLOSED)
 				$ret['site']['register_policy'] = 'closed';
@@ -2940,7 +2972,7 @@ class Libzot {
 				$ret['site']['register_policy'] = 'open';
 
 
-			$access_policy = intval(get_config('system', 'access_policy'));
+			$access_policy = intval(Config::Get('system', 'access_policy'));
 
 			if ($access_policy == ACCESS_PRIVATE)
 				$ret['site']['access_policy'] = 'private';
@@ -2956,10 +2988,10 @@ class Libzot {
 			require_once('include/channel.php');
 			$ret['site']['channels'] = channel_total();
 
-			$ret['site']['admin'] = get_config('system', 'admin_email');
+			$ret['site']['admin'] = Config::Get('system', 'admin_email');
 
 			$visible_plugins = [];
-			if (is_array(\App::$plugins) && count(\App::$plugins)) {
+			if (is_array(App::$plugins) && count(App::$plugins)) {
 				$r = q("select * from addon where hidden = 0");
 				if ($r)
 					foreach ($r as $rr)
@@ -2967,10 +2999,10 @@ class Libzot {
 			}
 
 			$ret['site']['plugins']  = $visible_plugins;
-			$ret['site']['sitehash'] = get_config('system', 'location_hash');
-			$ret['site']['sitename'] = get_config('system', 'sitename');
-			$ret['site']['sellpage'] = get_config('system', 'sellpage');
-			$ret['site']['location'] = get_config('system', 'site_location');
+			$ret['site']['sitehash'] = Config::Get('system', 'location_hash');
+			$ret['site']['sitename'] = Config::Get('system', 'sitename');
+			$ret['site']['sellpage'] = Config::Get('system', 'sellpage');
+			$ret['site']['location'] = Config::Get('system', 'site_location');
 			$ret['site']['realm']    = get_directory_realm();
 			$ret['site']['project']  = System::get_platform_name();
 			$ret['site']['version']  = System::get_project_version();

Zotlabs/Lib/Libzotdir.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Lib;
 
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\Zotfinger;
 use Zotlabs\Lib\Webfinger;
@@ -20,7 +21,7 @@ class Libzotdir {
 
 	static function find_upstream_directory($dirmode) {
 
-		$preferred = get_config('system','directory_server');
+		$preferred = Config::Get('system','directory_server');
 
 		// Thwart attempts to use a private directory
 
@@ -47,17 +48,17 @@ class Libzotdir {
 
 			$directory_fallback_servers = get_directory_fallback_servers();
 
-			$dirmode = intval(get_config('system','directory_mode'));
+			$dirmode = intval(Config::Get('system','directory_mode'));
 			if ($dirmode == DIRECTORY_MODE_NORMAL) {
 				$toss = mt_rand(0,count($directory_fallback_servers));
 				$preferred = $directory_fallback_servers[$toss];
 				if(! $preferred) {
 					$preferred = DIRECTORY_FALLBACK_MASTER;
 				}
-				set_config('system','directory_server',$preferred);
+				Config::Set('system','directory_server',$preferred);
 			}
 			else {
-				set_config('system','directory_server',z_root());
+				Config::Set('system','directory_server',z_root());
 			}
 		}
 		if($preferred) {
@@ -77,7 +78,7 @@ class Libzotdir {
 
 	static function check_upstream_directory() {
 
-		$directory = get_config('system', 'directory_server');
+		$directory = Config::Get('system', 'directory_server');
 
 		// it's possible there is no directory server configured and the local hub is being used.
 		// If so, default to preserving the absence of a specific server setting.
@@ -94,7 +95,7 @@ class Libzotdir {
 		}
 
 		if (! $isadir)
-			set_config('system', 'directory_server', '');
+			Config::Set('system', 'directory_server', '');
 	}
 
 
@@ -106,7 +107,7 @@ class Libzotdir {
 			$ret = ((array_key_exists($setting,$_SESSION)) ? intval($_SESSION[$setting]) : false);
 
 		if($ret === false)
-			$ret = get_config('directory', $setting);
+			$ret = Config::Get('directory', $setting);
 
 
 		// 'safemode' is the default if there is no observer or no established preference.
@@ -114,7 +115,7 @@ class Libzotdir {
 		if($setting === 'safemode' && $ret === false)
 			$ret = 1;
 
-		if($setting === 'globaldir' && intval(get_config('system','localdir_hide')))
+		if($setting === 'globaldir' && intval(Config::Get('system','localdir_hide')))
 			$ret = 1;
 
 		return $ret;
@@ -133,7 +134,7 @@ class Libzotdir {
 		$globaldir = self::get_directory_setting($observer, 'globaldir');
 		$pubforums = self::get_directory_setting($observer, 'pubforums');
 
-		$hide_local = intval(get_config('system','localdir_hide'));
+		$hide_local = intval(Config::Get('system','localdir_hide'));
 		if($hide_local)
 			$globaldir = 1;
 
@@ -141,7 +142,7 @@ class Libzotdir {
 		// Build urls without order and pubforums so it's easy to tack on the changed value
 		// Probably there's an easier way to do this
 
-		$directory_sort_order = get_config('system','directory_sort_order');
+		$directory_sort_order = Config::Get('system','directory_sort_order');
 		if(! $directory_sort_order)
 			$directory_sort_order = 'date';
 
@@ -232,7 +233,7 @@ class Libzotdir {
 		if (! $r)
 			return;
 
-		$dir_trusted_hosts = array_merge(get_directory_fallback_servers(), get_config('system', 'trusted_directory_servers', []));
+		$dir_trusted_hosts = array_merge(get_directory_fallback_servers(), Config::Get('system', 'trusted_directory_servers', []));
 
 		foreach ($r as $rr) {
 			if (! $rr['site_directory'])
@@ -244,7 +245,7 @@ class Libzotdir {
 			// It will take about a month for a new directory to obtain the full current repertoire of channels.
 			/** @FIXME Go back and pick up earlier ratings if this is a new directory server. These do not get refreshed. */
 
-			$token = get_config('system','realm_token');
+			$token = Config::Get('system','realm_token');
 
 			$syncdate = (($rr['site_sync'] <= NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
 			$x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : ''));
@@ -362,12 +363,9 @@ class Libzotdir {
 					self::delete_by_hash($ud['ud_hash']);
 				}
 
-				// backwards compatibility: Libzot::import_xchan(), where self::update() is called,
-				// will fail with versions < 8.4 if the channel has been locally deleted.
-				// In this case we will update the updates record here without bumping the date
-				// since we could not verify if anything changed.
-				if (!$xc['success'] && !empty($zf['data']['deleted_locally'])) {
-					self::update($ud['ud_hash'], $ud['ud_addr'], false);
+				// if the channel was deleted - delete the entry in updates
+				if (!empty($zf['data']['deleted_locally'])) {
+					self::delete_by_hash($ud['ud_hash']);
 				}
 
 				// This is a workaround for a missing xchan_updated column
@@ -699,7 +697,7 @@ class Libzotdir {
 
 	static function update($hash, $addr, $bump_date = true, $flag = null) {
 
-		$dirmode = intval(get_config('system', 'directory_mode'));
+		$dirmode = intval(Config::Get('system', 'directory_mode'));
 
 		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			return;

Zotlabs/Lib/Multibase.php

@@ -0,0 +1,34 @@
+<?php
+namespace Zotlabs\Lib;
+
+use StephenHill\Base58;
+
+class Multibase {
+
+    protected $key = null;
+
+    public function __construct() {
+        return $this;
+    }
+
+    public function publicKey($key) {
+        $base58 = new Base58();
+        $raw = hex2bin('ed01') . sodium_base642bin($key, SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING);
+        return 'z' . $base58->encode($raw);
+    }
+
+    public function secretKey($key) {
+        $base58 = new Base58();
+        $raw = hex2bin('8026') . sodium_base642bin($key, SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING);
+        return 'z' . $base58->encode($raw);
+    }
+
+    public function decode($key, $binary  = false) {
+        $base58 = new Base58();
+        $key = substr($key,1);
+        $raw = $base58->decode($key);
+        $binaryKey = substr($raw, 2);
+        return $binary ? $binaryKey : sodium_bin2base64($binaryKey, SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING);
+    }
+
+}

Zotlabs/Lib/QueueWorker.php

@@ -4,6 +4,9 @@ namespace Zotlabs\Lib;
 
 use Ramsey\Uuid\Uuid;
 use Ramsey\Uuid\Exception\UnableToBuildUuidException;
+use Zotlabs\Lib\Config;
+
+require_once 'include/dba/dba_transaction.php';
 
 class QueueWorker {
 
@@ -28,18 +31,6 @@ class QueueWorker {
 		'Expire'
 	];
 
-	private static function qstart() {
-		q('START TRANSACTION');
-	}
-
-	private static function qcommit() {
-		q("COMMIT");
-	}
-
-	private static function qrollback() {
-		q("ROLLBACK");
-	}
-
 	public static function Summon($argv) {
 
 		if ($argv[0] !== 'Queueworker') {
@@ -63,7 +54,9 @@ class QueueWorker {
 				return;
 			}
 
-			self::qstart();
+			logger('queueworker_stats_summon: cmd:' . $argv[0] . ' ' . 'timestamp:' . time());
+
+			$transaction = new \DbaTransaction(\DBA::$dba);
 			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
 				intval($priority),
 				$workinfo_json,
@@ -71,18 +64,18 @@ class QueueWorker {
 				dbesc($argv[0])
 			);
 			if (!$r) {
-				self::qrollback();
+				// Transaction is autmatically rolled back on return
 				logger("INSERT FAILED", LOGGER_DEBUG);
 				return;
 			}
-			self::qcommit();
+			$transaction->commit();
 			logger('INSERTED: ' . $workinfo_json, LOGGER_DEBUG);
 		}
 
 		$workers = self::GetWorkerCount();
 		if ($workers < self::$maxworkers) {
 			logger($workers . '/' . self::$maxworkers . ' workers active', LOGGER_DEBUG);
-			$phpbin = get_config('system', 'phpbin', 'php');
+			$phpbin = Config::Get('system', 'phpbin', 'php');
 			proc_run($phpbin, 'Zotlabs/Daemon/Master.php', ['Queueworker']);
 		}
 	}
@@ -109,7 +102,7 @@ class QueueWorker {
 				return;
 			}
 
-			self::qstart();
+			$transaction = new \DbaTransaction(\DBA::$dba);
 			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
 				intval($priority),
 				$workinfo_json,
@@ -117,11 +110,11 @@ class QueueWorker {
 				dbesc($argv[0])
 			);
 			if (!$r) {
-				self::qrollback();
+				// Transaction is automatically rolled back on return
 				logger("Insert failed: " . $workinfo_json, LOGGER_DEBUG);
 				return;
 			}
-			self::qcommit();
+			$transaction->commit();
 			logger('INSERTED: ' . $workinfo_json, LOGGER_DEBUG);
 		}
 
@@ -130,18 +123,18 @@ class QueueWorker {
 
 	public static function GetWorkerCount() {
 		if (self::$maxworkers == 0) {
-			self::$maxworkers = get_config('queueworker', 'max_queueworkers', 4);
+			self::$maxworkers = Config::Get('queueworker', 'max_queueworkers', 4);
 			self::$maxworkers = self::$maxworkers > 3 ? self::$maxworkers : 4;
 		}
 		if (self::$workermaxage == 0) {
-			self::$workermaxage = get_config('queueworker', 'max_queueworker_age');
+			self::$workermaxage = Config::Get('queueworker', 'max_queueworker_age');
 			self::$workermaxage = self::$workermaxage > 120 ? self::$workermaxage : 300;
 		}
 
-		self::qstart();
+		$transaction = new \DbaTransaction(\DBA::$dba);
 
 		// skip locked is preferred but is not supported by mariadb < 10.6 which is still used a lot - hence make it optional
-		$sql_quirks = ((get_config('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
+		$sql_quirks = ((Config::Get('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
 
 		$r = q("SELECT workerq_id FROM workerq WHERE workerq_reservationid IS NOT NULL AND workerq_processtimeout < %s FOR UPDATE $sql_quirks",
 			db_utcnow()
@@ -156,7 +149,7 @@ class QueueWorker {
 			$u = dbq("update workerq set workerq_reservationid = null where workerq_id in ($ids)");
 		}
 
-		self::qcommit();
+		$transaction->commit();
 
 		//q("update workerq set workerq_reservationid = null where workerq_reservationid is not null and workerq_processtimeout < %s",
 			//db_utcnow()
@@ -194,15 +187,15 @@ class QueueWorker {
 	private static function getWorkId() {
 		self::GetWorkerCount();
 
-		self::qstart();
+		$transaction = new \DbaTransaction(\DBA::$dba);
 
 		// skip locked is preferred but is not supported by mariadb < 10.6 which is still used a lot - hence make it optional
-		$sql_quirks = ((get_config('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
+		$sql_quirks = ((Config::Get('system', 'db_skip_locked_supported')) ? 'SKIP LOCKED' : 'NOWAIT');
 
 		$work = dbq("SELECT workerq_id, workerq_cmd FROM workerq WHERE workerq_reservationid IS NULL ORDER BY workerq_priority DESC, workerq_id ASC LIMIT 1 FOR UPDATE $sql_quirks");
 
 		if (!$work) {
-			self::qrollback();
+			// Transaction automatically rolled back on return
 			return false;
 		}
 
@@ -222,24 +215,24 @@ class QueueWorker {
 		);
 
 		if (!$work) {
-			self::qrollback();
+			// Transaction automatically rolled back on return
 			logger("Could not update workerq.", LOGGER_DEBUG);
 			return false;
 		}
 
 		logger("GOTWORK: " . json_encode($work), LOGGER_DEBUG);
-		self::qcommit();
+		$transaction->commit();
 
 		return $id;
 	}
 
 	public static function Process() {
-		$sleep = intval(get_config('queueworker', 'queue_worker_sleep', 100));
-		$auto_queue_worker_sleep = get_config('queueworker', 'auto_queue_worker_sleep', 0);
+		$sleep = intval(Config::Get('queueworker', 'queue_worker_sleep', 100));
+		$auto_queue_worker_sleep = Config::Get('queueworker', 'auto_queue_worker_sleep', 0);
 
 		if (!self::GetWorkerID()) {
 			if ($auto_queue_worker_sleep) {
-				set_config('queueworker', 'queue_worker_sleep', $sleep + 100);
+				Config::Set('queueworker', 'queue_worker_sleep', $sleep + 100);
 			}
 
 			logger('Unable to get worker ID. Exiting.', LOGGER_DEBUG);
@@ -248,7 +241,7 @@ class QueueWorker {
 
 		if ($auto_queue_worker_sleep && $sleep > 100) {
 			$next_sleep = $sleep - 100;
-			set_config('queueworker', 'queue_worker_sleep', (($next_sleep < 100) ? 100 : $next_sleep));
+			Config::Set('queueworker', 'queue_worker_sleep', (($next_sleep < 100) ? 100 : $next_sleep));
 		}
 
 		$jobs               = 0;
@@ -257,7 +250,7 @@ class QueueWorker {
 		self::$workersleep  = $sleep;
 		self::$workersleep  = ((intval(self::$workersleep) > 100) ? intval(self::$workersleep) : 100);
 
-		if (function_exists('sys_getloadavg') && get_config('queueworker', 'load_average_sleep')) {
+		if (function_exists('sys_getloadavg') && Config::Get('queueworker', 'load_average_sleep')) {
 			// very experimental!
 			$load_average_sleep = true;
 		}
@@ -285,7 +278,7 @@ class QueueWorker {
 
 				if ($workers < self::$maxworkers) {
 					logger($workers . '/' . self::$maxworkers . ' workers active', LOGGER_DEBUG);
-					$phpbin = get_config('system', 'phpbin', 'php');
+					$phpbin = Config::Get('system', 'phpbin', 'php');
 					proc_run($phpbin, 'Zotlabs/Daemon/Master.php', ['Queueworker']);
 				}
 
@@ -299,12 +292,16 @@ class QueueWorker {
 				$cls  = '\\Zotlabs\\Daemon\\' . $argv[0];
 				$argv = flatten_array_recursive($argv);
 				$argc = count($argv);
-				$rnd = random_string();
+				$rnd = random_string(16);
 
 				logger('PROCESSING: ' . $rnd . ' ' . print_r($argv[0], true));
 
+				$start_timestamp = microtime(true);
+
 				$cls::run($argc, $argv);
 
+				logger('logger_stats_data cmd:' . $argv[0] . ' start:' . $start_timestamp . ' ' . 'end:' . microtime(true) . ' meta:' . $rnd);
+
 				logger('COMPLETED: ' . $rnd);
 
 				// @FIXME: Right now we assume that if we get a return, everything is OK.

Zotlabs/Lib/Share.php

@@ -112,7 +112,7 @@ class Share {
 		if(! $this->item)
 			return $bb;
 
-		$is_photo = (($this->item['obj_type'] === ACTIVITY_OBJ_PHOTO) ? true : false);
+		$is_photo = ((in_array($this->item['obj_type'], ['Image', ACTIVITY_OBJ_PHOTO])) ? true : false);
 		if($is_photo) {
 			$object = json_decode($this->item['obj'],true);
 			$photo_bb = $object['body'];

Zotlabs/Lib/Text.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+class Text {
+
+	/**
+	 * use this on "body" or "content" input where angle chars shouldn't be removed,
+	 * and allow them to be safely displayed.
+	 *
+	 * @param string $string
+	 *
+	 * @return string
+	 */
+
+	public static function escape_tags(string $string): string {
+		if (!$string) {
+			return EMPTY_STR;
+		}
+
+		return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false);
+	}
+
+}

Zotlabs/Lib/ThreadItem.php

@@ -3,8 +3,9 @@
 namespace Zotlabs\Lib;
 
 use App;
-use Zotlabs\Lib\Apps;
 use Zotlabs\Access\AccessList;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Config;
 
 require_once('include/text.php');
 
@@ -19,7 +20,7 @@ class ThreadItem {
 	private $comment_box_template = 'comment_item.tpl';
 	private $commentable = false;
 	// list of supported reaction emojis - a site can over-ride this via config system.reactions
-	private $reactions = ['1f60a','1f44f','1f37e','1f48b','1f61e','2665','1f606','1f62e','1f634','1f61c','1f607','1f608'];
+	private $reactions = ['slightly_smiling_face','clapping_hands','bottle_with_popping_cork','kiss_mark','disappointed_face','red_heart','grinning_face','astonished_face','sleeping_face','winking_face_with_tongue','smiling_face_with_halo','smiling_face_with_horns'];
 	private $toplevel = false;
 	private $children = array();
 	private $parent = null;
@@ -34,18 +35,18 @@ class ThreadItem {
 	private $channel = null;
 	private $display_mode = 'normal';
 	private $reload = '';
+	private $mid_uuid_map = [];
 
 
 	public function __construct($data) {
 
 		$this->data = $data;
 		$this->toplevel = ($this->get_id() == $this->get_data_value('parent'));
-		$this->threaded = get_config('system','thread_allow');
-
-		$observer = \App::get_observer();
+		$this->threaded = Config::Get('system','thread_allow');
 
 		// Prepare the children
 		if(isset($data['children'])) {
+
 			foreach($data['children'] as $item) {
 
 				/*
@@ -56,7 +57,6 @@ class ThreadItem {
 					continue;
 				}
 
-
 				$child = new ThreadItem($item);
 				$this->add_child($child);
 			}
@@ -65,9 +65,11 @@ class ThreadItem {
 			unset($this->data['children']);
 		}
 
+
+
 		// allow a site to configure the order and content of the reaction emoji list
 		if($this->toplevel) {
-			$x = get_config('system','reactions');
+			$x = Config::Get('system','reactions');
 			if($x && is_array($x) && count($x)) {
 				$this->reactions = $x;
 			}
@@ -82,7 +84,7 @@ class ThreadItem {
 	 *      _ false on failure
 	 */
 
-	public function get_template_data($conv_responses, $thread_level=1, $conv_flags = []) {
+	public function get_template_data($conv_responses, $mid_uuid_map, $thread_level=1, $conv_flags = []) {
 
 		$result = [];
 		$item = $this->get_data();
@@ -101,7 +103,7 @@ class ThreadItem {
  		$conv = $this->get_conversation();
 		$observer = $conv->get_observer();
 
-		$acl = new AccessList(false);
+		$acl = new AccessList([]);
 		$acl->set($item);
 
 		$lock = ((intval($item['item_private']) || ($item['uid'] == local_channel() && $acl->is_private()))
@@ -121,12 +123,14 @@ class ThreadItem {
 			$locktype = 0;
 		}
 
-		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && ($item['item_private'] != 1)) ? true : false);
+		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && (intval($item['item_private']) === 0)) ? true : false);
 
 		// allow an exemption for sharing stuff from your private feeds
 		if($item['author']['xchan_network'] === 'rss')
 			$shareable = true;
 
+		$repeatable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && (intval($item['item_private']) === 0) && (in_array($item['author']['xchan_network'], ['zot6', 'activitypub']))) ? true : false);
+
 		// @fixme
 		// Have recently added code to properly handle polls in group reshares by redirecting all of the poll responses to the group.
 		// Sharing a poll using a regular embedded share is harder because the poll will need to fork. This is due to comment permissions.
@@ -185,7 +189,7 @@ class ThreadItem {
 
 		$filer = ((($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
 
-		$profile_avatar = $item['author']['xchan_photo_m'];
+		$profile_avatar = $item['author']['xchan_photo_s'];
 		$profile_link   = chanlink_hash($item['author_xchan']);
 		$profile_name   = $item['author']['xchan_name'];
 
@@ -194,9 +198,14 @@ class ThreadItem {
 		$attend = null;
 
 		// process action responses - e.g. like/dislike/attend/agree/whatever
-		$response_verbs = array('like');
-		if(feature_enabled($conv->get_profile_owner(),'dislike'))
+		$response_verbs[] = 'like';
+
+		if(feature_enabled($conv->get_profile_owner(),'dislike')) {
 			$response_verbs[] = 'dislike';
+		}
+
+		$response_verbs[] = 'announce';
+
 		if(in_array($item['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) {
 			$response_verbs[] = 'attendyes';
 			$response_verbs[] = 'attendno';
@@ -222,6 +231,8 @@ class ThreadItem {
 			$my_responses[$v] = ((isset($conv_responses[$v][$item['mid'] . '-m'])) ? 1 : 0);
 		}
 
+/*
+
 		$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
 		$like_list = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid'] . '-l'] : '');
 		if (($like_list) && (count($like_list) > MAX_LIKERS)) {
@@ -232,6 +243,16 @@ class ThreadItem {
 		}
 		$like_button_label = tt('Like','Likes',$like_count,'noun');
 
+		$repeat_count = ((x($conv_responses['announce'],$item['mid'])) ? $conv_responses['announce'][$item['mid']] : '');
+		$repeat_list = ((x($conv_responses['announce'],$item['mid'])) ? $conv_responses['announce'][$item['mid'] . '-l'] : '');
+		if (($repeat_list) && (count($repeat_list) > MAX_LIKERS)) {
+			$repeat_list_part = array_slice($repeat_list, 0, MAX_LIKERS);
+			array_push($repeat_list_part, '<a class="dropdown-item" href="#" data-toggle="modal" data-target="#repeatModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
+		} else {
+			$repeat_list_part = '';
+		}
+		$repeat_button_label = tt('Repeat','Repeats',$repeat_count,'noun');
+
 		$showdislike = '';
 		if (feature_enabled($conv->get_profile_owner(),'dislike')) {
 			$dislike_count = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid']] : '');
@@ -248,6 +269,7 @@ class ThreadItem {
 		}
 
 		$showlike    = ((x($conv_responses['like'],$item['mid'])) ? format_like($conv_responses['like'][$item['mid']],$conv_responses['like'][$item['mid'] . '-l'],'like',$item['mid']) : '');
+*/
 
 		/*
 		 * We should avoid doing this all the time, but it depends on the conversation mode
@@ -315,25 +337,23 @@ class ThreadItem {
 		$share = [];
 		$embed = [];
 		if ($shareable) {
-			// This actually turns out not to be possible in some protocol stacks without opening up hundreds of new issues.
-			// Will allow it only for uri resolvable sources.
-			if(strpos($item['mid'],'http') === 0) {
-				//Not yet ready for primetime
-				//$share = array( t('Repeat This'), t('repeat'));
-			}
-			$embed = [t('Share This'), t('share')];
+			$embed = [t('Share'), t('share')];
+		}
+
+		if ($repeatable) {
+			$share = [t('Repeat'), t('repeat')];
 		}
 
 		$dreport = '';
 
-		$keep_reports = intval(get_config('system','expire_delivery_reports'));
+		$keep_reports = intval(Config::Get('system','expire_delivery_reports'));
 		if($keep_reports === 0)
 			$keep_reports = 10;
 
 		$dreport_link = '';
-		if((intval($item['item_type']) == ITEM_TYPE_POST) && (! get_config('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
+		if((intval($item['item_type']) == ITEM_TYPE_POST) && (! Config::Get('system','disable_dreport')) && strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC',"now - $keep_reports days")) > 0) {
 			$dreport = t('Delivery Report');
-			$dreport_link = gen_link_id($item['mid']);
+			$dreport_link = '?mid=' . $item['mid'];
 		}
 
 		$is_new = false;
@@ -342,7 +362,8 @@ class ThreadItem {
 
 		localize_item($item);
 
-		$body = prepare_body($item,true);
+		$opts = (($item['resource_type'] === 'event') ? ['is_event_item' => true] : []);
+		$body = prepare_body($item, true, $opts);
 
 		// $viewthread (below) is only valid in list mode. If this is a channel page, build the thread viewing link
 		// since we can't depend on llink or plink pointing to the right local location.
@@ -352,8 +373,8 @@ class ThreadItem {
 		if($conv->get_mode() === 'channel')
 			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode(gen_link_id($item['mid']));
 
-		$comment_count_txt = sprintf(tt('%d Comment', '%d Comments', $total_children), $total_children);
-		$list_unseen_txt = (($unseen_comments) ? sprintf(t('%d unseen'), $unseen_comments) : '');
+		$comment_count_txt = ['label' => sprintf(tt('%d comment', '%d comments', $total_children), $total_children), 'count' => $total_children];
+		$list_unseen_txt = $unseen_comments ? ['label' => sprintf(t('%d unseen'), $unseen_comments), 'count' => $unseen_comments] : [];
 
 		$children = $this->get_children();
 
@@ -363,8 +384,8 @@ class ThreadItem {
                 call_hooks('dropdown_extras',$dropdown_extras_arr);
                 $dropdown_extras = $dropdown_extras_arr['dropdown_extras'];
 
-		$midb64 = gen_link_id($item['mid']);
-		$mids = [ $midb64 ];
+		$midb64 = $item['uuid'];
+		$mids = [ $item['uuid'] ];
 		$response_mids = [];
 		foreach($response_verbs as $v) {
 			if(isset($conv_responses[$v]['mids'][$item['mid']])) {
@@ -376,7 +397,7 @@ class ThreadItem {
 		$json_mids = json_encode($mids);
 
 		// Pinned item processing
-		$allowed_type = (in_array($item['item_type'], get_config('system', 'pin_types', [ ITEM_TYPE_POST ])) ? true : false);
+		$allowed_type = (in_array($item['item_type'], Config::Get('system', 'pin_types', [ ITEM_TYPE_POST ])) ? true : false);
 		$pinned_items = ($allowed_type ? get_pconfig($item['uid'], 'pinned', $item['item_type'], []) : []);
 		$pinned = ((!empty($pinned_items) && in_array($midb64, $pinned_items)) ? true : false);
 
@@ -480,31 +501,44 @@ class ThreadItem {
 			'comment_count' => $total_children,
 			'comment_count_txt' => $comment_count_txt,
 			'list_unseen_txt' => $list_unseen_txt,
-			'markseen' => t('Mark all seen'),
+			'markseen' => t('Mark all comments seen'),
 			'responses' => $responses,
 			'my_responses' => $my_responses,
+			/*
 			'like_count' => $like_count,
 			'like_list' => $like_list,
 			'like_list_part' => $like_list_part,
 			'like_button_label' => $like_button_label,
 			'like_modal_title' => t('Likes','noun'),
+
+			'repeat_count' => $repeat_count,
+			'repeat_list' => $repeat_list,
+			'repeat_list_part' => $repeat_list_part,
+			'repeat_button_label' => $repeat_button_label,
+			'repeat_modal_title' => t('Repeats','noun'),
+
+
 			'dislike_modal_title' => t('Dislikes','noun'),
 			'dislike_count' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''),
 			'dislike_list' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''),
 			'dislike_list_part' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''),
 			'dislike_button_label' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''),
+*/
 			'modal_dismiss' => t('Close'),
-			'showlike' => $showlike,
-			'showdislike' => $showdislike,
+		//	'showlike' => $showlike,
+		//	'showdislike' => $showdislike,
 			'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box()),
 			'previewing' => ($conv->is_preview() ? true : false ),
 			'preview_lbl' => t('This is an unsaved preview'),
 			'wait' => t('Please wait'),
 			'thread_level' => $thread_level,
 			'settings' => $settings,
-			'thr_parent' => (($item['parent_mid'] != $item['thr_parent']) ? gen_link_id($item['thr_parent']) : ''),
-			'contact_id' => (($contact) ? $contact['abook_id'] : '')
-
+			'thr_parent_uuid' => (($item['parent_mid'] != $item['thr_parent']) ? $mid_uuid_map[$item['thr_parent']] : ''),
+			'contact_id' => (($contact) ? $contact['abook_id'] : ''),
+			'moderate' => ($item['item_blocked'] == ITEM_MODERATED),
+			'moderate_approve' => t('Approve'),
+			'moderate_delete' => t('Delete'),
+			'rtl' => in_array($item['lang'], rtl_languages()),
 		);
 
 		$arr = array('item' => $item, 'output' => $tmp_item);
@@ -515,7 +549,7 @@ class ThreadItem {
 		$result['children'] = array();
 		$nb_children = count($children);
 
-		$visible_comments = get_config('system','expanded_comments');
+		$visible_comments = Config::Get('system','expanded_comments');
 		if($visible_comments === false)
 			$visible_comments = 3;
 
@@ -527,12 +561,12 @@ class ThreadItem {
 
 		if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) {
 			foreach($children as $child) {
-				$result['children'][] = $child->get_template_data($conv_responses, $thread_level + 1,$conv_flags);
+				$result['children'][] = $child->get_template_data($conv_responses, $mid_uuid_map, $thread_level + 1,$conv_flags);
 			}
 			// Collapse
 			if(($nb_children > $visible_comments) || ($thread_level > 1)) {
 				$result['children'][0]['comment_firstcollapsed'] = true;
-				$result['children'][0]['num_comments'] = $comment_count_txt;
+				$result['children'][0]['num_comments'] = $comment_count_txt['label'];
 				$result['children'][0]['hide_text'] = sprintf( t('%s show all'), '<i class="fa fa-chevron-down"></i>');
 				if($thread_level > 1) {
 					$result['children'][$nb_children - 1]['comment_lastcollapsed'] = true;
@@ -609,7 +643,7 @@ class ThreadItem {
 		 * Only add what will be displayed
 		 */
 
-		if(activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE)) {
+		if(activity_match($item->get_data_value('verb'), ['Like', 'Dislike', ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
 			return false;
 		}
 
@@ -792,7 +826,7 @@ class ThreadItem {
 	 */
 	private function get_comment_box() {
 
-		if(!$this->is_toplevel() && !get_config('system','thread_allow')) {
+		if(!$this->is_toplevel() && !Config::Get('system','thread_allow')) {
 			return '';
 		}
 
@@ -840,7 +874,7 @@ class ThreadItem {
 			'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
 			'$encrypt' => t('Encrypt text'),
 			'$cipher' => $conv->get_cipher(),
-			'$sourceapp' => \App::$sourcename,
+			'$sourceapp' => App::$sourcename,
 			'$observer' => get_observer_hash(),
 			'$anoncomments' => ((in_array($conv->get_mode(), ['channel', 'display', 'cards', 'articles']) && perm_is_allowed($conv->get_profile_owner(),'','post_comments')) ? true : false),
 			'$anonname' => [ 'anonname', t('Your full name (required)') ],
@@ -870,10 +904,16 @@ class ThreadItem {
 
 		if($this->is_toplevel() && ($this->get_data_value('author_xchan') != $this->get_data_value('owner_xchan'))) {
 			$this->owner_url = chanlink_hash($this->data['owner']['xchan_hash']);
-			$this->owner_photo = $this->data['owner']['xchan_photo_m'];
+			$this->owner_photo = $this->data['owner']['xchan_photo_s'];
 			$this->owner_name = $this->data['owner']['xchan_name'];
 			$this->wall_to_wall = true;
 		}
+		elseif($this->is_toplevel() && $this->get_data_value('verb') === 'Announce' && isset($this->data['source'])) {
+			$this->owner_url = chanlink_hash($this->data['source']['xchan_hash']);
+			$this->owner_photo = $this->data['source']['xchan_photo_s'];
+			$this->owner_name = $this->data['source']['xchan_name'];
+			$this->wall_to_wall = true;
+		}
 	}
 
 	private function is_wall_to_wall() {

Zotlabs/Lib/ThreadStream.php

@@ -171,7 +171,7 @@ class ThreadStream {
 		 */
 
 
-		if(($item->get_data_value('id') != $item->get_data_value('parent')) && (activity_match($item->get_data_value('verb'),ACTIVITY_LIKE) || activity_match($item->get_data_value('verb'),ACTIVITY_DISLIKE))) {
+		if($item->get_data_value('id') != $item->get_data_value('parent') && activity_match($item->get_data_value('verb'), ['Like', 'Dislike', ACTIVITY_LIKE, ACTIVITY_DISLIKE])) {
 			return false;
 		}
 
@@ -211,7 +211,7 @@ class ThreadStream {
 	 *      _ The data requested on success
 	 *      _ false on failure
 	 */
-	public function get_template_data($conv_responses) {
+	public function get_template_data($conv_responses, $mid_uuid_map) {
 		$result = array();
 
 		foreach($this->threads as $item) {
@@ -220,7 +220,7 @@ class ThreadStream {
 				$item_data = $this->prepared_item;
 			}
 			else {
-				$item_data = $item->get_template_data($conv_responses);
+				$item_data = $item->get_template_data($conv_responses, $mid_uuid_map);
 			}
 			if(!$item_data) {
 				logger('Failed to get item template data ('. $item->get_id() .').', LOGGER_DEBUG, LOG_ERR);

Zotlabs/Lib/Traits/HelpHelperTrait.php

@@ -0,0 +1,68 @@
+<?php
+
+namespace Zotlabs\Lib\Traits;
+
+use CommerceGuys\Intl\Language\LanguageRepository;
+
+trait HelpHelperTrait {
+
+	// PHP versions before 8.2 does not support trait constants,
+	// Leave this commented out until we drop support for PHP 8.1.
+	//
+	// const VALID_FILE_EXT = ['md', 'bb', 'html'];
+
+	private string $file_name = '';
+	private string $file_type = '';
+
+	/**
+	 * Determines help language.
+	 *
+	 * If the language was specified in the URL, override the language preference
+	 * of the browser. Default to English if both of these are absent.
+	 *
+	 * Updates the `$lang` property of the module.
+	 */
+	private function determine_help_language() {
+
+		$language_repository = new LanguageRepository;
+		$languages = $language_repository->getList();
+
+		if(array_key_exists(argv(1), $languages)) {
+			$lang = argv(1);
+			$from_url = true;
+		} else {
+			$lang = \App::$language;
+			if(! isset($lang))
+				$lang = 'en';
+
+			$from_url = false;
+		}
+
+		$this->lang =  array('language' => $lang, 'from_url' => $from_url);
+	}
+
+	/**
+	 * Find the full path name of the file, given it's base path and
+	 * the language of the request.
+	 *
+	 * @param string $base_path		The path of the file to find, relative to the
+	 *	doc root path, and without the extension.
+	 */
+	private function find_help_file(string $base_path, string $lang): void {
+
+		// Use local variable until we can use trait constants.
+		$valid_file_ext = ['md', 'bb', 'html'];
+
+		$base_path = "doc/{$lang}/${base_path}";
+
+		foreach ($valid_file_ext as $ext) {
+			$path = "{$base_path}.{$ext}";
+			if (file_exists($path)) {
+				$this->file_name = $path;
+				$this->file_type = $ext;
+
+				break;
+			}
+		}
+	}
+}

Zotlabs/Lib/Zotfinger.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Lib;
 
+use Zotlabs\Lib\Config;
 use Zotlabs\Web\HTTPSig;
 
 class Zotfinger {
@@ -35,9 +36,13 @@ class Zotfinger {
 		$result = [];
 
 		$redirects = 0;
-		$x = z_post_url($resource,$data,$redirects, [ 'headers' => $h  ] );
 
-		logger('fetch: ' . print_r($x,true));
+		$start_timestamp = microtime(true);
+		$x = z_post_url($resource,$data,$redirects, [ 'headers' => $h  ] );
+		logger('logger_stats_data cmd:Zotfinger' . ' start:' . $start_timestamp . ' ' . 'end:' . microtime(true) . ' meta:' . $resource . '#' . random_string(16));
+		btlogger('Zotfinger');
+
+		logger('fetch: ' . print_r($x,true), LOGGER_DATA);
 
         if (in_array(intval($x['return_code']), [ 404, 410 ]) && $recurse) {
 
@@ -71,10 +76,10 @@ class Zotfinger {
 			$result['data'] = json_decode($x['body'],true);
 
 			if($result['data'] && is_array($result['data']) && array_key_exists('encrypted',$result['data']) && $result['data']['encrypted']) {
-				$result['data'] = json_decode(Crypto::unencapsulate($result['data'],get_config('system','prvkey')),true);
+				$result['data'] = json_decode(Crypto::unencapsulate($result['data'],Config::Get('system','prvkey')),true);
 			}
 
-			logger('decrypted: ' . print_r($result,true));
+			logger('decrypted: ' . print_r($result,true), LOGGER_DATA);
 
 			return $result;
 		}

Zotlabs/Module/Acl.php

@@ -2,8 +2,9 @@
 
 namespace Zotlabs\Module;
 
-use Zotlabs\Lib\Libzotdir;
 use Zotlabs\Lib\AccessList;
+use Zotlabs\Lib\Config;
+use Zotlabs\Lib\Libzotdir;
 
 require_once 'include/acl_selectors.php';
 
@@ -414,7 +415,7 @@ class Acl extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		$dirmode = intval(get_config('system','directory_mode'));
+		$dirmode = intval(Config::Get('system','directory_mode'));
 		$search = ((x($_REQUEST,'search')) ? htmlentities($_REQUEST['search'],ENT_COMPAT,'UTF-8',false) : '');
 		if(! $search || mb_strlen($search) < 2)
 			return array();
@@ -443,7 +444,7 @@ class Acl extends \Zotlabs\Web\Controller {
 			$url = $directory['url'] . '/dirsearch';
 		}
 
-		$token = get_config('system','realm_token');
+		$token = Config::Get('system','realm_token');
 
 		$count = (x($_REQUEST,'count') ?  $_REQUEST['count'] : 100);
 		if($url) {

Zotlabs/Module/Activity.php

@@ -7,7 +7,6 @@ use Zotlabs\Web\Controller;
 use Zotlabs\Daemon\Master;
 use Zotlabs\Lib\Activity as ZlibActivity;
 use Zotlabs\Lib\ActivityStreams;
-use Zotlabs\Lib\LDSignatures;
 use Zotlabs\Web\HTTPSig;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\ThreadListener;
@@ -26,7 +25,7 @@ class Activity extends Controller {
 
 			$portable_id = EMPTY_STR;
 
-			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+			$item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ",
 				dbesc(ACTIVITY_FOLLOW),
 				dbesc(ACTIVITY_UNFOLLOW)
 			);
@@ -155,22 +154,7 @@ class Activity extends Controller {
 			if(! $i)
 				http_status_exit(404, 'Not found');
 
-			$x = array_merge(['@context' => [
-				ACTIVITYSTREAMS_JSONLD_REV,
-				'https://w3id.org/security/v1',
-				z_root() . ZOT_APSCHEMA_REV
-				]], $i);
-
-			$headers = [];
-			$headers['Content-Type'] = 'application/x-zot+json' ;
-			$x['signature'] = LDSignatures::sign($x,$chan);
-			$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
-			$headers['Digest'] = HTTPSig::generate_digest_header($ret);
-			$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
-			$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
-			HTTPSig::set_headers($h);
-			echo $ret;
-			killme();
+			as_return_and_die($i, $chan);
 
 		}
 
@@ -202,7 +186,7 @@ class Activity extends Controller {
 				}
 			}
 
-			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+			$item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ",
 				dbesc(ACTIVITY_FOLLOW),
 				dbesc(ACTIVITY_UNFOLLOW)
 			);
@@ -260,25 +244,7 @@ class Activity extends Controller {
 
 			$channel = channelx_by_n($items[0]['uid']);
 
-			$x = array_merge( ['@context' => [
-				ACTIVITYSTREAMS_JSONLD_REV,
-				'https://w3id.org/security/v1',
-				z_root() . ZOT_APSCHEMA_REV
-				]], ZlibActivity::encode_activity($items[0],true));
-
-			$headers = [];
-			$headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
-			$x['signature'] = LDSignatures::sign($x,$channel);
-			$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
-			$headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T');
-			$headers['Digest'] = HTTPSig::generate_digest_header($ret);
-			$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
-
-			$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
-			HTTPSig::set_headers($h);
-			echo $ret;
-			killme();
-
+			as_return_and_die(ZlibActivity::encode_activity($items[0]), $channel);
 		}
 
 		goaway(z_root() . '/item/' . argv(1));

Zotlabs/Module/Admin.php

@@ -8,6 +8,8 @@
 
 namespace Zotlabs\Module;
 
+use Zotlabs\Lib\Config;
+
 require_once('include/account.php');
 
 /**
@@ -149,7 +151,7 @@ class Admin extends \Zotlabs\Web\Controller {
 			'$vmaster'  => array( t('Repository version (master)'), $vmaster),
 			'$vdev'     => array( t('Repository version (dev)'), $vdev),
 			'$upgrade'  => $upgrade,
-			'$build'    => get_config('system', 'db_version')
+			'$build'    => Config::Get('system', 'db_version')
 		));
 	}
 

Zotlabs/Module/Admin/Accounts.php

@@ -2,7 +2,7 @@
 
 namespace Zotlabs\Module\Admin;
 
-
+use Zotlabs\Lib\Config;
 
 class Accounts {
 
@@ -76,7 +76,7 @@ class Accounts {
 						if ( $ac['success'] ) {
 							$rc .= '✔';
 
-							$auto_create  = get_config('system','auto_channel_create',1);
+							$auto_create  = Config::Get('system','auto_channel_create',1);
 
 							if($auto_create) {
 								$reonar = json_decode($rs[0]['reg_stuff'], true);
@@ -87,7 +87,7 @@ class Accounts {
 								if($reonar['chan.did1'])
 									set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
 
-								$permissions_role  = get_config('system','default_permissions_role');
+								$permissions_role  = Config::Get('system','default_permissions_role');
 								if($permissions_role)
 									set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role);
 
@@ -346,7 +346,7 @@ class Accounts {
 			'$users' 	=> $users,
 			'$msg'      => t('Message')
 		));
-		$o .= paginate($a);
+		$o .= paginate();
 
 		return $o;
 	}

Zotlabs/Module/Admin/Addons.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Module\Admin;
 
 use App;
+use \Zotlabs\Lib\Config;
 use \Zotlabs\Storage\GitRepo;
 use \Michelf\MarkdownExtra;
 
@@ -276,7 +277,7 @@ class Addons {
 				if ($idz !== false) {
 					unset(App::$plugins[$idz]);
 					uninstall_plugin($plugin);
-					set_config("system","addon", implode(", ",App::$plugins));
+					Config::Set("system","addon", implode(", ",App::$plugins));
 				}
 			}
 			$info['disabled'] = 1-intval($x);
@@ -297,7 +298,7 @@ class Addons {
 					$pinstalled = true;
 					info( sprintf( t("Plugin %s enabled."), $plugin ) );
 				}
-				set_config("system","addon", implode(", ",App::$plugins));
+				Config::Set("system","addon", implode(", ",App::$plugins));
 
 				if($pinstalled) {
 					@require_once("addon/$plugin/$plugin.php");
@@ -395,7 +396,7 @@ class Addons {
 						if ($idz !== false) {
 							unset(App::$plugins[$idz]);
 							uninstall_plugin($id);
-							set_config("system","addon", implode(", ",App::$plugins));
+							Config::Set("system","addon", implode(", ",App::$plugins));
 						}
 					}
 					$info['disabled'] = 1-intval($x);

Zotlabs/Module/Admin/Channels.php

@@ -14,7 +14,7 @@ class Channels {
 	 */
 	function post() {
 
-		$channels = ( x($_POST, 'channel') ? $_POST['channel'] : Array() );
+		$channels = (x($_POST, 'channel') ? $_POST['channel'] : []);
 
 		check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels');
 
@@ -22,11 +22,28 @@ class Channels {
 
 		if(x($_POST, 'page_channels_block')) {
 			foreach($channels as $uid) {
-				q("UPDATE channel SET channel_pageflags = ( channel_pageflags $xor %d ) where channel_id = %d",
-					intval(PAGE_CENSORED),
-					intval( $uid )
+				$channel = channelx_by_n($uid);
+
+				if (!$channel) {
+					notice( t('Channel not found') . EOL);
+					continue;
+				}
+
+				$pflags = $channel['channel_pageflags'] ^ PAGE_CENSORED;
+
+				q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
+					intval($pflags),
+					intval($uid)
 				);
+
 				\Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush'));
+
+				$censored = (($pflags & PAGE_CENSORED) ? 1 : 0);
+
+				q("UPDATE xchan SET xchan_censored = %d WHERE xchan_hash = '%s'",
+					intval($censored),
+					dbesc($channel['channel_hash'])
+				);
 			}
 			notice( sprintf( tt("%s channel censored/uncensored", "%s channels censored/uncensored", count($channels)), count($channels)) );
 		}
@@ -57,11 +74,9 @@ class Channels {
 	function get() {
 		if(argc() > 2) {
 			$uid = argv(3);
-			$channel = q("SELECT * FROM channel WHERE channel_id = %d",
-				intval($uid)
-			);
+			$channel = channelx_by_n($uid);
 
-			if(! $channel) {
+			if(!$channel) {
 				notice( t('Channel not found') . EOL);
 				goaway(z_root() . '/admin/channels' );
 			}
@@ -72,30 +87,37 @@ class Channels {
 					// delete channel
 					channel_remove($uid,true);
 
-					notice( sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
+					notice( sprintf(t("Channel '%s' deleted"), $channel['channel_name']) . EOL);
 				}; break;
 
 				case "block":{
 					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
-					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED;
+					$pflags = $channel['channel_pageflags'] ^ PAGE_CENSORED;
 					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
 						intval($pflags),
-						intval( $uid )
+						intval($uid)
 					);
 					\Zotlabs\Daemon\Master::Summon(array('Directory',$uid,'nopush'));
 
-					notice( sprintf( (($pflags & PAGE_CENSORED) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
+					$censored = (($pflags & PAGE_CENSORED) ? 1 : 0);
+
+					q("UPDATE xchan SET xchan_censored = %d WHERE xchan_hash = '%s'",
+						intval($censored),
+						dbesc($channel['channel_hash'])
+					);
+
+					notice( sprintf( (($censored) ? t("Channel '%s' censored"): t("Channel '%s' uncensored")) , $channel['channel_name'] . ' (' . $channel['channel_address'] . ')' ) . EOL);
 				}; break;
 
 				case "code":{
 					check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
-					$pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE;
+					$pflags = $channel['channel_pageflags'] ^ PAGE_ALLOWCODE;
 					q("UPDATE channel SET channel_pageflags = %d where channel_id = %d",
 						intval($pflags),
-						intval( $uid )
+						intval($uid)
 					);
 
-					notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')' ) . EOL);
+					notice( sprintf( (($pflags & PAGE_ALLOWCODE) ? t("Channel '%s' code allowed"): t("Channel '%s' code disallowed")) , $channel['channel_name'] . ' (' . $channel['channel_address'] . ')' ) . EOL);
 				}; break;
 
 				default:
@@ -168,7 +190,7 @@ class Channels {
 			'$baseurl' => z_root(),
 			'$channels' => $channels,
 		));
-		$o .= paginate($a);
+		$o .= paginate();
 
 		return $o;
 	}

Zotlabs/Module/Admin/Dbsync.php

@@ -2,7 +2,7 @@
 
 namespace Zotlabs\Module\Admin;
 
-
+use Zotlabs\Lib\Config;
 
 class Dbsync {
 
@@ -12,10 +12,10 @@ class Dbsync {
 
 		if(argc() > 3 && intval(argv(3)) && argv(2) === 'mark') {
 			// remove the old style config if it exists
-			del_config('database', 'update_r' . intval(argv(3)));
-			set_config('database', '_' . intval(argv(3)), 'success');
-			if(intval(get_config('system','db_version')) < intval(argv(3)))
-				set_config('system','db_version',intval(argv(3)));
+			Config::Delete('database', 'update_r' . intval(argv(3)));
+			Config::Set('database', '_' . intval(argv(3)), 'success');
+			if(intval(Config::Get('system','db_version')) < intval(argv(3)))
+				Config::Set('system','db_version',intval(argv(3)));
 			info( t('Update has been marked successful') . EOL);
 			goaway(z_root() . '/admin/dbsync');
 		}
@@ -33,7 +33,7 @@ class Dbsync {
 					}
 					elseif($retval === UPDATE_SUCCESS) {
 						$o .= sprintf( t('Update %s was successfully applied.'), $s);
-						set_config('database',$s, 'success');
+						Config::Set('database',$s, 'success');
 					}
 					else
 						$o .= sprintf( t('Verifying update %s did not return a status. Unknown if it succeeded.'), $s);
@@ -60,7 +60,7 @@ class Dbsync {
 				}
 				elseif($retval === UPDATE_SUCCESS) {
 					$o .= sprintf( t('Update %s was successfully applied.'), $s);
-					set_config('database',$s, 'success');
+					Config::Set('database',$s, 'success');
 				}
 				else
 					$o .= sprintf( t('Update %s did not return a status. It cannot be determined if it was successful.'), $s);

Zotlabs/Module/Admin/Features.php

@@ -2,53 +2,53 @@
 
 namespace Zotlabs\Module\Admin;
 
-
+use Zotlabs\Lib\Config;
 
 class Features {
 
-	
+
 	function post() {
-	
+
 		check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features');
-	
+
 		logger('postvars: ' . print_r($_POST,true));
-	
+
 		$arr = array();
 		$features = get_features(false);
-	
+
 		foreach($features as $fname => $fdata) {
 			foreach(array_slice($fdata,1) as $f) {
 				$feature = $f[0];
-	
+
 				if(array_key_exists('feature_' . $feature,$_POST))
 					$val = intval($_POST['feature_' . $feature]);
 				else
 					$val = 0;
-				set_config('feature',$feature,$val);
-	
+				Config::Set('feature',$feature,$val);
+
 				if(array_key_exists('featurelock_' . $feature,$_POST))
-					set_config('feature_lock',$feature,$val);
+					Config::Set('feature_lock',$feature,$val);
 				else
-					del_config('feature_lock',$feature);
+					Config::Delete('feature_lock',$feature);
 			}
 		}
-	
+
 		goaway(z_root() . '/admin/features' );
-	
+
 	}
-	
+
 	function get() {
-		
+
 		if((argc() > 1) && (argv(1) === 'features')) {
 			$arr = array();
 			$features = get_features(false);
-	
+
 			foreach($features as $fname => $fdata) {
 				$arr[$fname] = array();
 				$arr[$fname][0] = $fdata[0];
 				foreach(array_slice($fdata,1) as $f) {
-	
-					$set = get_config('feature',$f[0]);
+
+					$set = Config::Get('feature',$f[0]);
 					if($set === false)
 						$set = $f[3];
 					$arr[$fname][1][] = array(
@@ -57,7 +57,7 @@ class Features {
 					);
 				}
 			}
-			
+
 			$tpl = get_markup_template("admin_settings_features.tpl");
 			$o .= replace_macros($tpl, array(
 				'$form_security_token' => get_form_security_token("admin_manage_features"),
@@ -65,10 +65,10 @@ class Features {
 				'$features' => $arr,
 				'$submit'   => t('Submit'),
 			));
-	
+
 			return $o;
 		}
 	}
-	
 
-}
+
+}

Zotlabs/Module/Admin/Logs.php

@@ -2,11 +2,12 @@
 
 namespace Zotlabs\Module\Admin;
 
+use Zotlabs\Lib\Config;
 
 class Logs {
 
 
-	
+
 	/**
 	 * @brief POST handler for logs admin page.
 	 *
@@ -15,20 +16,20 @@ class Logs {
 	function post() {
 		if (x($_POST, 'page_logs')) {
 			check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
-	
+
 			$logfile   = ((x($_POST,'logfile'))   ? notags(trim($_POST['logfile'])) : '');
 			$debugging = ((x($_POST,'debugging')) ? true : false);
 			$loglevel  = ((x($_POST,'loglevel'))  ? intval(trim($_POST['loglevel'])) : 0);
-	
-			set_config('system','logfile', $logfile);
-			set_config('system','debugging',  $debugging);
-			set_config('system','loglevel', $loglevel);
+
+			Config::Set('system','logfile', $logfile);
+			Config::Set('system','debugging',  $debugging);
+			Config::Set('system','loglevel', $loglevel);
 		}
-	
+
 		info( t('Log settings updated.') );
 		goaway(z_root() . '/admin/logs' );
 	}
-	
+
 	/**
 	 * @brief Logs admin page.
 	 *
@@ -36,7 +37,7 @@ class Logs {
 	 */
 
 	function get() {
-	
+
 		$log_choices = Array(
 			LOGGER_NORMAL => 'Normal',
 			LOGGER_TRACE => 'Trace',
@@ -44,15 +45,15 @@ class Logs {
 			LOGGER_DATA => 'Data',
 			LOGGER_ALL => 'All'
 		);
-	
+
 		$t = get_markup_template('admin_logs.tpl');
-	
-		$f = get_config('system', 'logfile');
-	
+
+		$f = Config::Get('system', 'logfile');
+
 		$data = '';
-	
+
 		if(!file_exists($f)) {
-			$data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is 
+			$data = t("Error trying to open <strong>$f</strong> log file.\r\n<br/>Check to see if file $f exist and is
 	readable.");
 		}
 		else {
@@ -77,7 +78,7 @@ class Logs {
 				fclose($fp);
 			}
 		}
-	
+
 		return replace_macros($t, array(
 			'$title' => t('Administration'),
 			'$page' => t('Logs'),
@@ -85,17 +86,17 @@ class Logs {
 			'$clear' => t('Clear'),
 			'$data' => $data,
 			'$baseurl' => z_root(),
-			'$logname' =>  get_config('system','logfile'),
-	
+			'$logname' =>  Config::Get('system','logfile'),
+
 			// name, label, value, help string, extra data...
-			'$debugging' => array('debugging', t("Debugging"),get_config('system','debugging'), ""),
-			'$logfile'   => array('logfile', t("Log file"), get_config('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")),
-			'$loglevel'  => array('loglevel', t("Log level"), get_config('system','loglevel'), "", $log_choices),
-	
+			'$debugging' => array('debugging', t("Debugging"),Config::Get('system','debugging'), ""),
+			'$logfile'   => array('logfile', t("Log file"), Config::Get('system','logfile'), t("Must be writable by web server. Relative to your top-level webserver directory.")),
+			'$loglevel'  => array('loglevel', t("Log level"), Config::Get('system','loglevel'), "", $log_choices),
+
 			'$form_security_token' => get_form_security_token('admin_logs'),
 		));
 	}
-	
 
 
-}
+
+}

Zotlabs/Module/Admin/Profs.php

@@ -2,11 +2,12 @@
 
 namespace Zotlabs\Module\Admin;
 
+use Zotlabs\Lib\Config;
 
 class Profs {
 
 	function post() {
-	
+
 		if(array_key_exists('basic',$_REQUEST)) {
 			$arr = explode(',',$_REQUEST['basic']);
 			array_walk($arr,'array_trim');
@@ -19,9 +20,9 @@ class Profs {
 				}
 			}
 			if(! $narr)
-				del_config('system','profile_fields_basic');
+				Config::Delete('system','profile_fields_basic');
 			else
-				set_config('system','profile_fields_basic',$narr);
+				Config::Set('system','profile_fields_basic',$narr);
 
 
 			if(array_key_exists('advanced',$_REQUEST)) {
@@ -36,15 +37,15 @@ class Profs {
 					}
 				}
 				if(! $narr)
-					del_config('system','profile_fields_advanced');
+					Config::Delete('system','profile_fields_advanced');
 				else
-					set_config('system','profile_fields_advanced',$narr);
+					Config::Set('system','profile_fields_advanced',$narr);
 
 			}
 			goaway(z_root() . '/admin/profs');
 		}
-	
-	
+
+
 		if(array_key_exists('field_name',$_REQUEST)) {
 			if($_REQUEST['id']) {
 				$r = q("update profdef set field_name = '%s', field_type = '%s', field_desc = '%s' field_help = '%s', field_inputs = '%s' where id = %d",
@@ -66,24 +67,24 @@ class Profs {
 				);
 			}
 		}
-	
-	
+
+
 		// add to chosen array basic or advanced
-	
+
 		goaway(z_root() . '/admin/profs');
 	}
-	
+
 	function get() {
-	
+
 		if((argc() > 3) && argv(2) == 'drop' && intval(argv(3))) {
 			$r = q("delete from profdef where id = %d",
 				intval(argv(3))
 			);
 			// remove from allowed fields
-	
-			goaway(z_root() . '/admin/profs');	
+
+			goaway(z_root() . '/admin/profs');
 		}
-	
+
 		if((argc() > 2) && argv(2) === 'new') {
 			return replace_macros(get_markup_template('profdef_edit.tpl'),array(
 				'$header' => t('New Profile Field'),
@@ -94,7 +95,7 @@ class Profs {
 				'$submit' => t('Save')
 			));
 		}
-	
+
 		if((argc() > 2) && intval(argv(2))) {
 			$r = q("select * from profdef where id = %d limit 1",
 				intval(argv(2))
@@ -103,7 +104,7 @@ class Profs {
 				notice( t('Field definition not found') . EOL);
 				goaway(z_root() . '/admin/profs');
 			}
-	
+
 			return replace_macros(get_markup_template('profdef_edit.tpl'),array(
 				'$id' => intval($r[0]['id']),
 				'$header' => t('Edit Profile Field'),
@@ -114,7 +115,7 @@ class Profs {
 				'$submit' => t('Save')
 			));
 		}
-	
+
 		$basic = '';
 		$barr = array();
 		$fields = get_profile_fields_basic();
@@ -129,7 +130,7 @@ class Profs {
 				$barr[] = trim($k);
 			}
 		}
-	
+
 		$advanced = '';
 		$fields = get_profile_fields_advanced();
 		if(! $fields)
@@ -143,7 +144,7 @@ class Profs {
 				$advanced .= trim($k);
 			}
 		}
-	
+
 		$all = '';
 		$fields = get_profile_fields_advanced(1);
 		if($fields) {
@@ -153,7 +154,7 @@ class Profs {
 				$all .= trim($k);
 			}
 		}
-	
+
 		$r = q("select * from profdef where true");
 		if($r) {
 			foreach($r as $rr) {
@@ -162,8 +163,8 @@ class Profs {
 				$all .= $rr['field_name'];
 			}
 		}
-	
-		
+
+
 		$o = replace_macros(get_markup_template('admin_profiles.tpl'),array(
 			'$title' => t('Profile Fields'),
 			'$basic' => array('basic',t('Basic Profile Fields'),$basic,''),
@@ -174,17 +175,17 @@ class Profs {
 			'$cust_fields' => $r,
 			'$edit' => t('Edit'),
 			'$drop' => t('Delete'),
-			'$new' => t('Create Custom Field'),		
+			'$new' => t('Create Custom Field'),
 			'$submit' => t('Submit')
 		));
-	
+
 		return $o;
-	
-	
+
+
 	}
 
 
 
 
 
-}
+}

Zotlabs/Module/Admin/Queueworker.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Module\Admin;
 
 use App;
+use Zotlabs\Lib\Config;
 use Zotlabs\Web\Controller;
 
 class Queueworker extends Controller {
@@ -17,18 +18,18 @@ class Queueworker extends Controller {
 
 		$maxqueueworkers = intval($_POST['queueworker_maxworkers']);
 		$maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4;
-		set_config('queueworker', 'max_queueworkers', $maxqueueworkers);
+		Config::Set('queueworker', 'max_queueworkers', $maxqueueworkers);
 
 		$maxworkerage = intval($_POST['queueworker_max_age']);
 		$maxworkerage = ($maxworkerage >= 120) ? $maxworkerage : 300;
-		set_config('queueworker', 'queueworker_max_age', $maxworkerage);
+		Config::Set('queueworker', 'queueworker_max_age', $maxworkerage);
 
 		$queueworkersleep = intval($_POST['queue_worker_sleep']);
 		$queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100;
-		set_config('queueworker', 'queue_worker_sleep', $queueworkersleep);
+		Config::Set('queueworker', 'queue_worker_sleep', $queueworkersleep);
 
 		$auto_queue_worker_sleep = intval($_POST['auto_queue_worker_sleep']);
-		set_config('queueworker', 'auto_queue_worker_sleep', $auto_queue_worker_sleep);
+		Config::Set('queueworker', 'auto_queue_worker_sleep', $auto_queue_worker_sleep);
 
 		goaway(z_root() . '/admin/queueworker');
 	}
@@ -54,7 +55,7 @@ class Queueworker extends Controller {
 			}
 		}
 
-		$maxqueueworkers = get_config('queueworker', 'max_queueworkers', 4);
+		$maxqueueworkers = Config::Get('queueworker', 'max_queueworkers', 4);
 		$maxqueueworkers = ($maxqueueworkers > 3) ? $maxqueueworkers : 4;
 
 		$sc = '';
@@ -68,7 +69,7 @@ class Queueworker extends Controller {
 			]
 		]);
 
-		$workermaxage = get_config('queueworker', 'queueworker_max_age');
+		$workermaxage = Config::Get('queueworker', 'queueworker_max_age');
 		$workermaxage = ($workermaxage >= 120) ? $workermaxage : 300;
 
 		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
@@ -80,10 +81,10 @@ class Queueworker extends Controller {
 			]
 		]);
 
-		$queueworkersleep = get_config('queueworker', 'queue_worker_sleep');
+		$queueworkersleep = Config::Get('queueworker', 'queue_worker_sleep');
 		$queueworkersleep = ($queueworkersleep > 100) ? $queueworkersleep : 100;
 
-		$auto_queue_worker_sleep = get_config('queueworker', 'auto_queue_worker_sleep', 0);
+		$auto_queue_worker_sleep = Config::Get('queueworker', 'auto_queue_worker_sleep', 0);
 
 		$sc .= replace_macros(get_markup_template('field_input.tpl'), [
 			'$field' => [

Zotlabs/Module/Admin/Security.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Module\Admin;
 
+use Zotlabs\Lib\Config;
 
 class Security {
 
@@ -11,53 +12,53 @@ class Security {
 		$allowed_email        = ((x($_POST,'allowed_email'))	    ? notags(trim($_POST['allowed_email']))		: '');
 		$not_allowed_email    = ((x($_POST,'not_allowed_email'))	? notags(trim($_POST['not_allowed_email']))		: '');
 
-		set_config('system','allowed_email', $allowed_email);
-		set_config('system','not_allowed_email', $not_allowed_email);
+		Config::Set('system','allowed_email', $allowed_email);
+		Config::Set('system','not_allowed_email', $not_allowed_email);
 
 		$block_public         = ((x($_POST,'block_public'))		? True	: False);
-		set_config('system','block_public',$block_public);
+		Config::Set('system','block_public',$block_public);
 
 		$cloud_noroot         = ((x($_POST,'cloud_noroot'))		? 1	: 0);
-		set_config('system','cloud_disable_siteroot',1 - $cloud_noroot);
+		Config::Set('system','cloud_disable_siteroot',1 - $cloud_noroot);
 
 		$cloud_disksize       = ((x($_POST,'cloud_disksize'))	? 1	: 0);
-		set_config('system','cloud_report_disksize',$cloud_disksize);
+		Config::Set('system','cloud_report_disksize',$cloud_disksize);
 
 		$ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites']));
-		set_config('system','whitelisted_sites',$ws);
+		Config::Set('system','whitelisted_sites',$ws);
 
 		$bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites']));
-		set_config('system','blacklisted_sites',$bs);
+		Config::Set('system','blacklisted_sites',$bs);
 
 		$wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels']));
-		set_config('system','whitelisted_channels',$wc);
+		Config::Set('system','whitelisted_channels',$wc);
 
 		$bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels']));
-		set_config('system','blacklisted_channels',$bc);
+		Config::Set('system','blacklisted_channels',$bc);
 
 		$embed_sslonly         = ((x($_POST,'embed_sslonly'))		? True	: False);
-		set_config('system','embed_sslonly',$embed_sslonly);
+		Config::Set('system','embed_sslonly',$embed_sslonly);
 
 		$we = $this->trim_array_elems(explode("\n",$_POST['embed_allow']));
-		set_config('system','embed_allow',$we);
+		Config::Set('system','embed_allow',$we);
 
 		$be = $this->trim_array_elems(explode("\n",$_POST['embed_deny']));
-		set_config('system','embed_deny',$be);
+		Config::Set('system','embed_deny',$be);
 
 		$thumbnail_security = ((x($_POST,'thumbnail_security')) ? intval($_POST['thumbnail_security']) : 0);
-		set_config('system', 'thumbnail_security' , $thumbnail_security);
+		Config::Set('system', 'thumbnail_security' , $thumbnail_security);
 
 		$inline_pdf = ((x($_POST,'inline_pdf')) ? intval($_POST['inline_pdf']) : 0);
-		set_config('system', 'inline_pdf' , $inline_pdf);
+		Config::Set('system', 'inline_pdf' , $inline_pdf);
 
 		$ts = ((x($_POST,'transport_security')) ? True : False);
-		set_config('system','transport_security_header',$ts);
+		Config::Set('system','transport_security_header',$ts);
 
 		$cs = ((x($_POST,'content_security')) ? True : False);
-		set_config('system','content_security_policy',$cs);
+		Config::Set('system','content_security_policy',$cs);
 
 		$trusted_directory_servers = $this->trim_array_elems(explode("\n", $_POST['trusted_directory_servers']));
-		set_config('system', 'trusted_directory_servers', $trusted_directory_servers);
+		Config::Set('system', 'trusted_directory_servers', $trusted_directory_servers);
 
 		goaway(z_root() . '/admin/security');
 	}
@@ -66,31 +67,31 @@ class Security {
 
 	function get() {
 
-		$whitesites = get_config('system','whitelisted_sites');
+		$whitesites = Config::Get('system','whitelisted_sites');
 		$whitesites_str = ((is_array($whitesites)) ? implode("\n",$whitesites) : '');
 
-		$blacksites = get_config('system','blacklisted_sites');
+		$blacksites = Config::Get('system','blacklisted_sites');
 		$blacksites_str = ((is_array($blacksites)) ? implode("\n",$blacksites) : '');
 
 
-		$whitechannels = get_config('system','whitelisted_channels');
+		$whitechannels = Config::Get('system','whitelisted_channels');
 		$whitechannels_str = ((is_array($whitechannels)) ? implode("\n",$whitechannels) : '');
 
-		$blackchannels = get_config('system','blacklisted_channels');
+		$blackchannels = Config::Get('system','blacklisted_channels');
 		$blackchannels_str = ((is_array($blackchannels)) ? implode("\n",$blackchannels) : '');
 
 
-		$whiteembeds = get_config('system','embed_allow');
+		$whiteembeds = Config::Get('system','embed_allow');
 		$whiteembeds_str = ((is_array($whiteembeds)) ? implode("\n",$whiteembeds) : '');
 
-		$blackembeds = get_config('system','embed_deny');
+		$blackembeds = Config::Get('system','embed_deny');
 		$blackembeds_str = ((is_array($blackembeds)) ? implode("\n",$blackembeds) : '');
 
-		$trusted_directory_servers = get_config('system', 'trusted_directory_servers');
+		$trusted_directory_servers = Config::Get('system', 'trusted_directory_servers');
 		$trusted_directory_servers_str = ((is_array($trusted_directory_servers)) ? implode("\n", $trusted_directory_servers) : '');
-		$is_dir = (intval(get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL)) !== DIRECTORY_MODE_NORMAL);
+		$is_dir = (intval(Config::Get('system', 'directory_mode', DIRECTORY_MODE_NORMAL)) !== DIRECTORY_MODE_NORMAL);
 
-		$embed_coop = intval(get_config('system','embed_coop'));
+		$embed_coop = intval(Config::Get('system','embed_coop'));
 
 		if((! $whiteembeds) && (! $blackembeds)) {
 			$embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure.");
@@ -105,22 +106,22 @@ class Security {
 			'$title' => t('Administration'),
 			'$page' => t('Security'),
 			'$form_security_token' => get_form_security_token('admin_security'),
-	        '$block_public'     => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")),
-			'$cloud_noroot'     => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ],
-			'$cloud_disksize'     => [ 'cloud_disksize', t('Show total disk space available to cloud uploads'), intval(get_config('system','cloud_report_disksize')), '' ],
-			'$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''),
-			'$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''),
-			'$allowed_email'	=> array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
-			'$not_allowed_email'	=> array('not_allowed_email', t("Not allowed email domains"), get_config('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")),
+	        '$block_public'     => array('block_public', t("Block public"), Config::Get('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")),
+			'$cloud_noroot'     => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(Config::Get('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ],
+			'$cloud_disksize'     => [ 'cloud_disksize', t('Show total disk space available to cloud uploads'), intval(Config::Get('system','cloud_report_disksize')), '' ],
+			'$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(Config::Get('system','transport_security_header')),''),
+			'$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(Config::Get('system','content_security_policy')),''),
+			'$allowed_email'	=> array('allowed_email', t("Allowed email domains"), Config::Get('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),
+			'$not_allowed_email'	=> array('not_allowed_email', t("Not allowed email domains"), Config::Get('system','not_allowed_email'), t("Comma separated list of domains which are not allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains, unless allowed domains have been defined.")),
 			'$whitelisted_sites' => array('whitelisted_sites', t('Allow communications only from these sites'), $whitesites_str, t('One site per line. Leave empty to allow communication from anywhere by default')),
 			'$blacklisted_sites' => array('blacklisted_sites', t('Block communications from these sites'), $blacksites_str, ''),
 			'$whitelisted_channels' => array('whitelisted_channels', t('Allow communications only from these channels'), $whitechannels_str, t('One channel (hash) per line. Leave empty to allow from any channel by default')),
 			'$blacklisted_channels' => array('blacklisted_channels', t('Block communications from these channels'), $blackchannels_str, ''),
-			'$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''),
+			'$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(Config::Get('system','embed_sslonly')),''),
 			'$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')),
 			'$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''),
-			'$thumbnail_security'   => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ],
-			'$inline_pdf'   => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), get_config('system','inline_pdf',0), '' ],
+			'$thumbnail_security'   => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), Config::Get('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ],
+			'$inline_pdf'   => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), Config::Get('system','inline_pdf',0), '' ],
 
 			'$trusted_directory_servers' => (($is_dir) ? ['trusted_directory_servers', t('Additional trusted directory server URLs'), $trusted_directory_servers_str, t('Accept directory flags (spam, nsfw) from those servers. One per line like https://example.tld')] : ''),
 

Zotlabs/Module/Admin/Site.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Module\Admin;
 
+use Zotlabs\Lib\Config;
 
 class Site {
 
@@ -68,7 +69,7 @@ class Site {
 		$login_on_homepage	=	((x($_POST,'login_on_homepage'))		? True	:	False);
 		$enable_context_help = ((x($_POST,'enable_context_help'))		? True	:	False);
 		$no_community_page    = !((x($_POST,'no_community_page'))	? True	:	False);
-		$default_expire_days  = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0);
+		$default_expire_days  = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 30);
 		$active_expire_days  = ((array_key_exists('active_expire_days',$_POST)) ? intval($_POST['active_expire_days']) : 7);
 
 		$reply_address      = ((array_key_exists('reply_address',$_POST) && trim($_POST['reply_address'])) ? trim($_POST['reply_address']) : 'noreply@' . \App::get_hostname());
@@ -125,8 +126,8 @@ class Site {
 				//logger( print_r( $this->msgbg, true) );
 				//logger( print_r( $this->joo, true) );
 				if ($this->error === 0) {
-					set_config('system', 'register_duty', $this->register_duty);
-					set_config('system', 'register_duty_jso', $this->joo);
+					Config::Set('system', 'register_duty', $this->register_duty);
+					Config::Set('system', 'register_duty_jso', $this->joo);
 				} else {
 					notice('ZAR0130E,' . t('Errors') . ': ' . $this->error . EOL . $this->msgfg . EOL);
 				}
@@ -134,87 +135,87 @@ class Site {
 		}
 		// <-hilmar]
 
-		set_config('system', 'feed_contacts', $feed_contacts);
-		set_config('system', 'delivery_interval', $delivery_interval);
-		set_config('system', 'delivery_batch_count', $delivery_batch_count);
-		set_config('system', 'poll_interval', $poll_interval);
-		set_config('system', 'maxloadavg', $maxloadavg);
-		set_config('system', 'frontpage', $frontpage);
-		set_config('system', 'sellpage', $site_sellpage);
-		set_config('system', 'workflow_channel_next', $first_page);
-		set_config('system', 'site_location', $site_location);
-		set_config('system', 'mirror_frontpage', $mirror_frontpage);
-		set_config('system', 'sitename', $sitename);
-		set_config('system', 'login_on_homepage', $login_on_homepage);
-		set_config('system', 'enable_context_help', $enable_context_help);
-		set_config('system', 'verify_email', $verify_email);
-		set_config('system', 'max_daily_registrations', $register_perday);
-		set_config('system', 'register_sameip', $register_sameip);
-		set_config('system', 'register_delay', $reg_delay);
-		set_config('system', 'register_expire', $reg_expire);
-		set_config('system', 'default_expire_days', $default_expire_days);
-		set_config('system', 'active_expire_days', $active_expire_days);
-		set_config('system', 'reply_address', $reply_address);
-		set_config('system', 'from_email', $from_email);
-		set_config('system', 'from_email_name' , $from_email_name);
-		set_config('system', 'imagick_convert_path' , $imagick_path);
-		set_config('system', 'default_permissions_role', $permissions_role);
-		set_config('system', 'pubstream_incl',$pub_incl);
-		set_config('system', 'pubstream_excl',$pub_excl);
+		Config::Set('system', 'feed_contacts', $feed_contacts);
+		Config::Set('system', 'delivery_interval', $delivery_interval);
+		Config::Set('system', 'delivery_batch_count', $delivery_batch_count);
+		Config::Set('system', 'poll_interval', $poll_interval);
+		Config::Set('system', 'maxloadavg', $maxloadavg);
+		Config::Set('system', 'frontpage', $frontpage);
+		Config::Set('system', 'sellpage', $site_sellpage);
+		Config::Set('system', 'workflow_channel_next', $first_page);
+		Config::Set('system', 'site_location', $site_location);
+		Config::Set('system', 'mirror_frontpage', $mirror_frontpage);
+		Config::Set('system', 'sitename', $sitename);
+		Config::Set('system', 'login_on_homepage', $login_on_homepage);
+		Config::Set('system', 'enable_context_help', $enable_context_help);
+		Config::Set('system', 'verify_email', $verify_email);
+		Config::Set('system', 'max_daily_registrations', $register_perday);
+		Config::Set('system', 'register_sameip', $register_sameip);
+		Config::Set('system', 'register_delay', $reg_delay);
+		Config::Set('system', 'register_expire', $reg_expire);
+		Config::Set('system', 'default_expire_days', $default_expire_days);
+		Config::Set('system', 'active_expire_days', $active_expire_days);
+		Config::Set('system', 'reply_address', $reply_address);
+		Config::Set('system', 'from_email', $from_email);
+		Config::Set('system', 'from_email_name' , $from_email_name);
+		Config::Set('system', 'imagick_convert_path' , $imagick_path);
+		Config::Set('system', 'default_permissions_role', $permissions_role);
+		Config::Set('system', 'pubstream_incl',$pub_incl);
+		Config::Set('system', 'pubstream_excl',$pub_excl);
 
 
 		if($directory_server)
-			set_config('system','directory_server',$directory_server);
+			Config::Set('system','directory_server',$directory_server);
 
 		if ($banner == '') {
-			del_config('system', 'banner');
+			Config::Delete('system', 'banner');
 		} else {
-			set_config('system', 'banner', $banner);
+			Config::Set('system', 'banner', $banner);
 		}
 
 		if ($admininfo == ''){
-			del_config('system', 'admininfo');
+			Config::Delete('system', 'admininfo');
 		} else {
 			require_once('include/text.php');
 			linkify_tags($admininfo, local_channel());
-			set_config('system', 'admininfo', $admininfo);
+			Config::Set('system', 'admininfo', $admininfo);
 		}
-		set_config('system','siteinfo',$siteinfo);
-		//set_config('system', 'language', $language);
-		set_config('system', 'theme', $theme);
+		Config::Set('system','siteinfo',$siteinfo);
+		//Config::Set('system', 'language', $language);
+		Config::Set('system', 'theme', $theme);
 		//		if ( $theme_mobile === '---' ) {
-		//			del_config('system', 'mobile_theme');
+		//			Config::Delete('system', 'mobile_theme');
 		//		} else {
-		//			set_config('system', 'mobile_theme', $theme_mobile);
+		//			Config::Set('system', 'mobile_theme', $theme_mobile);
 		//		}
-		//	set_config('system','site_channel', $site_channel);
-		set_config('system','maximagesize', $maximagesize);
+		//	Config::Set('system','site_channel', $site_channel);
+		Config::Set('system','maximagesize', $maximagesize);
 
-		set_config('system','register_policy', $register_policy);
-		set_config('system','register_wo_email', $register_wo_email);
-		set_config('system','minimum_age', $minimum_age);
-		set_config('system','auto_channel_create', $reg_autochannel);
-		set_config('system', 'invitation_only', $invitation_only);
-		set_config('system', 'invitation_also', $invitation_also);
-		set_config('system','access_policy', $access_policy);
-		set_config('system','account_abandon_days', $abandon_days);
-		set_config('system','register_text', $register_text);
-		set_config('system','allowed_sites', $allowed_sites);
-		set_config('system','publish_all', $force_publish);
-		set_config('system','disable_discover_tab', $disable_discover_tab);
-		set_config('system','site_firehose', $site_firehose);
-		set_config('system','open_pubstream', $open_pubstream);
-		//set_config('system','force_queue_threshold', $force_queue);
+		Config::Set('system','register_policy', $register_policy);
+		Config::Set('system','register_wo_email', $register_wo_email);
+		Config::Set('system','minimum_age', $minimum_age);
+		Config::Set('system','auto_channel_create', $reg_autochannel);
+		Config::Set('system', 'invitation_only', $invitation_only);
+		Config::Set('system', 'invitation_also', $invitation_also);
+		Config::Set('system','access_policy', $access_policy);
+		Config::Set('system','account_abandon_days', $abandon_days);
+		Config::Set('system','register_text', $register_text);
+		Config::Set('system','allowed_sites', $allowed_sites);
+		Config::Set('system','publish_all', $force_publish);
+		Config::Set('system','disable_discover_tab', $disable_discover_tab);
+		Config::Set('system','site_firehose', $site_firehose);
+		Config::Set('system','open_pubstream', $open_pubstream);
+		//Config::Set('system','force_queue_threshold', $force_queue);
 
-		set_config('system','no_community_page', $no_community_page);
-		set_config('system','no_utf', $no_utf);
+		Config::Set('system','no_community_page', $no_community_page);
+		Config::Set('system','no_utf', $no_utf);
 
-		set_config('system','sse_enabled', $sse_enabled);
+		Config::Set('system','sse_enabled', $sse_enabled);
 
-		set_config('system','verifyssl', $verifyssl);
-		set_config('system','proxyuser', $proxyuser);
-		set_config('system','proxy', $proxy);
-		set_config('system','curl_timeout', $timeout);
+		Config::Set('system','verifyssl', $verifyssl);
+		Config::Set('system','proxyuser', $proxyuser);
+		Config::Set('system','proxy', $proxy);
+		Config::Set('system','curl_timeout', $timeout);
 
 		info( t('Site settings updated.') . EOL);
 		goaway(z_root() . '/admin/site' );
@@ -227,20 +228,6 @@ class Site {
 	 */
 	function get() {
 
-		/* Installed langs */
-		$lang_choices = array();
-		$langs = glob('view/*/hstrings.php');
-
-		if(is_array($langs) && count($langs)) {
-			if(! in_array('view/en/hstrings.php',$langs))
-				$langs[] = 'view/en/';
-			asort($langs);
-			foreach($langs as $l) {
-				$t = explode("/",$l);
-				$lang_choices[$t[1]] = $t[1];
-			}
-		}
-
 		/* Installed themes */
 		$theme_choices_mobile["---"] = t("Default");
 		$theme_choices = array();
@@ -277,7 +264,7 @@ class Site {
 		}
 
 		$dir_choices = null;
-		$dirmode = get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL);
+		$dirmode = Config::Get('system', 'directory_mode', DIRECTORY_MODE_NORMAL);
 		$realm = get_directory_realm();
 
 		// directory server should not be set or settable unless we are a directory client
@@ -305,14 +292,14 @@ class Site {
 
 		/* Banner */
 
-		$banner = get_config('system', 'banner');
+		$banner = Config::Get('system', 'banner');
 		if($banner === false)
-			$banner = get_config('system','sitename');
+			$banner = Config::Get('system','sitename');
 
 		$banner = htmlspecialchars($banner);
 
 		/* Admin Info */
-		$admininfo = get_config('system', 'admininfo');
+		$admininfo = Config::Get('system', 'admininfo');
 
 		/* Register policy */
 		$register_choices = Array(
@@ -320,8 +307,8 @@ class Site {
 			REGISTER_APPROVE => t("Yes - with approval"),
 			REGISTER_OPEN    => t("Yes")
 		);
-		$this->register_duty = get_config('system', 'register_duty', '-:-');
-		$register_perday = get_config('system','max_daily_registrations', 50);
+		$this->register_duty = Config::Get('system', 'register_duty', '-:-');
+		$register_perday = Config::Get('system','max_daily_registrations', 50);
 
 		/* Acess policy */
 		$access_choices = Array(
@@ -331,7 +318,7 @@ class Site {
 			ACCESS_TIERED => t("My site offers free accounts with optional paid upgrades")
 		);
 
-		$discover_tab = get_config('system','disable_discover_tab');
+		$discover_tab = Config::Get('system','disable_discover_tab');
 
 		// $disable public streams by default
 		if($discover_tab === false)
@@ -340,7 +327,7 @@ class Site {
 		$discover_tab = (1 - $discover_tab);
 
 		$perm_roles = \Zotlabs\Access\PermissionRoles::channel_roles();
-		$default_role = get_config('system', 'default_permissions_role', 'personal');
+		$default_role = Config::Get('system', 'default_permissions_role', 'personal');
 
 		if (!in_array($default_role, array_keys($perm_roles))) {
 			$default_role = 'personal';
@@ -348,8 +335,8 @@ class Site {
 
 		$role = array('permissions_role' , t('Default permission role for new accounts'), $default_role, t('This role will be used for the first channel created after registration.'),$perm_roles);
 
-		$homelogin = get_config('system','login_on_homepage');
-		$enable_context_help = get_config('system','enable_context_help');
+		$homelogin = Config::Get('system','login_on_homepage');
+		$enable_context_help = Config::Get('system','enable_context_help');
 
 		// for reuse reg_delay and reg_expire
 		$reg_rabots = array(
@@ -361,7 +348,7 @@ class Site {
  					'y' => t('Year(s)')
 		);
 		$regdelay_n = $regdelay_u = false;
-		$regdelay = get_config('system','register_delay');
+		$regdelay = Config::Get('system','register_delay');
 		if ($regdelay)
 			list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1));
 		$reg_delay = replace_macros(get_markup_template('field_duration.qmc.tpl'),
@@ -383,7 +370,7 @@ class Site {
  			)
 		);
 		$regexpire_n = $regexpire_u = false;
-		$regexpire = get_config('system','register_expire');
+		$regexpire = Config::Get('system','register_expire');
 		if ($regexpire)
 			list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1));
 		$reg_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'),
@@ -420,39 +407,38 @@ class Site {
 
 			'$baseurl' => z_root(),
 			// name, label, value, help string, extra data...
-			'$sitename' 		=> array('sitename', t("Site name"), htmlspecialchars(get_config('system','sitename'), ENT_QUOTES, 'UTF-8'),''),
+			'$sitename' 		=> array('sitename', t("Site name"), htmlspecialchars(Config::Get('system','sitename'), ENT_QUOTES, 'UTF-8'),''),
 
 			'$banner'			=> array('banner', t("Banner/Logo"), $banner, t('Unfiltered HTML/CSS/JS is allowed')),
 			'$admininfo'		=> array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators.  Displayed on siteinfo page.  BBCode can be used here")),
-			'$siteinfo'		=> array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
-			//'$language' 		=> array('language', t("System language"), get_config('system','language'), "", $lang_choices),
-			'$theme' 			=> array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
-		//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
-		//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")),
-			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),get_config('system','feed_contacts'),t('(Heavy system resource usage)')),
-			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(get_config('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
-			'$minimum_age'		=> array('minimum_age', t("Minimum age"), (x(get_config('system','minimum_age'))?get_config('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
-			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), get_config('system','access_policy'), t("This is displayed on the public server site list."), $access_choices),
+			'$siteinfo'		=> array('siteinfo', t('Site Information'), Config::Get('system','siteinfo'), t("Publicly visible description of this site.  Displayed on siteinfo page.  BBCode can be used here")),
+			'$theme' 			=> array('theme', t("System theme"), Config::Get('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices),
+		//			'$theme_mobile' 	=> array('theme_mobile', t("Mobile system theme"), Config::Get('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile),
+		//			'$site_channel' 	=> array('site_channel', t("Channel to use for this website's static pages"), Config::Get('system','site_channel'), t("Site Channel")),
+			'$feed_contacts'    => array('feed_contacts', t('Allow Feeds as Connections'),Config::Get('system','feed_contacts'),t('(Heavy system resource usage)')),
+			'$maximagesize'		=> array('maximagesize', t("Maximum image size"), intval(Config::Get('system','maximagesize')), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
+			'$minimum_age'		=> array('minimum_age', t("Minimum age"), (x(Config::Get('system','minimum_age'))?Config::Get('system','minimum_age'):13), t("Minimum age (in years) for who may register on this site.")),
+			'$access_policy'	=> array('access_policy', t("Which best describes the types of account offered by this hub?"), Config::Get('system','access_policy'), t("This is displayed on the public server site list."), $access_choices),
 
 			// Register
 			// [hilmar->
 			'$register_text'	=> [
 				'register_text',
 				t("Register text"),
-				htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'),
+				htmlspecialchars(Config::Get('system','register_text'), ENT_QUOTES, 'UTF-8'),
 				t("This text will be displayed prominently at the registration page")
 			],
 			'$register_policy'	=> [
 				'register_policy',
 				t("Does this site allow new member registration?"),
-				get_config('system','register_policy'),
+				Config::Get('system','register_policy'),
 				"",
 				$register_choices,
 			],
 			'$register_duty' => [
 				'register_duty',
 				t('Configure the registration open days/hours'),
-				get_config('system', 'register_duty', '-:-'),
+				Config::Get('system', 'register_duty', '-:-'),
 				t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL .
 				t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL .
 				t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL .
@@ -463,13 +449,13 @@ class Site {
 			'$register_perday' => [
 				'register_perday',
 				t('Max account registrations per day'),
-				get_config('system', 'max_daily_registrations', 50),
+				Config::Get('system', 'max_daily_registrations', 50),
 				t('Unlimited if zero or no value - default 50')
 			],
 			'$register_sameip' => [
 				'register_sameip',
 				t('Max account registrations from same IP'),
-				get_config('system', 'register_sameip', 3),
+				Config::Get('system', 'register_sameip', 3),
 				t('Unlimited if zero or no value - default 3')
 			],
 			'$reg_delay' => $reg_delay,
@@ -477,70 +463,70 @@ class Site {
 			'$reg_autochannel'		=> [
 				'auto_channel_create',
 				t("Auto channel create"),
-				get_config('system','auto_channel_create', 1),
+				Config::Get('system','auto_channel_create', 1),
 				t("If disabled the channel will be created in a separate step during the registration process")
 			],
 			'$invitation_only' => [
 				'invitation_only',
 				t("Require invite code"),
-				get_config('system', 'invitation_only', 0)
+				Config::Get('system', 'invitation_only', 0)
 			],
 			'$invitation_also' => [
 				'invitation_also',
 				t("Allow invite code"),
-				get_config('system', 'invitation_also', 0)
+				Config::Get('system', 'invitation_also', 0)
 			],
 			'$verify_email'		=> [
 				'verify_email',
 				t("Require email address"),
-				get_config('system','verify_email'),
+				Config::Get('system','verify_email'),
 				t("The provided email address will be verified (recommended)")
 			],
 			'$abandon_days' => [
 				'abandon_days',
 				t('Abandon account after x days'),
-				get_config('system','account_abandon_days'),
+				Config::Get('system','account_abandon_days'),
 				t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')
 			],
 			// <-hilmar]
 
 			'$role'         => $role,
-			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), get_config('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
-			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), get_config('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
-			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
-			'$force_publish'	=> array('publish_all', t("Force publish"), get_config('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory")),
+			'$frontpage'	=> array('frontpage', t("Site homepage to show visitors (default: login box)"), Config::Get('system','frontpage'), t("example: 'pubstream' to show public stream, 'page/sys/home' to show a system webpage called 'home' or 'include:home.html' to include a file.")),
+			'$mirror_frontpage'	=> array('mirror_frontpage', t("Preserve site homepage URL"), Config::Get('system','mirror_frontpage'), t('Present the site homepage in a frame at the original location instead of redirecting')),
+			'$allowed_sites'	=> array('allowed_sites', t("Allowed friend domains"), Config::Get('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
+			'$force_publish'	=> array('publish_all', t("Force publish"), Config::Get('system','publish_all'), t("Check to force all profiles on this site to be listed in the site directory")),
 			'$disable_discover_tab'	=> array('disable_discover_tab', t('Enable public stream'), $discover_tab, t('Enable the public stream. Warning: this content is unmoderated')),
-			'$site_firehose'	=> array('site_firehose', t('Site only public stream'), get_config('system','site_firehose'), t('Restrict the public stream to content originating at this site')),
-			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the public streams'), get_config('system','open_pubstream',1), t('Disable to require authentication before viewing')),
-			'$incl'           => array('pub_incl',t('Only import Public stream posts with this text'), get_config('system','pubstream_incl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
-			'$excl'           => array('pub_excl',t('Do not import Public stream posts with this text'), get_config('system','pubstream_excl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
+			'$site_firehose'	=> array('site_firehose', t('Site only public stream'), Config::Get('system','site_firehose'), t('Restrict the public stream to content originating at this site')),
+			'$open_pubstream'	=> array('open_pubstream', t('Allow anybody on the internet to access the public streams'), Config::Get('system','open_pubstream',1), t('Disable to require authentication before viewing')),
+			'$incl'           => array('pub_incl',t('Only import Public stream posts with this text'), Config::Get('system','pubstream_incl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
+			'$excl'           => array('pub_excl',t('Do not import Public stream posts with this text'), Config::Get('system','pubstream_excl'),t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')),
 
 
 			'$login_on_homepage'	=> array('login_on_homepage', t("Login on Homepage"),((intval($homelogin) || $homelogin === false) ? 1 : '') , t("Present a login box to visitors on the home page if no other content has been configured.")),
 			'$enable_context_help'	=> array('enable_context_help', t("Enable context help"),((intval($enable_context_help) === 1 || $enable_context_help === false) ? 1 : 0) , t("Display contextual help for the current page when the help button is pressed.")),
 
-			'$reply_address' => [ 'reply_address', t('Reply-to email address for system generated email.'), get_config('system','reply_address','noreply@' . \App::get_hostname()),'' ],
-			'$from_email' => [ 'from_email', t('Sender (From) email address for system generated email.'), get_config('system','from_email','Administrator@' . \App::get_hostname()),'' ],
-			'$from_email_name' => [ 'from_email_name', t('Name of email sender for system generated email.'), get_config('system','from_email_name',\Zotlabs\Lib\System::get_site_name()),'' ],
+			'$reply_address' => [ 'reply_address', t('Reply-to email address for system generated email.'), Config::Get('system','reply_address','noreply@' . \App::get_hostname()),'' ],
+			'$from_email' => [ 'from_email', t('Sender (From) email address for system generated email.'), Config::Get('system','from_email','Administrator@' . \App::get_hostname()),'' ],
+			'$from_email_name' => [ 'from_email_name', t('Name of email sender for system generated email.'), Config::Get('system','from_email_name',\Zotlabs\Lib\System::get_site_name()),'' ],
 
-			'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
+			'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), Config::Get('system','directory_server'), t("Default directory server"), $dir_choices) : null),
 
-			'$sse_enabled'		=> array('sse_enabled', t('Enable SSE Notifications'), get_config('system', 'sse_enabled', 0), t('If disabled, traditional polling will be used. Warning: this setting might not be suited for shared hosting')),
+			'$sse_enabled'		=> array('sse_enabled', t('Enable SSE Notifications'), Config::Get('system', 'sse_enabled', 0), t('If disabled, traditional polling will be used. Warning: this setting might not be suited for shared hosting')),
 
-			'$proxyuser'		=> array('proxyuser', t("Proxy user"), get_config('system','proxyuser'), ""),
-			'$proxy'			=> array('proxy', t("Proxy URL"), get_config('system','proxy'), ""),
-			'$timeout'			=> array('timeout', t("Network timeout"), (x(get_config('system','curl_timeout'))?get_config('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
-			'$delivery_interval'			=> array('delivery_interval', t("Delivery interval"), (x(get_config('system','delivery_interval'))?get_config('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
-			'$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(get_config('system','delivery_batch_count'))?get_config('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")),
-			//'$force_queue'			=> array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
-			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
-			'$imagick_path'			=> array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")),
-			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
-			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')),
-			'$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''),
-			'$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), get_config('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())),
-			'$first_page' => array('first_page', t('Page to display after creating a new channel'), get_config('system','workflow_channel_next','profiles'), t('Default: profiles')),
-			'$location' => array('site_location', t('Optional: site location'), get_config('system','site_location',''), t('Region or country')),
+			'$proxyuser'		=> array('proxyuser', t("Proxy user"), Config::Get('system','proxyuser'), ""),
+			'$proxy'			=> array('proxy', t("Proxy URL"), Config::Get('system','proxy'), ""),
+			'$timeout'			=> array('timeout', t("Network timeout"), (x(Config::Get('system','curl_timeout'))?Config::Get('system','curl_timeout'):60), t("Value is in seconds. Set to 0 for unlimited (not recommended).")),
+			'$delivery_interval'			=> array('delivery_interval', t("Delivery interval"), (x(Config::Get('system','delivery_interval'))?Config::Get('system','delivery_interval'):2), t("Delay background delivery processes by this many seconds to reduce system load. Recommend: 4-5 for shared hosts, 2-3 for virtual private servers. 0-1 for large dedicated servers.")),
+			'$delivery_batch_count' => array('delivery_batch_count', t('Deliveries per process'),(x(Config::Get('system','delivery_batch_count'))?Config::Get('system','delivery_batch_count'):1), t("Number of deliveries to attempt in a single operating system process. Adjust if necessary to tune system performance. Recommend: 1-5.")),
+			//'$force_queue'			=> array('force_queue', t("Queue Threshold"), Config::Get('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")),
+			'$poll_interval'			=> array('poll_interval', t("Poll interval"), (x(Config::Get('system','poll_interval'))?Config::Get('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")),
+			'$imagick_path'			=> array('imagick_path', t("Path to ImageMagick convert program"), Config::Get('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")),
+			'$maxloadavg'			=> array('maxloadavg', t("Maximum Load Average"), ((intval(Config::Get('system','maxloadavg')) > 0)?Config::Get('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")),
+			'$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(Config::Get('system','default_expire_days', 30)), t('0 for no expiration of imported content')),
+			'$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(Config::Get('system','active_expire_days',7)), ''),
+			'$sellpage' => array('site_sellpage', t('Public servers: Optional landing (marketing) webpage for new registrants'), Config::Get('system','sellpage',''), sprintf( t('Create this page first. Default is %s/register'),z_root())),
+			'$first_page' => array('first_page', t('Page to display after creating a new channel'), Config::Get('system','workflow_channel_next','profiles'), t('Default: profiles')),
+			'$location' => array('site_location', t('Optional: site location'), Config::Get('system','site_location',''), t('Region or country')),
 			'$form_security_token' => get_form_security_token("admin_site"),
 		));
 	}

Zotlabs/Module/Admin/Themes.php

@@ -3,6 +3,7 @@
 namespace Zotlabs\Module\Admin;
 
 use \Michelf\MarkdownExtra;
+use Zotlabs\Lib\Config;
 
 /**
  * @brief Admin area theme settings.
@@ -37,7 +38,7 @@ class Themes {
 	 * @return string with parsed HTML
 	 */
 	function get(){
-		$allowed_themes_str = get_config('system', 'allowed_themes');
+		$allowed_themes_str = Config::Get('system', 'allowed_themes');
 		$allowed_themes_raw = explode(',', $allowed_themes_str);
 		$allowed_themes = array();
 		if(count($allowed_themes_raw))
@@ -80,12 +81,27 @@ class Themes {
 
 				$this->toggle_theme($themes, $theme, $result);
 				$s = $this->rebuild_theme_table($themes);
-				if($result)
-					info( sprintf('Theme %s enabled.', $theme));
-				else
-					info( sprintf('Theme %s disabled.', $theme));
 
-				set_config('system', 'allowed_themes', $s);
+				if($result) {
+					if (is_file("view/theme/$theme/php/config.php")){
+						require_once("view/theme/$theme/php/config.php");
+						if (function_exists($theme . '_theme_admin_enable')){
+							call_user_func($theme . '_theme_admin_enable');
+						}
+					}
+					info(sprintf('Theme %s enabled.', $theme));
+				}
+				else {
+					if (is_file("view/theme/$theme/php/config.php")){
+						require_once("view/theme/$theme/php/config.php");
+						if (function_exists($theme . '_theme_admin_disable')){
+							call_user_func($theme . '_theme_admin_disable');
+						}
+					}
+					info(sprintf('Theme %s disabled.', $theme));
+				}
+
+				Config::Set('system', 'allowed_themes', $s);
 				goaway(z_root() . '/admin/themes' );
 			}
 

Zotlabs/Module/Api.php

@@ -1,6 +1,8 @@
 <?php
 namespace Zotlabs\Module;
 
+use Zotlabs\Lib\Config;
+
 require_once('include/api.php');
 
 class Api extends \Zotlabs\Web\Controller {
@@ -24,42 +26,42 @@ class Api extends \Zotlabs\Web\Controller {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
-	
+
 	}
-	
+
 	function get() {
 
 		if(\App::$cmd === 'api/oauth/authorize'){
-	
-			/* 
+
+			/*
 			 * api/oauth/authorize interact with the user. return a standard page
 			 */
-			
+
 			\App::$page['template'] = 'minimal';
-					
+
 			// get consumer/client from request token
 			try {
 				$request = \OAuth1Request::from_request();
 			}
 			catch(\Exception $e) {
 				logger('OAuth exception: ' . print_r($e,true));
-				// echo "<pre>"; var_dump($e); 
+				// echo "<pre>"; var_dump($e);
 				killme();
 			}
-			
-			
+
+
 			if(x($_POST,'oauth_yes')){
-			
+
 				$app = $this->oauth_get_client($request);
-				if (is_null($app)) 
+				if (is_null($app))
 					return "Invalid request. Unknown token.";
 
 				$consumer = new \OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
-	
+
 				$verifier = md5($app['secret'] . local_channel());
-				set_config('oauth', $verifier, local_channel());
-				
-				
+				Config::Set('oauth', $verifier, local_channel());
+
+
 				if($consumer->callback_url != null) {
 					$params = $request->get_parameters();
 					$glue = '?';
@@ -68,28 +70,28 @@ class Api extends \Zotlabs\Web\Controller {
 					goaway($consumer->callback_url . $glue . "oauth_token=" . \OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . \OAuth1Util::urlencode_rfc3986($verifier));
 					killme();
 				}
-							
+
 				$tpl = get_markup_template("oauth_authorize_done.tpl");
 				$o = replace_macros($tpl, array(
 					'$title' => t('Authorize application connection'),
 					'$info' => t('Return to your app and insert this Security Code:'),
 					'$code' => $verifier,
 				));
-			
+
 				return $o;
 			}
-			
-			
+
+
 			if(! local_channel()) {
 				//TODO: we need login form to redirect to this page
 				notice( t('Please login to continue.') . EOL );
 				return login(false,'api-login',$request->get_parameters());
 			}
-			
+
 			$app = $this->oauth_get_client($request);
 			if (is_null($app))
 				return "Invalid request. Unknown token.";
-						
+
 			$tpl = get_markup_template('oauth_authorize.tpl');
 			$o = replace_macros($tpl, array(
 				'$title'     => t('Authorize application connection'),
@@ -98,12 +100,12 @@ class Api extends \Zotlabs\Web\Controller {
 				'$yes'	     => t('Yes'),
 				'$no'	     => t('No'),
 			));
-			
+
 			//echo "<pre>"; var_dump($app); killme();
-			
+
 			return $o;
 		}
-		
+
 		echo api_call();
 		killme();
 	}
@@ -112,8 +114,8 @@ class Api extends \Zotlabs\Web\Controller {
 
 		$params = $request->get_parameters();
 		$token  = $params['oauth_token'];
-	
-		$r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id 
+
+		$r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id
 			AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
 			dbesc($token)
 		);
@@ -121,7 +123,7 @@ class Api extends \Zotlabs\Web\Controller {
 			return $r[0];
 
 		return null;
-	
+
 	}
-	
+
 }

Zotlabs/Module/Appman.php

@@ -110,6 +110,11 @@ class Appman extends \Zotlabs\Web\Controller {
 				dbesc($papp['guid'])
 			);
 
+			$sync[0]['term'] = q("select * from term where otype = %d and oid = %d",
+				intval(TERM_OBJ_APP),
+				intval($sync[0]['id'])
+			);
+
 			if (intval($sync[0]['app_system'])) {
 				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
 			}
@@ -126,6 +131,11 @@ class Appman extends \Zotlabs\Web\Controller {
 				dbesc($papp['guid'])
 			);
 
+			$sync[0]['term'] = q("select * from term where otype = %d and oid = %d",
+				intval(TERM_OBJ_APP),
+				intval($sync[0]['id'])
+			);
+
 			if (intval($sync[0]['app_system'])) {
 				Libsync::build_sync_packet(local_channel(), ['sysapp' => $sync]);
 			}

Zotlabs/Module/Apps.php

@@ -1,7 +1,7 @@
 <?php
 namespace Zotlabs\Module;
 
-
+use \Zotlabs\Lib\Config;
 use \Zotlabs\Lib as Zlib;
 
 class Apps extends \Zotlabs\Web\Controller {
@@ -46,7 +46,7 @@ class Apps extends \Zotlabs\Web\Controller {
 		}
 
 		return replace_macros(get_markup_template('myapps.tpl'), array(
-			'$sitename' => get_config('system','sitename'),
+			'$sitename' => Config::Get('system','sitename'),
 			'$cat' => $cat,
 			'$title' => (($available) ? t('Available Apps') : t('Installed Apps')),
 			'$apps' => $apps,

Zotlabs/Module/Apschema.php

@@ -2,68 +2,13 @@
 
 namespace Zotlabs\Module;
 
+use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Activity;
 
-class Apschema extends \Zotlabs\Web\Controller {
-
+class Apschema extends Controller {
 	function init() {
-
-		$base = z_root();
-
-		$arr = [
-			'@context' => [
-				'zot'              => z_root() . '/apschema#',
-				'id'               => '@id',
-				'type'             => '@type',
-				'commentPolicy'    => 'zot:commentPolicy',
-				'meData'           => 'zot:meData',
-				'meDataType'       => 'zot:meDataType',
-				'meEncoding'       => 'zot:meEncoding',
-				'meAlgorithm'      => 'zot:meAlgorithm',
-				'meCreator'        => 'zot:meCreator',
-				'meSignatureValue' => 'zot:meSignatureValue',
-				'locationAddress'  => 'zot:locationAddress',
-				'locationPrimary'  => 'zot:locationPrimary',
-				'locationDeleted'  => 'zot:locationDeleted',
-				'nomadicLocation'  => 'zot:nomadicLocation',
-				'nomadicHubs'      => 'zot:nomadicHubs',
-				'emojiReaction'    => 'zot:emojiReaction',
-				'expires'          => 'zot:expires',
-				'directMessage'    => 'zot:directMessage',
-				'schema'           => 'http://schema.org#',
-				'PropertyValue'    => 'schema:PropertyValue',
-				'value'            => 'schema:value',
-
-				'manuallyApprovesFollowers' => 'as:manuallyApprovesFollowers',
-
-
-				'magicEnv' => [
-					'@id'   => 'zot:magicEnv',
-					'@type' => '@id'
-				],
-
-				'nomadicLocations' => [
-					'@id'   => 'zot:nomadicLocations',
-					'@type' => '@id'
-				],
-
-				'ostatus'      => 'http://ostatus.org#',
-				'conversation' => 'ostatus:conversation',
-
-				'diaspora'     => 'https://diasporafoundation.org/ns/',
-				'guid'         => 'diaspora:guid',
-
-				'Hashtag'      => 'as:Hashtag'
-
-			]
-		];
-
 		header('Content-Type: application/ld+json');
-		echo json_encode($arr,JSON_UNESCAPED_SLASHES);
+		echo json_encode(Activity::ap_context(), JSON_UNESCAPED_SLASHES);
 		killme();
-
 	}
-
-
-
-
 }

Zotlabs/Module/Attach.php

@@ -95,7 +95,7 @@ class Attach extends Controller {
 			killme();
 		}
 
-		$r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0));
+		$r = attach_by_hash(argv(1), get_observer_hash(), ((argc() > 2) ? intval(argv(2)) : 0), $token);
 
 		if (!$r['success']) {
 			notice($r['message'] . EOL);

Zotlabs/Module/Blocks.php

@@ -107,7 +107,7 @@ class Blocks extends \Zotlabs\Web\Controller {
 		$x['pagetitle'] = $_REQUEST['pagetitle'] ?? '';
 
 		$a = '';
-		$editor = status_editor($a,$x,false,'Blocks');
+		$editor = status_editor($x, false, 'Blocks');
 
 
 		$r = q("select iconfig.iid, iconfig.k, iconfig.v, mid, title, body, mimetype, created, edited from iconfig

Zotlabs/Module/Cdav.php

@@ -1087,7 +1087,11 @@ class Cdav extends Controller {
 
 			$filters['name'] = 'VCALENDAR';
 			$filters['prop-filters'][0]['name'] = 'VEVENT';
+			$filters['prop-filters'][0]['is-not-defined'] = null;
+			$filters['prop-filters'][0]['param-filters'] = null;
+			$filters['prop-filters'][0]['text-match'] = null;
 			$filters['comp-filters'][0]['name'] = 'VEVENT';
+			$filters['comp-filters'][0]['is-not-defined'] = null;
 			$filters['comp-filters'][0]['time-range']['start'] = $start;
 			$filters['comp-filters'][0]['time-range']['end'] = $end;
 

Zotlabs/Module/Channel.php

@@ -6,6 +6,7 @@ namespace Zotlabs\Module;
 use App;
 use Zotlabs\Lib\Activity;
 use Zotlabs\Lib\ActivityStreams;
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Crypto;
 use Zotlabs\Lib\Libzot;
 use Zotlabs\Lib\PermissionDescription;
@@ -101,16 +102,23 @@ class Channel extends Controller {
 			App::$meta->set('robots', 'noindex, noarchive');
 		}
 
+		$identifier = 'uuid';
+		$mid = $_REQUEST['mid'] ?? '';
+
+		if (str_starts_with($mid, 'b64.')) {
+			$mid = unpack_link_id($mid);
+			$identifier = 'mid';
+		}
+
+		if ($mid === false) {
+			http_status_exit(404, 'Not found');
+		}
+
 		if (ActivityStreams::is_as_request($channel)) {
 
 			// Somebody may attempt an ActivityStreams fetch on one of our message permalinks
 			// Make it do the right thing.
 
-			$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
-			if ($mid === false) {
-				http_status_exit(404, 'Not found');
-			}
-
 			if ($mid) {
 				$obj = null;
 				if (strpos($mid, z_root() . '/item/') === 0) {
@@ -127,6 +135,7 @@ class Channel extends Controller {
 					$obj->init();
 				}
 			}
+
 			as_return_and_die(Activity::encode_person($channel, true), $channel);
 		}
 
@@ -155,15 +164,9 @@ class Channel extends Controller {
 		profile_load($which, $profile);
 
 		// Add Opengraph markup
-		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
-
-		if ($mid === false) {
-			notice(t('Malformed message id.') . EOL);
-			return;
-		}
 
 		if ($mid) {
-			$r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
+			$r = q("SELECT * FROM item WHERE $identifier = '%s' AND uid = %d AND item_private = 0 LIMIT 1",
 				dbesc($mid),
 				intval($channel['channel_id'])
 			);
@@ -174,11 +177,20 @@ class Channel extends Controller {
 
 	function get($update = 0, $load = false) {
 
-		$noscript_content = get_config('system', 'noscript_content', '1');
+		$noscript_content = Config::Get('system', 'noscript_content', '1');
 
 		$category = $datequery = $datequery2 = '';
 
-		$mid = ((x($_REQUEST, 'mid')) ? unpack_link_id($_REQUEST['mid']) : '');
+		$mid = $_REQUEST['mid'] ?? '';
+		$identifier = 'uuid';
+		$encoded_mid = null;
+
+		if (str_starts_with($mid, 'b64.')) {
+			$encoded_mid = $mid;
+			$mid = unpack_link_id($mid);
+			$identifier = 'mid';
+		}
+
 		if ($mid === false) {
 			notice(t('Malformed message id.') . EOL);
 			return;
@@ -268,7 +280,7 @@ class Channel extends Controller {
 				];
 
 				$a = '';
-				$o .= status_editor($a, $x, false, 'Channel');
+				$o .= status_editor($x, false, 'Channel');
 			}
 
 			// Add pinned content
@@ -284,13 +296,9 @@ class Channel extends Controller {
 		 * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
 		 */
 
-		$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_deleted = 0
-		    and item.item_unpublished = 0 and item.item_pending_remove = 0
-		    and item.item_blocked = 0 ";
-		if (!$is_owner)
-			$item_normal .= "and item.item_delayed = 0 ";
+		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
-		$sql_extra          = item_permissions_sql(App::$profile['profile_uid']);
+		$sql_extra = item_permissions_sql(App::$profile['profile_uid']);
 
 		if (feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (!$mid))
 			$page_mode = 'list';
@@ -326,7 +334,7 @@ class Channel extends Controller {
 		if (($update) && (!$load)) {
 
 			if ($mid) {
-				$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal_update
+				$r = q("SELECT parent AS item_id, uuid from item where $identifier = '%s' and uid = %d $item_normal_update
 					AND item_wall = 1 $simple_update $sql_extra limit 1",
 					dbesc($mid),
 					intval(App::$profile['profile_uid'])
@@ -374,7 +382,7 @@ class Channel extends Controller {
 
 			if ($noscript_content || $load) {
 				if ($mid) {
-					$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal
+					$r = q("SELECT parent AS item_id, uuid from item where $identifier = '%s' and uid = %d $item_normal
 						AND item_wall = 1 $sql_extra limit 1",
 						dbesc($mid),
 						intval(App::$profile['profile_uid'])
@@ -400,7 +408,6 @@ class Channel extends Controller {
 			}
 		}
 		if ($r) {
-
 			$parents_str = ids_to_querystr($r, 'item_id');
 
 			$r = q("SELECT item.*, item.id AS item_id
@@ -431,13 +438,9 @@ class Channel extends Controller {
 
 		$mode = (($search) ? 'search' : 'channel');
 
+
 		if ((!$update) && (!$load)) {
 
-
-
-			//if we got a decoded hash we must encode it again before handing to javascript
-			$mid = gen_link_id($mid);
-
 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
 			// because browser prefetching might change it on us. We have to deliver it with the page.
 
@@ -474,7 +477,7 @@ class Channel extends Controller {
 				'$file'      => '',
 				'$cats'      => (($category) ? urlencode($category) : ''),
 				'$tags'      => (($hashtags) ? urlencode($hashtags) : ''),
-				'$mid'       => (($mid) ? urlencode($mid) : ''),
+				'$mid'       => $encoded_mid ?? $mid,
 				'$verb'      => '',
 				'$net'       => '',
 				'$dend'      => $datequery,

Zotlabs/Module/Chat.php

@@ -181,7 +181,7 @@ class Chat extends Controller {
 			);
 
 			if($x) {
-				$acl = new AccessList(false);
+				$acl = new AccessList([]);
 				$acl->set($x[0]);
 
 				$private = $acl->is_private();
@@ -225,7 +225,7 @@ class Chat extends Controller {
 
 		$o = '';
 
-		$acl = new AccessList($channel);
+		$acl = new AccessList($channel ?? []);
 		$channel_acl = $acl->get();
 
 		$lockstate = (($channel_acl['allow_cid'] || $channel_acl['allow_gid'] || $channel_acl['deny_cid'] || $channel_acl['deny_gid']) ? 'lock' : 'unlock');

Zotlabs/Module/Cloud.php

@@ -54,9 +54,9 @@ class Cloud extends Controller {
 			if (local_channel()) {
 				$channel = \App::get_channel();
 				$auth->setCurrentUser($channel['channel_address']);
+				$auth->channel_account_id = $channel['channel_account_id'];
 				$auth->channel_id = $channel['channel_id'];
 				$auth->channel_hash = $channel['channel_hash'];
-				$auth->channel_account_id = $channel['channel_account_id'];
 				if($channel['channel_timezone'])
 					$auth->setTimezone($channel['channel_timezone']);
 			}

Zotlabs/Module/Connections.php

@@ -409,7 +409,6 @@ class Connections extends \Zotlabs\Web\Controller {
 				'$approve' => t('Approve'),
 				'$cmd' => App::$cmd,
 				'$contacts' => $contacts,
-				'$paginate' => paginate($a),
 				'$abook_usage_message' => $abook_usage_message,
 				'$group_label' => t('This is a group/forum channel')
 			]);

Zotlabs/Module/Contactedit.php

@@ -177,22 +177,8 @@ class Contactedit extends Controller {
 				intval($channel['channel_id'])
 			);
 			if (($pr) && (!intval($contact['abook_hidden'])) && (intval(get_pconfig($channel['channel_id'], 'system', 'post_newfriend')))) {
-				$xarr = [];
-
-				$xarr['item_wall']       = 1;
-				$xarr['item_origin']     = 1;
-				$xarr['item_thread_top'] = 1;
-				$xarr['owner_xchan']     = $xarr['author_xchan'] = $channel['channel_hash'];
-				$xarr['allow_cid']       = $channel['channel_allow_cid'];
-				$xarr['allow_gid']       = $channel['channel_allow_gid'];
-				$xarr['deny_cid']        = $channel['channel_deny_cid'];
-				$xarr['deny_gid']        = $channel['channel_deny_gid'];
-				$xarr['item_private']    = (($xarr['allow_cid'] || $xarr['allow_gid'] || $xarr['deny_cid'] || $xarr['deny_gid']) ? 1 : 0);
-
 				$xarr['body'] = '[zrl=' . $channel['xchan_url'] . ']' . $channel['xchan_name'] . '[/zrl]' . ' ' . t('is now connected to') . ' ' . '[zrl=' . $contact['xchan_url'] . ']' . $contact['xchan_name'] . '[/zrl]';
-
-				$xarr['body'] .= "\n\n\n" . '[zrl=' . $contact['xchan_url'] . '][zmg=80x80]' . $contact['xchan_photo_m'] . '[/zmg][/zrl]';
-
+				$xarr['body'] .= "\n\n\n" . '[zrl=' . $contact['xchan_url'] . '][zmg=' . $contact['xchan_photo_m'] . ']' . $contact['xchan_name'] . '[/zmg][/zrl]';
 				post_activity_item($xarr);
 
 			}
@@ -494,28 +480,32 @@ class Contactedit extends Controller {
 			'message' => ''
 		];
 
-		if ($cmd === 'resetphoto') {
-			q("update xchan set xchan_photo_date = '2001-01-01 00:00:00' where xchan_hash = '%s'",
+		if ($cmd === 'refresh') {
+			q("update xchan set xchan_photo_date = '0001-01-01 00:00:00', xchan_name_date = '0001-01-01 00:00:00' where xchan_hash = '%s'",
 				dbesc($contact['xchan_hash'])
 			);
-			$cmd = 'refresh';
-		}
 
-		if ($cmd === 'refresh') {
 			if ($contact['xchan_network'] === 'zot6') {
 				if (Libzot::refresh($contact, App::get_channel())) {
 					$ret['success'] = true;
 					$ret['message'] = t('Refresh succeeded');
 				}
 				else {
-					$ret['message'] = t('Refresh failed - channel is currently unavailable');
+					$ret['message'] = t('Refresh failed');
 				}
 			}
 			else {
 				// if you are on a different network we'll force a refresh of the connection basic info
-				Master::Summon(['Notifier', 'permission_update', $contact['abook_id']]);
-				$ret['success'] = true;
-				$ret['message'] = t('Refresh succeeded');
+				$hookinfo = [
+					'contact' => $contact,
+					'success' => false,
+					'message' => ''
+				];
+
+				call_hooks('actor_refetch', $hookinfo);
+
+				$ret['success'] = $hookinfo['success'];
+				$ret['message'] = $hookinfo['message'];
 			}
 
 			return $ret;
@@ -625,16 +615,10 @@ class Contactedit extends Controller {
 		return [
 
 			'refresh' => [
-				'label' => t('Refresh Permissions'),
-				'title' => t('Fetch updated permissions'),
+				'label' => t('Refresh'),
+				'title' => t('Refetch contact info'),
 			],
 
-			'rephoto' => [
-				'label' => t('Refresh Photo'),
-				'title' => t('Fetch updated photo'),
-			],
-
-
 			'block' => [
 				'label' => (intval($contact['abook_blocked']) ? t('Unblock') : t('Block')),
 				'sel'   => (intval($contact['abook_blocked']) ? 'active' : ''),

Zotlabs/Module/Conversation.php

@@ -25,7 +25,7 @@ class Conversation extends Controller {
 
 			$portable_id = EMPTY_STR;
 
-			$item_normal_extra = sprintf(" and not verb in ('%s', '%s') ",
+			$item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ",
 				dbesc(ACTIVITY_FOLLOW),
 				dbesc(ACTIVITY_UNFOLLOW)
 			);

Zotlabs/Module/Cover_photo.php

@@ -1,6 +1,7 @@
 <?php
 namespace Zotlabs\Module;
 
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libsync;
 
 /*
@@ -93,8 +94,6 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				$image_id = substr($image_id,0,-2);
 			}
 
-
-
 			$srcX = intval($_POST['xstart']);
 			$srcY = intval($_POST['ystart']);
 			$srcW = intval($_POST['xfinal']) - $srcX;
@@ -114,10 +113,10 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 
 			if($r) {
 
-				$max_thumb = intval(get_config('system','max_thumbnail',1600));
+				$max_thumb = intval(Config::Get('system','max_thumbnail',1600));
 				$iscaled = false;
 				if(intval($r[0]['height']) > $max_thumb || intval($r[0]['width']) > $max_thumb) {
-					$imagick_path = get_config('system','imagick_convert_path');
+					$imagick_path = Config::Get('system','imagick_convert_path');
 					if($imagick_path && @file_exists($imagick_path) && intval($r[0]['os_storage'])) {
 
 						$fname = dbunescbin($r[0]['content']);
@@ -228,7 +227,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 						return;
 					}
 
-					$this->send_cover_photo_activity($channel,$base_image,$profile);
+					profile_activity([t('Cover Photo')], $base_image['resource_id']);
 
 					$sync = attach_export_data($channel,$base_image['resource_id']);
 					if($sync)
@@ -245,13 +244,12 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 
 		}
 
-
 		$hash = photo_new_resource();
 		$smallest = 0;
 
 		require_once('include/attach.php');
 
-		$res = attach_store(\App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true));
+		$res = attach_store(\App::get_channel(), get_observer_hash(), '', ['album' => t('Cover Photos'), 'hash' => $hash, 'nosync' => true, 'source' => 'photos']);
 
 		logger('attach_store: ' . print_r($res,true));
 
@@ -287,45 +285,6 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 
 	}
 
-	function send_cover_photo_activity($channel,$photo,$profile) {
-
-		$arr = array();
-		$arr['item_thread_top'] = 1;
-		$arr['item_origin'] = 1;
-		$arr['item_wall'] = 1;
-
-		if($profile && stripos($profile['gender'],t('female')) !== false)
-			$t = t('%1$s updated her %2$s');
-		elseif($profile && stripos($profile['gender'],t('male')) !== false)
-			$t = t('%1$s updated his %2$s');
-		else
-			$t = t('%1$s updated their %2$s');
-
-		$ptext = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo['resource_id'] . ']' . t('cover photo') . '[/zrl]';
-
-		$ltext = '[zrl=' . z_root() . '/profile/' . $channel['channel_address'] . ']' . '[zmg]' . z_root() . '/photo/' . $photo['resource_id'] . '-8[/zmg][/zrl]';
-
-		$arr['body'] = sprintf($t,$channel['channel_name'],$ptext) . "\n\n" . $ltext;
-
-		$acl = new \Zotlabs\Access\AccessList($channel);
-		$x = $acl->get();
-		$arr['allow_cid'] = $x['allow_cid'];
-
-		$arr['allow_gid'] = $x['allow_gid'];
-		$arr['deny_cid'] = $x['deny_cid'];
-		$arr['deny_gid'] = $x['deny_gid'];
-
-		$arr['uid'] = $channel['channel_id'];
-		$arr['aid'] = $channel['channel_account_id'];
-
-		$arr['owner_xchan'] = $channel['channel_hash'];
-		$arr['author_xchan'] = $channel['channel_hash'];
-
-		post_activity_item($arr);
-
-
-	}
-
 
 	/**
 	 * @brief Generate content of profile-photo view
@@ -334,7 +293,6 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 	 *
 	 */
 
-
 	function get() {
 
 		if(! local_channel()) {
@@ -471,7 +429,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 
 	function cover_photo_crop_ui_head(&$a, $ph, $hash, $smallest){
 
-		$max_length = get_config('system','max_image_length');
+		$max_length = Config::Get('system','max_image_length');
 		if(! $max_length)
 			$max_length = MAX_IMAGE_LENGTH;
 		if($max_length > 0)

Zotlabs/Module/Dircensor.php

@@ -3,9 +3,9 @@
 namespace Zotlabs\Module;
 
 use App;
-use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libzotdir;
-
+use Zotlabs\Web\Controller;
 
 class Dircensor extends Controller {
 
@@ -14,7 +14,7 @@ class Dircensor extends Controller {
 			return;
 		}
 
-		$dirmode = intval(get_config('system','directory_mode'));
+		$dirmode = intval(Config::Get('system','directory_mode'));
 
 		if(!in_array($dirmode, [DIRECTORY_MODE_PRIMARY, DIRECTORY_MODE_SECONDARY, DIRECTORY_MODE_STANDALONE])) {
 			return;

Zotlabs/Module/Directory.php

@@ -3,9 +3,9 @@
 namespace Zotlabs\Module;
 
 use App;
-use Zotlabs\Web\Controller;
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libzotdir;
-
+use Zotlabs\Web\Controller;
 
 require_once('include/socgraph.php');
 require_once('include/bbcode.php');
@@ -73,7 +73,7 @@ class Directory extends Controller {
 			return;
 		}
 
-		if(get_config('system','block_public_directory',false) && (! get_observer_hash())) {
+		if(Config::Get('system','block_public_directory',false) && (! get_observer_hash())) {
 			notice( t('Public access denied.') . EOL);
 			return;
 		}
@@ -118,7 +118,7 @@ class Directory extends Controller {
 			$safe_mode = 1;
 			$type = 0;
 
-			$r = suggestion_query(local_channel(),get_observer_hash(),0,60);
+			$r = suggestion_query(local_channel(), get_observer_hash(), 0, 30);
 
 			if(! $r) {
 				notice( t('No default suggestions were found.') . EOL);
@@ -145,7 +145,7 @@ class Directory extends Controller {
 
 		$tpl = get_markup_template('directory_header.tpl');
 
-		$dirmode = intval(get_config('system','directory_mode'));
+		$dirmode = intval(Config::Get('system','directory_mode'));
 
 		$directory_admin = false;
 
@@ -165,7 +165,7 @@ class Directory extends Controller {
 			$url = $directory['url'] . '/dirsearch';
 		}
 
-		$token = get_config('system','realm_token');
+		$token = Config::Get('system','realm_token');
 
 
 		logger('mod_directory: URL = ' . $url, LOGGER_DEBUG);
@@ -184,11 +184,11 @@ class Directory extends Controller {
 
 		if($url) {
 
-			$numtags = get_config('system','directorytags');
+			$numtags = Config::Get('system','directorytags');
 
 			$kw = ((intval($numtags) > 0) ? intval($numtags) : 50);
 
-			if(get_config('system','disable_directory_keywords'))
+			if(Config::Get('system','disable_directory_keywords'))
 				$kw = 0;
 
 			if (intval($safe_mode) === 0 && $directory_admin)
@@ -213,7 +213,7 @@ class Directory extends Controller {
 			if(! is_null($pubforums))
 				$query .= '&pubforums=' . intval($pubforums);
 
-			$directory_sort_order = get_config('system','directory_sort_order');
+			$directory_sort_order = Config::Get('system','directory_sort_order');
 			if(! $directory_sort_order)
 				$directory_sort_order = 'date';
 

Zotlabs/Module/Dirsearch.php

@@ -2,6 +2,7 @@
 namespace Zotlabs\Module;
 
 use App;
+use Zotlabs\Lib\Config;
 use Zotlabs\Web\Controller;
 
 class Dirsearch extends Controller {
@@ -17,7 +18,7 @@ class Dirsearch extends Controller {
 
 		// logger('request: ' . print_r($_REQUEST,true));
 
-		$dirmode = intval(get_config('system','directory_mode'));
+		$dirmode = intval(Config::Get('system','directory_mode'));
 
 		if($dirmode == DIRECTORY_MODE_NORMAL) {
 			$ret['message'] = t('This site is not a directory server');
@@ -26,7 +27,7 @@ class Dirsearch extends Controller {
 
 		$access_token = $_REQUEST['t'] ?? '';
 
-		$token = get_config('system','realm_token');
+		$token = Config::Get('system','realm_token');
 		if($token && $access_token != $token) {
 			$ret['message'] = t('This directory server requires an access token');
 			json_return_and_die($ret);
@@ -79,7 +80,7 @@ class Dirsearch extends Controller {
 
 		$forums   = ((array_key_exists('pubforums',$_REQUEST)) ? intval($_REQUEST['pubforums']) : 0);
 
-		if(get_config('system','disable_directory_keywords'))
+		if(Config::Get('system','disable_directory_keywords'))
 			$kw = 0;
 
 
@@ -153,9 +154,13 @@ class Dirsearch extends Controller {
 		}
 
 
-	    $perpage      = $_REQUEST['n'] ?? 60;
-	    $page         = ((isset($_REQUEST['p']) && $_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0);
-	    $startrec     = (($page+1) * $perpage) - $perpage;
+		$perpage = $_REQUEST['n'] ?? 30;
+		if ($perpage > 30) {
+			$perpage = 30;
+		}
+
+		$page         = ((isset($_REQUEST['p']) && $_REQUEST['p']) ? intval($_REQUEST['p'] - 1) : 0);
+		$startrec     = (($page+1) * $perpage) - $perpage;
 		$limit        = $_REQUEST['limit'] ?? 0;
 		$return_total = $_REQUEST['return_total'] ?? 0;
 
@@ -273,7 +278,7 @@ class Dirsearch extends Controller {
 				xprof.xprof_hometown as hometown,
 				xprof.xprof_keywords as keywords
 				from xchan left join xprof on xchan_hash = xprof_hash left join hubloc on (hubloc_id_url = xchan_url and hubloc_hash = xchan_hash)
-				where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query $keywords_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0
+				where hubloc_primary = 1 and hubloc_updated > %s - INTERVAL %s and ( $logic $sql_extra ) $hub_query $keywords_query and xchan_network = 'zot6' and xchan_system = 0 and xchan_hidden = 0 and xchan_orphan = 0 and xchan_deleted = 0 and hubloc_deleted = 0
 				$safesql $order $qlimit",
 				db_utcnow(),
 				db_quoteinterval('30 DAY')

Zotlabs/Module/Display.php

@@ -2,19 +2,18 @@
 namespace Zotlabs\Module;
 
 use App;
+use Zotlabs\Lib\Config;
+use Zotlabs\Web\Controller;
 
-require_once("include/bbcode.php");
-require_once('include/security.php');
-require_once('include/conversation.php');
-require_once('include/acl_selectors.php');
-require_once('include/items.php');
+class Display extends Controller {
 
+	function init() {
 
-class Display extends \Zotlabs\Web\Controller {
+	}
 
 	function get($update = 0, $load = false) {
 
-		$noscript_content = (get_config('system', 'noscript_content', '1') && (! $update));
+		$noscript_content = (Config::Get('system', 'noscript_content', '1') && (! $update));
 
 		$module_format = 'html';
 
@@ -40,7 +39,14 @@ class Display extends \Zotlabs\Web\Controller {
 			$item_hash = $_REQUEST['mid'];
 		}
 
-		$item_hash = unpack_link_id($item_hash);
+		$identifier = 'uuid';
+		$encoded_item_hash = null;
+
+		if (str_starts_with($item_hash, 'b64.')) {
+			$encoded_item_hash = $item_hash;
+			$item_hash = unpack_link_id($item_hash);
+			$identifier = 'mid';
+		}
 
 		if ($item_hash === false) {
 			App::$error = 400;
@@ -91,7 +97,7 @@ class Display extends \Zotlabs\Web\Controller {
 
 			$o .= '<div id="jot-popup">';
 			$a = '';
-			$o .= status_editor($a,$x,false,'Display');
+			$o .= status_editor($x, false, 'Display');
 			$o .= '</div>';
 		}
 
@@ -106,7 +112,7 @@ class Display extends \Zotlabs\Web\Controller {
 
 		$target_item = null;
 
-		$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where mid = '%s' limit 1",
+		$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, author_xchan, item_blocked from item where $identifier = '%s' limit 1",
 			dbesc($item_hash)
 		);
 
@@ -154,18 +160,11 @@ class Display extends \Zotlabs\Web\Controller {
 		call_hooks('item_custom_display', $target_item);
 
 		$simple_update = '';
-		if($update && $_SESSION['loadtime'])
+		if($update && isset($_SESSION['loadtime']))
 			$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
 
 		if((! $update) && (! $load)) {
 
-			// if the target item is not a post (eg a like) we want to address its thread parent
-
-			//$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']);
-
-			// if we got a decoded hash we must encode it again before handing to javascript
-			$mid = gen_link_id($target_item['mid']);
-
 			$o .= '<div id="live-display"></div>' . "\r\n";
 			$o .= "<script> var profile_uid = " . ((intval(local_channel())) ? local_channel() : (-1))
 				. "; var netargs = '?f='; var profile_page = " . App::$pager['page'] . "; </script>\r\n";
@@ -198,7 +197,7 @@ class Display extends \Zotlabs\Web\Controller {
 				'$dbegin'  => '',
 				'$verb'    => '',
 				'$net'     => '',
-				'$mid'     => (($mid) ? urlencode($mid) : '')
+				'$mid'     => $encoded_item_hash ?? $item_hash
 			));
 
 			head_add_link([

Zotlabs/Module/Dreport.php

@@ -13,11 +13,10 @@ class Dreport extends \Zotlabs\Web\Controller {
 
 		$table = 'item';
 		$channel = \App::get_channel();
-		$mid = ((argc() > 1) ? unpack_link_id(argv(1)) : '');
+		$mid = $_REQUEST['mid'] ?? '';
 
-		if($mid === 'push') {
+		if(argv(1) === 'push') {
 			$table = 'push';
-			$mid = ((argc() > 2) ? unpack_link_id(argv(2)) : '');
 
 			if($mid) {
 				$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
@@ -31,7 +30,7 @@ class Dreport extends \Zotlabs\Web\Controller {
 				}
 			}
 			sleep(3);
-			goaway(z_root() . '/dreport/' . gen_link_id($mid));
+			goaway(z_root() . '/dreport?mid=' . $mid);
 		}
 
 		if(! $mid) {
@@ -114,7 +113,7 @@ class Dreport extends \Zotlabs\Web\Controller {
 			}
 		}
 
-		usort($r,'self::dreport_gravity_sort');
+		usort($r, [self::class, 'dreport_gravity_sort']);
 
 		$entries = array();
 		foreach($r as $rr) {

Zotlabs/Module/Editblock.php

@@ -132,7 +132,7 @@ class Editblock extends \Zotlabs\Web\Controller {
 			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
 		);
 
-		$editor = status_editor($a, $x, false, 'Editblock');
+		$editor = status_editor($x, false, 'Editblock');
 
 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Block'),

Zotlabs/Module/Editlayout.php

@@ -131,7 +131,7 @@ class Editlayout extends \Zotlabs\Web\Controller {
 			'profile_uid' => intval($owner),
 		);
 
-		$editor = status_editor($a, $x, false, 'Editlayout');
+		$editor = status_editor($x, false, 'Editlayout');
 
 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Layout'),

Zotlabs/Module/Editpost.php

@@ -84,7 +84,7 @@ class Editpost extends \Zotlabs\Web\Controller {
 			'item' => $itm[0],
 			'editor_autocomplete'=> true,
 			'bbco_autocomplete'=> 'bbcode',
-			'return_path' => $_SESSION['return_url'],
+			'return_path' => 'hq',
 			'button' => t('Submit'),
 			'hide_voting' => true,
 			'hide_future' => true,
@@ -107,7 +107,7 @@ class Editpost extends \Zotlabs\Web\Controller {
 		);
 
 		$a = '';
-		$editor = status_editor($a, $x, false, 'Editpost');
+		$editor = status_editor($x, false, 'Editpost');
 
 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit post'),

Zotlabs/Module/Editwebpage.php

@@ -75,7 +75,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 
 		// Figure out which post we're editing
 		$post_id = ((argc() > 2) ? intval(argv(2)) : 0);
-	
+
 		if(! $post_id) {
 			notice( t('Item not found') . EOL);
 			return;
@@ -90,7 +90,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 			return;
 		}
 
-		// We've already figured out which item we want and whose copy we need, 
+		// We've already figured out which item we want and whose copy we need,
 		// so we don't need anything fancy here
 
 		$sql_extra = item_permissions_sql($owner);
@@ -122,13 +122,13 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 				return;
 			}
 		}
-	
+
 		$layout = $itm[0]['layout_mid'];
 
 		$content = $itm[0]['body'];
 		if($itm[0]['mimetype'] === 'text/markdown')
 			$content = \Zotlabs\Lib\MarkdownSoap::unescape($itm[0]['body']);
-	
+
 		$rp = 'webpages/' . $which;
 
 		$x = array(
@@ -160,7 +160,7 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 			'bbcode' => (($mimetype  == 'text/bbcode') ? true : false)
 		);
 
-		$editor = status_editor($a, $x, false, 'Editwebpage');
+		$editor = status_editor($x, false, 'Editwebpage');
 
 		$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
 			'$title' => t('Edit Webpage'),

Zotlabs/Module/Email_validation.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Module;
 
+use Zotlabs\Lib\Config;
 
 class Email_validation extends \Zotlabs\Web\Controller {
 
@@ -12,8 +13,8 @@ class Email_validation extends \Zotlabs\Web\Controller {
 			// This will redirect internally on success unless the channel is auto_created
 			if(account_approve(trim(basename($_POST['token'])))) {
 				$success = true;
-				if(get_config('system','auto_channel_create')) {
-					$next_page = get_config('system', 'workflow_channel_next', 'profiles');		
+				if(Config::Get('system','auto_channel_create')) {
+					$next_page = Config::Get('system', 'workflow_channel_next', 'profiles');
 				}
 				if($next_page) {
 					goaway(z_root() . '/' . $next_page);
@@ -40,9 +41,9 @@ class Email_validation extends \Zotlabs\Web\Controller {
 			'$submit' => t('Submit'),
 			'$token' => [ 'token', t('Validation token'),'','' ],
 		]);
-		
+
 		return $o;
 
 	}
 
-}
+}

Zotlabs/Module/Emoji.php

@@ -0,0 +1,57 @@
+<?php
+namespace Zotlabs\Module;
+
+use Zotlabs\Web\Controller;
+use Zotlabs\Daemon\Master;
+use Zotlabs\Lib\ActivityStreams;
+use App;
+
+
+class Emoji extends Controller {
+
+	function init() {
+
+		$shortname = argv(1);
+
+		if (!$shortname) {
+			killme();
+		}
+
+		$emojis = get_emojis();
+
+		if (!isset($emojis[$shortname])) {
+			killme();
+		}
+
+		$emoji = $emojis[$shortname];
+
+		if (!file_exists($emoji['filepath'])) {
+			killme();
+		}
+
+		$image = getimagesize($emoji['filepath']);
+
+		if(ActivityStreams::is_as_request()) {
+			$last_modified = date(ATOM_TIME, filemtime($emoji['filepath']));
+
+			$obj = [
+				'id' => z_root() . '/emoji/' . $shortname,
+				'type' => 'Emoji',
+				'name' => $emoji['shortname'],
+				'updated' => $last_modified,
+				'icon' => [
+					'type' => 'Image',
+					'mediaType' => $image['mime'],
+					'url' => z_root() . '/' . $emoji['filepath']
+				]
+			];
+
+			as_return_and_die($obj);
+		}
+
+		header('Content-Type: ' . $image['mime']);
+		echo file_get_contents($emoji['filepath']);
+		killme();
+	}
+
+}

Zotlabs/Module/Event.php

@@ -4,7 +4,6 @@ namespace Zotlabs\Module;
 use Zotlabs\Web\Controller;
 use Zotlabs\Lib\ActivityStreams;
 use Zotlabs\Lib\Activity;
-use Zotlabs\Lib\LDSignatures;
 use Zotlabs\Web\HTTPSig;
 
 class Event extends Controller {
@@ -17,7 +16,7 @@ class Event extends Controller {
 			if(! $item_id)
 				return;
 
-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0
 				and item.item_delayed = 0 and item.item_blocked = 0 ";
 
 			$sql_extra = item_permissions_sql(0);
@@ -49,28 +48,9 @@ class Event extends Controller {
 				$obj = $items[0]['obj'];
 			}
 
-			$x = array_merge(['@context' => [
-				ACTIVITYSTREAMS_JSONLD_REV,
-				'https://w3id.org/security/v1',
-				z_root() . ZOT_APSCHEMA_REV
-				]], $obj );
-
-			$headers = [];
-			$headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
-			$x['signature'] = LDSignatures::sign($x,$channel);
-			$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
-			$headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T');
-			$headers['Digest'] = HTTPSig::generate_digest_header($ret);
-			$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
-
-			$h = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel));
-			HTTPSig::set_headers($h);
-
-			echo $ret;
-			killme();
-
+			as_return_and_die($obj, $channel);
 		}
 
 	}
 
-}
+}

Zotlabs/Module/Fhublocs.php

@@ -1,6 +1,7 @@
 <?php
 namespace Zotlabs\Module;
 
+use Zotlabs\Lib\Config;
 use Zotlabs\Lib\Libzot;
 
 require_once('include/crypto.php');
@@ -18,7 +19,7 @@ class Fhublocs extends \Zotlabs\Web\Controller {
 		$o = '';
 
 		$r = q("select * from channel where channel_removed = 0");
-		$sitekey = get_config('system','pubkey');
+		$sitekey = Config::Get('system','pubkey');
 
 		if($r) {
 			foreach($r as $rr) {

Zotlabs/Module/File_upload.php

@@ -35,7 +35,7 @@ class File_upload extends \Zotlabs\Web\Controller {
 		$_REQUEST['deny_cid']  = ((isset($_REQUEST['contact_deny'])) ? perms2str($_REQUEST['contact_deny']) : '');
 		$_REQUEST['deny_gid']  = ((isset($_REQUEST['group_deny'])) ? perms2str($_REQUEST['group_deny']) : '');
 
-		if(isset($_REQUEST['filename']) && $_REQUEST['filename']) {
+		if(isset($_REQUEST['filename']) && strlen($_REQUEST['filename'])) {
 			$r = attach_mkdir($channel, get_observer_hash(), $_REQUEST);
 			if($r['success']) {
 				$hash = $r['data']['hash'];

Zotlabs/Module/Follow.php

@@ -7,7 +7,6 @@ use Zotlabs\Lib\Libsync;
 use Zotlabs\Lib\ActivityStreams;
 use Zotlabs\Lib\Activity;
 use Zotlabs\Web\HTTPSig;
-use Zotlabs\Lib\LDSignatures;
 use Zotlabs\Lib\Connect;
 use Zotlabs\Daemon\Master;
 
@@ -39,30 +38,14 @@ class Follow extends Controller {
 				http_status_exit(404, 'Not found');
 			}
 
-			$x = array_merge(['@context' => [
-				ACTIVITYSTREAMS_JSONLD_REV,
-				'https://w3id.org/security/v1',
-				z_root() . ZOT_APSCHEMA_REV
-			]],
-			[
+			$obj = [
 				'id'     => z_root() . '/follow/' . $r[0]['abook_id'],
 				'type'   => 'Follow',
 				'actor'  => $actor,
 				'object' => $r[0]['xchan_url']
-			]);
-
-			$headers = [];
-			$headers['Content-Type'] = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"' ;
-			$x['signature'] = LDSignatures::sign($x,$chan);
-			$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
-			$headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T');
-			$headers['Digest'] = HTTPSig::generate_digest_header($ret);
-			$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
-			$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
-			HTTPSig::set_headers($h);
-			echo $ret;
-			killme();
+			];
 
+			as_return_and_die($obj, $chan);
 		}
 
 		if (! local_channel()) {

Zotlabs/Module/Go.php

@@ -2,6 +2,7 @@
 
 namespace Zotlabs\Module;
 
+use Zorlabs\Lib\Config;
 
 class Go extends \Zotlabs\Web\Controller {
 
@@ -44,9 +45,9 @@ class Go extends \Zotlabs\Web\Controller {
 			'network'       => t('View your personal stream (this may be empty until you add some connections)'),
 
 		];
- 
-		$site_firehose = ((intval(get_config('system','site_firehose',0))) ? true : false);
- 		$net_firehose  = ((get_config('system','disable_discover_tab',1)) ? false : true);
+
+		$site_firehose = ((intval(Config::Get('system','site_firehose',0))) ? true : false);
+ 		$net_firehose  = ((Config::Get('system','disable_discover_tab',1)) ? false : true);
 
 		if($site_firehose || $net_firehose) {
 			$options['pubstream'] = t('View the public stream. Warning: this content is not moderated');
@@ -64,4 +65,4 @@ class Go extends \Zotlabs\Web\Controller {
 
 	}
 
-}
+}

Zotlabs/Module/Group.php

@@ -2,10 +2,11 @@
 namespace Zotlabs\Module;
 
 use App;
-use Zotlabs\Web\Controller;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Lib\Libsync;
 use Zotlabs\Lib\AccessList;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Lib\Config;
+use Zotlabs\Lib\Libsync;
+use Zotlabs\Web\Controller;
 
 class Group extends Controller {
 
@@ -123,7 +124,7 @@ class Group extends Controller {
 		// Switch to text mode interface if we have more than 'n' contacts or group members
 		$switchtotext = get_pconfig(local_channel(),'system','groupedit_image_limit');
 		if($switchtotext === false)
-			$switchtotext = get_config('system','groupedit_image_limit');
+			$switchtotext = Config::Get('system','groupedit_image_limit');
 		if($switchtotext === false)
 			$switchtotext = 400;
 

Zotlabs/Module/Help.php

@@ -1,7 +1,7 @@
 <?php
 namespace Zotlabs\Module;
 
-require_once('include/help.php');
+use Michelf\MarkdownExtra;
 
 /**
  * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources
@@ -14,7 +14,50 @@ require_once('include/help.php');
  */
 class Help extends \Zotlabs\Web\Controller {
 
-	function get() {
+	use \Zotlabs\Lib\Traits\HelpHelperTrait;
+
+	private string $heading_slug = '';
+
+	/**
+	 * Associative array containing the detected language.
+	 */
+	public array $lang = [
+		'language' => 'en',		//! Detected language, 2-letter ISO 639-1 code ("en")
+		'from_url' => false,	//! true if language from URL overrides browser default
+	];
+
+	/**
+	 * Pre-check before processing request.
+	 *
+	 * Determine language requested, and ensure that a topic was requested.
+	 * If no topic was requested, redirect to the about page, and abort
+	 * processing.
+	 */
+	public function init() {
+		$this->determine_help_language();
+
+		if (argc() === 1) {
+			goaway("/help/{$this->lang['language']}/about/about");
+			killme();
+		}
+	}
+
+	/**
+	 * Process get request for the help module.
+	 *
+	 * Loads the correct help file from the `doc/` directory, and passes it to
+	 * the help template in `view/tpl/help.tpl`.
+	 *
+	 * If the requested help topic does not exist for the currently selected
+	 * language, a 404 status is returned instead.
+	 *
+	 * This function currently also handles search and serving static assets
+	 * that may be used by the help files.
+	 *
+	 * @return string	The rendered help page or a 404 page if help topic was
+	 *	not found.
+	 */
+	public function get() {
 		nav_set_selected('Help');
 
 		$o = '';
@@ -81,6 +124,120 @@ class Help extends \Zotlabs\Web\Controller {
 			killme();
 		}
 
+		//
+		// The args to the module will be along this pattern:
+		//
+		//     help/<lang>/<subdir..>/<topic>
+		//
+		// Where `<lang>` is the language which we want to fetch the topic. This
+		// element is optional, but will be used to override the browser language
+		// preference if it exists.
+		//
+		// There may be zero or more `<subdir...>` elements. If there are any
+		// present, the first subdir will be used as the slug to find the
+		// heading of the help page.
+		//
+		// The `<topic>` should be the name of a file within the given language
+		// and subdirectory tree under the `doc/` directory of the site file
+		// system. The topic is given _without_ the file extension, which will be
+		// determined by the module.
+		//
+		// The valid file extensions for help topic are:
+		//
+		//   - `.md` for markdown formatted source files.
+		//   - `.bb` for bbcode formatted source files.
+		//   - `.html` for help topics in html format.
+		//
+
+		// Strip away the module name from the args
+		$args = array_slice(\App::$argv, 1);
+
+		// Remove language if necessary
+		//
+		// The language was determined during pre-request processing in the
+		// `init` function.
+		if ($this->lang['from_url']) {
+			array_shift($args);
+		}
+
+		// Keep the first remaining arg as the heading slug
+		$this->heading_slug = $args[0];
+
+		// Locate the file for the topic in the doc directory
+		$this->find_help_file(implode('/', $args), $this->lang['language']);
+
+		$this->set_page_title();
+
+		if (empty($this->file_name)) {
+			header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
+			$tpl = get_markup_template("404.tpl");
+			return replace_macros($tpl, array(
+				'$message' => t('Page not found.')
+			));
+
+		} else {
+			$tpl = get_markup_template('help.tpl');
+			return replace_macros($tpl, [ '$module' => $this ]);
+		}
+	}
+
+	public function render_content(): string {
+		return $this->render_help_file($this->file_name, $this->file_type);
+	}
+
+	public function render_help_file(string $file_name, string $file_type): string {
+		$raw_text = file_get_contents($file_name);
+
+		switch ($file_type) {
+		case 'md':
+			// We need to escape the `#include` statements in the original file,
+			// to be sure it's not rendered as a heading by markdown.
+			$raw_text = preg_replace('/#include/ism', '%%include', $raw_text);
+			$content = MarkdownExtra::defaultTransform($raw_text);
+			$content = preg_replace('/%%include/ism', '#include', $content);
+			break;
+
+		case 'bb':
+			$content = zidify_links(bbcode($raw_text));
+			break;
+
+		case 'html':
+			$content = parseIdentityAwareHTML($raw_text);
+			break;
+		}
+
+		// Replace includes with the contents of the included file
+		$content = preg_replace_callback(
+			"/#include (.*?)\;/ism",
+			function ($matches) {
+				$parts = explode('.', $matches[1]);
+				$sub_file_type = array_pop($parts);
+				$included_content = $this->render_help_file($matches[1], $sub_file_type);
+				return str_replace($matches[0], $included_content, $matches[0]);
+			},
+			$content
+		);
+
+		return translate_projectname($content);
+	}
+
+	public function get_page_title(): string {
+		$title = t('$Projectname Documentation');
+		$heading = $this->get_heading();
+
+		if (! empty($heading)) {
+			$title .= ': ' . $heading;
+		}
+
+		return $title;
+	}
+
+	public function get_toc_heading(): string {
+		return t('Contents');
+	}
+
+
+	private function get_heading(): string {
 		$headings = [
 			'about'     => t('About'),
 			'member'    => t('Members'),
@@ -89,21 +246,22 @@ class Help extends \Zotlabs\Web\Controller {
 			'tutorials' => t('Tutorials')
 		];
 
-		$heading = '';
-		if(array_key_exists(argv(1), $headings))
-			$heading = $headings[argv(1)];
-
-		$content =  get_help_content();
-
-		$language = determine_help_language()['language'];
-
-		return replace_macros(get_markup_template('help.tpl'), array(
-			'$title'      => t('$Projectname Documentation'),
-			'$tocHeading' => t('Contents'),
-			'$content'    => $content,
-			'$heading'    => $heading,
-			'$language'   => $language
-		));
+		if(array_key_exists($this->heading_slug, $headings)) {
+			return $headings[$this->heading_slug];
+		} else {
+			return '';
+		}
 	}
 
+	/**
+	 * Set the page title to an unslugified version of the file name.
+	 *
+	 * @Note This modifies the global `App::$page['title']` property.
+	 */
+	private function set_page_title(): void {
+		$title = basename($this->file_name, ".{$this->file_type}");
+		\App::$page['title'] =
+			t('Help:') . ' '
+			. ucwords(str_replace(['-', '_'],' ',notags($title)));
+	}
 }