function search_ac_init(&$a) { if (!local_channel()) { killme(); } $start = x($_REQUEST, 'start') ? $_REQUEST['start'] : 0; $count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 100; $search = x($_REQUEST, 'search') ? $_REQUEST['search'] : ""; if (x($_REQUEST, 'query') && strlen($_REQUEST['query'])) { $search = $_REQUEST['query']; } // Priority to people searches if ($search) { $people_sql_extra = protect_sprintf(" AND `xchan_name` LIKE '%" . dbesc($search) . "%' "); $tag_sql_extra = protect_sprintf(" AND term LIKE '%" . dbesc($search) . "%' "); } $r = q("SELECT `abook_id`, `xchan_name`, `xchan_photo_s`, `xchan_url`, `xchan_addr` FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d \n\t\t{$people_sql_extra}\n\t\tORDER BY `xchan_name` ASC ", intval(local_channel())); $results = array(); if ($r) { foreach ($r as $g) { $results[] = array("photo" => $g['xchan_photo_s'], "name" => '@' . $g['xchan_name'], "id" => $g['abook_id'], "link" => $g['xchan_url'], "label" => '', "nick" => ''); } } $r = q("select distinct term, tid, url from term where type in ( %d, %d ) {$tag_sql_extra} group by term order by term asc", intval(TERM_HASHTAG), intval(TERM_COMMUNITYTAG)); if (count($r)) { foreach ($r as $g) { $results[] = array("photo" => $a->get_baseurl() . '/images/hashtag.png', "name" => '#' . $g['term'], "id" => $g['tid'], "link" => $g['url'], "label" => '', "nick" => ''); } } header("content-type: application/json"); $o = array('start' => $start, 'count' => $count, 'items' => $results); echo json_encode($o); logger('search_ac: ' . print_r($x, true)); killme(); }
public function doWebContent() { $aid = q('get.aid', 0, 'intval'); //文章 $article = Db::table('web_article')->where('siteid', SITEID)->where('aid', $aid)->first(); if (empty($article)) { message('文章不存在', 'back', 'error'); } $article['url'] = web_url('entry/content', ['aid' => $article['aid'], 'cid' => $article['category_cid']], 'article'); //栏目 $category = Db::table('web_category')->where('cid', $article['category_cid'])->first(); $category['url'] = empty($category['cat_linkurl']) ? web_url('entry/category', ['cid' => $category['cid']], 'article') : $category['cat_linkurl']; //模板风格 $template_name = $article['template_name'] ?: $category['template_name']; if (empty($template_name)) { $template_name = Db::table('web')->where('id', $this->webid)->pluck('template_name'); if (empty($template_name)) { $template_name = Db::table('template')->where('is_default', 1)->pluck('name'); } } $path = "theme/{$template_name}/{$this->dir}"; if (is_file($path . '/article.html')) { $tpl = $path . '/article.html'; define('__TEMPLATE__', $path); } else { //模板不存在时使用默认模板 $tpl = 'theme/default/' . $this->dir . '/article.html'; define('__TEMPLATE__', "theme/default/{$this->dir}"); } View::with('hdcms', $article); View::with('category', $category); return View::make($tpl); }
function get() { require_once 'include/acl_selectors.php'; if (!local_channel()) { notice(t('Permission denied.') . EOL); return; } if (\App::$argc != 2) { return; } $contact_id = intval(\App::$argv[1]); $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval(local_channel())); if (!count($r)) { notice(t('Contact not found.') . EOL); return; } $contact = $r[0]; $o = '<h3>' . t('Suggest Friends') . '</h3>'; $o .= '<div id="fsuggest-desc" >' . sprintf(t('Suggest a friend for %s'), $contact['name']) . '</div>'; $o .= '<form id="fsuggest-form" action="fsuggest/' . $contact_id . '" method="post" >'; // FIXME contact_selector deprecated, removed // $o .= contact_selector('suggest','suggest-select', false, // array('size' => 4, 'exclude' => $contact_id, 'networks' => 'DFRN_ONLY', 'single' => true)); $o .= '<div id="fsuggest-submit-wrapper"><input id="fsuggest-submit" type="submit" name="submit" value="' . t('Submit') . '" /></div>'; $o .= '</form>'; return $o; }
function get() { if (argc() > 2 && argv(2) === 'add') { $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional')))); return $o; } if (argc() > 3 && argv(2) === 'edit') { $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel()); if (!count($r)) { notice(t('Application not found.')); return; } $app = $r[0]; $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['clname'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], ''))); return $o; } if (argc() > 3 && argv(2) === 'delete') { check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel()); goaway(z_root() . "/settings/oauth/"); return; } $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel()); $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => z_root(), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r)); return $o; }
function repair_ostatus_content(&$a) { if (!local_user()) { notice(t('Permission denied.') . EOL); goaway($_SESSION['return_url']); // NOTREACHED } $o = "<h2>" . t("Resubsribing to OStatus contacts") . "</h2>"; $uid = local_user(); $a = get_app(); $counter = intval($_REQUEST['counter']); $r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE\n `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING)); if (!$r) { return $o . t("Error"); } $total = $r[0]["total"]; $r = q("SELECT `url` FROM `contact` WHERE\n `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)\n\t\tORDER BY `url`\n\t\tLIMIT %d, 1", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING), $counter++); if (!$r) { $o .= t("Done"); return $o; } $o .= "<p>" . $counter . "/" . $total . ": " . $r[0]["url"] . "</p>"; $o .= "<p>" . t("Keep this window open until done.") . "</p>"; $result = new_contact($uid, $r[0]["url"], true); $a->page['htmlhead'] = '<meta http-equiv="refresh" content="1; URL=' . $a->get_baseurl() . '/repair_ostatus?counter=' . $counter . '">'; return $o; }
function filer_content(&$a) { if (!local_channel()) { killme(); } $term = unxmlify(trim($_GET['term'])); $item_id = $a->argc > 1 ? intval($a->argv[1]) : 0; logger('filer: tag ' . $term . ' item ' . $item_id); if ($item_id && strlen($term)) { // file item store_item_tag(local_channel(), $item_id, TERM_OBJ_POST, TERM_FILE, $term, ''); // protect the entire conversation from periodic expiration $r = q("select parent from item where id = %d and uid = %d limit 1", intval($item_id), intval(local_channel())); if ($r) { $x = q("update item set item_retained = 1 where id = %d and uid = %d", intval($r[0]['parent']), intval(local_channel())); } } else { $filetags = array(); $r = q("select distinct(term) from term where uid = %d and type = %d order by term asc", intval(local_channel()), intval(TERM_FILE)); if (count($r)) { foreach ($r as $rr) { $filetags[] = $rr['term']; } } $tpl = get_markup_template("filer_dialog.tpl"); $o = replace_macros($tpl, array('$field' => array('term', t("Save to Folder:"), '', '', $filetags, t('- select -')), '$submit' => t('Save'))); echo $o; } killme(); }
function init() { if (argc() > 1) { $which = argv(1); } else { notice(t('Requested profile is not available.') . EOL); \App::$error = 404; return; } $profile = ''; $channel = \App::get_channel(); if (local_channel() && argc() > 2 && argv(2) === 'view') { $which = $channel['channel_address']; $profile = argv(1); $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel())); if (!$r) { $profile = ''; } $profile = $r[0]['profile_guid']; } \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n"; if (!$profile) { $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", dbesc(argv(1))); if ($x) { \App::$profile = $x[0]; } } profile_load($a, $which, $profile); }
function hubwall_post(&$a) { if (!is_site_admin()) { return; } $text = trim($_REQUEST['text']); if (!$text) { return; } $sender_name = sprintf(t('$1%s Administrator'), \Zotlabs\Lib\System::get_site_name()); $sender_email = $_REQUEST['sender']; $subject = $_REQUEST['subject']; $textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "\n"), $text))), ENT_QUOTES, 'UTF-8')); $htmlversion = bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "<br />\n"), $text))); $sql_extra = intval($_REQUEST['test']) ? sprintf(" and account_email = '%s' ", get_config('system', 'admin_email')) : ''; $recips = q("select account_email from account where account_flags = %d {$sql_extra}", intval(ACCOUNT_OK)); if (!$recips) { notice(t('No recipients found.') . EOL); return; } $total_recips = count($recips); $total_delivered = 0; foreach ($recips as $recip) { $x = \Zotlabs\Lib\Enotify::send(array('fromName' => $sender_name, 'fromEmail' => $sender_email, 'replyTo' => $sender_email, 'toEmail' => $recip['account_email'], 'messageSubject' => $subject, 'htmlVersion' => $htmlversion, 'textVersion' => $textversion)); if ($x) { $total_delivered++; } } info(sprintf(t('%1$d of %2$d messages sent.'), $total_delivered, $total_recips) . EOL); }
function init() { $result = array('success' => false); $mindate = $_REQUEST['mindate'] ? datetime_convert('UTC', 'UTC', $_REQUEST['mindate']) : ''; if (!$mindate) { $mindate = datetime_convert('UTC', 'UTC', 'now - 14 days'); } if (observer_prohibited()) { $result['message'] = 'Public access denied'; json_return_and_die($result); } $observer = \App::get_observer(); $channel_address = argc() > 1 ? argv(1) : ''; if ($channel_address) { $r = q("select channel_id, channel_name from channel where channel_address = '%s' and channel_removed = 0 limit 1", dbesc(argv(1))); } else { $x = get_sys_channel(); if ($x) { $r = array($x); } $mindate = datetime_convert('UTC', 'UTC', 'now - 14 days'); } if (!$r) { $result['message'] = 'Channel not found.'; json_return_and_die($result); } logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG); $result['messages'] = zot_feed($r[0]['channel_id'], $observer['xchan_hash'], array('mindate' => $mindate)); $result['success'] = true; json_return_and_die($result); }
function tagrm_content(&$a) { $o = ''; if (!local_user()) { goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); // NOTREACHED } $item = $a->argc > 1 ? intval($a->argv[1]) : 0; if (!$item) { goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); // NOTREACHED } $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item), intval(local_user())); if (!count($r)) { goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); } $arr = explode(',', $r[0]['tag']); if (!count($arr)) { goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); } $o .= '<h3>' . t('Remove Item Tag') . '</h3>'; $o .= '<p id="tag-remove-desc">' . t('Select a tag to remove: ') . '</p>'; $o .= '<form id="tagrm" action="tagrm" method="post" >'; $o .= '<input type="hidden" name="item" value="' . $item . '" />'; $o .= '<ul>'; foreach ($arr as $x) { $o .= '<li><input type="checkbox" name="tag" value="' . bin2hex($x) . '" >' . bbcode($x) . '</input></li>'; } $o .= '</ul>'; $o .= '<input id="tagrm-submit" type="submit" name="submit" value="' . t('Remove') . '" />'; $o .= '<input id="tagrm-cancel" type="submit" name="submit" value="' . t('Cancel') . '" />'; $o .= '</form>'; return $o; }
function get() { $acc = \App::get_account(); if (!$acc || $acc['account_id'] != get_account_id()) { notice(t('Permission denied.') . EOL); return; } $default_role = ''; $aid = get_account_id(); if ($aid) { $r = q("select count(channel_id) as total from channel where channel_account_id = %d", intval($aid)); if ($r && !intval($r[0]['total'])) { $default_role = get_config('system', 'default_permissions_role'); } $limit = account_service_class_fetch(get_account_id(), 'total_identities'); if ($r && $limit !== false) { $channel_usage_message = sprintf(t("You have created %1\$.0f of %2\$.0f allowed channels."), $r[0]['total'], $limit); } else { $channel_usage_message = ''; } } $privacy_role = x($_REQUEST, 'permissions_role') ? $_REQUEST['permissions_role'] : ""; $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); if (get_account_techlevel() < 4 && $privacy_role !== 'custom') { unset($perm_roles[t('Other')]); } $name = array('name', t('Name or caption'), x($_REQUEST, 'name') ? $_REQUEST['name'] : '', t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*"); $nickhub = '@' . \App::get_hostname(); $nickname = array('nickname', t('Choose a short nickname'), x($_REQUEST, 'nickname') ? $_REQUEST['nickname'] : '', sprintf(t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*"); $role = array('permissions_role', t('Channel role and privacy'), $privacy_role ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>', $perm_roles); $o = replace_macros(get_markup_template('new_channel.tpl'), array('$title' => t('Create Channel'), '$desc' => t('A channel is your identity on this network. It can represent a person, a blog, or a forum to name a few. Channels can make connections with other channels to share information with highly detailed permissions.'), '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, '$default_role' => $default_role, '$nickname' => $nickname, '$submit' => t('Create'), '$channel_usage_message' => $channel_usage_message)); return $o; }
function get() { if (!local_channel()) { goaway(z_root() . '/' . $_SESSION['photo_return']); // NOTREACHED } // remove tag on the fly if item and tag are provided if (argc() == 4 && argv(1) === 'drop' && intval(argv(2))) { $item = intval(argv(2)); $tag = argv(3); $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item), intval(local_channel())); if (!$r) { goaway(z_root() . '/' . $_SESSION['photo_return']); } $r = fetch_post_tags($r, true); $item = $r[0]; $new_tags = array(); if ($item['term']) { for ($x = 0; $x < count($item['term']); $x++) { if ($item['term'][$x]['term'] !== hex2bin($tag)) { $new_tags[] = $item['term'][$x]; } } } if ($new_tags) { $item['term'] = $new_tags; } else { unset($item['term']); } item_store_update($item); info(t('Tag removed') . EOL); goaway(z_root() . '/' . $_SESSION['photo_return']); } //if we got only the item print a list of tags to select if (argc() == 3 && argv(1) === 'drop' && intval(argv(2))) { $o = ''; $item = intval(argv(2)); $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item), intval(local_channel())); if (!$r) { goaway(z_root() . '/' . $_SESSION['photo_return']); } $r = fetch_post_tags($r, true); if (!count($r[0]['term'])) { goaway(z_root() . '/' . $_SESSION['photo_return']); } $o .= '<h3>' . t('Remove Item Tag') . '</h3>'; $o .= '<p id="tag-remove-desc">' . t('Select a tag to remove: ') . '</p>'; $o .= '<form id="tagrm" action="tagrm" method="post" >'; $o .= '<input type="hidden" name="item" value="' . $item . '" />'; $o .= '<ul>'; foreach ($r[0]['term'] as $x) { $o .= '<li><input type="checkbox" name="tag" value="' . bin2hex($x['term']) . '" >' . bbcode($x['term']) . '</input></li>'; } $o .= '</ul>'; $o .= '<input id="tagrm-submit" type="submit" name="submit" value="' . t('Remove') . '" />'; $o .= '<input id="tagrm-cancel" type="submit" name="submit" value="' . t('Cancel') . '" />'; $o .= '</form>'; return $o; } }
function likebanner_content(&$a) { if (local_channel()) { $channel = $a->get_channel(); } else { $channel = null; } $o = '<h1>Like Banner</h1>'; $def = $_REQUEST['addr']; if ($channel && !$def) { $def = $channel['xchan_addr']; } $o .= '<form action="likebanner" method="get" >'; $o .= t('Your Webbie:'); $o .= '<br /><br />'; $o .= '<input type="text" name="addr" size="32" value="' . $def . '" />'; $o .= '<br /><br />' . t('Fontsize (px):'); $o .= '<br /><br />'; $o .= '<input type="text" name="size" size="32" value="' . ($_REQUEST['size'] ? $_REQUEST['size'] : 28) . '" /><br /><br />'; $o .= '<input type="submit" name="submit" value="' . t('Submit') . '" /></form><br /><br/>'; if ($_REQUEST['addr']) { $o .= '<img style="border: 1px solid #000;" src="likebanner/show/?f=&addr=' . urlencode($_REQUEST['addr']) . '&size=' . $_REQUEST['size'] . '" alt="banner" />'; if ($channel) { $p = q("select profile_guid from profile where uid = %d and is_default = 1 limit 1", intval($channel['channel_id'])); if ($p) { $link = z_root() . '/like/profile/' . $p[0]['profile_guid'] . '?f=&verb=like&interactive=1'; $o .= EOL . EOL . t('Link:') . EOL . '<input type="text" size="64" onclick="this.select();" value="' . $link . '" />'; $html = '<a href="' . $link . '" ><img src="' . z_root() . '/likebanner?f=&addr=' . $def . '&size=' . $_REQUEST['size'] . '" alt="' . t('Like us on RedMatrix') . '" /></a>'; $o .= EOL . EOL . t('Embed:') . EOL . '<input type="text" size="64" onclick="this.select();" value="' . htmlspecialchars($html, ENT_QUOTES, 'UTF-8') . '" />'; } } } return $o; }
function init() { $uri = urldecode(notags(trim($_GET['uri']))); logger('xrd: ' . $uri, LOGGER_DEBUG); $resource = $uri; if (substr($uri, 0, 4) === 'http') { $uri = str_replace('~', '', $uri); $name = basename($uri); } else { $local = str_replace('acct:', '', $uri); if (substr($local, 0, 2) == '//') { $local = substr($local, 2); } $name = substr($local, 0, strpos($local, '@')); } $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", dbesc($name)); if (!$r) { killme(); } $dspr = replace_macros(get_markup_template('xrd_diaspora.tpl'), array('$baseurl' => z_root(), '$dspr_guid' => $r[0]['channel_guid'] . str_replace('.', '', \App::get_hostname()), '$dspr_key' => base64_encode(pemtorsa($r[0]['channel_pubkey'])))); $salmon_key = salmon_key($r[0]['channel_pubkey']); header('Access-Control-Allow-Origin: *'); header("Content-type: application/xrd+xml"); $aliases = array('acct:' . channel_reddress($r[0]), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']); for ($x = 0; $x < count($aliases); $x++) { if ($aliases[$x] === $resource) { unset($aliases[$x]); } } $o = replace_macros(get_markup_template('xrd_person.tpl'), array('$nick' => $r[0]['channel_address'], '$accturi' => $resource, '$aliases' => $aliases, '$profile_url' => z_root() . '/channel/' . $r[0]['channel_address'], '$hcard_url' => z_root() . '/hcard/' . $r[0]['channel_address'], '$atom' => z_root() . '/feed/' . $r[0]['channel_address'], '$zot_post' => z_root() . '/post/' . $r[0]['channel_address'], '$poco_url' => z_root() . '/poco/' . $r[0]['channel_address'], '$photo' => z_root() . '/photo/profile/l/' . $r[0]['channel_id'], '$dspr' => $dspr, '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$subscribe' => z_root() . '/follow?url={uri}', '$bigkey' => salmon_key($r[0]['channel_pubkey']))); $arr = array('user' => $r[0], 'xml' => $o); call_hooks('personal_xrd', $arr); echo $arr['xml']; killme(); }
function lostpass_content(&$a) { if (x($_GET, 'verify')) { $verify = $_GET['verify']; $hash = hash('whirlpool', $verify); $r = q("SELECT * FROM `user` WHERE `pwdreset` = '%s' LIMIT 1", dbesc($hash)); if (!count($r)) { notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL); goaway(z_root()); return; } $uid = $r[0]['uid']; $username = $r[0]['username']; $email = $r[0]['email']; $new_password = autoname(6) . mt_rand(100, 9999); $new_password_encoded = hash('whirlpool', $new_password); $r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d LIMIT 1", dbesc($new_password_encoded), intval($uid)); if ($r) { $tpl = get_markup_template('pwdreset.tpl'); $o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl())); info("Your password has been reset." . EOL); $email_tpl = get_intltext_template("passchanged_eml.tpl"); $email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid)); $res = mail($email, "Your password has changed at {$a->config['sitename']}", $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit'); return $o; } } else { $tpl = get_markup_template('lostpass.tpl'); $o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Nickname or Email: '), '$submit' => t('Reset'))); return $o; } }
function notifications_content(&$a) { if (!local_user()) { notice(t('Permission denied') . EOL); goaway($a->get_baseurl()); } $o = ''; if ($a->argc > 1 && $a->argv[1] == 'all') { $sql_extra = ''; } else { $sql_extra = " AND `ignore` = 0 "; } $tpl = file_get_contents('view/intros-top.tpl'); $o .= replace_macros($tpl, array('$hide_url' => strlen($sql_extra) ? 'notifications/all' : 'notifications', '$hide_text' => strlen($sql_extra) ? t('Show Ignored Requests') : t('Hide Ignored Requests'))); $r = q("SELECT `intro`.`id` AS `intro-id`, `intro`.*, `contact`.* \n\t\tFROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id`\n\t\tWHERE `intro`.`blocked` = 0 {$sql_extra} "); if ($r !== false && count($r)) { $tpl = file_get_contents("view/intros.tpl"); foreach ($r as $rr) { $o .= replace_macros($tpl, array('$intro_id' => $rr['intro-id'], '$dfrn-id' => $rr['issued-id'], '$uid' => $_SESSION['uid'], '$contact-id' => $rr['contact-id'], '$photo' => x($rr, 'photo') ? $rr['photo'] : "images/default-profile.jpg", '$fullname' => $rr['name'], '$knowyou' => $rr['knowyou'] ? t('yes') : t('no'), '$url' => $rr['url'], '$note' => $rr['note'])); } } else { notice(t('No notifications.') . EOL); } return $o; }
function handle_pubsubhubbub() { global $a, $db; logger('start'); // We'll push to each subscriber that has push > 0, // i.e. there has been an update (set in notifier.php). $r = q("SELECT * FROM `push_subscriber` WHERE `push` > 0"); foreach ($r as $rr) { $params = get_feed_for($a, '', $rr['nickname'], $rr['last_update'], 0, true); $hmac_sig = hash_hmac("sha1", $params, $rr['secret']); $headers = array("Content-type: application/atom+xml", sprintf("Link: <%s>;rel=hub," . "<%s>;rel=self", $a->get_baseurl() . '/pubsubhubbub', $rr['topic']), "X-Hub-Signature: sha1=" . $hmac_sig); logger('POST ' . print_r($headers, true) . "\n" . $params, LOGGER_DEBUG); post_url($rr['callback_url'], $params, $headers); $ret = $a->get_curl_code(); if ($ret >= 200 && $ret <= 299) { logger('successfully pushed to ' . $rr['callback_url']); // set last_update to "now", and reset push=0 $date_now = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s'); q("UPDATE `push_subscriber` SET `push` = 0, last_update = '%s' WHERE id = %d", dbesc($date_now), intval($rr['id'])); } else { logger('error when pushing to ' . $rr['callback_url'] . ' HTTP: ' . $ret); // we use the push variable also as a counter, if we failed we // increment this until some upper limit where we give up $new_push = intval($rr['push']) + 1; if ($new_push > 30) { // OK, let's give up $new_push = 0; } q("UPDATE `push_subscriber` SET `push` = %d WHERE id = %d", $new_push, intval($rr['id'])); } } logger('done'); }
/** * Display admin settings for this addon */ function libravatar_plugin_admin(&$a, &$o) { $t = get_markup_template("admin.tpl", "addon/libravatar"); $default_avatar = get_config('libravatar', 'default_img'); // set default values for first configuration if (!$default_avatar) { $default_avatar = 'identicon'; } // pseudo-random geometric pattern based on email hash // Available options for the select boxes $default_avatars = array('mm' => t('generic profile image'), 'identicon' => t('random geometric pattern'), 'monsterid' => t('monster face'), 'wavatar' => t('computer generated face'), 'retro' => t('retro arcade style face')); // Show warning if PHP version is too old if (!version_compare(PHP_VERSION, '5.3.0', '>=')) { $o = '<h5>' . t('Warning') . '</h5><p>'; $o .= sprintf(t('Your PHP version %s is lower than the required PHP >= 5.3.'), PHP_VERSION); $o .= '<br>' . t('This addon is not functional on your server.') . '<p><br>'; return; } // Libravatar falls back to gravatar, so show warning about gravatar addon if enabled $r = q("SELECT * FROM `addon` WHERE `name` = '%s' and `installed` = 1", dbesc('gravatar')); if (count($r)) { $o = '<h5>' . t('Information') . '</h5><p>' . t('Gravatar addon is installed. Please disable the Gravatar addon.<br>The Libravatar addon will fall back to Gravatar if nothing was found at Libravatar.') . '</p><br><br>'; } // output Libravatar settings $o .= '<input type="hidden" name="form_security_token" value="' . get_form_security_token("libravatarsave") . '">'; $o .= replace_macros($t, array('$submit' => t('Save Settings'), '$default_avatar' => array('avatar', t('Default avatar image'), $default_avatar, t('Select default avatar image if none was found. See README'), $default_avatars))); }
function dumpTable($table, $style, $is_view = false) { if ($_POST["format"] == "sql_alter") { $create = create_sql($table, $_POST["auto_increment"]); if ($is_view) { echo substr_replace($create, " OR REPLACE", 6, 0) . ";\n\n"; } else { echo substr_replace($create, " IF NOT EXISTS", 12, 0) . ";\n\n"; // create procedure which iterates over original columns and adds new and removes old $query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . q($table) . " ORDER BY ORDINAL_POSITION"; echo "DELIMITER ;;\nCREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN\n\tDECLARE _column_name, _collation_name, after varchar(64) DEFAULT '';\n\tDECLARE _column_type, _column_default text;\n\tDECLARE _is_nullable char(3);\n\tDECLARE _extra varchar(30);\n\tDECLARE _column_comment varchar(255);\n\tDECLARE done, set_after bool DEFAULT 0;\n\tDECLARE add_columns text DEFAULT '"; $fields = array(); $after = ""; foreach (get_rows($query) as $row) { $default = $row["COLUMN_DEFAULT"]; $row["default"] = $default !== null ? q($default) : "NULL"; $row["after"] = q($after); //! rgt AFTER lft, lft AFTER id doesn't work $row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"]) . " {$row['COLUMN_TYPE']}" . ($row["COLLATION_NAME"] ? " COLLATE {$row['COLLATION_NAME']}" : "") . ($default !== null ? " DEFAULT " . ($default == "CURRENT_TIMESTAMP" ? $default : $row["default"]) : "") . ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL") . ($row["EXTRA"] ? " {$row['EXTRA']}" : "") . ($row["COLUMN_COMMENT"] ? " COMMENT " . q($row["COLUMN_COMMENT"]) : "") . ($after ? " AFTER " . idf_escape($after) : " FIRST")); echo ", ADD {$row['alter']}"; $fields[] = $row; $after = $row["COLUMN_NAME"]; } echo "';\n\tDECLARE columns CURSOR FOR {$query};\n\tDECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;\n\tSET @alter_table = '';\n\tOPEN columns;\n\tREPEAT\n\t\tFETCH columns INTO _column_name, _column_default, _is_nullable, _collation_name, _column_type, _extra, _column_comment;\n\t\tIF NOT done THEN\n\t\t\tSET set_after = 1;\n\t\t\tCASE _column_name"; foreach ($fields as $row) { echo "\n\t\t\t\tWHEN " . q($row["COLUMN_NAME"]) . " THEN\n\t\t\t\t\tSET add_columns = REPLACE(add_columns, ', ADD {$row['alter']}', IF(\n\t\t\t\t\t\t_column_default <=> {$row['default']} AND _is_nullable = '{$row['IS_NULLABLE']}' AND _collation_name <=> " . (isset($row["COLLATION_NAME"]) ? "'{$row['COLLATION_NAME']}'" : "NULL") . " AND _column_type = " . q($row["COLUMN_TYPE"]) . " AND _extra = '{$row['EXTRA']}' AND _column_comment = " . q($row["COLUMN_COMMENT"]) . " AND after = {$row['after']}\n\t\t\t\t\t, '', ', MODIFY {$row['alter']}'));"; //! don't replace in comment } echo "\n\t\t\t\tELSE\n\t\t\t\t\tSET @alter_table = CONCAT(@alter_table, ', DROP ', '`', REPLACE(_column_name, '`', '``'), '`');\n\t\t\t\t\tSET set_after = 0;\n\t\t\tEND CASE;\n\t\t\tIF set_after THEN\n\t\t\t\tSET after = _column_name;\n\t\t\tEND IF;\n\t\tEND IF;\n\tUNTIL done END REPEAT;\n\tCLOSE columns;\n\tIF @alter_table != '' OR add_columns != '' THEN\n\t\tSET alter_command = CONCAT(alter_command, 'ALTER TABLE " . adminer_table($table) . "', SUBSTR(CONCAT(add_columns, @alter_table), 2), ';\\n');\n\tEND IF;\nEND;;\nDELIMITER ;\nCALL adminer_alter(@adminer_alter);\nDROP PROCEDURE adminer_alter;\n\n"; //! indexes } return true; } }
function sites_content(&$a) { $sites = array(); $r = q("SELECT `nurl` FROM `profile` WHERE 1"); if (count($r)) { foreach ($r as $rr) { $h = parse_url($rr['nurl']); $host = $h['host']; if ($h) { if (!isset($sites[$host])) { $sites[$host] = 0; } $sites[$host]++; } } } $total = 0; asort($sites); foreach ($sites as $k => $v) { $o .= $k . ' (' . $v . ')' . "<br />\r\n"; $total++; } $o .= "Total: {$total}<br />\r\n"; return $o; }
function bookmarks_init(&$a) { if (!local_user()) { return; } $item_id = intval($_REQUEST['item']); if (!$item_id) { return; } $u = $a->get_channel(); $i = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval(local_user())); if (!$i) { return; } $i = fetch_post_tags($i); $item = $i[0]; $terms = get_terms_oftype($item['term'], TERM_BOOKMARK); if ($terms && !$item['item_restrict']) { require_once 'include/bookmarks.php'; $s = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan'])); if (!$s) { logger('mod_bookmarks: author lookup failed.'); killme(); } foreach ($terms as $t) { bookmark_add($u, $s[0], $t, $item['item_private']); info(t('Bookmark added') . EOL); } } killme(); }
function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false) { global $a; $o = ''; // When used for private messages, we limit correspondence to mutual friends and the selector // to one recipient. By default our selector allows multiple selects amongst all contacts. if ($privmail) { $sql_extra = sprintf(" AND `rel` = %d ", intval(DIRECTION_BOTH)); $o .= "<select name=\"{$selname}\" class=\"{$selclass}\" size=\"{$size}\" />\r\n"; } else { $sql_extra = ''; $o .= "<select name=\"{$selname}[]\" class=\"{$selclass}\" multiple=\"multiple\" size=\"{$size}\" />\r\n"; } // ignore readonly contacts when operating in celebrity mode - // the selector HTML could grow quite large and affect a lot of pages if (x($a->config, 'rockstar')) { $sql_extra .= " AND `readonly` = 0 "; } $r = q("SELECT `id`, `name`, `url` FROM `contact` \n\t\tWHERE `self` = 0 AND `blocked` = 0 AND `pending` = 0 \n\t\t{$sql_extra} ORDER BY `name` ASC "); if (count($r)) { foreach ($r as $rr) { if (is_array($preselected) && in_array($rr['id'], $preselected)) { $selected = " selected=\"selected\" "; } else { $selected = ''; } $o .= "<option value=\"{$rr['id']}\" {$selected} title=\"{$rr['url']}\" >{$rr['name']}</option>\r\n"; } } $o .= "</select>\r\n"; return $o; }
public static function clear() { q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 30 days")), intval(CACHE_MONTH)); q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 7 days")), intval(CACHE_WEEK)); q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 1 days")), intval(CACHE_DAY)); q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 1 hours")), intval(CACHE_HOUR)); }
/** * @brief display list of available learning paths (if any) * @global type $id * @global type $course_id * @global type $tool_content * @global type $urlServer * @global type $langComments * @global type $langAddModulesButton * @global type $langChoice * @global type $langNoLearningPath * @global type $langLearningPaths * @global type $course_code */ function list_lps() { global $id, $course_id, $tool_content, $urlServer, $langComments, $langAddModulesButton, $langChoice, $langNoLearningPath, $langLearningPaths, $course_code; $result = Database::get()->queryArray("SELECT * FROM lp_learnPath WHERE course_id = ?d ORDER BY name", $course_id); $lpinfo = array(); foreach ($result as $row) { $lpinfo[] = array('id' => $row->learnPath_id, 'name' => $row->name, 'comment' => $row->comment, 'visible' => $row->visible, 'rank' => $row->rank); } if (count($lpinfo) == 0) { $tool_content .= "<div class='alert alert-warning'>{$langNoLearningPath}</div>"; } else { $tool_content .= "<form action='insert.php?course={$course_code}' method='post'>" . "<input type='hidden' name='id' value='{$id}'>" . "<table class='table-default'>" . "<tr>" . "<th><div align='left'> {$langLearningPaths}</div></th>" . "<th><div align='left'>{$langComments}</div></th>" . "<th width='80'>{$langChoice}</th>" . "</tr>"; foreach ($lpinfo as $entry) { if ($entry['visible'] == 0) { $vis = 'invisible'; } else { $vis = ''; } $tool_content .= "<tr class='{$vis}'>"; $tool_content .= "<td> " . icon('fa-ellipsis-h') . " <a href='{$urlServer}/modules/learnPath/learningPath.php?course={$course_code}&path_id={$entry['id']}'>" . q($entry['name']) . "</a></td>"; $tool_content .= "<td>" . q($entry['comment']) . "</td>"; $tool_content .= "<td class='text-center'><input type='checkbox' name='lp[]' value='{$entry['id']}'></td>"; $tool_content .= "</tr>"; } $tool_content .= "<tr>" . "<th colspan='3'><div align='right'>"; $tool_content .= "<input class='btn btn-primary' type='submit' name='submit_lp' value='{$langAddModulesButton}'></div></th>"; $tool_content .= "</tr></table></form>\n"; } }
function suggest_init(&$a) { if (!local_user()) { return; } if (x($_GET, 'ignore') && intval($_GET['ignore'])) { // Check if we should do HTML-based delete confirmation if ($_REQUEST['confirm']) { // <form> can't take arguments in its "action" parameter // so add any arguments as hidden inputs $query = explode_querystring($a->query_string); $inputs = array(); foreach ($query['args'] as $arg) { if (strpos($arg, 'confirm=') === false) { $arg_parts = explode('=', $arg); $inputs[] = array('name' => $arg_parts[0], 'value' => $arg_parts[1]); } } $a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array('$method' => 'get', '$message' => t('Do you really want to delete this suggestion?'), '$extra_inputs' => $inputs, '$confirm' => t('Yes'), '$confirm_url' => $query['base'], '$confirm_name' => 'confirmed', '$cancel' => t('Cancel'))); $a->error = 1; // Set $a->error so the other module functions don't execute return; } // Now check how the user responded to the confirmation query if (!$_REQUEST['canceled']) { q("INSERT INTO `gcign` ( `uid`, `gcid` ) VALUES ( %d, %d ) ", intval(local_user()), intval($_GET['ignore'])); } } }
function p_init(&$a) { if (argc() < 2) { http_status_exit(401); } $mid = str_replace('.xml', '', argv(1)); $r = q("select * from item where mid = '%s' and item_wall = 1 and item_private = 0 limit 1", dbesc($mid)); if (!$r || !perm_is_allowed($r[0]['uid'], '', 'view_stream')) { http_status_exit(404); } $c = q("select * from channel where channel_id = %d limit 1", intval($r[0]['uid'])); if (!$c) { http_status_exit(404); } $myaddr = $c[0]['channel_address'] . '@' . App::get_hostname(); $item = $r[0]; $title = $item['title']; $body = bb2diaspora_itembody($item); $created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C'); $tpl = get_markup_template('diaspora_post.tpl', 'addon/diaspora'); $msg = replace_macros($tpl, array('$body' => xmlify($body), '$guid' => $item['mid'], '$handle' => xmlify($myaddr), '$public' => 'true', '$created' => $created, '$provider' => $item['app'] ? $item['app'] : t('$projectname'))); header('Content-type: text/xml'); echo $msg; killme(); }
public static function get_sources($arr = array()) { global $config_q; /* if (isset($arr["current_page"])) { $limit_start = ($arr["current_page"]-1)*$config_q["quotes_on_page"]; $limit = "LIMIT ".(($arr["current_page"]-1)*$config_q["quotes_on_page"]).",".$config_q["quotes_on_page"]; } if (isset($arr["char"])) { $s_where = "WHERE author_lastname_".$config_q["locale"]." LIKE '".$arr["char"]."%' "; } */ if ($arr["has_alias"]) { $s_where = " WHERE url_friendly_name_" . $config_q["locale"] . " IS NOT NULL "; } if (strlen($s_where) > 0) { $s_where .= "\n\t\t\t\tAND\n\t\t\t\t\t" . $config_q["db"]["prefix"] . "sources.id = " . $config_q["db"]["prefix"] . "quotes.source_id\n\t\t\t\tAND\n\t\t\t\t\tactive = 1\n\t\t\t\tAND\n\t\t\t\t\tlang = '" . $config_q["locale"] . "' "; } else { $s_where .= "\n\t\t\t\tWHERE\n\t\t\t\t\t" . $config_q["db"]["prefix"] . "sources.id = " . $config_q["db"]["prefix"] . "quotes.source_id\n\t\t\t\tAND\n\t\t\t\t\tactive = 1\n\t\t\t\tAND\n\t\t\t\t\tlang = '" . $config_q["locale"] . "' "; } $a_out = array(); $q = "\n\t\t\tSELECT\n\t\t\t\tDISTINCT\n\t\t\t\tname_" . $config_q["locale"] . " AS name,\n\t\t\t\turl_friendly_name_" . $config_q["locale"] . " AS url_friendly_name\n\t\t\tFROM\n\t\t\t\t" . $config_q["db"]["prefix"] . "sources,\n\t\t\t\t" . $config_q["db"]["prefix"] . "quotes\n\t\t\t{$s_where}\n\t\t\torder by\n\t\t\t\tname_" . $config_q["locale"] . " asc\n\t\t\t{$limit};\n\t\t"; $r = q($q); $a_out = array(); while ($row = mysqli_fetch_array($r, MYSQL_ASSOC)) { $a_out[] = $row; } return $a_out; }
function xrd_init(&$a) { $uri = urldecode(notags(trim($_GET['uri']))); if (substr($uri, 0, 4) === 'http') { $name = basename($uri); } else { $local = str_replace('acct:', '', $uri); if (substr($local, 0, 2) == '//') { $local = substr($local, 2); } $name = substr($local, 0, strpos($local, '@')); } $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", dbesc($name)); if (!count($r)) { killme(); } $salmon_key = salmon_key($r[0]['spubkey']); header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); if (get_config('system', 'diaspora_enabled')) { //$tpl = file_get_contents('view/xrd_diaspora.tpl'); $tpl = get_markup_template('xrd_diaspora.tpl'); $dspr = replace_macros($tpl, array('$baseurl' => $a->get_baseurl(), '$dspr_guid' => $r[0]['guid'], '$dspr_key' => base64_encode(pemtorsa($r[0]['pubkey'])))); } else { $dspr = ''; } //$tpl = file_get_contents('view/xrd_person.tpl'); $tpl = get_markup_template('xrd_person.tpl'); $o = replace_macros($tpl, array('$nick' => $r[0]['nickname'], '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'], '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'], '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['nickname'], '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg', '$dspr' => $dspr, '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'], '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'] . '/mention', '$subscribe' => $a->get_baseurl() . '/follow?url={uri}', '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$bigkey' => salmon_key($r[0]['pubkey']))); $arr = array('user' => $r[0], 'xml' => $o); call_hooks('personal_xrd', $arr); echo $arr['xml']; killme(); }
function flag_post(&$a) { $id = $_POST['id']; $reason = $_POST['reason']; $type = 0; if ($reason === 'censor') { $type = 1; } elseif ($reason === 'dead') { $type = 2; } if (!$id || !$type) { // goaway($a->get_baseurl()); print_r($_POST); return; } $r = q("SELECT * FROM `flag` WHERE `pid` = %d LIMIT 1", intval($id)); if (!count($r)) { $r = q("INSERT INTO `flag` ( `pid`, `reason`, `total` ) VALUES ( %d , %d, 1 ) ", intval($id), intval($type)); $msg = "An entry ({$id}) has just been flagged for {$reason}."; mail('*****@*****.**', "Directory Flag action", $msg); } else { q("UPDATE `flag` SET `total` = %d WHERE `id` = %d LIMIT 1", intval($r[0]['total']) + 1, intval($r[0]['id'])); } notice("Entry has been flagged."); goaway($a->get_baseurl()); }
function starred_init(&$a) { $starred = 0; if (!local_user()) { killme(); } if ($a->argc > 1) { $message_id = intval($a->argv[1]); } if (!$message_id) { killme(); } $r = q("SELECT starred FROM item WHERE uid = %d AND id = %d LIMIT 1", intval(local_user()), intval($message_id)); if (!count($r)) { killme(); } if (!intval($r[0]['starred'])) { $starred = 1; } $r = q("UPDATE item SET starred = %d WHERE uid = %d and id = %d LIMIT 1", intval($starred), intval(local_user()), intval($message_id)); // See if we've been passed a return path to redirect to $return_path = x($_REQUEST, 'return') ? $_REQUEST['return'] : ''; if ($return_path) { $rand = '_=' . time(); if (strpos($return_path, '?')) { $rand = "&{$rand}"; } else { $rand = "?{$rand}"; } goaway($a->get_baseurl() . "/" . $return_path . $rand); } // the json doesn't really matter, it will either be 0 or 1 echo json_encode($starred); killme(); }