oldkid/friendica
1
0
Fork 0
mirror of https://git.sekbaer.de/Friendica/friendica.git synced 2025-06-17 04:15:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/master'

Browse source 
Conflicts:
	boot.php
	database.sql
	library/fancybox/jquery.fancybox-1.3.4.css
	mod/search.php
	update.php
This commit is contained in:
Michael Vogel 2013-02-17 12:35:40 +01:00
commit 93143702ed
831 changed files with 37929 additions and 30644 deletions
Download patch file Download diff file Expand all files Collapse all files

188
mod/acl.php
View file

@ -4,193 +4,7 @@
require_once("include/acl_selectors.php");
function acl_init(&$a){
if(!local_user())
return "";
$start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
$count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
$search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
$type = (x($_REQUEST,'type')?$_REQUEST['type']:"");
// For use with jquery.autocomplete for private mail completion
if(x($_REQUEST,'query') && strlen($_REQUEST['query'])) {
if(! $type)
$type = 'm';
$search = $_REQUEST['query'];
}
if ($search!=""){
$sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
$sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')";
} else {
$sql_extra = $sql_extra2 = "";
}
// count groups and contacts
if ($type=='' || $type=='g'){
$r = q("SELECT COUNT(`id`) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
intval(local_user())
);
$group_count = (int)$r[0]['g'];
} else {
$group_count = 0;
}
if ($type=='' || $type=='c'){
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `notify` != '' $sql_extra2" ,
intval(local_user())
);
$contact_count = (int)$r[0]['c'];
}
elseif ($type == 'm') {
// autocomplete for Private Messages
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `network` IN ('%s','%s','%s') $sql_extra2" ,
intval(local_user()),
dbesc(NETWORK_DFRN),
dbesc(NETWORK_ZOT),
dbesc(NETWORK_DIASPORA)
);
$contact_count = (int)$r[0]['c'];
}
elseif ($type == 'a') {
// autocomplete for Contacts
$r = q("SELECT COUNT(`id`) AS c FROM `contact`
WHERE `uid` = %d AND `self` = 0
AND `pending` = 0 $sql_extra2" ,
intval(local_user())
);
$contact_count = (int)$r[0]['c'];
} else {
$contact_count = 0;
}
$tot = $group_count+$contact_count;
$groups = array();
$contacts = array();
if ($type=='' || $type=='g'){
$r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`contact-id` SEPARATOR ',') as uids
FROM `group`,`group_member`
WHERE `group`.`deleted` = 0 AND `group`.`uid` = %d
AND `group_member`.`gid`=`group`.`id`
$sql_extra
GROUP BY `group`.`id`
ORDER BY `group`.`name`
LIMIT %d,%d",
intval(local_user()),
intval($start),
intval($count)
);
foreach($r as $g){
// logger('acl: group: ' . $g['name'] . ' members: ' . $g['uids']);
$groups[] = array(
"type" => "g",
"photo" => "images/twopeople.png",
"name" => $g['name'],
"id" => intval($g['id']),
"uids" => array_map("intval", explode(",",$g['uids'])),
"link" => ''
);
}
}
if ($type=='' || $type=='c'){
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user())
);
}
elseif($type == 'm') {
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
AND `network` IN ('%s','%s','%s')
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user()),
dbesc(NETWORK_DFRN),
dbesc(NETWORK_ZOT),
dbesc(NETWORK_DIASPORA)
);
}
elseif($type == 'a') {
$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
WHERE `uid` = %d AND `pending` = 0
$sql_extra2
ORDER BY `name` ASC ",
intval(local_user())
);
}
else
$r = array();
if($type == 'm' || $type == 'a') {
$x = array();
$x['query'] = $search;
$x['photos'] = array();
$x['links'] = array();
$x['suggestions'] = array();
$x['data'] = array();
if(count($r)) {
foreach($r as $g) {
$x['photos'][] = $g['micro'];
$x['links'][] = $g['url'];
$x['suggestions'][] = $g['name'];
$x['data'][] = intval($g['id']);
}
}
echo json_encode($x);
killme();
}
if(count($r)) {
foreach($r as $g){
$contacts[] = array(
"type" => "c",
"photo" => $g['micro'],
"name" => $g['name'],
"id" => intval($g['id']),
"network" => $g['network'],
"link" => $g['url'],
"nick" => ($g['attag']) ? $g['attag'] : $g['nick'],
);
}
}
$items = array_merge($groups, $contacts);
$o = array(
'tot' => $tot,
'start' => $start,
'count' => $count,
'items' => $items,
);
echo json_encode($o);
killme();
acl_lookup($a);
}

8
mod/admin.php
View file

@ -980,10 +980,14 @@ function admin_page_themes(&$a){
toggle_theme($themes,$theme,$result);
$s = rebuild_theme_table($themes);
if($result)
if($result) {
install_theme($theme);
info( sprintf('Theme %s enabled.',$theme));
else
}
else {
uninstall_theme($theme);
info( sprintf('Theme %s disabled.',$theme));
}
set_config('system','allowed_themes',$s);
goaway($a->get_baseurl(true) . '/admin/themes' );

42
mod/contacts.php
View file

@ -225,6 +225,36 @@ function contacts_content(&$a) {
if($cmd === 'drop') {
// Check if we should do HTML-based delete confirmation
if($_REQUEST['confirm']) {
// <form> can't take arguments in its "action" parameter
// so add any arguments as hidden inputs
$query = explode_querystring($a->query_string);
$inputs = array();
foreach($query['args'] as $arg) {
if(strpos($arg, 'confirm=') === false) {
$arg_parts = explode('=', $arg);
$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
}
}
$a->page['aside'] = '';
return replace_macros(get_markup_template('confirm.tpl'), array(
'$method' => 'get',
'$message' => t('Do you really want to delete this contact?'),
'$extra_inputs' => $inputs,
'$confirm' => t('Yes'),
'$confirm_url' => $query['base'],
'$confirm_name' => 'confirmed',
'$cancel' => t('Cancel'),
));
}
// Now check how the user responded to the confirmation query
if($_REQUEST['canceled']) {
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
require_once('include/Contact.php');
terminate_friendship($a->user,$a->contact,$orig_record[0]);
@ -239,14 +269,18 @@ function contacts_content(&$a) {
}
}
$_SESSION['return_url'] = $a->query_string;
if((x($a->data,'contact')) && (is_array($a->data['contact']))) {
$contact_id = $a->data['contact']['id'];
$contact = $a->data['contact'];
$editselect = 'exact';
if(intval(get_pconfig(local_user(),'system','plaintext')))
$editselect = 'none';
$editselect = 'none';
if( feature_enabled(local_user(),'richtext') )
$editselect = 'exact';
$a->page['htmlhead'] .= replace_macros(get_markup_template('contact_head.tpl'), array(
'$baseurl' => $a->get_baseurl(true),
@ -405,8 +439,6 @@ function contacts_content(&$a) {
$ignored = false;
$all = false;
$_SESSION['return_url'] = $a->query_string;
if(($a->argc == 2) && ($a->argv[1] === 'all')) {
$sql_extra = '';
$all = true;

8
mod/dfrn_poll.php
View file

@ -17,6 +17,7 @@ function dfrn_poll_init(&$a) {
$sec = ((x($_GET,'sec')) ? $_GET['sec'] : '');
$dfrn_version = ((x($_GET,'dfrn_version')) ? (float) $_GET['dfrn_version'] : 2.0);
$perm = ((x($_GET,'perm')) ? $_GET['perm'] : 'r');
$quiet = ((x($_GET,'quiet')) ? true : false);
$direction = (-1);
@ -96,7 +97,8 @@ function dfrn_poll_init(&$a) {
$_SESSION['visitor_home'] = $r[0]['url'];
$_SESSION['visitor_handle'] = $r[0]['addr'];
$_SESSION['visitor_visiting'] = $r[0]['uid'];
info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
if(!$quiet)
info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
// Visitors get 1 day session.
$session_id = session_id();
$expire = time() + 86400;
@ -385,6 +387,7 @@ function dfrn_poll_content(&$a) {
$sec = ((x($_GET,'sec')) ? $_GET['sec'] : '');
$dfrn_version = ((x($_GET,'dfrn_version')) ? (float) $_GET['dfrn_version'] : 2.0);
$perm = ((x($_GET,'perm')) ? $_GET['perm'] : 'r');
$quiet = ((x($_GET,'quiet')) ? true : false);
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
@ -527,7 +530,8 @@ function dfrn_poll_content(&$a) {
$_SESSION['visitor_id'] = $r[0]['id'];
$_SESSION['visitor_home'] = $r[0]['url'];
$_SESSION['visitor_visiting'] = $r[0]['uid'];
info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
if(!$quiet)
info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
// Visitors get 1 day session.
$session_id = session_id();
$expire = time() + 86400;

8
mod/display.php
View file

@ -112,8 +112,9 @@ function display_content(&$a, $update = 0) {
'acl' => populate_acl($a->user, $celeb),
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user()
);
'profile_uid' => local_user(),
'acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
);
$o .= status_editor($a,$x,0,true);
}
@ -121,7 +122,6 @@ function display_content(&$a, $update = 0) {
if($update) {
dbg(1);
$r = q("SELECT id FROM item WHERE item.uid = %d
AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' ))
$sql_extra AND unseen = 1",
@ -129,7 +129,7 @@ dbg(1);
dbesc($item_id),
dbesc($item_id)
);
dbg(0);
if(!$r)
return '';
}

9
mod/editpost.php
View file

@ -85,16 +85,19 @@ function editpost_content(&$a) {
}
}
if($mail_enabled) {
// I don't think there's any need for the $jotnets when editing the post,
// and including them makes it difficult for the JS-free theme, so let's
// disable them
/* if($mail_enabled) {
$selected = (($pubmail_enabled) ? ' checked="checked" ' : '');
$jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> '
. t("Post to Email") . '</div>';
}
}*/
call_hooks('jot_tool', $jotplugins);
call_hooks('jot_networks', $jotnets);
//call_hooks('jot_networks', $jotnets);
//$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins));

20
mod/events.php
View file

@ -156,11 +156,21 @@ function events_content(&$a) {
}
$editselect = 'none';
if( feature_enabled(local_user(), 'richtext') )
$editselect = 'textareas';
$htpl = get_markup_template('event_head.tpl');
$a->page['htmlhead'] .= replace_macros($htpl,array('$baseurl' => $a->get_baseurl()));
$a->page['htmlhead'] .= replace_macros($htpl,array(
'$baseurl' => $a->get_baseurl(),
'$editselect' => $editselect
));
$etpl = get_markup_template('event_end.tpl');
$a->page['end'] .= replace_macros($etpl,array('$baseurl' => $a->get_baseurl()));
$a->page['end'] .= replace_macros($etpl,array(
'$baseurl' => $a->get_baseurl(),
'$editselect' => $editselect
));
$o ="";
// tabs
@ -250,13 +260,15 @@ function events_content(&$a) {
$r = q("SELECT `event`.*, `item`.`id` AS `itemid`,`item`.`plink`,
`item`.`author-name`, `item`.`author-avatar`, `item`.`author-link` FROM `event` LEFT JOIN `item` ON `item`.`event-id` = `event`.`id`
WHERE `event`.`uid` = %d and event.ignore = %d
AND (( `adjust` = 0 AND ( `finish` >= '%s' or nofinish ) AND `start` <= '%s' )
OR ( `adjust` = 1 AND ( `finish` >= '%s' or nofinish ) AND `start` <= '%s' )) ",
AND (( `adjust` = 0 AND ( `finish` >= '%s' OR ( nofinish AND start >= '%s' ) ) AND `start` <= '%s' )
OR ( `adjust` = 1 AND ( `finish` >= '%s' OR ( nofinish AND start >= '%s' ) ) AND `start` <= '%s' )) ",
intval(local_user()),
intval($ignored),
dbesc($start),
dbesc($start),
dbesc($finish),
dbesc($adjust_start),
dbesc($adjust_start),
dbesc($adjust_finish)
);
}

19
mod/invite.php
View file

@ -16,6 +16,18 @@ function invite_post(&$a) {
return;
}
check_form_security_token_redirectOnErr('/', 'send_invite');
$max_invites = intval(get_config('system','max_invites'));
if(! $max_invites)
$max_invites = 50;
$current_invites = intval(get_pconfig(local_user(),'system','sent_invites'));
if($current_invites > $max_invites) {
notice( t('Total invitation limit exceeded.') . EOL);
return;
};
$recips = ((x($_POST,'recipients')) ? explode("\n",$_POST['recipients']) : array());
$message = ((x($_POST,'message')) ? notags(trim($_POST['message'])) : '');
@ -66,6 +78,12 @@ function invite_post(&$a) {
if($res) {
$total ++;
$current_invites ++;
set_pconfig(local_user(),'system','sent_invites',$current_invites);
if($current_invites > $max_invites) {
notice( t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
return;
}
}
else {
notice( sprintf( t('%s : Message delivery failed.'), $recip) . EOL);
@ -110,6 +128,7 @@ function invite_content(&$a) {
}
$o = replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("send_invite"),
'$invite' => t('Send invitations'),
'$addr_text' => t('Enter email addresses, one per line:'),
'$msg_text' => t('Your message:'),

24
mod/item.php
View file

@ -263,6 +263,10 @@ function item_post(&$a) {
$private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
if($user['hidewall'])
$private = 2;
// If this is a comment, set the permissions from the parent.
if($parent_item) {
@ -891,8 +895,11 @@ function item_post(&$a) {
. '<br />';
$disclaimer .= sprintf( t('You may visit them online at %s'), $a->get_baseurl() . '/profile/' . $a->user['nickname']) . EOL;
$disclaimer .= t('Please contact the sender by replying to this post if you do not wish to receive these messages.') . EOL;
$subject = email_header_encode('[Friendica]' . ' ' . sprintf( t('%s posted an update.'),$a->user['username']),'UTF-8');
if (!$datarray['title']=='') {
$subject = email_header_encode($datarray['title'],'UTF-8');
} else {
$subject = email_header_encode('[Friendica]' . ' ' . sprintf( t('%s posted an update.'),$a->user['username']),'UTF-8');
}
$headers = 'From: ' . email_header_encode($a->user['username'],'UTF-8') . ' <' . $a->user['email'] . '>' . "\n";
$headers .= 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n";
@ -900,7 +907,7 @@ function item_post(&$a) {
$link = '<a href="' . $a->get_baseurl() . '/profile/' . $a->user['nickname'] . '"><img src="' . $author['thumb'] . '" alt="' . $a->user['username'] . '" /></a><br /><br />';
$html = prepare_body($datarray);
$message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';
@mail($addr, $subject, $message, $headers);
@mail($addr, $subject, $message, $headers);
}
}
}
@ -951,10 +958,17 @@ function item_content(&$a) {
require_once('include/security.php');
$o = '';
if(($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
require_once('include/items.php');
drop_item($a->argv[2]);
require_once('include/items.php');
$o = drop_item($a->argv[2], !is_ajax());
if (is_ajax()){
// ajax return: [<item id>, 0 (no perm) | <owner id>]
echo json_encode(array(intval($a->argv[2]), intval($o)));
kllme();
}
}
return $o;
}
/**

28
mod/like.php
View file

@ -105,6 +105,10 @@ function like_content(&$a) {
}
// See if we've been passed a return path to redirect to
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
$r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1",
dbesc($activity),
@ -137,7 +141,9 @@ function like_content(&$a) {
// proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here!
$like_item_id = $like_item['id'];
proc_run('php',"include/notifier.php","like","$like_item_id");
return;
like_content_return($a->get_baseurl(), $return_path);
return; // NOTREACHED
}
$uri = item_new_uri($a->get_hostname(),$owner_uid);
@ -221,11 +227,29 @@ EOT;
proc_run('php',"include/notifier.php","like","$post_id");
killme();
like_content_return($a->get_baseurl(), $return_path);
killme(); // NOTREACHED
// return; // NOTREACHED
}
// Decide how to return. If we were called with a 'return' argument,
// then redirect back to the calling page. If not, just quietly end
function like_content_return($baseurl, $return_path) {
if($return_path) {
$rand = '_=' . time();
if(strpos($return_path, '?')) $rand = "&$rand";
else $rand = "?$rand";
goaway($baseurl . "/" . $return_path . $rand);
}
killme();
}
function store_diaspora_like_retract_sig($activity, $item, $like_item, $contact) {
// Note that we can only create a signature for a user of the local server. We don't have
// a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it

35
mod/manage.php
View file

@ -1,5 +1,7 @@
<?php
require_once("include/text.php");
function manage_post(&$a) {
@ -68,6 +70,10 @@ function manage_post(&$a) {
unset($_SESSION['return_url']);
if(x($_SESSION,'submanage'))
unset($_SESSION['submanage']);
if(x($_SESSION,'sysmsg'))
unset($_SESSION['sysmsg']);
if(x($_SESSION,'sysmsg_info'))
unset($_SESSION['sysmsg_info']);
require_once('include/security.php');
authenticate_success($r[0],true,true);
@ -91,27 +97,18 @@ function manage_content(&$a) {
return;
}
$o = '<h3>' . t('Manage Identities and/or Pages') . '</h3>';
$o .= '<div id="identity-manage-desc">' . t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions') . '</div>';
$o .= '<div id="identity-manage-choose">' . t('Select an identity to manage: ') . '</div>';
$o .= '<div id="identity-selector-wrapper">' . "\r\n";
$o .= '<form action="manage" method="post" >' . "\r\n";
$o .= '<select name="identity" size="4" onchange="this.form.submit();" >' . "\r\n";
foreach($a->identities as $rr) {
$selected = (($rr['nickname'] === $a->user['nickname']) ? ' selected="selected" ' : '');
$o .= '<option ' . $selected . 'value="' . $rr['uid'] . '">' . $rr['username'] . ' (' . $rr['nickname'] . ')</option>' . "\r\n";
$identities = $a->identities;
foreach($identities as $key=>$id) {
$identities[$key]['selected'] = (($id['nickname'] === $a->user['nickname']) ? ' selected="selected" ' : '');
}
$o .= '</select>' . "\r\n";
$o .= '<div id="identity-select-break"></div>' . "\r\n";
// $o .= '<input id="identity-submit" type="submit" name="submit" value="' . t('Submit') . '" />';
$o .= '</div></form>' . "\r\n";
$o = replace_macros(get_markup_template('manage.tpl'), array(
'$title' => t('Manage Identities and/or Pages'),
'$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
'$choose' => t('Select an identity to manage: '),
'$identities' => $identities,
'$submit' => t('Submit'),
));
return $o;

41
mod/message.php
View file

@ -82,6 +82,8 @@ function message_post(&$a) {
$a->argc = 2;
$a->argv[1] = 'new';
}
else
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
@ -185,6 +187,36 @@ function message_content(&$a) {
if(($a->argc == 3) && ($a->argv[1] === 'drop' || $a->argv[1] === 'dropconv')) {
if(! intval($a->argv[2]))
return;
// Check if we should do HTML-based delete confirmation
if($_REQUEST['confirm']) {
// <form> can't take arguments in its "action" parameter
// so add any arguments as hidden inputs
$query = explode_querystring($a->query_string);
$inputs = array();
foreach($query['args'] as $arg) {
if(strpos($arg, 'confirm=') === false) {
$arg_parts = explode('=', $arg);
$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
}
}
//$a->page['aside'] = '';
return replace_macros(get_markup_template('confirm.tpl'), array(
'$method' => 'get',
'$message' => t('Do you really want to delete this message?'),
'$extra_inputs' => $inputs,
'$confirm' => t('Yes'),
'$confirm_url' => $query['base'],
'$confirm_name' => 'confirmed',
'$cancel' => t('Cancel'),
));
}
// Now check how the user responded to the confirmation query
if($_REQUEST['canceled']) {
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
$cmd = $a->argv[1];
if($cmd === 'drop') {
$r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
@ -194,7 +226,8 @@ function message_content(&$a) {
if($r) {
info( t('Message deleted.') . EOL );
}
goaway($a->get_baseurl(true) . '/message' );
//goaway($a->get_baseurl(true) . '/message' );
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
else {
$r = q("SELECT `parent-uri`,`convid` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
@ -224,7 +257,8 @@ function message_content(&$a) {
if($r)
info( t('Conversation removed.') . EOL );
}
goaway($a->get_baseurl(true) . '/message' );
//goaway($a->get_baseurl(true) . '/message' );
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
}
@ -304,6 +338,9 @@ function message_content(&$a) {
return $o;
}
$_SESSION['return_url'] = $a->query_string;
if($a->argc == 1) {
// list messages

27
mod/navigation.php Normal file
View file

@ -0,0 +1,27 @@
<?php
require_once("include/nav.php");
function navigation_content(&$a) {
$nav_info = nav_info($a);
/**
* Build the page
*/
$tpl = get_markup_template('navigation.tpl');
return replace_macros($tpl, array(
'$baseurl' => $a->get_baseurl(),
'$langselector' => lang_selector(),
'$sitelocation' => $nav_info['sitelocation'],
'$nav' => $nav_info['nav'],
'$banner' => $nav_info['banner'],
'$emptynotifications' => t('Nothing new here'),
'$userinfo' => $nav_info['userinfo'],
'$sel' => $a->nav_sel,
'$apps' => $a->apps,
'$clear_notifs' => t('Clear notifications')
));
}

4
mod/network.php
View file

@ -560,10 +560,12 @@ function network_content(&$a, $update = 0) {
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
'lockstate' => ((($group) || ($cid) || ($nets) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
'default_perms' => get_acl_permissions($a->user),
'acl' => populate_acl((($group || $cid || $nets) ? $def_acl : $a->user), $celeb),
'bang' => (($group || $cid || $nets) ? '!' : ''),
'visitor' => 'block',
'profile_uid' => local_user()
'profile_uid' => local_user(),
'acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
);
$o .= status_editor($a,$x);

4
mod/notes.php
View file

@ -60,8 +60,8 @@ function notes_content(&$a,$update = false) {
'bang' => '',
'visitor' => 'block',
'profile_uid' => local_user(),
'button' => t('Save')
'button' => t('Save'),
'acl_data' => '',
);
$o .= status_editor($a,$x,$a->contact['id']);

15
mod/photo.php
View file

@ -169,13 +169,16 @@ function photo_init(&$a) {
}
}
$ph = new Photo($data, $mimetype);
if($ph->is_valid()) {
if(isset($customres) && $customres > 0 && $customres < 500) {
$ph->scaleImageSquare($customres);
// Resize only if its not a GIF
if ($mime != "image/gif") {
$ph = new Photo($data, $mimetype);
if($ph->is_valid()) {
if(isset($customres) && $customres > 0 && $customres < 500) {
$ph->scaleImageSquare($customres);
}
$data = $ph->imageString();
$mimetype = $ph->getType();
}
$data = $ph->imageString();
$mimetype = $ph->getType();
}
if(function_exists('header_remove')) {

125
mod/photos.php
View file

@ -166,6 +166,11 @@ function photos_post(&$a) {
return; // NOTREACHED
}
// Check if the user has responded to a delete confirmation query
if($_REQUEST['canceled']) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$newalbum = notags(trim($_POST['albumname']));
if($newalbum != $album) {
q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
@ -181,6 +186,25 @@ function photos_post(&$a) {
if($_POST['dropalbum'] == t('Delete Album')) {
// Check if we should do HTML-based delete confirmation
if($_REQUEST['confirm']) {
$drop_url = $a->query_string;
$extra_inputs = array(
array('name' => 'albumname', 'value' => $_POST['albumname']),
);
$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array(
'$method' => 'post',
'$message' => t('Do you really want to delete this photo album and all its photos?'),
'$extra_inputs' => $extra_inputs,
'$confirm' => t('Delete Album'),
'$confirm_url' => $drop_url,
'$confirm_name' => 'dropalbum', // Needed so that confirmation will bring us back into this if statement
'$cancel' => t('Cancel'),
));
$a->error = 1; // Set $a->error so the other module functions don't execute
return;
}
$res = array();
// get the list of photos we are about to delete
@ -243,10 +267,32 @@ function photos_post(&$a) {
return; // NOTREACHED
}
// Check if the user has responded to a delete confirmation query for a single photo
if(($a->argc > 2) && $_REQUEST['canceled']) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
if(($a->argc > 2) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) {
// same as above but remove single photo
// Check if we should do HTML-based delete confirmation
if($_REQUEST['confirm']) {
$drop_url = $a->query_string;
$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array(
'$method' => 'post',
'$message' => t('Do you really want to delete this photo?'),
'$extra_inputs' => array(),
'$confirm' => t('Delete Photo'),
'$confirm_url' => $drop_url,
'$confirm_name' => 'delete', // Needed so that confirmation will bring us back into this if statement
'$cancel' => t('Cancel'),
));
$a->error = 1; // Set $a->error so the other module functions don't execute
return;
}
if($visitor) {
$r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1",
intval($visitor),
@ -286,7 +332,7 @@ function photos_post(&$a) {
}
}
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
return; // NOTREACHED
}
@ -1027,8 +1073,10 @@ function photos_content(&$a) {
call_hooks('photo_upload_form',$ret);
$default_upload = '<input id="photos-upload-choose" type="file" name="userfile" /> <div class="photos-upload-submit-wrapper" >
<input type="submit" name="submit" value="' . t('Submit') . '" id="photos-upload-submit" /> </div>';
$default_upload_box = replace_macros(get_markup_template('photos_default_uploader_box.tpl'), array());
$default_upload_submit = replace_macros(get_markup_template('photos_default_uploader_submit.tpl'), array(
'$submit' => t('Submit'),
));
$usage_message = '';
$limit = service_class_fetch($a->data['user']['uid'],'photo_upload_limit');
@ -1041,6 +1089,25 @@ function photos_content(&$a) {
}
// Private/public post links for the non-JS ACL form
$private_post = 1;
if($_REQUEST['public'])
$private_post = 0;
$query_str = $a->query_string;
if(strpos($query_str, 'public=1') !== false)
$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
// I think $a->query_string may never have ? in it, but I could be wrong
// It looks like it's from the index.php?q=[etc] rewrite that the web
// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
if(strpos($query_str, '?') === false)
$public_post_link = '?public=1';
else
$public_post_link = '&public=1';
$tpl = get_markup_template('photos_upload.tpl');
if($a->theme['template_engine'] === 'internal') {
@ -1063,9 +1130,20 @@ function photos_content(&$a) {
'$albumselect' => $albumselect_e,
'$permissions' => t('Permissions'),
'$aclselect' => $aclselect_e,
'$uploader' => $ret['addon_text'],
'$default' => (($ret['default_upload']) ? $default_upload : ''),
'$uploadurl' => $ret['post_url']
'$alt_uploader' => $ret['addon_text'],
'$default_upload_box' => (($ret['default_upload']) ? $default_upload_box : ''),
'$default_upload_submit' => (($ret['default_upload']) ? $default_upload_submit : ''),
'$uploadurl' => $ret['post_url'],
// ACL permissions box
'$acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
'$group_perms' => t('Show to Groups'),
'$contact_perms' => t('Show to Contacts'),
'$private' => t('Private Photo'),
'$public' => t('Public Photo'),
'$is_private' => $private_post,
'$return_path' => $query_str,
'$public_link' => $public_post_link,
));
@ -1375,6 +1453,24 @@ function photos_content(&$a) {
if(($cmd === 'edit') && ($can_post)) {
$edit_tpl = get_markup_template('photo_edit.tpl');
// Private/public post links for the non-JS ACL form
$private_post = 1;
if($_REQUEST['public'])
$private_post = 0;
$query_str = $a->query_string;
if(strpos($query_str, 'public=1') !== false)
$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
// I think $a->query_string may never have ? in it, but I could be wrong
// It looks like it's from the index.php?q=[etc] rewrite that the web
// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
if(strpos($query_str, '?') === false)
$public_post_link = '?public=1';
else
$public_post_link = '&public=1';
if($a->theme['template_engine'] === 'internal') {
$album_e = template_escape($ph[0]['album']);
$caption_e = template_escape($ph[0]['desc']);
@ -1403,7 +1499,17 @@ function photos_content(&$a) {
'$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'),
'$item_id' => ((count($linked_items)) ? $link_item['id'] : 0),
'$submit' => t('Submit'),
'$delete' => t('Delete Photo')
'$delete' => t('Delete Photo'),
// ACL permissions box
'$acl_data' => construct_acl_data($a, $ph[0]), // For non-Javascript ACL selector
'$group_perms' => t('Show to Groups'),
'$contact_perms' => t('Show to Contacts'),
'$private' => t('Private photo'),
'$public' => t('Public photo'),
'$is_private' => $private_post,
'$return_path' => $query_str,
'$public_link' => $public_post_link,
));
}
@ -1421,9 +1527,10 @@ function photos_content(&$a) {
$likebuttons = replace_macros($like_tpl,array(
'$id' => $link_item['id'],
'$likethis' => t("I like this \x28toggle\x29"),
'$nolike' => t("I don't like this \x28toggle\x29"),
'$nolike' => (feature_enabled(local_user(), 'dislike') ? t("I don't like this \x28toggle\x29") : ''),
'$share' => t('Share'),
'$wait' => t('Please wait')
'$wait' => t('Please wait'),
'$return_path' => $a->query_string,
));
}

2
mod/poco.php
View file

@ -148,7 +148,7 @@ function poco_init(&$a) {
if($format === 'xml') {
header('Content-type: text/xml');
echo replace_macros(get_markup_template('poco_xml.tpl'),array_xmlify(array('$response' => $ret)));
http_status_exit(500);
killme();
}
if($format === 'json') {
header('Content-type: application/json');

3
mod/profile.php
View file

@ -198,7 +198,8 @@ function profile_content(&$a, $update = 0) {
'acl' => (($is_owner) ? populate_acl($a->user, $celeb) : ''),
'bang' => '',
'visitor' => (($is_owner || $commvisitor) ? 'block' : 'none'),
'profile_uid' => $a->profile['profile_uid']
'profile_uid' => $a->profile['profile_uid'],
'acl_data' => ( $is_owner ? construct_acl_data($a, $a->user) : '' ), // For non-Javascript ACL selector
);
$o .= status_editor($a,$x);

35
mod/redir.php
View file

@ -3,20 +3,37 @@
function redir_init(&$a) {
$url = ((x($_GET,'url')) ? $_GET['url'] : '');
$quiet = ((x($_GET,'quiet')) ? '&quiet=1' : '');
$con_url = ((x($_GET,'conurl')) ? $_GET['conurl'] : '');
// traditional DFRN
if(local_user() && $a->argc > 1 && intval($a->argv[1])) {
if( $con_url || (local_user() && $a->argc > 1 && intval($a->argv[1])) ) {
$cid = $a->argv[1];
if($con_url) {
$con_url = str_replace('https', 'http', $con_url);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($cid),
intval(local_user())
);
$r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d LIMIT 1",
dbesc($con_url),
intval(local_user())
);
if((! count($r)) || ($r[0]['network'] !== NETWORK_DFRN))
goaway(z_root());
if((! count($r)) || ($r[0]['network'] !== NETWORK_DFRN))
goaway(z_root());
$cid = $r[0]['id'];
}
else {
$cid = $a->argv[1];
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($cid),
intval(local_user())
);
if((! count($r)) || ($r[0]['network'] !== NETWORK_DFRN))
goaway(z_root());
}
$dfrn_id = $orig_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']);
@ -43,7 +60,7 @@ function redir_init(&$a) {
logger('mod_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG);
$dest = (($url) ? '&destination_url=' . $url : '');
goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest );
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest . $quiet );
}
if(local_user())

6
mod/search.php
View file

@ -162,7 +162,7 @@ function search_content(&$a) {
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0)
OR `item`.`uid` = %d )
OR ( `item`.`uid` = %d ))
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra ",
intval(local_user())
@ -182,12 +182,12 @@ function search_content(&$a) {
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
`user`.`nickname`
`user`.`nickname`, `user`.`uid`, `user`.`hidewall`
FROM $sql_table LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND (( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 )
OR `item`.`uid` = %d )
OR ( `item`.`uid` = %d ))
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
ORDER BY `received` DESC LIMIT %d , %d ",

30
mod/settings.php
View file

@ -1012,6 +1012,25 @@ function settings_content(&$a) {
require_once('include/group.php');
$group_select = mini_group_select(local_user(),$a->user['def_gid']);
// Private/public post links for the non-JS ACL form
$private_post = 1;
if($_REQUEST['public'])
$private_post = 0;
$query_str = $a->query_string;
if(strpos($query_str, 'public=1') !== false)
$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
// I think $a->query_string may never have ? in it, but I could be wrong
// It looks like it's from the index.php?q=[etc] rewrite that the web
// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
if(strpos($query_str, '?') === false)
$public_post_link = '?public=1';
else
$public_post_link = '&public=1';
$o .= replace_macros($stpl, array(
'$ptitle' => t('Account Settings'),
@ -1046,6 +1065,17 @@ function settings_content(&$a) {
'$blockwall'=> $blockwall, // array('blockwall', t('Allow friends to post to your profile page:'), !$blockwall, ''),
'$blocktags'=> $blocktags, // array('blocktags', t('Allow friends to tag your posts:'), !$blocktags, ''),
// ACL permissions box
'$acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
'$group_perms' => t('Show to Groups'),
'$contact_perms' => t('Show to Contacts'),
'$private' => t('Default Private Post'),
'$public' => t('Default Public Post'),
'$is_private' => $private_post,
'$return_path' => $query_str,
'$public_link' => $public_post_link,
'$settings_perms' => t('Default Permissions for New Posts'),
'$group_select' => $group_select,

10
mod/starred.php
View file

@ -28,6 +28,16 @@ function starred_init(&$a) {
intval($message_id)
);
// See if we've been passed a return path to redirect to
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
if($return_path) {
$rand = '_=' . time();
if(strpos($return_path, '?')) $rand = "&$rand";
else $rand = "?$rand";
goaway($a->get_baseurl() . "/" . $return_path . $rand);
}
// the json doesn't really matter, it will either be 0 or 1
echo json_encode($starred);

37
mod/suggest.php
View file

@ -9,10 +9,38 @@ function suggest_init(&$a) {
return;
if(x($_GET,'ignore') && intval($_GET['ignore'])) {
q("insert into gcign ( uid, gcid ) values ( %d, %d ) ",
intval(local_user()),
intval($_GET['ignore'])
);
// Check if we should do HTML-based delete confirmation
if($_REQUEST['confirm']) {
// <form> can't take arguments in its "action" parameter
// so add any arguments as hidden inputs
$query = explode_querystring($a->query_string);
$inputs = array();
foreach($query['args'] as $arg) {
if(strpos($arg, 'confirm=') === false) {
$arg_parts = explode('=', $arg);
$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
}
}
$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array(
'$method' => 'get',
'$message' => t('Do you really want to delete this suggestion?'),
'$extra_inputs' => $inputs,
'$confirm' => t('Yes'),
'$confirm_url' => $query['base'],
'$confirm_name' => 'confirmed',
'$cancel' => t('Cancel'),
));
$a->error = 1; // Set $a->error so the other module functions don't execute
return;
}
// Now check how the user responded to the confirmation query
if(!$_REQUEST['canceled']) {
q("insert into gcign ( uid, gcid ) values ( %d, %d ) ",
intval(local_user()),
intval($_GET['ignore'])
);
}
}
}
@ -56,6 +84,7 @@ function suggest_content(&$a) {
'$name' => $rr['name'],
'$photo' => $rr['photo'],
'$ignlnk' => $a->get_baseurl() . '/suggest?ignore=' . $rr['id'],
'$ignid' => $rr['id'],
'$conntxt' => t('Connect'),
'$connlnk' => $connlnk,
'$ignore' => t('Ignore/Hide')

8
mod/wallmessage.php
View file

@ -115,10 +115,14 @@ function wallmessage_content(&$a) {
$editselect = 'none';
if( feature_enabled(local_user(), 'richtext') )
$editselect = '/(profile-jot-text|prvmail-text)/';
$tpl = get_markup_template('wallmsg-header.tpl');
$a->page['htmlhead'] .= replace_macros($tpl, array(
'$baseurl' => $a->get_baseurl(true),
'$editselect' => '/(profile-jot-text|prvmail-text)/',
'$editselect' => $editselect,
'$nickname' => $user['nickname'],
'$linkurl' => t('Please enter a link URL:')
));
@ -126,7 +130,7 @@ function wallmessage_content(&$a) {
$tpl = get_markup_template('wallmsg-end.tpl');
$a->page['end'] .= replace_macros($tpl, array(
'$baseurl' => $a->get_baseurl(true),
'$editselect' => '/(profile-jot-text|prvmail-text)/',
'$editselect' => $editselect,
'$nickname' => $user['nickname'],
'$linkurl' => t('Please enter a link URL:')
));