function search_ac_init(&$a)
{
if (!local_channel()) {
killme();
}
$start = x($_REQUEST, 'start') ? $_REQUEST['start'] : 0;
$count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 100;
$search = x($_REQUEST, 'search') ? $_REQUEST['search'] : "";
if (x($_REQUEST, 'query') && strlen($_REQUEST['query'])) {
$search = $_REQUEST['query'];
}
// Priority to people searches
if ($search) {
$people_sql_extra = protect_sprintf(" AND `xchan_name` LIKE '%" . dbesc($search) . "%' ");
$tag_sql_extra = protect_sprintf(" AND term LIKE '%" . dbesc($search) . "%' ");
}
$r = q("SELECT `abook_id`, `xchan_name`, `xchan_photo_s`, `xchan_url`, `xchan_addr` FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d \n\t\t{$people_sql_extra}\n\t\tORDER BY `xchan_name` ASC ", intval(local_channel()));
$results = array();
if ($r) {
foreach ($r as $g) {
$results[] = array("photo" => $g['xchan_photo_s'], "name" => '@' . $g['xchan_name'], "id" => $g['abook_id'], "link" => $g['xchan_url'], "label" => '', "nick" => '');
}
}
$r = q("select distinct term, tid, url from term where type in ( %d, %d ) {$tag_sql_extra} group by term order by term asc", intval(TERM_HASHTAG), intval(TERM_COMMUNITYTAG));
if (count($r)) {
foreach ($r as $g) {
$results[] = array("photo" => $a->get_baseurl() . '/images/hashtag.png', "name" => '#' . $g['term'], "id" => $g['tid'], "link" => $g['url'], "label" => '', "nick" => '');
}
}
header("content-type: application/json");
$o = array('start' => $start, 'count' => $count, 'items' => $results);
echo json_encode($o);
logger('search_ac: ' . print_r($x, true));
killme();
}
public function doWebContent()
{
$aid = q('get.aid', 0, 'intval');
//文章
$article = Db::table('web_article')->where('siteid', SITEID)->where('aid', $aid)->first();
if (empty($article)) {
message('文章不存在', 'back', 'error');
}
$article['url'] = web_url('entry/content', ['aid' => $article['aid'], 'cid' => $article['category_cid']], 'article');
//栏目
$category = Db::table('web_category')->where('cid', $article['category_cid'])->first();
$category['url'] = empty($category['cat_linkurl']) ? web_url('entry/category', ['cid' => $category['cid']], 'article') : $category['cat_linkurl'];
//模板风格
$template_name = $article['template_name'] ?: $category['template_name'];
if (empty($template_name)) {
$template_name = Db::table('web')->where('id', $this->webid)->pluck('template_name');
if (empty($template_name)) {
$template_name = Db::table('template')->where('is_default', 1)->pluck('name');
}
}
$path = "theme/{$template_name}/{$this->dir}";
if (is_file($path . '/article.html')) {
$tpl = $path . '/article.html';
define('__TEMPLATE__', $path);
} else {
//模板不存在时使用默认模板
$tpl = 'theme/default/' . $this->dir . '/article.html';
define('__TEMPLATE__', "theme/default/{$this->dir}");
}
View::with('hdcms', $article);
View::with('category', $category);
return View::make($tpl);
}
function get()
{
require_once 'include/acl_selectors.php';
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
if (\App::$argc != 2) {
return;
}
$contact_id = intval(\App::$argv[1]);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval(local_channel()));
if (!count($r)) {
notice(t('Contact not found.') . EOL);
return;
}
$contact = $r[0];
$o = '<h3>' . t('Suggest Friends') . '</h3>';
$o .= '<div id="fsuggest-desc" >' . sprintf(t('Suggest a friend for %s'), $contact['name']) . '</div>';
$o .= '<form id="fsuggest-form" action="fsuggest/' . $contact_id . '" method="post" >';
// FIXME contact_selector deprecated, removed
// $o .= contact_selector('suggest','suggest-select', false,
// array('size' => 4, 'exclude' => $contact_id, 'networks' => 'DFRN_ONLY', 'single' => true));
$o .= '<div id="fsuggest-submit-wrapper"><input id="fsuggest-submit" type="submit" name="submit" value="' . t('Submit') . '" /></div>';
$o .= '</form>';
return $o;
}
function get()
{
if (argc() > 2 && argv(2) === 'add') {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional'))));
return $o;
}
if (argc() > 3 && argv(2) === 'edit') {
$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
if (!count($r)) {
notice(t('Application not found.'));
return;
}
$app = $r[0];
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['clname'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
return $o;
}
if (argc() > 3 && argv(2) === 'delete') {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
goaway(z_root() . "/settings/oauth/");
return;
}
$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel());
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => z_root(), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
return $o;
}
function repair_ostatus_content(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
$o = "<h2>" . t("Resubsribing to OStatus contacts") . "</h2>";
$uid = local_user();
$a = get_app();
$counter = intval($_REQUEST['counter']);
$r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE\n `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING));
if (!$r) {
return $o . t("Error");
}
$total = $r[0]["total"];
$r = q("SELECT `url` FROM `contact` WHERE\n `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)\n\t\tORDER BY `url`\n\t\tLIMIT %d, 1", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING), $counter++);
if (!$r) {
$o .= t("Done");
return $o;
}
$o .= "<p>" . $counter . "/" . $total . ": " . $r[0]["url"] . "</p>";
$o .= "<p>" . t("Keep this window open until done.") . "</p>";
$result = new_contact($uid, $r[0]["url"], true);
$a->page['htmlhead'] = '<meta http-equiv="refresh" content="1; URL=' . $a->get_baseurl() . '/repair_ostatus?counter=' . $counter . '">';
return $o;
}
function filer_content(&$a)
{
if (!local_channel()) {
killme();
}
$term = unxmlify(trim($_GET['term']));
$item_id = $a->argc > 1 ? intval($a->argv[1]) : 0;
logger('filer: tag ' . $term . ' item ' . $item_id);
if ($item_id && strlen($term)) {
// file item
store_item_tag(local_channel(), $item_id, TERM_OBJ_POST, TERM_FILE, $term, '');
// protect the entire conversation from periodic expiration
$r = q("select parent from item where id = %d and uid = %d limit 1", intval($item_id), intval(local_channel()));
if ($r) {
$x = q("update item set item_retained = 1 where id = %d and uid = %d", intval($r[0]['parent']), intval(local_channel()));
}
} else {
$filetags = array();
$r = q("select distinct(term) from term where uid = %d and type = %d order by term asc", intval(local_channel()), intval(TERM_FILE));
if (count($r)) {
foreach ($r as $rr) {
$filetags[] = $rr['term'];
}
}
$tpl = get_markup_template("filer_dialog.tpl");
$o = replace_macros($tpl, array('$field' => array('term', t("Save to Folder:"), '', '', $filetags, t('- select -')), '$submit' => t('Save')));
echo $o;
}
killme();
}
function init()
{
if (argc() > 1) {
$which = argv(1);
} else {
notice(t('Requested profile is not available.') . EOL);
\App::$error = 404;
return;
}
$profile = '';
$channel = \App::get_channel();
if (local_channel() && argc() > 2 && argv(2) === 'view') {
$which = $channel['channel_address'];
$profile = argv(1);
$r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel()));
if (!$r) {
$profile = '';
}
$profile = $r[0]['profile_guid'];
}
\App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
if (!$profile) {
$x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", dbesc(argv(1)));
if ($x) {
\App::$profile = $x[0];
}
}
profile_load($a, $which, $profile);
}
function hubwall_post(&$a)
{
if (!is_site_admin()) {
return;
}
$text = trim($_REQUEST['text']);
if (!$text) {
return;
}
$sender_name = sprintf(t('$1%s Administrator'), \Zotlabs\Lib\System::get_site_name());
$sender_email = $_REQUEST['sender'];
$subject = $_REQUEST['subject'];
$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "\n"), $text))), ENT_QUOTES, 'UTF-8'));
$htmlversion = bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "<br />\n"), $text)));
$sql_extra = intval($_REQUEST['test']) ? sprintf(" and account_email = '%s' ", get_config('system', 'admin_email')) : '';
$recips = q("select account_email from account where account_flags = %d {$sql_extra}", intval(ACCOUNT_OK));
if (!$recips) {
notice(t('No recipients found.') . EOL);
return;
}
$total_recips = count($recips);
$total_delivered = 0;
foreach ($recips as $recip) {
$x = \Zotlabs\Lib\Enotify::send(array('fromName' => $sender_name, 'fromEmail' => $sender_email, 'replyTo' => $sender_email, 'toEmail' => $recip['account_email'], 'messageSubject' => $subject, 'htmlVersion' => $htmlversion, 'textVersion' => $textversion));
if ($x) {
$total_delivered++;
}
}
info(sprintf(t('%1$d of %2$d messages sent.'), $total_delivered, $total_recips) . EOL);
}
function init()
{
$result = array('success' => false);
$mindate = $_REQUEST['mindate'] ? datetime_convert('UTC', 'UTC', $_REQUEST['mindate']) : '';
if (!$mindate) {
$mindate = datetime_convert('UTC', 'UTC', 'now - 14 days');
}
if (observer_prohibited()) {
$result['message'] = 'Public access denied';
json_return_and_die($result);
}
$observer = \App::get_observer();
$channel_address = argc() > 1 ? argv(1) : '';
if ($channel_address) {
$r = q("select channel_id, channel_name from channel where channel_address = '%s' and channel_removed = 0 limit 1", dbesc(argv(1)));
} else {
$x = get_sys_channel();
if ($x) {
$r = array($x);
}
$mindate = datetime_convert('UTC', 'UTC', 'now - 14 days');
}
if (!$r) {
$result['message'] = 'Channel not found.';
json_return_and_die($result);
}
logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG);
$result['messages'] = zot_feed($r[0]['channel_id'], $observer['xchan_hash'], array('mindate' => $mindate));
$result['success'] = true;
json_return_and_die($result);
}
function tagrm_content(&$a)
{
$o = '';
if (!local_user()) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
// NOTREACHED
}
$item = $a->argc > 1 ? intval($a->argv[1]) : 0;
if (!$item) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
// NOTREACHED
}
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item), intval(local_user()));
if (!count($r)) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$arr = explode(',', $r[0]['tag']);
if (!count($arr)) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$o .= '<h3>' . t('Remove Item Tag') . '</h3>';
$o .= '<p id="tag-remove-desc">' . t('Select a tag to remove: ') . '</p>';
$o .= '<form id="tagrm" action="tagrm" method="post" >';
$o .= '<input type="hidden" name="item" value="' . $item . '" />';
$o .= '<ul>';
foreach ($arr as $x) {
$o .= '<li><input type="checkbox" name="tag" value="' . bin2hex($x) . '" >' . bbcode($x) . '</input></li>';
}
$o .= '</ul>';
$o .= '<input id="tagrm-submit" type="submit" name="submit" value="' . t('Remove') . '" />';
$o .= '<input id="tagrm-cancel" type="submit" name="submit" value="' . t('Cancel') . '" />';
$o .= '</form>';
return $o;
}
function get()
{
$acc = \App::get_account();
if (!$acc || $acc['account_id'] != get_account_id()) {
notice(t('Permission denied.') . EOL);
return;
}
$default_role = '';
$aid = get_account_id();
if ($aid) {
$r = q("select count(channel_id) as total from channel where channel_account_id = %d", intval($aid));
if ($r && !intval($r[0]['total'])) {
$default_role = get_config('system', 'default_permissions_role');
}
$limit = account_service_class_fetch(get_account_id(), 'total_identities');
if ($r && $limit !== false) {
$channel_usage_message = sprintf(t("You have created %1\$.0f of %2\$.0f allowed channels."), $r[0]['total'], $limit);
} else {
$channel_usage_message = '';
}
}
$privacy_role = x($_REQUEST, 'permissions_role') ? $_REQUEST['permissions_role'] : "";
$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
if (get_account_techlevel() < 4 && $privacy_role !== 'custom') {
unset($perm_roles[t('Other')]);
}
$name = array('name', t('Name or caption'), x($_REQUEST, 'name') ? $_REQUEST['name'] : '', t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*");
$nickhub = '@' . \App::get_hostname();
$nickname = array('nickname', t('Choose a short nickname'), x($_REQUEST, 'nickname') ? $_REQUEST['nickname'] : '', sprintf(t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*");
$role = array('permissions_role', t('Channel role and privacy'), $privacy_role ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>', $perm_roles);
$o = replace_macros(get_markup_template('new_channel.tpl'), array('$title' => t('Create Channel'), '$desc' => t('A channel is your identity on this network. It can represent a person, a blog, or a forum to name a few. Channels can make connections with other channels to share information with highly detailed permissions.'), '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, '$default_role' => $default_role, '$nickname' => $nickname, '$submit' => t('Create'), '$channel_usage_message' => $channel_usage_message));
return $o;
}
function get()
{
if (!local_channel()) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
// NOTREACHED
}
// remove tag on the fly if item and tag are provided
if (argc() == 4 && argv(1) === 'drop' && intval(argv(2))) {
$item = intval(argv(2));
$tag = argv(3);
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item), intval(local_channel()));
if (!$r) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
$r = fetch_post_tags($r, true);
$item = $r[0];
$new_tags = array();
if ($item['term']) {
for ($x = 0; $x < count($item['term']); $x++) {
if ($item['term'][$x]['term'] !== hex2bin($tag)) {
$new_tags[] = $item['term'][$x];
}
}
}
if ($new_tags) {
$item['term'] = $new_tags;
} else {
unset($item['term']);
}
item_store_update($item);
info(t('Tag removed') . EOL);
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
//if we got only the item print a list of tags to select
if (argc() == 3 && argv(1) === 'drop' && intval(argv(2))) {
$o = '';
$item = intval(argv(2));
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item), intval(local_channel()));
if (!$r) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
$r = fetch_post_tags($r, true);
if (!count($r[0]['term'])) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
$o .= '<h3>' . t('Remove Item Tag') . '</h3>';
$o .= '<p id="tag-remove-desc">' . t('Select a tag to remove: ') . '</p>';
$o .= '<form id="tagrm" action="tagrm" method="post" >';
$o .= '<input type="hidden" name="item" value="' . $item . '" />';
$o .= '<ul>';
foreach ($r[0]['term'] as $x) {
$o .= '<li><input type="checkbox" name="tag" value="' . bin2hex($x['term']) . '" >' . bbcode($x['term']) . '</input></li>';
}
$o .= '</ul>';
$o .= '<input id="tagrm-submit" type="submit" name="submit" value="' . t('Remove') . '" />';
$o .= '<input id="tagrm-cancel" type="submit" name="submit" value="' . t('Cancel') . '" />';
$o .= '</form>';
return $o;
}
}
function likebanner_content(&$a)
{
if (local_channel()) {
$channel = $a->get_channel();
} else {
$channel = null;
}
$o = '<h1>Like Banner</h1>';
$def = $_REQUEST['addr'];
if ($channel && !$def) {
$def = $channel['xchan_addr'];
}
$o .= '<form action="likebanner" method="get" >';
$o .= t('Your Webbie:');
$o .= '<br /><br />';
$o .= '<input type="text" name="addr" size="32" value="' . $def . '" />';
$o .= '<br /><br />' . t('Fontsize (px):');
$o .= '<br /><br />';
$o .= '<input type="text" name="size" size="32" value="' . ($_REQUEST['size'] ? $_REQUEST['size'] : 28) . '" /><br /><br />';
$o .= '<input type="submit" name="submit" value="' . t('Submit') . '" /></form><br /><br/>';
if ($_REQUEST['addr']) {
$o .= '<img style="border: 1px solid #000;" src="likebanner/show/?f=&addr=' . urlencode($_REQUEST['addr']) . '&size=' . $_REQUEST['size'] . '" alt="banner" />';
if ($channel) {
$p = q("select profile_guid from profile where uid = %d and is_default = 1 limit 1", intval($channel['channel_id']));
if ($p) {
$link = z_root() . '/like/profile/' . $p[0]['profile_guid'] . '?f=&verb=like&interactive=1';
$o .= EOL . EOL . t('Link:') . EOL . '<input type="text" size="64" onclick="this.select();" value="' . $link . '" />';
$html = '<a href="' . $link . '" ><img src="' . z_root() . '/likebanner?f=&addr=' . $def . '&size=' . $_REQUEST['size'] . '" alt="' . t('Like us on RedMatrix') . '" /></a>';
$o .= EOL . EOL . t('Embed:') . EOL . '<input type="text" size="64" onclick="this.select();" value="' . htmlspecialchars($html, ENT_QUOTES, 'UTF-8') . '" />';
}
}
}
return $o;
}
function init()
{
$uri = urldecode(notags(trim($_GET['uri'])));
logger('xrd: ' . $uri, LOGGER_DEBUG);
$resource = $uri;
if (substr($uri, 0, 4) === 'http') {
$uri = str_replace('~', '', $uri);
$name = basename($uri);
} else {
$local = str_replace('acct:', '', $uri);
if (substr($local, 0, 2) == '//') {
$local = substr($local, 2);
}
$name = substr($local, 0, strpos($local, '@'));
}
$r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", dbesc($name));
if (!$r) {
killme();
}
$dspr = replace_macros(get_markup_template('xrd_diaspora.tpl'), array('$baseurl' => z_root(), '$dspr_guid' => $r[0]['channel_guid'] . str_replace('.', '', \App::get_hostname()), '$dspr_key' => base64_encode(pemtorsa($r[0]['channel_pubkey']))));
$salmon_key = salmon_key($r[0]['channel_pubkey']);
header('Access-Control-Allow-Origin: *');
header("Content-type: application/xrd+xml");
$aliases = array('acct:' . channel_reddress($r[0]), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']);
for ($x = 0; $x < count($aliases); $x++) {
if ($aliases[$x] === $resource) {
unset($aliases[$x]);
}
}
$o = replace_macros(get_markup_template('xrd_person.tpl'), array('$nick' => $r[0]['channel_address'], '$accturi' => $resource, '$aliases' => $aliases, '$profile_url' => z_root() . '/channel/' . $r[0]['channel_address'], '$hcard_url' => z_root() . '/hcard/' . $r[0]['channel_address'], '$atom' => z_root() . '/feed/' . $r[0]['channel_address'], '$zot_post' => z_root() . '/post/' . $r[0]['channel_address'], '$poco_url' => z_root() . '/poco/' . $r[0]['channel_address'], '$photo' => z_root() . '/photo/profile/l/' . $r[0]['channel_id'], '$dspr' => $dspr, '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$subscribe' => z_root() . '/follow?url={uri}', '$bigkey' => salmon_key($r[0]['channel_pubkey'])));
$arr = array('user' => $r[0], 'xml' => $o);
call_hooks('personal_xrd', $arr);
echo $arr['xml'];
killme();
}
function lostpass_content(&$a)
{
if (x($_GET, 'verify')) {
$verify = $_GET['verify'];
$hash = hash('whirlpool', $verify);
$r = q("SELECT * FROM `user` WHERE `pwdreset` = '%s' LIMIT 1", dbesc($hash));
if (!count($r)) {
notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL);
goaway(z_root());
return;
}
$uid = $r[0]['uid'];
$username = $r[0]['username'];
$email = $r[0]['email'];
$new_password = autoname(6) . mt_rand(100, 9999);
$new_password_encoded = hash('whirlpool', $new_password);
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d LIMIT 1", dbesc($new_password_encoded), intval($uid));
if ($r) {
$tpl = get_markup_template('pwdreset.tpl');
$o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl()));
info("Your password has been reset." . EOL);
$email_tpl = get_intltext_template("passchanged_eml.tpl");
$email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid));
$res = mail($email, "Your password has changed at {$a->config['sitename']}", $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
return $o;
}
} else {
$tpl = get_markup_template('lostpass.tpl');
$o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Nickname or Email: '), '$submit' => t('Reset')));
return $o;
}
}
function notifications_content(&$a)
{
if (!local_user()) {
notice(t('Permission denied') . EOL);
goaway($a->get_baseurl());
}
$o = '';
if ($a->argc > 1 && $a->argv[1] == 'all') {
$sql_extra = '';
} else {
$sql_extra = " AND `ignore` = 0 ";
}
$tpl = file_get_contents('view/intros-top.tpl');
$o .= replace_macros($tpl, array('$hide_url' => strlen($sql_extra) ? 'notifications/all' : 'notifications', '$hide_text' => strlen($sql_extra) ? t('Show Ignored Requests') : t('Hide Ignored Requests')));
$r = q("SELECT `intro`.`id` AS `intro-id`, `intro`.*, `contact`.* \n\t\tFROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id`\n\t\tWHERE `intro`.`blocked` = 0 {$sql_extra} ");
if ($r !== false && count($r)) {
$tpl = file_get_contents("view/intros.tpl");
foreach ($r as $rr) {
$o .= replace_macros($tpl, array('$intro_id' => $rr['intro-id'], '$dfrn-id' => $rr['issued-id'], '$uid' => $_SESSION['uid'], '$contact-id' => $rr['contact-id'], '$photo' => x($rr, 'photo') ? $rr['photo'] : "images/default-profile.jpg", '$fullname' => $rr['name'], '$knowyou' => $rr['knowyou'] ? t('yes') : t('no'), '$url' => $rr['url'], '$note' => $rr['note']));
}
} else {
notice(t('No notifications.') . EOL);
}
return $o;
}
function handle_pubsubhubbub()
{
global $a, $db;
logger('start');
// We'll push to each subscriber that has push > 0,
// i.e. there has been an update (set in notifier.php).
$r = q("SELECT * FROM `push_subscriber` WHERE `push` > 0");
foreach ($r as $rr) {
$params = get_feed_for($a, '', $rr['nickname'], $rr['last_update'], 0, true);
$hmac_sig = hash_hmac("sha1", $params, $rr['secret']);
$headers = array("Content-type: application/atom+xml", sprintf("Link: <%s>;rel=hub," . "<%s>;rel=self", $a->get_baseurl() . '/pubsubhubbub', $rr['topic']), "X-Hub-Signature: sha1=" . $hmac_sig);
logger('POST ' . print_r($headers, true) . "\n" . $params, LOGGER_DEBUG);
post_url($rr['callback_url'], $params, $headers);
$ret = $a->get_curl_code();
if ($ret >= 200 && $ret <= 299) {
logger('successfully pushed to ' . $rr['callback_url']);
// set last_update to "now", and reset push=0
$date_now = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s');
q("UPDATE `push_subscriber` SET `push` = 0, last_update = '%s' WHERE id = %d", dbesc($date_now), intval($rr['id']));
} else {
logger('error when pushing to ' . $rr['callback_url'] . ' HTTP: ' . $ret);
// we use the push variable also as a counter, if we failed we
// increment this until some upper limit where we give up
$new_push = intval($rr['push']) + 1;
if ($new_push > 30) {
// OK, let's give up
$new_push = 0;
}
q("UPDATE `push_subscriber` SET `push` = %d WHERE id = %d", $new_push, intval($rr['id']));
}
}
logger('done');
}
/**
* Display admin settings for this addon
*/
function libravatar_plugin_admin(&$a, &$o)
{
$t = get_markup_template("admin.tpl", "addon/libravatar");
$default_avatar = get_config('libravatar', 'default_img');
// set default values for first configuration
if (!$default_avatar) {
$default_avatar = 'identicon';
}
// pseudo-random geometric pattern based on email hash
// Available options for the select boxes
$default_avatars = array('mm' => t('generic profile image'), 'identicon' => t('random geometric pattern'), 'monsterid' => t('monster face'), 'wavatar' => t('computer generated face'), 'retro' => t('retro arcade style face'));
// Show warning if PHP version is too old
if (!version_compare(PHP_VERSION, '5.3.0', '>=')) {
$o = '<h5>' . t('Warning') . '</h5><p>';
$o .= sprintf(t('Your PHP version %s is lower than the required PHP >= 5.3.'), PHP_VERSION);
$o .= '<br>' . t('This addon is not functional on your server.') . '<p><br>';
return;
}
// Libravatar falls back to gravatar, so show warning about gravatar addon if enabled
$r = q("SELECT * FROM `addon` WHERE `name` = '%s' and `installed` = 1", dbesc('gravatar'));
if (count($r)) {
$o = '<h5>' . t('Information') . '</h5><p>' . t('Gravatar addon is installed. Please disable the Gravatar addon.<br>The Libravatar addon will fall back to Gravatar if nothing was found at Libravatar.') . '</p><br><br>';
}
// output Libravatar settings
$o .= '<input type="hidden" name="form_security_token" value="' . get_form_security_token("libravatarsave") . '">';
$o .= replace_macros($t, array('$submit' => t('Save Settings'), '$default_avatar' => array('avatar', t('Default avatar image'), $default_avatar, t('Select default avatar image if none was found. See README'), $default_avatars)));
}
function dumpTable($table, $style, $is_view = false)
{
if ($_POST["format"] == "sql_alter") {
$create = create_sql($table, $_POST["auto_increment"]);
if ($is_view) {
echo substr_replace($create, " OR REPLACE", 6, 0) . ";\n\n";
} else {
echo substr_replace($create, " IF NOT EXISTS", 12, 0) . ";\n\n";
// create procedure which iterates over original columns and adds new and removes old
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . q($table) . " ORDER BY ORDINAL_POSITION";
echo "DELIMITER ;;\nCREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN\n\tDECLARE _column_name, _collation_name, after varchar(64) DEFAULT '';\n\tDECLARE _column_type, _column_default text;\n\tDECLARE _is_nullable char(3);\n\tDECLARE _extra varchar(30);\n\tDECLARE _column_comment varchar(255);\n\tDECLARE done, set_after bool DEFAULT 0;\n\tDECLARE add_columns text DEFAULT '";
$fields = array();
$after = "";
foreach (get_rows($query) as $row) {
$default = $row["COLUMN_DEFAULT"];
$row["default"] = $default !== null ? q($default) : "NULL";
$row["after"] = q($after);
//! rgt AFTER lft, lft AFTER id doesn't work
$row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"]) . " {$row['COLUMN_TYPE']}" . ($row["COLLATION_NAME"] ? " COLLATE {$row['COLLATION_NAME']}" : "") . ($default !== null ? " DEFAULT " . ($default == "CURRENT_TIMESTAMP" ? $default : $row["default"]) : "") . ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL") . ($row["EXTRA"] ? " {$row['EXTRA']}" : "") . ($row["COLUMN_COMMENT"] ? " COMMENT " . q($row["COLUMN_COMMENT"]) : "") . ($after ? " AFTER " . idf_escape($after) : " FIRST"));
echo ", ADD {$row['alter']}";
$fields[] = $row;
$after = $row["COLUMN_NAME"];
}
echo "';\n\tDECLARE columns CURSOR FOR {$query};\n\tDECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;\n\tSET @alter_table = '';\n\tOPEN columns;\n\tREPEAT\n\t\tFETCH columns INTO _column_name, _column_default, _is_nullable, _collation_name, _column_type, _extra, _column_comment;\n\t\tIF NOT done THEN\n\t\t\tSET set_after = 1;\n\t\t\tCASE _column_name";
foreach ($fields as $row) {
echo "\n\t\t\t\tWHEN " . q($row["COLUMN_NAME"]) . " THEN\n\t\t\t\t\tSET add_columns = REPLACE(add_columns, ', ADD {$row['alter']}', IF(\n\t\t\t\t\t\t_column_default <=> {$row['default']} AND _is_nullable = '{$row['IS_NULLABLE']}' AND _collation_name <=> " . (isset($row["COLLATION_NAME"]) ? "'{$row['COLLATION_NAME']}'" : "NULL") . " AND _column_type = " . q($row["COLUMN_TYPE"]) . " AND _extra = '{$row['EXTRA']}' AND _column_comment = " . q($row["COLUMN_COMMENT"]) . " AND after = {$row['after']}\n\t\t\t\t\t, '', ', MODIFY {$row['alter']}'));";
//! don't replace in comment
}
echo "\n\t\t\t\tELSE\n\t\t\t\t\tSET @alter_table = CONCAT(@alter_table, ', DROP ', '`', REPLACE(_column_name, '`', '``'), '`');\n\t\t\t\t\tSET set_after = 0;\n\t\t\tEND CASE;\n\t\t\tIF set_after THEN\n\t\t\t\tSET after = _column_name;\n\t\t\tEND IF;\n\t\tEND IF;\n\tUNTIL done END REPEAT;\n\tCLOSE columns;\n\tIF @alter_table != '' OR add_columns != '' THEN\n\t\tSET alter_command = CONCAT(alter_command, 'ALTER TABLE " . adminer_table($table) . "', SUBSTR(CONCAT(add_columns, @alter_table), 2), ';\\n');\n\tEND IF;\nEND;;\nDELIMITER ;\nCALL adminer_alter(@adminer_alter);\nDROP PROCEDURE adminer_alter;\n\n";
//! indexes
}
return true;
}
}
function sites_content(&$a)
{
$sites = array();
$r = q("SELECT `nurl` FROM `profile` WHERE 1");
if (count($r)) {
foreach ($r as $rr) {
$h = parse_url($rr['nurl']);
$host = $h['host'];
if ($h) {
if (!isset($sites[$host])) {
$sites[$host] = 0;
}
$sites[$host]++;
}
}
}
$total = 0;
asort($sites);
foreach ($sites as $k => $v) {
$o .= $k . ' (' . $v . ')' . "<br />\r\n";
$total++;
}
$o .= "Total: {$total}<br />\r\n";
return $o;
}
function bookmarks_init(&$a)
{
if (!local_user()) {
return;
}
$item_id = intval($_REQUEST['item']);
if (!$item_id) {
return;
}
$u = $a->get_channel();
$i = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval(local_user()));
if (!$i) {
return;
}
$i = fetch_post_tags($i);
$item = $i[0];
$terms = get_terms_oftype($item['term'], TERM_BOOKMARK);
if ($terms && !$item['item_restrict']) {
require_once 'include/bookmarks.php';
$s = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']));
if (!$s) {
logger('mod_bookmarks: author lookup failed.');
killme();
}
foreach ($terms as $t) {
bookmark_add($u, $s[0], $t, $item['item_private']);
info(t('Bookmark added') . EOL);
}
}
killme();
}
function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false)
{
global $a;
$o = '';
// When used for private messages, we limit correspondence to mutual friends and the selector
// to one recipient. By default our selector allows multiple selects amongst all contacts.
if ($privmail) {
$sql_extra = sprintf(" AND `rel` = %d ", intval(DIRECTION_BOTH));
$o .= "<select name=\"{$selname}\" class=\"{$selclass}\" size=\"{$size}\" />\r\n";
} else {
$sql_extra = '';
$o .= "<select name=\"{$selname}[]\" class=\"{$selclass}\" multiple=\"multiple\" size=\"{$size}\" />\r\n";
}
// ignore readonly contacts when operating in celebrity mode -
// the selector HTML could grow quite large and affect a lot of pages
if (x($a->config, 'rockstar')) {
$sql_extra .= " AND `readonly` = 0 ";
}
$r = q("SELECT `id`, `name`, `url` FROM `contact` \n\t\tWHERE `self` = 0 AND `blocked` = 0 AND `pending` = 0 \n\t\t{$sql_extra} ORDER BY `name` ASC ");
if (count($r)) {
foreach ($r as $rr) {
if (is_array($preselected) && in_array($rr['id'], $preselected)) {
$selected = " selected=\"selected\" ";
} else {
$selected = '';
}
$o .= "<option value=\"{$rr['id']}\" {$selected} title=\"{$rr['url']}\" >{$rr['name']}</option>\r\n";
}
}
$o .= "</select>\r\n";
return $o;
}
public static function clear()
{
q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 30 days")), intval(CACHE_MONTH));
q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 7 days")), intval(CACHE_WEEK));
q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 1 days")), intval(CACHE_DAY));
q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 1 hours")), intval(CACHE_HOUR));
}
/**
* @brief display list of available learning paths (if any)
* @global type $id
* @global type $course_id
* @global type $tool_content
* @global type $urlServer
* @global type $langComments
* @global type $langAddModulesButton
* @global type $langChoice
* @global type $langNoLearningPath
* @global type $langLearningPaths
* @global type $course_code
*/
function list_lps()
{
global $id, $course_id, $tool_content, $urlServer, $langComments, $langAddModulesButton, $langChoice, $langNoLearningPath, $langLearningPaths, $course_code;
$result = Database::get()->queryArray("SELECT * FROM lp_learnPath WHERE course_id = ?d ORDER BY name", $course_id);
$lpinfo = array();
foreach ($result as $row) {
$lpinfo[] = array('id' => $row->learnPath_id, 'name' => $row->name, 'comment' => $row->comment, 'visible' => $row->visible, 'rank' => $row->rank);
}
if (count($lpinfo) == 0) {
$tool_content .= "<div class='alert alert-warning'>{$langNoLearningPath}</div>";
} else {
$tool_content .= "<form action='insert.php?course={$course_code}' method='post'>" . "<input type='hidden' name='id' value='{$id}'>" . "<table class='table-default'>" . "<tr>" . "<th><div align='left'> {$langLearningPaths}</div></th>" . "<th><div align='left'>{$langComments}</div></th>" . "<th width='80'>{$langChoice}</th>" . "</tr>";
foreach ($lpinfo as $entry) {
if ($entry['visible'] == 0) {
$vis = 'invisible';
} else {
$vis = '';
}
$tool_content .= "<tr class='{$vis}'>";
$tool_content .= "<td> " . icon('fa-ellipsis-h') . " <a href='{$urlServer}/modules/learnPath/learningPath.php?course={$course_code}&path_id={$entry['id']}'>" . q($entry['name']) . "</a></td>";
$tool_content .= "<td>" . q($entry['comment']) . "</td>";
$tool_content .= "<td class='text-center'><input type='checkbox' name='lp[]' value='{$entry['id']}'></td>";
$tool_content .= "</tr>";
}
$tool_content .= "<tr>" . "<th colspan='3'><div align='right'>";
$tool_content .= "<input class='btn btn-primary' type='submit' name='submit_lp' value='{$langAddModulesButton}'></div></th>";
$tool_content .= "</tr></table></form>\n";
}
}
function suggest_init(&$a)
{
if (!local_user()) {
return;
}
if (x($_GET, 'ignore') && intval($_GET['ignore'])) {
// Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) {
// <form> can't take arguments in its "action" parameter
// so add any arguments as hidden inputs
$query = explode_querystring($a->query_string);
$inputs = array();
foreach ($query['args'] as $arg) {
if (strpos($arg, 'confirm=') === false) {
$arg_parts = explode('=', $arg);
$inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]);
}
}
$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array('$method' => 'get', '$message' => t('Do you really want to delete this suggestion?'), '$extra_inputs' => $inputs, '$confirm' => t('Yes'), '$confirm_url' => $query['base'], '$confirm_name' => 'confirmed', '$cancel' => t('Cancel')));
$a->error = 1;
// Set $a->error so the other module functions don't execute
return;
}
// Now check how the user responded to the confirmation query
if (!$_REQUEST['canceled']) {
q("INSERT INTO `gcign` ( `uid`, `gcid` ) VALUES ( %d, %d ) ", intval(local_user()), intval($_GET['ignore']));
}
}
}
function p_init(&$a)
{
if (argc() < 2) {
http_status_exit(401);
}
$mid = str_replace('.xml', '', argv(1));
$r = q("select * from item where mid = '%s' and item_wall = 1 and item_private = 0 limit 1", dbesc($mid));
if (!$r || !perm_is_allowed($r[0]['uid'], '', 'view_stream')) {
http_status_exit(404);
}
$c = q("select * from channel where channel_id = %d limit 1", intval($r[0]['uid']));
if (!$c) {
http_status_exit(404);
}
$myaddr = $c[0]['channel_address'] . '@' . App::get_hostname();
$item = $r[0];
$title = $item['title'];
$body = bb2diaspora_itembody($item);
$created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C');
$tpl = get_markup_template('diaspora_post.tpl', 'addon/diaspora');
$msg = replace_macros($tpl, array('$body' => xmlify($body), '$guid' => $item['mid'], '$handle' => xmlify($myaddr), '$public' => 'true', '$created' => $created, '$provider' => $item['app'] ? $item['app'] : t('$projectname')));
header('Content-type: text/xml');
echo $msg;
killme();
}
public static function get_sources($arr = array())
{
global $config_q;
/*
if (isset($arr["current_page"]))
{
$limit_start = ($arr["current_page"]-1)*$config_q["quotes_on_page"];
$limit = "LIMIT ".(($arr["current_page"]-1)*$config_q["quotes_on_page"]).",".$config_q["quotes_on_page"];
}
if (isset($arr["char"]))
{
$s_where = "WHERE author_lastname_".$config_q["locale"]." LIKE '".$arr["char"]."%' ";
}
*/
if ($arr["has_alias"]) {
$s_where = " WHERE url_friendly_name_" . $config_q["locale"] . " IS NOT NULL ";
}
if (strlen($s_where) > 0) {
$s_where .= "\n\t\t\t\tAND\n\t\t\t\t\t" . $config_q["db"]["prefix"] . "sources.id = " . $config_q["db"]["prefix"] . "quotes.source_id\n\t\t\t\tAND\n\t\t\t\t\tactive = 1\n\t\t\t\tAND\n\t\t\t\t\tlang = '" . $config_q["locale"] . "' ";
} else {
$s_where .= "\n\t\t\t\tWHERE\n\t\t\t\t\t" . $config_q["db"]["prefix"] . "sources.id = " . $config_q["db"]["prefix"] . "quotes.source_id\n\t\t\t\tAND\n\t\t\t\t\tactive = 1\n\t\t\t\tAND\n\t\t\t\t\tlang = '" . $config_q["locale"] . "' ";
}
$a_out = array();
$q = "\n\t\t\tSELECT\n\t\t\t\tDISTINCT\n\t\t\t\tname_" . $config_q["locale"] . " AS name,\n\t\t\t\turl_friendly_name_" . $config_q["locale"] . " AS url_friendly_name\n\t\t\tFROM\n\t\t\t\t" . $config_q["db"]["prefix"] . "sources,\n\t\t\t\t" . $config_q["db"]["prefix"] . "quotes\n\t\t\t{$s_where}\n\t\t\torder by\n\t\t\t\tname_" . $config_q["locale"] . " asc\n\t\t\t{$limit};\n\t\t";
$r = q($q);
$a_out = array();
while ($row = mysqli_fetch_array($r, MYSQL_ASSOC)) {
$a_out[] = $row;
}
return $a_out;
}
function xrd_init(&$a)
{
$uri = urldecode(notags(trim($_GET['uri'])));
if (substr($uri, 0, 4) === 'http') {
$name = basename($uri);
} else {
$local = str_replace('acct:', '', $uri);
if (substr($local, 0, 2) == '//') {
$local = substr($local, 2);
}
$name = substr($local, 0, strpos($local, '@'));
}
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", dbesc($name));
if (!count($r)) {
killme();
}
$salmon_key = salmon_key($r[0]['spubkey']);
header('Access-Control-Allow-Origin: *');
header("Content-type: text/xml");
if (get_config('system', 'diaspora_enabled')) {
//$tpl = file_get_contents('view/xrd_diaspora.tpl');
$tpl = get_markup_template('xrd_diaspora.tpl');
$dspr = replace_macros($tpl, array('$baseurl' => $a->get_baseurl(), '$dspr_guid' => $r[0]['guid'], '$dspr_key' => base64_encode(pemtorsa($r[0]['pubkey']))));
} else {
$dspr = '';
}
//$tpl = file_get_contents('view/xrd_person.tpl');
$tpl = get_markup_template('xrd_person.tpl');
$o = replace_macros($tpl, array('$nick' => $r[0]['nickname'], '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'], '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'], '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['nickname'], '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg', '$dspr' => $dspr, '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'], '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'] . '/mention', '$subscribe' => $a->get_baseurl() . '/follow?url={uri}', '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$bigkey' => salmon_key($r[0]['pubkey'])));
$arr = array('user' => $r[0], 'xml' => $o);
call_hooks('personal_xrd', $arr);
echo $arr['xml'];
killme();
}
function flag_post(&$a)
{
$id = $_POST['id'];
$reason = $_POST['reason'];
$type = 0;
if ($reason === 'censor') {
$type = 1;
} elseif ($reason === 'dead') {
$type = 2;
}
if (!$id || !$type) {
// goaway($a->get_baseurl());
print_r($_POST);
return;
}
$r = q("SELECT * FROM `flag` WHERE `pid` = %d LIMIT 1", intval($id));
if (!count($r)) {
$r = q("INSERT INTO `flag` ( `pid`, `reason`, `total` ) VALUES ( %d , %d, 1 ) ", intval($id), intval($type));
$msg = "An entry ({$id}) has just been flagged for {$reason}.";
mail('*****@*****.**', "Directory Flag action", $msg);
} else {
q("UPDATE `flag` SET `total` = %d WHERE `id` = %d LIMIT 1", intval($r[0]['total']) + 1, intval($r[0]['id']));
}
notice("Entry has been flagged.");
goaway($a->get_baseurl());
}
function starred_init(&$a)
{
$starred = 0;
if (!local_user()) {
killme();
}
if ($a->argc > 1) {
$message_id = intval($a->argv[1]);
}
if (!$message_id) {
killme();
}
$r = q("SELECT starred FROM item WHERE uid = %d AND id = %d LIMIT 1", intval(local_user()), intval($message_id));
if (!count($r)) {
killme();
}
if (!intval($r[0]['starred'])) {
$starred = 1;
}
$r = q("UPDATE item SET starred = %d WHERE uid = %d and id = %d LIMIT 1", intval($starred), intval(local_user()), intval($message_id));
// See if we've been passed a return path to redirect to
$return_path = x($_REQUEST, 'return') ? $_REQUEST['return'] : '';
if ($return_path) {
$rand = '_=' . time();
if (strpos($return_path, '?')) {
$rand = "&{$rand}";
} else {
$rand = "?{$rand}";
}
goaway($a->get_baseurl() . "/" . $return_path . $rand);
}
// the json doesn't really matter, it will either be 0 or 1
echo json_encode($starred);
killme();
}
