/**
* Constructor for the base resource class
*
* Constructor for the base resource class.
* If cmid is set create the cm, course, resource objects.
* and do some checks to make sure people can be here, and so on.
*
* @param cmid integer, the current course module id - not set for new resources
*/
function resource_base($cmid = 0)
{
global $CFG, $COURSE;
$this->navlinks = array();
if ($cmid) {
if (!($this->cm = get_coursemodule_from_id('resource', $cmid))) {
error("Course Module ID was incorrect");
}
if (!($this->course = get_record("course", "id", $this->cm->course))) {
error("Course is misconfigured");
}
if (!($this->resource = get_record("resource", "id", $this->cm->instance))) {
error("Resource ID was incorrect");
}
$this->strresource = get_string("modulename", "resource");
$this->strresources = get_string("modulenameplural", "resource");
if (!$this->cm->visible and !has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_MODULE, $this->cm->id))) {
$pagetitle = strip_tags($this->course->shortname . ': ' . $this->strresource);
$navigation = build_navigation($this->navlinks, $this->cm);
print_header($pagetitle, $this->course->fullname, $navigation, "", "", true, '', navmenu($this->course, $this->cm));
notice(get_string("activityiscurrentlyhidden"), "{$CFG->wwwroot}/course/view.php?id={$this->course->id}");
}
} else {
$this->course = $COURSE;
}
}
function allfriends_content(&$a)
{
$o = '';
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
if ($a->argc > 1) {
$cid = intval($a->argv[1]);
}
if (!$cid) {
return;
}
$c = q("select name, url, photo from contact where id = %d and uid = %d limit 1", intval($cid), intval(local_user()));
$a->page['aside'] .= '<div class="vcard">' . '<div class="fn label">' . $c[0]['name'] . '</div>' . '<div id="profile-photo-wrapper">' . '<a href="/contacts/' . $cid . '"><img class="photo" width="175" height="175"
src="' . $c[0]['photo'] . '" alt="' . $c[0]['name'] . '" /></div>' . '</div>';
if (!count($c)) {
return;
}
$o .= '<h2>' . sprintf(t('Friends of %s'), $c[0]['name']) . '</h2>';
$r = all_friends(local_user(), $cid);
if (!count($r)) {
$o .= t('No friends to display.');
return $o;
}
$tpl = get_markup_template('common_friends.tpl');
foreach ($r as $rr) {
$o .= replace_macros($tpl, array('$url' => $rr['url'], '$name' => $rr['name'], '$photo' => $rr['photo'], '$tags' => ''));
}
$o .= cleardiv();
// $o .= paginate($a);
return $o;
}
function post()
{
if (!local_channel()) {
return;
}
if ($_SESSION['delegate']) {
return;
}
if (!x($_POST, 'qxz_password') || !strlen(trim($_POST['qxz_password']))) {
return;
}
if (!x($_POST, 'verify') || !strlen(trim($_POST['verify']))) {
return;
}
if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
return;
}
$account = \App::get_account();
$account_id = get_account_id();
if (!account_verify_password($account['account_email'], $_POST['qxz_password'])) {
return;
}
if ($account['account_password_changed'] != NULL_DATE) {
$d1 = datetime_convert('UTC', 'UTC', 'now - 48 hours');
if ($account['account_password_changed'] > d1) {
notice(t('Account removals are not allowed within 48 hours of changing the account password.') . EOL);
return;
}
}
$global_remove = intval($_POST['global']);
account_remove($account_id, 1 - $global_remove);
}
function get()
{
if (argc() > 2 && argv(2) === 'add') {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional'))));
return $o;
}
if (argc() > 3 && argv(2) === 'edit') {
$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
if (!count($r)) {
notice(t('Application not found.'));
return;
}
$app = $r[0];
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['clname'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
return $o;
}
if (argc() > 3 && argv(2) === 'delete') {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
goaway(z_root() . "/settings/oauth/");
return;
}
$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel());
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => z_root(), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
return $o;
}
function repair_ostatus_content(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
$o = "<h2>" . t("Resubsribing to OStatus contacts") . "</h2>";
$uid = local_user();
$a = get_app();
$counter = intval($_REQUEST['counter']);
$r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE\n `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING));
if (!$r) {
return $o . t("Error");
}
$total = $r[0]["total"];
$r = q("SELECT `url` FROM `contact` WHERE\n `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)\n\t\tORDER BY `url`\n\t\tLIMIT %d, 1", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING), $counter++);
if (!$r) {
$o .= t("Done");
return $o;
}
$o .= "<p>" . $counter . "/" . $total . ": " . $r[0]["url"] . "</p>";
$o .= "<p>" . t("Keep this window open until done.") . "</p>";
$result = new_contact($uid, $r[0]["url"], true);
$a->page['htmlhead'] = '<meta http-equiv="refresh" content="1; URL=' . $a->get_baseurl() . '/repair_ostatus?counter=' . $counter . '">';
return $o;
}
public function call_success()
{
global $USER, $COURSE, $CFG;
if (empty($this->_xmlresponse)) {
if (is_siteadmin($USER->id)) {
notice(get_string('adminemptyxml', 'adobeconnect'), $CFG->wwwroot . '/admin/settings.php?section=modsettingadobeconnect');
} else {
notice(get_string('emptyxml', 'adobeconnect'), '', $COURSE);
}
}
$dom = new DomDocument();
$dom->loadXML($this->_xmlresponse);
$domnodelist = $dom->getElementsByTagName('status');
if ($domnodelist->item(0)->hasAttributes()) {
$domnode = $domnodelist->item(0)->attributes->getNamedItem('code');
if (!is_null($domnode)) {
if (0 == strcmp('ok', $domnode->nodeValue)) {
return true;
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
function notifications_content(&$a)
{
if (!local_user()) {
notice(t('Permission denied') . EOL);
goaway($a->get_baseurl());
}
$o = '';
if ($a->argc > 1 && $a->argv[1] == 'all') {
$sql_extra = '';
} else {
$sql_extra = " AND `ignore` = 0 ";
}
$tpl = file_get_contents('view/intros-top.tpl');
$o .= replace_macros($tpl, array('$hide_url' => strlen($sql_extra) ? 'notifications/all' : 'notifications', '$hide_text' => strlen($sql_extra) ? t('Show Ignored Requests') : t('Hide Ignored Requests')));
$r = q("SELECT `intro`.`id` AS `intro-id`, `intro`.*, `contact`.* \n\t\tFROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id`\n\t\tWHERE `intro`.`blocked` = 0 {$sql_extra} ");
if ($r !== false && count($r)) {
$tpl = file_get_contents("view/intros.tpl");
foreach ($r as $rr) {
$o .= replace_macros($tpl, array('$intro_id' => $rr['intro-id'], '$dfrn-id' => $rr['issued-id'], '$uid' => $_SESSION['uid'], '$contact-id' => $rr['contact-id'], '$photo' => x($rr, 'photo') ? $rr['photo'] : "images/default-profile.jpg", '$fullname' => $rr['name'], '$knowyou' => $rr['knowyou'] ? t('yes') : t('no'), '$url' => $rr['url'], '$note' => $rr['note']));
}
} else {
notice(t('No notifications.') . EOL);
}
return $o;
}
function lostpass_content(&$a)
{
if (x($_GET, 'verify')) {
$verify = $_GET['verify'];
$r = q("SELECT * FROM account WHERE account_reset = '%s' LIMIT 1", dbesc($verify));
if (!$r) {
notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL);
goaway(z_root());
return;
}
$aid = $r[0]['account_id'];
$email = $r[0]['account_email'];
$new_password = autoname(6) . mt_rand(100, 9999);
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $new_password);
$r = q("UPDATE account SET account_salt = '%s', account_password = '******', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d", dbesc($salt), dbesc($password_encoded), intval(ACCOUNT_UNVERIFIED), intval($aid));
if ($r) {
$tpl = get_markup_template('pwdreset.tpl');
$o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl()));
info("Your password has been reset." . EOL);
$email_tpl = get_intltext_template("passchanged_eml.tpl");
$message = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => sprintf(t('Site Member (%s)'), $email), '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid));
$subject = email_header_encode(sprintf(t('Your password has changed at %s'), get_config('system', 'sitename')), 'UTF-8');
$res = mail($email, $subject, $message, 'From: ' . 'Administrator@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
return $o;
}
} else {
$tpl = get_markup_template('lostpass.tpl');
$o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Email Address'), '$submit' => t('Reset')));
return $o;
}
}
function get()
{
$o = '';
if (!\App::$profile['profile_uid']) {
return;
}
$observer_hash = get_observer_hash();
if (!perm_is_allowed(\App::$profile['profile_uid'], $observer_hash, 'view_contacts')) {
notice(t('Permission denied.') . EOL);
return;
}
$o .= '<h2>' . t('Common connections') . '</h2>';
$t = count_common_friends(\App::$profile['profile_uid'], $observer_hash);
if (!$t) {
notice(t('No connections in common.') . EOL);
return $o;
}
$r = common_friends(\App::$profile['profile_uid'], $observer_hash);
if ($r) {
$tpl = get_markup_template('common_friends.tpl');
foreach ($r as $rr) {
$o .= replace_macros($tpl, array('$url' => $rr['xchan_url'], '$name' => $rr['xchan_name'], '$photo' => $rr['xchan_photo_m'], '$tags' => ''));
}
$o .= cleardiv();
}
return $o;
}
function viewsrc_content(&$a)
{
$o = '';
$sys = get_sys_channel();
$item_id = argc() > 1 ? intval(argv(1)) : 0;
$json = argc() > 2 && argv(2) === 'json' ? true : false;
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
}
if (!$item_id) {
App::$error = 404;
notice(t('Item not found.') . EOL);
}
$item_normal = item_normal();
if (local_channel() && $item_id) {
$r = q("select id, item_flags, item_obscured, body from item where uid in (%d , %d) and id = %d {$item_normal} limit 1", intval(local_channel()), intval($sys['channel_id']), intval($item_id));
if ($r) {
if (intval($r[0]['item_obscured'])) {
$r[0]['body'] = crypto_unencapsulate(json_decode($r[0]['body'], true), get_config('system', 'prvkey'));
}
$o = $json ? json_encode($r[0]['body']) : str_replace("\n", '<br />', $r[0]['body']);
}
}
if (is_ajax()) {
print '<div><i class="icon-pencil"> ' . t('Source of Item') . ' ' . $r[0]['id'] . '</i></div>';
echo $o;
killme();
}
return $o;
}
function post()
{
$using_api = false;
if (\App::$data['api_info'] && array_key_exists('media', $_FILES)) {
$using_api = true;
$user_info = \App::$data['api_info'];
$nick = $user_info['screen_name'];
$channel = get_channel_by_nick($user_info['screen_name']);
} elseif (argc() > 1) {
$channel = get_channel_by_nick(argv(1));
}
if (!$channel) {
killme();
}
$observer = \App::get_observer();
$def_album = get_pconfig($channel['channel_id'], 'system', 'photo_path');
$def_attach = get_pconfig($channel['channel_id'], 'system', 'attach_path');
$r = attach_store($channel, $observer ? $observer['xchan_hash'] : '', '', array('source' => 'editor', 'visible' => 0, 'album' => $def_album, 'directory' => $def_attach, 'allow_cid' => '<' . $channel['channel_hash'] . '>'));
if (!$r['success']) {
notice($r['message'] . EOL);
killme();
}
if (intval($r['data']['is_photo'])) {
$s = "\n\n" . $r['body'] . "\n\n";
} else {
$s = "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
}
if ($using_api) {
return $s;
}
echo $s;
killme();
}
function get()
{
if (!local_channel()) {
return login();
}
$content = '<h3>' . t('Configuration Editor') . '</h3>';
$content .= '<div class="descriptive-paragraph">' . t('Warning: Changing some settings could render your channel inoperable. Please leave this page unless you are comfortable with and knowledgeable about how to correctly use this feature.') . '</div>' . EOL . EOL;
if (argc() == 3) {
$content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL;
$content .= '<a href="pconfig/' . escape_tags(argv(1)) . '">pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . ']</a>' . EOL . EOL;
$content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . escape_tags(argv(2)) . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . escape_tags(argv(2)) . ']</a> = ' . get_pconfig(local_channel(), escape_tags(argv(1)), escape_tags(argv(2))) . EOL;
if (in_array(argv(2), $this->disallowed_pconfig())) {
notice(t('This setting requires special processing and editing has been blocked.') . EOL);
return $content;
} else {
$content .= $this->pconfig_form(escape_tags(argv(1)), escape_tags(argv(2)));
}
}
if (argc() == 2) {
$content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL;
load_pconfig(local_channel(), escape_tags(argv(1)));
foreach (\App::$config[local_channel()][escape_tags(argv(1))] as $k => $x) {
$content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . $k . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . $k . ']</a> = ' . escape_tags($x) . EOL;
}
}
if (argc() == 1) {
$r = q("select * from pconfig where uid = " . local_channel());
if ($r) {
foreach ($r as $rr) {
$content .= '<a href="' . 'pconfig/' . escape_tags($rr['cat']) . '/' . escape_tags($rr['k']) . '" >pconfig[' . local_channel() . '][' . escape_tags($rr['cat']) . '][' . escape_tags($rr['k']) . ']</a> = ' . escape_tags($rr['v']) . EOL;
}
}
}
return $content;
}
function follow_post(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
goaway($_SESSION['return_url']);
// NOTREACHED
}
if ($_REQUEST['cancel']) {
goaway($_SESSION['return_url']);
}
$uid = local_user();
$url = notags(trim($_REQUEST['url']));
$return_url = $_SESSION['return_url'];
// Makes the connection request for friendica contacts easier
// This is just a precaution if maybe this page is called somewhere directly via POST
$_SESSION["fastlane"] = $url;
$result = new_contact($uid, $url, true);
if ($result['success'] == false) {
if ($result['message']) {
notice($result['message']);
}
goaway($return_url);
} elseif ($result['cid']) {
goaway($a->get_baseurl() . '/contacts/' . $result['cid']);
}
info(t('Contact added') . EOL);
if (strstr($return_url, 'contacts')) {
goaway($a->get_baseurl() . '/contacts/' . $contact_id);
}
goaway($return_url);
// NOTREACHED
}
/** @file */
function group_add($uid, $name, $public = 0)
{
$ret = false;
if (x($uid) && x($name)) {
$r = group_byname($uid, $name);
// check for dups
if ($r !== false) {
// This could be a problem.
// Let's assume we've just created a group which we once deleted
// all the old members are gone, but the group remains so we don't break any security
// access lists. What we're doing here is reviving the dead group, but old content which
// was restricted to this group may now be seen by the new group members.
$z = q("SELECT * FROM `groups` WHERE `id` = %d LIMIT 1", intval($r));
if (count($z) && $z[0]['deleted']) {
$r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", intval($uid), dbesc($name));
notice(t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL);
}
return true;
}
do {
$dups = false;
$hash = random_string() . $name;
$r = q("SELECT id FROM `groups` WHERE hash = '%s' LIMIT 1", dbesc($hash));
if ($r) {
$dups = true;
}
} while ($dups == true);
$r = q("INSERT INTO `groups` ( hash, uid, visible, name )\n\t\t\tVALUES( '%s', %d, %d, '%s' ) ", dbesc($hash), intval($uid), intval($public), dbesc($name));
$ret = $r;
}
build_sync_packet($uid, null, true);
return $ret;
}
function lostpass_content(&$a)
{
if (x($_GET, 'verify')) {
$verify = $_GET['verify'];
$hash = hash('whirlpool', $verify);
$r = q("SELECT * FROM `user` WHERE `pwdreset` = '%s' LIMIT 1", dbesc($hash));
if (!count($r)) {
notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL);
goaway(z_root());
return;
}
$uid = $r[0]['uid'];
$username = $r[0]['username'];
$email = $r[0]['email'];
$new_password = autoname(6) . mt_rand(100, 9999);
$new_password_encoded = hash('whirlpool', $new_password);
$r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = '' WHERE `uid` = %d LIMIT 1", dbesc($new_password_encoded), intval($uid));
if ($r) {
$tpl = get_markup_template('pwdreset.tpl');
$o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl()));
info("Your password has been reset." . EOL);
$email_tpl = get_intltext_template("passchanged_eml.tpl");
$email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid));
$res = mail($email, "Your password has changed at {$a->config['sitename']}", $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
return $o;
}
} else {
$tpl = get_markup_template('lostpass.tpl');
$o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Nickname or Email: '), '$submit' => t('Reset')));
return $o;
}
}
function removeaccount_post(&$a)
{
if (!local_user()) {
return;
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
return;
}
if (!x($_POST, 'qxz_password') || !strlen(trim($_POST['qxz_password']))) {
return;
}
if (!x($_POST, 'verify') || !strlen(trim($_POST['verify']))) {
return;
}
if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
return;
}
$account = $a->get_account();
$account_id = get_account_id();
if (!account_verify_password($account['account_email'], $_POST['qxz_password'])) {
return;
}
if ($account['account_password_changed'] != NULL_DATE) {
$d1 = datetime_convert('UTC', 'UTC', 'now - 48 hours');
if ($account['account_password_changed'] > d1) {
notice(t('Account removals are not allowed within 48 hours of changing the account password.') . EOL);
return;
}
}
require_once 'include/Contact.php';
$global_remove = intval($_POST['global']);
account_remove($account_id, true);
}
function get()
{
$acc = \App::get_account();
if (!$acc || $acc['account_id'] != get_account_id()) {
notice(t('Permission denied.') . EOL);
return;
}
$default_role = '';
$aid = get_account_id();
if ($aid) {
$r = q("select count(channel_id) as total from channel where channel_account_id = %d", intval($aid));
if ($r && !intval($r[0]['total'])) {
$default_role = get_config('system', 'default_permissions_role');
}
$limit = account_service_class_fetch(get_account_id(), 'total_identities');
if ($r && $limit !== false) {
$channel_usage_message = sprintf(t("You have created %1\$.0f of %2\$.0f allowed channels."), $r[0]['total'], $limit);
} else {
$channel_usage_message = '';
}
}
$privacy_role = x($_REQUEST, 'permissions_role') ? $_REQUEST['permissions_role'] : "";
$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
if (get_account_techlevel() < 4 && $privacy_role !== 'custom') {
unset($perm_roles[t('Other')]);
}
$name = array('name', t('Name or caption'), x($_REQUEST, 'name') ? $_REQUEST['name'] : '', t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*");
$nickhub = '@' . \App::get_hostname();
$nickname = array('nickname', t('Choose a short nickname'), x($_REQUEST, 'nickname') ? $_REQUEST['nickname'] : '', sprintf(t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*");
$role = array('permissions_role', t('Channel role and privacy'), $privacy_role ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>', $perm_roles);
$o = replace_macros(get_markup_template('new_channel.tpl'), array('$title' => t('Create Channel'), '$desc' => t('A channel is your identity on this network. It can represent a person, a blog, or a forum to name a few. Channels can make connections with other channels to share information with highly detailed permissions.'), '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, '$default_role' => $default_role, '$nickname' => $nickname, '$submit' => t('Create'), '$channel_usage_message' => $channel_usage_message));
return $o;
}
function get()
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
$channel = \App::get_channel();
$app = null;
$embed = null;
if ($_REQUEST['appid']) {
$r = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($_REQUEST['appid']), dbesc(local_channel()));
if ($r) {
$app = $r[0];
$term = q("select * from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($r[0]['id']));
if ($term) {
$app['categories'] = '';
foreach ($term as $t) {
if ($app['categories']) {
$app['categories'] .= ',';
}
$app['categories'] .= $t['term'];
}
}
}
$embed = array('embed', t('Embed code'), app_encode($app, true), '', 'onclick="this.select();"');
}
return replace_macros(get_markup_template('app_create.tpl'), array('$banner' => $app ? t('Edit App') : t('Create App'), '$app' => $app, '$guid' => $app ? $app['app_id'] : '', '$author' => $app ? $app['app_author'] : $channel['channel_hash'], '$addr' => $app ? $app['app_addr'] : $channel['xchan_addr'], '$name' => array('name', t('Name of app'), $app ? $app['app_name'] : '', t('Required')), '$url' => array('url', t('Location (URL) of app'), $app ? $app['app_url'] : '', t('Required')), '$desc' => array('desc', t('Description'), $app ? $app['app_desc'] : '', ''), '$photo' => array('photo', t('Photo icon URL'), $app ? $app['app_photo'] : '', t('80 x 80 pixels - optional')), '$categories' => array('categories', t('Categories (optional, comma separated list)'), $app ? $app['categories'] : '', ''), '$version' => array('version', t('Version ID'), $app ? $app['app_version'] : '', ''), '$price' => array('price', t('Price of app'), $app ? $app['app_price'] : '', ''), '$page' => array('page', t('Location (URL) to purchase app'), $app ? $app['app_page'] : '', ''), '$system' => $app ? intval($app['app_system']) : 0, '$requires' => $app ? $app['app_requires'] : '', '$embed' => $embed, '$submit' => t('Submit')));
}
function flag_post(&$a)
{
$id = $_POST['id'];
$reason = $_POST['reason'];
$type = 0;
if ($reason === 'censor') {
$type = 1;
} elseif ($reason === 'dead') {
$type = 2;
}
if (!$id || !$type) {
// goaway($a->get_baseurl());
print_r($_POST);
return;
}
$r = q("SELECT * FROM `flag` WHERE `pid` = %d LIMIT 1", intval($id));
if (!count($r)) {
$r = q("INSERT INTO `flag` ( `pid`, `reason`, `total` ) VALUES ( %d , %d, 1 ) ", intval($id), intval($type));
$msg = "An entry ({$id}) has just been flagged for {$reason}.";
mail('*****@*****.**', "Directory Flag action", $msg);
} else {
q("UPDATE `flag` SET `total` = %d WHERE `id` = %d LIMIT 1", intval($r[0]['total']) + 1, intval($r[0]['id']));
}
notice("Entry has been flagged.");
goaway($a->get_baseurl());
}
function attach_init(&$a)
{
if ($a->argc != 2) {
notice(t('Item not available.') . EOL);
return;
}
$item_id = intval($a->argv[1]);
// Check for existence, which will also provide us the owner uid
$r = q("SELECT * FROM `attach` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($r)) {
notice(t('Item was not found.') . EOL);
return;
}
$sql_extra = permissions_sql($r[0]['uid']);
// Now we'll see if we can access the attachment
$r = q("SELECT * FROM `attach` WHERE `id` = '%d' {$sql_extra} LIMIT 1", dbesc($item_id));
if (!count($r)) {
notice(t('Permission denied.') . EOL);
return;
}
// Use quotes around the filename to prevent a "multiple Content-Disposition"
// error in Chrome for filenames with commas in them
header('Content-type: ' . $r[0]['filetype']);
header('Content-length: ' . $r[0]['filesize']);
if (isset($_GET['attachment']) && $_GET['attachment'] === '0') {
header('Content-disposition: filename="' . $r[0]['filename'] . '"');
} else {
header('Content-disposition: attachment; filename="' . $r[0]['filename'] . '"');
}
echo $r[0]['data'];
killme();
// NOTREACHED
}
function hubwall_post(&$a)
{
if (!is_site_admin()) {
return;
}
$text = trim($_REQUEST['text']);
if (!$text) {
return;
}
$sender_name = sprintf(t('$1%s Administrator'), \Zotlabs\Lib\System::get_site_name());
$sender_email = $_REQUEST['sender'];
$subject = $_REQUEST['subject'];
$textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "\n"), $text))), ENT_QUOTES, 'UTF-8'));
$htmlversion = bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "<br />\n"), $text)));
$sql_extra = intval($_REQUEST['test']) ? sprintf(" and account_email = '%s' ", get_config('system', 'admin_email')) : '';
$recips = q("select account_email from account where account_flags = %d {$sql_extra}", intval(ACCOUNT_OK));
if (!$recips) {
notice(t('No recipients found.') . EOL);
return;
}
$total_recips = count($recips);
$total_delivered = 0;
foreach ($recips as $recip) {
$x = \Zotlabs\Lib\Enotify::send(array('fromName' => $sender_name, 'fromEmail' => $sender_email, 'replyTo' => $sender_email, 'toEmail' => $recip['account_email'], 'messageSubject' => $subject, 'htmlVersion' => $htmlversion, 'textVersion' => $textversion));
if ($x) {
$total_delivered++;
}
}
info(sprintf(t('%1$d of %2$d messages sent.'), $total_delivered, $total_recips) . EOL);
}
function regmod_content(&$a)
{
global $lang;
$_SESSION['return_url'] = $a->cmd;
if (!local_user()) {
info(t('Please login.') . EOL);
$o .= '<br /><br />' . login($a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1);
return $o;
}
if (!is_site_admin() || x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
notice(t('Permission denied.') . EOL);
return '';
}
if ($a->argc != 3) {
killme();
}
$cmd = $a->argv[1];
$hash = $a->argv[2];
if ($cmd === 'deny') {
user_deny($hash);
goaway($a->get_baseurl() . "/admin/users/");
killme();
}
if ($cmd === 'allow') {
user_allow($hash);
goaway($a->get_baseurl() . "/admin/users/");
killme();
}
}
function bookmarks_content(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
require_once 'include/menu.php';
require_once 'include/conversation.php';
$channel = $a->get_channel();
$o = profile_tabs($a, true, $channel['channel_address']);
$o .= '<h3>' . t('My Bookmarks') . '</h3>';
$x = menu_list(local_user(), '', MENU_BOOKMARK);
if ($x) {
foreach ($x as $xx) {
$y = menu_fetch($xx['menu_name'], local_user(), get_observer_hash());
$o .= menu_render($y, '', true);
}
}
$o .= '<h3>' . t('My Connections Bookmarks') . '</h3>';
$x = menu_list(local_user(), '', MENU_SYSTEM | MENU_BOOKMARK);
if ($x) {
foreach ($x as $xx) {
$y = menu_fetch($xx['menu_name'], local_user(), get_observer_hash());
$o .= menu_render($y, '', true);
}
}
return $o;
}
function crepair_content(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$cid = $a->argc > 1 ? intval($a->argv[1]) : 0;
if ($cid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval(local_user()));
}
if (!count($r)) {
notice(t('Contact not found.') . EOL);
return;
}
$contact = $r[0];
$msg1 = t('Repair Contact Settings');
$msg2 = t('<strong>WARNING: This is highly advanced</strong> and if you enter incorrect information your communications with this contact may stop working.');
$msg3 = t('Please use your browser \'Back\' button <strong>now</strong> if you are uncertain what to do on this page.');
$o .= '<h2>' . $msg1 . '</h2>';
$o .= '<div class="error-message">' . $msg2 . EOL . EOL . $msg3 . '</div>';
$o .= EOL . '<a href="contacts/' . $cid . '">' . t('Return to contact editor') . '</a>' . EOL;
$tpl = get_markup_template('crepair.tpl');
$o .= replace_macros($tpl, array('$label_name' => t('Name'), '$label_nick' => t('Account Nickname'), '$label_attag' => t('@Tagname - overrides Name/Nickname'), '$label_url' => t('Account URL'), '$label_request' => t('Friend Request URL'), '$label_confirm' => t('Friend Confirm URL'), '$label_notify' => t('Notification Endpoint URL'), '$label_poll' => t('Poll/Feed URL'), '$label_photo' => t('New photo from this URL'), '$contact_name' => $contact['name'], '$contact_nick' => $contact['nick'], '$contact_id' => $contact['id'], '$contact_url' => $contact['url'], '$request' => $contact['request'], '$confirm' => $contact['confirm'], '$notify' => $contact['notify'], '$poll' => $contact['poll'], '$contact_attag' => $contact['attag'], '$lbl_submit' => t('Submit')));
return $o;
}
function suggest_content(&$a)
{
require_once "mod/proxy.php";
$o = '';
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$_SESSION['return_url'] = $a->get_baseurl() . '/' . $a->cmd;
$a->page['aside'] .= findpeople_widget();
$a->page['aside'] .= follow_widget();
$r = suggestion_query(local_user());
if (!count($r)) {
$o .= t('No suggestions available. If this is a new site, please try again in 24 hours.');
return $o;
}
require_once 'include/contact_selectors.php';
foreach ($r as $rr) {
$connlnk = $a->get_baseurl() . '/follow/?url=' . ($rr['connect'] ? $rr['connect'] : $rr['url']);
$ignlnk = $a->get_baseurl() . '/suggest?ignore=' . $rr['id'];
$photo_menu = array(array(t("View Profile"), zrl($rr["url"])));
$photo_menu[] = array(t("Connect/Follow"), $connlnk);
$photo_menu[] = array(t('Ignore/Hide'), $ignlnk);
$contact_details = get_contact_details_by_url($rr["url"], local_user());
$entry = array('url' => zrl($rr['url']), 'itemurl' => $contact_details['addr'] != "" ? $contact_details['addr'] : $rr['url'], 'img_hover' => $rr['url'], 'name' => $rr['name'], 'thumb' => proxy_url($rr['photo'], false, PROXY_SIZE_THUMB), 'details' => $contact_details['location'], 'tags' => $contact_details['keywords'], 'about' => $contact_details['about'], 'account_type' => $contact_details['community'] ? t('Forum') : '', 'ignlnk' => $ignlnk, 'ignid' => $rr['id'], 'conntxt' => t('Connect'), 'connlnk' => $connlnk, 'photo_menu' => $photo_menu, 'ignore' => t('Ignore/Hide'), 'network' => network_to_name($rr['network'], $rr['url']), 'id' => ++$id);
$entries[] = $entry;
}
$tpl = get_markup_template('viewcontact_template.tpl');
$o .= replace_macros($tpl, array('$title' => t('Friend Suggestions'), '$contacts' => $entries));
return $o;
}
function hcard_init(&$a)
{
if (argc() > 1) {
$which = argv(1);
} else {
notice(t('Requested profile is not available.') . EOL);
$a->error = 404;
return;
}
$profile = '';
$channel = $a->get_channel();
if (local_channel() && argc() > 2 && argv(2) === 'view') {
$which = $channel['channel_address'];
$profile = argv(1);
$r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel()));
if (!$r) {
$profile = '';
}
$profile = $r[0]['profile_guid'];
}
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n";
if (!$profile) {
$x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", dbesc(argv(1)));
if ($x) {
$a->profile = $x[0];
}
}
profile_load($a, $which, $profile);
}
function get()
{
require_once 'include/acl_selectors.php';
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
if (\App::$argc != 2) {
return;
}
$contact_id = intval(\App::$argv[1]);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval(local_channel()));
if (!count($r)) {
notice(t('Contact not found.') . EOL);
return;
}
$contact = $r[0];
$o = '<h3>' . t('Suggest Friends') . '</h3>';
$o .= '<div id="fsuggest-desc" >' . sprintf(t('Suggest a friend for %s'), $contact['name']) . '</div>';
$o .= '<form id="fsuggest-form" action="fsuggest/' . $contact_id . '" method="post" >';
// FIXME contact_selector deprecated, removed
// $o .= contact_selector('suggest','suggest-select', false,
// array('size' => 4, 'exclude' => $contact_id, 'networks' => 'DFRN_ONLY', 'single' => true));
$o .= '<div id="fsuggest-submit-wrapper"><input id="fsuggest-submit" type="submit" name="submit" value="' . t('Submit') . '" /></div>';
$o .= '</form>';
return $o;
}
function pdledit_content(&$a)
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
if (argc() > 1) {
$module = 'mod_' . argv(1) . '.pdl';
} else {
$o .= '<h1>' . t('Edit System Page Description') . '</h1>';
$files = glob('mod/*');
if ($files) {
foreach ($files as $f) {
$name = basename($f, '.php');
$x = theme_include('mod_' . $name . '.pdl');
if ($x) {
$o .= '<a href="pdledit/' . $name . '" >' . $name . '</a><br />';
}
}
}
// list module pdl files
return $o;
}
$t = get_pconfig(local_channel(), 'system', $module);
if (!$t) {
$t = file_get_contents(theme_include($module));
}
if (!$t) {
notice(t('Layout not found.') . EOL);
return '';
}
$o = replace_macros(get_markup_template('pdledit.tpl'), array('$header' => t('Edit System Page Description'), '$mname' => t('Module Name:'), '$help' => t('Layout Help'), '$module' => argv(1), '$content' => htmlspecialchars($t, ENT_COMPAT, 'UTF-8'), '$submit' => t('Submit')));
return $o;
}
function build_editform($item, $feedback, $cm)
{
global $DB;
$editurl = new moodle_url('/mod/feedback/edit.php', array('id' => $cm->id));
//ther are no settings for recaptcha
if (isset($item->id) and $item->id > 0) {
notice(get_string('there_are_no_settings_for_recaptcha', 'feedback'), $editurl->out());
exit;
}
//only one recaptcha can be in a feedback
if ($DB->record_exists('feedback_item', array('feedback' => $feedback->id, 'typ' => $this->type))) {
notice(get_string('only_one_captcha_allowed', 'feedback'), $editurl->out());
exit;
}
$this->item = $item;
$this->feedback = $feedback;
$this->item_form = true;
//dummy
$lastposition = $DB->count_records('feedback_item', array('feedback' => $feedback->id));
$this->item->feedback = $feedback->id;
$this->item->template = 0;
$this->item->name = get_string('captcha', 'feedback');
$this->item->label = get_string('captcha', 'feedback');
$this->item->presentation = '';
$this->item->typ = $this->type;
$this->item->hasvalue = $this->get_hasvalue();
$this->item->position = $lastposition + 1;
$this->item->required = 1;
$this->item->dependitem = 0;
$this->item->dependvalue = '';
$this->item->options = '';
}
function merge_platforms($platform_to_merge, $destination_platform)
{
global $db;
$db->begin_transaction();
// First, move all test runs to the test configurations in the destination for all test configurations that
// exist in both the original platform and the platform into which we're merging.
if (!$db->query_and_get_affected_rows('UPDATE test_runs SET run_config = destination.config_id
FROM test_configurations as merged, test_configurations as destination
WHERE merged.config_platform = $1 AND destination.config_platform = $2
AND run_config = merged.config_id
AND destination.config_type = merged.config_type
AND destination.config_metric = merged.config_metric', array($platform_to_merge, $destination_platform))) {
$db->rollback_transaction();
return notice("Failed to migrate test runs for {$platform_to_merge} that have test configurations in {$destination_platform}.");
}
// Then migrate test configurations that don't exist in the destination platform to the new platform
// so that test runs associated with those configurations are moved to the destination.
if ($db->query_and_get_affected_rows('UPDATE test_configurations SET config_platform = $2
WHERE config_platform = $1 AND config_metric NOT IN (SELECT config_metric FROM test_configurations WHERE config_platform = $2)', array($platform_to_merge, $destination_platform)) === FALSE) {
$db->rollback_transaction();
return notice("Failed to migrate test configurations for {$platform_to_merge}.");
}
if ($db->query_and_fetch_all('SELECT * FROM test_runs, test_configurations WHERE run_config = config_id AND config_platform = $1', array($platform_to_merge))) {
// We should never reach here.
$db->rollback_transaction();
return notice('Failed to migrate all test runs.');
}
$db->query_and_get_affected_rows('DELETE FROM platforms WHERE platform_id = $1', array($platform_to_merge));
$db->commit_transaction();
}
