Merge branch 'dev'

changelog
version 10.4.3
2026-06-21 09:01:15 -04:00 · 2025-08-15 08:45:45 +00:00 · 2025-08-15 08:45:05 +00:00 · 2025-08-15 08:38:40 +00:00 · 2025-08-14 17:46:21 +00:00 · 2025-08-12 09:13:55 +00:00
8684 changed files with 289527 additions and 219232 deletions
--- a/.debianinstall/README.md
+++ b/.debianinstall/README.md
@@ -27,23 +27,21 @@ if you look for more choices. The main differences are:
 - graphical installer whiptail
 - The script stops (fails) if it finds results of a previous installation. (The [debian-setup.sh](https://framagit.org/ojrandom/core/-/tree/dev/.debianinstall) will just jump over it.)
 - If something fails the script tries to clean up everything that was installed up to the point of failure. (That might cause trouble if certbot registered a certificate already.)
- The script under [homeinstall](https://framagit.org/hubzilla/core/-/tree/master/.homeinstall) seems to be an older version of the scripts used for Streams
-  + [autoinstall](https://codeberg.org/streams/streams/src/branch/dev/contrib/autoinstall)
-  + [easyinstall](https://codeberg.org/streams/streams/src/branch/dev/contrib/easyinstall)
+- The script under [homeinstall](https://framagit.org/hubzilla/core/-/tree/master/.homeinstall) seems to be an older version of the scripts used for Streams, i.e. [autoinstall](https://codeberg.org/streams/streams/src/branch/dev/contrib/autoinstall) and [easyinstall](https://codeberg.org/streams/streams/src/branch/dev/contrib/easyinstall)

 ## Preconditions

 Hardware

 + internet connection and router at home
-+ computer connected to your router (a Raspberry 3 will do for very small Hubs)
+ computer connected to your router (a Raspberry 4 will do for very small Hubs)

 Software

-+ fresh installation of Debian 12 (bookworm)
+ fresh installation of Debian 12 (bookworm) or Raspberry Pi OS
 + router with open ports 80 and 443 for your web server

-You can of course run the script on a VPS or any distant server as long as the above sotfware requirements are satisfied.
+You can of course run the script on a VPS or any distant server as long as the above software requirements are satisfied.

 ## How to run the script

@@ -82,6 +80,11 @@ Switch the verification off

    util/config system verify_email 0

+Check if updates from the repository do work
+
+    util/udall
+
+
 ## What the script will do for you...

 + install everything required by your hubzilla instance, basically a web server (Apache), PHP, a database (MySQL), certbot,...
@@ -101,7 +104,7 @@ The script is known to work without adjustments with

 + Hardware
  - standard PC with Debian 12 (bookworm)
-  - Raspberry 4 with Raspbian, Debian 12 (TODO: needs confirmation after swich to Debian12)
+  - Raspberry 5 with Raspberry Pi OS, Debian 12
  - for tesing purposes: under localhost inside a virtual machine, [KVM](https://wiki.debian.org/KVM)
 + DynDNS
  - selfHOST.de
@@ -151,8 +154,3 @@ It is recommended to run the Raspi without graphical frontend (X-Server). Use...

 to boot the Rapsi to the client console.

-DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!
-
-## Reminder for Different Web Wervers
-
-For those of you who feel adventurous enough to use a different web server (i.e. Lighttpd...), don't forget that this script will install Apache or Nginx and that you can only have one web server listening to ports 80 & 443. Also, don't forget to tweak your daily shell script in /var/www/ accordingly.
--- a/.debianinstall/config.txt.template
+++ b/.debianinstall/config.txt.template
@@ -93,9 +93,8 @@ freedns_key=
 # If left empty, both your database and user will be named after your zot instance (hubzilla, zap or misty)
 # Use custom name, at least fo the database, if you plan to run more than one hub/instance on the same server
 #
-zotserver_db_name=
-zotserver_db_user=
-zotserver_db_pass=$db_pass
+db_name=hubzilla
+db_user=hubzilla
 # 
 #
 # Password for package mysql-server
--- a/.debianinstall/debian-setup.sh
+++ b/.debianinstall/debian-setup.sh
@@ -150,7 +150,7 @@ function install_sendmail {
 function install_php {
    # openssl and mbstring are included in libapache2-mod-php
    print_info "installing php..."
-    nocheck_install "libapache2-mod-php php php-pear php-curl php-gd php-mbstring php-xml php-zip"
+    nocheck_install "libapache2-mod-php php php-pear php-curl php-gd php-mbstring php-xml php-zip php-intl php-bcmath"
    phpversion=$(php -v|grep --only-matching --perl-regexp "(PHP )\d+\.\\d+\.\\d+"|cut -c 5-7)
    sed -i "s/^upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/$phpversion/apache2/php.ini
    sed -i "s/^post_max_size =.*/post_max_size = 100M/g" /etc/php/$phpversion/apache2/php.ini
@@ -160,8 +160,8 @@ function install_composer {
    print_info "We check if Composer is already downloaded"
    if [ ! -f /usr/local/bin/composer ]
    then
-        EXPECTED_CHECKSUM="$(php -r 'copy("https://composer.github.io/installer.sig", "php://stdout");')"
-        php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+        EXPECTED_CHECKSUM="`wget -qO- https://composer.github.io/installer.sig`"
+        wget https://getcomposer.org/installer -O composer-setup.php
        ACTUAL_CHECKSUM="$(php -r "echo hash_file('sha384', 'composer-setup.php');")"
        if [ "$EXPECTED_CHECKSUM" != "$ACTUAL_CHECKSUM" ]
        then
@@ -171,6 +171,7 @@ function install_composer {
        fi
        php composer-setup.php --quiet
        RESULT=$?
+        composer --version
        rm composer-setup.php
        # exit $RESULT
        # We install Composer globally
@@ -181,7 +182,7 @@ function install_composer {
    fi
    cd $install_path
    export COMPOSER_ALLOW_SUPERUSER=1;
-    /usr/local/bin/composer install --no-dev
+    /usr/local/bin/composer install --no-dev --quiet
    /usr/local/bin/composer show
    export COMPOSER_ALLOW_SUPERUSER=0;
 }
@@ -256,12 +257,18 @@ function create_zotserver_db {
    then
        Q1="CREATE DATABASE IF NOT EXISTS $db_name;"
        Q2="GRANT USAGE ON *.* TO $db_user@localhost IDENTIFIED BY '$db_pass';"
-        Q3="GRANT ALL PRIVILEGES ON $name.* to $db_user@localhost identified by '$db_pass';"
+        Q3="GRANT ALL PRIVILEGES ON $db_name.* to $db_user@localhost identified by '$db_pass';"
        Q4="FLUSH PRIVILEGES;"
        SQL="${Q1}${Q2}${Q3}${Q4}"
        mysql -uroot -p$mysqlpass -e "$SQL"
    else
        echo "database $db_name does exist already"
+        Q1="CREATE DATABASE IF NOT EXISTS $db_name;"
+        Q2="GRANT USAGE ON *.* TO $db_user@localhost IDENTIFIED BY '$db_pass';"
+        Q3="GRANT ALL PRIVILEGES ON $db_name.* to $db_user@localhost identified by '$db_pass';"
+        Q4="FLUSH PRIVILEGES;"
+        SQL="${Q1}${Q2}${Q3}${Q4}"
+        mysql -uroot -p$mysqlpass -e "$SQL"
    fi
 }

@@ -301,10 +308,19 @@ function install_run_selfhost {
        # https://carol.selfhost.de/update?username=123456&password=supersafe
        #
        # the prefered way
-        wget --output-document=$selfhostdir/$selfhostscript http://jonaspasche.de/selfhost-updater
-        echo "router" > $selfhostdir/device
-        echo "$selfhost_user" > $selfhostdir/user
-        echo "$selfhost_pass" > $selfhostdir/pass
+        if [ ! -f $selfhostdir/$selfhostscript ]
+        then
+            wget --output-document=$selfhostdir/$selfhostscript https://jonaspasche.de/selfhost-updater
+            if [ ! -s $selfhostdir/$selfhostscript ]
+            then
+                die "Failed to download selfHOST file for dynDNS"
+            fi
+            echo "router" > $selfhostdir/device
+            echo "$selfhost_user" > $selfhostdir/user
+            echo "$selfhost_pass" > $selfhostdir/pass
+            print_info "Wrote file to update dynamic IP. File: $selfhostdir/$selfhostscript"
+        fi
+        print_info "executing $selfhostdir/$selfhostscript update..."
        bash $selfhostdir/$selfhostscript update
    fi
 }
@@ -380,7 +396,7 @@ function install_letsencrypt {
    then
        die "Failed to install let's encrypt: 'le_email' is empty in $configfile"
    fi
-    nocheck_install "certbot python-certbot-apache"
+    nocheck_install "certbot python3-certbot-apache"
    print_info "run certbot ..."
    certbot --apache -w $install_path -d $le_domain -m $le_email --agree-tos --non-interactive --redirect --hsts --uir
    service apache2 restart
@@ -435,7 +451,7 @@ function configure_cron_daily {
    echo "echo \" \"" >> /var/www/$cron_job
    echo "echo \"\$(date) - stopping apache and mysql...\"" >> /var/www/$cron_job
    echo "service apache2 stop" >> /var/www/$cron_job
-    echo "/etc/init.d/mysql stop # to avoid inconsistencies" >> /var/www/$cron_job
+    echo "systemctl stop  mysql.service # to avoid inconsistencies" >> /var/www/$cron_job
    echo "#" >> /var/www/$cron_job
    echo "echo \"\$(date) - renew certificate...\"" >> /var/www/$cron_job
    echo "certbot renew --noninteractive" >> /var/www/$cron_job
--- a/.gitignore
+++ b/.gitignore
@@ -48,9 +48,10 @@ doc/html/
 .zotshrc
 # external repositories for themes/addons
 extend/
-# files generated by phpunit
+
+# exclude test results and cache
 tests/.cache
-tests/.phpunit.result.cache
+tests/.phpunit*
 tests/results/

 ## exclude IDE files
@@ -67,7 +68,6 @@ nbproject/
 # PHPStorm
 .idea/

-
 ## composer
 # locally installed composer binary
 composer.phar
@@ -87,6 +87,7 @@ vendor/bin/php-parse
 vendor/bin/phpcbf
 vendor/bin/phpcs
 vendor/bin/phpmd
+vendor/bin/phpstan*
 vendor/bin/phpunit
 vendor/composer/pcre/
 vendor/composer/xdebug-handler/
@@ -98,18 +99,11 @@ vendor/pdepend/
 vendor/phar-io/
 vendor/php-mock/
 vendor/phpmd/
+vendor/phpstan
 vendor/phpunit/
 vendor/psr/container/
 vendor/sebastian/
 vendor/squizlabs/
-vendor/symfony/config/
-vendor/symfony/dependency-injection/
-vendor/symfony/deprecation-contracts/
-vendor/symfony/filesystem/
-vendor/symfony/polyfill-ctype/
-vendor/symfony/polyfill-mbstring/
-vendor/symfony/polyfill-php80/
-vendor/symfony/service-contracts/
 vendor/theseer/
 # /info is a directory containing site-specific HTML documents
 /info/
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -32,7 +32,8 @@ before_script:
  - apt-get install -yqq libicu-dev libjpeg-dev libpng-dev libpq-dev libyaml-dev libzip-dev mariadb-client postgresql-client unzip zip
  - pecl install xdebug yaml
  - docker-php-ext-enable xdebug yaml
-  - docker-php-ext-install gd bcmath intl pdo_mysql pdo_pgsql zip
+  - docker-php-ext-configure gd --with-jpeg=/usr/include/
+  - docker-php-ext-install gd bcmath intl pdo_mysql pdo_pgsql zip exif

  # Install composer
  - curl -sS https://getcomposer.org/installer | php
@@ -58,7 +59,7 @@ before_script:
    - echo "USE $MYSQL_DATABASE; SHOW TABLES;" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host="$DB_HOST" "$MYSQL_DATABASE"
    # Run the actual tests
    - touch dbfail.out
-    - vendor/bin/phpunit --configuration tests/phpunit.xml --no-progress --stop-on-error --coverage-text --colors=never --log-junit tests/results/junit.xml || exit_code=$?
+    - vendor/bin/phpunit -d memory_limit=256M --configuration tests/phpunit.xml --no-progress --stop-on-error --coverage-text --colors=never --log-junit tests/results/junit.xml || exit_code=$?
    - if [ $exit_code -ne 0 ]; then echo "Test barfed!"; cat dbfail.out; exit $exit_code; fi
  coverage: '/^\s*Lines:\s*\d+.\d+\%/'

@@ -83,7 +84,7 @@ before_script:
    - psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "\dt;"
    # Run the actual tests
    - touch dbfail.out
-    - vendor/bin/phpunit --configuration tests/phpunit.xml --no-progress --stop-on-error --coverage-text --colors=never --log-junit tests/results/junit.xml || exit_code=$?
+    - vendor/bin/phpunit -d memory_limit=256M --configuration tests/phpunit.xml --no-progress --stop-on-error --coverage-text --colors=never --log-junit tests/results/junit.xml || exit_code=$?
    - if [ $exit_code -ne 0 ]; then echo "Test barfed!"; cat dbfail.out; exit $exit_code; fi
  coverage: '/^\s*Lines:\s*\d+.\d+\%/'

--- a/.phpcs.xml
+++ b/.phpcs.xml
@@ -48,6 +48,10 @@
        <exclude name="Generic.Files.OneClassPerFile.MultipleFound"/>
        <exclude name="Generic.Files.OneObjectStructurePerFile.MultipleFound"/>
        <exclude name="Generic.Formatting.SpaceAfterCast.NoSpace"/>
+
+        <exclude name="Generic.Classes.OpeningBraceSameLine.BraceOnNewLine" />
+        <exclude name="Generic.WhiteSpace.DisallowSpaceIndent.SpacesUsed" />
+        <exclude name="Generic.Functions.OpeningFunctionBraceKernighanRitchie.BraceOnNewLine" />
    </rule>

 	<!--
--- a/400
+++ b/400
@@ -1,4 +1,402 @@
-Hubzilla 9.2 (2024-??-??)
+Hubzilla 10.4.3 (2025-08-15)
+	- Refactor module vote to prohibit double votes at the sender side
+	- Fix vote answers counted as comments
+	- Start transition of deprecated AS1 item.verb vocabulary to AS2 on demand in mod channel, articles and cards
+	- Fix regression in retrieving channel address in wtagblock() and whitespace fixes
+
+
+Hubzilla 10.4.2 (2025-08-08)
+	- Implement item_custom_display hook in mod HQ
+	- Refactor item fetching functions to reflect item_normal() changes
+	- Refactor item_normal() to optionally deal with various item types
+	- Fix missing reactions modal in threaded_conversation.tpl
+	- Improve memory consumption in drop_related() to fix deleting of big threads
+	- Fix PHP error with the potential to stuff up the queueworker
+	- Update the contact edit header so that both, image and text are linked to the profile
+	- Articles: refactor to reflect item_normal() changes
+	- Cards: refactor to reflect item_normal() changes
+
+
+Hubzilla 10.4.1 (2025-07-31)
+	- Fix regression in pubstream tag view
+	- Fix photos meta data not updated when renaming folder in files app
+	- Fix syntax error in custom emoji sample code
+	- Fix rendering issue when image load event triggered after timeout
+	- Fix comment preview not always displayed
+	- Fix new created comment rendering offscreen
+	- Update derived theme tutorial and add it to the help index
+	- Add 'extends' attribute to theme info
+	- Fix reply modal remaining hidden after reactions loaded
+	- Refactor tagcloud to use smarty template file
+	- Fix regression in tagadelic
+	- Fix possible performance issue with archive widget
+	- Fix various addons which still used the deprecated $a global
+
+
+Hubzilla 10.4 (2025-07-15)
+	- Add support for did:key verification method to checkEddsaSignature()
+	- Introduce util/init_sys_channel to create the sys channel if required
+	- Update norwegian translations
+	- Add init_sys_channel utility to create the sys channel in case of headless installation or failure
+	- Upgrade http-message-signer to version 2.3
+	- Upgrade phpseclib to version 3
+	- Minor cleanup to the account functions and added tests
+	- Do not sign (request-target) on response
+	- Start verifying incoming RFC9421 HTTP signatures
+	- Convert geo URIs into clickable links
+	- Allow geo URIs in url bbcode tags
+	- Cleanup obsolete and unused functions
+	- Remove unused Xref module
+	- Make sure we have the keys before attempting to sign with JcsEddsa2022
+	- Implement lazy loading of toplevel comments
+	- Update german help files
+	- Add App::$page_layouts attribute for comanche
+	- Refactor and fix numerous issues in guess_image_type()
+	- Add tests for Widget\Messages
+	- Refactor cache_embeds daemon to be called with uuid (instead of item id) so that it will only be processed once
+	- Add avif support for php-gd
+	- Exclude Add/Remove items from network nouveau query
+	- Always preload images and remove pre image preload setting
+	- Introduce per channel conversation mode setting
+	- Add API docs for the observer file
+	- Move observer helper functions to separate source
+	- Introduce helper functions to access the various fields of the xchan stored in App::$observer
+	- Refactor item_normal() to accept an owner uid
+	- Implement reply modal if comment replies are enabled
+	- Streamline wording conversation > comment > reply
+	- Streamline default ordering to created date
+	- Default to threaded conversation mode
+	- Implement lazy loading of reactions
+	- Do not store dismissed create activities in dreport
+	- Refactor mod item to deprecate x() and use $_POST instead of $_REQUEST superglobal
+	- Improved styling for dreport module
+	- Start deprecation of the function x()
+	- Minor cleanup and refactor for Web/Router
+	- Minor cleanup and refactor for Lib/Webserver
+	- Set App::$query_string from from server.request_uri instead of server.query_string because the latter will mostly be urldecoded by the server already
+	- Refactor language selector
+	- Extend message filter to support until=2025-04-18 20:49:00 for date/time based filtering and add tests
+	- Extend message filter to deal with && and || conditions and add tests
+	- Prevent storing files/folder with filenames exceeding their max name length
+	- Deal with attachment of type link
+	- Revert translation of network to stream
+	- Updated debian install script
+	- Add suport for strong bbcode tag
+	- Change photo.filename to type text for new installs
+	- Provide methods to get mid and uuid from activity object
+	- Minor update for boxy schema
+	- Update composer libs
+	- Reorganize emojis and allow custom site emojis
+	- Change item.obj and item.target to mediumtext for mysql new installs
+	- Move jot related functions to jot-header and some cleanup
+	- Port photo selector to vanilla javascript
+	- Enable photo selector for comments if OCAP access is enabled
+	- Add :hubzilla: emoji
+	- Add :zot: emoji
+	- Include unapproved connections in deliverable_abook_xchans()
+	- Port showHideComments() to vanilla javascript
+	- Disable browser rotating image based on EXIF metadata
+
+	Bugfixes
+	- Fix blog mode if threaded view is disabled
+	- Fix markdown issue with mentions
+	- Fix issue where item_wall was not set for article and card item types
+	- Fix first created account was not necessarily the admin account
+	- Fix notice not emited on failed login
+	- Fix intro notifications not handled via /notify/view and hence not marked seen
+	- Fix undefined static function in Zot6Handler
+	- Fix missing return in Render\Theme::current
+	- Fix announce source title (addr) not correct
+	- Fix offset calculation if element position is relative
+	- Fix autosave for comments
+	- Fix notfication issue with update activities
+	- Fix sess_data not updated to mediumtext in mysql schema file
+	- Fix title and summary converted to bbcode
+	- Fix preloading images if dom element is not yet in page
+	- Fix verb and hash for notifications
+	- Fix notification button for medium screen size (right aside collapsed)
+	- Fix new result set created for updated results (dreport)
+	- Fix regex to catch codeblocks with params like class in smilies()
+	- Fix term.imgurl not stored in item_store_update()
+	- Fix folder names are not URL escaped in Files app (issue #1903)
+	- Fix stephenhill/base58 PHP warnings
+	- Fix color bbcode markup
+	- Fix video poster display issue
+	- Fix relayed emoji reactions
+	- Fix some javascript errors on mobile devices
+	- Fix our own activities visible in unseen forum notifications
+	- Fix duplicated head_get_icon()
+
+	Addons
+	- Wiki: fix spacing in wikilist widget
+	- Gallery: look for templates in theme directory first
+	- Articles: look for templates in theme directory first
+	- Wiki: look for templates in theme directory first
+	- Pubcrawl: remove unused force note setting
+	- Flashcards: major refactor and added functionality
+	- Superblock: refactor and new siteblock option for admins
+	- Cart: fix issue related to HTTP3
+	- Pubcrawl: avoid DB lookup if not valid AS request in mod followers and mod following
+	- Photocache: implement prefetch via cache_embeds daemon and minor refactor
+	- Articles: fix Add/Remove activities not dismissed in channel activities query
+	- Cards: fix Add/Remove activities not dismissed in channel activities query
+	- Diaspora: make sure item_thread_top is set for reshares (info for filters)
+	- Gallery: fix missing folder field from query
+	- Pubcrawl: update mod ap_probe to show a visual representation if applicable
+
+
+Hubzilla 10.2.3 (2025-04-11)
+	- Fix bogus merge from 10.2.2 release
+
+
+Hubzilla 10.2.2 (2025-04-11)
+	- Cleanup deprecated forum queries, improved performance
+	- Fix zot6 handler returning success allthough Libzot::fetch() did not return anything useful
+	- Fix json encoding of a possibly empty item.target
+	- Fix permalink for forum posts and comments
+	- Fix an obscure delivering issue which could produce duplicate posts
+	- Lazy load profile photos for reactions to reduce server load
+	- Pubcrawl: deal with Update(Tombstone)
+	- Pubcrawl: fix mentions not mapped to "to" in public toplevel posts (regression)
+
+
+Hubzilla 10.2.1 (2025-03-18)
+	- Fix OWA in cases where Signature is in the REDIRECT_REMOTE_USER field
+	- Fix query in mod sse_bs
+
+
+Hubzilla 10.2 (2025-03-17)
+	- Allow to send signed requests from the zot_probe tool
+	- Print an error message if OWA fails
+	- Remove possible leading @ before processing webfinger address
+	- Updated debian install script
+	- Calculate observer.baseurl from xchan_url instead of xchan_connurl
+	- Refactor unparse_url() to allow return of a custom field set only and add tests
+	- Slightly improve event object rendering
+	- Update smarty library to version 5 for PHP 8.4 compatibility
+	- Remove vendor/symfony from gitignore file
+	- Update composer libraries
+	- Add contextHistory field to activities and prefer it over context when consuming
+	- Implement highlight button in jot editor
+	- Add test results and PHPStan to gitignore
+	- Update spanish strings
+	- Remove EpubMeta library in favor of a custom solution
+	- Configue gd for jpeg support in CI
+	- Add error message on missing owa auth headers
+	- Add Zotlabs\Tests namespace to autloader in dev
+	- Add dba_pdo::update method
+	- Add dba_pdo::insert method
+	- Rewrite redbasic javascript to remove jquery dependency
+	- Add  security policy SECURITY.md
+
+	Bugfixes
+	- Fix notifications for likes on our comments
+	- Fix fullscreen view
+	- Fix boxy scheme text alignment for comments
+	- Fix poll date string to match with the autotime string
+	- Fix owner hash not set correctly when editing a post/comment
+	- Fix an issue where some participants could not post to forums
+	- Fix navbar selector conflict with possible additional navbars when using a cover photo
+	- Fix target and tgt_type not set for sourced rss items if we rewrite them to our own
+	- Fix auto save draft not set correctly
+	- Fix cover height calculation
+
+	Addons
+	- Diaspora: revisit import_diaspora_account()
+	- Pubcrawl: escape quotation marks in ActivityStreams link header
+	- Wiki: fixed wiki_page_list.tpl to use bootstrap class for layout
+	- BBmath: fix orientation for inline math
+	- BBmath: document imagemagick permissions
+	- Pubcrawl: ensure we select the correct hubloc hash when extending recipients list
+	- Msg_footer: do not add footer on edit, also dismiss anything but a create activity
+	- Pubcrawl: refactor activitypub addressing
+	- Wiki: added space to preview panel
+	- Startpage: update help text and some cleanup
+
+
+Hubzilla 10.0.8 (2025-02-01)
+	- Fix duplicating terms/iconfig in addToCollectionAndSync()
+	- Refactor Daemon/Importdoc for better SQL performance when looking up outdated entries
+	- Tweak SQL in mod sse_bs for possible performance improvements
+	- Fix PHP warnings
+	- Do not run post_local hook on add activities in pubcrawl addon
+	- Do not run post_local hook on add activities in diaspora addon
+	- Remove old rawmsg/fields before storing new rawmsg in pubcrawl addon
+	- Fix retractions in diaspora addon
+
+
+Hubzilla 10.0.7 (2025-01-22)
+	- Fix ownership check in consume_feed()
+	- Fix toast() if notification contains non-ascii characters
+	- Fix regression in notifications filter
+
+
+Hubzilla 10.0.6 (2025-01-05)
+	- Fix entries where primary location data is not complete not dismissed early
+	- Fix query to cleanup outdated doc entries called multiple times
+	- Fix query to cleanup outdated doc entries
+
+
+Hubzilla 10.0.5 (2024-12-29)
+	- Fix another instance of drop_item() not having permission to drop items
+
+
+Hubzilla 10.0.4 (2024-12-26)
+	- Fix missing argument name
+
+
+Hubzilla 10.0.3 (2024-12-26)
+	- Fix regression in Daemon/Channel_purge which could cause a possible infinite loop
+	- Fix regression in Daemon/Expire which could cause a infinite loop
+
+
+Hubzilla 10.0.2 (2024-12-25)
+	- Hotfix comment out Daemon/Expire
+	- Fix zid parameter allowed to override an existing remote login
+	- Slightly improved imagesLoaded()
+
+
+Hubzilla 10.0.1 (2024-12-22)
+	- Revert removing of openid library
+	- Fix SQL query in Daemon/Importdoc
+
+
+Hubzilla 10.0 (2024-12-21)
+	- Port updateConvItem() and notifications widget to vanilla javascript
+	- Remove jquery.timeago.js in favor of a native js implementation
+	- Introduce item_forwardable() a function to check if an item should be frowarded
+	- Always set item_delayed flag if we use a custom created date
+	- Add indicators to items in case they are delayed, have an expiration time or commenting is disabled
+	- Introduce relative_time() a new function to calculate the relative time
+	- Refactor mod admin/accounts
+	- Toggle aside if a notification or message is clicked
+	- Add Mailer class to replace z_mail()
+	- Provide a possibility to link to a specific day or month in mod cal via URL fragment e.g. #2024-12-24
+	- Refactor mod magic
+	- Introduce conversation containers a.k.a. FEP-171b
+	- Refactor mod item
+	- Refactor Thumbs\Epubthumb to adapt to new version of EPub meta lib
+	- Remove unused libraries
+	- Bring filed items to mod hq
+
+	Bugfixes
+	- Fix comments on/off toggle
+	- Fix various missing icons after transition from fork-awesome
+	- Fix performance issue in mod pubstream
+	- Fix mails with + in local part rejected
+	- Fix % calculation in mod import_progress
+	- Fix query vars not unset when constructing the server address
+	- Fix can_comment_on_post() logic after introduction of repeats
+	- Fix xchan_query() not including deleted hublocs
+	- Fix allday variable not set when clicking an event or a resource is provided
+
+	Addons
+	- Introduce conversation containers a.k.a. FEP-171b
+	- Cards: fix comments on/off state
+	- Articles: fix comments on/off state
+	- Pubcrawl: fix encoding of stored raw message
+	- Gallery fix zoom icon toggle
+	- Pubcrawl: fix follow to non primary hub location
+	- Pubcrawl: rewrite id host to local host instead of primary host
+
+
+Hubzilla 9.4.4 (2024-11-06)
+	- Update Norwegian translations
+	- Fix error adding things when multiple profiles not enabled
+	- Port mod thing to use $_GET/$_POST instead of $_REQUEST
+	- Move Norwegian translations from nb-no to nb
+	- Fix intact alernative network hublocs being marked deleted in Libsync::sync_locations()
+	- Fix modals only partly removed when DOM emlement updated via ajax
+	- Add explicit check for channel_address in channel_url()
+	- Fix PHP deprecation warnings in mod setup
+	- Fix PHP warning in Web/HttpMeta
+	- Fix typo in UnitTestCase
+	- Fix missing CSRF token checks in mod account_edit
+	- Fix OCAP tokens only added to images
+	- Fix unescaped zid parameter
+	- Fix wrong date format in published date in update question activities
+	- Fix include for en TOS page
+	- Fix query in copy_of_pubitem() returning duplicate items
+	- Fix edit button not clickable if below right aside when viewing webpages
+	- Fix rendering of category tags icons in the editor
+	- Fix regex to detect URLs in cleanup_bbcode
+	- Fix duplicate posts from forum clones
+	- Fix follow to non primary hub location in pubcrawl addon
+	- Fix id host not rewritten to local host in pubcrawl addon
+	- Fix regression when manually fetching items in pubcrawl addon
+
+
+Hubzilla 9.4.3 (2024-10-10)
+	- Discard Add/Remove activities (Hubzilla 10 and (streams) compatibility)
+	- Fix HQ channel activities icons
+	- Fix saved search icons
+
+
+Hubzilla 9.4.2 (2024-10-04)
+	- Indicate reacted state via icon color (community wish)
+	- Fix modal backdrop not removed when reacting from the modal
+	- Fix missing handle icon in mod pdledit_gui
+
+
+Hubzilla 9.4.1 (2024-10-02)
+	- Various fixes for the help module
+	- Update smarty library via composer
+	- Fix URLs replaced with bbcode in codeblocks if markdown enabled
+	- Fix unable to move multiple files when using postgresql DB backend
+	- Adjust icon for post app
+	- Fix check for while loop in wiki addon
+
+
+Hubzilla 9.4 (2024-09-25)
+	- If we got an ocap token try to authenticate with it first
+	- Hide comment titles
+	- Adjust fix_attached_permissions() to only add the token if we got one
+	- Allow uploading to comments if ocap tokens are enabled
+	- Refactor get_security_ids() to remove legacy code
+	- Add privacy scope sql to item_permissions_sql()
+	- Removed fork awesome in favour of bootstrap icons
+	- Improved content and comment collapse/expand rendering
+	- Add support for inbound locations
+	- Streamline item location rendering (use icon)
+	- Fix html2bbcode table and add test
+	- Store info/notice messages in xconfig instead of session
+	- Refactor help and add tests
+	- Do not run set_linkified_perms() if editing a post
+	- Remove deprecated tag_deliver permissions
+	- Make sure that tgroup_check() fails for group posts if they do not have the post_wall permission
+	- Show repeat button to channel owners only
+	- Refactor item buttons
+	- Add util/update_db
+	- Remove the unused f argument in various places
+	- Streamline URLs used in attachments and body to ease deduplication
+	- Code cleanup and remove some unused/deprecated functions
+
+	Bugfixes
+	- Fix broken help pages search
+	- Fix notes app not displaying anything - issue #1865
+
+	Addons
+	- Cards: fix decoding issue when editing and minor cleanup
+	- Articles: fix decoding issue when editing and minor cleanup
+	- Wiki: fix markdown content not unescaped when undoing history - issue #1864
+	- Gallery: update to photoswipe 5.4.4
+	- Openstreemap: streamline location rendering
+	- Socialauth: update version and contact details
+	- Socialauth: fix rendering issue
+
+Hubzilla 9.2.1 (2024-07-18)
+	- Fix fatal error if gd function image{jpeg, png, webp}() does not exist for some reason
+	- Add missing pdl for mod import
+	- Escape queueworker json data
+	- Fix missing object when repeating own posts
+	- Improve display of system notifications in relation with page reloads
+	- Add possibility to only display system notifications with notifications widget
+	- Fix layout issue with socialauth addon
+	- Save a db lookup if we have just reset notifications in sse addon
+	- Fix php error if attachment was an empty string in pubcrawl addon
+
+
+Hubzilla 9.2 (2024-07-06)
 	- Fail to import more gracefully if a channel has already been imported at some point but was deleted again
 	- Use the doubleleft template by default for admin pages to work around some display issues
 	- Reflect the censored state in the local xchan
--- a/CHANGELOG.air
+++ b/CHANGELOG.air
@@ -1,48 +0,0 @@
-"air" is a branch name for revision of Account-Invite-Register at the Hubzilla project
-
-Invite:
-* Rewritten and now language template driven
-* Selectable templates for the invite mails
-* Invitor may add personal notes in the mailtext
-+ Invite codes are bound to the recipients email address
-* Invite mod never more creates accounts
-* new db scheme for table register
-* existing register table will be migrated to the new schema even when detected at runtime
-* Bugfix: creating invite codes when admin only calls Invite w/o any further action
-* account library revision also together with invite mod
-* Depending on config: Users may send invitations also
-* Invitations expires, controlled by the invitor
-* Changed and new configs:
-* * invitation_only       As usual before
-* * invitation_also       Beside other registration policies, invitations may be used also
-* * invitation_max_per_day	defaults 50, may be changed in adminUI admin>site
-* * invitation_max_per_user defaults 4
-* Requirements:
-* * Addon language has to be installed
-
-Register:
-* Register panel (form) and js interaction changed
-* Unused registrations expire
-* Depending on config, anonymous registrations (w/o email) are supported
-* :... dont't panic, that may let grow security
-* Even anonymous users have to confirm their registration
-* Registrations may be enabled / disabled time driven for each day in the week (dudy)
-* Unsoliced registration floods may be blocked
-* Limited registrations from one single source ip
-* Using one additional log file, to easy interfare with f2b
-
-Account:
-* An user account always becomes created only if all depending conditions are satisfied
-* AdminUI for site configuration, accounts and registrations enhancements
-* Still untouched, but accountUI needs enhanced async control in case for mass delete
-  with deep level of recursion cascade of the dependencies (channels etc). An open TODO
-  since years for instances with many much users and channels.
-
-History:
-2020.03 Hubzilla Prod version 4.6 (master branch) of hubzilla/core was the base for AIR 
-        that was assigned Version 4.6.2 at sn/core
-2021.02 Hubzilla Prod version 5.2.1 (master branch) of hubzilla/core was new base for AIR
-        that was assigned version 5.2.2 at sn/core (air.5)
-        plus adjustment of hubzilla 5.2.2 (master) to sn/core (air.5) version 5.2.9
-
-
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,31 @@
+# Hubzilla Security Policy
+
+The [Hubzilla] Project takes security, privacy and user control over personal data seriously. We ask that any security issues be disclosed to us in a responsible manner to allow us time to remediate the issues, and site administrators time to upgrade before information about the issue is made public.
+
+This document outlines security procedures and policies for the Hubzilla project. It covers the following components:
+
+* The Hubzilla core repository: https://framagit.org/hubzilla/core
+* The official addon repository: https://framagit.org/hubzilla/addons
+* The official themes repository: https://framagit.org/hubzilla/themes
+* The official widgets repository: https://framagit.org/hubzilla/widgets
+
+## Coordinated Disclosure Guidelines
+
+We are committed to working with security researchers to verify, reproduce, and respond to legitimate reported vulnerabilities. You can help us by following these simple guidelines:
+
+* Submit suspected vulnerabilities by email to `security@hubzilla.org`, or as a confidential issue in the relevant repository listed above.
+* Provide clear instructions on how to reproduce the issue, and if possible, a minimal Proof of Concept (PoC) exploit.
+* We will acknowledge your submission as soon as we can, and will keep you updated as it is being processed. We may ask for more information, or clarifications about the issue or the steps to reproduce it during this time.
+* We will assign a CVE to the issue once it is confirmed.
+* We will do our best to fix the issue as soon as we can after it has been confirmed. We request that information about the vulnerability or details about how to exploit it is not disclosed to other parties until after the fix is released and some time has passed, to allow site administrators to upgrade. We will normally make the CVE public one month after a fix has been released. (This grace period can differ based on severity, and can be negotiated.)
+* Please perform all tests against a local instance of the software, and refrain from running any Denial of Service or automated testing tools against public hubs or the project managers (and their partners') infrastructure.
+* If the issue belongs to a third party module that we depend on, we may help with reporting it upstream if the submitter wants us to.
+
+## Comments on this Policy
+
+We welcome comments and suggestions for improving this policy. You can reach us at:
+
+* Our ticketing system: https://framagit.org/hubzilla/core/-/issues
+* By sending us an email at `security@hubzilla.org`.
+
+[Hubzilla]: https://hubzilla.org
--- a/Zotlabs/ActivityStreams/ASObject.php
+++ b/Zotlabs/ActivityStreams/ASObject.php
@@ -0,0 +1,776 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+
+use Zotlabs\Lib\BaseObject;
+
+class ASObject extends BaseObject
+{
+    public $id;
+    public $type;
+    public $attachment;
+    public $attributedTo;
+    public $audience;
+    public $content;
+    public $context;
+    public $name;
+    public $endTime;
+    public $generator;
+    public $icon;
+    public $image;
+    public $inReplyTo;
+    public $location;
+    public $preview;
+    public $published;
+    public $replies;
+    public $startTime;
+    public $summary;
+    public $tag;
+    public $updated;
+    public $url;
+    public $to;
+    public $bto;
+    public $cc;
+    public $bcc;
+    public $mediaType;
+    public $duration;
+    public $source;
+
+
+    // Extension properties
+
+    public $signature;
+    public $proof;
+    public $sensitive;
+    public $replyTo;
+    public $wall;
+    public $isContainedConversation;
+    public $expires;
+    public $canReply;
+    public $canSearch;
+    public $directMessage;
+    public $commentPolicy;
+
+    /**
+     * @return mixed
+     */
+    public function getDirectMessage()
+    {
+        return $this->directMessage;
+    }
+
+    /**
+     * @param mixed $directMessage
+     * @return ASObject
+     */
+    public function setDirectMessage($directMessage)
+    {
+        $this->directMessage = $directMessage;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSignature()
+    {
+        return $this->signature;
+    }
+
+    /**
+     * @param mixed $signature
+     * @return ASObject
+     */
+    public function setSignature($signature)
+    {
+        $this->signature = $signature;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getProof()
+    {
+        return $this->proof;
+    }
+
+    /**
+     * @param mixed $proof
+     * @return ASObject
+     */
+    public function setProof($proof)
+    {
+        $this->proof = $proof;
+        return $this;
+    }
+
+
+    /**
+     * @return mixed
+     */
+    public function getSensitive()
+    {
+        return $this->sensitive;
+    }
+
+    /**
+     * @param mixed $sensitive
+     * @return ASObject
+     */
+    public function setSensitive($sensitive)
+    {
+        $this->sensitive = $sensitive;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getReplyTo()
+    {
+        return $this->replyTo;
+    }
+
+    /**
+     * @param mixed $replyTo
+     * @return ASObject
+     */
+    public function setReplyTo($replyTo)
+    {
+        $this->replyTo = $replyTo;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getWall()
+    {
+        return $this->wall;
+    }
+
+    /**
+     * @param mixed $wall
+     * @return ASObject
+     */
+    public function setWall($wall)
+    {
+        $this->wall = $wall;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getIsContainedConversation()
+    {
+        return $this->isContainedConversation;
+    }
+
+    /**
+     * @param mixed $isContainedConversation
+     * @return ASObject
+     */
+    public function setIsContainedConversation($isContainedConversation)
+    {
+        $this->isContainedConversation = $isContainedConversation;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getExpires()
+    {
+        return $this->expires;
+    }
+
+    /**
+     * @param mixed $expires
+     * @return ASObject
+     */
+    public function setExpires($expires)
+    {
+        $this->expires = $expires;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCanReply()
+    {
+        return $this->canReply;
+    }
+
+    /**
+     * @param mixed $canReply
+     * @return ASObject
+     */
+    public function setCanReply($canReply)
+    {
+        $this->canReply = $canReply;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCanSearch()
+    {
+        return $this->canSearch;
+    }
+
+    /**
+     * @param mixed $canSearch
+     * @return ASObject
+     */
+    public function setCanSearch($canSearch)
+    {
+        $this->canSearch = $canSearch;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCommentPolicy()
+    {
+        return $this->commentPolicy;
+    }
+
+    /**
+     * @param mixed $commentPolicy
+     * @return ASObject
+     */
+    public function setCommentPolicy($commentPolicy)
+    {
+        $this->commentPolicy = $commentPolicy;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getId()
+    {
+        return $this->id;
+    }
+
+    /**
+     * @param mixed $id
+     * @return ASObject
+     */
+    public function setId($id)
+    {
+        $this->id = $id;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getType()
+    {
+        return $this->type;
+    }
+
+    /**
+     * @param mixed $type
+     * @return ASObject
+     */
+    public function setType($type)
+    {
+        $this->type = $type;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAttachment()
+    {
+        return $this->attachment;
+    }
+
+    /**
+     * @param mixed $attachment
+     * @return ASObject
+     */
+    public function setAttachment($attachment)
+    {
+        $this->attachment = $attachment;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAttributedTo()
+    {
+        return $this->attributedTo;
+    }
+
+    /**
+     * @param mixed $attributedTo
+     * @return ASObject
+     */
+    public function setAttributedTo($attributedTo)
+    {
+        $this->attributedTo = $attributedTo;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAudience()
+    {
+        return $this->audience;
+    }
+
+    /**
+     * @param mixed $audience
+     * @return ASObject
+     */
+    public function setAudience($audience)
+    {
+        $this->audience = $audience;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getContent()
+    {
+        return $this->content;
+    }
+
+    /**
+     * @param mixed $content
+     * @return ASObject
+     */
+    public function setContent($content)
+    {
+        $this->content = $content;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getContext()
+    {
+        return $this->context;
+    }
+
+    /**
+     * @param mixed $context
+     * @return ASObject
+     */
+    public function setContext($context)
+    {
+        $this->context = $context;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getName()
+    {
+        return $this->name;
+    }
+
+    /**
+     * @param mixed $name
+     * @return ASObject
+     */
+    public function setName($name)
+    {
+        $this->name = $name;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getEndTime()
+    {
+        return $this->endTime;
+    }
+
+    /**
+     * @param mixed $endTime
+     * @return ASObject
+     */
+    public function setEndTime($endTime)
+    {
+        $this->endTime = $endTime;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getGenerator()
+    {
+        return $this->generator;
+    }
+
+    /**
+     * @param mixed $generator
+     * @return ASObject
+     */
+    public function setGenerator($generator)
+    {
+        $this->generator = $generator;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getIcon()
+    {
+        return $this->icon;
+    }
+
+    /**
+     * @param mixed $icon
+     * @return ASObject
+     */
+    public function setIcon($icon)
+    {
+        $this->icon = $icon;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getImage()
+    {
+        return $this->image;
+    }
+
+    /**
+     * @param mixed $image
+     * @return ASObject
+     */
+    public function setImage($image)
+    {
+        $this->image = $image;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getInReplyTo()
+    {
+        return $this->inReplyTo;
+    }
+
+    /**
+     * @param mixed $inReplyTo
+     * @return ASObject
+     */
+    public function setInReplyTo($inReplyTo)
+    {
+        $this->inReplyTo = $inReplyTo;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLocation()
+    {
+        return $this->location;
+    }
+
+    /**
+     * @param mixed $location
+     * @return ASObject
+     */
+    public function setLocation($location)
+    {
+        $this->location = $location;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPreview()
+    {
+        return $this->preview;
+    }
+
+    /**
+     * @param mixed $preview
+     * @return ASObject
+     */
+    public function setPreview($preview)
+    {
+        $this->preview = $preview;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPublished()
+    {
+        return $this->published;
+    }
+
+    /**
+     * @param mixed $published
+     * @return ASObject
+     */
+    public function setPublished($published)
+    {
+        $this->published = $published;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getReplies()
+    {
+        return $this->replies;
+    }
+
+    /**
+     * @param mixed $replies
+     * @return ASObject
+     */
+    public function setReplies($replies)
+    {
+        $this->replies = $replies;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getStartTime()
+    {
+        return $this->startTime;
+    }
+
+    /**
+     * @param mixed $startTime
+     * @return ASObject
+     */
+    public function setStartTime($startTime)
+    {
+        $this->startTime = $startTime;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSummary()
+    {
+        return $this->summary;
+    }
+
+    /**
+     * @param mixed $summary
+     * @return ASObject
+     */
+    public function setSummary($summary)
+    {
+        $this->summary = $summary;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getTag()
+    {
+        return $this->tag;
+    }
+
+    /**
+     * @param mixed $tag
+     * @return ASObject
+     */
+    public function setTag($tag)
+    {
+        $this->tag = $tag;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getUpdated()
+    {
+        return $this->updated;
+    }
+
+    /**
+     * @param mixed $updated
+     * @return ASObject
+     */
+    public function setUpdated($updated)
+    {
+        $this->updated = $updated;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getUrl()
+    {
+        return $this->url;
+    }
+
+    /**
+     * @param mixed $url
+     * @return ASObject
+     */
+    public function setUrl($url)
+    {
+        $this->url = $url;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getTo()
+    {
+        return $this->to;
+    }
+
+    /**
+     * @param mixed $to
+     * @return ASObject
+     */
+    public function setTo($to)
+    {
+        $this->to = $to;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getBto()
+    {
+        return $this->bto;
+    }
+
+    /**
+     * @param mixed $bto
+     * @return ASObject
+     */
+    public function setBto($bto)
+    {
+        $this->bto = $bto;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCc()
+    {
+        return $this->cc;
+    }
+
+    /**
+     * @param mixed $cc
+     * @return ASObject
+     */
+    public function setCc($cc)
+    {
+        $this->cc = $cc;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getBcc()
+    {
+        return $this->bcc;
+    }
+
+    /**
+     * @param mixed $bcc
+     * @return ASObject
+     */
+    public function setBcc($bcc)
+    {
+        $this->bcc = $bcc;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getMediaType()
+    {
+        return $this->mediaType;
+    }
+
+    /**
+     * @param mixed $mediaType
+     * @return ASObject
+     */
+    public function setMediaType($mediaType)
+    {
+        $this->mediaType = $mediaType;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDuration()
+    {
+        return $this->duration;
+    }
+
+    /**
+     * @param mixed $duration
+     * @return ASObject
+     */
+    public function setDuration($duration)
+    {
+        $this->duration = $duration;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSource()
+    {
+        return $this->source;
+    }
+
+    /**
+     * @param mixed $source
+     * @return ASObject
+     */
+    public function setSource($source)
+    {
+        $this->source = $source;
+        return $this;
+    }
+
+}
--- a/Zotlabs/ActivityStreams/Activity.php
+++ b/Zotlabs/ActivityStreams/Activity.php
@@ -0,0 +1,122 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Activity extends ASObject
+{
+    public $actor;
+    public $object;
+    public $target;
+    public $result;
+    public $origin;
+    public $instrument;
+
+    /**
+     * @return mixed
+     */
+    public function getActor()
+    {
+        return $this->actor;
+    }
+
+    /**
+     * @param mixed $actor
+     * @return Activity
+     */
+    public function setActor($actor)
+    {
+        $this->actor = $actor;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getObject()
+    {
+        return $this->object;
+    }
+
+    /**
+     * @param mixed $object
+     * @return Activity
+     */
+    public function setObject($object)
+    {
+        $this->object = $object;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getTarget()
+    {
+        return $this->target;
+    }
+
+    /**
+     * @param mixed $target
+     * @return Activity
+     */
+    public function setTarget($target)
+    {
+        $this->target = $target;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getResult()
+    {
+        return $this->result;
+    }
+
+    /**
+     * @param mixed $result
+     * @return Activity
+     */
+    public function setResult($result)
+    {
+        $this->result = $result;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getOrigin()
+    {
+        return $this->origin;
+    }
+
+    /**
+     * @param mixed $origin
+     * @return Activity
+     */
+    public function setOrigin($origin)
+    {
+        $this->origin = $origin;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getInstrument()
+    {
+        return $this->instrument;
+    }
+
+    /**
+     * @param mixed $instrument
+     * @return Activity
+     */
+    public function setInstrument($instrument)
+    {
+        $this->instrument = $instrument;
+        return $this;
+    }
+
+}
--- a/Zotlabs/ActivityStreams/Actor.php
+++ b/Zotlabs/ActivityStreams/Actor.php
@@ -0,0 +1,428 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Actor extends ASObject
+{
+    public $inbox;
+    public $outbox;
+    public $followers;
+    public $following;
+    public $permissions; /* extension property */
+    public $endpoints;
+    public $publicKey;
+    public $preferredUsername;
+    public $alsoKnownAs;
+
+    // Extension properties
+
+    public $movedTo;
+    public $copiedTo;
+    public $discoverable;
+    public $manuallyApprovesFollowers;
+    public $webfinger;
+    public $canSearch;
+    public $indexable;
+    public $assertionMethod;
+    public $gateways;
+    public $openwebauth;
+    public $authredirect;
+
+    /**
+     * @return mixed
+     */
+    public function getAlsoKnownAs()
+    {
+        return $this->alsoKnownAs;
+    }
+
+    /**
+     * @param mixed $alsoKnownAs
+     * @return Actor
+     */
+    public function setAlsoKnownAs($alsoKnownAs)
+    {
+        $this->alsoKnownAs = $alsoKnownAs;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getMovedTo()
+    {
+        return $this->movedTo;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCopiedTo()
+    {
+        return $this->copiedTo;
+    }
+
+    /**
+     * @param mixed $copiedTo
+     * @return Actor
+     */
+    public function setCopiedTo($copiedTo)
+    {
+        $this->copiedTo = $copiedTo;
+        return $this;
+    }
+
+    /**
+     * @param mixed $movedTo
+     * @return Actor
+     */
+    public function setMovedTo($movedTo)
+    {
+        $this->movedTo = $movedTo;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDiscoverable()
+    {
+        return $this->discoverable;
+    }
+
+    /**
+     * @param mixed $discoverable
+     * @return Actor
+     */
+    public function setDiscoverable($discoverable)
+    {
+        $this->discoverable = $discoverable;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getManuallyApprovesFollowers()
+    {
+        return $this->manuallyApprovesFollowers;
+    }
+
+    /**
+     * @param mixed $manuallyApprovesFollowers
+     * @return Actor
+     */
+    public function setManuallyApprovesFollowers($manuallyApprovesFollowers)
+    {
+        $this->manuallyApprovesFollowers = $manuallyApprovesFollowers;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPreferredUsername()
+    {
+        return $this->preferredUsername;
+    }
+
+    /**
+     * @param mixed $preferredUsername
+     * @return Actor
+     */
+    public function setPreferredUsername($preferredUsername)
+    {
+        $this->preferredUsername = $preferredUsername;
+        return $this;
+    }
+
+
+    /**
+     * @return mixed
+     */
+    public function getId()
+    {
+        return $this->id;
+    }
+
+    /**
+     * @param mixed $id
+     * @return Actor
+     */
+    public function setId($id)
+    {
+        $this->id = $id;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getType()
+    {
+        return $this->type;
+    }
+
+    /**
+     * @param mixed $type
+     * @return Actor
+     */
+    public function setType($type)
+    {
+        $this->type = $type;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getInbox()
+    {
+        return $this->inbox;
+    }
+
+    /**
+     * @param mixed $inbox
+     * @return Actor
+     */
+    public function setInbox($inbox)
+    {
+        $this->inbox = $inbox;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getOutbox()
+    {
+        return $this->outbox;
+    }
+
+    /**
+     * @param mixed $outbox
+     * @return Actor
+     */
+    public function setOutbox($outbox)
+    {
+        $this->outbox = $outbox;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getFollowers()
+    {
+        return $this->followers;
+    }
+
+    /**
+     * @param mixed $followers
+     * @return Actor
+     */
+    public function setFollowers($followers)
+    {
+        $this->followers = $followers;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getFollowing()
+    {
+        return $this->following;
+    }
+
+    /**
+     * @param mixed $following
+     * @return Actor
+     */
+    public function setFollowing($following)
+    {
+        $this->following = $following;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getEndpoints()
+    {
+        return $this->endpoints;
+    }
+
+    /**
+     * @param mixed $endpoints
+     * @return Actor
+     */
+    public function setEndpoints($endpoints)
+    {
+        $this->endpoints = $endpoints;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPublicKey()
+    {
+        return $this->publicKey;
+    }
+
+    /**
+     * @param mixed $publicKey
+     * @return Actor
+     */
+    public function setPublicKey($publicKey)
+    {
+        $this->publicKey = $publicKey;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getWebfinger()
+    {
+        return $this->webfinger;
+    }
+
+    /**
+     * @param mixed $webfinger
+     * @return Actor
+     */
+    public function setWebfinger($webfinger)
+    {
+        $this->webfinger = $webfinger;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCanSearch()
+    {
+        return $this->canSearch;
+    }
+
+    /**
+     * @param mixed $canSearch
+     * @return Actor
+     */
+    public function setCanSearch($canSearch)
+    {
+        $this->canSearch = $canSearch;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getIndexable()
+    {
+        return $this->indexable;
+    }
+
+    /**
+     * @param mixed $indexable
+     * @return Actor
+     */
+    public function setIndexable($indexable)
+    {
+        $this->indexable = $indexable;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAssertionMethod()
+    {
+        return $this->assertionMethod;
+    }
+
+    /**
+     * @param mixed $assertionMethod
+     * @return Actor
+     */
+    public function setAssertionMethod($assertionMethod)
+    {
+        $this->assertionMethod = $assertionMethod;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getGateways()
+    {
+        return $this->gateways;
+    }
+
+    /**
+     * @param mixed $gateways
+     * @return Actor
+     */
+    public function setGateways($gateways)
+    {
+        $this->gateways = $gateways;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPermissions()
+    {
+        return $this->permissions;
+    }
+
+    /**
+     * @param mixed $permissions
+     * @return Actor
+     */
+    public function setPermissions($permissions)
+    {
+        $this->permissions = $permissions;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getOpenwebauth()
+    {
+        return $this->openwebauth;
+    }
+
+    /**
+     * @param mixed $openwebauth
+     * @return Actor
+     */
+    public function setOpenwebauth($openwebauth)
+    {
+        $this->openwebauth = $openwebauth;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAuthredirect()
+    {
+        return $this->authredirect;
+    }
+
+    /**
+     * @param mixed $authredirect
+     * @return Actor
+     */
+    public function setAuthredirect($authredirect)
+    {
+        $this->authredirect = $authredirect;
+        return $this;
+    }
+
+}
--- a/Zotlabs/ActivityStreams/AssertionMethod.php
+++ b/Zotlabs/ActivityStreams/AssertionMethod.php
@@ -0,0 +1,87 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class AssertionMethod extends ASObject
+{
+    public $id;
+    public $type;
+    public $controller;
+    public $publicKeyMultibase;
+
+    /**
+     * @return mixed
+     */
+    public function getId()
+    {
+        return $this->id;
+    }
+
+    /**
+     * @param mixed $id
+     * @return AssertionMethod
+     */
+    public function setId($id)
+    {
+        $this->id = $id;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getType()
+    {
+        return $this->type;
+    }
+
+    /**
+     * @param mixed $type
+     * @return AssertionMethod
+     */
+    public function setType($type)
+    {
+        $this->type = $type;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getController()
+    {
+        return $this->controller;
+    }
+
+    /**
+     * @param mixed $controller
+     * @return AssertionMethod
+     */
+    public function setController($controller)
+    {
+        $this->controller = $controller;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPublicKeyMultibase()
+    {
+        return $this->publicKeyMultibase;
+    }
+
+    /**
+     * @param mixed $publicKeyMultibase
+     * @return AssertionMethod
+     */
+    public function setPublicKeyMultibase($publicKeyMultibase)
+    {
+        $this->publicKeyMultibase = $publicKeyMultibase;
+        return $this;
+    }
+
+
+
+
+}
--- a/Zotlabs/ActivityStreams/Collection.php
+++ b/Zotlabs/ActivityStreams/Collection.php
@@ -0,0 +1,124 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Collection extends ASObject
+{
+    public int $totalItems;
+    public string $current;
+    public string $first;
+    public string $last;
+    public array $items;
+
+    public mixed $collectionOf;
+
+    /**
+     * @return int
+     */
+    public function getTotalItems(): int
+    {
+        return $this->totalItems;
+    }
+
+    /**
+     * @param mixed $totalItems
+     * @return Collection
+     */
+    public function setTotalItems(mixed $totalItems): static
+    {
+        $this->totalItems = $totalItems;
+        return $this;
+    }
+
+    /**
+     * @return string
+     */
+    public function getCurrent(): string
+    {
+        return $this->current;
+    }
+
+    /**
+     * @param mixed $current
+     * @return Collection
+     */
+    public function setCurrent(mixed $current): static
+    {
+        $this->current = $current;
+        return $this;
+    }
+
+    /**
+     * @return string
+     */
+    public function getFirst(): string
+    {
+        return $this->first;
+    }
+
+    /**
+     * @param mixed $first
+     * @return Collection
+     */
+    public function setFirst(mixed $first): static
+    {
+        $this->first = $first;
+        return $this;
+    }
+
+    /**
+     * @return string
+     */
+    public function getLast(): string
+    {
+        return $this->last;
+    }
+
+    /**
+     * @param mixed $last
+     * @return Collection
+     */
+    public function setLast(mixed $last): static
+    {
+        $this->last = $last;
+        return $this;
+    }
+
+    /**
+     * @return array
+     */
+    public function getItems(): array
+    {
+        return $this->items;
+    }
+
+    /**
+     * @param mixed $items
+     * @return Collection
+     */
+    public function setItems(mixed $items): static
+    {
+        $this->items = $items;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCollectionOf(): mixed
+    {
+        return $this->collectionOf;
+    }
+
+    /**
+     * @param mixed $collectionOf
+     * @return Collection
+     */
+    public function setCollectionOf(mixed $collectionOf): static
+    {
+        $this->collectionOf = $collectionOf;
+        return $this;
+    }
+
+
+}
--- a/Zotlabs/ActivityStreams/CollectionPage.php
+++ b/Zotlabs/ActivityStreams/CollectionPage.php
@@ -0,0 +1,73 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class CollectionPage extends Collection
+{
+    public $partOf;
+    public $next;
+    public $prev;
+
+    // startIndex only applies for OrderedCollectionPage. See
+    // https://www.w3.org/ns/activitystreams#OrderedCollectionPage
+    // It is provided here to avoid multiple inheritance
+
+    public $startIndex;
+
+    /**
+     * @return mixed
+     */
+    public function getPartOf()
+    {
+        return $this->partOf;
+    }
+
+    /**
+     * @param mixed $partOf
+     * @return CollectionPage
+     */
+    public function setPartOf($partOf)
+    {
+        $this->partOf = $partOf;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getNext()
+    {
+        return $this->next;
+    }
+
+    /**
+     * @param mixed $next
+     * @return CollectionPage
+     */
+    public function setNext($next)
+    {
+        $this->next = $next;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPrev()
+    {
+        return $this->prev;
+    }
+
+    /**
+     * @param mixed $prev
+     * @return CollectionPage
+     */
+    public function setPrev($prev)
+    {
+        $this->prev = $prev;
+        return $this;
+    }
+
+
+
+}
--- a/Zotlabs/ActivityStreams/IntransitiveActivity.php
+++ b/Zotlabs/ActivityStreams/IntransitiveActivity.php
@@ -0,0 +1,104 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+
+class IntransitiveActivity extends ASObject
+{
+    public $actor;
+    public $target;
+    public $result;
+    public $origin;
+    public $instrument;
+
+    /**
+     * @return mixed
+     */
+    public function getActor()
+    {
+        return $this->actor;
+    }
+
+    /**
+     * @param mixed $actor
+     * @return IntransitiveActivity
+     */
+    public function setActor($actor)
+    {
+        $this->actor = $actor;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getTarget()
+    {
+        return $this->target;
+    }
+
+    /**
+     * @param mixed $target
+     * @return IntransitiveActivity
+     */
+    public function setTarget($target)
+    {
+        $this->target = $target;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getResult()
+    {
+        return $this->result;
+    }
+
+    /**
+     * @param mixed $result
+     * @return IntransitiveActivity
+     */
+    public function setResult($result)
+    {
+        $this->result = $result;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getOrigin()
+    {
+        return $this->origin;
+    }
+
+    /**
+     * @param mixed $origin
+     * @return IntransitiveActivity
+     */
+    public function setOrigin($origin)
+    {
+        $this->origin = $origin;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getInstrument()
+    {
+        return $this->instrument;
+    }
+
+    /**
+     * @param mixed $instrument
+     * @return IntransitiveActivity
+     */
+    public function setInstrument($instrument)
+    {
+        $this->instrument = $instrument;
+        return $this;
+    }
+
+}
--- a/Zotlabs/ActivityStreams/Link.php
+++ b/Zotlabs/ActivityStreams/Link.php
@@ -0,0 +1,183 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+use Zotlabs\Lib\BaseObject;
+
+class Link extends BaseObject
+{
+    public $type;
+    public $href;
+    public $rel;
+    public $mediaType;
+    public $name;
+    public $hreflang;
+    public $height;
+    public $width;
+    public $preview;
+
+
+
+    /**
+     * @return mixed
+     */
+    public function getType()
+    {
+        return $this->type;
+    }
+
+    /**
+     * @param mixed $type
+     * @return Link
+     */
+    public function setType($type)
+    {
+        $this->type = $type;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getHref()
+    {
+        return $this->href;
+    }
+
+    /**
+     * @param mixed $href
+     * @return Link
+     */
+    public function setHref($href)
+    {
+        $this->href = $href;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getRel()
+    {
+        return $this->rel;
+    }
+
+    /**
+     * @param mixed $rel
+     * @return Link
+     */
+    public function setRel($rel)
+    {
+        $this->rel = $rel;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getMediaType()
+    {
+        return $this->mediaType;
+    }
+
+    /**
+     * @param mixed $mediaType
+     * @return Link
+     */
+    public function setMediaType($mediaType)
+    {
+        $this->mediaType = $mediaType;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getName()
+    {
+        return $this->name;
+    }
+
+    /**
+     * @param mixed $name
+     * @return Link
+     */
+    public function setName($name)
+    {
+        $this->name = $name;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getHreflang()
+    {
+        return $this->hreflang;
+    }
+
+    /**
+     * @param mixed $hreflang
+     * @return Link
+     */
+    public function setHreflang($hreflang)
+    {
+        $this->hreflang = $hreflang;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getHeight()
+    {
+        return $this->height;
+    }
+
+    /**
+     * @param mixed $height
+     * @return Link
+     */
+    public function setHeight($height)
+    {
+        $this->height = $height;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getWidth()
+    {
+        return $this->width;
+    }
+
+    /**
+     * @param mixed $width
+     * @return Link
+     */
+    public function setWidth($width)
+    {
+        $this->width = $width;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPreview()
+    {
+        return $this->preview;
+    }
+
+    /**
+     * @param mixed $preview
+     * @return Link
+     */
+    public function setPreview($preview)
+    {
+        $this->preview = $preview;
+        return $this;
+    }
+
+}
--- a/Zotlabs/ActivityStreams/OrderedCollection.php
+++ b/Zotlabs/ActivityStreams/OrderedCollection.php
@@ -0,0 +1,8 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class OrderedCollection extends Collection
+{
+
+}
--- a/Zotlabs/ActivityStreams/OrderedCollectionPage.php
+++ b/Zotlabs/ActivityStreams/OrderedCollectionPage.php
@@ -0,0 +1,92 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+/**
+ * According to the specification, OrderedCollectionPage extends
+ * both OrderedCollection and CollectionPage, but PHP is still a bit awkward
+ * when it comes to multiple inheritance. Rather than try and do this with
+ * traits, we'll just include the CollectionPage elements here - as this only
+ * consists of three properties.
+ */
+
+class OrderedCollectionPage extends OrderedCollection
+{
+    public $partOf;
+    public $next;
+    public $prev;
+    public $startIndex;
+
+    /**
+     * @return mixed
+     */
+    public function getPartOf()
+    {
+        return $this->partOf;
+    }
+
+    /**
+     * @param mixed $partOf
+     * @return OrderedCollectionPage
+     */
+    public function setPartOf($partOf)
+    {
+        $this->partOf = $partOf;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getNext()
+    {
+        return $this->next;
+    }
+
+    /**
+     * @param mixed $next
+     * @return OrderedCollectionPage
+     */
+    public function setNext($next)
+    {
+        $this->next = $next;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPrev()
+    {
+        return $this->prev;
+    }
+
+    /**
+     * @param mixed $prev
+     * @return OrderedCollectionPage
+     */
+    public function setPrev($prev)
+    {
+        $this->prev = $prev;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getStartIndex()
+    {
+        return $this->startIndex;
+    }
+
+    /**
+     * @param mixed $startIndex
+     * @return OrderedCollectionPage
+     */
+    public function setStartIndex($startIndex)
+    {
+        $this->startIndex = $startIndex;
+        return $this;
+    }
+
+}
--- a/Zotlabs/ActivityStreams/Place.php
+++ b/Zotlabs/ActivityStreams/Place.php
@@ -0,0 +1,125 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Place extends ASObject
+{
+
+    public $accuracy;
+    public $altitude;
+    public $latitude;
+    public $longitude;
+    public $radius;
+    public $units;
+
+    /**
+     * @return mixed
+     */
+    public function getAccuracy()
+    {
+        return $this->accuracy;
+    }
+
+    /**
+     * @param mixed $accuracy
+     * @return Place
+     */
+    public function setAccuracy($accuracy)
+    {
+        $this->accuracy = $accuracy;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAltitude()
+    {
+        return $this->altitude;
+    }
+
+    /**
+     * @param mixed $altitude
+     * @return Place
+     */
+    public function setAltitude($altitude)
+    {
+        $this->altitude = $altitude;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLatitude()
+    {
+        return $this->latitude;
+    }
+
+    /**
+     * @param mixed $latitude
+     * @return Place
+     */
+    public function setLatitude($latitude)
+    {
+        $this->latitude = $latitude;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLongitude()
+    {
+        return $this->longitude;
+    }
+
+    /**
+     * @param mixed $longitude
+     * @return Place
+     */
+    public function setLongitude($longitude)
+    {
+        $this->longitude = $longitude;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getRadius()
+    {
+        return $this->radius;
+    }
+
+    /**
+     * @param mixed $radius
+     * @return Place
+     */
+    public function setRadius($radius)
+    {
+        $this->radius = $radius;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getUnits()
+    {
+        return $this->units;
+    }
+
+    /**
+     * @param mixed $units
+     * @return Place
+     */
+    public function setUnits($units)
+    {
+        $this->units = $units;
+        return $this;
+    }
+
+
+
+}
--- a/Zotlabs/ActivityStreams/Profile.php
+++ b/Zotlabs/ActivityStreams/Profile.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Profile extends ASObject
+{
+
+    public $describes;
+
+    /**
+     * @return mixed
+     */
+    public function getDescribes()
+    {
+        return $this->describes;
+    }
+
+    /**
+     * @param mixed $describes
+     * @return Profile
+     */
+    public function setDescribes($describes)
+    {
+        $this->describes = $describes;
+        return $this;
+    }
+
+
+}
--- a/Zotlabs/ActivityStreams/PublicKey.php
+++ b/Zotlabs/ActivityStreams/PublicKey.php
@@ -0,0 +1,68 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class PublicKey extends ASObject
+{
+    public $owner;
+    public $signatureAlgorithm;
+    public $publicKeyPem;
+
+    /**
+     * @return mixed
+     */
+    public function getOwner()
+    {
+        return $this->owner;
+    }
+
+    /**
+     * @param mixed $owner
+     * @return PublicKey
+     */
+    public function setOwner($owner)
+    {
+        $this->owner = $owner;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSignatureAlgorithm()
+    {
+        return $this->signatureAlgorithm;
+    }
+
+    /**
+     * @param mixed $signatureAlgorithm
+     * @return PublicKey
+     */
+    public function setSignatureAlgorithm($signatureAlgorithm)
+    {
+        $this->signatureAlgorithm = $signatureAlgorithm;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPublicKeyPem()
+    {
+        return $this->publicKeyPem;
+    }
+
+    /**
+     * @param mixed $publicKeyPem
+     * @return PublicKey
+     */
+    public function setPublicKeyPem($publicKeyPem)
+    {
+        $this->publicKeyPem = $publicKeyPem;
+        return $this;
+    }
+
+
+
+
+}
--- a/Zotlabs/ActivityStreams/Question.php
+++ b/Zotlabs/ActivityStreams/Question.php
@@ -0,0 +1,67 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Question extends ASObject
+{
+    public $oneOf;
+    public $anyOf;
+    public $closed;
+
+    /**
+     * @return mixed
+     */
+    public function getOneOf()
+    {
+        return $this->oneOf;
+    }
+
+    /**
+     * @param mixed $oneOf
+     * @return Question
+     */
+    public function setOneOf($oneOf)
+    {
+        $this->oneOf = $oneOf;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAnyOf()
+    {
+        return $this->anyOf;
+    }
+
+    /**
+     * @param mixed $anyOf
+     * @return Question
+     */
+    public function setAnyOf($anyOf)
+    {
+        $this->anyOf = $anyOf;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getClosed()
+    {
+        return $this->closed;
+    }
+
+    /**
+     * @param mixed $closed
+     * @return Question
+     */
+    public function setClosed($closed)
+    {
+        $this->closed = $closed;
+        return $this;
+    }
+
+
+
+}
--- a/Zotlabs/ActivityStreams/Relationship.php
+++ b/Zotlabs/ActivityStreams/Relationship.php
@@ -0,0 +1,67 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Relationship extends ASObject
+{
+    public $subject;
+    public $object;
+    public $relationship;
+
+    /**
+     * @return mixed
+     */
+    public function getSubject()
+    {
+        return $this->subject;
+    }
+
+    /**
+     * @param mixed $subject
+     * @return Relationship
+     */
+    public function setSubject($subject)
+    {
+        $this->subject = $subject;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getObject()
+    {
+        return $this->object;
+    }
+
+    /**
+     * @param mixed $object
+     * @return Relationship
+     */
+    public function setObject($object)
+    {
+        $this->object = $object;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getRelationship()
+    {
+        return $this->relationship;
+    }
+
+    /**
+     * @param mixed $relationship
+     * @return Relationship
+     */
+    public function setRelationship($relationship)
+    {
+        $this->relationship = $relationship;
+        return $this;
+    }
+
+
+
+}
--- a/Zotlabs/ActivityStreams/Signature.php
+++ b/Zotlabs/ActivityStreams/Signature.php
@@ -0,0 +1,65 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Signature extends ASObject
+{
+    public $nonce;
+    public $creator;
+    public $signatureValue;
+
+    /**
+     * @return mixed
+     */
+    public function getCreator()
+    {
+        return $this->creator;
+    }
+
+    /**
+     * @param mixed $creator
+     * @return Signature
+     */
+    public function setCreator($creator)
+    {
+        $this->creator = $creator;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSignatureValue()
+    {
+        return $this->signatureValue;
+    }
+
+    /**
+     * @param mixed $signatureValue
+     * @return Signature
+     */
+    public function setSignatureValue($signatureValue)
+    {
+        $this->signatureValue = $signatureValue;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getNonce()
+    {
+        return $this->nonce;
+    }
+
+    /**
+     * @param mixed $nonce
+     * @return Signature
+     */
+    public function setNonce($nonce)
+    {
+        $this->nonce = $nonce;
+        return $this;
+    }
+
+}
--- a/Zotlabs/ActivityStreams/Tombstone.php
+++ b/Zotlabs/ActivityStreams/Tombstone.php
@@ -0,0 +1,48 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class Tombstone extends ASObject
+{
+    public $formerType;
+    public $deleted;
+
+    /**
+     * @return mixed
+     */
+    public function getFormerType()
+    {
+        return $this->formerType;
+    }
+
+    /**
+     * @param mixed $formerType
+     * @return Tombstone
+     */
+    public function setFormerType($formerType)
+    {
+        $this->formerType = $formerType;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDeleted()
+    {
+        return $this->deleted;
+    }
+
+    /**
+     * @param mixed $deleted
+     * @return Tombstone
+     */
+    public function setDeleted($deleted)
+    {
+        $this->deleted = $deleted;
+        return $this;
+    }
+
+
+
+}
--- a/Zotlabs/ActivityStreams/UnhandledElementException.php
+++ b/Zotlabs/ActivityStreams/UnhandledElementException.php
@@ -0,0 +1,8 @@
+<?php
+
+namespace Zotlabs\ActivityStreams;
+
+class UnhandledElementException extends \Exception
+{
+
+}
--- a/Zotlabs/Daemon/Cache_embeds.php
+++ b/Zotlabs/Daemon/Cache_embeds.php
@@ -6,23 +6,28 @@ class Cache_embeds {

 	static public function run($argc,$argv) {

-		if(! $argc == 2)
+		if(!$argc == 2) {
 			return;
+		}

-		$c = q("select body from item where id = %d ",
-			dbesc(intval($argv[1]))
+		$c = q("select uid, aid, body, item_private from item where uuid = '%s'",
+			dbesc($argv[1])
 		);

-		if(! $c)
+		if(!$c) {
 			return;
+		}

 		$item = $c[0];

 		// bbcode conversion by default processes embeds that aren't already cached.
 		// Ignore the returned html output.
-
 		bbcode($item['body']);

+		// photocache addon hook to prefetch one copy of public item images for the sys channel
+		call_hooks('cache_prefetch_hook', $item);
+
 		return;
 	}
+
 }
--- a/Zotlabs/Daemon/Channel_purge.php
+++ b/Zotlabs/Daemon/Channel_purge.php
@@ -24,7 +24,7 @@ class Channel_purge {
 			);
 			if ($r) {
 				foreach ($r as $rv) {
-					drop_item($rv['id'], false);
+					drop_item($rv['id'], uid: $channel_id);
 				}
 			}
 		} while ($r);
--- a/Zotlabs/Daemon/Content_importer.php
+++ b/Zotlabs/Daemon/Content_importer.php
@@ -38,7 +38,13 @@ class Content_importer {

 		$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], channel_url($channel),true,'sha512');

-		$x = z_fetch_url($hz_server . '/api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page,false,$redirects,[ 'headers' => $headers ]);
+		$redirects = 0;
+		$x = z_fetch_url(
+			$hz_server . '/api/z/1.0/item/export_page?f=&since=' . urlencode($since) . '&until=' . urlencode($until) . '&page=' . $page,
+			false,
+			$redirects,
+			[ 'headers' => $headers ]
+		);

 		// logger('item fetch: ' . print_r($x,true));

@@ -47,9 +53,9 @@ class Content_importer {
 			killme();
 		}

-		$j = json_decode($x['body'],true);
+		$j = json_decode($x['body'], true);

-		if(! is_array($j['item']) || ! count($j['item'])) {
+		if($j && empty($j['item'])) {
 			PConfig::Set($channel['channel_id'], 'import', 'content_completed', 1);
 			return;
 		}
--- a/Zotlabs/Daemon/Cron.php
+++ b/Zotlabs/Daemon/Cron.php
@@ -69,18 +69,18 @@ class Cron {

 		// expire any expired items

-		$r = q("select id,item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s
+		$r = q("select id, uid, item_wall from item where expires > '2001-01-01 00:00:00' and expires < %s
 			and item_deleted = 0 ",
 			db_utcnow()
 		);
+
 		if ($r) {
-			require_once('include/items.php');
 			foreach ($r as $rr) {
-				drop_item($rr['id'], false, (($rr['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL));
+				// pass uid of the message for permission check as we are running as a daemon process with no session.
+				drop_item($rr['id'], (($rr['item_wall']) ? DROPITEM_PHASE1 : DROPITEM_NORMAL), uid: intval($rr['uid']));
 				if ($rr['item_wall']) {
 					// The notifier isn't normally invoked unless item_drop is interactive.
 					Master::Summon(['Notifier', 'drop', $rr['id']]);
-
 					if ($interval) {
 						usleep($interval);
 					}
@@ -125,14 +125,15 @@ class Cron {
 		$r = q("SELECT DISTINCT xchan, content FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s",
 			intval(PHOTO_CACHE),
 			db_utcnow(),
-			db_quoteinterval(Config::Get('system', 'cache_expire_days', 7) . ' DAY')
+			db_quoteinterval(Config::Get('system', 'default_expire_days', 30) . ' DAY')
 		);
 		if ($r) {
 			q("DELETE FROM photo WHERE photo_usage = %d AND expires < %s - INTERVAL %s",
 				intval(PHOTO_CACHE),
 				db_utcnow(),
-				db_quoteinterval(Config::Get('system', 'cache_expire_days', 7) . ' DAY')
+				db_quoteinterval(Config::Get('system', 'default_expire_days', 30) . ' DAY')
 			);
+
 			foreach ($r as $rr) {
 				$file = dbunescbin($rr['content']);
 				if (is_file($file)) {
@@ -147,40 +148,29 @@ class Cron {
 		// (time travel posts). Restrict to items that have come of age in the last
 		// couple of days to limit the query to something reasonable.

-		$r = q("select id from item where item_delayed = 1 and created <= %s  and created > '%s' ",
+		$r = q("select * from item where item_delayed = 1 and created <= %s  and created > '%s' ",
 			db_utcnow(),
 			dbesc(datetime_convert('UTC', 'UTC', 'now - 2 days'))
 		);
-		if ($r) {
-			foreach ($r as $rr) {
-				$x = q("update item set item_delayed = 0 where id = %d",
-					intval($rr['id'])
-				);
-				if ($x) {
-					$z = q("select * from item where id = %d",
-						intval($rr['id'])
-					);
-					if ($z) {
-						xchan_query($z);
-						$sync_item = fetch_post_tags($z);
-						Libsync::build_sync_packet($sync_item[0]['uid'],
-							[
-								'item' => [encode_item($sync_item[0], true)]
-							]
-						);
-					}
-					Master::Summon(array('Notifier', 'wall-new', $rr['id']));

-					if ($interval) {
-						usleep($interval);
+		if ($r) {
+			xchan_query($r);
+			$items = fetch_post_tags($r);
+			foreach ($items as $item) {
+				$item['item_delayed'] = 0;
+				$post = item_store_update($item);
+
+				if($post['success']) {
+					Master::Summon(['Notifier', 'wall-new', $post['item_id']]);
+					if (!empty($post['approval_id'])) {
+						Master::Summon(['Notifier', 'wall-new', $post['approval_id']]);
 					}
 				}
-			}
-		}
-
-		require_once('include/attach.php');
-		attach_upgrade();
-
+				if ($interval) {
+					usleep($interval);
+				}
+            }
+        }
 		// once daily run birthday_updates and then expire in background

 		// FIXME: add birthday updates, both locally and for xprof for use
--- a/Zotlabs/Daemon/Expire.php
+++ b/Zotlabs/Daemon/Expire.php
@@ -23,13 +23,13 @@ class Expire {

 		// perform final cleanup on previously delete items

-		$r = q("select id from item where item_deleted = 1 and item_pending_remove = 0 and changed < %s - INTERVAL %s",
+		$r = q("select id, uid from item where item_deleted = 1 and item_pending_remove = 0 and changed < %s - INTERVAL %s",
 			db_utcnow(),
 			db_quoteinterval('10 DAY')
 		);
 		if ($r) {
 			foreach ($r as $rr) {
-				drop_item($rr['id'], false, DROPITEM_PHASE2);
+				drop_item($rr['id'], DROPITEM_PHASE2, uid: $rr['uid']);
 			}
 		}

--- a/Zotlabs/Daemon/File_importer.php
+++ b/Zotlabs/Daemon/File_importer.php
@@ -38,7 +38,13 @@ class File_importer {
 		$headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'],channel_url($channel),true,'sha512');

 		// TODO: implement total count
-		$x = z_fetch_url($hz_server . '/api/z/1.0/file/export_page?f=records=1&page=' . $page, false, $redirects, [ 'headers' => $headers ]);
+		$redirects = 0;
+		$x = z_fetch_url(
+			$hz_server . '/api/z/1.0/file/export_page?f=records=1&page=' . $page,
+			false,
+			$redirects,
+			[ 'headers' => $headers ]
+		);
 		// logger('file fetch: ' . print_r($x,true));

 		if(! $x['success']) {
--- a/Zotlabs/Daemon/Importdoc.php
+++ b/Zotlabs/Daemon/Importdoc.php
@@ -11,6 +11,21 @@ class Importdoc {

 		self::update_docs_dir('doc/*');

+		$sys = get_sys_channel();
+
+		// remove old files that weren't updated (indicates they were most likely deleted).
+		$i = q("select id from item where uid = %d and item_type = 5 and edited < %s - INTERVAL %s",
+			intval($sys['channel_id']),
+			db_utcnow(),
+			db_quoteinterval('14 DAY')
+		);
+
+		if ($i) {
+			foreach ($i as $iv) {
+				drop_item($iv['id'], uid: $sys['channel_id']);
+			}
+		}
+
 		return;

 	}
@@ -18,9 +33,13 @@ class Importdoc {
 	static public function update_docs_dir($s) {
 		$f = basename($s);
 		$d = dirname($s);
-		if ($s === 'doc/html')
+
+		if ($s === 'doc/html') {
 			return;
+		}
+
 		$files = glob("$d/$f");
+
 		if ($files) {
 			foreach ($files as $fi) {
 				if ($fi === 'doc/html') {
--- a/Zotlabs/Daemon/Notifier.php
+++ b/Zotlabs/Daemon/Notifier.php
@@ -241,11 +241,6 @@ class Notifier {

 			$target_item = $r[0];

-			if (in_array($target_item['author']['xchan_network'], ['rss', 'anon', 'token'])) {
-				logger('notifier: target item author is not a fetchable actor', LOGGER_DEBUG);
-				return;
-			}
-
 			if (intval($target_item['item_deleted'])) {
 				logger('notifier: target item ITEM_DELETED', LOGGER_DEBUG);
 			}
@@ -268,22 +263,9 @@ class Notifier {

 			}

-			// Check for non published items, but allow an exclusion for transmitting hidden file activities
-
-			if (intval($target_item['item_unpublished']) || intval($target_item['item_delayed']) ||
-				intval($target_item['item_blocked']) || intval($target_item['item_hidden'])) {
-				logger('notifier: target item not published, so not forwardable', LOGGER_DEBUG);
-				return;
-			}
-
-			// follow/unfollow is for internal use only
-			if (in_array($target_item['verb'], ['Follow', 'Ignore', ACTIVITY_FOLLOW, ACTIVITY_UNFOLLOW])) {
-				logger('not fowarding follow/unfollow note activity');
-				return;
-			}
-
-			if (strpos($target_item['postopts'], 'nodeliver') !== false) {
-				logger('notifier: target item is undeliverable', LOGGER_DEBUG);
+			if (!item_forwardable($target_item)) {
+				//hz_syslog(print_r($target_item,true));
+				logger('notifier: target item not forwardable', LOGGER_DEBUG);
 				return;
 			}

@@ -299,7 +281,7 @@ class Notifier {
 				return;
 			}

-			if ($target_item['verb'] === ACTIVITY_SHARE) {
+			if (in_array($target_item['verb'], [ACTIVITY_SHARE])) {
 				// Provide correct representation across the wire. Internally this is treated as a comment.
 				$target_item['parent_mid'] = $target_item['thr_parent'] = $target_item['mid'];
 			}
@@ -341,7 +323,13 @@ class Notifier {
 				self::$encoded_item = json_decode($m, true);
 			}
 			else {
-				self::$encoded_item = Activity::build_packet(Activity::encode_activity($target_item), self::$channel, false);
+				$activity = Activity::encode_activity($target_item);
+
+				if (!$activity) {
+					return;
+				}
+
+				self::$encoded_item = Activity::build_packet($activity, self::$channel, false);
 			}

 			logger('target_item: ' . print_r($target_item, true), LOGGER_DEBUG);
@@ -358,6 +346,10 @@ class Notifier {

 			$relay_to_owner = (!$top_level_post && intval($target_item['item_origin']) && comment_local_origin($target_item));

+			if (self::$channel['channel_hash'] === $target_item['owner_xchan']) {
+				$relay_to_owner = false;
+			}
+
 			// $cmd === 'relay' indicates the owner is sending it to the original recipients
 			// don't allow the item in the relay command to relay to owner under any circumstances, it will loop

@@ -374,7 +366,6 @@ class Notifier {

 			if (($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
 				logger('notifier: followup relay', LOGGER_DEBUG);
-				// If the Parent item is an Announce the real owner is the parent author
 				$sendto            = (($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']);
 				self::$recipients  = [$sendto];
 				self::$private     = true;
@@ -389,7 +380,7 @@ class Notifier {
 					logger('normal (downstream) distribution', LOGGER_DEBUG);
 				}

-				if ($parent_item && $parent_item['item_private'] !== $target_item['item_private']) {
+				if (($parent_item && $parent_item['item_private'] !== $target_item['item_private']) || (intval($target_item['item_restrict']) & 1)) {
 					logger('conversation privacy mismatch - downstream delivery prevented');
 					return;
 				}
@@ -589,8 +580,6 @@ class Notifier {

 		foreach ($dhubs as $hub) {

-			logger('notifier_hub: ' . $hub['hubloc_url'], LOGGER_DEBUG);
-
 			if ($hub['hubloc_network'] !== 'zot6') {
 				$narr = [
 					'channel'        => self::$channel,
--- a/Zotlabs/Entity/Account.php
+++ b/Zotlabs/Entity/Account.php
@@ -0,0 +1,352 @@
+<?php
+
+namespace Zotlabs\Entity;
+
+use Zotlabs\Lib\BaseObject;
+
+class Account extends BaseObject
+{
+    public $account_id;
+    public $account_parent;
+    public $account_default_channel;
+    public $account_salt;
+    public $account_password;
+    public $account_email;
+    public $account_external;
+    public $account_language;
+    public $account_created;
+    public $account_lastlog;
+    public $account_flags;
+    public $account_roles;
+    public $account_reset;
+    public $account_expires;
+    public $account_expire_notified;
+    public $account_service_class;
+    public $account_level;
+    public $account_password_change;
+
+    /**
+     * @return mixed
+     */
+    public function getId()
+    {
+        return $this->account_id;
+    }
+
+    /**
+     * @param mixed $account_id
+     * @return Account
+     */
+    public function setId($account_id)
+    {
+        $this->account_id = $account_id;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getParent()
+    {
+        return $this->account_parent;
+    }
+
+    /**
+     * @param mixed $account_parent
+     * @return Account
+     */
+    public function setParent($account_parent)
+    {
+        $this->account_parent = $account_parent;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDefaultChannel()
+    {
+        return $this->account_default_channel;
+    }
+
+    /**
+     * @param mixed $account_default_channel
+     * @return Account
+     */
+    public function setDefaultChannel($account_default_channel)
+    {
+        $this->account_default_channel = $account_default_channel;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSalt()
+    {
+        return $this->account_salt;
+    }
+
+    /**
+     * @param mixed $account_salt
+     * @return Account
+     */
+    public function setSalt($account_salt)
+    {
+        $this->account_salt = $account_salt;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPassword()
+    {
+        return $this->account_password;
+    }
+
+    /**
+     * @param mixed $account_password
+     * @return Account
+     */
+    public function setPassword($account_password)
+    {
+        $this->account_password = $account_password;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getEmail()
+    {
+        return $this->account_email;
+    }
+
+    /**
+     * @param mixed $account_email
+     * @return Account
+     */
+    public function setEmail($account_email)
+    {
+        $this->account_email = $account_email;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getExternal()
+    {
+        return $this->account_external;
+    }
+
+    /**
+     * @param mixed $account_external
+     * @return Account
+     */
+    public function setExternal($account_external)
+    {
+        $this->account_external = $account_external;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLanguage()
+    {
+        return $this->account_language;
+    }
+
+    /**
+     * @param mixed $account_language
+     * @return Account
+     */
+    public function setLanguage($account_language)
+    {
+        $this->account_language = $account_language;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getCreated()
+    {
+        return $this->account_created;
+    }
+
+    /**
+     * @param mixed $account_created
+     * @return Account
+     */
+    public function setCreated($account_created)
+    {
+        $this->account_created = $account_created;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLastlog()
+    {
+        return $this->account_lastlog;
+    }
+
+    /**
+     * @param mixed $account_lastlog
+     * @return Account
+     */
+    public function setLastlog($account_lastlog)
+    {
+        $this->account_lastlog = $account_lastlog;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getFlags()
+    {
+        return $this->account_flags;
+    }
+
+    /**
+     * @param mixed $account_flags
+     * @return Account
+     */
+    public function setFlags($account_flags)
+    {
+        $this->account_flags = $account_flags;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getRoles()
+    {
+        return $this->account_roles;
+    }
+
+    /**
+     * @param mixed $account_roles
+     * @return Account
+     */
+    public function setRoles($account_roles)
+    {
+        $this->account_roles = $account_roles;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getReset()
+    {
+        return $this->account_reset;
+    }
+
+    /**
+     * @param mixed $account_reset
+     * @return Account
+     */
+    public function setReset($account_reset)
+    {
+        $this->account_reset = $account_reset;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getExpires()
+    {
+        return $this->account_expires;
+    }
+
+    /**
+     * @param mixed $account_expires
+     * @return Account
+     */
+    public function setExpires($account_expires)
+    {
+        $this->account_expires = $account_expires;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getExpireNotified()
+    {
+        return $this->account_expire_notified;
+    }
+
+    /**
+     * @param mixed $account_expire_notified
+     * @return Account
+     */
+    public function setExpireNotified($account_expire_notified)
+    {
+        $this->account_expire_notified = $account_expire_notified;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getServiceClass()
+    {
+        return $this->account_service_class;
+    }
+
+    /**
+     * @param mixed $account_service_class
+     * @return Account
+     */
+    public function setServiceClass($account_service_class)
+    {
+        $this->account_service_class = $account_service_class;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLevel()
+    {
+        return $this->account_level;
+    }
+
+    /**
+     * @param mixed $account_level
+     * @return Account
+     */
+    public function setLevel($account_level)
+    {
+        $this->account_level = $account_level;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPasswordChange()
+    {
+        return $this->account_password_change;
+    }
+
+    /**
+     * @param mixed $account_password_change
+     * @return Account
+     */
+    public function setPasswordChange($account_password_change)
+    {
+        $this->account_password_change = $account_password_change;
+        return $this;
+    }
+
+}
--- a/Zotlabs/Entity/Channel.php
+++ b/Zotlabs/Entity/Channel.php
@@ -0,0 +1,714 @@
+<?php
+
+namespace Zotlabs\Entity;
+
+use Zotlabs\Lib\BaseObject;
+
+class Channel extends BaseObject
+{
+    public $channel_id;
+    public $channel_account_id;
+    public $channel_primary;
+    public $channel_name;
+    public $channel_parent;
+    public $channel_address;
+    public $channel_guid;
+    public $channel_guid_sig;
+    public $channel_hash;
+    public $channel_timezone;
+    public $channel_location;
+    public $channel_theme;
+    public $channel_startpage;
+    public $channel_pubkey;
+    public $channel_prvkey;
+    public $channel_epubkey;
+    public $channel_eprvkey;
+    public $channel_notifyflags;
+    public $channel_pageflags;
+    public $channel_dirdate;
+    public $channel_lastpost;
+    public $channel_deleted;
+    public $channel_active;
+    public $channel_max_anon_mail;
+    public $channel_max_friend_req;
+    public $channel_expire_days;
+    public $channel_passwd_reset;
+    public $channel_default_group;
+    public $channel_allow_cid;
+    public $channel_allow_gid;
+    public $channel_deny_cid;
+    public $channel_deny_gid;
+    public $channel_removed;
+    public $channel_system;
+    public $channel_moved;
+    public $channel_password;
+    public $channel_salt;
+
+    /**
+     * @return mixed
+     */
+    public function getId()
+    {
+        return $this->channel_id;
+    }
+
+    /**
+     * @param mixed $channel_id
+     * @return Channel
+     */
+    public function setId($channel_id)
+    {
+        $this->channel_id = $channel_id;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAccountId()
+    {
+        return $this->channel_account_id;
+    }
+
+    /**
+     * @param mixed $channel_account_id
+     * @return Channel
+     */
+    public function setAccountId($channel_account_id)
+    {
+        $this->channel_account_id = $channel_account_id;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPrimary()
+    {
+        return $this->channel_primary;
+    }
+
+    /**
+     * @param mixed $channel_primary
+     * @return Channel
+     */
+    public function setPrimary($channel_primary)
+    {
+        $this->channel_primary = $channel_primary;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getName()
+    {
+        return $this->channel_name;
+    }
+
+    /**
+     * @param mixed $channel_name
+     * @return Channel
+     */
+    public function setName($channel_name)
+    {
+        $this->channel_name = $channel_name;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getParent()
+    {
+        return $this->channel_parent;
+    }
+
+    /**
+     * @param mixed $channel_parent
+     * @return Channel
+     */
+    public function setParent($channel_parent)
+    {
+        $this->channel_parent = $channel_parent;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAddress()
+    {
+        return $this->channel_address;
+    }
+
+    /**
+     * @param mixed $channel_address
+     * @return Channel
+     */
+    public function setAddress($channel_address)
+    {
+        $this->channel_address = $channel_address;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getGuid()
+    {
+        return $this->channel_guid;
+    }
+
+    /**
+     * @param mixed $channel_guid
+     * @return Channel
+     */
+    public function setGuid($channel_guid)
+    {
+        $this->channel_guid = $channel_guid;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getGuidSig()
+    {
+        return $this->channel_guid_sig;
+    }
+
+    /**
+     * @param mixed $channel_guid_sig
+     * @return Channel
+     */
+    public function setGuidSig($channel_guid_sig)
+    {
+        $this->channel_guid_sig = $channel_guid_sig;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getHash()
+    {
+        return $this->channel_hash;
+    }
+
+    /**
+     * @param mixed $channel_hash
+     * @return Channel
+     */
+    public function setHash($channel_hash)
+    {
+        $this->channel_hash = $channel_hash;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getTimezone()
+    {
+        return $this->channel_timezone;
+    }
+
+    /**
+     * @param mixed $channel_timezone
+     * @return Channel
+     */
+    public function setTimezone($channel_timezone)
+    {
+        $this->channel_timezone = $channel_timezone;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLocation()
+    {
+        return $this->channel_location;
+    }
+
+    /**
+     * @param mixed $channel_location
+     * @return Channel
+     */
+    public function setLocation($channel_location)
+    {
+        $this->channel_location = $channel_location;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getTheme()
+    {
+        return $this->channel_theme;
+    }
+
+    /**
+     * @param mixed $channel_theme
+     * @return Channel
+     */
+    public function setTheme($channel_theme)
+    {
+        $this->channel_theme = $channel_theme;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getStartpage()
+    {
+        return $this->channel_startpage;
+    }
+
+    /**
+     * @param mixed $channel_startpage
+     * @return Channel
+     */
+    public function setStartpage($channel_startpage)
+    {
+        $this->channel_startpage = $channel_startpage;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPubkey()
+    {
+        return $this->channel_pubkey;
+    }
+
+    /**
+     * @param mixed $channel_pubkey
+     * @return Channel
+     */
+    public function setPubkey($channel_pubkey)
+    {
+        $this->channel_pubkey = $channel_pubkey;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPrvkey()
+    {
+        return $this->channel_prvkey;
+    }
+
+    /**
+     * @param mixed $channel_prvkey
+     * @return Channel
+     */
+    public function setPrvkey($channel_prvkey)
+    {
+        $this->channel_prvkey = $channel_prvkey;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getEpubkey()
+    {
+        return $this->channel_epubkey;
+    }
+
+    /**
+     * @param mixed $channel_epubkey
+     * @return Channel
+     */
+    public function setEpubkey($channel_epubkey)
+    {
+        $this->channel_epubkey = $channel_epubkey;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getEprvkey()
+    {
+        return $this->channel_eprvkey;
+    }
+
+    /**
+     * @param mixed $channel_eprvkey
+     * @return Channel
+     */
+    public function setEprvkey($channel_eprvkey)
+    {
+        $this->channel_eprvkey = $channel_eprvkey;
+        return $this;
+    }
+
+
+    /**
+     * @return mixed
+     */
+    public function getNotifyflags()
+    {
+        return $this->channel_notifyflags;
+    }
+
+    /**
+     * @param mixed $channel_notifyflags
+     * @return Channel
+     */
+    public function setNotifyflags($channel_notifyflags)
+    {
+        $this->channel_notifyflags = $channel_notifyflags;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPageflags()
+    {
+        return $this->channel_pageflags;
+    }
+
+    /**
+     * @param mixed $channel_pageflags
+     * @return Channel
+     */
+    public function setPageflags($channel_pageflags)
+    {
+        $this->channel_pageflags = $channel_pageflags;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDirdate()
+    {
+        return $this->channel_dirdate;
+    }
+
+    /**
+     * @param mixed $channel_dirdate
+     * @return Channel
+     */
+    public function setDirdate($channel_dirdate)
+    {
+        $this->channel_dirdate = $channel_dirdate;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLastpost()
+    {
+        return $this->channel_lastpost;
+    }
+
+    /**
+     * @param mixed $channel_lastpost
+     * @return Channel
+     */
+    public function setLastpost($channel_lastpost)
+    {
+        $this->channel_lastpost = $channel_lastpost;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDeleted()
+    {
+        return $this->channel_deleted;
+    }
+
+    /**
+     * @param mixed $channel_deleted
+     * @return Channel
+     */
+    public function setDeleted($channel_deleted)
+    {
+        $this->channel_deleted = $channel_deleted;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getActive()
+    {
+        return $this->channel_active;
+    }
+
+    /**
+     * @param mixed $channel_active
+     * @return Channel
+     */
+    public function setActive($channel_active)
+    {
+        $this->channel_active = $channel_active;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getMaxAnonMail()
+    {
+        return $this->channel_max_anon_mail;
+    }
+
+    /**
+     * @param mixed $channel_max_anon_mail
+     * @return Channel
+     */
+    public function setMaxAnonMail($channel_max_anon_mail)
+    {
+        $this->channel_max_anon_mail = $channel_max_anon_mail;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getMaxFriendReq()
+    {
+        return $this->channel_max_friend_req;
+    }
+
+    /**
+     * @param mixed $channel_max_friend_req
+     * @return Channel
+     */
+    public function setMaxFriendReq($channel_max_friend_req)
+    {
+        $this->channel_max_friend_req = $channel_max_friend_req;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getExpireDays()
+    {
+        return $this->channel_expire_days;
+    }
+
+    /**
+     * @param mixed $channel_expire_days
+     * @return Channel
+     */
+    public function setExpireDays($channel_expire_days)
+    {
+        $this->channel_expire_days = $channel_expire_days;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPasswdReset()
+    {
+        return $this->channel_passwd_reset;
+    }
+
+    /**
+     * @param mixed $channel_passwd_reset
+     * @return Channel
+     */
+    public function setPasswdReset($channel_passwd_reset)
+    {
+        $this->channel_passwd_reset = $channel_passwd_reset;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDefaultGroup()
+    {
+        return $this->channel_default_group;
+    }
+
+    /**
+     * @param mixed $channel_default_group
+     * @return Channel
+     */
+    public function setDefaultGroup($channel_default_group)
+    {
+        $this->channel_default_group = $channel_default_group;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAllowCid()
+    {
+        return $this->channel_allow_cid;
+    }
+
+    /**
+     * @param mixed $channel_allow_cid
+     * @return Channel
+     */
+    public function setAllowCid($channel_allow_cid)
+    {
+        $this->channel_allow_cid = $channel_allow_cid;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getAllowGid()
+    {
+        return $this->channel_allow_gid;
+    }
+
+    /**
+     * @param mixed $channel_allow_gid
+     * @return Channel
+     */
+    public function setAllowGid($channel_allow_gid)
+    {
+        $this->channel_allow_gid = $channel_allow_gid;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDenyCid()
+    {
+        return $this->channel_deny_cid;
+    }
+
+    /**
+     * @param mixed $channel_deny_cid
+     * @return Channel
+     */
+    public function setDenyCid($channel_deny_cid)
+    {
+        $this->channel_deny_cid = $channel_deny_cid;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getDenyGid()
+    {
+        return $this->channel_deny_gid;
+    }
+
+    /**
+     * @param mixed $channel_deny_gid
+     * @return Channel
+     */
+    public function setDenyGid($channel_deny_gid)
+    {
+        $this->channel_deny_gid = $channel_deny_gid;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getRemoved()
+    {
+        return $this->channel_removed;
+    }
+
+    /**
+     * @param mixed $channel_removed
+     * @return Channel
+     */
+    public function setRemoved($channel_removed)
+    {
+        $this->channel_removed = $channel_removed;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSystem()
+    {
+        return $this->channel_system;
+    }
+
+    /**
+     * @param mixed $channel_system
+     * @return Channel
+     */
+    public function setSystem($channel_system)
+    {
+        $this->channel_system = $channel_system;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getMoved()
+    {
+        return $this->channel_moved;
+    }
+
+    /**
+     * @param mixed $channel_moved
+     * @return Channel
+     */
+    public function setMoved($channel_moved)
+    {
+        $this->channel_moved = $channel_moved;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getPassword()
+    {
+        return $this->channel_password;
+    }
+
+    /**
+     * @param mixed $channel_password
+     * @return Channel
+     */
+    public function setPassword($channel_password)
+    {
+        $this->channel_password = $channel_password;
+        return $this;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getSalt()
+    {
+        return $this->channel_salt;
+    }
+
+    /**
+     * @param mixed $channel_salt
+     * @return Channel
+     */
+    public function setSalt($channel_salt)
+    {
+        $this->channel_salt = $channel_salt;
+        return $this;
+    }
+
+}
--- a/Zotlabs/Entity/Item.php
+++ b/Zotlabs/Entity/Item.php
--- a/Zotlabs/Lib/Activity.php
+++ b/Zotlabs/Lib/Activity.php
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -528,49 +528,59 @@ class ActivityStreams {
 	}

 	public function checkEddsaSignature() {
+		$publicKey = null;
 		$signer = $this->get_property_obj('verificationMethod', $this->sig);

-		$parseUrl = parse_url($signer);
-
-		if (isset($parseUrl['fragment'])) {
-			if (str_starts_with($parseUrl['fragment'], 'z6Mk')) {
-				$publicKey = $parseUrl['fragment'];
-			}
-			unset($parseUrl['fragment']);
-		}
-
-		if (isset($parseUrl['query'])) {
-			unset($parseUrl['query']);
-		}
-
-		$url = unparse_url($parseUrl);
-
-		$hublocs = Activity::get_actor_hublocs($url);
-
-		$hasStoredKey = false;
-		if ($hublocs) {
-			foreach ($hublocs as $hubloc) {
-				if ($publicKey && $hubloc['xchan_epubkey'] === $publicKey) {
-					$hasStoredKey = true;
-					break;
-				}
+		if ($signer && str_starts_with($signer, 'did:key:')) {
+			$publicKey = str_replace('did:key:', '', $signer);
+			$this->signer = ['id' => $signer];
+			if (strpos($publicKey, '#') !== false) {
+				$publicKey = substr($publicKey,0, strpos($publicKey, '#'));
 			}
 		}
+        else {
+			$parseUrl = parse_url($signer);

-		if (!$hasStoredKey) {
-			$this->signer = Activity::get_actor($url);
-
-			if (isset($this->signer['assertionMethod'])) {
-				if (!isset($this->signer['assertionMethod'][0])) {
-					$this->signer['assertionMethod'] = [$this->signer['assertionMethod']];
+			if (isset($parseUrl['fragment'])) {
+				if (str_starts_with($parseUrl['fragment'], 'z6Mk')) {
+					$publicKey = $parseUrl['fragment'];
 				}
+				unset($parseUrl['fragment']);
+			}

-				foreach($this->signer['assertionMethod'] as $am) {
-					if ($url === $am['controller'] &&
-						$am['type'] === 'Multikey' &&
-						str_starts_with($am['publicKeyMultibase'], 'z6Mk')
-					) {
-						$publicKey = $am['publicKeyMultibase'];
+			if (isset($parseUrl['query'])) {
+				unset($parseUrl['query']);
+			}
+
+			$url = unparse_url($parseUrl);
+
+			$hublocs = Activity::get_actor_hublocs($url);
+
+			$hasStoredKey = false;
+			if ($hublocs) {
+				foreach ($hublocs as $hubloc) {
+					if ($publicKey && $hubloc['xchan_epubkey'] === $publicKey) {
+						$hasStoredKey = true;
+						break;
+					}
+				}
+			}
+
+			if (!$hasStoredKey) {
+				$this->signer = Activity::get_actor($url);
+
+				if (isset($this->signer['assertionMethod'])) {
+					if (!isset($this->signer['assertionMethod'][0])) {
+						$this->signer['assertionMethod'] = [$this->signer['assertionMethod']];
+					}
+
+					foreach($this->signer['assertionMethod'] as $am) {
+						if ($url === $am['controller'] &&
+							$am['type'] === 'Multikey' &&
+							str_starts_with($am['publicKeyMultibase'], 'z6Mk')
+						) {
+							$publicKey = $am['publicKeyMultibase'];
+						}
 					}
 				}
 			}
--- a/Zotlabs/Lib/Apps.php
+++ b/Zotlabs/Lib/Apps.php
@@ -341,7 +341,7 @@ class Apps {
 			'Suggest Channels' => t('Suggest Channels'),
 			'Login' => t('Login'),
 			'Channel Manager' => t('Channel Manager'),
-			'Network' => t('Stream'),
+			'Network' => t('Network'),
 			'Settings' => t('Settings'),
 			'Files' => t('Files'),
 			'Webpages' => t('Webpages'),
--- a/Zotlabs/Lib/BaseObject.php
+++ b/Zotlabs/Lib/BaseObject.php
@@ -0,0 +1,80 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+use Zotlabs\ActivityStreams\UnhandledElementException;
+
+class BaseObject
+{
+
+    public $string;
+    public $ldContext;
+
+    /**
+     * @param $input
+     * @param $strict
+     * @throws UnhandledElementException if $strict
+     */
+
+    public function __construct($input = null, $strict = false)
+    {
+        if (isset($input)) {
+            if (is_string($input)) {
+                $this->string = $input;
+            }
+            elseif(is_array($input)) {
+                foreach ($input as $key => $value) {
+                    $key = ($key === '@context') ? 'ldContext' : $key;
+                    if ($strict && !property_exists($this, $key)) {
+                        throw new UnhandledElementException("Unhandled element: $key");
+                    }
+                    $this->{$key} = $value;
+                }
+            }
+        }
+        return $this;
+    }
+
+    public function getDataType($element, $object = null)
+    {
+        $object = $object ?? $this;
+        $type = gettype($object[$element]);
+        if ($type === 'array' && array_is_list($object[$element])) {
+            return 'list';
+        }
+        return $type;
+    }
+
+    public function toArray()
+    {
+        if ($this->string) {
+            return $this->string;
+        }
+        $returnValue = [];
+        foreach ((array) $this as $key => $value) {
+            if (isset($value)) {
+                $key = ($key === 'ldContext') ? '@context' : $key;
+                $returnValue[$key] = (($value instanceof BaseObject) ? $value->toArray() : $value);
+            }
+        }
+        return $returnValue;
+    }
+
+    /**
+     * @return mixed
+     */
+    public function getLdContext()
+    {
+        return $this->ldContext;
+    }
+
+    /**
+     * @param mixed $ldContext
+     * @return BaseObject
+     */
+    public function setLdContext($ldContext)
+    {
+        $this->ldContext = $ldContext;
+        return $this;
+    }
+}
--- a/Zotlabs/Lib/Chatroom.php
+++ b/Zotlabs/Lib/Chatroom.php
@@ -181,7 +181,7 @@ class Chatroom {
 	}


-	function leave($observer_xchan, $room_id, $client) {
+	public static function leave($observer_xchan, $room_id, $client) {
 		if(! $room_id || ! $observer_xchan)
 			return;

--- a/Zotlabs/Lib/Connect.php
+++ b/Zotlabs/Lib/Connect.php
@@ -24,10 +24,16 @@ class Connect {

 		$uid = $channel['channel_id'];

-		if (strpos($url,'@') === false && strpos($url,'/') === false) {
+		// If we get just a channel name and it is not an URL turn it into a local webbie
+		if (!str_contains($url, '@') && strpos($url,'/') === false) {
 			$url = $url . '@' . App::get_hostname();
 		}

+		// Remove a possible leading @
+		if (str_starts_with($url, '@')) {
+			$url = ltrim($url, '@');
+		}
+
 		$result = [ 'success' => false, 'message' => '' ];

 		$my_perms = false;
--- a/Zotlabs/Lib/DB_Upgrade.php
+++ b/Zotlabs/Lib/DB_Upgrade.php
@@ -1,18 +1,35 @@
 <?php
+/**
+ * A class to handle database schema upgrades.
+ *
+ * SPDX-FileCopyrightText: 2024 Hubzilla Community
+ * SPDX-FileContributor: Harald Eilertsen
+ *
+ * SPDX-License-Identifier: MIT
+ */

 namespace Zotlabs\Lib;

 use Zotlabs\Lib\Config;

+/**
+ * Upgrade the database schema if necessary.
+ *
+ * Compares the currently active database schema version with the version
+ * required for this version of Hubzilla, and performs the upgrade if needed.
+ *
+ * If the difference consists of more than one revision of the schema, each of
+ * the intermediate upgrades are performed in turn.
+ */
 class DB_Upgrade {

-	public $config_name = '';
-	public $func_prefix = '';
-
-	function __construct($db_revision) {
-
-		$this->config_name = 'db_version';
-		$this->func_prefix = '_';
+	/**
+	 * Check the installed and required schema versions and perform the upgrade
+	 * if necessary.
+	 *
+	 * @param int $db_version	The required DB schema version.
+	 */
+	public static function run(int $db_revision): void {

 		$build = Config::Get('system', 'db_version', 0);
 		if(! intval($build))
--- a/Zotlabs/Lib/DReport.php
+++ b/Zotlabs/Lib/DReport.php
@@ -35,7 +35,7 @@ class DReport {
 	}

 	function addto_update($status) {
-		$this->status = $this->status . ' ' . $status;
+		$this->status = $this->status . ', ' . $status;
 	}


@@ -89,8 +89,14 @@ class DReport {
 		if(array_key_exists('reject',$dr) && intval($dr['reject']))
 			return false;

-		if(! ($dr['sender']))
+		if (!$dr['sender']) {
 			return false;
+		}
+
+		// do not store dismissed create activities
+		if ($dr['status'] === 'not a collection activity') {
+			return false;
+		}

 		// Is the sender one of our channels?

--- a/Zotlabs/Lib/Enotify.php
+++ b/Zotlabs/Lib/Enotify.php
@@ -95,8 +95,8 @@ class Enotify {
 			if (array_key_exists('verb', $params['item'])) {
 				// localize_item() alters the original item so make a copy first
 				$i = $params['item'];
-				logger('calling localize');
-				localize_item($i);
+			//	logger('calling localize');
+			//	localize_item($i);
 				$title = $i['title'];
 				$body = $i['body'];
 				$private = (($i['item_private']) || intval($i['item_obscured']));
@@ -131,9 +131,9 @@ class Enotify {
 		logger('notification: mail');
 		$subject = 	sprintf( t('[$Projectname:Notify] New direct message received at %s'), $sitename);

-		$preamble = sprintf( t('%1$s sent you a new direct message at %2$s'), $sender['xchan_name'], $sitename);
+		$preamble = sprintf( t('%1$s sent you a new private message at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s sent you %2$s.'), '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a direct message') . '[/zrl]');
-		$sitelink = t('Please visit %s to view and/or reply to your direct messages.');
+		$sitelink = t('Please visit %s to view and/or reply to your private messages.');
 		$tsitelink = sprintf( $sitelink, $siteurl . '/hq/' . gen_link_id($params['item']['mid']));
 		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '/hq/' . gen_link_id($params['item']['mid']) . '">' . $sitename . '</a>');
 		$itemlink = $siteurl . '/hq/' . gen_link_id($params['item']['mid']);
@@ -146,7 +146,7 @@ class Enotify {

 		$itemlink = $params['link'];

-		$action = (($moderated) ? t('requested to comment on') : t('commented on'));
+		$action = (($moderated) ? t('requested to post in') : t('posted in'));

 		if(array_key_exists('item',$params)) {

@@ -164,8 +164,8 @@ class Enotify {
 				if(activity_match($params['verb'], ['Dislike', ACTIVITY_DISLIKE]))
 					$action = (($moderated) ? t('requested to dislike') : t('disliked'));

-				if(activity_match($params['verb'], ACTIVITY_SHARE))
-					$action = t('repeated');
+				if(activity_match($params['verb'], [ACTIVITY_SHARE]))
+					$action = (($moderated) ? t('requested to repeat') : t('repeated'));

 			}

@@ -213,28 +213,36 @@ class Enotify {
 		//$possess_desc = str_replace('<!item_type!>',$possess_desc);

 		// "a post"
-		$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]a %4$s[/zrl]'),
+		$dest_str = sprintf(
+			t('%1$s %2$s [zrl=%3$s]a %4$s[/zrl]'),
 			'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
 			$action,
 			$itemlink,
-			$item_post_type);
+			$item_post_type
+		);

 		// "George Bull's post"
-		if($p)
-			$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]%4$s\'s %5$s[/zrl]'),
+		if($p) {
+			$dest_str = sprintf(
+				t('%1$s %2$s [zrl=%3$s]%4$s\'s %5$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
 				$action,
 				$itemlink,
-				$p[0]['author']['xchan_name'],
-				$item_post_type);
+				$parent_item['author']['xchan_name'],
+				$item_post_type
+			);
+		}

 		// "your post"
-		if($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
-			$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]your %4$s[/zrl]'),
+		if ($parent_item['owner']['xchan_hash'] === $recip['channel_hash'] && intval($parent_item['item_wall'])) {
+			$dest_str = sprintf(
+				t('%1$s %2$s [zrl=%3$s]your %4$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
 				$action,
 				$itemlink,
-				$item_post_type);
+				$item_post_type
+			);
+		}

 		// Some mail softwares relies on subject field for threading.
 		// So, we cannot have different subjects for notifications of the same thread.
@@ -263,7 +271,7 @@ class Enotify {

 		$itemlink =  $params['link'];

-		if (array_key_exists('item',$params) && (activity_match($params['item']['verb'], ['Like', 'Dislike', ACTIVITY_LIKE, ACTIVITY_DISLIKE]))) {
+		if (array_key_exists('item',$params) && (activity_match($params['item']['verb'], ['Like', 'Dislike', ACTIVITY_LIKE, ACTIVITY_DISLIKE, 'Announce']))) {
 			if(! $always_show_in_notices  || !($vnotify & VNOTIFY_LIKE) || !feature_enabled($recip['channel_id'], 'dislike')) {
 				logger('notification: not a visible activity. Ignoring.');
 				pop_lang();
@@ -308,7 +316,6 @@ class Enotify {
 		$item_post_type = item_post_type($p[0]);
 //		$private = $p[0]['item_private'];
 		$parent_id = $p[0]['id'];
-
 		$parent_item = $p[0];

 		//$verb = ((activity_match($params['item']['verb'], ACTIVITY_DISLIKE)) ? t('disliked') : t('liked'));
@@ -320,14 +327,18 @@ class Enotify {
 		if(activity_match($params['item']['verb'], ['Dislike', ACTIVITY_DISLIKE]))
 			$verb = (($moderated) ? t('requested to dislike') : t('disliked'));

+		if(activity_match($params['item']['verb'], [ACTIVITY_SHARE]))
+			$verb = (($moderated) ? t('requested to repeat') : t('repeated'));
+
 		// "your post"
-		if($p[0]['owner']['xchan_name'] === $p[0]['author']['xchan_name'] && intval($p[0]['item_wall']))
+		if ($parent_item['author']['xchan_hash'] === $recip['channel_hash']) {
 			$dest_str = sprintf(t('%1$s %2$s [zrl=%3$s]your %4$s[/zrl]'),
 				'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
 				$verb,
 				$itemlink,
 				$item_post_type
 			);
+		}
 		else {
 			pop_lang();
 			return;
@@ -406,6 +417,7 @@ class Enotify {
 	}

 	elseif (isset($params['type']) && $params['type'] === NOTIFY_TAGSHARE) {
+		$itemlink =  $params['link'];
 		$subject =	sprintf( t('[$Projectname:Notify] %s tagged your post') , $sender['xchan_name']);
 		$preamble = sprintf( t('%1$s tagged your post at %2$s'),$sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('%1$s tagged [zrl=%2$s]your post[/zrl]') ,
@@ -415,7 +427,6 @@ class Enotify {
 		$sitelink = t('Please visit %s to view and/or reply to the conversation.');
 		$tsitelink = sprintf( $sitelink, $siteurl );
 		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
-		$itemlink =  $params['link'];
 	}

 	elseif (isset($params['type']) && $params['type'] === NOTIFY_INTRO) {
@@ -433,6 +444,7 @@ class Enotify {
 	}

 	elseif (isset($params['type']) && $params['type'] === NOTIFY_SUGGEST) {
+		$itemlink =  $params['link'];
 		$subject = sprintf( t('[$Projectname:Notify] Friend suggestion received'));
 		$preamble = sprintf( t('You\'ve received a friend suggestion from \'%1$s\' at %2$s'), $sender['xchan_name'], $sitename);
 		$epreamble = sprintf( t('You\'ve received [zrl=%1$s]a friend suggestion[/zrl] for %2$s from %3$s.'),
@@ -447,7 +459,6 @@ class Enotify {
 		$sitelink = t('Please visit %s to approve or reject the suggestion.');
 		$tsitelink = sprintf( $sitelink, $siteurl );
 		$hsitelink = sprintf( $sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>');
-		$itemlink =  $params['link'];
 	}

 	elseif (isset($params['type']) && $params['type'] === NOTIFY_CONFIRM) {
@@ -500,9 +511,14 @@ class Enotify {
 */


+	$hash = ((in_array($params['verb'], ['Create', 'Update'])) ? $params['item']['uuid']  : $params['item']['thr_parent_uuid']);
+
+	if (!$hash) {
+		$hash = new_uuid();
+	}

 	$datarray = [];
-	$datarray['hash']   = $params['item']['uuid'] ?? new_uuid();
+	$datarray['hash'] = $hash;
 	$datarray['sender_hash'] = $sender['xchan_hash'];
 	$datarray['xname']   = $sender['xchan_name'];
 	$datarray['url']    = $sender['xchan_url'];
@@ -561,8 +577,9 @@ class Enotify {
 		dbesc($datarray['otype'])
 	);

-	$r = q("select id from notify where hash = '%s' and ntype = %d and uid = %d limit 1",
+	$r = q("select id from notify where hash = '%s' and link = '%s' and ntype = %d and uid = %d limit 1",
 		dbesc($datarray['hash']),
+		dbesc($itemlink),
 		intval($datarray['ntype']),
 		intval($recip['channel_id'])
 	);
@@ -595,7 +612,7 @@ class Enotify {

 	// send email notification if notification preferences permit

-	require_once('bbcode.php');
+	require_once('include/bbcode.php');
 	if ((intval($recip['channel_notifyflags']) & intval($params['type'])) || $params['type'] == NOTIFY_SYSTEM) {

 		logger('notification: sending notification email');
@@ -840,8 +857,8 @@ class Enotify {
 		}
 		else {
 			$itemem_text = (($item['item_thread_top'])
-				? (($item['obj_type'] === 'Question') ? t('created a new poll') : t('created a new post'))
-				: (($item['obj_type'] === 'Answer') ? sprintf( t('voted on %s\'s poll'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]') : sprintf( t('commented on %s\'s post'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]'))
+				? (($item['obj_type'] === 'Question') ? t('started a poll') : t('started a conversation'))
+				: (($item['obj_type'] === 'Answer') ? sprintf( t('voted on %s\'s poll'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]') : sprintf( t('posted in %s\'s conversation'), '[bdi]' . $item['owner']['xchan_name'] . '[/bdi]'))
 			);

 			if(in_array($item['obj_type'], ['Document', 'Video', 'Audio', 'Image'])) {
@@ -853,12 +870,7 @@ class Enotify {

 		if($item['edited'] > $item['created']) {
 			$edit = true;
-			if($item['item_thread_top']) {
-				$itemem_text = sprintf( t('edited a post dated %s'), relative_date($item['created']));
-			}
-			else {
-				$itemem_text = sprintf( t('edited a comment dated %s'), relative_date($item['created']));
-			}
+			$itemem_text = sprintf( t('edited a message dated %s'), relative_date($item['created']));
 		}


@@ -878,7 +890,7 @@ class Enotify {
 			'when' => (($edit) ? datetime_convert('UTC', date_default_timezone_get(), $item['edited']) : datetime_convert('UTC', date_default_timezone_get(), $item['created'])),
 			'class' => (intval($item['item_unseen']) ? 'notify-unseen' : 'notify-seen'),
 		//	'b64mid' => (($item['mid']) ? gen_link_id($item['mid']) : ''),
-			'b64mid' => (($item['uuid']) ? $item['uuid'] : ''),
+			'b64mid' => ((in_array($item['verb'] , ['Like', 'Dislike', 'Announce']) && !empty($item['thr_parent_uuid'])) ? $item['thr_parent_uuid'] : $item['uuid'] ?? ''),
 			//'b64mid' => ((in_array($item['verb'], [ACTIVITY_LIKE, ACTIVITY_DISLIKE])) ? gen_link_id($item['thr_parent']) : gen_link_id($item['mid'])),
 			'thread_top' => (($item['item_thread_top']) ? true : false),
 			'message' => bbcode(escape_tags($itemem_text)),
@@ -898,14 +910,13 @@ class Enotify {
 	}

 	static public function format_notify($tt) {
-
 		$message = trim(strip_tags(bbcode($tt['msg'])));

 		if(strpos($message, $tt['xname']) === 0)
 			$message = substr($message, strlen($tt['xname']) + 1);

 		$x = [
-			'notify_link' => (($tt['ntype'] === NOTIFY_MAIL) ? $tt['link'] : z_root() . '/notify/view/' . $tt['id']),
+			'notify_link' => (($tt['ntype'] === NOTIFY_INTRO) ? z_root() . '/notify/view/' . $tt['id'] : $tt['link']),
 			'name' => $tt['xname'],
 			'url' => $tt['url'],
 			'photo' => $tt['photo'],
@@ -917,11 +928,9 @@ class Enotify {
 		];

 		return $x;
-
 	}

 	static public function format_intros($rr) {
-
 		return [
 			'notify_link' => z_root() . '/connections#' . $rr['abook_id'],
 			'name' => $rr['xchan_name'],
--- a/Zotlabs/Lib/IConfig.php
+++ b/Zotlabs/Lib/IConfig.php
@@ -13,6 +13,7 @@ class IConfig {
 	static public function Get(&$item, $family, $key, $default = false) {

 		$is_item = false;
+		$iid = null;

 		if(is_array($item)) {
 			$is_item = true;
@@ -27,12 +28,13 @@ class IConfig {
 		elseif(intval($item))
 			$iid = $item;

-		if(! $iid)
+		if (!$iid)
 			return $default;

+
 		if(is_array($item) && array_key_exists('iconfig',$item) && is_array($item['iconfig'])) {
 			foreach($item['iconfig'] as $c) {
-				if($c['iid'] == $iid && $c['cat'] == $family && $c['k'] == $key)
+				if (isset($c['iid']) && $c['iid'] == $iid && isset($c['cat']) && $c['cat'] == $family && isset($c['k']) && $c['k'] == $key)
 					return $c['v'];
 			}
 		}
--- a/Zotlabs/Lib/JcsEddsa2022.php
+++ b/Zotlabs/Lib/JcsEddsa2022.php
@@ -7,11 +7,28 @@ use StephenHill\Base58;

 class JcsEddsa2022 {

-	public  function  __construct() {
-		return $this;
-	}
-
+	/**
+	 * Sign arbitrary data with the keys of the provided channel.
+	 *
+	 * @param $data				The data to be signed.
+	 * @param array $channel	A channel as an array of key/value pairs.
+	 *
+	 * @return An array with the following fields:
+	 *		- `type`: The type of signature, always `DataIntegrityProof`.
+	 *		- `cryptosuite`: The cryptographic algorithm used, always `eddsa-jcs-2022`.
+	 *		- `created`: The UTC date and timestamp when the signature was created.
+	 *		- `verificationMethod`: The channel URL and the public key separated by a `#`.
+	 *		- `proofPurpose`: The purpose of the signature, always `assertionMethod`.
+	 *		- `proofValue`: The signature itself.
+	 *
+	 * @throws JcsEddsa2022SignatureException if the channel is missing, or
+	 * don't have valid keys.
+	 */
 	public function sign($data, $channel): array {
+		if (!is_array($channel) || !isset($channel['channel_epubkey'], $channel['channel_eprvkey'])) {
+			throw new JcsEddsa2022SignException('Invalid or missing channel provided.');
+		}
+
 		$base58 = new Base58();
 		$pubkey = (new Multibase())->publicKey($channel['channel_epubkey']);
 		$options = [
--- a/Zotlabs/Lib/JcsEddsa2022SignException.php
+++ b/Zotlabs/Lib/JcsEddsa2022SignException.php
@@ -0,0 +1,15 @@
+<?php
+/*
+ * SPDX-FileCopyrightText: 2025 The Hubzilla Community
+ * SPDX-FileContributor: Harald Eilertsen <haraldei@anduin.net>
+ *
+ * SPDX-License-Identifier: MIT
+ */
+
+namespace Zotlabs\Lib;
+
+use Exception;
+
+class JcsEddsa2022SignException extends Exception
+{
+}
--- a/Zotlabs/Lib/Keyutils.php
+++ b/Zotlabs/Lib/Keyutils.php
@@ -2,8 +2,8 @@

 namespace Zotlabs\Lib;

-use phpseclib\Crypt\RSA;
-use phpseclib\Math\BigInteger;
+use phpseclib3\Crypt\PublicKeyLoader;
+use phpseclib3\Math\BigInteger;

 /**
 * Keyutils
@@ -16,41 +16,42 @@ class Keyutils {
 	 * @param string $e exponent
 	 * @return string
 	 */
-	public static function meToPem($m, $e) {
-
-		$rsa = new RSA();
-		$rsa->loadKey([
+	public static function meToPem(string $m, string $e): string
+	{
+		$parsedKey = PublicKeyLoader::load([
 			'e' => new BigInteger($e, 256),
 			'n' => new BigInteger($m, 256)
 		]);
-		return $rsa->getPublicKey();
-
+		if (method_exists($parsedKey, 'getPublicKey')) {
+			$parsedKey = $parsedKey->getPublicKey();
+		}
+		return $parsedKey->toString('PKCS8');
 	}

 	/**
 	 * @param string key
 	 * @return string
 	 */
-	public static function rsaToPem($key) {
-
-		$rsa = new RSA();
-		$rsa->setPublicKey($key);
-
-		return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS8);
-
+    public static function rsaToPem(string $key): string
+	{
+		$parsedKey = PublicKeyLoader::load($key);
+		if (method_exists($parsedKey, 'getPublicKey')) {
+			$parsedKey = $parsedKey->getPublicKey();
+		}
+		return $parsedKey->toString('PKCS8');
 	}

 	/**
 	 * @param string key
 	 * @return string
 	 */
-	public static function pemToRsa($key) {
-
-		$rsa = new RSA();
-		$rsa->setPublicKey($key);
-
-		return $rsa->getPublicKey(RSA::PUBLIC_FORMAT_PKCS1);
-
+	public static function pemToRsa(string $key): string
+	{
+		$parsedKey = PublicKeyLoader::load($key);
+		if (method_exists($parsedKey, 'getPublicKey')) {
+			$parsedKey = $parsedKey->getPublicKey();
+		}
+		return $parsedKey->toString('PKCS1');
 	}

 	/**
@@ -58,23 +59,28 @@ class Keyutils {
 	 * @param string $m reference modulo
 	 * @param string $e reference exponent
 	 */
-	public static function pemToMe($key, &$m, &$e) {
+	public static function pemToMe(string $key): array
+	{
+		$parsedKey = PublicKeyLoader::load($key);
+		if (method_exists($parsedKey, 'getPublicKey')) {
+			$parsedKey = $parsedKey->getPublicKey();
+		}
+		$raw = $parsedKey->toString('Raw');

-		$rsa = new RSA();
-		$rsa->loadKey($key);
-		$rsa->setPublicKey();
-
-		$m = $rsa->modulus->toBytes();
-		$e = $rsa->exponent->toBytes();
+		$m = $raw['n'];
+		$e = $raw['e'];

+		return [$m->toBytes(), $e->toBytes()];
 	}

 	/**
 	 * @param string $pubkey
 	 * @return string
 	 */
-	public static function salmonKey($pubkey) {
-		self::pemToMe($pubkey, $m, $e);
+	public static function salmonKey(string $pubkey): string
+	{
+		[$m, $e] = self::pemToMe($pubkey);
+		/** @noinspection PhpRedundantOptionalArgumentInspection */
 		return 'RSA' . '.' . base64url_encode($m, true) . '.' . base64url_encode($e, true);
 	}

@@ -82,11 +88,13 @@ class Keyutils {
 	 * @param string $key
 	 * @return string
 	 */
-	public static function convertSalmonKey($key) {
-		if (strstr($key, ','))
+	public static function convertSalmonKey(string $key): string
+	{
+		if (str_contains($key, ',')) {
 			$rawkey = substr($key, strpos($key, ',') + 1);
-		else
+		} else {
 			$rawkey = substr($key, 5);
+		}

 		$key_info = explode('.', $rawkey);

@@ -96,4 +104,4 @@ class Keyutils {
 		return self::meToPem($m, $e);
 	}

-}
+}
--- a/Zotlabs/Lib/Libsync.php
+++ b/Zotlabs/Lib/Libsync.php
@@ -885,7 +885,7 @@ class Libsync {
 							dbesc($t)
 						);

-						q("update hubloc set hubloc_error = 1, hubloc_deleted = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s'",
+						q("update hubloc set hubloc_error = 1, hubloc_deleted = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s' and hubloc_network = 'zot6'",
 							dbesc($r[0]['hubloc_url']),
 							dbesc($r[0]['hubloc_sitekey'])
 						);
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -655,6 +655,11 @@ class Libzot {
 			return $ret;
 		}

+		if (empty($arr['primary_location']['address'])) {
+			logger('Empty primary location address: ' . print_r($arr, true), LOGGER_DEBUG);
+			return $ret;
+		}
+
 		/**
 		 * @hooks import_xchan
 		 *   Called when processing the result of zot_finger() to store the result
@@ -1134,6 +1139,7 @@ class Libzot {
 		}

 		$message_request = false;
+		$is_collection_operation = false;


 		$has_data = array_key_exists('data', $env) && $env['data'];
@@ -1141,15 +1147,33 @@ class Libzot {

 		$AS = null;

+
 		if ($env['encoding'] === 'activitystreams') {

 			$AS = new ActivityStreams($data);
-			if (!$AS->is_valid()) {
-				logger('Activity rejected: ' . print_r($data, true));
-				return;
+
+			// process add/remove from collection separately, as it requires a target.
+			// use the data object, as it will not include actor expansion
+			if (in_array($AS->type, ['Add', 'Remove'])
+				&& is_array($AS->obj)
+				&& array_key_exists('object', $AS->obj)
+				&& array_key_exists('actor', $AS->obj)
+				&& !empty($AS->tgt)) {
+
+				logger('relayed collection operation', LOGGER_DEBUG);
+				$is_collection_operation = true;
+
+				$original_id = $AS->id;
+				$original_type = $AS->type;
+
+				$raw_activity = $AS->data;
+
+				$AS = new ActivityStreams($raw_activity['object'], portable_id: $env['sender']);
 			}
+
 			if (is_array($AS->obj)) {
 				$item = Activity::decode_note($AS);
+
 				if (!$item) {
 					logger('Could not decode activity: ' . print_r($AS, true));
 					return;
@@ -1158,6 +1182,12 @@ class Libzot {
 			else {
 				$item = [];
 			}
+
+			if (!$AS->is_valid()) {
+				logger('Activity rejected: ' . print_r($data, true));
+				return;
+			}
+
 			logger($AS->debug(), LOGGER_DATA);

 		}
@@ -1198,7 +1228,6 @@ class Libzot {

 			logger('public post');

-
 			// Public post. look for any site members who are or may be accepting posts from this sender
 			// and who are allowed to see them based on the sender's permissions
 			// @fixme;
@@ -1265,25 +1294,6 @@ class Libzot {
 					$item['item_private'] = 1;
 				}

-				if ($item['mid'] === $item['parent_mid']) {
-					if (is_array($AS->obj) && array_key_exists('commentPolicy', $AS->obj)) {
-						$p = strstr($AS->obj['commentPolicy'], 'until=');
-						if ($p !== false) {
-							$comments_closed_at = datetime_convert('UTC', 'UTC', substr($p, 6));
-							if ($comments_closed_at === $item['created']) {
-								$item['item_nocomment'] = 1;
-							}
-							else {
-								$item['comments_closed'] = $comments_closed_at;
-								$aritemr['comment_policy']  = trim(str_replace($p, '', $AS->obj['commentPolicy']));
-							}
-						}
-						else {
-							$item['comment_policy'] = $AS->obj['commentPolicy'];
-						}
-					}
-				}
-
 				if (!empty($AS->meta['hubloc']) || $AS->sigok) {
 					$item['item_verified'] = true;
 				}
@@ -1301,7 +1311,7 @@ class Libzot {

 				$relay = (($env['type'] === 'response') ? true : false);

-				$result = self::process_delivery($env['sender'], $AS, $item, $deliveries, $relay, false, $message_request);
+				$result = self::process_delivery($env['sender'], $AS, $item, $deliveries, $relay, false, $message_request, false, $is_collection_operation);

 				Activity::init_background_fetch($env['sender']);
 			}
@@ -1517,7 +1527,7 @@ class Libzot {
 	 * @return array
 	 */

-	static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false, $force = false) {
+	static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false, $force = false, $is_collection_operation = false) {
 		$result = [];

 		// We've validated the sender. Now make sure that the sender is the owner or author
@@ -1532,6 +1542,7 @@ class Libzot {

 			$local_public = $public;
 			$item_result = null;
+			$parent = null;

 			$DR = new DReport(z_root(), $sender, $d, $arr['mid'], $arr['uuid']);

@@ -1545,6 +1556,14 @@ class Libzot {

 			$DR->set_name($channel['channel_name'] . ' <' . channel_reddress($channel) . '>');

+			$conversation_operation = $is_collection_operation && isset($arr['target']['attributedTo']);
+
+			if (isset($arr['tgt_type']) && str_contains($arr['tgt_type'], 'Collection') && !$relay && !$conversation_operation) {
+				$DR->update('not a collection activity');
+				$result[] = $DR->get();
+				continue;
+			}
+
 			if (($act) && ($act->obj) && (!is_array($act->obj))) {
 				// The initial object fetch failed using the sys channel credentials.
 				// Try again using the delivery channel credentials.
@@ -1578,6 +1597,8 @@ class Libzot {
 			 *
 			 */

+
+
 			if ($sender === $channel['channel_hash'] && $arr['author_xchan'] === $channel['channel_hash'] && !str_starts_with($arr['mid'], z_root())) {
 				$DR->update('self delivery ignored');
 				$result[] = $DR->get();
@@ -1624,15 +1645,6 @@ class Libzot {
 			if (intval($channel['channel_system']) && (!$arr['item_private']) && (!$relay)) {
 				$local_public = true;

-				$r = q("select xchan_selfcensored from xchan where xchan_hash = '%s' limit 1",
-					dbesc($sender)
-				);
-				// don't import sys channel posts from selfcensored authors
-				if ($r && (intval($r[0]['xchan_selfcensored']))) {
-					$local_public = false;
-					continue;
-				}
-
 				$incl = Config::Get('system','pubstream_incl');
 				$excl = Config::Get('system','pubstream_excl');

@@ -1640,6 +1652,17 @@ class Libzot {
 					$local_public = false;
 					continue;
 				}
+
+				$r = q("select xchan_selfcensored, xchan_censored from xchan where xchan_hash = '%s'",
+					dbesc($sender)
+				);
+
+				// don't import sys channel posts from selfcensored or censored authors
+				if ($r && ($r[0]['xchan_selfcensored'] || $r[0]['xchan_censored'])) {
+					$local_public = false;
+					continue;
+				}
+
 			}

 			$tag_delivery = tgroup_check($channel['channel_id'], $arr);
@@ -1701,6 +1724,7 @@ class Libzot {
 					// If this is a poll response, convert the obj_type to our (internal-only) "Answer" type
 					if (in_array($arr['obj_type'], ['Note', ACTIVITY_OBJ_COMMENT]) && $arr['title'] && (!$arr['body'])) {
 						$arr['obj_type'] = 'Answer';
+						$arr['item_hidden'] = 1;
 					}
 				}

@@ -1826,11 +1850,12 @@ class Libzot {
 				dbesc($arr['author_xchan'])
 			);

-			// reactions such as like and dislike could	have an	mid with /activity/ in it.
+			// Reactions such as like and dislike could	have an	mid with /activity/ in it.
 			// Check for both forms in order to prevent duplicates.
-			$r = q("select * from item where mid in ('%s','%s') and uid = %d limit 1",
+
+			$r = q("select * from item where mid in ('%s', '%s') and uid = %d limit 1",
 				dbesc($arr['mid']),
-				dbesc(str_replace(z_root() . '/activity/', z_root() . '/item/', $arr['mid'])),
+				dbesc(reverse_activity_mid($arr['mid'])),
 				intval($channel['channel_id'])
 			);

@@ -1859,21 +1884,29 @@ class Libzot {
 						$DR->update('update ignored');
 						$result[] = $DR->get();
 					}
+
+					if ($relay && $channel['channel_hash'] === $item_result['item']['owner_xchan'] && $item_result['item']['verb'] !== 'Add' && !$is_collection_operation) {
+						$approval = Activity::addToCollection($channel, $act->data, $item_result['item']['parent_mid'], $item_result['item'], deliver: false);
+					}
+
 				}
 				else {
 					$DR->update('update ignored');
 					$result[] = $DR->get();

-					// We need this line to ensure wall-to-wall comments are relayed (by falling through to the relay bit),
+					// We need this line to ensure wall-to-wall comments and add/remove activities are relayed (by falling through to the relay bit),
 					// and at the same time not relay any other relayable posts more than once, because to do so is very wasteful.
 					if (!intval($r[0]['item_origin']))
 						continue;
 				}
+
+
 			}
 			else {
 				$arr['aid'] = $channel['channel_account_id'];
 				$arr['uid'] = $channel['channel_id'];

+
 				// if it's a sourced post, call the post_local hooks as if it were
 				// posted locally so that crosspost connectors will be triggered.
 				$item_source = check_item_source($arr['uid'], $arr);
@@ -1902,10 +1935,15 @@ class Libzot {
 				}

 				if (post_is_importable($arr['uid'], $arr, $abook)) {
-					$item_result = item_store($arr);
+					$item_result = item_store($arr, addAndSync: false);
+
 					if ($item_result['success']) {
 						$item_id = $item_result['item_id'];

+						if ($relay && $channel['channel_hash'] === $item_result['item']['owner_xchan'] && $item_result['item']['verb'] !== 'Add' && !$is_collection_operation) {
+							$approval = Activity::addToCollection($channel, $act->data, $item_result['item']['parent_mid'], $item_result['item'], deliver: false);
+						}
+
 						if ($item_source && in_array($item_result['item']['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) {
 							event_addtocal($item_id, $channel['channel_id']);
 						}
@@ -1948,14 +1986,18 @@ class Libzot {

 			if ((is_array($stored)) && ($stored['id'] != $stored['parent'])
 				&& ($stored['author_xchan'] === $channel['channel_hash'])) {
-				retain_item($stored['item']['parent']);
+				retain_item($stored['parent']);
 			}

-			if ($relay && $item_id && $stored['item_blocked'] !== ITEM_MODERATED) {
+			if ($relay && $item_id && item_forwardable($stored)) {
 				logger('Invoking relay');
 				Master::Summon(['Notifier', 'relay', intval($item_id)]);
+				if (!empty($approval) && $approval['item_id']) {
+					Master::Summon(['Notifier', 'relay', intval($approval['item_id'])]);
+				}
+
 				$DR->addto_update('relayed');
-				$result[] = $DR->get();
+				$result = [$DR->get()];
 			}
 		}

@@ -2006,6 +2048,7 @@ class Libzot {
 		foreach ($items as $activity) {

 			$AS = new ActivityStreams($activity);
+
 			if ($AS->is_valid() && $AS->type === 'Announce' && is_array($AS->obj)
 				&& array_key_exists('object', $AS->obj) && array_key_exists('actor', $AS->obj)) {
 				// This is a relayed/forwarded Activity (as opposed to a shared/boosted object)
@@ -2014,6 +2057,30 @@ class Libzot {
 				$AS = new ActivityStreams($AS->obj);
 			}

+			// process add/remove from collection separately, as it requires a target.
+			// use the raw object, as it will not include actor expansion
+			if (in_array($AS->type, ['Add', 'Remove'])
+				&& is_array($AS->obj)
+				&& array_key_exists('object', $AS->obj)
+				&& array_key_exists('actor', $AS->obj)
+				&& !empty($AS->tgt)) {
+
+				logger('relayed collection operation', LOGGER_DEBUG);
+
+				$is_collection_operation = true;
+
+				$original_id = $AS->id;
+				$original_type = $AS->type;
+
+				$raw_activity = $AS->data;
+
+				$AS = new ActivityStreams($raw_activity['object']);
+
+				// Store the original activity id and type for later usage
+				$AS->meta['original_id'] = $original_id;
+				$AS->meta['original_type'] = $original_type;
+			}
+
 			if (!$AS->is_valid()) {
 				logger('Fetched activity rejected: ' . print_r($activity, true));
 				continue;
@@ -2207,7 +2274,7 @@ class Libzot {
 		}


-		$x = item_store_update($item);
+		$x = item_store_update($item, addAndSync: false);

 		// If we're updating an event that we've saved locally, we store the item info first
 		// because event_addtocal will parse the body to get the 'new' event details
@@ -2323,21 +2390,20 @@ class Libzot {
 					);
 				}
 			} else {
-                if ($stored['id'] !== $stored['parent']) {
-                    q(
-                        "update item set commented = '%s', changed = '%s' where id = %d",
-                        dbesc(datetime_convert()),
-                        dbesc(datetime_convert()),
-                        intval($stored['parent'])
-                    );
-                }
-            }
+				if ($stored['id'] !== $stored['parent']) {
+					q("update item set commented = '%s', changed = '%s' where id = %d",
+						dbesc(datetime_convert()),
+						dbesc(datetime_convert()),
+						intval($stored['parent'])
+					);
+				}
+			}


 			// Use phased deletion to set the deleted flag, call both tag_deliver and the notifier to notify downstream channels
 			// and then clean up after ourselves with a cron job after several days to do the delete_item_lowlevel() (DROPITEM_PHASE2).

-			drop_item($post_id, false, DROPITEM_PHASE1);
+			drop_item($post_id, DROPITEM_PHASE1, uid: $uid);
 			tag_deliver($uid, $post_id);
 		}

--- a/Zotlabs/Lib/Mailer.php
+++ b/Zotlabs/Lib/Mailer.php
@@ -0,0 +1,86 @@
+<?php
+/**
+ * Mailer class for sending emails from Hubzilla.
+ *
+ * SPDX-FileCopyrightText: 2024 Hubzilla Community
+ * SPDX-FileContributor: Harald Eilertsen
+ *
+ * SPDX-License-Identifier: MIT
+ */
+
+namespace Zotlabs\Lib;
+
+use App;
+
+/**
+ * A class for sending emails.
+ *
+ * Based on the previous `z_mail` function, but adaped and made more
+ * robust and usable as a class.
+ */
+class Mailer {
+
+	public function __construct(private array $params = []) {
+	}
+
+	public function deliver(): bool {
+
+		if(empty($this->params['fromEmail'])) {
+			$this->params['fromEmail'] = Config::Get('system','from_email');
+			if(empty($this->params['fromEmail'])) {
+				$this->params['fromEmail'] = 'Administrator@' . App::get_hostname();
+			}
+		}
+
+		if(empty($this->params['fromName'])) {
+			$this->params['fromName'] = Config::Get('system','from_email_name');
+			if(empty($this->params['fromName'])) {
+				$this->params['fromName'] = System::get_site_name();
+			}
+		}
+
+		if(empty($this->params['replyTo'])) {
+			$this->params['replyTo'] = Config::Get('system','reply_address');
+			if(empty($this->params['replyTo'])) {
+				$this->params['replyTo'] = 'noreply@' . App::get_hostname();
+			}
+		}
+
+		if (!isset($this->params['additionalMailHeader'])) {
+			$this->params['additionalMailHeader'] = '';
+		}
+
+		$this->params['sent']   = false;
+		$this->params['result'] = false;
+
+		/**
+		 * @hooks email_send
+		 *   * \e params @see z_mail()
+		 */
+		call_hooks('email_send', $this->params);
+
+		if($this->params['sent']) {
+			logger('notification: z_mail returns ' . (($this->params['result']) ? 'success' : 'failure'), LOGGER_DEBUG);
+			return $this->params['result'];
+		}
+
+		$fromName = email_header_encode(html_entity_decode($this->params['fromName'],ENT_QUOTES,'UTF-8'),'UTF-8');
+		$messageSubject = email_header_encode(html_entity_decode($this->params['messageSubject'],ENT_QUOTES,'UTF-8'),'UTF-8');
+
+		$messageHeader =
+			$this->params['additionalMailHeader'] .
+			"From: $fromName <{$this->params['fromEmail']}>" . PHP_EOL .
+			"Reply-To: $fromName <{$this->params['replyTo']}>" . PHP_EOL .
+			"Content-Type: text/plain; charset=UTF-8";
+
+		// send the message
+		$res = mail(
+			$this->params['toEmail'],								// send to address
+			$messageSubject,								// subject
+			$this->params['textVersion'],
+			$messageHeader									// message headers
+		);
+		logger('notification: z_mail returns ' . (($res) ? 'success' : 'failure'), LOGGER_DEBUG);
+		return $res;
+	}
+}
--- a/Zotlabs/Lib/MessageFilter.php
+++ b/Zotlabs/Lib/MessageFilter.php
@@ -8,17 +8,18 @@ class MessageFilter {

 	public static function evaluate($item, $incl, $excl) {

-		$text = prepare_text($item['body'],((isset($item['mimetype'])) ? $item['mimetype'] : 'text/bbcode'));
-		$text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);
+		$text = prepare_text($item['body'], ((isset($item['mimetype'])) ? $item['mimetype'] : 'text/bbcode'));
+		$text = html2plain((!empty($item['title'])) ? $item['title'] . ' ' . $text : $text);

 		$lang = null;
-
 		if ((strpos($incl, 'lang=') !== false) || (strpos($excl, 'lang=') !== false) || (strpos($incl, 'lang!=') !== false) || (strpos($excl, 'lang!=') !== false)) {
 			$lang = detect_language($text);
 		}

 		$tags = ((isset($item['term']) && is_array($item['term']) && count($item['term'])) ? $item['term'] : false);

+		$until = null;
+
 		// exclude always has priority

 		$exclude = (($excl) ? explode("\n", $excl) : null);
@@ -41,7 +42,13 @@ class MessageFilter {
 						return false;
 					}
 				}
-                elseif (substr($word, 0, 1) === '#' && $tags) {
+				elseif (str_starts_with($word, 'until=')) {
+					$until = strtotime(trim(substr($word, 6)));
+					if ($until > strtotime($item['created'] . ' UTC')) {
+						return false;
+					}
+				}
+				elseif (substr($word, 0, 1) === '#' && $tags) {
 					foreach ($tags as $t) {
 						if ((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
 							return false;
@@ -89,7 +96,13 @@ class MessageFilter {
 						return true;
 					}
 				}
-                elseif (substr($word, 0, 1) === '#' && $tags) {
+				elseif (str_starts_with($word, 'until=')) {
+					$until = strtotime(trim(substr($word, 6)));
+					if ($until > strtotime($item['created'] . ' UTC')) {
+						return true;
+					}
+				}
+				elseif (substr($word, 0, 1) === '#' && $tags) {
 					foreach ($tags as $t) {
 						if ((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word, 1)) || (substr($word, 1) === '*'))) {
 							return true;
@@ -124,9 +137,7 @@ class MessageFilter {


 	/**
-	 * @brief Test for Conditional Execution conditions. Shamelessly ripped off from Code/Render/Comanche
-	 *
-	 * This is extensible. The first version of variable testing supports tests of the forms:
+	 * Evaluate a conditional expression with support for AND (&&) and OR (||) operators.
 	 *
 	 * - ?foo ~= baz which will check if item.foo contains the string 'baz';
 	 * - ?foo == baz which will check if item.foo is the string 'baz';
@@ -143,103 +154,110 @@ class MessageFilter {
     *
 	 * The values 0, '', an empty array, and an unset value will all evaluate to false.
 	 *
-	 * @param string $s
-	 * @param array $item
-	 * @return bool
+	 * @param  string $s    The condition string to evaluate.
+	 * @param  array  $item The associative array providing variable values.
+	 * @return bool         True if the condition is met, false otherwise.
 	 */

-	public static function test_condition($s,$item) {
+	public static function test_condition($s, $item) {
+		$s = trim($s);

+		// Handle OR (||)
+		// Split on '||' not inside quotes
+		$or_parts = preg_split('/\s*\|\|\s*/', $s);
+		if (count($or_parts) > 1) {
+			foreach ($or_parts as $part) {
+				if (self::test_condition(ltrim($part, '?+'), $item)) {
+					return true;
+				}
+			}
+			return false;
+		}
+
+		// Handle AND (&&)
+		// Split on '&&' not inside quotes
+		$and_parts = preg_split('/\s*\&\&\s*/', $s);
+		if (count($and_parts) > 1) {
+			foreach ($and_parts as $part) {
+				if (!self::test_condition(ltrim($part, '?+'), $item)) {
+					return false;
+				}
+			}
+			return true;
+		}
+
+		// Basic checks
+
+		// Contains substring (case-insensitive)
 		if (preg_match('/(.*?)\s\~\=\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if (stripos($x, trim($matches[2])) !== false) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return (stripos($x, trim($matches[2])) !== false);
 		}

+		// Equality
 		if (preg_match('/(.*?)\s\=\=\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if ($x == trim($matches[2])) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return ($x == trim($matches[2]));
 		}

+		// Inequality
 		if (preg_match('/(.*?)\s\!\=\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if ($x != trim($matches[2])) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return ($x != trim($matches[2]));
 		}

+		// Greater than or equal
 		if (preg_match('/(.*?)\s\>\=\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if ($x >= trim($matches[2])) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return ($x >= trim($matches[2]));
 		}

+		// Less than or equal
 		if (preg_match('/(.*?)\s\<\=\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if ($x <= trim($matches[2])) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return ($x <= trim($matches[2]));
 		}

+		// Greater than
 		if (preg_match('/(.*?)\s\>\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if ($x > trim($matches[2])) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return ($x > trim($matches[2]));
 		}

-		if (preg_match('/(.*?)\s\>\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if ($x < trim($matches[2])) {
-				return true;
-			}
-			return false;
+		// Less than
+		if (preg_match('/(.*?)\s\<\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return ($x < trim($matches[2]));
 		}

-		if (preg_match('/[\$](.*?)\s\{\}\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if (is_array($x) && in_array(trim($matches[2]), $x)) {
-				return true;
-			}
-			return false;
+		// Array contains value
+		if (preg_match('/(.*?)\s\{\}\s(.*?)$/', $s, $matches)) {
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return (is_array($x) && in_array(trim($matches[2]), $x));
 		}

+		// Array contains key
 		if (preg_match('/(.*?)\s\{\*\}\s(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if (is_array($x) && array_key_exists(trim($matches[2]), $x)) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return (is_array($x) && array_key_exists(trim($matches[2]), $x));
 		}

 		// Ordering of this check (for falsiness) with relation to the following one (check for truthiness) is important.
+		// Falsy check
 		if (preg_match('/\!(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if (!$x) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return !$x;
 		}

+		// Truthy check (default)
 		if (preg_match('/(.*?)$/', $s, $matches)) {
-			$x = ((array_key_exists(trim($matches[1]),$item)) ? $item[trim($matches[1])] : EMPTY_STR);
-			if ($x) {
-				return true;
-			}
-			return false;
+			$x = ((array_key_exists(trim($matches[1]), $item)) ? $item[trim($matches[1])] : EMPTY_STR);
+			return (bool)$x;
 		}

+		// If no conditions matched, return false
 		return false;
 	}

+
 }
--- a/Zotlabs/Lib/PermissionDescription.php
+++ b/Zotlabs/Lib/PermissionDescription.php
@@ -117,7 +117,7 @@ class PermissionDescription {
 	}

 	/**
-	 * Returns an icon css class name if an appropriate one is available, e.g. "fa-globe" for Public,
+	 * Returns an icon css class name if an appropriate one is available, e.g. "bi-globe" for Public,
 	 * otherwise returns empty string.
 	 *
 	 * @return string icon css class name (often FontAwesome)
@@ -125,12 +125,12 @@ class PermissionDescription {
 	public function get_permission_icon() {

 		switch($this->channel_perm) {
-			case 0:/* only me */ return 'fa-eye-slash';
-			case PERMS_PUBLIC:   return 'fa-globe';
-			case PERMS_NETWORK:  return 'fa-share-alt-square'; // fa-share-alt-square is very similiar to the hubzilla logo, but we should create our own logo class to use
-			case PERMS_SITE:     return 'fa-sitemap';
-			case PERMS_CONTACTS: return 'fa-group';
-			case PERMS_SPECIFIC: return 'fa-list';
+			case 0:/* only me */ return 'bi-eye-slash';
+			case PERMS_PUBLIC:   return 'bi-globe';
+			case PERMS_NETWORK:  return 'bi-share'; // bi-share is very similiar to the hubzilla logo, but we should create our own logo class to use
+			case PERMS_SITE:     return 'bi-geo';
+			case PERMS_CONTACTS: return 'bi-people';
+			case PERMS_SPECIFIC: return 'bi-list-ul';
 			case PERMS_AUTHED:   return '';
 			case PERMS_PENDING:  return '';
 			default:             return '';
--- a/Zotlabs/Lib/QueueWorker.php
+++ b/Zotlabs/Lib/QueueWorker.php
@@ -59,7 +59,7 @@ class QueueWorker {
 			$transaction = new \DbaTransaction(\DBA::$dba);
 			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
 				intval($priority),
-				$workinfo_json,
+				dbesc($workinfo_json),
 				dbesc($uuid),
 				dbesc($argv[0])
 			);
@@ -105,7 +105,7 @@ class QueueWorker {
 			$transaction = new \DbaTransaction(\DBA::$dba);
 			$r = q("INSERT INTO workerq (workerq_priority, workerq_data, workerq_uuid, workerq_cmd) VALUES (%d, '%s', '%s', '%s')",
 				intval($priority),
-				$workinfo_json,
+				dbesc($workinfo_json),
 				dbesc($uuid),
 				dbesc($argv[0])
 			);
--- a/Zotlabs/Lib/SuperCurl.php
+++ b/Zotlabs/Lib/SuperCurl.php
@@ -1,127 +0,0 @@
-<?php
-
-namespace Zotlabs\Lib;
-
-/**
- * @brief wrapper for z_fetch_url() which can be instantiated with several built-in parameters and 
- * these can be modified and re-used. Useful for CalDAV and other processes which need to authenticate
- * and set lots of CURL options (many of which stay the same from one call to the next). 
- */
-
-
-
-
-class SuperCurl {
-
-	
-    private $auth;
-    private $url;
-
-	private $curlopt = array();
-
-	private $headers = null;
-    public $filepos = 0;
-	public $filehandle = 0;
-    public $request_data = '';
-
-	private $request_method = 'GET';
-	private $upload = false;
-	private $cookies = false;
-
-
-    private function set_data($s) {
-        $this->request_data = $s;
-        $this->filepos = 0;
-    }
-
-    public function curl_read($ch,$fh,$size) {
-
-        if($this->filepos < 0) {
-            unset($fh);
-            return '';
-        }
-
-        $s = substr($this->request_data,$this->filepos,$size);
-
-        if(strlen($s) < $size)
-            $this->filepos = (-1);
-        else
-            $this->filepos = $this->filepos + $size;
-
-        return $s;
-    }
-
-
-	public function __construct($opts = array()) {
-		$this->set($opts);
-	}
-
-	private function set($opts = array()) {
-		if($opts) {
-			foreach($opts as $k => $v) {
-				switch($k) {
-					case 'http_auth':
-						$this->auth = $v;
-						break;
-					case 'magicauth':
-						// currently experimental
-						$this->magicauth = $v;
-						\Zotlabs\Daemon\Master::Summon([ 'CurlAuth', $v ]);
-						break;
-					case 'custom':
-						$this->request_method = $v;
-						break;
-					case 'url':
-						$this->url = $v;
-						break;
-					case 'data':
-						$this->set_data($v);
-						if($v) {
-							$this->upload = true;
-						}
-						else {
-							$this->upload = false;
-						}							
-						break;
-					case 'headers':
-						$this->headers = $v;
-						break;
-					default:
-						$this->curlopts[$k] = $v;
-						break;
-				}
-			}
-		}
-	}
-
-	function exec() {
-		$opts = $this->curlopts;
-		$url = $this->url;
-		if($this->auth)
-			$opts['http_auth'] = $this->auth;
-		if($this->magicauth) {
-			$opts['cookiejar']  = 'store/[data]/cookie_' . $this->magicauth;
-			$opts['cookiefile'] = 'store/[data]/cookie_' . $this->magicauth;
-			$opts['cookie'] = 'PHPSESSID=' . trim(file_get_contents('store/[data]/cookien_' . $this->magicauth));
-			$c = channelx_by_n($this->magicauth);
-			if($c)
-				$url = zid($this->url,channel_reddress($c));
-		}	
-		if($this->custom)
-			$opts['custom'] = $this->custom;
-		if($this->headers)
-			$opts['headers'] = $this->headers;
-		if($this->upload) {
-			$opts['upload'] = true;
-			$opts['infile'] = $this->filehandle;
-			$opts['infilesize'] = strlen($this->request_data);
-			$opts['readfunc'] = [ $this, 'curl_read' ] ;
-		}
-
-		$recurse = 0;
-		return z_fetch_url($this->url,true,$recurse,(($opts) ? $opts : null)); 
-		
-	}
-		
-	
-}
--- a/Zotlabs/Lib/Text.php
+++ b/Zotlabs/Lib/Text.php
@@ -21,4 +21,13 @@ class Text {
 		return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false);
 	}

+	public static function rawurlencode_parts(string $string): string {
+		if (!$string) {
+			return EMPTY_STR;
+		}
+
+		return implode('/', array_map('rawurlencode', explode('/', $string)));
+	}
+
+
 }
--- a/Zotlabs/Lib/ThreadItem.php
+++ b/Zotlabs/Lib/ThreadItem.php
@@ -4,8 +4,6 @@ namespace Zotlabs\Lib;

 use App;
 use Zotlabs\Access\AccessList;
-use Zotlabs\Lib\Apps;
-use Zotlabs\Lib\Config;

 require_once('include/text.php');

@@ -26,6 +24,7 @@ class ThreadItem {
 	private $parent = null;
 	private $conversation = null;
 	private $redirect_url = null;
+	private $owner_addr = '';
 	private $owner_url = '';
 	private $owner_photo = '';
 	private $owner_name = '';
@@ -35,14 +34,12 @@ class ThreadItem {
 	private $channel = null;
 	private $display_mode = 'normal';
 	private $reload = '';
-	private $mid_uuid_map = [];
-

 	public function __construct($data) {

 		$this->data = $data;
 		$this->toplevel = ($this->get_id() == $this->get_data_value('parent'));
-		$this->threaded = Config::Get('system','thread_allow');
+		$this->threaded = ((local_channel()) ? PConfig::Get(local_channel(), 'system', 'thread_allow', true) : Config::Get('system', 'thread_allow', true));

 		// Prepare the children
 		if(isset($data['children'])) {
@@ -65,8 +62,6 @@ class ThreadItem {
 			unset($this->data['children']);
 		}

-
-
 		// allow a site to configure the order and content of the reaction emoji list
 		if($this->toplevel) {
 			$x = Config::Get('system','reactions');
@@ -84,7 +79,7 @@ class ThreadItem {
 	 *      _ false on failure
 	 */

-	public function get_template_data($conv_responses, $mid_uuid_map, $thread_level=1, $conv_flags = []) {
+	public function get_template_data($thread_level=1, $conv_flags = []) {

 		$result = [];
 		$item = $this->get_data();
@@ -93,7 +88,7 @@ class ThreadItem {
 		$buttons = '';
 		$dropping = false;
 		$star = false;
-		$isstarred = "unstarred fa-star-o";
+		$isstarred = "unstarred bi-star";
 		$is_comment = false;
 		$is_item = false;
 		$osparkle = '';
@@ -103,6 +98,8 @@ class ThreadItem {
 		$conv = $this->get_conversation();
 		$observer = $conv->get_observer();

+		$conv->mid_uuid_map[$item['mid']] = $item['uuid'];
+
 		$acl = new AccessList([]);
 		$acl->set($item);

@@ -114,7 +111,7 @@ class ThreadItem {
 		$locktype = intval($item['item_private']);

 		if ($locktype === 2) {
-			$lock = t('Direct message');
+			$lock = t('Private message');
 		}

 		// 0 = limited based on public policy
@@ -123,13 +120,13 @@ class ThreadItem {
 			$locktype = 0;
 		}

-		$shareable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && (intval($item['item_private']) === 0)) ? true : false);
+		$shareable = ((local_channel() && $conv->get_profile_owner() == local_channel()) && (intval($item['item_private']) === 0));

 		// allow an exemption for sharing stuff from your private feeds
 		if($item['author']['xchan_network'] === 'rss')
 			$shareable = true;

-		$repeatable = ((($conv->get_profile_owner() == local_channel() && local_channel()) && (intval($item['item_private']) === 0) && (in_array($item['author']['xchan_network'], ['zot6', 'activitypub']))) ? true : false);
+		$repeatable = ((local_channel() && $conv->get_profile_owner() == local_channel()) && intval($item['item_private']) === 0 && in_array($item['author']['xchan_network'], ['zot6', 'activitypub']));

 		// @fixme
 		// Have recently added code to properly handle polls in group reshares by redirecting all of the poll responses to the group.
@@ -187,7 +184,7 @@ class ThreadItem {
 			$drop = [ 'dropping' => true, 'delete' => t('Admin Delete') ];
 		}

-		$filer = ((($conv->get_profile_owner() == local_channel()) && (! array_key_exists('real_uid',$item))) ? t("Save to Folder") : false);
+		$filer = (((local_channel() && $conv->get_profile_owner() === local_channel()) || (local_channel() && App::$module === 'pubstream')) ? t("Save to Folder") : false);

 		$profile_avatar = $item['author']['xchan_photo_s'];
 		$profile_link   = chanlink_hash($item['author_xchan']);
@@ -204,72 +201,26 @@ class ThreadItem {
 			$response_verbs[] = 'dislike';
 		}

-		$response_verbs[] = 'announce';
+		if ($repeatable) {
+			$response_verbs[] = 'announce';
+		}

-		if(in_array($item['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) {
-			$response_verbs[] = 'attendyes';
-			$response_verbs[] = 'attendno';
-			$response_verbs[] = 'attendmaybe';
+		if (in_array($item['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) {
+			$response_verbs[] = 'accept';
+			$response_verbs[] = 'reject';
+			$response_verbs[] = 'tentativeaccept';
 			if($this->is_commentable() && $observer) {
 				$isevent = true;
 				$attend = array( t('I will attend'), t('I will not attend'), t('I might attend'));
 			}
 		}

-		if($item['obj_type'] === 'Question') {
+		if ($item['obj_type'] === 'Question') {
 			$response_verbs[] = 'answer';
 		}

-		if(! feature_enabled($conv->get_profile_owner(),'dislike'))
-			unset($conv_responses['dislike']);
-
-		$responses = get_responses($conv_responses,$response_verbs,$this,$item);
-
-		$my_responses = [];
-		foreach($response_verbs as $v) {
-
-			$my_responses[$v] = ((isset($conv_responses[$v][$item['mid'] . '-m'])) ? 1 : 0);
-		}
-
-/*
-
-		$like_count = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid']] : '');
-		$like_list = ((x($conv_responses['like'],$item['mid'])) ? $conv_responses['like'][$item['mid'] . '-l'] : '');
-		if (($like_list) && (count($like_list) > MAX_LIKERS)) {
-			$like_list_part = array_slice($like_list, 0, MAX_LIKERS);
-			array_push($like_list_part, '<a class="dropdown-item" href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
-		} else {
-			$like_list_part = '';
-		}
-		$like_button_label = tt('Like','Likes',$like_count,'noun');
-
-		$repeat_count = ((x($conv_responses['announce'],$item['mid'])) ? $conv_responses['announce'][$item['mid']] : '');
-		$repeat_list = ((x($conv_responses['announce'],$item['mid'])) ? $conv_responses['announce'][$item['mid'] . '-l'] : '');
-		if (($repeat_list) && (count($repeat_list) > MAX_LIKERS)) {
-			$repeat_list_part = array_slice($repeat_list, 0, MAX_LIKERS);
-			array_push($repeat_list_part, '<a class="dropdown-item" href="#" data-toggle="modal" data-target="#repeatModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
-		} else {
-			$repeat_list_part = '';
-		}
-		$repeat_button_label = tt('Repeat','Repeats',$repeat_count,'noun');
-
-		$showdislike = '';
-		if (feature_enabled($conv->get_profile_owner(),'dislike')) {
-			$dislike_count = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid']] : '');
-			$dislike_list = ((x($conv_responses['dislike'],$item['mid'])) ? $conv_responses['dislike'][$item['mid'] . '-l'] : '');
-			$dislike_button_label = tt('Dislike','Dislikes',$dislike_count,'noun');
-			if (($dislike_list) && (count($dislike_list) > MAX_LIKERS)) {
-				$dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS);
-				array_push($dislike_list_part, '<a class="dropdown-item" href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
-			} else {
-				$dislike_list_part = '';
-			}
-
-			$showdislike = ((x($conv_responses['dislike'],$item['mid'])) ? format_like($conv_responses['dislike'][$item['mid']],$conv_responses['dislike'][$item['mid'] . '-l'],'dislike',$item['mid']) : '');
-		}
-
-		$showlike    = ((x($conv_responses['like'],$item['mid'])) ? format_like($conv_responses['like'][$item['mid']],$conv_responses['like'][$item['mid'] . '-l'],'like',$item['mid']) : '');
-*/
+		$response_verbs[] = 'comment';
+		$responses = get_responses($response_verbs, $item);

 		/*
 		 * We should avoid doing this all the time, but it depends on the conversation mode
@@ -279,7 +230,13 @@ class ThreadItem {

 		$this->check_wall_to_wall();

+		$children = $this->get_children();
+		$children_count = count($children);
+
 		if($this->is_toplevel()) {
+			$conv->comments_total = $responses['comment']['count'] ?? 0;
+			$conv->comments_loaded = $children_count;
+
 			if((local_channel() && $conv->get_profile_owner() === local_channel()) || (local_channel() && App::$module === 'pubstream')) {
 				$star = [
 					'toggle' => t("Toggle Star Status"),
@@ -291,7 +248,6 @@ class ThreadItem {
 			$is_comment = true;
 		}

-
 		$verified = (intval($item['item_verified']) ? t('Message signature validated') : '');
 		$forged = ((($item['sig']) && (! intval($item['item_verified']))) ? t('Message signature incorrect') : '');
 		$unverified = '' ; // (($this->is_wall_to_wall() && (! intval($item['item_verified']))) ? t('Message cannot be verified') : '');
@@ -324,14 +280,12 @@ class ThreadItem {
 		if((in_array($item['obj_type'], ['Event', ACTIVITY_OBJ_EVENT])) && $conv->get_profile_owner() == local_channel())
 			$has_event = true;

-		$like = [];
-		$dislike = [];
 		$reply_to = [];
+		$reactions_allowed = false;

 		if($this->is_commentable() && $observer) {
-			$like = array( t("I like this \x28toggle\x29"), t("like"));
-			$dislike = array( t("I don't like this \x28toggle\x29"), t("dislike"));
-			$reply_to = array( t("Reply on this comment"), t("reply"), t("Reply to"));
+			$reply_to = array( t("Reply to this message"), t("reply"), t("Reply to"));
+			$reactions_allowed = true;
 		}

 		$share = [];
@@ -374,9 +328,8 @@ class ThreadItem {
 			$viewthread = z_root() . '/channel/' . $owner_address . '?f=&mid=' . urlencode(gen_link_id($item['mid']));

 		$comment_count_txt = ['label' => sprintf(tt('%d comment', '%d comments', $total_children), $total_children), 'count' => $total_children];
-		$list_unseen_txt = $unseen_comments ? ['label' => sprintf(t('%d unseen'), $unseen_comments), 'count' => $unseen_comments] : [];

-		$children = $this->get_children();
+		$list_unseen_txt = $unseen_comments ? ['label' => sprintf(t('%d unseen'), $unseen_comments), 'count' => $unseen_comments] : [];

 		$has_tags = (($body['tags'] || $body['categories'] || $body['mentions'] || $body['attachments'] || $body['folders']) ? true : false);

@@ -386,14 +339,7 @@ class ThreadItem {

 		$midb64 = $item['uuid'];
 		$mids = [ $item['uuid'] ];
-		$response_mids = [];
-		foreach($response_verbs as $v) {
-			if(isset($conv_responses[$v]['mids'][$item['mid']])) {
-				$response_mids = array_merge($response_mids, $conv_responses[$v]['mids'][$item['mid']]);
-			}
-		}

-		$mids = array_merge($mids, $response_mids);
 		$json_mids = json_encode($mids);

 		// Pinned item processing
@@ -407,11 +353,26 @@ class ThreadItem {
 			$contact = App::$contacts[$item['author_xchan']];
 		}

+		$blog_mode = $this->get_display_mode() === 'list';
+		$load_more = false;
+		$load_more_title = '';
+		$comments_total_percent = 0;
+		if (($conv->comments_total > $conv->comments_loaded) || ($blog_mode && $conv->comments_total > 3)) {
+			// provide a load more comments button
+			$load_more = true;
+			$load_more_title = sprintf(t('Load the next few of total %d comments'), $conv->comments_total);
+			$comments_total_percent = round(100 * 3 / $conv->comments_total);
+		}
+
+		$expand = '';
+		if ($this->threaded && !empty($item['comment_count'] && !$this->is_toplevel())) {
+			$expand = t('Expand Replies');
+		}
+
 		$tmp_item = array(
 			'template' => $this->get_template(),
 			'mode' => $mode,
 			'item_type' => intval($item['item_type']),
-			//'type' => implode("",array_slice(explode("/",$item['verb']),-1)),
 			'body' => $body['html'],
 			'tags' => $body['tags'],
 			'categories' => $body['categories'],
@@ -420,9 +381,9 @@ class ThreadItem {
 			'folders' => $body['folders'],
 			'text' => strip_tags($body['html']),
 			'id' => $this->get_id(),
+			'parent' => $item['parent'],
 			'mid' => $midb64,
 			'mids' => $json_mids,
-			'parent' => $item['parent'],
 			'author_id' => (($item['author']['xchan_addr']) ? $item['author']['xchan_addr'] : $item['author']['xchan_url']),
 			'author_is_group_actor' => (($item['author']['xchan_pubforum']) ? t('Forum') : ''),
 			'isevent' => $isevent,
@@ -446,16 +407,15 @@ class ThreadItem {
 			'sparkle' => $sparkle,
 			'title' => $item['title'],
 			'title_tosource' => get_pconfig($conv->get_profile_owner(),'system','title_tosource'),
-			//'ago' => relative_date($item['created']),
 			'app' => $item['app'],
 			'str_app' => sprintf( t('from %s'), $item['app']),
 			'isotime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'c'),
-			'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created'], 'r'),
-			'editedtime' => (($item['edited'] != $item['created']) ? sprintf( t('last edited: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['edited'], 'r')) : ''),
-			'expiretime' => (($item['expires'] > NULL_DATE) ? sprintf( t('Expires: %s'), datetime_convert('UTC', date_default_timezone_get(), $item['expires'], 'r')):''),
+			'localtime' => datetime_convert('UTC', date_default_timezone_get(), $item['created']),
+			'editedtime' => (($item['edited'] != $item['created']) ? sprintf(t('Last edited %s'), relative_time($item['edited'])) : ''),
+			'expiretime' => (($item['expires'] > NULL_DATE) ? sprintf(t('Expires %s'), relative_time($item['expires'])) : ''),
 			'lock' => $lock,
 			'locktype' => $locktype,
-			'delayed' => $item['item_delayed'],
+			'delayed' => (($item['item_delayed']) ? sprintf(t('Published %s'), relative_time($item['created'])) : ''),
 			'privacy_warning' => $privacy_warning,
 			'verified' => $verified,
 			'unverified' => $unverified,
@@ -468,6 +428,7 @@ class ThreadItem {
 			'vote_title' => t('Voting Options'),
 			'is_comment' => $is_comment,
 			'is_new' => $is_new,
+			'owner_addr' => $this->get_owner_addr(),
 			'owner_url' => $this->get_owner_url(),
 			'owner_photo' => $this->get_owner_photo(),
 			'owner_name' => $this->get_owner_name(),
@@ -475,17 +436,16 @@ class ThreadItem {
 			'event' => $body['event'],
 			'has_tags' => $has_tags,
 			'reactions' => $this->reactions,
-// Item toolbar buttons
+			// Item toolbar buttons
 			'emojis'	=> (($this->is_toplevel() && $this->is_commentable() && $observer && feature_enabled($conv->get_profile_owner(),'emojis')) ? '1' : ''),
-			'like'      => $like,
-			'dislike'   => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike : ''),
-			'reply_to'	=> (((! $this->is_toplevel()) && feature_enabled($conv->get_profile_owner(),'reply_to')) ? $reply_to : ''),
+			'reply_to'	=> ((feature_enabled($conv->get_profile_owner(),'reply_to')) ? $reply_to : ''),
 			'top_hint'	=> t("Go to previous comment"),
 			'share'     => $share,
 			'embed'     => $embed,
 			'rawmid'	=> $item['mid'],
+			'parent_mid' => $item['parent_mid'],
 			'plink'     => get_plink($item),
-			'edpost'    => $edpost, // ((feature_enabled($conv->get_profile_owner(),'edit_posts')) ? $edpost : ''),
+			'edpost'    => $edpost,
 			'star'      => ((feature_enabled($conv->get_profile_owner(),'star_posts') && ($item['item_type'] == ITEM_TYPE_POST)) ? $star : ''),
 			'tagger'    => ((feature_enabled($conv->get_profile_owner(),'commtag')) ? $tagger : ''),
 			'filer'     => ((feature_enabled($conv->get_profile_owner(),'filing') && ($item['item_type'] == ITEM_TYPE_POST)) ? $filer : ''),
@@ -496,49 +456,50 @@ class ThreadItem {
 			'addtocal'  => (($has_event) ? t('Add to Calendar') : ''),
 			'drop'      => $drop,
 			'dropdown_extras' => $dropdown_extras,
-// end toolbar buttons
+			// end toolbar buttons
 			'unseen_comments' => $unseen_comments,
 			'comment_count' => $total_children,
 			'comment_count_txt' => $comment_count_txt,
 			'list_unseen_txt' => $list_unseen_txt,
 			'markseen' => t('Mark all comments seen'),
 			'responses' => $responses,
-			'my_responses' => $my_responses,
-			/*
-			'like_count' => $like_count,
-			'like_list' => $like_list,
-			'like_list_part' => $like_list_part,
-			'like_button_label' => $like_button_label,
-			'like_modal_title' => t('Likes','noun'),
-
-			'repeat_count' => $repeat_count,
-			'repeat_list' => $repeat_list,
-			'repeat_list_part' => $repeat_list_part,
-			'repeat_button_label' => $repeat_button_label,
-			'repeat_modal_title' => t('Repeats','noun'),
-
-
-			'dislike_modal_title' => t('Dislikes','noun'),
-			'dislike_count' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_count : ''),
-			'dislike_list' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list : ''),
-			'dislike_list_part' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_list_part : ''),
-			'dislike_button_label' => ((feature_enabled($conv->get_profile_owner(),'dislike')) ? $dislike_button_label : ''),
-*/
+		//	'my_responses' => $my_responses,
 			'modal_dismiss' => t('Close'),
-		//	'showlike' => $showlike,
-		//	'showdislike' => $showdislike,
 			'comment' => ($item['item_delayed'] ? '' : $this->get_comment_box()),
+			'comment_hidden' => feature_enabled($conv->get_profile_owner(),'reply_to'),
+			'no_comment' => (($item['item_thread_top'] && $item['item_nocomment'])? t('Comments disabled') : ''),
 			'previewing' => ($conv->is_preview() ? true : false ),
 			'preview_lbl' => t('This is an unsaved preview'),
 			'wait' => t('Please wait'),
 			'thread_level' => $thread_level,
 			'settings' => $settings,
-			'thr_parent_uuid' => (($item['parent_mid'] != $item['thr_parent']) ? $mid_uuid_map[$item['thr_parent']] : ''),
+			'thr_parent_uuid' => (($item['parent_mid'] !== $item['thr_parent'] && isset($conv->mid_uuid_map[$item['thr_parent']])) ? $conv->mid_uuid_map[$item['thr_parent']] : ''),
 			'contact_id' => (($contact) ? $contact['abook_id'] : ''),
 			'moderate' => ($item['item_blocked'] == ITEM_MODERATED),
 			'moderate_approve' => t('Approve'),
 			'moderate_delete' => t('Delete'),
 			'rtl' => in_array($item['lang'], rtl_languages()),
+			'reactions_allowed' => $reactions_allowed,
+			'reaction_str' => [t('Add yours'), t('Remove yours')],
+			'is_contained' => $this->is_toplevel() && str_contains($item['tgt_type'], 'Collection'),
+			'observer_activity' => [
+				'like' => intval($item['observer_like_count'] ?? 0),
+				'dislike' => intval($item['observer_dislike_count'] ?? 0),
+				'announce' => intval($item['observer_announce_count'] ?? 0),
+				'comment' => intval($item['observer_comment_count'] ?? 0),
+				'accept' => intval($item['observer_accept_count'] ?? 0),
+				'reject' => intval($item['observer_reject_count'] ?? 0),
+				'tentativeaccept' => intval($item['observer_tentativeaccept_count'] ?? 0)
+			],
+			'threaded' => $this->threaded,
+			'blog_mode' => $blog_mode,
+			'collapse_comments' => t('show less'),
+			'expand_comments' =>  $this->threaded ? t('show more') : t('show all'),
+			'load_more' => $load_more,
+			'load_more_title' => $load_more_title,
+			'comments_total' => $conv->comments_total,
+			'comments_total_percent' => $comments_total_percent,
+			'expand' => $expand
 		);

 		$arr = array('item' => $item, 'output' => $tmp_item);
@@ -547,33 +508,19 @@ class ThreadItem {
 		$result = $arr['output'];

 		$result['children'] = array();
-		$nb_children = count($children);

-		$visible_comments = Config::Get('system','expanded_comments');
-		if($visible_comments === false)
-			$visible_comments = 3;
+		$visible_comments = 3; // Config::Get('system', 'expanded_comments', 3);

-//		needed for scroll to comment from notification but needs more work
-//		as we do not want to open all comments unless there is actually an #item_xx anchor
-//		and the url fragment is not sent to the server.
-//		if(in_array(\App::$module,['display','update_display']))
-//			$visible_comments = 99999;
-
-		if(($this->get_display_mode() === 'normal') && ($nb_children > 0)) {
+		if(($this->get_display_mode() === 'normal') && ($children_count > 0)) {
 			foreach($children as $child) {
-				$result['children'][] = $child->get_template_data($conv_responses, $mid_uuid_map, $thread_level + 1,$conv_flags);
+				$result['children'][] = $child->get_template_data($thread_level + 1, $conv_flags);
 			}
+
 			// Collapse
-			if(($nb_children > $visible_comments) || ($thread_level > 1)) {
+			if($thread_level === 1 && $children_count > $visible_comments) {
 				$result['children'][0]['comment_firstcollapsed'] = true;
 				$result['children'][0]['num_comments'] = $comment_count_txt['label'];
-				$result['children'][0]['hide_text'] = sprintf( t('%s show all'), '<i class="fa fa-chevron-down"></i>');
-				if($thread_level > 1) {
-					$result['children'][$nb_children - 1]['comment_lastcollapsed'] = true;
-				}
-				else {
-					$result['children'][$nb_children - ($visible_comments + 1)]['comment_lastcollapsed'] = true;
-				}
+				$result['children'][$children_count - ($visible_comments + 1)]['comment_lastcollapsed'] = true;
 			}
 		}

@@ -826,7 +773,7 @@ class ThreadItem {
 	 */
 	private function get_comment_box() {

-		if(!$this->is_toplevel() && !Config::Get('system','thread_allow')) {
+		if(!$this->is_toplevel()) {
 			return '';
 		}

@@ -862,14 +809,15 @@ class ThreadItem {
 			'$submit' => t('Submit'),
 			'$edbold' => t('Bold'),
 			'$editalic' => t('Italic'),
+			'$edhighlighter' => t('Highlight selected text'),
 			'$eduline' => t('Underline'),
 			'$edquote' => t('Quote'),
 			'$edcode' => t('Code'),
-			'$edimg' => t('Image'),
+			'$edimg' => t('Embed (existing) photo from your photo albums'),
 			'$edatt' => t('Attach/Upload file'),
 			'$edurl' => t('Insert Link'),
 			'$edvideo' => t('Video'),
-			'$preview' => t('Preview'), // ((feature_enabled($conv->get_profile_owner(),'preview')) ? t('Preview') : ''),
+			'$preview' => t('Preview'),
 			'$can_upload' => (perm_is_allowed($conv->get_profile_owner(),get_observer_hash(),'write_storage') && $conv->is_uploadable()),
 			'$feature_encrypt' => ((feature_enabled($conv->get_profile_owner(),'content_encrypt')) ? true : false),
 			'$encrypt' => t('Encrypt text'),
@@ -890,12 +838,13 @@ class ThreadItem {
 	}

 	/**
-	 * Check if we are a wall to wall item and set the relevant properties
+	 * Check if we are a wall to wall or announce item and set the relevant properties
 	 */
 	protected function check_wall_to_wall() {
 		$conv = $this->get_conversation();
 		$this->wall_to_wall = false;
 		$this->owner_url = '';
+		$this->owner_addr = '';
 		$this->owner_photo = '';
 		$this->owner_name = '';

@@ -904,12 +853,14 @@ class ThreadItem {

 		if($this->is_toplevel() && ($this->get_data_value('author_xchan') != $this->get_data_value('owner_xchan'))) {
 			$this->owner_url = chanlink_hash($this->data['owner']['xchan_hash']);
+			$this->owner_addr = $this->data['owner']['xchan_addr'];
 			$this->owner_photo = $this->data['owner']['xchan_photo_s'];
 			$this->owner_name = $this->data['owner']['xchan_name'];
 			$this->wall_to_wall = true;
 		}
 		elseif($this->is_toplevel() && $this->get_data_value('verb') === 'Announce' && isset($this->data['source'])) {
 			$this->owner_url = chanlink_hash($this->data['source']['xchan_hash']);
+			$this->owner_addr = $this->data['source']['xchan_addr'];
 			$this->owner_photo = $this->data['source']['xchan_photo_s'];
 			$this->owner_name = $this->data['source']['xchan_name'];
 			$this->wall_to_wall = true;
@@ -924,6 +875,10 @@ class ThreadItem {
 		return $this->owner_url;
 	}

+	private function get_owner_addr() {
+		return $this->owner_addr;
+	}
+
 	private function get_owner_photo() {
 		return $this->owner_photo;
 	}
--- a/Zotlabs/Lib/ThreadStream.php
+++ b/Zotlabs/Lib/ThreadStream.php
@@ -24,6 +24,10 @@ class ThreadStream {
 	private $prepared_item = '';
 	public $reload = '';
 	private $cipher = 'AES-128-CCM';
+	public $mid_uuid_map = [];
+	public $comments_total = 0;
+	public $comments_loaded = 0;
+

 	// $prepared_item is for use by alternate conversation structures such as photos
 	// wherein we've already prepared a top level item which doesn't look anything like
@@ -211,16 +215,15 @@ class ThreadStream {
 	 *      _ The data requested on success
 	 *      _ false on failure
 	 */
-	public function get_template_data($conv_responses, $mid_uuid_map) {
+	public function get_template_data() {
 		$result = array();

 		foreach($this->threads as $item) {
-
 			if(($item->get_data_value('id') == $item->get_data_value('parent')) && $this->prepared_item) {
 				$item_data = $this->prepared_item;
 			}
 			else {
-				$item_data = $item->get_template_data($conv_responses, $mid_uuid_map);
+				$item_data = $item->get_template_data();
 			}
 			if(!$item_data) {
 				logger('Failed to get item template data ('. $item->get_id() .').', LOGGER_DEBUG, LOG_ERR);
--- a/Zotlabs/Lib/Traits/HelpHelperTrait.php
+++ b/Zotlabs/Lib/Traits/HelpHelperTrait.php
@@ -14,6 +14,15 @@ trait HelpHelperTrait {
 	private string $file_name = '';
 	private string $file_type = '';

+	/**
+	 * Associative array containing the detected language.
+	 */
+	private array $lang = [
+		'language' => 'en',		//! Detected language, 2-letter ISO 639-1 code ("en")
+		'from_url' => false,	//! true if language from URL overrides browser default
+		'missing' => false,		//! true if topic not found in detected language
+	];
+
 	/**
 	 * Determines help language.
 	 *
@@ -28,17 +37,15 @@ trait HelpHelperTrait {
 		$languages = $language_repository->getList();

 		if(array_key_exists(argv(1), $languages)) {
-			$lang = argv(1);
-			$from_url = true;
+			$this->lang['language']	= argv(1);
+			$this->lang['from_url'] = true;
 		} else {
-			$lang = \App::$language;
-			if(! isset($lang))
-				$lang = 'en';
+			if(isset(\App::$language)) {
+				$this->lang['language'] = \App::$language;
+			}

-			$from_url = false;
+			$this->lang['from_url'] = false;
 		}
-
-		$this->lang =  array('language' => $lang, 'from_url' => $from_url);
 	}

 	/**
@@ -53,10 +60,10 @@ trait HelpHelperTrait {
 		// Use local variable until we can use trait constants.
 		$valid_file_ext = ['md', 'bb', 'html'];

-		$base_path = "doc/{$lang}/${base_path}";
+		$base_path_with_lang = "doc/{$lang}/${base_path}";

 		foreach ($valid_file_ext as $ext) {
-			$path = "{$base_path}.{$ext}";
+			$path = "{$base_path_with_lang}.{$ext}";
 			if (file_exists($path)) {
 				$this->file_name = $path;
 				$this->file_type = $ext;
@@ -64,5 +71,25 @@ trait HelpHelperTrait {
 				break;
 			}
 		}
+
+		if (empty($this->file_name) && $lang !== 'en') {
+			$this->lang['missing'] = true;
+			$this->find_help_file($base_path, 'en');
+		}
+	}
+
+	public function missing_translation(): bool {
+		return !!$this->lang['missing'];
+	}
+
+	public function missing_translation_message(): string {
+		$prefered_language_name = get_language_name(
+			$this->lang['language'],
+			$this->lang['language']
+		);
+
+		return bbcode(
+			t("This page is not yet available in {$prefered_language_name}. See [observer.baseurl]/help/developer/developers_guide#Translations for information about how to help.")
+		);
 	}
 }
--- a/Zotlabs/Lib/XConfig.php
+++ b/Zotlabs/Lib/XConfig.php
@@ -83,7 +83,7 @@ class XConfig {
 			return $default;

 		if(! array_key_exists($xchan, \App::$config))
-			load_xconfig($xchan);
+			self::Load($xchan);

 		if((! array_key_exists($family, \App::$config[$xchan])) || (! array_key_exists($key, \App::$config[$xchan][$family])))
 			return $default;
--- a/Zotlabs/Module/Achievements.php
+++ b/Zotlabs/Module/Achievements.php
@@ -8,25 +8,25 @@ class Achievements extends \Zotlabs\Web\Controller {
 		// This doesn't work, so
 		if (! is_developer())
 			return;
-	
+
 		if(argc() > 1)
 			$which = argv(1);
 		else {
 			notice( t('Requested profile is not available.') . EOL );
 			return;
 	}
-	
+
 		$profile = 0;
-		$profile = argv(1);		
+		$profile = argv(1);
 		profile_load($which,$profile);
-	
+
 		$r = q("select channel_id from channel where channel_address = '%s'",
 				dbesc($which)
 				);
 		if($r) {
 			$owner = intval($r[0]['channel_id']);
 			}
-	
+
 		$observer = \App::get_observer();
 		$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
 		$perms = get_all_perms($owner,$ob_hash);
@@ -34,60 +34,60 @@ class Achievements extends \Zotlabs\Web\Controller {
 			notice( t('Permission denied.') . EOL);
 		return;
 	    }
-	
+
 		$newmembertext = t('Some blurb about what to do when you\'re new here');
-	
-	
+
+
 	//	By default, all badges are false
 		$contactbadge = false;
 		$profilebadge = false;
 		$keywordsbadge = false;
-		
+
 	// Check number of contacts.  Award a badge if over 10
-	// We'll figure these out on each page load instead of 
+	// We'll figure these out on each page load instead of
 	// writing them to the DB because that will mean one needs
 	// to retain their achievements - eg, you can't add
 	// a bunch of channels just to get your badge, and then
 	// delete them all again.  If these become popular or
 	// used in profiles or something, we may need to reconsider
 	// and add a table for this - because this won't scale.
-	    
+
 	    $r = q("select * from abook where abook_channel = %d",
 		intval($owner)
 		);
-	
+
 		if (count($r))
 			$contacts = count($r);
 		// We're checking for 11 to adjust for the abook record for self
 		if ($contacts >= 11)
 				$contactbadge = true;
-			
+
 	//	Check if an about field in the profile has been created.
-	
+
 		$r = q("select * from profile where uid = %d and about <> ''",
 				intval($owner)
 		);
-		
+
 		if ($r)
 			$profilebadge = 1;
-	
+
 	// Check if keywords have been set
-	
+
 		$r = q("select * from profile where uid = %d and keywords <> ''",
 				intval($owner)
 		);
-		
+
 		if($r)
 			$keywordsbadge = 1;
-	
+
 	    return replace_macros(get_markup_template("achievements.tpl"), array(
 	                '$newmembertext' => $newmembertext,
 	                '$profilebadge' => $profilebadge,
 	                '$contactbadge' => $contactbadge,
 	                '$keywordsbadge' => $keywordsbadge,
-	                '$channelsbadge' => $channelsbadge
+	                '$channelsbadge' => null,
 	));
-	
+
 	}
-	
+
 }
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -29,11 +29,11 @@ class Acl extends \Zotlabs\Web\Controller {

 		// logger('mod_acl: ' . print_r($_GET,true),LOGGER_DATA);

-		$start    = (x($_REQUEST,'start')  ? $_REQUEST['start']  : 0);
-		$count    = (x($_REQUEST,'count')  ? $_REQUEST['count']  : 500);
-		$search   = (x($_REQUEST,'search') ? $_REQUEST['search'] : '');
-		$type     = (x($_REQUEST,'type')   ? $_REQUEST['type']   : '');
-		$noforums = (x($_REQUEST,'n')      ? $_REQUEST['n']      : false);
+		$start    = (!empty($_REQUEST['start'])  ? $_REQUEST['start']  : 0);
+		$count    = (!empty($_REQUEST['count'])  ? $_REQUEST['count']  : 500);
+		$search   = (!empty($_REQUEST['search']) ? $_REQUEST['search'] : '');
+		$type     = (!empty($_REQUEST['type'])   ? $_REQUEST['type']   : '');
+		$noforums = (!empty($_REQUEST['n'])      ? $_REQUEST['n']      : false);


 		// $type =
@@ -53,7 +53,7 @@ class Acl extends \Zotlabs\Web\Controller {
 		// List of channels whose connections to also suggest,
 		// e.g. currently viewed channel or channels mentioned in a post

-		$extra_channels = (x($_REQUEST,'extra_channels') ? $_REQUEST['extra_channels'] : array());
+		$extra_channels = (!empty($_REQUEST['extra_channels']) ? $_REQUEST['extra_channels'] : []);

 		// The different autocomplete libraries use different names for the search text
 		// parameter. Internally we'll use $search to represent the search text no matter
@@ -416,7 +416,7 @@ class Acl extends \Zotlabs\Web\Controller {
 		}

 		$dirmode = intval(Config::Get('system','directory_mode'));
-		$search = ((x($_REQUEST,'search')) ? htmlentities($_REQUEST['search'],ENT_COMPAT,'UTF-8',false) : '');
+		$search = ((!empty($_REQUEST['search'])) ? htmlentities($_REQUEST['search'], ENT_COMPAT, 'UTF-8', false) : '');
 		if(! $search || mb_strlen($search) < 2)
 			return array();

@@ -446,7 +446,7 @@ class Acl extends \Zotlabs\Web\Controller {

 		$token = Config::Get('system','realm_token');

-		$count = (x($_REQUEST,'count') ?  $_REQUEST['count'] : 100);
+		$count = (!empty($_REQUEST['count']) ?  $_REQUEST['count'] : 100);
 		if($url) {
 			$query = $url . '?f=' . (($token) ? '&t=' . urlencode($token) : '');
 			$query .= '&name=' . urlencode($search) . "&limit=$count" . (($address) ? '&address=' . urlencode(punify($search)) : '');
--- a/Zotlabs/Module/Activity.php
+++ b/Zotlabs/Module/Activity.php
@@ -23,14 +23,14 @@ class Activity extends Controller {
 			if (! $item_id)
 				http_status_exit(404, 'Not found');

-			$portable_id = EMPTY_STR;
+			$portable_id = null;

 			$item_normal_extra = sprintf(" and not verb in ('Follow', 'Ignore', '%s', '%s') ",
 				dbesc(ACTIVITY_FOLLOW),
 				dbesc(ACTIVITY_UNFOLLOW)
 			);

-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra ";

 			$i = null;

@@ -166,6 +166,7 @@ class Activity extends Controller {
 				return;
 			}

+			$portable_id = null;
 			$ob_authorize = false;
 			$item_uid = 0;

@@ -191,7 +192,7 @@ class Activity extends Controller {
 				dbesc(ACTIVITY_UNFOLLOW)
 			);

-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra ";

 			$sigdata = HTTPSig::verify(EMPTY_STR);
 			if ($sigdata['portable_id'] && $sigdata['header_valid']) {
--- a/Zotlabs/Module/Admin/Account_edit.php
+++ b/Zotlabs/Module/Admin/Account_edit.php
@@ -8,6 +8,11 @@ class Account_edit {

 	function post() {

+		// Validate CSRF token
+		//
+		// We terminate with a 403 Forbidden status if the check fails.
+		check_form_security_token_ForbiddenOnErr('admin_account_edit', 'security');
+
 		$account_id = $_REQUEST['aid'];

 		if(! $account_id)
@@ -18,7 +23,7 @@ class Account_edit {
 		if($pass1 && $pass2 && ($pass1 === $pass2)) {
 			$salt = random_string(32);
 			$password_encoded = hash('whirlpool', $salt . $pass1);
-			$r = q("update account set account_salt = '%s', account_password = '%s', 
+			$r = q("update account set account_salt = '%s', account_password = '%s',
 				account_password_changed = '%s' where account_id = %d",
 				dbesc($salt),
 				dbesc($password_encoded),
@@ -34,7 +39,7 @@ class Account_edit {
 		$account_level = 5;
 		$account_language = trim($_REQUEST['account_language']);

-		$r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s' 
+		$r = q("update account set account_service_class = '%s', account_level = %d, account_language = '%s'
 			where account_id = %d",
 			dbesc($service_class),
 			intval($account_level),
@@ -62,8 +67,8 @@ class Account_edit {
 			return '';
 		}

-
 		$a = replace_macros(get_markup_template('admin_account_edit.tpl'), [
+			'$security' => get_form_security_token('admin_account_edit'),
 			'$account' => $x[0],
 			'$title' => t('Account Edit'),
 			'$pass1' => [ 'pass1', t('New Password'), ' ','' ],
--- a/Zotlabs/Module/Admin/Accounts.php
+++ b/Zotlabs/Module/Admin/Accounts.php
@@ -6,133 +6,33 @@ use Zotlabs\Lib\Config;

 class Accounts {

-	/**
-	 * @brief Handle POST actions on accounts admin page.
-	 *
-	 * This function is called when on the admin user/account page the form was
-	 * submitted to handle multiple operations at once. If one of the icons next
-	 * to an entry are pressed the function admin_page_accounts() will handle this.
-	 *
-	 */

 	const MYP = 	'ZAR';			// ZAR2x
 	const VERSION =	'2.0.0';

-	function post() {
+	/**
+	 * Handle POST actions on accounts admin page.
+	 */
+	public function post() {

-		$pending = ( x($_POST, 'pending') ? $_POST['pending'] : array() );
-		$users   = ( x($_POST, 'user')    ? $_POST['user']    : array() );
-		$blocked = ( x($_POST, 'blocked') ? $_POST['blocked'] : array() );
+		$pending = x($_POST, 'pending') ? $_POST['pending'] : array();

 		check_form_security_token_redirectOnErr('/admin/accounts', 'admin_accounts');

-		$isajax = is_ajax();
-		$rc = 0;
-
-		If (!is_site_admin()) {
-			if ($isajax) {
-				killme();
-				exit;
-			}
-			goaway(z_root() . '/');
-		}
-
-		if ($isajax) {
-			//$debug = print_r($_SESSION[self::MYP],true);
-			$zarop = (x($_POST['zardo']) && preg_match('/^[ad]{1,1}$/', $_POST['zardo']) )
-					 ? $_POST['zardo'] : '';
-			// zarat arrives with leading underscore _n
-			$zarat = (x($_POST['zarat']) && preg_match('/^_{1,1}[0-9]{1,6}$/', $_POST['zarat']) )
-					 ? substr($_POST['zarat'],1) : '';
-			$zarse = (x($_POST['zarse']) && preg_match('/^[0-9a-f]{8,8}$/', $_POST['zarse']) )
-					 ? hex2bin($_POST['zarse']) : '';
-
-			if ($zarop && $zarat >= 0 && $zarse && $zarse == $_SESSION[self::MYP]['h'][$zarat]) {
-
-				//
-				if ($zarop == 'd') {
-					$rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
-						intval($_SESSION[self::MYP]['i'][$zarat]),
-						dbesc($_SESSION[self::MYP]['h'][$zarat])
-					);
-					$rc = '×';
-				}
-				elseif ($zarop == 'a') {
-					// approval, REGISTER_DENIED by user 0x0040, REGISTER_AGREED by user 0x0020 @Regate
-					$rd = q("UPDATE register SET reg_flags = (reg_flags & ~ 16), "
-						.	" reg_vital = (CASE (reg_flags & ~ 48) WHEN 0 THEN 0 ELSE 1 END) "
-						.	" WHERE reg_vital = 1 AND reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
-						intval($_SESSION[self::MYP]['i'][$zarat]),
-						dbesc($_SESSION[self::MYP]['h'][$zarat])
-					);
-					$rc = 0;
-					$rs = q("SELECT * from register WHERE reg_id = %d ",
-							intval($_SESSION[self::MYP]['i'][$zarat])
-					);
-					if ($rs && ($rs[0]['reg_flags'] & ~ 48) == 0) {
-						// create account
-						$rc = 'ok'.$rs[0]['reg_id'];
-						$ac = create_account_from_register($rs[0]);
-						if ( $ac['success'] ) {
-							$rc .= '✔';
-
-							$auto_create  = Config::Get('system','auto_channel_create',1);
-
-							if($auto_create) {
-								$reonar = json_decode($rs[0]['reg_stuff'], true);
-								// prepare channel creation
-								if($reonar['chan.name'])
-									set_aconfig($ac['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']);
-
-								if($reonar['chan.did1'])
-									set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
-
-								$permissions_role  = Config::Get('system','default_permissions_role');
-								if($permissions_role)
-									set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role);
-
-								// create channel
-								$new_channel = auto_channel_create($ac['account']['account_id']);
-
-								if($new_channel['success']) {
-									$rc .= ' c,ok' . $new_channel['channel']['channel_id'] . '✔';
-								}
-								else {
-									$rc .= ' c ×';
-								}
-							}
-
-
-						}
-					} else {
-						$rc='oh ×';
-					}
-				}
-				echo json_encode(array('re' => $zarop, 'at' => '_' . $zarat, 'rc' => $rc));
-			}
+		if (is_ajax()) {
+			$this->handle_ajax_request();
 			killme();
-			exit;
 		}

 		// change to switch structure?
 		// account block/unblock button was submitted
 		if (x($_POST, 'page_accounts_block')) {
-			for ($i = 0; $i < count($users); $i++) {
-				// if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag
-				$op = ($blocked[$i]) ? '& ~' : '| ';
-				q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d",
-					intval(ACCOUNT_BLOCKED),
-					intval($users[$i])
-				);
-			}
-			notice( sprintf( tt("%s account blocked/unblocked", "%s account blocked/unblocked", count($users)), count($users)) );
+			$this->block_unblock_accounts();
 		}
+
 		// account delete button was submitted
 		if (x($_POST, 'page_accounts_delete')) {
-			foreach ($users as $uid){
-				account_remove($uid, true, false);
-			}
-			notice( sprintf( tt("%s account deleted", "%s accounts deleted", count($users)), count($users)) );
+			$this->delete_accounts();
 		}
 		// registration approved button was submitted
 		if (x($_POST, 'page_accounts_approve')) {
@@ -351,5 +251,143 @@ class Accounts {
 		return $o;
 	}

+	private function handle_ajax_request(): void {
+		//$debug = print_r($_SESSION[self::MYP],true);
+		$zarop = (x($_POST['zardo']) && preg_match('/^[ad]{1,1}$/', $_POST['zardo']) )
+			? $_POST['zardo'] : '';
+		// zarat arrives with leading underscore _n
+		$zarat = (x($_POST['zarat']) && preg_match('/^_{1,1}[0-9]{1,6}$/', $_POST['zarat']) )
+			? substr($_POST['zarat'],1) : '';
+		$zarse = (x($_POST['zarse']) && preg_match('/^[0-9a-f]{8,8}$/', $_POST['zarse']) )
+			? hex2bin($_POST['zarse']) : '';
+
+		if ($zarop && $zarat >= 0 && $zarse && $zarse == $_SESSION[self::MYP]['h'][$zarat]) {
+
+			//
+			if ($zarop == 'd') {
+				$rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
+					intval($_SESSION[self::MYP]['i'][$zarat]),
+					dbesc($_SESSION[self::MYP]['h'][$zarat])
+				);
+				$rc = '×';
+			}
+			elseif ($zarop == 'a') {
+				// approval, REGISTER_DENIED by user 0x0040, REGISTER_AGREED by user 0x0020 @Regate
+				$rd = q("UPDATE register SET reg_flags = (reg_flags & ~ 16), "
+					.	" reg_vital = (CASE (reg_flags & ~ 48) WHEN 0 THEN 0 ELSE 1 END) "
+					.	" WHERE reg_vital = 1 AND reg_id = %d AND SUBSTR(reg_hash,1,4) = '%s' ",
+					intval($_SESSION[self::MYP]['i'][$zarat]),
+					dbesc($_SESSION[self::MYP]['h'][$zarat])
+				);
+				$rc = 0;
+				$rs = q("SELECT * from register WHERE reg_id = %d ",
+					intval($_SESSION[self::MYP]['i'][$zarat])
+				);
+				if ($rs && ($rs[0]['reg_flags'] & ~ 48) == 0) {
+					// create account
+					$rc = 'ok'.$rs[0]['reg_id'];
+					$ac = create_account_from_register($rs[0]);
+					if ( $ac['success'] ) {
+						$rc .= '✔';
+
+						$auto_create  = Config::Get('system','auto_channel_create',1);
+
+						if($auto_create) {
+							$reonar = json_decode($rs[0]['reg_stuff'], true);
+							// prepare channel creation
+							if($reonar['chan.name'])
+								set_aconfig($ac['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']);
+
+							if($reonar['chan.did1'])
+								set_aconfig($ac['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
+
+							$permissions_role  = Config::Get('system','default_permissions_role');
+							if($permissions_role)
+								set_aconfig($ac['account']['account_id'], 'register', 'permissions_role', $permissions_role);
+
+							// create channel
+							$new_channel = auto_channel_create($ac['account']['account_id']);
+
+							if($new_channel['success']) {
+								$rc .= ' c,ok' . $new_channel['channel']['channel_id'] . '✔';
+							}
+							else {
+								$rc .= ' c ×';
+							}
+						}
+
+
+					}
+				} else {
+					$rc='oh ×';
+				}
+			}
+			echo json_encode(array('re' => $zarop, 'at' => '_' . $zarat, 'rc' => $rc));
+		}
+	}
+
+	/**
+	 * Block or unblock accounts given by the `user` and `blocked` POST params.
+	 *
+	 * The post params `user` and `blocked` must be present and arrays of equal
+	 * lengths. The `user` array should contain account id's or the accounts to
+	 * process, and the `blocked` array holds a corresponding boolean value to
+	 * indicate that the account at the same offset in the `user` array is or is
+	 * not blocked.
+	 *
+	 * An account that is _not_ blocked will be blocked, and accounts that _are_
+	 * blocked will be unblocked.
+	 *
+	 * @SuppressWarnings(PHPMD.ShortVariable)
+	 */
+	private function block_unblock_accounts(): void {
+		if (!isset($_POST['user']) || !isset($_POST['blocked'])) {
+			return;
+		}
+
+		$users = $_POST['user'];
+		$blocked = $_POST['blocked'];
+
+		if (!is_array($users) || !is_array($blocked)) {
+			return;
+		}
+
+		foreach($users as $i => $id) {
+			// if account is blocked remove blocked bit-flag, otherwise add blocked bit-flag
+			$op = $blocked[$i] ? '& ~' : '| ';
+
+			q("UPDATE account SET account_flags = (account_flags $op%d) WHERE account_id = %d",
+				intval(ACCOUNT_BLOCKED),
+				intval($id)
+			);
+		}
+
+		$count = count($users);
+		$fmt = tt("%s account blocked/unblocked", "%s account blocked/unblocked", $count);
+		notice(sprintf($fmt, $count));
+	}
+
+	/**
+	 * Delete multiple accounts given by the `user` POST param.
+	 */
+	private function delete_accounts(): void {
+		if (!isset($_POST['user'])) {
+			return;
+		}
+
+		$users = $_POST['user'];
+
+		if (!is_array($users)) {
+			return;
+		}
+
+		foreach ($users as $uid){
+			account_remove($uid, true, false);
+		}
+
+		$count = count($users);
+		$fmt = tt("%s account deleted", "%s accounts deleted", $count);
+		notice(sprintf($fmt, $count));
+	}
 }

--- a/Zotlabs/Module/Admin/Addons.php
+++ b/Zotlabs/Module/Admin/Addons.php
@@ -3,9 +3,8 @@
 namespace Zotlabs\Module\Admin;

 use App;
-use \Zotlabs\Lib\Config;
-use \Zotlabs\Storage\GitRepo;
-use \Michelf\MarkdownExtra;
+use Zotlabs\Lib\Config;
+use Michelf\MarkdownExtra;

 class Addons {

@@ -24,227 +23,6 @@ class Addons {

 			goaway(z_root() . '/admin/addons/' . argv(2) );
 		}
-		elseif(argc() > 2) {
-			switch(argv(2)) {
-				case 'updaterepo':
-					if (array_key_exists('repoName', $_REQUEST)) {
-						$repoName = $_REQUEST['repoName'];
-					}
-					else {
-						json_return_and_die(array('message' => 'No repo name provided.', 'success' => false));
-					}
-					$extendDir = 'store/[data]/git/sys/extend';
-					$addonDir = $extendDir . '/addon';
-					if (!file_exists($extendDir)) {
-						if (!mkdir($extendDir, 0770, true)) {
-							logger('Error creating extend folder: ' . $extendDir);
-							json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
-						}
-						else {
-							if (!symlink(realpath('extend/addon'), $addonDir)) {
-								logger('Error creating symlink to addon folder: ' . $addonDir);
-								json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
-							}
-						}
-					}
-					$repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName;
-					if (!is_dir($repoDir)) {
-						logger('Repo directory does not exist: ' . $repoDir);
-						json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false));
-					}
-					if (!is_writable($repoDir)) {
-						logger('Repo directory not writable to web server: ' . $repoDir);
-						json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false));
-					}
-					$git = new GitRepo('sys', null, false, $repoName, $repoDir);
-					try {
-						if ($git->pull()) {
-							$files = array_diff(scandir($repoDir), array('.', '..'));
-							foreach ($files as $file) {
-								if (is_dir($repoDir . '/' . $file) && $file !== '.git') {
-									$source = '../extend/addon/' . $repoName . '/' . $file;
-									$target = realpath('addon/') . '/' . $file;
-									unlink($target);
-									if (!symlink($source, $target)) {
-										logger('Error linking addons to /addon');
-										json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false));
-									}
-								}
-							}
-							json_return_and_die(array('message' => 'Repo updated.', 'success' => true));
-						} else {
-							json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
-						}
-					} catch (\PHPGit\Exception\GitException $e) {
-						json_return_and_die(array('message' => 'Error updating addon repo.', 'success' => false));
-					}
-					break;
-				case 'removerepo':
-					if (array_key_exists('repoName', $_REQUEST)) {
-						$repoName = $_REQUEST['repoName'];
-					} else {
-						json_return_and_die(array('message' => 'No repo name provided.', 'success' => false));
-					}
-					$extendDir = 'store/[data]/git/sys/extend';
-					$addonDir = $extendDir . '/addon';
-					if (!file_exists($extendDir)) {
-						if (!mkdir($extendDir, 0770, true)) {
-							logger('Error creating extend folder: ' . $extendDir);
-							json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
-						} else {
-							if (!symlink(realpath('extend/addon'), $addonDir)) {
-								logger('Error creating symlink to addon folder: ' . $addonDir);
-								json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
-							}
-						}
-					}
-					$repoDir = 'store/[data]/git/sys/extend/addon/' . $repoName;
-					if (!is_dir($repoDir)) {
-						logger('Repo directory does not exist: ' . $repoDir);
-						json_return_and_die(array('message' => 'Invalid addon repo.', 'success' => false));
-					}
-					if (!is_writable($repoDir)) {
-						logger('Repo directory not writable to web server: ' . $repoDir);
-						json_return_and_die(array('message' => 'Repo directory not writable to web server.', 'success' => false));
-					}
-					/// @TODO remove directory and unlink /addon/files
-					if (rrmdir($repoDir)) {
-						json_return_and_die(array('message' => 'Repo deleted.', 'success' => true));
-					} else {
-						json_return_and_die(array('message' => 'Error deleting addon repo.', 'success' => false));
-					}
-					break;
-				case 'installrepo':
-					if (array_key_exists('repoURL', $_REQUEST)) {
-						require_once('library/PHPGit.autoload.php');			// Load PHPGit dependencies
-						$repoURL = $_REQUEST['repoURL'];
-						$extendDir = 'store/[data]/git/sys/extend';
-						$addonDir = $extendDir . '/addon';
-						if (!file_exists($extendDir)) {
-							if (!mkdir($extendDir, 0770, true)) {
-								logger('Error creating extend folder: ' . $extendDir);
-								json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
-							} else {
-								if (!symlink(realpath('extend/addon'), $addonDir)) {
-									logger('Error creating symlink to addon folder: ' . $addonDir);
-									json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
-								}
-							}
-						}
-						if (!is_writable($extendDir)) {
-							logger('Directory not writable to web server: ' . $extendDir);
-							json_return_and_die(array('message' => 'Directory not writable to web server.', 'success' => false));
-						}
-						$repoName = null;
-						if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') {
-							$repoName = $_REQUEST['repoName'];
-						} else {
-							$repoName = GitRepo::getRepoNameFromURL($repoURL);
-						}
-						if (!$repoName) {
-							logger('Invalid git repo');
-							json_return_and_die(array('message' => 'Invalid git repo', 'success' => false));
-						}
-						$repoDir = $addonDir . '/' . $repoName;
-						$tempRepoBaseDir = 'store/[data]/git/sys/temp/';
-						$tempAddonDir = $tempRepoBaseDir . $repoName;
-
-						if (!is_writable($addonDir) || !is_writable($tempAddonDir)) {
-							logger('Temp repo directory or /extend/addon not writable to web server: ' . $tempAddonDir);
-							json_return_and_die(array('message' => 'Temp repo directory not writable to web server.', 'success' => false));
-						}
-						rename($tempAddonDir, $repoDir);
-
-						if (!is_writable(realpath('addon/'))) {
-							logger('/addon directory not writable to web server: ' . $tempAddonDir);
-							json_return_and_die(array('message' => '/addon directory not writable to web server.', 'success' => false));
-						}
-						$files = array_diff(scandir($repoDir), array('.', '..'));
-						foreach ($files as $file) {
-							if (is_dir($repoDir . '/' . $file) && $file !== '.git') {
-								$source = '../extend/addon/' . $repoName . '/' . $file;
-								$target = realpath('addon/') . '/' . $file;
-								unlink($target);
-								if (!symlink($source, $target)) {
-									logger('Error linking addons to /addon');
-									json_return_and_die(array('message' => 'Error linking addons to /addon', 'success' => false));
-								}
-							}
-						}
-						$git = new GitRepo('sys', $repoURL, false, $repoName, $repoDir);
-						$repo = $git->probeRepo();
-						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
-					}
-					break;
-				case 'addrepo':
-					if (array_key_exists('repoURL', $_REQUEST)) {
-						require_once('library/PHPGit.autoload.php');	 // Load PHPGit dependencies
-						$repoURL = $_REQUEST['repoURL'];
-						$extendDir = 'store/[data]/git/sys/extend';
-						$addonDir = $extendDir . '/addon';
-						$tempAddonDir = realpath('store/[data]') . '/git/sys/temp';
-						if (!file_exists($extendDir)) {
-							if (!mkdir($extendDir, 0770, true)) {
-								logger('Error creating extend folder: ' . $extendDir);
-								json_return_and_die(array('message' => 'Error creating extend folder: ' . $extendDir, 'success' => false));
-							} else {
-								if (!symlink(realpath('extend/addon'), $addonDir)) {
-									logger('Error creating symlink to addon folder: ' . $addonDir);
-									json_return_and_die(array('message' => 'Error creating symlink to addon folder: ' . $addonDir, 'success' => false));
-								}
-							}
-						}
-						if (!is_dir($tempAddonDir)) {
-							if (!mkdir($tempAddonDir, 0770, true)) {
-								logger('Error creating temp plugin repo folder: ' . $tempAddonDir);
-								json_return_and_die(array('message' => 'Error creating temp plugin repo folder: ' . $tempAddonDir, 'success' => false));
-							}
-						}
-						$repoName = null;
-						if (array_key_exists('repoName', $_REQUEST) && $_REQUEST['repoName'] !== '') {
-							$repoName = $_REQUEST['repoName'];
-						} else {
-							$repoName = GitRepo::getRepoNameFromURL($repoURL);
-						}
-						if (!$repoName) {
-							logger('Invalid git repo');
-							json_return_and_die(array('message' => 'Invalid git repo: ' . $repoName, 'success' => false));
-						}
-						$repoDir = $tempAddonDir . '/' . $repoName;
-						if (!is_writable($tempAddonDir)) {
-							logger('Temporary directory for new addon repo is not writable to web server: ' . $tempAddonDir);
-							json_return_and_die(array('message' => 'Temporary directory for new addon repo is not writable to web server.', 'success' => false));
-						}
-						// clone the repo if new automatically
-						$git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir);
-
-						$remotes = $git->git->remote();
-						$fetchURL = $remotes['origin']['fetch'];
-						if ($fetchURL !== $git->url) {
-							if (rrmdir($repoDir)) {
-								$git = new GitRepo('sys', $repoURL, true, $repoName, $repoDir);
-							} else {
-								json_return_and_die(array('message' => 'Error deleting existing addon repo.', 'success' => false));
-							}
-						}
-						$repo = $git->probeRepo();
-						$repo['readme'] = $repo['manifest'] = null;
-						foreach ($git->git->tree('master') as $object) {
-							if ($object['type'] == 'blob' && (strtolower($object['file']) === 'readme.md' || strtolower($object['file']) === 'readme')) {
-								$repo['readme'] = MarkdownExtra::defaultTransform($git->git->cat->blob($object['hash']));
-							} else if ($object['type'] == 'blob' && strtolower($object['file']) === 'manifest.json') {
-								$repo['manifest'] = $git->git->cat->blob($object['hash']);
-							}
-						}
-						json_return_and_die(array('repo' => $repo, 'message' => '', 'success' => true));
-					} else {
-						json_return_and_die(array('message' => 'No repo URL provided', 'success' => false));
-					}
-					break;
-				default:
-					break;
-			}
-		}
 	}

 	/**
@@ -408,37 +186,6 @@ class Addons {

 		usort($plugins,'self::plugin_sort');

-		$allowManageRepos = false;
-		if(is_writable('extend/addon') && is_writable('store/[data]')) {
-			$allowManageRepos = true;
-		}
-
-		$admin_plugins_add_repo_form= replace_macros(
-			get_markup_template('admin_plugins_addrepo.tpl'), array(
-				'$post' => 'admin/addons/addrepo',
-				'$desc' => t('Enter the public git repository URL of the addon repo.'),
-				'$repoURL' => array('repoURL', t('Addon repo git URL'), '', ''),
-				'$repoName' => array('repoName', t('Custom repo name'), '', '', t('(optional)')),
-				'$submit' => t('Download Addon Repo')
-			)
-		);
-		$newRepoModalID = random_string(3);
-		$newRepoModal = replace_macros(
-			get_markup_template('generic_modal.tpl'), array(
-				'$id' => $newRepoModalID,
-				'$title' => t('Install new repo'),
-				'$ok' => t('Install'),
-				'$cancel' => t('Cancel')
-			)
-		);
-
-		$reponames = $this->listAddonRepos();
-		$addonrepos = [];
-		foreach($reponames as $repo) {
-			$addonrepos[] = array('name' => $repo, 'description' => '');
-			/// @TODO Parse repo info to provide more information about repos
-		}
-
 		$t = get_markup_template('admin_plugins.tpl');
 		return replace_macros($t, array(
 			'$title' => t('Administration'),
@@ -449,37 +196,9 @@ class Addons {
 			'$plugins' => $plugins,
 			'$disabled' => t('Disabled - version incompatibility'),
 			'$form_security_token' => get_form_security_token('admin_addons'),
-			'$allowManageRepos' => $allowManageRepos,
-			'$managerepos' => t('Manage Repos'),
-			'$installedtitle' => t('Installed Addon Repositories'),
-			'$addnewrepotitle' =>	t('Install a New Addon Repository'),
-			'$expandform' => false,
-			'$form' => $admin_plugins_add_repo_form,
-			'$newRepoModal' => $newRepoModal,
-			'$newRepoModalID' => $newRepoModalID,
-			'$addonrepos' => $addonrepos,
-			'$repoUpdateButton' => t('Update'),
-			'$repoBranchButton' => t('Switch branch'),
-			'$repoRemoveButton' => t('Remove')
 		));
 	}

-	function listAddonRepos() {
-		$addonrepos = [];
-		$addonDir = 'extend/addon/';
-		if(is_dir($addonDir)) {
-			if ($handle = opendir($addonDir)) {
-				while (false !== ($entry = readdir($handle))) {
-					if ($entry != "." && $entry != "..") {
-						$addonrepos[] = $entry;
-					}
-				}
-				closedir($handle);
-			}
-		}
-		return $addonrepos;
-	}
-
 	static public function plugin_sort($a,$b) {
 		return(strcmp(strtolower($a[2]['name']),strtolower($b[2]['name'])));
 	}
--- a/Zotlabs/Module/Admin/Channels.php
+++ b/Zotlabs/Module/Admin/Channels.php
@@ -126,7 +126,7 @@ class Channels {
 			goaway(z_root() . '/admin/channels' );
 		}

-		$key = (($_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id');
+		$key = ((isset($_REQUEST['key']) && $_REQUEST['key']) ? dbesc($_REQUEST['key']) : 'channel_id');
 		$dir = 'asc';
 		if(array_key_exists('dir',$_REQUEST))
 			$dir = ((intval($_REQUEST['dir'])) ? 'asc' : 'desc');
--- a/Zotlabs/Module/Admin/Features.php
+++ b/Zotlabs/Module/Admin/Features.php
@@ -59,14 +59,13 @@ class Features {
 			}

 			$tpl = get_markup_template("admin_settings_features.tpl");
-			$o .= replace_macros($tpl, array(
+
+			return replace_macros($tpl, array(
 				'$form_security_token' => get_form_security_token("admin_manage_features"),
 				'$title'	=> t('Manage Additional Features'),
 				'$features' => $arr,
 				'$submit'   => t('Submit'),
 			));
-
-			return $o;
 		}
 	}

--- a/Zotlabs/Module/Admin/Site.php
+++ b/Zotlabs/Module/Admin/Site.php
@@ -6,6 +6,8 @@ use Zotlabs\Lib\Config;

 class Site {

+	private string $eol;
+	private string $joo;

 	/**
 	 * @brief POST handler for Admin Site Page.
@@ -208,7 +210,6 @@ class Site {
 		//Config::Set('system','force_queue_threshold', $force_queue);

 		Config::Set('system','no_community_page', $no_community_page);
-		Config::Set('system','no_utf', $no_utf);

 		Config::Set('system','sse_enabled', $sse_enabled);

--- a/Zotlabs/Module/Admin/Themes.php
+++ b/Zotlabs/Module/Admin/Themes.php
@@ -2,7 +2,7 @@

 namespace Zotlabs\Module\Admin;

-use \Michelf\MarkdownExtra;
+use Michelf\MarkdownExtra;
 use Zotlabs\Lib\Config;

 /**
--- a/Zotlabs/Module/Api.php
+++ b/Zotlabs/Module/Api.php
@@ -108,6 +108,9 @@ class Api extends \Zotlabs\Web\Controller {

 		echo api_call();
 		killme();
+
+		// not reached
+		return;
 	}

 	function oauth_get_client($request){
--- a/Zotlabs/Module/Appman.php
+++ b/Zotlabs/Module/Appman.php
@@ -16,21 +16,21 @@ class Appman extends \Zotlabs\Web\Controller {
 		if(isset($_POST['url']) && $_POST['url']) {
 			$arr = array(
 				'uid' => intval($_REQUEST['uid']),
-				'url' => escape_tags($_REQUEST['url']),
-				'guid' => escape_tags($_REQUEST['guid']),
-				'author' => escape_tags($_REQUEST['author']),
-				'addr' => escape_tags($_REQUEST['addr']),
-				'name' => escape_tags($_REQUEST['name']),
-				'desc' => escape_tags($_REQUEST['desc']),
-				'photo' => escape_tags($_REQUEST['photo']),
-				'version' => escape_tags($_REQUEST['version']),
-				'price' => escape_tags($_REQUEST['price']),
-				'page' => escape_tags($_REQUEST['page']),
-				'requires' => escape_tags($_REQUEST['requires']),
+				'url' => escape_tags($_REQUEST['url'] ?? ''),
+				'guid' => escape_tags($_REQUEST['guid'] ?? ''),
+				'author' => escape_tags($_REQUEST['author'] ?? ''),
+				'addr' => escape_tags($_REQUEST['addr'] ?? ''),
+				'name' => escape_tags($_REQUEST['name'] ?? ''),
+				'desc' => escape_tags($_REQUEST['desc'] ?? ''),
+				'photo' => escape_tags($_REQUEST['photo'] ?? ''),
+				'version' => escape_tags($_REQUEST['version'] ?? ''),
+				'price' => escape_tags($_REQUEST['price'] ?? ''),
+				'page' => escape_tags($_REQUEST['page'] ?? ''),
+				'requires' => escape_tags($_REQUEST['requires'] ?? ''),
 				'system' => intval($_REQUEST['system']),
-				'plugin' => escape_tags($_REQUEST['plugin']),
-				'sig' => escape_tags($_REQUEST['sig']),
-				'categories' => escape_tags($_REQUEST['categories'])
+				'plugin' => escape_tags($_REQUEST['plugin'] ?? ''),
+				'sig' => escape_tags($_REQUEST['sig'] ?? ''),
+				'categories' => escape_tags($_REQUEST['categories'] ?? '')
 			);

 			$_REQUEST['appid'] = Apps::app_install(local_channel(),$arr);
--- a/Zotlabs/Module/Apporder.php
+++ b/Zotlabs/Module/Apporder.php
@@ -2,7 +2,7 @@

 namespace Zotlabs\Module;

-use \Zotlabs\Lib as Zlib;
+use Zotlabs\Lib as Zlib;

 class Apporder extends \Zotlabs\Web\Controller {

@@ -25,7 +25,7 @@ class Apporder extends \Zotlabs\Web\Controller {
 					$syslist[] = Zlib\Apps::app_encode($li);
 				}
 			}
-		
+
 			Zlib\Apps::translate_system_apps($syslist);

 			usort($syslist,'Zotlabs\\Lib\\Apps::app_name_compare');
--- a/Zotlabs/Module/Apps.php
+++ b/Zotlabs/Module/Apps.php
@@ -1,8 +1,8 @@
 <?php
 namespace Zotlabs\Module;

-use \Zotlabs\Lib\Config;
-use \Zotlabs\Lib as Zlib;
+use Zotlabs\Lib\Config;
+use Zotlabs\Lib as Zlib;

 class Apps extends \Zotlabs\Web\Controller {

--- a/Zotlabs/Module/Attach_edit.php
+++ b/Zotlabs/Module/Attach_edit.php
@@ -133,6 +133,11 @@ class Attach_edit extends Controller {
 				}
 				$x = attach_move($channel_id, $resource, $newfolder, (($single) ? $newfilename : ''));

+				if (!$x['success']) {
+					notice($x['message'] . EOL);
+					goaway($return_path);
+				}
+
 				$actions_done .= 'move,';

 			}
--- a/Zotlabs/Module/Authorize.php
+++ b/Zotlabs/Module/Authorize.php
@@ -9,7 +9,7 @@ class Authorize extends \Zotlabs\Web\Controller {
 	function get() {
 		if (! local_channel()) {
 			return login();
-		} 
+		}
 		else {

 			$name = $_REQUEST['client_name'];
@@ -25,7 +25,7 @@ class Authorize extends \Zotlabs\Web\Controller {

 			$link = (($app['url']) ? '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> ' : $app['name']);

-			$o .= replace_macros(get_markup_template('oauth_authorize.tpl'), [
+			return replace_macros(get_markup_template('oauth_authorize.tpl'), [
 				'$title'        => t('Authorize'),
 				'$authorize'    => sprintf( t('Do you authorize the app %s to access your channel data?'), $link ),
 				'$app'          => $app,
@@ -35,7 +35,6 @@ class Authorize extends \Zotlabs\Web\Controller {
 				'$redirect_uri' => (x($_REQUEST, 'redirect_uri') ? $_REQUEST['redirect_uri'] : ''),
 				'$state'        => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
 			]);
-			return $o;
 		}
 	}

@@ -50,7 +49,7 @@ class Authorize extends \Zotlabs\Web\Controller {
 		// TODO: The automatic client registration protocol below should adhere more
 		// closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined
 		// at https://tools.ietf.org/html/rfc7591
-		
+
 		// If no client_id was provided, generate a new one.
 		if (x($_POST, 'client_id')) {
 			$client_id = $_POST['client_id'];
@@ -67,7 +66,7 @@ class Authorize extends \Zotlabs\Web\Controller {
 		$request = \OAuth2\Request::createFromGlobals();
 		$response = new \OAuth2\Response();

-		// Note, "sub" field must match type and content. $user_id is used to populate - make sure it's a string. 
+		// Note, "sub" field must match type and content. $user_id is used to populate - make sure it's a string.
 		$channel = channelx_by_n(local_channel());
 		$user_id = $channel['channel_id'];

--- a/Zotlabs/Module/Authtest.php
+++ b/Zotlabs/Module/Authtest.php
@@ -7,7 +7,7 @@ class Authtest extends \Zotlabs\Web\Controller {


 		$auth_success = false;
-		$o .= '<h3>Magic-Auth Diagnostic</h3>';
+		$o = '<h3>Magic-Auth Diagnostic</h3>';

 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
@@ -27,7 +27,7 @@ class Authtest extends \Zotlabs\Web\Controller {

 			$_REQUEST['test'] = 1;
 			$mod = new Magic();
-			$x = $mod->init($a);
+			$x = $mod->init();

 			$o .= 'Local Setup returns: ' . print_r($x,true);

--- a/Zotlabs/Module/Changeaddr.php
+++ b/Zotlabs/Module/Changeaddr.php
@@ -5,30 +5,30 @@ namespace Zotlabs\Module;
 class Changeaddr extends \Zotlabs\Web\Controller {

 	function post() {
-	
+
 		if(! local_channel())
 			return;
-	
+
 		if($_SESSION['delegate'])
 			return;
-	
+
 		if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password']))))
 			return;
-	
+
 		if((! x($_POST,'verify')) || (! strlen(trim($_POST['verify']))))
 			return;
-	
+
 		if($_POST['verify'] !== $_SESSION['remove_account_verify'])
 			return;
-	
-	
+
+
 		$account = \App::get_account();
 		$channel = \App::get_channel();
-	
+
 		$x = account_verify_password($account['account_email'],$_POST['qxz_password']);
 		if(! ($x && $x['account']))
 			return;
-	
+
 		if($account['account_password_changed'] > NULL_DATE) {
 			$d1 = datetime_convert('UTC','UTC','now - 48 hours');
 			if($account['account_password_changed'] > $d1) {
@@ -36,7 +36,7 @@ class Changeaddr extends \Zotlabs\Web\Controller {
 				return;
 			}
 		}
-	
+
 		$new_address = trim($_POST['newname']);

 		if($new_address === $channel['channel_address'])
@@ -55,23 +55,23 @@ class Changeaddr extends \Zotlabs\Web\Controller {
 		channel_change_address($channel,$new_address);

 		goaway(z_root() . '/changeaddr');
-	
+
 	}
-	
-	
+
+
 	function get() {
-	
+
 		if(! local_channel())
 			goaway(z_root());
-	
+
 		$channel = \App::get_channel();

 		$hash = random_string();
-	
+
 		$_SESSION['remove_account_verify'] = $hash;
-	
+
 		$tpl = get_markup_template('channel_rename.tpl');
-		$o .= replace_macros($tpl, array(
+		return replace_macros($tpl, array(
 			'$basedir' => z_root(),
 			'$hash' => $hash,
 			'$title' => t('Change channel nickname/address'),
@@ -80,9 +80,5 @@ class Changeaddr extends \Zotlabs\Web\Controller {
 			'$newname' => array('newname', t('New channel address'),$channel['channel_address'], ''),
 			'$submit' => t('Rename Channel')
 		));
-	
-		return $o;		
-	
 	}
-	
 }
--- a/Zotlabs/Module/Channel.php
+++ b/Zotlabs/Module/Channel.php
@@ -85,7 +85,7 @@ class Channel extends Controller {
 			$headers = [
 				'Content-Type'     => 'application/x-zot+json',
 				'Digest'           => HTTPSig::generate_digest_header($data),
-				'(request-target)' => strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']
+				'Date'             => datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T')
 			];

 			$h = HTTPSig::create_sig($headers, $channel['channel_prvkey'], channel_url($channel));
@@ -266,7 +266,7 @@ class Channel extends Controller {
 					'default_location'    => (($is_owner) ? App::$profile['channel_location'] : ''),
 					'nickname'            => App::$profile['channel_address'],
 					'lockstate'           => (((strlen(App::$profile['channel_allow_cid'])) || (strlen(App::$profile['channel_allow_gid'])) || (strlen(App::$profile['channel_deny_cid'])) || (strlen(App::$profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
-					'acl'                 => (($is_owner) ? populate_acl($channel_acl, true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : ''),
+					'acl'                 => (($is_owner) ? populate_acl($channel_acl, true, PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions') : ''),
 					'permissions'         => $channel_acl,
 					'showacl'             => (($is_owner) ? 'yes' : ''),
 					'bang'                => '',
@@ -298,12 +298,15 @@ class Channel extends Controller {

 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
-		$sql_extra = item_permissions_sql(App::$profile['profile_uid']);
+		$sql_extra = '';
+		$permission_sql = item_permissions_sql(App::$profile['profile_uid']);

-		if (feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && (!$mid))
+		$page_mode = 'client';
+
+		$blog_mode = feature_enabled(App::$profile['profile_uid'], 'channel_list_mode') && !$mid;
+		if ($blog_mode) {
 			$page_mode = 'list';
-		else
-			$page_mode = 'client';
+		}

 		$abook_uids = " and abook.abook_channel = " . intval(App::$profile['profile_uid']) . " ";

@@ -334,8 +337,8 @@ class Channel extends Controller {
 		if (($update) && (!$load)) {

 			if ($mid) {
-				$r = q("SELECT parent AS item_id, uuid from item where $identifier = '%s' and uid = %d $item_normal_update
-					AND item_wall = 1 $simple_update $sql_extra limit 1",
+				$r = q("SELECT *, parent AS item_id from item where $identifier = '%s' and uid = %d $item_normal_update
+					AND item_wall = 1 $simple_update $permission_sql $sql_extra limit 1",
 					dbesc($mid),
 					intval(App::$profile['profile_uid'])
 				);
@@ -346,6 +349,7 @@ class Channel extends Controller {
 					WHERE uid = %d $item_normal_update
 					AND item_wall = 1 $simple_update
 					AND (abook.abook_blocked = 0 or abook.abook_flags is null)
+					$permission_sql
 					$sql_extra
 					ORDER BY created DESC",
 					intval(App::$profile['profile_uid'])
@@ -382,8 +386,8 @@ class Channel extends Controller {

 			if ($noscript_content || $load) {
 				if ($mid) {
-					$r = q("SELECT parent AS item_id, uuid from item where $identifier = '%s' and uid = %d $item_normal
-						AND item_wall = 1 $sql_extra limit 1",
+					$r = q("SELECT item.parent AS item_id, item.verb from item where $identifier = '%s' and item.uid = %d $item_normal
+						AND item.item_wall = 1 $permission_sql $sql_extra limit 1",
 						dbesc($mid),
 						intval(App::$profile['profile_uid'])
 					);
@@ -392,13 +396,18 @@ class Channel extends Controller {
 					}
 				}
 				else {
-					$r = q("SELECT DISTINCT item.parent AS item_id, $ordering FROM item
-						left join abook on ( item.author_xchan = abook.abook_xchan $abook_uids )
-						WHERE true and item.uid = %d $item_normal
+					$r = q("SELECT item.parent AS item_id, item.verb, $ordering FROM item
+						LEFT JOIN abook ON (item.author_xchan = abook.abook_xchan $abook_uids)
+						WHERE item.uid = %d
+						AND item.id = item.parent
 						AND (abook.abook_blocked = 0 or abook.abook_flags is null)
-						AND item.item_wall = 1 AND item.item_thread_top = 1
-						$sql_extra $sql_extra2
-						ORDER BY $ordering DESC, item_id $pager_sql ",
+						AND item.item_wall = 1
+						$item_normal
+						$permission_sql
+						$sql_extra
+						$sql_extra2
+						ORDER BY $ordering DESC, item_id
+						$pager_sql",
 						intval(App::$profile['profile_uid'])
 					);
 				}
@@ -408,19 +417,20 @@ class Channel extends Controller {
 			}
 		}
 		if ($r) {
-			$parents_str = ids_to_querystr($r, 'item_id');

-			$r = q("SELECT item.*, item.id AS item_id
-				FROM item
-				WHERE item.uid = %d $item_normal
-				AND item.parent IN ( %s )
-				$sql_extra ",
-				intval(App::$profile['profile_uid']),
-				dbesc($parents_str)
-			);
+			// 11.08.2025 start transition deprecated AS1 item.verb vocabulary to AS2 on demand.
+			// Keep this until we officially deprecate AS1 data.
+			AS1_to_AS2_verbs($r);

-			xchan_query($r);
-			$items = fetch_post_tags($r, true);
+			$thr_parents = null;
+			if ($mid) {
+				$thr_parents = get_recursive_thr_parents($r[0]);
+			}
+
+			$items = items_by_parent_ids($r, $thr_parents, $permission_sql, $blog_mode);
+
+			xchan_query($items);
+			$items = fetch_post_tags($items, true);
 			$items = conv_sort($items, $ordering);

 			if ($load && $mid && (!count($items))) {
@@ -434,11 +444,8 @@ class Channel extends Controller {
 			$items = [];
 		}

-
-
 		$mode = (($search) ? 'search' : 'channel');

-
 		if ((!$update) && (!$load)) {

 			// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
--- a/Zotlabs/Module/Channel_calendar.php
+++ b/Zotlabs/Module/Channel_calendar.php
@@ -179,26 +179,14 @@ class Channel_calendar extends Controller {
 		if ($post_tags)
 			$datarray['term'] = $post_tags;

-		$item_id = event_store_item($datarray, $event);
+		$post = event_store_item($datarray, $event);

-		if ($item_id) {
-			$r = q("select * from item where id = %d",
-				intval($item_id)
-			);
-			if ($r) {
-				xchan_query($r);
-				$sync_item = fetch_post_tags($r);
-				$z         = q("select * from event where event_hash = '%s' and uid = %d limit 1",
-					dbesc($r[0]['resource_id']),
-					intval($channel['channel_id'])
-				);
-				if ($z) {
-					Libsync::build_sync_packet($channel['channel_id'], array('event_item' => array(encode_item($sync_item[0], true)), 'event' => $z));
-				}
-			}
+		if (!empty($post['item_id'])) {
+			Master::Summon(['Notifier', 'event', $post['item_id']]);
+		}
+		if (!empty($post['approval_id'])) {
+			Master::Summon(['Notifier', 'event', $post['approval_id']]);
 		}
-
-		Master::Summon(array('Notifier', 'event', $item_id));

 		killme();

@@ -470,13 +458,14 @@ class Channel_calendar extends Controller {
 							}
 							else {
 								// complex deletion that needs to propagate and be performed in phases
-								drop_item($i[0]['id'], true, DROPITEM_PHASE1);
+								drop_item($i[0]['id'], DROPITEM_PHASE1);
 								$complex = true;
 							}

 							$ii = q("select * from item where id = %d",
 								intval($i[0]['id'])
 							);
+
 							if ($ii) {
 								xchan_query($ii);
 								$sync_item = fetch_post_tags($ii);
@@ -485,6 +474,9 @@ class Channel_calendar extends Controller {

 							if ($complex) {
 								tag_deliver($i[0]['uid'], $i[0]['id']);
+								if (intval($i[0]['item_wall'])) {
+									Master::Summon(['Notifier', 'drop', $i[0]['id']]);
+								}
 							}
 						}
 					}
--- a/Zotlabs/Module/Chatsvc.php
+++ b/Zotlabs/Module/Chatsvc.php
@@ -4,7 +4,7 @@ namespace Zotlabs\Module;

 require_once('include/security.php');

-use \Zotlabs\Lib as Zlib;
+use Zotlabs\Lib as Zlib;

 class Chatsvc extends \Zotlabs\Web\Controller {

--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -7,11 +7,12 @@ namespace Zotlabs\Module;
 * Module for accessing the DAV storage area.
 */

+use App;
 use Sabre\DAV as SDAV;
-use \Zotlabs\Web\Controller;
-use \Zotlabs\Storage\BasicAuth;
-use \Zotlabs\Storage\Directory;
-use \Zotlabs\Storage\Browser;
+use Zotlabs\Web\Controller;
+use Zotlabs\Storage\BasicAuth;
+use Zotlabs\Storage\Directory;
+use Zotlabs\Storage\Browser;


 // composer autoloader for SabreDAV
@@ -32,6 +33,15 @@ class Cloud extends Controller {
 	 */
 	function init() {

+		// TODO: why is this required?
+		// if we arrived at this path with any query parameters in the url, build a clean url without
+		// them and redirect.
+
+		$parsed = parse_url(App::$query_string);
+		if (!empty($parsed['query'])) {
+			goaway(z_root() . '/' . $parsed['path']);
+		}
+
 		if (! is_dir('store'))
 			os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false);

@@ -44,15 +54,13 @@ class Cloud extends Controller {
 		if ($which)
 			profile_load( $which, $profile);

-
-
 		$auth = new BasicAuth();

 		$ob_hash = get_observer_hash();

 		if ($ob_hash) {
 			if (local_channel()) {
-				$channel = \App::get_channel();
+				$channel = App::get_channel();
 				$auth->setCurrentUser($channel['channel_address']);
 				$auth->channel_account_id = $channel['channel_account_id'];
 				$auth->channel_id = $channel['channel_id'];
@@ -63,19 +71,12 @@ class Cloud extends Controller {
 			$auth->observer = $ob_hash;
 		}

-		// if we arrived at this path with any query parameters in the url, build a clean url without
-		// them and redirect.
-
 		if(! array_key_exists('cloud_sort',$_SESSION)) {
 			$_SESSION['cloud_sort'] = 'name';
 		}

 		$_SESSION['cloud_sort'] = ((isset($_REQUEST['sort']) && $_REQUEST['sort']) ? trim(notags($_REQUEST['sort'])) : $_SESSION['cloud_sort']);

-		$x = clean_query_string();
-		if($x !== \App::$query_string)
-			goaway(z_root() . '/' . $x);
-
 		$rootDirectory = new Directory('/', [], $auth);

 		// A SabreDAV server-object
@@ -116,16 +117,16 @@ class Cloud extends Controller {
 	function DAVException($err) {

 		if($err instanceof \Sabre\DAV\Exception\NotFound) {
-			\App::$page['content'] = '<h2>404 Not found</h2>';
+			App::$page['content'] = '<h2>404 Not found</h2>';
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\Forbidden) {
-			\App::$page['content'] = '<h2>403 Forbidden</h2>';
+			App::$page['content'] = '<h2>403 Forbidden</h2>';
 		}
 		elseif($err instanceof \Sabre\DAV\Exception\NotImplemented) {
-			goaway(z_root() . '/' . \App::$query_string);
+			goaway(z_root() . '/' . App::$query_string);
 		}
 		else {
-			\App::$page['content'] = '<h2>Unknown error</h2>';
+			App::$page['content'] = '<h2>Unknown error</h2>';
 		}

 		construct_page();
--- a/Zotlabs/Module/Conversation.php
+++ b/Zotlabs/Module/Conversation.php
@@ -16,7 +16,7 @@ class Conversation extends Controller {

 	public function init() {

-		if (ActivityStreams::is_as_request()) {
+		if (ActivityStreams::is_as_request() || Libzot::is_zot_request()) {
 			$item_id = argv(1);

 			if (!$item_id) {
@@ -30,14 +30,13 @@ class Conversation extends Controller {
 				dbesc(ACTIVITY_UNFOLLOW)
 			);

-			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 $item_normal_extra ";
+			$item_normal = " and item.item_hidden = 0 and item.item_type = 0 and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_blocked = 0 and item.item_uplink = 0 $item_normal_extra ";

 			$i = null;

 			// do we have the item (at all)?

-			$r = q("select parent_mid from item where mid = '%s' or uuid = '%s' $item_normal order by item_wall desc limit 1",
-				dbesc(z_root() . '/item/' . $item_id),
+			$r = q("select parent_mid from item where uuid = '%s' $item_normal order by item_wall desc limit 1",
 				dbesc($item_id)
 			);

@@ -77,16 +76,16 @@ class Conversation extends Controller {
 					}
 				}
 			}
-			elseif (Config::get('system', 'require_authenticated_fetch', false)) {
+			elseif (Config::Get('system', 'require_authenticated_fetch', false)) {
 				http_status_exit(403, 'Permission denied');
 			}

 			// if we don't have a parent id belonging to the signer see if we can obtain one as a visitor that we have permission to access
 			// with a bias towards those items owned by channels on this site (item_wall = 1)

-			$sql_extra = item_permissions_sql(0);
-
 			if (!$i) {
+				$sql_extra = item_permissions_sql(0);
+
 				$i = q("select id as item_id from item where mid = '%s' $item_normal $sql_extra order by item_wall desc limit 1",
 					dbesc($r[0]['parent_mid'])
 				);
--- a/Zotlabs/Module/Cover_photo.php
+++ b/Zotlabs/Module/Cover_photo.php
@@ -371,7 +371,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {

 			$tpl = get_markup_template('cover_photo.tpl');

-			$o .= replace_macros($tpl,array(
+			$output = replace_macros($tpl,array(
 				'$user'                => \App::$channel['channel_address'],
 				'$info'                => t('Your cover photo may be visible to anybody on the internet'),
 				'$existing'            => get_cover_photo(local_channel(),'array',PHOTO_RES_COVER_850),
@@ -397,15 +397,15 @@ class Cover_photo extends \Zotlabs\Web\Controller {

 			));

-			call_hooks('cover_photo_content_end', $o);
+			call_hooks('cover_photo_content_end', $output);

-			return $o;
+			return $output;
 		}
 		else {
 			$filename = \App::$data['imagecrop'] . '-3';
 			$resolution = 3;
 			$tpl = get_markup_template("cropcover.tpl");
-			$o .= replace_macros($tpl,array(
+			return replace_macros($tpl,array(
 				'$filename'            => $filename,
 				'$profile'             => intval($_REQUEST['profile']),
 				'$resource'            => \App::$data['imagecrop'] . '-3',
@@ -415,7 +415,6 @@ class Cover_photo extends \Zotlabs\Web\Controller {
 				'$form_security_token' => get_form_security_token("cover_photo"),
 				'$done'                => t('Done Editing')
 			));
-			return $o;
 		}
 	}

--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@@ -9,6 +9,7 @@
 namespace Zotlabs\Module;

 use Sabre\DAV as SDAV;
+use Zotlabs\Lib\Libzot;
 use Zotlabs\Storage;
 use Zotlabs\Web\HTTPSig;

--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -81,7 +81,7 @@ class Display extends Controller {
 				'default_location'    => $channel['channel_location'],
 				'nickname'            => $channel['channel_address'],
 				'lockstate'           => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-				'acl'                 => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+				'acl'                 => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions'),
 				'permissions'         => $channel_acl,
 				'bang'                => '',
 				'visitor'             => true,
@@ -212,7 +212,7 @@ class Display extends Controller {
 		$observer_hash = get_observer_hash();
 		$item_normal = item_normal();
 		$item_normal_update = item_normal_update();
-		$sql_extra = '';
+		$permission_sql = '';
 		$r = [];

 		if($noscript_content || $load) {
@@ -231,7 +231,7 @@ class Display extends Controller {
 			}

 			if(!$r) {
-				$sql_extra = item_permissions_sql(0, $observer_hash);
+				$permission_sql = item_permissions_sql(0, $observer_hash);

 				$r = q("SELECT item.id AS item_id FROM item
 					WHERE ((mid = '%s'
@@ -239,7 +239,7 @@ class Display extends Controller {
 					AND item.deny_gid  = '' AND item_private = 0 )
 					AND uid IN ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
 					OR uid = %d ))) OR
-					(mid = '%s' $sql_extra ))
+					(mid = '%s' $permission_sql ))
 					$item_normal
 					limit 1",
 					dbesc($target_item['parent_mid']),
@@ -269,7 +269,7 @@ class Display extends Controller {
 			}

 			if(!$r) {
-				$sql_extra = item_permissions_sql(0, $observer_hash);
+				$permission_sql = item_permissions_sql(0, $observer_hash);

 				$r = q("SELECT item.id as item_id from item
 					WHERE ((parent_mid = '%s'
@@ -277,7 +277,7 @@ class Display extends Controller {
 					AND item.deny_gid  = '' AND item_private = 0 )
 					and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " ))
 					OR uid = %d ))) OR
-					(parent_mid = '%s' $sql_extra ))
+					(parent_mid = '%s' $permission_sql ))
 					$item_normal
 					limit 1",
 					dbesc($target_item['parent_mid']),
@@ -288,17 +288,12 @@ class Display extends Controller {
 		}

 		if($r) {
-			$parents_str = ids_to_querystr($r,'item_id');
-			if($parents_str) {
-				$items = q("SELECT item.*, item.id AS item_id
-					FROM item
-					WHERE parent in ( %s ) $sql_extra $item_normal ",
-					dbesc($parents_str)
-				);
-				xchan_query($items);
-				$items = fetch_post_tags($items,true);
-				$items = conv_sort($items,'created');
-			}
+			$thr_parents = get_recursive_thr_parents($target_item);
+			$items = items_by_parent_ids($r, $thr_parents, $permission_sql);
+
+			xchan_query($items);
+			$items = fetch_post_tags($items,true);
+			$items = conv_sort($items,'created');
 		}
 		else {
 			$items = array();
@@ -344,7 +339,12 @@ class Display extends Controller {
 					'$profile_page'  => xmlify(z_root() . '/display/' . gen_link_id($target_item['mid'])),
 				));

-				$x = [ 'xml' => $atom, 'channel' => $channel, 'observer_hash' => $observer_hash, 'params' => $params ];
+				$x = [
+					'xml' => $atom,
+					'channel' => $channel,
+					'observer_hash' => $observer_hash,
+					'params' => [],
+				];
 				call_hooks('atom_feed_top',$x);

 				$atom = $x['xml'];
--- a/Zotlabs/Module/Dreport.php
+++ b/Zotlabs/Module/Dreport.php
@@ -19,7 +19,7 @@ class Dreport extends \Zotlabs\Web\Controller {
 			$table = 'push';

 			if($mid) {
-				$i = q("select id from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
+				$i = q("select * from item where mid = '%s' and uid = %d and ( author_xchan = '%s' or ( owner_xchan = '%s' and item_wall = 1 )) ",
 					dbesc($mid),
 					intval($channel['channel_id']),
 					dbesc($channel['channel_hash']),
@@ -27,6 +27,12 @@ class Dreport extends \Zotlabs\Web\Controller {
 				);
 				if($i) {
 					\Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $i[0]['id'] ]);
+
+					$relatedItem = find_related($i[0]);
+					if (isset($relatedItem['id'])) {
+						\Zotlabs\Daemon\Master::Summon([ 'Notifier', 'edit_post', $relatedItem['id'] ]);
+					}
+
 				}
 			}
 			sleep(3);
--- a/Zotlabs/Module/Editpost.php
+++ b/Zotlabs/Module/Editpost.php
@@ -86,6 +86,7 @@ class Editpost extends \Zotlabs\Web\Controller {
 			'bbco_autocomplete'=> 'bbcode',
 			'return_path' => 'hq',
 			'button' => t('Submit'),
+			'disable_comments' => (($itm[0]['item_thread_top']) ? false : true),
 			'hide_voting' => true,
 			'hide_future' => true,
 			'hide_location' => true,
--- a/Zotlabs/Module/Embedphotos.php
+++ b/Zotlabs/Module/Embedphotos.php
@@ -43,7 +43,7 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 			$arr = explode('/', $href);
 			$resource_id = array_pop($arr);
 			$x = self::photolink($resource_id);
-			if($x) 
+			if($x)
 				json_return_and_die(array('status' => true, 'photolink' => $x, 'resource_id' => $resource_id));
 			json_return_and_die(array('errormsg' => 'Error retrieving resource ' . $resource_id, 'status' => false));
 		}
@@ -55,7 +55,7 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 		$output = EMPTY_STR;
 		if($channel) {
 			$resolution = ((feature_enabled($channel['channel_id'],'large_photos')) ? 1 : 2);
-			$r = q("select mimetype, height, width from photo where resource_id = '%s' and $resolution = %d and uid = %d limit 1",
+			$r = q("select mimetype, filename from photo where resource_id = '%s' and $resolution = %d and uid = %d limit 1",
 				dbesc($resource),
 				intval($resolution),
 				intval($channel['channel_id'])
@@ -63,6 +63,8 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 			if(! $r)
 				return $output;

+			$filename = $r[0]['filename'];
+
 			if($r[0]['mimetype'] === 'image/jpeg')
 				$ext = '.jpg';
 			elseif($r[0]['mimetype'] === 'image/png')
@@ -75,7 +77,7 @@ class Embedphotos extends \Zotlabs\Web\Controller {
 				$ext = EMPTY_STR;

 			$output = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $resource . ']' .
-				'[zmg=' . $r[0]['width'] . 'x' . $r[0]['height'] . ']' . z_root() . '/photo/' . $resource . '-' . $resolution .  $ext . '[/zmg][/zrl]';
+				'[zmg=' . z_root() . '/photo/' . $resource . '-' . $resolution .  $ext . ']' . $filename . '[/zmg][/zrl]' . "\r\n";

 			return $output;
 		}
--- a/Zotlabs/Module/Fbrowser.php
+++ b/Zotlabs/Module/Fbrowser.php
@@ -6,6 +6,8 @@ namespace Zotlabs\Module;
 * @author		Fabio Comuni <fabrixxm@kirgroup.com>
 */

+use function Zotlabs\Render\template_escape;
+
 require_once('include/photo/photo_driver.php');

 /**
--- a/Zotlabs/Module/File_upload.php
+++ b/Zotlabs/Module/File_upload.php
@@ -11,39 +11,42 @@ require_once('include/photos.php');
 class File_upload extends \Zotlabs\Web\Controller {

 	function post() {
-		logger('file upload: ' . print_r($_REQUEST,true));
+		logger('file upload: ' . print_r($_POST,true));
 		logger('file upload: ' . print_r($_FILES,true));

-		$channel = (($_REQUEST['channick']) ? channelx_by_nick($_REQUEST['channick']) : null);
+		$channel = (($_POST['channick']) ? channelx_by_nick($_POST['channick']) : null);

-		if(! $channel) {
+		if (!$channel) {
 			logger('channel not found');
-			killme();
+			is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']);
 		}

-		$_REQUEST['source'] = 'file_upload';
+		$_POST['source'] = 'file_upload';

 		if($channel['channel_id'] != local_channel()) {
-			$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
-			$_REQUEST['group_allow']   = expand_acl($channel['channel_allow_gid']);
-			$_REQUEST['contact_deny']  = expand_acl($channel['channel_deny_cid']);
-			$_REQUEST['group_deny']    = expand_acl($channel['channel_deny_gid']);
+			$_POST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
+			$_POST['group_allow']   = expand_acl($channel['channel_allow_gid']);
+			$_POST['contact_deny']  = expand_acl($channel['channel_deny_cid']);
+			$_POST['group_deny']    = expand_acl($channel['channel_deny_gid']);
 		}

-		$_REQUEST['allow_cid'] = ((isset($_REQUEST['contact_allow'])) ? perms2str($_REQUEST['contact_allow']) : '');
-		$_REQUEST['allow_gid'] = ((isset($_REQUEST['group_allow'])) ? perms2str($_REQUEST['group_allow']) : '');
-		$_REQUEST['deny_cid']  = ((isset($_REQUEST['contact_deny'])) ? perms2str($_REQUEST['contact_deny']) : '');
-		$_REQUEST['deny_gid']  = ((isset($_REQUEST['group_deny'])) ? perms2str($_REQUEST['group_deny']) : '');
+		$_POST['allow_cid'] = ((isset($_POST['contact_allow'])) ? perms2str($_POST['contact_allow']) : '');
+		$_POST['allow_gid'] = ((isset($_POST['group_allow'])) ? perms2str($_POST['group_allow']) : '');
+		$_POST['deny_cid']  = ((isset($_POST['contact_deny'])) ? perms2str($_POST['contact_deny']) : '');
+		$_POST['deny_gid']  = ((isset($_POST['group_deny'])) ? perms2str($_POST['group_deny']) : '');

-		if(isset($_REQUEST['filename']) && strlen($_REQUEST['filename'])) {
-			$r = attach_mkdir($channel, get_observer_hash(), $_REQUEST);
-			if($r['success']) {
-				$hash = $r['data']['hash'];
-				$sync = attach_export_data($channel,$hash);
-				if($sync) {
-					Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync)));
-				}
-				goaway(z_root() . '/' . $_REQUEST['return_url']);
+		if(isset($_POST['filename']) && strlen($_POST['filename'])) {
+			$r = attach_mkdir($channel, get_observer_hash(), $_POST);
+
+			if (!$r['success']) {
+				notice($r['message'] . EOL);
+				is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']);
+			}
+
+			$hash = $r['data']['hash'];
+			$sync = attach_export_data($channel,$hash);
+			if ($sync) {
+				Libsync::build_sync_packet($channel['channel_id'], ['file' => [$sync]]);
 			}
 		}
 		else {
@@ -90,19 +93,19 @@ class File_upload extends \Zotlabs\Web\Controller {
 				}
 			}

-			$r = attach_store($channel, get_observer_hash(), '', $_REQUEST);
-			if($r['success']) {
-				$sync = attach_export_data($channel,$r['data']['hash']);
-				if($sync)
-					Libsync::build_sync_packet($channel['channel_id'],array('file' => array($sync)));
+			$r = attach_store($channel, get_observer_hash(), '', $_POST);
+			if (!$r['success']) {
+				notice($r['message'] . EOL);
+				is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']);
+			}

+			$sync = attach_export_data($channel,$r['data']['hash']);
+			if ($sync) {
+				Libsync::build_sync_packet($channel['channel_id'], ['file' => [$sync]]);
 			}
 		}

-		if(is_ajax())
-			killme();
-
-		goaway(z_root() . '/' . $_REQUEST['return_url']);
+		is_ajax() ? killme() : goaway(z_root() . '/' . $_POST['return_url']);

 	}

--- a/Zotlabs/Module/Filer.php
+++ b/Zotlabs/Module/Filer.php
@@ -1,43 +1,54 @@
 <?php
 namespace Zotlabs\Module;

-require_once('include/security.php');
-require_once('include/bbcode.php');
-require_once('include/items.php');
-
-
+use App;

 class Filer extends \Zotlabs\Web\Controller {

 	function get() {
-	
-		if(! local_channel()) {
+
+		if(!local_channel()) {
 			killme();
 		}
-	
-		$term = unxmlify(trim($_GET['term']));
-		$item_id = ((\App::$argc > 1) ? intval(\App::$argv[1]) : 0);
-	
+
+		$term = unxmlify(trim($_GET['term'] ?? ''));
+		$item_id = ((App::$argc > 1) ? intval(App::$argv[1]) : 0);
+
 		logger('filer: tag ' . $term . ' item ' . $item_id);
-	
+
 		if($item_id && strlen($term)){
+
+			$sys = get_sys_channel();
+
+			$r = q("SELECT * FROM item WHERE (uid = %d OR uid = %d) AND id = %d
+				and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0
+				and item_delayed = 0 and item_pending_remove = 0 and item_blocked = 0 LIMIT 1",
+				intval(local_channel()),
+				intval($sys['channel_id']),
+				intval($item_id)
+			);
+
+			if ($r && $r[0]['uid'] === $sys['channel_id']) {
+				$r = [copy_of_pubitem(App::get_channel(), $r[0]['mid'])];
+			}
+
+			if(!$r) {
+				killme();
+			}
+
+			$item_id = $r[0]['id'];
+
 			// file item
 			store_item_tag(local_channel(),$item_id,TERM_OBJ_POST,TERM_FILE,$term,'');
-	
+
 			// protect the entire conversation from periodic expiration
-	
-			$r = q("select parent from item where id = %d and uid = %d limit 1",
-				intval($item_id),
+
+			q("update item set item_retained = 1, changed = '%s' where id = %d and uid = %d",
+				dbesc(datetime_convert()),
+				intval($r[0]['parent']),
 				intval(local_channel())
 			);
-			if($r) {
-				$x = q("update item set item_retained = 1, changed = '%s' where id = %d and uid = %d",
-					dbesc(datetime_convert()),
-					intval($r[0]['parent']),
-					intval(local_channel())
-				);
-			}
-		} 
+		}
 		else {
 			$filetags = array();
 			$r = q("select distinct(term) from term where uid = %d and ttype = %d order by term asc",
@@ -55,10 +66,10 @@ class Filer extends \Zotlabs\Web\Controller {
 				'$title' => t('Save to Folder'),
 				'$cancel' => t('Cancel')
 			));
-			
+
 			echo $o;
 		}
 		killme();
 	}
-	
+
 }
--- a/Zotlabs/Module/Go.php
+++ b/Zotlabs/Module/Go.php
@@ -2,7 +2,7 @@

 namespace Zotlabs\Module;

-use Zorlabs\Lib\Config;
+use Zotlabs\Lib\Config;

 class Go extends \Zotlabs\Web\Controller {

@@ -19,7 +19,7 @@ class Go extends \Zotlabs\Web\Controller {

 	function get() {
 		if(! local_channel()) {
-			notify( t('This page is available only to site members') . EOL);
+			notice( t('This page is available only to site members') . EOL);
 		}

 		$channel = \App::get_channel();
--- a/Zotlabs/Module/Help.php
+++ b/Zotlabs/Module/Help.php
@@ -6,6 +6,7 @@ use Michelf\MarkdownExtra;
 /**
 * You can create local site resources in doc/Site.md and either link to doc/Home.md for the standard resources
 * or use our include mechanism to include it on your local page.
+ *
 *@code
 * #include doc/Home.md;
 *@endcode
@@ -18,14 +19,6 @@ class Help extends \Zotlabs\Web\Controller {

 	private string $heading_slug = '';

-	/**
-	 * Associative array containing the detected language.
-	 */
-	public array $lang = [
-		'language' => 'en',		//! Detected language, 2-letter ISO 639-1 code ("en")
-		'from_url' => false,	//! true if language from URL overrides browser default
-	];
-
 	/**
 	 * Pre-check before processing request.
 	 *
@@ -36,8 +29,8 @@ class Help extends \Zotlabs\Web\Controller {
 	public function init() {
 		$this->determine_help_language();

-		if (argc() === 1) {
-			goaway("/help/{$this->lang['language']}/about/about");
+		if (empty($_REQUEST['search']) && argc() === 1) {
+			goaway("/help/about");
 			killme();
 		}
 	}
@@ -69,6 +62,7 @@ class Help extends \Zotlabs\Web\Controller {
 			$o .= '</div>';
 			$o .= '<div class="section-content-wrapper">';

+			require_once('include/help.php');
 			$r = search_doc_files($_REQUEST['search']);
 			if($r) {
 				$o .= '<ul class="help-searchlist">';
@@ -91,7 +85,7 @@ class Help extends \Zotlabs\Web\Controller {
 		}


-		if(argc() > 2 && argv(argc()-2) === 'assets') {
+		if(argc() > 2 && argv(argc()-2) === 'pic') {
 			$path = '';
 			for($x = 1; $x < argc(); $x ++) {
 				if(strlen($path))
@@ -160,6 +154,10 @@ class Help extends \Zotlabs\Web\Controller {
 			array_shift($args);
 		}

+		if (empty($args)) {
+			goaway("/help/about/about");
+		}
+
 		// Keep the first remaining arg as the heading slug
 		$this->heading_slug = $args[0];

--- a/Zotlabs/Module/Home.php
+++ b/Zotlabs/Module/Home.php
@@ -24,9 +24,13 @@ class Home extends Controller {
 			$key = Config::Get('system', 'prvkey');
 			$ret = json_encode(Libzot::site_info());

-			$headers                     = ['Content-Type' => 'application/x-zot+json', 'Digest' => HTTPSig::generate_digest_header($ret)];
-			$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
-			$h                           = HTTPSig::create_sig($headers, $key, z_root());
+			$headers = [
+				'Content-Type' => 'application/x-zot+json',
+				'Digest' => HTTPSig::generate_digest_header($ret),
+				'Date' => datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T')
+			];
+
+			$h = HTTPSig::create_sig($headers, $key, z_root());
 			HTTPSig::set_headers($h);

 			echo $ret;
@@ -68,9 +72,9 @@ class Home extends Controller {

 		$o = '';

-		if (x($_SESSION, 'theme'))
+		if (isset($_SESSION['theme']))
 			unset($_SESSION['theme']);
-		if (x($_SESSION, 'mobile_theme'))
+		if (isset($_SESSION['mobile_theme']))
 			unset($_SESSION['mobile_theme']);

 		$splash = ((argc() > 1 && argv(1) === 'splash') ? true : false);
@@ -100,14 +104,25 @@ class Home extends Controller {
 			goaway($frontpage);
 		}

+		$o .= '<div class="generic-content-wrapper">';
+
 		$sitename = Config::Get('system', 'sitename');
-		if ($sitename)
-			$o .= '<h1 class="home-welcome">' . sprintf(t('Welcome to %s'), $sitename) . '</h1>';
+		if ($sitename) {
+			$o .= '<div class="section-title-wrapper">';
+			$o .= '<h2 class="">' . sprintf(t('Welcome to %s'), $sitename) . '</h2>';
+			$o .= '</div>';
+
+		}
+
+		$o .= '<div class="section-content-wrapper">';

 		$loginbox = Config::Get('system', 'login_on_homepage');
 		if (intval($loginbox) || $loginbox === false)
 			$o .= login(true);

+		$o .= '</div>';
+		$o .= '</div>';
+
 		return $o;

 	}
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -3,6 +3,7 @@ namespace Zotlabs\Module;

 use App;
 use Zotlabs\Widget\Messages;
+use Zotlabs\Lib\Config;

 class Hq extends \Zotlabs\Web\Controller {

@@ -50,14 +51,18 @@ class Hq extends \Zotlabs\Web\Controller {
 			// select the target item with a bias to our own item
 			$sql_order = ((local_channel() > $sys['channel_id']) ? 'DESC' : 'ASC');

-			$r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where uid in (%d, %d) and $identifier = '%s' order by uid $sql_order limit 2",
+			$r = q("select id, uid, mid, parent, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where uid in (%d, %d) and $identifier = '%s' order by uid $sql_order limit 2",
 				intval(local_channel()),
 				intval($sys['channel_id']),
 				dbesc($item_hash)
 			);

+
 			if($r) {
 				$target_item = $r[0];
+
+				call_hooks('item_custom_display', $target_item);
+
 				if (intval($target_item['uid']) === intval($sys['channel_id'])) {
 					$sys_item = true;
 				}
@@ -86,7 +91,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				'default_location'    => $channel['channel_location'],
 				'nickname'            => $channel['channel_address'],
 				'lockstate'           => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
-				'acl'                 => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'),
+				'acl'                 => populate_acl($channel_acl,true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'member/permissions'),
 				'permissions'         => $channel_acl,
 				'bang'                => '',
 				'visitor'             => true,
@@ -129,7 +134,7 @@ class Hq extends \Zotlabs\Web\Controller {
 				'$nouveau' => '0',
 				'$wall'    => '0',
 				'$page'    => '1',
-				'$list'    => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
+				'$list'    => ((!empty($_REQUEST['list'])) ? intval($_REQUEST['list']) : 0),
 				'$search'  => '',
 				'$xchan'   => '',
 				'$order'   => '',
@@ -145,7 +150,6 @@ class Hq extends \Zotlabs\Web\Controller {
 		}

 		if($load && $target_item) {
-
 			if (!$sys_item) {
 				$r = q("SELECT item.id AS item_id FROM item
 					WHERE uid = %d
@@ -199,11 +203,8 @@ class Hq extends \Zotlabs\Web\Controller {
 		}

 		if($r) {
-			$items = q("SELECT item.*, item.id AS item_id
-				FROM item
-				WHERE parent = '%s' $item_normal $sql_extra",
-				dbesc($r[0]['item_id'])
-			);
+			$thr_parents = get_recursive_thr_parents($target_item);
+			$items = items_by_parent_ids($r, $thr_parents);

 			xchan_query($items,true,(($sys_item) ? local_channel() : 0));
 			$items = fetch_post_tags($items,true);
@@ -230,6 +231,7 @@ class Hq extends \Zotlabs\Web\Controller {
 		$options['offset'] = $_REQUEST['offset'] ?? 0;
 		$options['type'] = $_REQUEST['type'] ?? '';
 		$options['author'] = ((isset($_REQUEST['author'])) ? urldecode($_REQUEST['author']) : '');
+		$options['file'] = ((isset($_REQUEST['file'])) ? urldecode($_REQUEST['file']) : '');

 		$ret = Messages::get_messages_page($options);

--- a/Zotlabs/Module/Id.php
+++ b/Zotlabs/Module/Id.php
@@ -6,8 +6,8 @@ namespace Zotlabs\Module;
 *
 * Controller for responding to x-zot: protocol requests
 * x-zot:_jkfRG85nJ-714zn-LW_VbTFW8jSjGAhAydOcJzHxqHkvEHWG2E0RbA_pbch-h4R63RG1YJZifaNzgccoLa3MQ/453c1678-1a79-4af7-ab65-6b012f6cab77
- *  
- */  
+ *
+ */

 use Zotlabs\Lib\Activity;
 use Zotlabs\Lib\ActivityStreams;
@@ -104,7 +104,7 @@ class Id extends Controller {
 			$headers['Content-Type'] = 'application/x-zot+json' ;
 			$ret = json_encode($x, JSON_UNESCAPED_SLASHES);
 			$headers['Digest'] = HTTPSig::generate_digest_header($ret);
-			$headers['(request-target)'] = strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI'];
+			$headers['Date'] = datetime_convert('UTC','UTC', 'now', 'D, d M Y H:i:s \\G\\M\\T');
 			$h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],channel_url($chan));
 			HTTPSig::set_headers($h);
 			echo $ret;
--- a/Show More
+++ b/Show More