Example #1
0
 function get()
 {
     if (!local_channel()) {
         return;
     }
     $postid = $_REQUEST['postid'];
     if (!$postid) {
         return;
     }
     $emoji = $_REQUEST['emoji'];
     if ($_REQUEST['emoji']) {
         $i = q("select * from item where id = %d and uid = %d", intval($postid), intval(local_channel()));
         if (!$i) {
             return;
         }
         $channel = \App::get_channel();
         $n = array();
         $n['aid'] = $channel['channel_account_id'];
         $n['uid'] = $channel['channel_id'];
         $n['item_origin'] = true;
         $n['parent'] = $postid;
         $n['parent_mid'] = $i[0]['mid'];
         $n['mid'] = item_message_id();
         $n['verb'] = ACTIVITY_REACT . '#' . $emoji;
         $n['body'] = "\n\n[zmg=32x32]" . z_root() . '/images/emoji/' . $emoji . '.png[/zmg]' . "\n\n";
         $n['author_xchan'] = $channel['channel_hash'];
         $x = item_store($n);
         if ($x['success']) {
             $nid = $x['item_id'];
             \Zotlabs\Daemon\Master::Summon(array('Notifier', 'like', $nid));
         }
     }
 }
Example #2
0
 function init()
 {
     if (!local_channel()) {
         return;
     }
     $uid = local_channel();
     $url = notags(trim($_REQUEST['url']));
     $return_url = $_SESSION['return_url'];
     $confirm = intval($_REQUEST['confirm']);
     $channel = \App::get_channel();
     // Warning: Do not edit the following line. The first symbol is UTF-8 @
     $url = str_replace('@', '@', $url);
     $result = new_contact($uid, $url, $channel, true, $confirm);
     if ($result['success'] == false) {
         if ($result['message']) {
             notice($result['message']);
         }
         goaway($return_url);
     }
     info(t('Channel added.') . EOL);
     $clone = array();
     foreach ($result['abook'] as $k => $v) {
         if (strpos($k, 'abook_') === 0) {
             $clone[$k] = $v;
         }
     }
     unset($clone['abook_id']);
     unset($clone['abook_account']);
     unset($clone['abook_channel']);
     $abconfig = load_abconfig($channel['channel_id'], $clone['abook_xchan']);
     if ($abconfig) {
         $clone['abconfig'] = $abconfig;
     }
     build_sync_packet(0, array('abook' => array($clone)), true);
     $can_view_stream = intval(get_abconfig($channel['channel_id'], $clone['abook_xchan'], 'their_perms', 'view_stream'));
     // If we can view their stream, pull in some posts
     if ($can_view_stream || $result['abook']['xchan_network'] === 'rss') {
         \Zotlabs\Daemon\Master::Summon(array('Onepoll', $result['abook']['abook_id']));
     }
     goaway(z_root() . '/connedit/' . $result['abook']['abook_id'] . '?f=&follow=1');
 }
Example #3
0
 function post()
 {
     if (!local_channel()) {
         return;
     }
     $channel = \App::get_channel();
     $target = trim($_REQUEST['target']);
     if (!$target) {
         return;
     }
     if ($target === $channel['channel_hash']) {
         return;
     }
     $rating = intval($_POST['rating']);
     if ($rating < -10) {
         $rating = -10;
     }
     if ($rating > 10) {
         $rating = 10;
     }
     $rating_text = trim(escape_tags($_REQUEST['rating_text']));
     $signed = $target . '.' . $rating . '.' . $rating_text;
     $sig = base64url_encode(rsa_sign($signed, $channel['channel_prvkey']));
     $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($target));
     if ($z) {
         $record = $z[0]['xlink_id'];
         $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'\n\t\t\t\twhere xlink_id = %d", intval($rating), dbesc($rating_text), dbesc($sig), dbesc(datetime_convert()), intval($record));
     } else {
         $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", dbesc($channel['channel_hash']), dbesc($target), intval($rating), dbesc($rating_text), dbesc($sig), dbesc(datetime_convert()));
         $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']));
         if ($z) {
             $record = $z[0]['xlink_id'];
         }
     }
     if ($record) {
         \Zotlabs\Daemon\Master::Summon(array('Ratenotif', 'rating', $record));
     }
     json_return_and_die(array('result' => true));
 }
Example #4
0
 private function set($opts = array())
 {
     if ($opts) {
         foreach ($opts as $k => $v) {
             switch ($k) {
                 case 'http_auth':
                     $this->auth = $v;
                     break;
                 case 'magicauth':
                     // currently experimental
                     $this->magicauth = $v;
                     \Zotlabs\Daemon\Master::Summon(['CurlAuth', $v]);
                     break;
                 case 'custom':
                     $this->request_method = $v;
                     break;
                 case 'url':
                     $this->url = $v;
                     break;
                 case 'data':
                     $this->set_data($v);
                     if ($v) {
                         $this->upload = true;
                     } else {
                         $this->upload = false;
                     }
                     break;
                 case 'headers':
                     $this->headers = $v;
                     break;
                 default:
                     $this->curlopts[$k] = $v;
                     break;
             }
         }
     }
 }
Example #5
0
 function post()
 {
     if (!array_key_exists('channel', \App::$data)) {
         return;
     }
     $edit = local_channel() && local_channel() == \App::$data['channel']['channel_id'] ? true : false;
     if ($edit) {
         $has_premium = \App::$data['channel']['channel_pageflags'] & PAGE_PREMIUM ? 1 : 0;
         $premium = $_POST['premium'] ? intval($_POST['premium']) : 0;
         $text = escape_tags($_POST['text']);
         if ($has_premium != $premium) {
             $r = q("update channel set channel_pageflags = ( channel_pageflags %s %d ) where channel_id = %d", db_getfunc('^'), intval(PAGE_PREMIUM), intval(local_channel()));
             \Zotlabs\Daemon\Master::Summon(array('Notifier', 'refresh_all', \App::$data['channel']['channel_id']));
         }
         set_pconfig(\App::$data['channel']['channel_id'], 'system', 'selltext', $text);
         // reload the page completely to get fresh data
         goaway(z_root() . '/' . \App::$query_string);
     }
     $url = '';
     $observer = \App::get_observer();
     if ($observer && $_POST['submit'] === t('Continue')) {
         if ($observer['xchan_follow']) {
             $url = sprintf($observer['xchan_follow'], urlencode(channel_reddress(\App::$data['channel'])));
         }
         if (!$url) {
             $r = q("select * from hubloc where hubloc_hash = '%s' order by hubloc_id desc limit 1", dbesc($observer['xchan_hash']));
             if ($r) {
                 $url = $r[0]['hubloc_url'] . '/follow?f=&url=' . urlencode(channel_reddress(\App::$data['channel']));
             }
         }
     }
     if ($url) {
         goaway($url . '&confirm=1');
     } else {
         notice('Unable to connect to your home hub location.');
     }
 }
Example #6
0
 function get()
 {
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $channel = \App::get_channel();
     if ($_REQUEST['sync']) {
         \Zotlabs\Daemon\Master::Summon(array('Notifier', 'location', $channel['channel_id']));
         info(t('Syncing locations') . EOL);
         goaway(z_root() . '/locs');
     }
     $r = q("select * from hubloc where hubloc_hash = '%s'", dbesc($channel['channel_hash']));
     if (!$r) {
         notice(t('No locations found.') . EOL);
         return;
     }
     for ($x = 0; $x < count($r); $x++) {
         $r[$x]['primary'] = intval($r[$x]['hubloc_primary']) ? true : false;
         $r[$x]['deleted'] = intval($r[$x]['hubloc_deleted']) ? true : false;
     }
     $o = replace_macros(get_markup_template('locmanage.tpl'), array('$header' => t('Manage Channel Locations'), '$loc' => t('Location'), '$addr' => t('Address'), '$mkprm' => t('Primary'), '$drop' => t('Drop'), '$submit' => t('Submit'), '$sync' => t('Sync Now'), '$sync_text' => t('Please wait several minutes between consecutive operations.'), '$drop_text' => t('When possible, drop a location by logging into that website/hub and removing your channel.'), '$last_resort' => t('Use this form to drop the location if the hub is no longer operating.'), '$hubs' => $r));
     return $o;
 }
Example #7
0
 function get()
 {
     $o = '';
     $observer = \App::get_observer();
     $interactive = $_REQUEST['interactive'];
     if ($interactive) {
         $o .= '<h1>' . t('Like/Dislike') . '</h1>';
         $o .= EOL . EOL;
         if (!$observer) {
             $_SESSION['return_url'] = \App::$query_string;
             $o .= t('This action is restricted to members.') . EOL;
             $o .= t('Please <a href="rmagic">login with your $Projectname ID</a> or <a href="register">register as a new $Projectname member</a> to continue.') . EOL;
             return $o;
         }
     }
     $verb = notags(trim($_GET['verb']));
     if (!$verb) {
         $verb = 'like';
     }
     switch ($verb) {
         case 'like':
         case 'unlike':
             $activity = ACTIVITY_LIKE;
             break;
         case 'dislike':
         case 'undislike':
             $activity = ACTIVITY_DISLIKE;
             break;
         case 'agree':
         case 'unagree':
             $activity = ACTIVITY_AGREE;
             break;
         case 'disagree':
         case 'undisagree':
             $activity = ACTIVITY_DISAGREE;
             break;
         case 'abstain':
         case 'unabstain':
             $activity = ACTIVITY_ABSTAIN;
             break;
         case 'attendyes':
         case 'unattendyes':
             $activity = ACTIVITY_ATTEND;
             break;
         case 'attendno':
         case 'unattendno':
             $activity = ACTIVITY_ATTENDNO;
             break;
         case 'attendmaybe':
         case 'unattendmaybe':
             $activity = ACTIVITY_ATTENDMAYBE;
             break;
         default:
             return;
             break;
     }
     $extended_like = false;
     $object = $target = null;
     $post_type = '';
     $objtype = '';
     if (argc() == 3) {
         if (!$observer) {
             killme();
         }
         $extended_like = true;
         $obj_type = argv(1);
         $obj_id = argv(2);
         $public = true;
         if ($obj_type == 'profile') {
             $r = q("select * from profile where profile_guid = '%s' limit 1", dbesc(argv(2)));
             if (!$r) {
                 killme();
             }
             $owner_uid = $r[0]['uid'];
             if ($r[0]['is_default']) {
                 $public = true;
             }
             if (!$public) {
                 $d = q("select abook_xchan from abook where abook_profile = '%s' and abook_channel = %d", dbesc($r[0]['profile_guid']), intval($owner_uid));
                 if (!$d) {
                     // forgery - illegal
                     if ($interactive) {
                         notice(t('Invalid request.') . EOL);
                         return $o;
                     }
                     killme();
                 }
                 // $d now contains a list of those who can see this profile - only send the status notification
                 // to them.
                 $allow_cid = $allow_gid = $deny_cid = $deny_gid = '';
                 foreach ($d as $dd) {
                     $allow_cid .= '<' . $dd['abook_xchan'] . '>';
                 }
             }
             $post_type = t('channel');
             $objtype = ACTIVITY_OBJ_PROFILE;
             $profile = $r[0];
         } elseif ($obj_type == 'thing') {
             $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc(argv(2)));
             if (!$r) {
                 if ($interactive) {
                     notice(t('Invalid request.') . EOL);
                     return $o;
                 }
                 killme();
             }
             $owner_uid = $r[0]['obj_channel'];
             $allow_cid = $r[0]['allow_cid'];
             $allow_gid = $r[0]['allow_gid'];
             $deny_cid = $r[0]['deny_cid'];
             $deny_gid = $r[0]['deny_gid'];
             if ($allow_cid || $allow_gid || $deny_cid || $deny_gid) {
                 $public = false;
             }
             $post_type = t('thing');
             $objtype = ACTIVITY_OBJ_PROFILE;
             $tgttype = ACTIVITY_OBJ_THING;
             $links = array();
             $links[] = array('rel' => 'alternate', 'type' => 'text/html', 'href' => z_root() . '/thing/' . $r[0]['obj_obj']);
             if ($r[0]['imgurl']) {
                 $links[] = array('rel' => 'photo', 'href' => $r[0]['obj_imgurl']);
             }
             $target = json_encode(array('type' => $tgttype, 'title' => $r[0]['obj_term'], 'id' => z_root() . '/thing/' . $r[0]['obj_obj'], 'link' => $links));
             $plink = '[zrl=' . z_root() . '/thing/' . $r[0]['obj_obj'] . ']' . $r[0]['obj_term'] . '[/zrl]';
         }
         if (!($owner_uid && $r)) {
             if ($interactive) {
                 notice(t('Invalid request.') . EOL);
                 return $o;
             }
             killme();
         }
         // The resultant activity is going to be a wall-to-wall post, so make sure this is allowed
         $perms = get_all_perms($owner_uid, $observer['xchan_hash']);
         if (!($perms['post_like'] && $perms['view_profile'])) {
             if ($interactive) {
                 notice(t('Permission denied.') . EOL);
                 return $o;
             }
             killme();
         }
         $ch = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($owner_uid));
         if (!$ch) {
             if ($interactive) {
                 notice(t('Channel unavailable.') . EOL);
                 return $o;
             }
             killme();
         }
         if (!$plink) {
             $plink = '[zrl=' . z_root() . '/profile/' . $ch[0]['channel_address'] . ']' . $post_type . '[/zrl]';
         }
         $links = array();
         $links[] = array('rel' => 'alternate', 'type' => 'text/html', 'href' => z_root() . '/profile/' . $ch[0]['channel_address']);
         $links[] = array('rel' => 'photo', 'type' => $ch[0]['xchan_photo_mimetype'], 'href' => $ch[0]['xchan_photo_l']);
         $object = json_encode(array('type' => ACTIVITY_OBJ_PROFILE, 'title' => $ch[0]['channel_name'], 'id' => $ch[0]['xchan_url'] . '/' . $ch[0]['xchan_hash'], 'link' => $links));
         // second like of the same thing is "undo" for the first like
         $z = q("select * from likes where channel_id = %d and liker = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' limit 1", intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), dbesc($activity), dbesc($tgttype ? $tgttype : $objtype), dbesc($obj_id));
         if ($z) {
             $z[0]['deleted'] = 1;
             build_sync_packet($ch[0]['channel_id'], array('likes' => $z));
             q("delete from likes where id = %d limit 1", intval($z[0]['id']));
             if ($z[0]['i_mid']) {
                 $r = q("select id from item where mid = '%s' and uid = %d limit 1", dbesc($z[0]['i_mid']), intval($ch[0]['channel_id']));
                 if ($r) {
                     drop_item($r[0]['id'], false);
                 }
                 if ($interactive) {
                     notice(t('Previous action reversed.') . EOL);
                     return $o;
                 }
             }
             killme();
         }
     } else {
         // this is used to like an item or comment
         $item_id = argc() == 2 ? notags(trim(argv(1))) : 0;
         logger('like: verb ' . $verb . ' item ' . $item_id, LOGGER_DEBUG);
         // get the item. Allow linked photos (which are normally hidden) to be liked
         $r = q("SELECT * FROM item WHERE id = %d \n\t\t\t\tand item_type = 0 and item_deleted = 0 and item_unpublished = 0 \n\t\t\t\tand item_delayed = 0 and item_pending_remove = 0 and item_blocked = 0 LIMIT 1", intval($item_id));
         if (!$item_id || !$r) {
             logger('like: no item ' . $item_id);
             killme();
         }
         $item = $r[0];
         $owner_uid = $item['uid'];
         $owner_aid = $item['aid'];
         $sys = get_sys_channel();
         // if this is a "discover" item, (item['uid'] is the sys channel),
         // fallback to the item comment policy, which should've been
         // respected when generating the conversation thread.
         // Even if the activity is rejected by the item owner, it should still get attached
         // to the local discover conversation on this site.
         if ($owner_uid != $sys['channel_id'] && !perm_is_allowed($owner_uid, $observer['xchan_hash'], 'post_comments')) {
             notice(t('Permission denied') . EOL);
             killme();
         }
         $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['owner_xchan']));
         if ($r) {
             $thread_owner = $r[0];
         } else {
             killme();
         }
         $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']));
         if ($r) {
             $item_author = $r[0];
         } else {
             killme();
         }
         $verbs = " '" . dbesc($activity) . "' ";
         $multi_undo = false;
         // event participation and consensus items are essentially radio toggles. If you make a subsequent choice,
         // we need to eradicate your first choice.
         if ($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) {
             $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' ";
             $multi_undo = 1;
         }
         if ($activity === ACTIVITY_AGREE || $activity === ACTIVITY_DISAGREE || $activity === ACTIVITY_ABSTAIN) {
             $verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' ";
             $multi_undo = true;
         }
         $item_normal = item_normal();
         $r = q("SELECT id, parent, uid, verb FROM item WHERE verb in ( {$verbs} ) {$item_normal}\n\t\t\t\tAND author_xchan = '%s' AND thr_parent = '%s' and uid = %d ", dbesc($observer['xchan_hash']), dbesc($item['mid']), intval($owner_uid));
         if ($r) {
             // already liked it. Drop that item.
             require_once 'include/items.php';
             foreach ($r as $rr) {
                 drop_item($rr['id'], false, DROPITEM_PHASE1);
                 // set the changed timestamp on the parent so we'll see the update without a page reload
                 $z = q("update item set changed = '%s' where id = %d and uid = %d", dbesc(datetime_convert()), intval($rr['parent']), intval($rr['uid']));
                 // Prior activity was a duplicate of the one we're submitting, just undo it;
                 // don't fall through and create another
                 if (activity_match($rr['verb'], $activity)) {
                     $multi_undo = false;
                 }
                 // drop_item was not done interactively, so we need to invoke the notifier
                 // in order to push the changes to connections
                 \Zotlabs\Daemon\Master::Summon(array('Notifier', 'drop', $rr['id']));
             }
             if ($interactive) {
                 return;
             }
             if (!$multi_undo) {
                 killme();
             }
         }
     }
     $mid = item_message_id();
     $arr = array();
     if ($extended_like) {
         $arr['item_thread_top'] = 1;
         $arr['item_origin'] = 1;
         $arr['item_wall'] = 1;
     } else {
         $post_type = $item['resource_type'] === 'photo' ? t('photo') : t('status');
         if ($item['obj_type'] === ACTIVITY_OBJ_EVENT) {
             $post_type = t('event');
         }
         $links = array(array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item['plink']));
         $objtype = $item['resource_type'] === 'photo' ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE;
         $body = $item['body'];
         $object = json_encode(array('type' => $objtype, 'id' => $item['mid'], 'parent' => $item['thr_parent'] ? $item['thr_parent'] : $item['parent_mid'], 'link' => $links, 'title' => $item['title'], 'content' => $item['body'], 'created' => $item['created'], 'edited' => $item['edited'], 'author' => array('name' => $item_author['xchan_name'], 'address' => $item_author['xchan_addr'], 'guid' => $item_author['xchan_guid'], 'guid_sig' => $item_author['xchan_guid_sig'], 'link' => array(array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item_author['xchan_url']), array('rel' => 'photo', 'type' => $item_author['xchan_photo_mimetype'], 'href' => $item_author['xchan_photo_m'])))));
         if (!intval($item['item_thread_top'])) {
             $post_type = 'comment';
         }
         $arr['item_origin'] = 1;
         $arr['item_notshown'] = 1;
         if (intval($item['item_wall'])) {
             $arr['item_wall'] = 1;
         }
         // if this was a linked photo and was hidden, unhide it.
         if (intval($item['item_hidden'])) {
             $r = q("update item set item_hidden = 0 where id = %d", intval($item['id']));
         }
     }
     if ($verb === 'like') {
         $bodyverb = t('%1$s likes %2$s\'s %3$s');
     }
     if ($verb === 'dislike') {
         $bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
     }
     if ($verb === 'agree') {
         $bodyverb = t('%1$s agrees with %2$s\'s %3$s');
     }
     if ($verb === 'disagree') {
         $bodyverb = t('%1$s doesn\'t agree with %2$s\'s %3$s');
     }
     if ($verb === 'abstain') {
         $bodyverb = t('%1$s abstains from a decision on %2$s\'s %3$s');
     }
     if ($verb === 'attendyes') {
         $bodyverb = t('%1$s is attending %2$s\'s %3$s');
     }
     if ($verb === 'attendno') {
         $bodyverb = t('%1$s is not attending %2$s\'s %3$s');
     }
     if ($verb === 'attendmaybe') {
         $bodyverb = t('%1$s may attend %2$s\'s %3$s');
     }
     if (!isset($bodyverb)) {
         killme();
     }
     if ($extended_like) {
         $ulink = '[zrl=' . $ch[0]['xchan_url'] . ']' . $ch[0]['xchan_name'] . '[/zrl]';
         $alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]';
         $private = $public ? 0 : 1;
     } else {
         $arr['parent'] = $item['id'];
         $arr['thr_parent'] = $item['mid'];
         $ulink = '[zrl=' . $item_author['xchan_url'] . ']' . $item_author['xchan_name'] . '[/zrl]';
         $alink = '[zrl=' . $observer['xchan_url'] . ']' . $observer['xchan_name'] . '[/zrl]';
         $plink = '[zrl=' . z_root() . '/display/' . $item['mid'] . ']' . $post_type . '[/zrl]';
         $allow_cid = $item['allow_cid'];
         $allow_gid = $item['allow_gid'];
         $deny_cid = $item['deny_cid'];
         $deny_gid = $item['deny_gid'];
         $private = $item['private'];
     }
     $arr['mid'] = $mid;
     $arr['aid'] = $extended_like ? $ch[0]['channel_account_id'] : $owner_aid;
     $arr['uid'] = $owner_uid;
     $arr['item_flags'] = $item_flags;
     $arr['item_wall'] = $item_wall;
     $arr['parent_mid'] = $extended_like ? $mid : $item['mid'];
     $arr['owner_xchan'] = $extended_like ? $ch[0]['xchan_hash'] : $thread_owner['xchan_hash'];
     $arr['author_xchan'] = $observer['xchan_hash'];
     $arr['body'] = sprintf($bodyverb, $alink, $ulink, $plink);
     if ($obj_type === 'thing' && $r[0]['imgurl']) {
         $arr['body'] .= "\n\n[zmg=80x80]" . $r[0]['imgurl'] . '[/zmg]';
     }
     if ($obj_type === 'profile') {
         if ($public) {
             $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]';
         } else {
             $arr['body'] .= "\n\n[zmg=80x80]" . $profile['thumb'] . '[/zmg]';
         }
     }
     $arr['verb'] = $activity;
     $arr['obj_type'] = $objtype;
     $arr['obj'] = $object;
     if ($target) {
         $arr['tgt_type'] = $tgttype;
         $arr['target'] = $target;
     }
     $arr['allow_cid'] = $allow_cid;
     $arr['allow_gid'] = $allow_gid;
     $arr['deny_cid'] = $deny_cid;
     $arr['deny_gid'] = $deny_gid;
     $arr['item_private'] = $private;
     $post = item_store($arr);
     $post_id = $post['item_id'];
     $arr['id'] = $post_id;
     call_hooks('post_local_end', $arr);
     if ($extended_like) {
         $r = q("insert into likes (channel_id,liker,likee,iid,i_mid,verb,target_type,target_id,target) values (%d,'%s','%s',%d,'%s','%s','%s','%s','%s')", intval($ch[0]['channel_id']), dbesc($observer['xchan_hash']), dbesc($ch[0]['channel_hash']), intval($post_id), dbesc($mid), dbesc($activity), dbesc($tgttype ? $tgttype : $objtype), dbesc($obj_id), dbesc($target ? $target : $object));
         $r = q("select * from likes where liker = '%s' and likee = '%s' and i_mid = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' ", dbesc($observer['xchan_hash']), dbesc($ch[0]['channel_hash']), dbesc($mid), dbesc($activity), dbesc($tgttype ? $tgttype : $objtype), dbesc($obj_id));
         if ($r) {
             build_sync_packet($ch[0]['channel_id'], array('likes' => $r));
         }
     }
     \Zotlabs\Daemon\Master::Summon(array('Notifier', 'like', $post_id));
     if ($interactive) {
         notice(t('Action completed.') . EOL);
         $o .= t('Thank you.');
         return $o;
     }
     killme();
 }
Example #8
0
 function post()
 {
     $channel = \App::get_channel();
     check_form_security_token_redirectOnErr('/settings', 'settings');
     call_hooks('settings_post', $_POST);
     $set_perms = '';
     $role = x($_POST, 'permissions_role') ? notags(trim($_POST['permissions_role'])) : '';
     $oldrole = get_pconfig(local_channel(), 'system', 'permissions_role');
     if ($role != $oldrole || $role === 'custom') {
         if ($role === 'custom') {
             $hide_presence = x($_POST, 'hide_presence') && intval($_POST['hide_presence']) == 1 ? 1 : 0;
             $publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0;
             $def_group = x($_POST, 'group-selection') ? notags(trim($_POST['group-selection'])) : '';
             $r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_channel()));
             $global_perms = \Zotlabs\Access\Permissions::Perms();
             foreach ($global_perms as $k => $v) {
                 \Zotlabs\Access\PermissionLimits::Set(local_channel(), $k, intval($_POST[$k]));
             }
             $acl = new \Zotlabs\Access\AccessList($channel);
             $acl->set_from_array($_POST);
             $x = $acl->get();
             $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', \n\t\t\t\t\tchannel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", dbesc($x['allow_cid']), dbesc($x['allow_gid']), dbesc($x['deny_cid']), dbesc($x['deny_gid']), intval(local_channel()));
         } else {
             $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
             if (!$role_permissions) {
                 notice('Permissions category could not be found.');
                 return;
             }
             $hide_presence = 1 - intval($role_permissions['online']);
             if ($role_permissions['default_collection']) {
                 $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                 if (!$r) {
                     require_once 'include/group.php';
                     group_add(local_channel(), t('Friends'));
                     group_add_member(local_channel(), t('Friends'), $channel['channel_hash']);
                     $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                 }
                 if ($r) {
                     q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval(local_channel()));
                 } else {
                     notice(sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL);
                     return;
                 }
             } else {
                 q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', \n\t\t\t\t\t\tchannel_deny_cid = '' where channel_id = %d", intval(local_channel()));
             }
             $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
             foreach ($x as $k => $v) {
                 set_abconfig(local_channel(), $channel['channel_hash'], 'my_perms', $k, $v);
                 if ($role_permissions['perms_auto']) {
                     set_pconfig(local_channel(), 'autoperms', $k, $v);
                 } else {
                     del_pconfig(local_channel(), 'autoperms', $k);
                 }
             }
             if ($role_permissions['limits']) {
                 foreach ($role_permissions['limits'] as $k => $v) {
                     \Zotlabs\Access\PermissionLimits::Set(local_channel(), $k, $v);
                 }
             }
             if (array_key_exists('directory_publish', $role_permissions)) {
                 $publish = intval($role_permissions['directory_publish']);
             }
         }
         set_pconfig(local_channel(), 'system', 'hide_online_status', $hide_presence);
         set_pconfig(local_channel(), 'system', 'permissions_role', $role);
     }
     $username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
     $timezone = x($_POST, 'timezone_select') ? notags(trim($_POST['timezone_select'])) : '';
     $defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : '';
     $openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
     $maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0;
     $expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0;
     $evdays = x($_POST, 'evdays') ? intval($_POST['evdays']) : 3;
     $photo_path = x($_POST, 'photo_path') ? escape_tags(trim($_POST['photo_path'])) : '';
     $attach_path = x($_POST, 'attach_path') ? escape_tags(trim($_POST['attach_path'])) : '';
     $channel_menu = x($_POST['channel_menu']) ? htmlspecialchars_decode(trim($_POST['channel_menu']), ENT_QUOTES) : '';
     $expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0;
     $expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0;
     $expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0;
     $expire_network_only = x($_POST, 'expire_network_only') ? intval($_POST['expire_network_only']) : 0;
     $allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0;
     $blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1;
     // this setting is inverted!
     $unkmail = x($_POST, 'unkmail') && intval($_POST['unkmail']) == 1 ? 1 : 0;
     $cntunkmail = x($_POST, 'cntunkmail') ? intval($_POST['cntunkmail']) : 0;
     $suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0;
     $post_newfriend = $_POST['post_newfriend'] == 1 ? 1 : 0;
     $post_joingroup = $_POST['post_joingroup'] == 1 ? 1 : 0;
     $post_profilechange = $_POST['post_profilechange'] == 1 ? 1 : 0;
     $adult = $_POST['adult'] == 1 ? 1 : 0;
     $cal_first_day = x($_POST, 'first_day') && intval($_POST['first_day']) == 1 ? 1 : 0;
     $pageflags = $channel['channel_pageflags'];
     $existing_adult = $pageflags & PAGE_ADULT ? 1 : 0;
     if ($adult != $existing_adult) {
         $pageflags = $pageflags ^ PAGE_ADULT;
     }
     $notify = 0;
     if (x($_POST, 'notify1')) {
         $notify += intval($_POST['notify1']);
     }
     if (x($_POST, 'notify2')) {
         $notify += intval($_POST['notify2']);
     }
     if (x($_POST, 'notify3')) {
         $notify += intval($_POST['notify3']);
     }
     if (x($_POST, 'notify4')) {
         $notify += intval($_POST['notify4']);
     }
     if (x($_POST, 'notify5')) {
         $notify += intval($_POST['notify5']);
     }
     if (x($_POST, 'notify6')) {
         $notify += intval($_POST['notify6']);
     }
     if (x($_POST, 'notify7')) {
         $notify += intval($_POST['notify7']);
     }
     if (x($_POST, 'notify8')) {
         $notify += intval($_POST['notify8']);
     }
     $vnotify = 0;
     if (x($_POST, 'vnotify1')) {
         $vnotify += intval($_POST['vnotify1']);
     }
     if (x($_POST, 'vnotify2')) {
         $vnotify += intval($_POST['vnotify2']);
     }
     if (x($_POST, 'vnotify3')) {
         $vnotify += intval($_POST['vnotify3']);
     }
     if (x($_POST, 'vnotify4')) {
         $vnotify += intval($_POST['vnotify4']);
     }
     if (x($_POST, 'vnotify5')) {
         $vnotify += intval($_POST['vnotify5']);
     }
     if (x($_POST, 'vnotify6')) {
         $vnotify += intval($_POST['vnotify6']);
     }
     if (x($_POST, 'vnotify7')) {
         $vnotify += intval($_POST['vnotify7']);
     }
     if (x($_POST, 'vnotify8')) {
         $vnotify += intval($_POST['vnotify8']);
     }
     if (x($_POST, 'vnotify9')) {
         $vnotify += intval($_POST['vnotify9']);
     }
     if (x($_POST, 'vnotify10')) {
         $vnotify += intval($_POST['vnotify10']);
     }
     if (x($_POST, 'vnotify11')) {
         $vnotify += intval($_POST['vnotify11']);
     }
     $always_show_in_notices = x($_POST, 'always_show_in_notices') ? 1 : 0;
     $err = '';
     $name_change = false;
     if ($username != $channel['channel_name']) {
         $name_change = true;
         require_once 'include/channel.php';
         $err = validate_channelname($username);
         if ($err) {
             notice($err);
             return;
         }
     }
     if ($timezone != $channel['channel_timezone']) {
         if (strlen($timezone)) {
             date_default_timezone_set($timezone);
         }
     }
     set_pconfig(local_channel(), 'system', 'use_browser_location', $allow_location);
     set_pconfig(local_channel(), 'system', 'suggestme', $suggestme);
     set_pconfig(local_channel(), 'system', 'post_newfriend', $post_newfriend);
     set_pconfig(local_channel(), 'system', 'post_joingroup', $post_joingroup);
     set_pconfig(local_channel(), 'system', 'post_profilechange', $post_profilechange);
     set_pconfig(local_channel(), 'system', 'blocktags', $blocktags);
     set_pconfig(local_channel(), 'system', 'channel_menu', $channel_menu);
     set_pconfig(local_channel(), 'system', 'vnotify', $vnotify);
     set_pconfig(local_channel(), 'system', 'always_show_in_notices', $always_show_in_notices);
     set_pconfig(local_channel(), 'system', 'evdays', $evdays);
     set_pconfig(local_channel(), 'system', 'photo_path', $photo_path);
     set_pconfig(local_channel(), 'system', 'attach_path', $attach_path);
     set_pconfig(local_channel(), 'system', 'cal_first_day', $cal_first_day);
     $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d {$set_perms} where channel_id = %d", dbesc($username), intval($pageflags), dbesc($timezone), dbesc($defloc), intval($notify), intval($unkmail), intval($maxreq), intval($expire), intval(local_channel()));
     if ($r) {
         info(t('Settings updated.') . EOL);
     }
     if (!is_null($publish)) {
         $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_channel()));
     }
     if ($name_change) {
         $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", dbesc($username), dbesc(datetime_convert()), dbesc($channel['channel_hash']));
         $r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", dbesc($username), intval($channel['channel_id']));
     }
     \Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
     build_sync_packet();
     if ($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) {
         // FIXME - set to un-verified, blocked and redirect to logout
         // Why? Are we verifying people or email addresses?
     }
     goaway(z_root() . '/settings');
     return;
     // NOTREACHED
 }
Example #9
0
 function init()
 {
     if (!local_channel()) {
         return;
     }
     $uid = local_channel();
     $channel = \App::get_channel();
     $verb = notags(trim($_GET['verb']));
     if (!$verb) {
         return;
     }
     $verbs = get_mood_verbs();
     if (!array_key_exists($verb, $verbs)) {
         return;
     }
     $activity = ACTIVITY_MOOD . '#' . urlencode($verb);
     $parent = x($_GET, 'parent') ? intval($_GET['parent']) : 0;
     logger('mood: verb ' . $verb, LOGGER_DEBUG);
     if ($parent) {
         $r = q("select mid, owner_xchan, private, allow_cid, allow_gid, deny_cid, deny_gid \n\t\t\t\tfrom item where id = %d and parent = %d and uid = %d limit 1", intval($parent), intval($parent), intval($uid));
         if (count($r)) {
             $parent_mid = $r[0]['mid'];
             $private = $r[0]['item_private'];
             $allow_cid = $r[0]['allow_cid'];
             $allow_gid = $r[0]['allow_gid'];
             $deny_cid = $r[0]['deny_cid'];
             $deny_gid = $r[0]['deny_gid'];
         }
     } else {
         $private = 0;
         $allow_cid = $channel['channel_allow_cid'];
         $allow_gid = $channel['channel_allow_gid'];
         $deny_cid = $channel['channel_deny_cid'];
         $deny_gid = $channel['channel_deny_gid'];
     }
     $poster = \App::get_observer();
     $mid = item_message_id();
     $action = sprintf(t('%1$s is %2$s', 'mood'), '[zrl=' . $poster['xchan_url'] . ']' . $poster['xchan_name'] . '[/zrl]', $verbs[$verb]);
     $arr = array();
     $arr['aid'] = get_account_id();
     $arr['uid'] = $uid;
     $arr['mid'] = $mid;
     $arr['parent_mid'] = $parent_mid ? $parent_mid : $mid;
     $arr['author_xchan'] = $poster['xchan_hash'];
     $arr['owner_xchan'] = $parent_mid ? $r[0]['owner_xchan'] : $poster['xchan_hash'];
     $arr['title'] = '';
     $arr['allow_cid'] = $allow_cid;
     $arr['allow_gid'] = $allow_gid;
     $arr['deny_cid'] = $deny_cid;
     $arr['deny_gid'] = $deny_gid;
     $arr['item_private'] = $private;
     $arr['verb'] = $activity;
     $arr['body'] = $action;
     $arr['item_origin'] = 1;
     $arr['item_wall'] = 1;
     $arr['item_unseen'] = 1;
     if (!$parent_mid) {
         $item['item_thread_top'] = 1;
     }
     if (!$arr['plink'] && intval($arr['item_thread_top'])) {
         $arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
     }
     $post = item_store($arr);
     $item_id = $post['item_id'];
     if ($item_id) {
         \Zotlabs\Daemon\Master::Summon(array('Notifier', 'activity', $item_id));
     }
     call_hooks('post_local_end', $arr);
     if ($_SESSION['return_url']) {
         goaway(z_root() . '/' . $_SESSION['return_url']);
     }
     return;
 }
Example #10
0
/**
 *
 * Wrap calls to proc_close(proc_open()) and call hook
 * so plugins can take part in process :)
 *
 * args:
 * $cmd program to run
 *  next args are passed as $cmd command line
 *
 * e.g.: proc_run("ls","-la","/tmp");
 *
 * $cmd and string args are surrounded with ""
 */
function proc_run()
{
    $args = func_get_args();
    $newargs = array();
    if (!count($args)) {
        return;
    }
    $args = flatten_array_recursive($args);
    $arr = array('args' => $args, 'run_cmd' => true);
    call_hooks('proc_run', $arr);
    if (!$arr['run_cmd']) {
        return;
    }
    if (count($args) && $args[0] === 'php') {
        $args[0] = x(App::$config, 'system') && x(App::$config['system'], 'php_path') && strlen(App::$config['system']['php_path']) ? App::$config['system']['php_path'] : 'php';
    }
    // redirect proc_run statements of legacy daemon processes to the newer Daemon Master object class
    // We will keep this interface until everybody has transitioned. (2016-05-20)
    if (strstr($args[1], 'include/')) {
        // convert 'include/foo.php' to 'Foo'
        $orig = substr(ucfirst(substr($args[1], 8)), 0, -4);
        logger('proc_run_redirect: ' . $orig);
        if (file_exists('Zotlabs/Daemon/' . $orig . '.php')) {
            array_shift($args);
            // daemons are all run by php, pop it off the top of the array
            $args[0] = $orig;
            // replace with the new daemon name
            logger('Redirecting old proc_run interface: ' . print_r($args, true), LOGGER_DEBUG, LOG_DEBUG);
            \Zotlabs\Daemon\Master::Summon($args);
            // summon the daemon
            return;
        }
    }
    $args = array_map('escapeshellarg', $args);
    $cmdline = implode($args, " ");
    if (is_windows()) {
        $cwd = getcwd();
        $cmd = "cmd /c start \"title\" /D \"{$cwd}\" /b {$cmdline}";
        proc_close(proc_open($cmd, array(), $foo));
    } else {
        if (get_config('system', 'use_proc_open')) {
            proc_close(proc_open($cmdline . " &", array(), $foo));
        } else {
            exec($cmdline . ' > /dev/null &');
        }
    }
}
Example #11
0
 function post()
 {
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     require_once 'include/activities.php';
     $namechanged = false;
     // import from json export file.
     // Only import fields that are allowed on this hub
     if (x($_FILES, 'userfile')) {
         $src = $_FILES['userfile']['tmp_name'];
         $filesize = intval($_FILES['userfile']['size']);
         if ($filesize) {
             $j = @json_decode(@file_get_contents($src), true);
             @unlink($src);
             if ($j) {
                 $fields = get_profile_fields_advanced();
                 if ($fields) {
                     foreach ($j as $jj => $v) {
                         foreach ($fields as $f => $n) {
                             if ($jj == $f) {
                                 $_POST[$f] = $v;
                                 break;
                             }
                         }
                     }
                 }
             }
         }
     }
     call_hooks('profile_post', $_POST);
     if (argc() > 1 && argv(1) !== "new" && intval(argv(1))) {
         $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval(\App::$argv[1]), intval(local_channel()));
         if (!count($orig)) {
             notice(t('Profile not found.') . EOL);
             return;
         }
         check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
         $is_default = $orig[0]['is_default'] ? 1 : 0;
         $profile_name = notags(trim($_POST['profile_name']));
         if (!strlen($profile_name)) {
             notice(t('Profile Name is required.') . EOL);
             return;
         }
         $dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00';
         // FIXME: Needs to be validated?
         $y = substr($dob, 0, 4);
         if (!ctype_digit($y) || $y < 1900) {
             $ignore_year = true;
         } else {
             $ignore_year = false;
         }
         if ($dob != '0000-00-00') {
             if (strpos($dob, '0000-') === 0) {
                 $ignore_year = true;
                 $dob = substr($dob, 5);
             }
             $dob = datetime_convert('UTC', 'UTC', $ignore_year ? '1900-' . $dob : $dob, $ignore_year ? 'm-d' : 'Y-m-d');
             if ($ignore_year) {
                 $dob = '0000-' . $dob;
             }
         }
         $name = escape_tags(trim($_POST['name']));
         if ($orig[0]['fullname'] != $name) {
             $namechanged = true;
             $v = validate_channelname($name);
             if ($v) {
                 notice($v);
                 $namechanged = false;
                 $name = $orig[0]['fullname'];
             }
         }
         $pdesc = escape_tags(trim($_POST['pdesc']));
         $gender = escape_tags(trim($_POST['gender']));
         $address = escape_tags(trim($_POST['address']));
         $locality = escape_tags(trim($_POST['locality']));
         $region = escape_tags(trim($_POST['region']));
         $postal_code = escape_tags(trim($_POST['postal_code']));
         $country_name = escape_tags(trim($_POST['country_name']));
         $keywords = escape_tags(trim($_POST['keywords']));
         $marital = escape_tags(trim($_POST['marital']));
         $howlong = escape_tags(trim($_POST['howlong']));
         $sexual = escape_tags(trim($_POST['sexual']));
         $homepage = escape_tags(trim($_POST['homepage']));
         $hometown = escape_tags(trim($_POST['hometown']));
         $politic = escape_tags(trim($_POST['politic']));
         $religion = escape_tags(trim($_POST['religion']));
         $likes = fix_mce_lf(escape_tags(trim($_POST['likes'])));
         $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes'])));
         $about = fix_mce_lf(escape_tags(trim($_POST['about'])));
         $interest = fix_mce_lf(escape_tags(trim($_POST['interest'])));
         $contact = fix_mce_lf(escape_tags(trim($_POST['contact'])));
         $channels = fix_mce_lf(escape_tags(trim($_POST['channels'])));
         $music = fix_mce_lf(escape_tags(trim($_POST['music'])));
         $book = fix_mce_lf(escape_tags(trim($_POST['book'])));
         $tv = fix_mce_lf(escape_tags(trim($_POST['tv'])));
         $film = fix_mce_lf(escape_tags(trim($_POST['film'])));
         $romance = fix_mce_lf(escape_tags(trim($_POST['romance'])));
         $work = fix_mce_lf(escape_tags(trim($_POST['work'])));
         $education = fix_mce_lf(escape_tags(trim($_POST['education'])));
         $hide_friends = intval($_POST['hide_friends']) ? 1 : 0;
         require_once 'include/text.php';
         linkify_tags($a, $likes, local_channel());
         linkify_tags($a, $dislikes, local_channel());
         linkify_tags($a, $about, local_channel());
         linkify_tags($a, $interest, local_channel());
         linkify_tags($a, $interest, local_channel());
         linkify_tags($a, $contact, local_channel());
         linkify_tags($a, $channels, local_channel());
         linkify_tags($a, $music, local_channel());
         linkify_tags($a, $book, local_channel());
         linkify_tags($a, $tv, local_channel());
         linkify_tags($a, $film, local_channel());
         linkify_tags($a, $romance, local_channel());
         linkify_tags($a, $work, local_channel());
         linkify_tags($a, $education, local_channel());
         $with = x($_POST, 'with') ? escape_tags(trim($_POST['with'])) : '';
         if (!strlen($howlong)) {
             $howlong = NULL_DATE;
         } else {
             $howlong = datetime_convert(date_default_timezone_get(), 'UTC', $howlong);
         }
         // linkify the relationship target if applicable
         $withchanged = false;
         if (strlen($with)) {
             if ($with != strip_tags($orig[0]['partner'])) {
                 $withchanged = true;
                 $prf = '';
                 $lookup = $with;
                 if (strpos($lookup, '@') === 0) {
                     $lookup = substr($lookup, 1);
                 }
                 $lookup = str_replace('_', ' ', $lookup);
                 $newname = $lookup;
                 $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", dbesc($newname), intval(local_channel()));
                 if (!$r) {
                     $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_addr = '%s' AND abook_channel = %d LIMIT 1", dbesc($lookup . '@%'), intval(local_channel()));
                 }
                 if ($r) {
                     $prf = $r[0]['xchan_url'];
                     $newname = $r[0]['xchan_name'];
                 }
                 if ($prf) {
                     $with = str_replace($lookup, '<a href="' . $prf . '">' . $newname . '</a>', $with);
                     if (strpos($with, '@') === 0) {
                         $with = substr($with, 1);
                     }
                 }
             } else {
                 $with = $orig[0]['partner'];
             }
         }
         $profile_fields_basic = get_profile_fields_basic();
         $profile_fields_advanced = get_profile_fields_advanced();
         $advanced = feature_enabled(local_channel(), 'advanced_profiles') ? true : false;
         if ($advanced) {
             $fields = $profile_fields_advanced;
         } else {
             $fields = $profile_fields_basic;
         }
         $z = q("select * from profdef where true");
         if ($z) {
             foreach ($z as $zz) {
                 if (array_key_exists($zz['field_name'], $fields)) {
                     $w = q("select * from profext where channel_id = %d and hash = '%s' and k = '%s' limit 1", intval(local_channel()), dbesc($orig[0]['profile_guid']), dbesc($zz['field_name']));
                     if ($w) {
                         q("update profext set v = '%s' where id = %d", dbesc(escape_tags(trim($_POST[$zz['field_name']]))), intval($w[0]['id']));
                     } else {
                         q("insert into profext ( channel_id, hash, k, v ) values ( %d, '%s', '%s', '%s') ", intval(local_channel()), dbesc($orig[0]['profile_guid']), dbesc($zz['field_name']), dbesc(escape_tags(trim($_POST[$zz['field_name']]))));
                     }
                 }
             }
         }
         $changes = array();
         $value = '';
         if ($is_default) {
             if ($marital != $orig[0]['marital']) {
                 $changes[] = '[color=#ff0000]&hearts;[/color] ' . t('Marital Status');
                 $value = $marital;
             }
             if ($withchanged) {
                 $changes[] = '[color=#ff0000]&hearts;[/color] ' . t('Romantic Partner');
                 $value = strip_tags($with);
             }
             if ($likes != $orig[0]['likes']) {
                 $changes[] = t('Likes');
                 $value = $likes;
             }
             if ($dislikes != $orig[0]['dislikes']) {
                 $changes[] = t('Dislikes');
                 $value = $dislikes;
             }
             if ($work != $orig[0]['employment']) {
                 $changes[] = t('Work/Employment');
             }
             if ($religion != $orig[0]['religion']) {
                 $changes[] = t('Religion');
                 $value = $religion;
             }
             if ($politic != $orig[0]['politic']) {
                 $changes[] = t('Political Views');
                 $value = $politic;
             }
             if ($gender != $orig[0]['gender']) {
                 $changes[] = t('Gender');
                 $value = $gender;
             }
             if ($sexual != $orig[0]['sexual']) {
                 $changes[] = t('Sexual Preference');
                 $value = $sexual;
             }
             if ($homepage != $orig[0]['homepage']) {
                 $changes[] = t('Homepage');
                 $value = $homepage;
             }
             if ($interest != $orig[0]['interest']) {
                 $changes[] = t('Interests');
                 $value = $interest;
             }
             if ($address != $orig[0]['address']) {
                 $changes[] = t('Address');
                 // New address not sent in notifications, potential privacy issues
                 // in case this leaks to unintended recipients. Yes, it's in the public
                 // profile but that doesn't mean we have to broadcast it to everybody.
             }
             if ($locality != $orig[0]['locality'] || $region != $orig[0]['region'] || $country_name != $orig[0]['country_name']) {
                 $changes[] = t('Location');
                 $comma1 = $locality && ($region || $country_name) ? ', ' : ' ';
                 $comma2 = $region && $country_name ? ', ' : '';
                 $value = $locality . $comma1 . $region . $comma2 . $country_name;
             }
             profile_activity($changes, $value);
         }
         $r = q("UPDATE `profile` \n\t\t\t\tSET `profile_name` = '%s',\n\t\t\t\t`fullname` = '%s',\n\t\t\t\t`pdesc` = '%s',\n\t\t\t\t`gender` = '%s',\n\t\t\t\t`dob` = '%s',\n\t\t\t\t`address` = '%s',\n\t\t\t\t`locality` = '%s',\n\t\t\t\t`region` = '%s',\n\t\t\t\t`postal_code` = '%s',\n\t\t\t\t`country_name` = '%s',\n\t\t\t\t`marital` = '%s',\n\t\t\t\t`partner` = '%s',\n\t\t\t\t`howlong` = '%s',\n\t\t\t\t`sexual` = '%s',\n\t\t\t\t`homepage` = '%s',\n\t\t\t\t`hometown` = '%s',\n\t\t\t\t`politic` = '%s',\n\t\t\t\t`religion` = '%s',\n\t\t\t\t`keywords` = '%s',\n\t\t\t\t`likes` = '%s',\n\t\t\t\t`dislikes` = '%s',\n\t\t\t\t`about` = '%s',\n\t\t\t\t`interest` = '%s',\n\t\t\t\t`contact` = '%s',\n\t\t\t\t`channels` = '%s',\n\t\t\t\t`music` = '%s',\n\t\t\t\t`book` = '%s',\n\t\t\t\t`tv` = '%s',\n\t\t\t\t`film` = '%s',\n\t\t\t\t`romance` = '%s',\n\t\t\t\t`employment` = '%s',\n\t\t\t\t`education` = '%s',\n\t\t\t\t`hide_friends` = %d\n\t\t\t\tWHERE `id` = %d AND `uid` = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), dbesc($gender), dbesc($dob), dbesc($address), dbesc($locality), dbesc($region), dbesc($postal_code), dbesc($country_name), dbesc($marital), dbesc($with), dbesc($howlong), dbesc($sexual), dbesc($homepage), dbesc($hometown), dbesc($politic), dbesc($religion), dbesc($keywords), dbesc($likes), dbesc($dislikes), dbesc($about), dbesc($interest), dbesc($contact), dbesc($channels), dbesc($music), dbesc($book), dbesc($tv), dbesc($film), dbesc($romance), dbesc($work), dbesc($education), intval($hide_friends), intval(argv(1)), intval(local_channel()));
         if ($r) {
             info(t('Profile updated.') . EOL);
         }
         $r = q("select * from profile where id = %d and uid = %d limit 1", intval(argv(1)), intval(local_channel()));
         if ($r) {
             require_once 'include/zot.php';
             build_sync_packet(local_channel(), array('profile' => $r));
         }
         $channel = \App::get_channel();
         if ($namechanged && $is_default) {
             $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s'", dbesc($name), dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
             $r = q("UPDATE channel SET channel_name = '%s' WHERE channel_hash = '%s'", dbesc($name), dbesc($channel['xchan_hash']));
         }
         if ($is_default) {
             // reload the info for the sidebar widget - why does this not work?
             profile_load($channel['channel_address']);
             \Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
         }
     }
 }
Example #12
0
 function post()
 {
     if (!local_channel()) {
         return;
     }
     if ($_SESSION['delegate']) {
         return;
     }
     $channel = \App::get_channel();
     logger('mod_settings: ' . print_r($_REQUEST, true));
     if (argc() > 1 && argv(1) === 'oauth' && x($_POST, 'remove')) {
         check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
         $key = $_POST['remove'];
         q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_channel());
         goaway(z_root() . "/settings/oauth/");
         return;
     }
     if (argc() > 2 && argv(1) === 'oauth' && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST, 'submit')) {
         check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
         $name = x($_POST, 'name') ? $_POST['name'] : '';
         $key = x($_POST, 'key') ? $_POST['key'] : '';
         $secret = x($_POST, 'secret') ? $_POST['secret'] : '';
         $redirect = x($_POST, 'redirect') ? $_POST['redirect'] : '';
         $icon = x($_POST, 'icon') ? $_POST['icon'] : '';
         $ok = true;
         if ($name == '') {
             $ok = false;
             notice(t('Name is required') . EOL);
         }
         if ($key == '' || $secret == '') {
             $ok = false;
             notice(t('Key and Secret are required') . EOL);
         }
         if ($ok) {
             if ($_POST['submit'] == t("Update")) {
                 $r = q("UPDATE clients SET\n\t\t\t\t\t\t\t\tclient_id='%s',\n\t\t\t\t\t\t\t\tpw='%s',\n\t\t\t\t\t\t\t\tclname='%s',\n\t\t\t\t\t\t\t\tredirect_uri='%s',\n\t\t\t\t\t\t\t\ticon='%s',\n\t\t\t\t\t\t\t\tuid=%d\n\t\t\t\t\t\t\tWHERE client_id='%s'", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), intval(local_channel()), dbesc($key));
             } else {
                 $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid)\n\t\t\t\t\t\tVALUES ('%s','%s','%s','%s','%s',%d)", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), intval(local_channel()));
                 $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", dbesc($key), intval(local_channel()), dbesc('all'));
             }
         }
         goaway(z_root() . "/settings/oauth/");
         return;
     }
     if (argc() > 1 && argv(1) == 'featured') {
         check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured');
         call_hooks('feature_settings_post', $_POST);
         build_sync_packet();
         return;
     }
     if (argc() > 1 && argv(1) == 'tokens') {
         check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens');
         $token_errs = 0;
         if (array_key_exists('token', $_POST)) {
             $atoken_id = $_POST['atoken_id'] ? intval($_POST['atoken_id']) : 0;
             $name = trim(escape_tags($_POST['name']));
             $token = trim($_POST['token']);
             if (!$name || !$token) {
                 $token_errs++;
             }
             if (trim($_POST['expires'])) {
                 $expires = datetime_convert(date_default_timezone_get(), 'UTC', $_POST['expires']);
             } else {
                 $expires = NULL_DATE;
             }
             $max_atokens = service_class_fetch(local_channel(), 'access_tokens');
             if ($max_atokens) {
                 $r = q("select count(atoken_id) as total where atoken_uid = %d", intval(local_channel()));
                 if ($r && intval($r[0]['total']) >= $max_tokens) {
                     notice(sprintf(t('This channel is limited to %d tokens'), $max_tokens) . EOL);
                     return;
                 }
             }
         }
         if ($token_errs) {
             notice(t('Name and Password are required.') . EOL);
             return;
         }
         if ($atoken_id) {
             $r = q("update atoken set atoken_name = '%s', atoken_token = '%s' atoken_expires = '%s' \n\t\t\t\t\twhere atoken_id = %d and atoken_uid = %d", dbesc($name), dbesc($token), dbesc($expires), intval($atoken_id), intval($channel['channel_id']));
         } else {
             $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )\n\t\t\t\t\tvalues ( %d, %d, '%s', '%s', '%s' ) ", intval($channel['channel_account_id']), intval($channel['channel_id']), dbesc($name), dbesc($token), dbesc($expires));
         }
         info(t('Token saved.') . EOL);
         return;
     }
     if (argc() > 1 && argv(1) === 'features') {
         check_form_security_token_redirectOnErr('/settings/features', 'settings_features');
         // Build list of features and check which are set
         $features = get_features();
         $all_features = array();
         foreach ($features as $k => $v) {
             foreach ($v as $f) {
                 $all_features[] = $f[0];
             }
         }
         foreach ($all_features as $k) {
             if (x($_POST, "feature_{$k}")) {
                 set_pconfig(local_channel(), 'feature', $k, 1);
             } else {
                 set_pconfig(local_channel(), 'feature', $k, 0);
             }
         }
         build_sync_packet();
         return;
     }
     if (argc() > 1 && argv(1) == 'display') {
         check_form_security_token_redirectOnErr('/settings/display', 'settings_display');
         $theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : \App::$channel['channel_theme'];
         $mobile_theme = x($_POST, 'mobile_theme') ? notags(trim($_POST['mobile_theme'])) : '';
         $preload_images = x($_POST, 'preload_images') ? intval($_POST['preload_images']) : 0;
         $user_scalable = x($_POST, 'user_scalable') ? intval($_POST['user_scalable']) : 0;
         $nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
         $title_tosource = x($_POST, 'title_tosource') ? intval($_POST['title_tosource']) : 0;
         $channel_list_mode = x($_POST, 'channel_list_mode') ? intval($_POST['channel_list_mode']) : 0;
         $network_list_mode = x($_POST, 'network_list_mode') ? intval($_POST['network_list_mode']) : 0;
         $channel_divmore_height = x($_POST, 'channel_divmore_height') ? intval($_POST['channel_divmore_height']) : 400;
         if ($channel_divmore_height < 50) {
             $channel_divmore_height = 50;
         }
         $network_divmore_height = x($_POST, 'network_divmore_height') ? intval($_POST['network_divmore_height']) : 400;
         if ($network_divmore_height < 50) {
             $network_divmore_height = 50;
         }
         $browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0;
         $browser_update = $browser_update * 1000;
         if ($browser_update < 10000) {
             $browser_update = 10000;
         }
         $itemspage = x($_POST, 'itemspage') ? intval($_POST['itemspage']) : 20;
         if ($itemspage > 100) {
             $itemspage = 100;
         }
         if ($mobile_theme == "---") {
             del_pconfig(local_channel(), 'system', 'mobile_theme');
         } else {
             set_pconfig(local_channel(), 'system', 'mobile_theme', $mobile_theme);
         }
         set_pconfig(local_channel(), 'system', 'preload_images', $preload_images);
         set_pconfig(local_channel(), 'system', 'user_scalable', $user_scalable);
         set_pconfig(local_channel(), 'system', 'update_interval', $browser_update);
         set_pconfig(local_channel(), 'system', 'itemspage', $itemspage);
         set_pconfig(local_channel(), 'system', 'no_smilies', 1 - intval($nosmile));
         set_pconfig(local_channel(), 'system', 'title_tosource', $title_tosource);
         set_pconfig(local_channel(), 'system', 'channel_list_mode', $channel_list_mode);
         set_pconfig(local_channel(), 'system', 'network_list_mode', $network_list_mode);
         set_pconfig(local_channel(), 'system', 'channel_divmore_height', $channel_divmore_height);
         set_pconfig(local_channel(), 'system', 'network_divmore_height', $network_divmore_height);
         if ($theme == \App::$channel['channel_theme']) {
             // call theme_post only if theme has not been changed
             if (($themeconfigfile = $this->get_theme_config_file($theme)) != null) {
                 require_once $themeconfigfile;
                 theme_post($a);
             }
         }
         $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", dbesc($theme), intval(local_channel()));
         call_hooks('display_settings_post', $_POST);
         build_sync_packet();
         goaway(z_root() . '/settings/display');
         return;
         // NOTREACHED
     }
     if (argc() > 1 && argv(1) === 'account') {
         check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
         call_hooks('account_settings_post', $_POST);
         //		call_hooks('settings_account', $_POST);
         $errs = array();
         $email = x($_POST, 'email') ? trim(notags($_POST['email'])) : '';
         $account = \App::get_account();
         if ($email != $account['account_email']) {
             if (!valid_email($email)) {
                 $errs[] = t('Not valid email.');
             }
             $adm = trim(get_config('system', 'admin_email'));
             if ($adm && strcasecmp($email, $adm) == 0) {
                 $errs[] = t('Protected email address. Cannot change to that email.');
                 $email = \App::$user['email'];
             }
             if (!$errs) {
                 $r = q("update account set account_email = '%s' where account_id = %d", dbesc($email), intval($account['account_id']));
                 if (!$r) {
                     $errs[] = t('System failure storing new email. Please try again.');
                 }
             }
         }
         if ($errs) {
             foreach ($errs as $err) {
                 notice($err . EOL);
             }
             $errs = array();
         }
         if (x($_POST, 'npassword') || x($_POST, 'confirm')) {
             $origpass = trim($_POST['origpass']);
             require_once 'include/auth.php';
             if (!account_verify_password($email, $origpass)) {
                 $errs[] = t('Password verification failed.');
             }
             $newpass = trim($_POST['npassword']);
             $confirm = trim($_POST['confirm']);
             if ($newpass != $confirm) {
                 $errs[] = t('Passwords do not match. Password unchanged.');
             }
             if (!x($newpass) || !x($confirm)) {
                 $errs[] = t('Empty passwords are not allowed. Password unchanged.');
             }
             if (!$errs) {
                 $salt = random_string(32);
                 $password_encoded = hash('whirlpool', $salt . $newpass);
                 $r = q("update account set account_salt = '%s', account_password = '******', account_password_changed = '%s' \n\t\t\t\t\t\twhere account_id = %d", dbesc($salt), dbesc($password_encoded), dbesc(datetime_convert()), intval(get_account_id()));
                 if ($r) {
                     info(t('Password changed.') . EOL);
                 } else {
                     $errs[] = t('Password update failed. Please try again.');
                 }
             }
         }
         if ($errs) {
             foreach ($errs as $err) {
                 notice($err . EOL);
             }
         }
         goaway(z_root() . '/settings/account');
     }
     check_form_security_token_redirectOnErr('/settings', 'settings');
     call_hooks('settings_post', $_POST);
     $set_perms = '';
     $role = x($_POST, 'permissions_role') ? notags(trim($_POST['permissions_role'])) : '';
     $oldrole = get_pconfig(local_channel(), 'system', 'permissions_role');
     if ($role != $oldrole || $role === 'custom') {
         if ($role === 'custom') {
             $hide_presence = x($_POST, 'hide_presence') && intval($_POST['hide_presence']) == 1 ? 1 : 0;
             $publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0;
             $def_group = x($_POST, 'group-selection') ? notags(trim($_POST['group-selection'])) : '';
             $r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_channel()));
             $global_perms = get_perms();
             foreach ($global_perms as $k => $v) {
                 $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
             }
             $acl = new \Zotlabs\Access\AccessList($channel);
             $acl->set_from_array($_POST);
             $x = $acl->get();
             $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', \n\t\t\t\t\tchannel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", dbesc($x['allow_cid']), dbesc($x['allow_gid']), dbesc($x['deny_cid']), dbesc($x['deny_gid']), intval(local_channel()));
         } else {
             $role_permissions = get_role_perms($_POST['permissions_role']);
             if (!$role_permissions) {
                 notice('Permissions category could not be found.');
                 return;
             }
             $hide_presence = 1 - intval($role_permissions['online']);
             if ($role_permissions['default_collection']) {
                 $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                 if (!$r) {
                     require_once 'include/group.php';
                     group_add(local_channel(), t('Friends'));
                     group_add_member(local_channel(), t('Friends'), $channel['channel_hash']);
                     $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                 }
                 if ($r) {
                     q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval(local_channel()));
                 } else {
                     notice(sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL);
                     return;
                 }
             } else {
                 q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', \n\t\t\t\t\t\tchannel_deny_cid = '' where channel_id = %d", intval(local_channel()));
             }
             $r = q("update abook set abook_my_perms  = %d where abook_channel = %d and abook_self = 1", intval(array_key_exists('perms_accept', $role_permissions) ? $role_permissions['perms_accept'] : 0), intval(local_channel()));
             set_pconfig(local_channel(), 'system', 'autoperms', $role_permissions['perms_auto'] ? intval($role_permissions['perms_accept']) : 0);
             foreach ($role_permissions as $p => $v) {
                 if (strpos($p, 'channel_') !== false) {
                     $set_perms .= ', ' . $p . ' = ' . intval($v) . ' ';
                 }
                 if ($p === 'directory_publish') {
                     $publish = intval($v);
                 }
             }
         }
         set_pconfig(local_channel(), 'system', 'hide_online_status', $hide_presence);
         set_pconfig(local_channel(), 'system', 'permissions_role', $role);
     }
     $username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
     $timezone = x($_POST, 'timezone_select') ? notags(trim($_POST['timezone_select'])) : '';
     $defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : '';
     $openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
     $maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0;
     $expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0;
     $evdays = x($_POST, 'evdays') ? intval($_POST['evdays']) : 3;
     $photo_path = x($_POST, 'photo_path') ? escape_tags(trim($_POST['photo_path'])) : '';
     $attach_path = x($_POST, 'attach_path') ? escape_tags(trim($_POST['attach_path'])) : '';
     $channel_menu = x($_POST['channel_menu']) ? htmlspecialchars_decode(trim($_POST['channel_menu']), ENT_QUOTES) : '';
     $expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0;
     $expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0;
     $expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0;
     $expire_network_only = x($_POST, 'expire_network_only') ? intval($_POST['expire_network_only']) : 0;
     $allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0;
     $blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1;
     // this setting is inverted!
     $unkmail = x($_POST, 'unkmail') && intval($_POST['unkmail']) == 1 ? 1 : 0;
     $cntunkmail = x($_POST, 'cntunkmail') ? intval($_POST['cntunkmail']) : 0;
     $suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0;
     $post_newfriend = $_POST['post_newfriend'] == 1 ? 1 : 0;
     $post_joingroup = $_POST['post_joingroup'] == 1 ? 1 : 0;
     $post_profilechange = $_POST['post_profilechange'] == 1 ? 1 : 0;
     $adult = $_POST['adult'] == 1 ? 1 : 0;
     $cal_first_day = x($_POST, 'first_day') && intval($_POST['first_day']) == 1 ? 1 : 0;
     $channel = \App::get_channel();
     $pageflags = $channel['channel_pageflags'];
     $existing_adult = $pageflags & PAGE_ADULT ? 1 : 0;
     if ($adult != $existing_adult) {
         $pageflags = $pageflags ^ PAGE_ADULT;
     }
     $notify = 0;
     if (x($_POST, 'notify1')) {
         $notify += intval($_POST['notify1']);
     }
     if (x($_POST, 'notify2')) {
         $notify += intval($_POST['notify2']);
     }
     if (x($_POST, 'notify3')) {
         $notify += intval($_POST['notify3']);
     }
     if (x($_POST, 'notify4')) {
         $notify += intval($_POST['notify4']);
     }
     if (x($_POST, 'notify5')) {
         $notify += intval($_POST['notify5']);
     }
     if (x($_POST, 'notify6')) {
         $notify += intval($_POST['notify6']);
     }
     if (x($_POST, 'notify7')) {
         $notify += intval($_POST['notify7']);
     }
     if (x($_POST, 'notify8')) {
         $notify += intval($_POST['notify8']);
     }
     $vnotify = 0;
     if (x($_POST, 'vnotify1')) {
         $vnotify += intval($_POST['vnotify1']);
     }
     if (x($_POST, 'vnotify2')) {
         $vnotify += intval($_POST['vnotify2']);
     }
     if (x($_POST, 'vnotify3')) {
         $vnotify += intval($_POST['vnotify3']);
     }
     if (x($_POST, 'vnotify4')) {
         $vnotify += intval($_POST['vnotify4']);
     }
     if (x($_POST, 'vnotify5')) {
         $vnotify += intval($_POST['vnotify5']);
     }
     if (x($_POST, 'vnotify6')) {
         $vnotify += intval($_POST['vnotify6']);
     }
     if (x($_POST, 'vnotify7')) {
         $vnotify += intval($_POST['vnotify7']);
     }
     if (x($_POST, 'vnotify8')) {
         $vnotify += intval($_POST['vnotify8']);
     }
     if (x($_POST, 'vnotify9')) {
         $vnotify += intval($_POST['vnotify9']);
     }
     if (x($_POST, 'vnotify10')) {
         $vnotify += intval($_POST['vnotify10']);
     }
     if (x($_POST, 'vnotify11')) {
         $vnotify += intval($_POST['vnotify11']);
     }
     $always_show_in_notices = x($_POST, 'always_show_in_notices') ? 1 : 0;
     $channel = \App::get_channel();
     $err = '';
     $name_change = false;
     if ($username != $channel['channel_name']) {
         $name_change = true;
         require_once 'include/channel.php';
         $err = validate_channelname($username);
         if ($err) {
             notice($err);
             return;
         }
     }
     if ($timezone != $channel['channel_timezone']) {
         if (strlen($timezone)) {
             date_default_timezone_set($timezone);
         }
     }
     set_pconfig(local_channel(), 'system', 'use_browser_location', $allow_location);
     set_pconfig(local_channel(), 'system', 'suggestme', $suggestme);
     set_pconfig(local_channel(), 'system', 'post_newfriend', $post_newfriend);
     set_pconfig(local_channel(), 'system', 'post_joingroup', $post_joingroup);
     set_pconfig(local_channel(), 'system', 'post_profilechange', $post_profilechange);
     set_pconfig(local_channel(), 'system', 'blocktags', $blocktags);
     set_pconfig(local_channel(), 'system', 'channel_menu', $channel_menu);
     set_pconfig(local_channel(), 'system', 'vnotify', $vnotify);
     set_pconfig(local_channel(), 'system', 'always_show_in_notices', $always_show_in_notices);
     set_pconfig(local_channel(), 'system', 'evdays', $evdays);
     set_pconfig(local_channel(), 'system', 'photo_path', $photo_path);
     set_pconfig(local_channel(), 'system', 'attach_path', $attach_path);
     set_pconfig(local_channel(), 'system', 'cal_first_day', $cal_first_day);
     $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d {$set_perms} where channel_id = %d", dbesc($username), intval($pageflags), dbesc($timezone), dbesc($defloc), intval($notify), intval($unkmail), intval($maxreq), intval($expire), intval(local_channel()));
     if ($r) {
         info(t('Settings updated.') . EOL);
     }
     if (!is_null($publish)) {
         $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_channel()));
     }
     if ($name_change) {
         $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", dbesc($username), dbesc(datetime_convert()), dbesc($channel['channel_hash']));
         $r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", dbesc($username), intval($channel['channel_id']));
     }
     \Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
     build_sync_packet();
     //$_SESSION['theme'] = $theme;
     if ($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) {
         // FIXME - set to un-verified, blocked and redirect to logout
         // Why? Are we verifying people or email addresses?
     }
     goaway(z_root() . '/settings');
     return;
     // NOTREACHED
 }
Example #13
0
 function post()
 {
     logger('post: ' . print_r($_REQUEST, true), LOGGER_DATA);
     if (!local_channel()) {
         return;
     }
     if ($_FILES && array_key_exists('userfile', $_FILES) && intval($_FILES['userfile']['size'])) {
         $src = $_FILES['userfile']['tmp_name'];
         if ($src) {
             $result = parse_ical_file($src, local_channel());
             if ($result) {
                 info(t('Calendar entries imported.') . EOL);
             } else {
                 notice(t('No calendar entries found.') . EOL);
             }
             @unlink($src);
         }
         goaway(z_root() . '/events');
     }
     $event_id = x($_POST, 'event_id') ? intval($_POST['event_id']) : 0;
     $event_hash = x($_POST, 'event_hash') ? $_POST['event_hash'] : '';
     $xchan = x($_POST, 'xchan') ? dbesc($_POST['xchan']) : '';
     $uid = local_channel();
     $start_text = escape_tags($_REQUEST['start_text']);
     $finish_text = escape_tags($_REQUEST['finish_text']);
     $adjust = intval($_POST['adjust']);
     $nofinish = intval($_POST['nofinish']);
     $categories = escape_tags(trim($_POST['category']));
     // only allow editing your own events.
     if ($xchan && $xchan !== get_observer_hash()) {
         return;
     }
     if ($start_text) {
         $start = $start_text;
     } else {
         $start = sprintf('%d-%d-%d %d:%d:0', $startyear, $startmonth, $startday, $starthour, $startminute);
     }
     if ($nofinish) {
         $finish = NULL_DATE;
     }
     if ($finish_text) {
         $finish = $finish_text;
     } else {
         $finish = sprintf('%d-%d-%d %d:%d:0', $finishyear, $finishmonth, $finishday, $finishhour, $finishminute);
     }
     if ($adjust) {
         $start = datetime_convert(date_default_timezone_get(), 'UTC', $start);
         if (!$nofinish) {
             $finish = datetime_convert(date_default_timezone_get(), 'UTC', $finish);
         }
     } else {
         $start = datetime_convert('UTC', 'UTC', $start);
         if (!$nofinish) {
             $finish = datetime_convert('UTC', 'UTC', $finish);
         }
     }
     // Don't allow the event to finish before it begins.
     // It won't hurt anything, but somebody will file a bug report
     // and we'll waste a bunch of time responding to it. Time that
     // could've been spent doing something else.
     $summary = escape_tags(trim($_POST['summary']));
     $desc = escape_tags(trim($_POST['desc']));
     $location = escape_tags(trim($_POST['location']));
     $type = escape_tags(trim($_POST['type']));
     require_once 'include/text.php';
     linkify_tags($a, $desc, local_channel());
     linkify_tags($a, $location, local_channel());
     //$action = ($event_hash == '') ? 'new' : "event/" . $event_hash;
     //fixme: this url gives a wsod if there is a linebreak detected in one of the variables ($desc or $location)
     //$onerror_url = z_root() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish&type=$type";
     $onerror_url = z_root() . "/events";
     if (strcmp($finish, $start) < 0 && !$nofinish) {
         notice(t('Event can not end before it has started.') . EOL);
         if (intval($_REQUEST['preview'])) {
             echo t('Unable to generate preview.');
             killme();
         }
         goaway($onerror_url);
     }
     if (!$summary || !$start) {
         notice(t('Event title and start time are required.') . EOL);
         if (intval($_REQUEST['preview'])) {
             echo t('Unable to generate preview.');
             killme();
         }
         goaway($onerror_url);
     }
     $share = intval($_POST['share']) ? intval($_POST['share']) : 0;
     $channel = \App::get_channel();
     $acl = new \Zotlabs\Access\AccessList(false);
     if ($event_id) {
         $x = q("select * from event where id = %d and uid = %d limit 1", intval($event_id), intval(local_channel()));
         if (!$x) {
             notice(t('Event not found.') . EOL);
             if (intval($_REQUEST['preview'])) {
                 echo t('Unable to generate preview.');
                 killme();
             }
             return;
         }
         $acl->set($x[0]);
         $created = $x[0]['created'];
         $edited = datetime_convert();
         if ($x[0]['allow_cid'] === '<' . $channel['channel_hash'] . '>' && $x[0]['allow_gid'] === '' && $x[0]['deny_cid'] === '' && $x[0]['deny_gid'] === '') {
             $share = false;
         } else {
             $share = true;
         }
     } else {
         $created = $edited = datetime_convert();
         if ($share) {
             $acl->set_from_array($_POST);
         } else {
             $acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
         }
     }
     $post_tags = array();
     $channel = \App::get_channel();
     $ac = $acl->get();
     if (strlen($categories)) {
         $cats = explode(',', $categories);
         foreach ($cats as $cat) {
             $post_tags[] = array('uid' => $profile_uid, 'ttype' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), 'url' => $channel['xchan_url'] . '?f=&cat=' . urlencode(trim($cat)));
         }
     }
     $datarray = array();
     $datarray['dtstart'] = $start;
     $datarray['dtend'] = $finish;
     $datarray['summary'] = $summary;
     $datarray['description'] = $desc;
     $datarray['location'] = $location;
     $datarray['etype'] = $type;
     $datarray['adjust'] = $adjust;
     $datarray['nofinish'] = $nofinish;
     $datarray['uid'] = local_channel();
     $datarray['account'] = get_account_id();
     $datarray['event_xchan'] = $channel['channel_hash'];
     $datarray['allow_cid'] = $ac['allow_cid'];
     $datarray['allow_gid'] = $ac['allow_gid'];
     $datarray['deny_cid'] = $ac['deny_cid'];
     $datarray['deny_gid'] = $ac['deny_gid'];
     $datarray['private'] = $acl->is_private() ? 1 : 0;
     $datarray['id'] = $event_id;
     $datarray['created'] = $created;
     $datarray['edited'] = $edited;
     if (intval($_REQUEST['preview'])) {
         $html = format_event_html($datarray);
         echo $html;
         killme();
     }
     $event = event_store_event($datarray);
     if ($post_tags) {
         $datarray['term'] = $post_tags;
     }
     $item_id = event_store_item($datarray, $event);
     if ($item_id) {
         $r = q("select * from item where id = %d", intval($item_id));
         if ($r) {
             xchan_query($r);
             $sync_item = fetch_post_tags($r);
             $z = q("select * from event where event_hash = '%s' and uid = %d limit 1", dbesc($r[0]['resource_id']), intval($channel['channel_id']));
             if ($z) {
                 build_sync_packet($channel['channel_id'], array('event_item' => array(encode_item($sync_item[0], true)), 'event' => $z));
             }
         }
     }
     if ($share) {
         \Zotlabs\Daemon\Master::Summon(array('Notifier', 'event', $item_id));
     }
 }
Example #14
0
 function get()
 {
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $channel = \App::get_channel();
     $newuser = false;
     if (argc() == 2 && argv(1) === 'new') {
         $newuser = true;
     }
     if (argv(1) === 'use') {
         if (argc() < 3) {
             notice(t('Permission denied.') . EOL);
             return;
         }
         $resource_id = argv(2);
         // When using an existing photo, we don't have a dialogue to offer a choice of profiles,
         // so it gets attached to the default
         $p = q("select id from profile where is_default = 1 and uid = %d", intval(local_channel()));
         if ($p) {
             $_REQUEST['profile'] = $p[0]['id'];
         }
         $r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC", intval(local_channel()), dbesc($resource_id));
         if (!$r) {
             notice(t('Photo not available.') . EOL);
             return;
         }
         $havescale = false;
         foreach ($r as $rr) {
             if ($rr['imgscale'] == PHOTO_RES_PROFILE_80) {
                 $havescale = true;
             }
         }
         // set an already loaded and cropped photo as profile photo
         if ($r[0]['album'] == t('Profile Photos') && $havescale) {
             // unset any existing profile photos
             $r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval(local_channel()));
             $r = q("UPDATE photo SET photo_usage = %d WHERE uid = %d AND resource_id = '%s'", intval(PHOTO_PROFILE), intval(local_channel()), dbesc($resource_id));
             $r = q("UPDATE xchan set xchan_photo_date = '%s' \n\t\t\t\t\twhere xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
             profile_photo_set_profile_perms(local_channel());
             // Reset default photo permissions to public
             \Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
             goaway(z_root() . '/profiles');
         }
         $r = q("SELECT content, mimetype, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1", intval($r[0]['id']), intval(local_channel()));
         if (!$r) {
             notice(t('Photo not available.') . EOL);
             return;
         }
         if (intval($r[0]['os_storage'])) {
             $data = @file_get_contents($r[0]['content']);
         } else {
             $data = dbunescbin($r[0]['content']);
         }
         $ph = photo_factory($data, $r[0]['mimetype']);
         $smallest = 0;
         if ($ph->is_valid()) {
             // go ahead as if we have just uploaded a new photo to crop
             $i = q("select resource_id, imgscale from photo where resource_id = '%s' and uid = %d order by imgscale", dbesc($r[0]['resource_id']), intval(local_channel()));
             if ($i) {
                 $hash = $i[0]['resource_id'];
                 foreach ($i as $ii) {
                     if (intval($ii['imgscale']) < PHOTO_RES_640) {
                         $smallest = intval($ii['imgscale']);
                     }
                 }
             }
         }
         $this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest);
         // falls through with App::$data['imagecrop'] set so we go straight to the cropping section
     }
     // present an upload form
     $profiles = q("select id, profile_name as name, is_default from profile where uid = %d order by id asc", intval(local_channel()));
     if (!x(\App::$data, 'imagecrop')) {
         $tpl = get_markup_template('profile_photo.tpl');
         $o .= replace_macros($tpl, array('$user' => \App::$channel['channel_address'], '$lbl_upfile' => t('Upload File:'), '$lbl_profiles' => t('Select a profile:'), '$title' => t('Upload Profile Photo'), '$submit' => t('Upload'), '$profiles' => $profiles, '$single' => count($profiles) == 1 ? true : false, '$profile0' => $profiles[0], '$form_security_token' => get_form_security_token("profile_photo"), '$select' => sprintf('%s %s', t('or'), $newuser ? '<a href="' . z_root() . '">' . t('skip this step') . '</a>' : '<a href="' . z_root() . '/photos/' . \App::$channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')));
         call_hooks('profile_photo_content_end', $o);
         return $o;
     } else {
         // present a cropping form
         $filename = \App::$data['imagecrop'] . '-' . \App::$data['imagecrop_resolution'];
         $resolution = \App::$data['imagecrop_resolution'];
         $tpl = get_markup_template("cropbody.tpl");
         $o .= replace_macros($tpl, array('$filename' => $filename, '$profile' => intval($_REQUEST['profile']), '$resource' => \App::$data['imagecrop'] . '-' . \App::$data['imagecrop_resolution'], '$image_url' => z_root() . '/photo/' . $filename, '$title' => t('Crop Image'), '$desc' => t('Please adjust the image cropping for optimum viewing.'), '$form_security_token' => get_form_security_token("profile_photo"), '$done' => t('Done Editing')));
         return $o;
     }
     return;
     // NOTREACHED
 }
Example #15
0
 function import_account($account_id)
 {
     if (!$account_id) {
         logger("import_account: No account ID supplied");
         return;
     }
     $max_identities = account_service_class_fetch($account_id, 'total_identities');
     $max_friends = account_service_class_fetch($account_id, 'total_channels');
     $max_feeds = account_service_class_fetch($account_id, 'total_feeds');
     if ($max_identities !== false) {
         $r = q("select channel_id from channel where channel_account_id = %d", intval($account_id));
         if ($r && count($r) > $max_identities) {
             notice(sprintf(t('Your service plan only allows %d channels.'), $max_identities) . EOL);
             return;
         }
     }
     $data = null;
     $seize = x($_REQUEST, 'make_primary') ? intval($_REQUEST['make_primary']) : 0;
     $import_posts = x($_REQUEST, 'import_posts') ? intval($_REQUEST['import_posts']) : 0;
     $src = $_FILES['filename']['tmp_name'];
     $filename = basename($_FILES['filename']['name']);
     $filesize = intval($_FILES['filename']['size']);
     $filetype = $_FILES['filename']['type'];
     $completed = array_key_exists('import_step', $_SESSION) ? intval($_SESSION['import_step']) : 0;
     if ($completed) {
         logger('saved import step: ' . $_SESSION['import_step']);
     }
     if ($src) {
         // This is OS specific and could also fail if your tmpdir isn't very large
         // mostly used for Diaspora which exports gzipped files.
         if (strpos($filename, '.gz')) {
             @rename($src, $src . '.gz');
             @system('gunzip ' . escapeshellarg($src . '.gz'));
         }
         if ($filesize) {
             $data = @file_get_contents($src);
         }
         unlink($src);
     }
     if (!$src) {
         $old_address = x($_REQUEST, 'old_address') ? $_REQUEST['old_address'] : '';
         if (!$old_address) {
             logger('mod_import: nothing to import.');
             notice(t('Nothing to import.') . EOL);
             return;
         }
         $email = x($_REQUEST, 'email') ? $_REQUEST['email'] : '';
         $password = x($_REQUEST, 'password') ? $_REQUEST['password'] : '';
         $channelname = substr($old_address, 0, strpos($old_address, '@'));
         $servername = substr($old_address, strpos($old_address, '@') + 1);
         $scheme = 'https://';
         $api_path = '/api/red/channel/export/basic?f=&channel=' . $channelname;
         if ($import_posts) {
             $api_path .= '&posts=1';
         }
         $binary = false;
         $redirects = 0;
         $opts = array('http_auth' => $email . ':' . $password);
         $url = $scheme . $servername . $api_path;
         $ret = z_fetch_url($url, $binary, $redirects, $opts);
         if (!$ret['success']) {
             $ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
         }
         if ($ret['success']) {
             $data = $ret['body'];
         } else {
             notice(t('Unable to download data from old server') . EOL);
         }
     }
     if (!$data) {
         logger('mod_import: empty file.');
         notice(t('Imported file is empty.') . EOL);
         return;
     }
     $data = json_decode($data, true);
     //	logger('import: data: ' . print_r($data,true));
     //	print_r($data);
     if (array_key_exists('user', $data) && array_key_exists('version', $data)) {
         require_once 'include/Import/import_diaspora.php';
         import_diaspora($data);
         return;
     }
     $moving = false;
     if (array_key_exists('compatibility', $data) && array_key_exists('database', $data['compatibility'])) {
         $v1 = substr($data['compatibility']['database'], -4);
         $v2 = substr(DB_UPDATE_VERSION, -4);
         if ($v2 > $v1) {
             $t = sprintf(t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1);
             notice($t);
         }
         if (array_key_exists('server_role', $data['compatibility']) && $data['compatibility']['server_role'] == 'basic') {
             $moving = true;
         }
     }
     if ($moving) {
         $seize = 1;
     }
     // import channel
     $relocate = array_key_exists('relocate', $data) ? $data['relocate'] : null;
     if (array_key_exists('channel', $data)) {
         if ($completed < 1) {
             $channel = import_channel($data['channel'], $account_id, $seize);
         } else {
             $r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", intval($account_id), dbesc($channel['channel_guid']));
             if ($r) {
                 $channel = $r[0];
             }
         }
         if (!$channel) {
             logger('mod_import: channel not found. ', print_r($channel, true));
             notice(t('Cloned channel not found. Import failed.') . EOL);
             return;
         }
     }
     if (!$channel) {
         $channel = \App::get_channel();
     }
     if (!$channel) {
         logger('mod_import: channel not found. ', print_r($channel, true));
         notice(t('No channel. Import failed.') . EOL);
         return;
     }
     if ($completed < 2) {
         if (is_array($data['config'])) {
             import_config($channel, $data['config']);
         }
         logger('import step 2');
         $_SESSION['import_step'] = 2;
     }
     if ($completed < 3) {
         if ($data['photo']) {
             require_once 'include/photo/photo_driver.php';
             import_channel_photo(base64url_decode($data['photo']['data']), $data['photo']['type'], $account_id, $channel['channel_id']);
         }
         if (is_array($data['profile'])) {
             import_profiles($channel, $data['profile']);
         }
         logger('import step 3');
         $_SESSION['import_step'] = 3;
     }
     if ($completed < 4) {
         if (is_array($data['hubloc']) && !$moving) {
             import_hublocs($channel, $data['hubloc'], $seize);
         }
         logger('import step 4');
         $_SESSION['import_step'] = 4;
     }
     if ($completed < 5) {
         // create new hubloc for the new channel at this site
         $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_network, hubloc_primary, \n\t\t\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey )\n\t\t\t\tvalues ( '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_hash']), dbesc(channel_reddress($channel)), dbesc('zot'), intval($seize ? 1 : 0), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $channel['channel_prvkey']))), dbesc(\App::get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')));
         // reset the original primary hubloc if it is being seized
         if ($seize) {
             $r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ", dbesc($channel['channel_hash']), dbesc(z_root()));
         }
         logger('import step 5');
         $_SESSION['import_step'] = 5;
     }
     if ($completed < 6) {
         // import xchans and contact photos
         if ($seize) {
             // replace any existing xchan we may have on this site if we're seizing control
             $r = q("delete from xchan where xchan_hash = '%s'", dbesc($channel['channel_hash']));
             $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_hidden, xchan_orphan, xchan_censored, xchan_selfcensored, xchan_system, xchan_pubforum, xchan_deleted ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, %d, %d )", dbesc($channel['channel_hash']), dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_pubkey']), dbesc(z_root() . "/photo/profile/l/" . $channel['channel_id']), dbesc(z_root() . "/photo/profile/m/" . $channel['channel_id']), dbesc(z_root() . "/photo/profile/s/" . $channel['channel_id']), dbesc(channel_reddress($channel)), dbesc(z_root() . '/channel/' . $channel['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $channel['channel_address']), dbesc($channel['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()), 0, 0, 0, 0, 0, 0, 0);
         }
         logger('import step 6');
         $_SESSION['import_step'] = 6;
     }
     if ($completed < 7) {
         $xchans = $data['xchan'];
         if ($xchans) {
             foreach ($xchans as $xchan) {
                 $hash = make_xchan_hash($xchan['xchan_guid'], $xchan['xchan_guid_sig']);
                 if ($xchan['xchan_network'] === 'zot' && $hash !== $xchan['xchan_hash']) {
                     logger('forged xchan: ' . print_r($xchan, true));
                     continue;
                 }
                 if (!array_key_exists('xchan_hidden', $xchan)) {
                     $xchan['xchan_hidden'] = $xchan['xchan_flags'] & 0x1 ? 1 : 0;
                     $xchan['xchan_orphan'] = $xchan['xchan_flags'] & 0x2 ? 1 : 0;
                     $xchan['xchan_censored'] = $xchan['xchan_flags'] & 0x4 ? 1 : 0;
                     $xchan['xchan_selfcensored'] = $xchan['xchan_flags'] & 0x8 ? 1 : 0;
                     $xchan['xchan_system'] = $xchan['xchan_flags'] & 0x10 ? 1 : 0;
                     $xchan['xchan_pubforum'] = $xchan['xchan_flags'] & 0x20 ? 1 : 0;
                     $xchan['xchan_deleted'] = $xchan['xchan_flags'] & 0x1000 ? 1 : 0;
                 }
                 $r = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1", dbesc($xchan['xchan_hash']));
                 if ($r) {
                     continue;
                 }
                 dbesc_array($xchan);
                 $r = dbq("INSERT INTO xchan (`" . implode("`, `", array_keys($xchan)) . "`) VALUES ('" . implode("', '", array_values($xchan)) . "')");
                 require_once 'include/photo/photo_driver.php';
                 $photos = import_xchan_photo($xchan['xchan_photo_l'], $xchan['xchan_hash']);
                 if ($photos[4]) {
                     $photodate = NULL_DATE;
                 } else {
                     $photodate = $xchan['xchan_photo_date'];
                 }
                 $r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s'\n\t\t\t\t\t\twhere xchan_hash = '%s'", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc($photos[3]), dbesc($photodate), dbesc($xchan['xchan_hash']));
             }
         }
         logger('import step 7');
         $_SESSION['import_step'] = 7;
     }
     // FIXME - ensure we have an xchan if somebody is trying to pull a fast one
     if ($completed < 8) {
         $friends = 0;
         $feeds = 0;
         // import contacts
         $abooks = $data['abook'];
         if ($abooks) {
             foreach ($abooks as $abook) {
                 $abook_copy = $abook;
                 $abconfig = null;
                 if (array_key_exists('abconfig', $abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) {
                     $abconfig = $abook['abconfig'];
                 }
                 unset($abook['abook_id']);
                 unset($abook['abook_rating']);
                 unset($abook['abook_rating_text']);
                 unset($abook['abconfig']);
                 unset($abook['abook_their_perms']);
                 unset($abook['abook_my_perms']);
                 $abook['abook_account'] = $account_id;
                 $abook['abook_channel'] = $channel['channel_id'];
                 if (!array_key_exists('abook_blocked', $abook)) {
                     $abook['abook_blocked'] = $abook['abook_flags'] & 0x1 ? 1 : 0;
                     $abook['abook_ignored'] = $abook['abook_flags'] & 0x2 ? 1 : 0;
                     $abook['abook_hidden'] = $abook['abook_flags'] & 0x4 ? 1 : 0;
                     $abook['abook_archived'] = $abook['abook_flags'] & 0x8 ? 1 : 0;
                     $abook['abook_pending'] = $abook['abook_flags'] & 0x10 ? 1 : 0;
                     $abook['abook_unconnected'] = $abook['abook_flags'] & 0x20 ? 1 : 0;
                     $abook['abook_self'] = $abook['abook_flags'] & 0x80 ? 1 : 0;
                     $abook['abook_feed'] = $abook['abook_flags'] & 0x100 ? 1 : 0;
                 }
                 if ($abook['abook_self']) {
                     $role = get_pconfig($channel['channel_id'], 'system', 'permissions_role');
                     if ($role === 'forum' || $abook['abook_my_perms'] & PERMS_W_TAGWALL) {
                         q("update xchan set xchan_pubforum = 1 where xchan_hash = '%s' ", dbesc($abook['abook_xchan']));
                     }
                 } else {
                     if ($max_friends !== false && $friends > $max_friends) {
                         continue;
                     }
                     if ($max_feeds !== false && intval($abook['abook_feed']) && $feeds > $max_feeds) {
                         continue;
                     }
                 }
                 dbesc_array($abook);
                 $r = dbq("INSERT INTO abook (`" . implode("`, `", array_keys($abook)) . "`) VALUES ('" . implode("', '", array_values($abook)) . "')");
                 $friends++;
                 if (intval($abook['abook_feed'])) {
                     $feeds++;
                 }
                 translate_abook_perms_inbound($channel, $abook_copy);
                 if ($abconfig) {
                     // @fixme does not handle sync of del_abconfig
                     foreach ($abconfig as $abc) {
                         set_abconfig($channel['channel_id'], $abc['xchan'], $abc['cat'], $abc['k'], $abc['v']);
                     }
                 }
             }
         }
         logger('import step 8');
         $_SESSION['import_step'] = 8;
     }
     if ($completed < 9) {
         $groups = $data['group'];
         if ($groups) {
             $saved = array();
             foreach ($groups as $group) {
                 $saved[$group['hash']] = array('old' => $group['id']);
                 if (array_key_exists('name', $group)) {
                     $group['gname'] = $group['name'];
                     unset($group['name']);
                 }
                 unset($group['id']);
                 $group['uid'] = $channel['channel_id'];
                 dbesc_array($group);
                 $r = dbq("INSERT INTO groups (`" . implode("`, `", array_keys($group)) . "`) VALUES ('" . implode("', '", array_values($group)) . "')");
             }
             $r = q("select * from `groups` where uid = %d", intval($channel['channel_id']));
             if ($r) {
                 foreach ($r as $rr) {
                     $saved[$rr['hash']]['new'] = $rr['id'];
                 }
             }
         }
         $group_members = $data['group_member'];
         if ($group_members) {
             foreach ($group_members as $group_member) {
                 unset($group_member['id']);
                 $group_member['uid'] = $channel['channel_id'];
                 foreach ($saved as $x) {
                     if ($x['old'] == $group_member['gid']) {
                         $group_member['gid'] = $x['new'];
                     }
                 }
                 dbesc_array($group_member);
                 $r = dbq("INSERT INTO group_member (`" . implode("`, `", array_keys($group_member)) . "`) VALUES ('" . implode("', '", array_values($group_member)) . "')");
             }
         }
         logger('import step 9');
         $_SESSION['import_step'] = 9;
     }
     if (is_array($data['obj'])) {
         import_objs($channel, $data['obj']);
     }
     if (is_array($data['likes'])) {
         import_likes($channel, $data['likes']);
     }
     if (is_array($data['app'])) {
         import_apps($channel, $data['app']);
     }
     if (is_array($data['chatroom'])) {
         import_chatrooms($channel, $data['chatroom']);
     }
     if (is_array($data['conv'])) {
         import_conv($channel, $data['conv']);
     }
     if (is_array($data['mail'])) {
         import_mail($channel, $data['mail']);
     }
     if (is_array($data['event'])) {
         import_events($channel, $data['event']);
     }
     if (is_array($data['event_item'])) {
         import_items($channel, $data['event_item'], false, $relocate);
     }
     if (is_array($data['menu'])) {
         import_menus($channel, $data['menu']);
     }
     $addon = array('channel' => $channel, 'data' => $data);
     call_hooks('import_channel', $addon);
     $saved_notification_flags = notifications_off($channel['channel_id']);
     if ($import_posts && array_key_exists('item', $data) && $data['item']) {
         import_items($channel, $data['item'], false, $relocate);
     }
     notifications_on($channel['channel_id'], $saved_notification_flags);
     if (array_key_exists('item_id', $data) && $data['item_id']) {
         import_item_ids($channel, $data['item_id']);
     }
     // FIXME - ensure we have a self entry if somebody is trying to pull a fast one
     // send out refresh requests
     // notify old server that it may no longer be primary.
     \Zotlabs\Daemon\Master::Summon(array('Notifier', 'location', $channel['channel_id']));
     // This will indirectly perform a refresh_all *and* update the directory
     \Zotlabs\Daemon\Master::Summon(array('Directory', $channel['channel_id']));
     notice(t('Import completed.') . EOL);
     change_channel($channel['channel_id']);
     unset($_SESSION['import_step']);
     goaway(z_root() . '/network');
 }
Example #16
0
function poller_run($argc, $argv)
{
    cli_startup();
    \Zotlabs\Daemon\Master::Summon(array('Cron'));
}
Example #17
0
 function post()
 {
     // This will change. Figure out who the observer is and whether or not
     // they have permission to post here. Else ignore the post.
     if (!local_channel() && !remote_channel() && !x($_REQUEST, 'commenter')) {
         return;
     }
     require_once 'include/security.php';
     $uid = local_channel();
     $channel = null;
     $observer = null;
     /**
      * Is this a reply to something?
      */
     $parent = x($_REQUEST, 'parent') ? intval($_REQUEST['parent']) : 0;
     $parent_mid = x($_REQUEST, 'parent_mid') ? trim($_REQUEST['parent_mid']) : '';
     $remote_xchan = x($_REQUEST, 'remote_xchan') ? trim($_REQUEST['remote_xchan']) : false;
     $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($remote_xchan));
     if ($r) {
         $remote_observer = $r[0];
     } else {
         $remote_xchan = $remote_observer = false;
     }
     $profile_uid = x($_REQUEST, 'profile_uid') ? intval($_REQUEST['profile_uid']) : 0;
     require_once 'include/channel.php';
     $sys = get_sys_channel();
     if ($sys && $profile_uid && $sys['channel_id'] == $profile_uid && is_site_admin()) {
         $uid = intval($sys['channel_id']);
         $channel = $sys;
         $observer = $sys;
     }
     if (x($_REQUEST, 'dropitems')) {
         require_once 'include/items.php';
         $arr_drop = explode(',', $_REQUEST['dropitems']);
         drop_items($arr_drop);
         $json = array('success' => 1);
         echo json_encode($json);
         killme();
     }
     call_hooks('post_local_start', $_REQUEST);
     //	 logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
     $api_source = x($_REQUEST, 'api_source') && $_REQUEST['api_source'] ? true : false;
     $consensus = intval($_REQUEST['consensus']);
     // 'origin' (if non-zero) indicates that this network is where the message originated,
     // for the purpose of relaying comments to other conversation members.
     // If using the API from a device (leaf node) you must set origin to 1 (default) or leave unset.
     // If the API is used from another network with its own distribution
     // and deliveries, you may wish to set origin to 0 or false and allow the other
     // network to relay comments.
     // If you are unsure, it is prudent (and important) to leave it unset.
     $origin = $api_source && array_key_exists('origin', $_REQUEST) ? intval($_REQUEST['origin']) : 1;
     // To represent message-ids on other networks - this will create an iconfig record
     $namespace = $api_source && array_key_exists('namespace', $_REQUEST) ? strip_tags($_REQUEST['namespace']) : '';
     $remote_id = $api_source && array_key_exists('remote_id', $_REQUEST) ? strip_tags($_REQUEST['remote_id']) : '';
     $owner_hash = null;
     $message_id = x($_REQUEST, 'message_id') && $api_source ? strip_tags($_REQUEST['message_id']) : '';
     $created = x($_REQUEST, 'created') ? datetime_convert(date_default_timezone_get(), 'UTC', $_REQUEST['created']) : datetime_convert();
     $post_id = x($_REQUEST, 'post_id') ? intval($_REQUEST['post_id']) : 0;
     $app = x($_REQUEST, 'source') ? strip_tags($_REQUEST['source']) : '';
     $return_path = x($_REQUEST, 'return') ? $_REQUEST['return'] : '';
     $preview = x($_REQUEST, 'preview') ? intval($_REQUEST['preview']) : 0;
     $categories = x($_REQUEST, 'category') ? escape_tags($_REQUEST['category']) : '';
     $webpage = x($_REQUEST, 'webpage') ? intval($_REQUEST['webpage']) : 0;
     $pagetitle = x($_REQUEST, 'pagetitle') ? escape_tags(urlencode($_REQUEST['pagetitle'])) : '';
     $layout_mid = x($_REQUEST, 'layout_mid') ? escape_tags($_REQUEST['layout_mid']) : '';
     $plink = x($_REQUEST, 'permalink') ? escape_tags($_REQUEST['permalink']) : '';
     $obj_type = x($_REQUEST, 'obj_type') ? escape_tags($_REQUEST['obj_type']) : ACTIVITY_OBJ_NOTE;
     // allow API to bulk load a bunch of imported items with sending out a bunch of posts.
     $nopush = x($_REQUEST, 'nopush') ? intval($_REQUEST['nopush']) : 0;
     /*
      * Check service class limits
      */
     if ($uid && !x($_REQUEST, 'parent') && !x($_REQUEST, 'post_id')) {
         $ret = $this->item_check_service_class($uid, $_REQUEST['webpage'] == ITEM_TYPE_WEBPAGE ? true : false);
         if (!$ret['success']) {
             notice(t($ret['message']) . EOL);
             if (x($_REQUEST, 'return')) {
                 goaway(z_root() . "/" . $return_path);
             }
             killme();
         }
     }
     if ($pagetitle) {
         require_once 'library/urlify/URLify.php';
         $pagetitle = strtolower(\URLify::transliterate($pagetitle));
     }
     $item_flags = $item_restrict = 0;
     $route = '';
     $parent_item = null;
     $parent_contact = null;
     $thr_parent = '';
     $parid = 0;
     $r = false;
     if ($parent || $parent_mid) {
         if (!x($_REQUEST, 'type')) {
             $_REQUEST['type'] = 'net-comment';
         }
         if ($obj_type == ACTIVITY_OBJ_POST) {
             $obj_type = ACTIVITY_OBJ_COMMENT;
         }
         if ($parent) {
             $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", intval($parent));
         } elseif ($parent_mid && $uid) {
             // This is coming from an API source, and we are logged in
             $r = q("SELECT * FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", dbesc($parent_mid), intval($uid));
         }
         // if this isn't the real parent of the conversation, find it
         if ($r !== false && count($r)) {
             $parid = $r[0]['parent'];
             $parent_mid = $r[0]['mid'];
             if ($r[0]['id'] != $r[0]['parent']) {
                 $r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", intval($parid));
             }
         }
         if ($r === false || !count($r)) {
             notice(t('Unable to locate original post.') . EOL);
             if (x($_REQUEST, 'return')) {
                 goaway(z_root() . "/" . $return_path);
             }
             killme();
         }
         // can_comment_on_post() needs info from the following xchan_query
         // This may be from the discover tab which means we need to correct the effective uid
         xchan_query($r, true, $r[0]['uid'] == local_channel() ? 0 : local_channel());
         $parent_item = $r[0];
         $parent = $r[0]['id'];
         // multi-level threading - preserve the info but re-parent to our single level threading
         $thr_parent = $parent_mid;
         $route = $parent_item['route'];
     }
     if (!$observer) {
         $observer = \App::get_observer();
     }
     if ($parent) {
         logger('mod_item: item_post parent=' . $parent);
         $can_comment = false;
         if (array_key_exists('owner', $parent_item) && intval($parent_item['owner']['abook_self'])) {
             $can_comment = perm_is_allowed($profile_uid, $observer['xchan_hash'], 'post_comments');
         } else {
             $can_comment = can_comment_on_post($observer['xchan_hash'], $parent_item);
         }
         if (!$can_comment) {
             notice(t('Permission denied.') . EOL);
             if (x($_REQUEST, 'return')) {
                 goaway(z_root() . "/" . $return_path);
             }
             killme();
         }
     } else {
         if (!perm_is_allowed($profile_uid, $observer['xchan_hash'], $webpage ? 'write_pages' : 'post_wall')) {
             notice(t('Permission denied.') . EOL);
             if (x($_REQUEST, 'return')) {
                 goaway(z_root() . "/" . $return_path);
             }
             killme();
         }
     }
     // is this an edited post?
     $orig_post = null;
     if ($namespace && $remote_id) {
         // It wasn't an internally generated post - see if we've got an item matching this remote service id
         $i = q("select iid from iconfig where cat = 'system' and k = '%s' and v = '%s' limit 1", dbesc($namespace), dbesc($remote_id));
         if ($i) {
             $post_id = $i[0]['iid'];
         }
     }
     $iconfig = null;
     if ($post_id) {
         $i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($post_id));
         if (!count($i)) {
             killme();
         }
         $orig_post = $i[0];
         $iconfig = q("select * from iconfig where iid = %d", intval($post_id));
     }
     if (!$channel) {
         if ($uid && $uid == $profile_uid) {
             $channel = \App::get_channel();
         } else {
             // posting as yourself but not necessarily to a channel you control
             $r = q("select * from channel left join account on channel_account_id = account_id where channel_id = %d LIMIT 1", intval($profile_uid));
             if ($r) {
                 $channel = $r[0];
             }
         }
     }
     if (!$channel) {
         logger("mod_item: no channel.");
         if (x($_REQUEST, 'return')) {
             goaway(z_root() . "/" . $return_path);
         }
         killme();
     }
     $owner_xchan = null;
     $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($channel['channel_hash']));
     if ($r && count($r)) {
         $owner_xchan = $r[0];
     } else {
         logger("mod_item: no owner.");
         if (x($_REQUEST, 'return')) {
             goaway(z_root() . "/" . $return_path);
         }
         killme();
     }
     $walltowall = false;
     $walltowall_comment = false;
     if ($remote_xchan) {
         $observer = $remote_observer;
     }
     if ($observer) {
         logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG);
         // wall-to-wall detection.
         // For top-level posts, if the author and owner are different it's a wall-to-wall
         // For comments, We need to additionally look at the parent and see if it's a wall post that originated locally.
         if ($observer['xchan_name'] != $owner_xchan['xchan_name']) {
             if ($parent_item && ($parent_item['item_wall'] && $parent_item['item_origin'])) {
                 $walltowall_comment = true;
                 $walltowall = true;
             }
             if (!$parent) {
                 $walltowall = true;
             }
         }
     }
     $acl = new \Zotlabs\Access\AccessList($channel);
     $public_policy = x($_REQUEST, 'public_policy') ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'], true);
     if ($webpage) {
         $public_policy = '';
     }
     if ($public_policy) {
         $private = 1;
     }
     if ($orig_post) {
         $private = 0;
         // webpages are allowed to change ACLs after the fact. Normal conversation items aren't.
         if ($webpage) {
             $acl->set_from_array($_REQUEST);
         } else {
             $acl->set($orig_post);
             $public_policy = $orig_post['public_policy'];
             $private = $orig_post['item_private'];
         }
         if ($private || $public_policy || $acl->is_private()) {
             $private = 1;
         }
         $location = $orig_post['location'];
         $coord = $orig_post['coord'];
         $verb = $orig_post['verb'];
         $app = $orig_post['app'];
         $title = escape_tags(trim($_REQUEST['title']));
         $body = trim($_REQUEST['body']);
         $item_flags = $orig_post['item_flags'];
         $item_origin = $orig_post['item_origin'];
         $item_unseen = $orig_post['item_unseen'];
         $item_starred = $orig_post['item_starred'];
         $item_uplink = $orig_post['item_uplink'];
         $item_consensus = $orig_post['item_consensus'];
         $item_wall = $orig_post['item_wall'];
         $item_thread_top = $orig_post['item_thread_top'];
         $item_notshown = $orig_post['item_notshown'];
         $item_nsfw = $orig_post['item_nsfw'];
         $item_relay = $orig_post['item_relay'];
         $item_mentionsme = $orig_post['item_mentionsme'];
         $item_nocomment = $orig_post['item_nocomment'];
         $item_obscured = $orig_post['item_obscured'];
         $item_verified = $orig_post['item_verified'];
         $item_retained = $orig_post['item_retained'];
         $item_rss = $orig_post['item_rss'];
         $item_deleted = $orig_post['item_deleted'];
         $item_type = $orig_post['item_type'];
         $item_hidden = $orig_post['item_hidden'];
         $item_unpublished = $orig_post['item_unpublished'];
         $item_delayed = $orig_post['item_delayed'];
         $item_pending_remove = $orig_post['item_pending_remove'];
         $item_blocked = $orig_post['item_blocked'];
         $postopts = $orig_post['postopts'];
         $created = $orig_post['created'];
         $mid = $orig_post['mid'];
         $parent_mid = $orig_post['parent_mid'];
         $plink = $orig_post['plink'];
     } else {
         if (!$walltowall) {
             if (array_key_exists('contact_allow', $_REQUEST) || array_key_exists('group_allow', $_REQUEST) || array_key_exists('contact_deny', $_REQUEST) || array_key_exists('group_deny', $_REQUEST)) {
                 $acl->set_from_array($_REQUEST);
             } elseif (!$api_source) {
                 // if no ACL has been defined and we aren't using the API, the form
                 // didn't send us any parameters. This means there's no ACL or it has
                 // been reset to the default audience.
                 // If $api_source is set and there are no ACL parameters, we default
                 // to the channel permissions which were set in the ACL contructor.
                 $acl->set(array('allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
             }
         }
         $location = notags(trim($_REQUEST['location']));
         $coord = notags(trim($_REQUEST['coord']));
         $verb = notags(trim($_REQUEST['verb']));
         $title = escape_tags(trim($_REQUEST['title']));
         $body = trim($_REQUEST['body']);
         $body .= trim($_REQUEST['attachment']);
         $postopts = '';
         $private = intval($acl->is_private() || $public_policy);
         // If this is a comment, set the permissions from the parent.
         if ($parent_item) {
             $private = 0;
             $acl->set($parent_item);
             $private = intval($acl->is_private() || $parent_item['item_private']);
             $public_policy = $parent_item['public_policy'];
             $owner_hash = $parent_item['owner_xchan'];
         }
         if (!strlen($body)) {
             if ($preview) {
                 killme();
             }
             info(t('Empty post discarded.') . EOL);
             if (x($_REQUEST, 'return')) {
                 goaway(z_root() . "/" . $return_path);
             }
             killme();
         }
     }
     $expires = NULL_DATE;
     if (feature_enabled($profile_uid, 'content_expire')) {
         if (x($_REQUEST, 'expire')) {
             $expires = datetime_convert(date_default_timezone_get(), 'UTC', $_REQUEST['expire']);
             if ($expires <= datetime_convert()) {
                 $expires = NULL_DATE;
             }
         }
     }
     $mimetype = notags(trim($_REQUEST['mimetype']));
     if (!$mimetype) {
         $mimetype = 'text/bbcode';
     }
     if ($preview) {
         $body = z_input_filter($profile_uid, $body, $mimetype);
     }
     // Verify ability to use html or php!!!
     $execflag = false;
     if ($mimetype !== 'text/bbcode') {
         $z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", intval($profile_uid));
         if ($z && ($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE || $z[0]['channel_pageflags'] & PAGE_ALLOWCODE)) {
             if ($uid && get_account_id() == $z[0]['account_id']) {
                 $execflag = true;
             } else {
                 notice(t('Executable content type not permitted to this channel.') . EOL);
                 if (x($_REQUEST, 'return')) {
                     goaway(z_root() . "/" . $return_path);
                 }
                 killme();
             }
         }
     }
     $gacl = $acl->get();
     $str_contact_allow = $gacl['allow_cid'];
     $str_group_allow = $gacl['allow_gid'];
     $str_contact_deny = $gacl['deny_cid'];
     $str_group_deny = $gacl['deny_gid'];
     if ($mimetype === 'text/bbcode') {
         require_once 'include/text.php';
         // Markdown doesn't work correctly. Do not re-enable unless you're willing to fix it and support it.
         // Sample that will probably give you grief - you must preserve the linebreaks
         // and provide the correct markdown interpretation and you cannot allow unfiltered HTML
         // Markdown
         // ========
         //
         // **bold** abcde
         // fghijkl
         // *italic*
         // <img src="javascript:alert('hacked');" />
         //		if($uid && $uid == $profile_uid && feature_enabled($uid,'markdown')) {
         //			require_once('include/bb2diaspora.php');
         //			$body = escape_tags(trim($body));
         //			$body = str_replace("\n",'<br />', $body);
         //			$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_shield',$body);
         //			$body = diaspora2bb($body,true);
         //			$body = preg_replace_callback('/\[share(.*?)\]/ism','\share_unshield',$body);
         //		}
         // BBCODE alert: the following functions assume bbcode input
         // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.)
         // we may need virtual or template classes to implement the possible alternatives
         // Work around doubled linefeeds in Tinymce 3.5b2
         // First figure out if it's a status post that would've been
         // created using tinymce. Otherwise leave it alone.
         $plaintext = true;
         //		$plaintext = ((feature_enabled($profile_uid,'richtext')) ? false : true);
         //		if((! $parent) && (! $api_source) && (! $plaintext)) {
         //			$body = fix_mce_lf($body);
         //		}
         // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it, if our pconfig is set.
         if (!$parent && get_pconfig($profile_uid, 'system', 'tagifonlyrecip') && substr_count($str_contact_allow, '<') == 1 && $str_group_allow == '' && $str_contact_deny == '' && $str_group_deny == '') {
             $x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc(str_replace(array('<', '>'), array('', ''), $str_contact_allow)), intval($profile_uid));
             if ($x && $x[0]['abook_their_perms'] & PERMS_W_TAGWALL) {
                 $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n";
             }
         }
         /**
          * fix naked links by passing through a callback to see if this is a hubzilla site
          * (already known to us) which will get a zrl, otherwise link with url, add bookmark tag to both.
          * First protect any url inside certain bbcode tags so we don't double link it.
          */
         $body = preg_replace_callback('/\\[code(.*?)\\[\\/(code)\\]/ism', '\\red_escape_codeblock', $body);
         $body = preg_replace_callback('/\\[url(.*?)\\[\\/(url)\\]/ism', '\\red_escape_codeblock', $body);
         $body = preg_replace_callback('/\\[zrl(.*?)\\[\\/(zrl)\\]/ism', '\\red_escape_codeblock', $body);
         $body = preg_replace_callback("/([^\\]\\='" . '"' . "\\/]|^|\\#\\^)(https?\\:\\/\\/[a-zA-Z0-9\\:\\/\\-\\?\\&\\;\\.\\=\\@\\_\\~\\#\\%\$\\!\\+\\,]+)/ism", '\\red_zrl_callback', $body);
         $body = preg_replace_callback('/\\[\\$b64zrl(.*?)\\[\\/(zrl)\\]/ism', '\\red_unescape_codeblock', $body);
         $body = preg_replace_callback('/\\[\\$b64url(.*?)\\[\\/(url)\\]/ism', '\\red_unescape_codeblock', $body);
         $body = preg_replace_callback('/\\[\\$b64code(.*?)\\[\\/(code)\\]/ism', '\\red_unescape_codeblock', $body);
         // fix any img tags that should be zmg
         $body = preg_replace_callback('/\\[img(.*?)\\](.*?)\\[\\/img\\]/ism', '\\red_zrlify_img_callback', $body);
         $body = bb_translate_video($body);
         /**
          * Fold multi-line [code] sequences
          */
         $body = preg_replace('/\\[\\/code\\]\\s*\\[code\\]/ism', "\n", $body);
         $body = scale_external_images($body, false);
         // Look for tags and linkify them
         $results = linkify_tags($a, $body, $uid ? $uid : $profile_uid);
         if ($results) {
             // Set permissions based on tag replacements
             set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $parent_item, $private);
             $post_tags = array();
             foreach ($results as $result) {
                 $success = $result['success'];
                 if ($success['replaced']) {
                     $post_tags[] = array('uid' => $profile_uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url']);
                 }
             }
         }
         /**
          *
          * When a photo was uploaded into the message using the (profile wall) ajax 
          * uploader, The permissions are initially set to disallow anybody but the
          * owner from seeing it. This is because the permissions may not yet have been
          * set for the post. If it's private, the photo permissions should be set
          * appropriately. But we didn't know the final permissions on the post until
          * now. So now we'll look for links of uploaded photos and attachments that are in the
          * post and set them to the same permissions as the post itself.
          *
          * If the post was end-to-end encrypted we can't find images and attachments in the body,
          * use our media_str input instead which only contains these elements - but only do this
          * when encrypted content exists because the photo/attachment may have been removed from 
          * the post and we should keep it private. If it's encrypted we have no way of knowing
          * so we'll set the permissions regardless and realise that the media may not be 
          * referenced in the post. 
          *
          * What is preventing us from being able to upload photos into comments is dealing with
          * the photo and attachment permissions, since we don't always know who was in the 
          * distribution for the top level post.
          * 
          * We might be able to provide this functionality with a lot of fiddling:
          * - if the top level post is public (make the photo public)
          * - if the top level post was written by us or a wall post that belongs to us (match the top level post)
          * - if the top level post has privacy mentions, add those to the permissions.
          * - otherwise disallow the photo *or* make the photo public. This is the part that gets messy. 
          */
         if (!$preview) {
             $this->fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], strpos($body, '[/crypt]') ? $_POST['media_str'] : $body, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
             $this->fix_attached_file_permissions($channel, $observer['xchan_hash'], strpos($body, '[/crypt]') ? $_POST['media_str'] : $body, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
         }
         $attachments = '';
         $match = false;
         if (preg_match_all('/(\\[attachment\\](.*?)\\[\\/attachment\\])/', $body, $match)) {
             $attachments = array();
             $i = 0;
             foreach ($match[2] as $mtch) {
                 $attach_link = '';
                 $hash = substr($mtch, 0, strpos($mtch, ','));
                 $rev = intval(substr($mtch, strpos($mtch, ',')));
                 $r = attach_by_hash_nodata($hash, $rev);
                 if ($r['success']) {
                     $attachments[] = array('href' => z_root() . '/attach/' . $r['data']['hash'], 'length' => $r['data']['filesize'], 'type' => $r['data']['filetype'], 'title' => urlencode($r['data']['filename']), 'revision' => $r['data']['revision']);
                 }
                 $ext = substr($r['data']['filename'], strrpos($r['data']['filename'], '.'));
                 if (strpos($r['data']['filetype'], 'audio/') !== false) {
                     $attach_link = '[audio]' . z_root() . '/attach/' . $r['data']['hash'] . '/' . $r['data']['revision'] . ($ext ? $ext : '') . '[/audio]';
                 } elseif (strpos($r['data']['filetype'], 'video/') !== false) {
                     $attach_link = '[video]' . z_root() . '/attach/' . $r['data']['hash'] . '/' . $r['data']['revision'] . ($ext ? $ext : '') . '[/video]';
                 }
                 $body = str_replace($match[1][$i], $attach_link, $body);
                 $i++;
             }
         }
     }
     // BBCODE end alert
     if (strlen($categories)) {
         $cats = explode(',', $categories);
         foreach ($cats as $cat) {
             $post_tags[] = array('uid' => $profile_uid, 'ttype' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), 'url' => $owner_xchan['xchan_url'] . '?f=&cat=' . urlencode(trim($cat)));
         }
     }
     if ($orig_post) {
         // preserve original tags
         $t = q("select * from term where oid = %d and otype = %d and uid = %d and ttype in ( %d, %d, %d )", intval($orig_post['id']), intval(TERM_OBJ_POST), intval($profile_uid), intval(TERM_UNKNOWN), intval(TERM_FILE), intval(TERM_COMMUNITYTAG));
         if ($t) {
             foreach ($t as $t1) {
                 $post_tags[] = array('uid' => $profile_uid, 'ttype' => $t1['type'], 'otype' => TERM_OBJ_POST, 'term' => $t1['term'], 'url' => $t1['url']);
             }
         }
     }
     $item_unseen = local_channel() != $profile_uid ? 1 : 0;
     $item_wall = $post_type === 'wall' || $post_type === 'wall-comment' ? 1 : 0;
     $item_origin = $origin ? 1 : 0;
     $item_consensus = $consensus ? 1 : 0;
     // determine if this is a wall post
     if ($parent) {
         $item_wall = $parent_item['item_wall'];
     } else {
         if (!$webpage) {
             $item_wall = 1;
         }
     }
     if ($moderated) {
         $item_blocked = ITEM_MODERATED;
     }
     if (!strlen($verb)) {
         $verb = ACTIVITY_POST;
     }
     $notify_type = $parent ? 'comment-new' : 'wall-new';
     if (!$mid) {
         $mid = $message_id ? $message_id : item_message_id();
     }
     if (!$parent_mid) {
         $parent_mid = $mid;
     }
     if ($parent_item) {
         $parent_mid = $parent_item['mid'];
     }
     // Fallback so that we alway have a thr_parent
     if (!$thr_parent) {
         $thr_parent = $mid;
     }
     $datarray = array();
     $item_thread_top = !$parent ? 1 : 0;
     if (!$plink && $item_thread_top) {
         $plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $mid;
     }
     $datarray['aid'] = $channel['channel_account_id'];
     $datarray['uid'] = $profile_uid;
     $datarray['owner_xchan'] = $owner_hash ? $owner_hash : $owner_xchan['xchan_hash'];
     $datarray['author_xchan'] = $observer['xchan_hash'];
     $datarray['created'] = $created;
     $datarray['edited'] = $orig_post ? datetime_convert() : $created;
     $datarray['expires'] = $expires;
     $datarray['commented'] = $orig_post ? datetime_convert() : $created;
     $datarray['received'] = $orig_post ? datetime_convert() : $created;
     $datarray['changed'] = $orig_post ? datetime_convert() : $created;
     $datarray['mid'] = $mid;
     $datarray['parent_mid'] = $parent_mid;
     $datarray['mimetype'] = $mimetype;
     $datarray['title'] = $title;
     $datarray['body'] = $body;
     $datarray['app'] = $app;
     $datarray['location'] = $location;
     $datarray['coord'] = $coord;
     $datarray['verb'] = $verb;
     $datarray['obj_type'] = $obj_type;
     $datarray['allow_cid'] = $str_contact_allow;
     $datarray['allow_gid'] = $str_group_allow;
     $datarray['deny_cid'] = $str_contact_deny;
     $datarray['deny_gid'] = $str_group_deny;
     $datarray['item_private'] = $private;
     $datarray['item_wall'] = $item_wall;
     $datarray['attach'] = $attachments;
     $datarray['thr_parent'] = $thr_parent;
     $datarray['postopts'] = $postopts;
     $datarray['item_unseen'] = $item_unseen;
     $datarray['item_wall'] = $item_wall;
     $datarray['item_origin'] = $item_origin;
     $datarray['item_type'] = $webpage;
     $datarray['item_thread_top'] = $item_thread_top;
     $datarray['item_unseen'] = $item_unseen;
     $datarray['item_starred'] = $item_starred;
     $datarray['item_uplink'] = $item_uplink;
     $datarray['item_consensus'] = $item_consensus;
     $datarray['item_notshown'] = $item_notshown;
     $datarray['item_nsfw'] = $item_nsfw;
     $datarray['item_relay'] = $item_relay;
     $datarray['item_mentionsme'] = $item_mentionsme;
     $datarray['item_nocomment'] = $item_nocomment;
     $datarray['item_obscured'] = $item_obscured;
     $datarray['item_verified'] = $item_verified;
     $datarray['item_retained'] = $item_retained;
     $datarray['item_rss'] = $item_rss;
     $datarray['item_deleted'] = $item_deleted;
     $datarray['item_hidden'] = $item_hidden;
     $datarray['item_unpublished'] = $item_unpublished;
     $datarray['item_delayed'] = $item_delayed;
     $datarray['item_pending_remove'] = $item_pending_remove;
     $datarray['item_blocked'] = $item_blocked;
     $datarray['layout_mid'] = $layout_mid;
     $datarray['public_policy'] = $public_policy;
     $datarray['comment_policy'] = map_scope($channel['channel_w_comment']);
     $datarray['term'] = $post_tags;
     $datarray['plink'] = $plink;
     $datarray['route'] = $route;
     if ($iconfig) {
         $datarray['iconfig'] = $iconfig;
     }
     // preview mode - prepare the body for display and send it via json
     if ($preview) {
         require_once 'include/conversation.php';
         $datarray['owner'] = $owner_xchan;
         $datarray['author'] = $observer;
         $datarray['attach'] = json_encode($datarray['attach']);
         $o = conversation($a, array($datarray), 'search', false, 'preview');
         //		logger('preview: ' . $o, LOGGER_DEBUG);
         echo json_encode(array('preview' => $o));
         killme();
     }
     if ($orig_post) {
         $datarray['edit'] = true;
     }
     // suppress duplicates, *unless* you're editing an existing post. This could get picked up
     // as a duplicate if you're editing it very soon after posting it initially and you edited
     // some attribute besides the content, such as title or categories.
     if (feature_enabled($profile_uid, 'suppress_duplicates') && !$orig_post) {
         $z = q("select created from item where uid = %d and created > %s - INTERVAL %s and body = '%s' limit 1", intval($profile_uid), db_utcnow(), db_quoteinterval('2 MINUTE'), dbesc($body));
         if ($z) {
             $datarray['cancel'] = 1;
             notice(t('Duplicate post suppressed.') . EOL);
             logger('Duplicate post. Faking plugin cancel.');
         }
     }
     call_hooks('post_local', $datarray);
     if (x($datarray, 'cancel')) {
         logger('mod_item: post cancelled by plugin or duplicate suppressed.');
         if ($return_path) {
             goaway(z_root() . "/" . $return_path);
         }
         $json = array('cancel' => 1);
         $json['reload'] = z_root() . '/' . $_REQUEST['jsreload'];
         echo json_encode($json);
         killme();
     }
     if (mb_strlen($datarray['title']) > 255) {
         $datarray['title'] = mb_substr($datarray['title'], 0, 255);
     }
     if (array_key_exists('item_private', $datarray) && $datarray['item_private']) {
         $datarray['body'] = trim(z_input_filter($datarray['uid'], $datarray['body'], $datarray['mimetype']));
         if ($uid) {
             if ($channel['channel_hash'] === $datarray['author_xchan']) {
                 $datarray['sig'] = base64url_encode(rsa_sign($datarray['body'], $channel['channel_prvkey']));
                 $datarray['item_verified'] = 1;
             }
         }
     }
     if ($webpage) {
         Zlib\IConfig::Set($datarray, 'system', webpage_to_namespace($webpage), $pagetitle ? $pagetitle : substr($datarray['mid'], 0, 16), true);
     } elseif ($namespace) {
         Zlib\IConfig::Set($datarray, 'system', $namespace, $remote_id ? $remote_id : substr($datarray['mid'], 0, 16), true);
     }
     if ($orig_post) {
         $datarray['id'] = $post_id;
         $x = item_store_update($datarray, $execflag);
         if (!$parent) {
             $r = q("select * from item where id = %d", intval($post_id));
             if ($r) {
                 xchan_query($r);
                 $sync_item = fetch_post_tags($r);
                 build_sync_packet($profile_uid, array('item' => array(encode_item($sync_item[0], true))));
             }
         }
         if (!$nopush) {
             \Zotlabs\Daemon\Master::Summon(array('Notifier', 'edit_post', $post_id));
         }
         if (x($_REQUEST, 'return') && strlen($return_path)) {
             logger('return: ' . $return_path);
             goaway(z_root() . "/" . $return_path);
         }
         killme();
     } else {
         $post_id = 0;
     }
     $post = item_store($datarray, $execflag);
     $post_id = $post['item_id'];
     if ($post_id) {
         logger('mod_item: saved item ' . $post_id);
         if ($parent) {
             // only send comment notification if this is a wall-to-wall comment,
             // otherwise it will happen during delivery
             if ($datarray['owner_xchan'] != $datarray['author_xchan'] && intval($parent_item['item_wall'])) {
                 Zlib\Enotify::submit(array('type' => NOTIFY_COMMENT, 'from_xchan' => $datarray['author_xchan'], 'to_xchan' => $datarray['owner_xchan'], 'item' => $datarray, 'link' => z_root() . '/display/' . $datarray['mid'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $parent, 'parent_mid' => $parent_item['mid']));
             }
         } else {
             $parent = $post_id;
             if ($datarray['owner_xchan'] != $datarray['author_xchan'] && $datarray['item_type'] == ITEM_TYPE_POST) {
                 Zlib\Enotify::submit(array('type' => NOTIFY_WALL, 'from_xchan' => $datarray['author_xchan'], 'to_xchan' => $datarray['owner_xchan'], 'item' => $datarray, 'link' => z_root() . '/display/' . $datarray['mid'], 'verb' => ACTIVITY_POST, 'otype' => 'item'));
             }
             if ($uid && $uid == $profile_uid && is_item_normal($datarray)) {
                 q("update channel set channel_lastpost = '%s' where channel_id = %d", dbesc(datetime_convert()), intval($uid));
             }
         }
         // photo comments turn the corresponding item visible to the profile wall
         // This way we don't see every picture in your new photo album posted to your wall at once.
         // They will show up as people comment on them.
         if (intval($parent_item['item_hidden'])) {
             $r = q("UPDATE item SET item_hidden = 0 WHERE id = %d", intval($parent_item['id']));
         }
     } else {
         logger('mod_item: unable to retrieve post that was just stored.');
         notice(t('System error. Post not saved.') . EOL);
         goaway(z_root() . "/" . $return_path);
         // NOTREACHED
     }
     if ($parent && $parent != $post_id) {
         // Store the comment signature information in case we need to relay to Diaspora
         //$ditem = $datarray;
         //$ditem['author'] = $observer;
         //store_diaspora_comment_sig($ditem,$channel,$parent_item, $post_id, (($walltowall_comment) ? 1 : 0));
     } else {
         $r = q("select * from item where id = %d", intval($post_id));
         if ($r) {
             xchan_query($r);
             $sync_item = fetch_post_tags($r);
             build_sync_packet($profile_uid, array('item' => array(encode_item($sync_item[0], true))));
         }
     }
     $datarray['id'] = $post_id;
     $datarray['llink'] = z_root() . '/display/' . $channel['channel_address'] . '/' . $post_id;
     call_hooks('post_local_end', $datarray);
     if (!$nopush) {
         \Zotlabs\Daemon\Master::Summon(array('Notifier', $notify_type, $post_id));
     }
     logger('post_complete');
     // figure out how to return, depending on from whence we came
     if ($api_source) {
         return $post;
     }
     if ($return_path) {
         goaway(z_root() . "/" . $return_path);
     }
     $json = array('success' => 1);
     if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) {
         $json['reload'] = z_root() . '/' . $_REQUEST['jsreload'];
     }
     logger('post_json: ' . print_r($json, true), LOGGER_DEBUG);
     echo json_encode($json);
     killme();
     // NOTREACHED
 }
Example #18
0
 /**
  * @brief
  *
  * @param App &$a
  * @return string
  */
 function admin_page_channels(&$a)
 {
     if (argc() > 2) {
         $uid = argv(3);
         $channel = q("SELECT * FROM channel WHERE channel_id = %d", intval($uid));
         if (!$channel) {
             notice(t('Channel not found') . EOL);
             goaway(z_root() . '/admin/channels');
         }
         switch (argv(2)) {
             case "delete":
                 check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
                 // delete channel
                 channel_remove($uid, true);
                 notice(sprintf(t("Channel '%s' deleted"), $channel[0]['channel_name']) . EOL);
                 break;
             case "block":
                 check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
                 $pflags = $channel[0]['channel_pageflags'] ^ PAGE_CENSORED;
                 q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), intval($uid));
                 \Zotlabs\Daemon\Master::Summon(array('Directory', $uid, 'nopush'));
                 notice(sprintf($pflags & PAGE_CENSORED ? t("Channel '%s' censored") : t("Channel '%s' uncensored"), $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')') . EOL);
                 break;
             case "code":
                 check_form_security_token_redirectOnErr('/admin/channels', 'admin_channels', 't');
                 $pflags = $channel[0]['channel_pageflags'] ^ PAGE_ALLOWCODE;
                 q("UPDATE channel SET channel_pageflags = %d where channel_id = %d", intval($pflags), intval($uid));
                 notice(sprintf($pflags & PAGE_ALLOWCODE ? t("Channel '%s' code allowed") : t("Channel '%s' code disallowed"), $channel[0]['channel_name'] . ' (' . $channel[0]['channel_address'] . ')') . EOL);
                 break;
             default:
                 break;
         }
         goaway(z_root() . '/admin/channels');
     }
     $key = $_REQUEST['key'] ? dbesc($_REQUEST['key']) : 'channel_id';
     $dir = 'asc';
     if (array_key_exists('dir', $_REQUEST)) {
         $dir = intval($_REQUEST['dir']) ? 'asc' : 'desc';
     }
     $base = z_root() . '/admin/channels?f=';
     $odir = $dir === 'asc' ? '0' : '1';
     /* get channels */
     $total = q("SELECT count(*) as total FROM channel where channel_removed = 0 and channel_system = 0");
     if ($total) {
         \App::set_pager_total($total[0]['total']);
         \App::set_pager_itemspage(100);
     }
     $channels = q("SELECT * from channel where channel_removed = 0 and channel_system = 0 order by {$key} {$dir} limit %d offset %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
     if ($channels) {
         for ($x = 0; $x < count($channels); $x++) {
             if ($channels[$x]['channel_pageflags'] & PAGE_CENSORED) {
                 $channels[$x]['blocked'] = true;
             } else {
                 $channels[$x]['blocked'] = false;
             }
             if ($channels[$x]['channel_pageflags'] & PAGE_ALLOWCODE) {
                 $channels[$x]['allowcode'] = true;
             } else {
                 $channels[$x]['allowcode'] = false;
             }
         }
     }
     $t = get_markup_template("admin_channels.tpl");
     $o = replace_macros($t, array('$title' => t('Administration'), '$page' => t('Channels'), '$submit' => t('Submit'), '$select_all' => t('select all'), '$delete' => t('Delete'), '$block' => t('Censor'), '$unblock' => t('Uncensor'), '$code' => t('Allow Code'), '$uncode' => t('Disallow Code'), '$h_channels' => t('Channel'), '$base' => $base, '$odir' => $odir, '$th_channels' => array([t('UID'), 'channel_id'], [t('Name'), 'channel_name'], [t('Address'), 'channel_address']), '$confirm_delete_multi' => t('Selected channels will be deleted!\\n\\nEverything that was posted in these channels on this site will be permanently deleted!\\n\\nAre you sure?'), '$confirm_delete' => t('The channel {0} will be deleted!\\n\\nEverything that was posted in this channel on this site will be permanently deleted!\\n\\nAre you sure?'), '$form_security_token' => get_form_security_token("admin_channels"), '$baseurl' => z_root(), '$channels' => $channels));
     $o .= paginate($a);
     return $o;
 }
Example #19
0
 function get()
 {
     if (!local_channel()) {
         notice(t('Permission denied') . EOL);
         return;
     }
     $table = 'item';
     $channel = \App::get_channel();
     $mid = argc() > 1 ? argv(1) : '';
     if ($mid === 'push') {
         $table = 'push';
         $mid = argc() > 2 ? argv(2) : '';
         if ($mid) {
             $i = q("select id from item where mid = '%s' and author_xchan = '%s' and uid = %d", dbesc($mid), dbesc($channel['channel_hash']), intval($channel['channel_id']));
             if ($i) {
                 \Zotlabs\Daemon\Master::Summon(['Notifier', 'edit_post', $i[0]['id']]);
             }
         }
         sleep(3);
         goaway(z_root() . '/dreport/' . urlencode($mid));
     }
     if ($mid === 'mail') {
         $table = 'mail';
         $mid = argc() > 2 ? argv(2) : '';
     }
     if (!$mid) {
         notice(t('Invalid message') . EOL);
         return;
     }
     switch ($table) {
         case 'item':
             $i = q("select id from item where mid = '%s' and author_xchan = '%s' ", dbesc($mid), dbesc($channel['channel_hash']));
             break;
         case 'mail':
             $i = q("select id from mail where mid = '%s' and from_xchan = '%s'", dbesc($mid), dbesc($channel['channel_hash']));
             break;
         default:
             break;
     }
     if (!$i) {
         notice(t('Permission denied') . EOL);
         return;
     }
     $r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'", dbesc($channel['channel_hash']), dbesc($mid));
     if (!$r) {
         notice(t('no results') . EOL);
         //			return;
     }
     for ($x = 0; $x < count($r); $x++) {
         $r[$x]['name'] = escape_tags(substr($r[$x]['dreport_recip'], strpos($r[$x]['dreport_recip'], ' ')));
         // This has two purposes: 1. make the delivery report strings translateable, and
         // 2. assign an ordering to item delivery results so we can group them and provide
         // a readable report with more interesting events listed toward the top and lesser
         // interesting items towards the bottom
         switch ($r[$x]['dreport_result']) {
             case 'channel sync processed':
                 $r[$x]['gravity'] = 0;
                 $r[$x]['dreport_result'] = t('channel sync processed');
                 break;
             case 'queued':
                 $r[$x]['gravity'] = 2;
                 $r[$x]['dreport_result'] = t('queued');
                 break;
             case 'posted':
                 $r[$x]['gravity'] = 3;
                 $r[$x]['dreport_result'] = t('posted');
                 break;
             case 'accepted for delivery':
                 $r[$x]['gravity'] = 4;
                 $r[$x]['dreport_result'] = t('accepted for delivery');
                 break;
             case 'updated':
                 $r[$x]['gravity'] = 5;
                 $r[$x]['dreport_result'] = t('updated');
             case 'update ignored':
                 $r[$x]['gravity'] = 6;
                 $r[$x]['dreport_result'] = t('update ignored');
                 break;
             case 'permission denied':
                 $r[$x]['dreport_result'] = t('permission denied');
                 $r[$x]['gravity'] = 6;
                 break;
             case 'recipient not found':
                 $r[$x]['dreport_result'] = t('recipient not found');
                 break;
             case 'mail recalled':
                 $r[$x]['dreport_result'] = t('mail recalled');
                 break;
             case 'duplicate mail received':
                 $r[$x]['dreport_result'] = t('duplicate mail received');
                 break;
             case 'mail delivered':
                 $r[$x]['dreport_result'] = t('mail delivered');
                 break;
             default:
                 $r[$x]['gravity'] = 1;
                 break;
         }
     }
     usort($r, 'self::dreport_gravity_sort');
     $entries = array();
     foreach ($r as $rr) {
         $entries[] = ['name' => $rr['name'], 'result' => escape_tags($rr['dreport_result']), 'time' => escape_tags(datetime_convert('UTC', date_default_timezone_get(), $rr['dreport_time']))];
     }
     $o = replace_macros(get_markup_template('dreport.tpl'), array('$title' => sprintf(t('Delivery report for %1$s'), substr($mid, 0, 32)) . '...', '$table' => $table, '$mid' => urlencode($mid), '$options' => t('Options'), '$push' => t('Redeliver'), '$entries' => $entries));
     return $o;
 }
Example #20
0
 function get()
 {
     $sort_type = 0;
     $o = '';
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return login();
     }
     $channel = \App::get_channel();
     $my_perms = get_channel_default_perms(local_channel());
     $role = get_pconfig(local_channel(), 'system', 'permissions_role');
     if ($role) {
         $x = get_role_perms($role);
         if ($x['perms_accept']) {
             $my_perms = $x['perms_accept'];
         }
     }
     $yes_no = array(t('No'), t('Yes'));
     if ($my_perms) {
         $o .= "<script>function connectDefaultShare() {\n\t\t\t\$('.abook-edit-me').each(function() {\n\t\t\t\tif(! \$(this).is(':disabled'))\n\t\t\t\t\t\$(this).prop('checked', false);\n\t\t\t});\n\n";
         $perms = get_perms();
         foreach ($perms as $p => $v) {
             if ($my_perms & $v[1]) {
                 $o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
             }
         }
         $o .= " }\n</script>\n";
     }
     if (argc() == 3) {
         $contact_id = intval(argv(1));
         if (!$contact_id) {
             return;
         }
         $cmd = argv(2);
         $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\t\tWHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1", intval($contact_id), intval(local_channel()));
         if (!count($orig_record)) {
             notice(t('Could not access address book record.') . EOL);
             goaway(z_root() . '/connections');
         }
         if ($cmd === 'update') {
             // pull feed and consume it, which should subscribe to the hub.
             \Zotlabs\Daemon\Master::Summon(array('Poller', $contact_id));
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'refresh') {
             if ($orig_record[0]['xchan_network'] === 'zot') {
                 if (!zot_refresh($orig_record[0], \App::get_channel())) {
                     notice(t('Refresh failed - channel is currently unavailable.'));
                 }
             } else {
                 // if you are on a different network we'll force a refresh of the connection basic info
                 Zotlabs\Daemon\Master::Summon(array('Notifier', 'permission_update', $contact_id));
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'block') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'ignore') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'archive') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'hide') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         // We'll prevent somebody from unapproving an already approved contact.
         // Though maybe somebody will want this eventually (??)
         if ($cmd === 'approve') {
             if (intval($orig_record[0]['abook_pending'])) {
                 if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
                     $this->connedit_clone($a);
                 } else {
                     notice(t('Unable to set address book parameters.') . EOL);
                 }
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'drop') {
             // FIXME
             // We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
             // The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
             // in the background there could be a race condition preventing this packet from being sent in all cases.
             // PLACEHOLDER
             contact_remove(local_channel(), $orig_record[0]['abook_id']);
             build_sync_packet(0, array('abook' => array(array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true))));
             info(t('Connection has been removed.') . EOL);
             if (x($_SESSION, 'return_url')) {
                 goaway(z_root() . '/' . $_SESSION['return_url']);
             }
             goaway(z_root() . '/contacts');
         }
     }
     if (\App::$poi) {
         $contact_id = \App::$poi['abook_id'];
         $contact = \App::$poi;
         $tools = array('view' => array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), 'refresh' => array('label' => t('Refresh Permissions'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), 'recent' => array('label' => t('Recent Activity'), 'url' => z_root() . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')), 'block' => array('label' => intval($contact['abook_blocked']) ? t('Unblock') : t('Block'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => intval($contact['abook_blocked']) ? 'active' : '', 'title' => t('Block (or Unblock) all communications with this connection'), 'info' => intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''), 'ignore' => array('label' => intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => intval($contact['abook_ignored']) ? 'active' : '', 'title' => t('Ignore (or Unignore) all inbound communications from this connection'), 'info' => intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''), 'archive' => array('label' => intval($contact['abook_archived']) ? t('Unarchive') : t('Archive'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => intval($contact['abook_archived']) ? 'active' : '', 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'), 'info' => intval($contact['abook_archived']) ? t('This connection is archived!') : ''), 'hide' => array('label' => intval($contact['abook_hidden']) ? t('Unhide') : t('Hide'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => intval($contact['abook_hidden']) ? 'active' : '', 'title' => t('Hide or Unhide this connection from your other connections'), 'info' => intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''), 'delete' => array('label' => t('Delete'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
         $self = false;
         if (intval($contact['abook_self'])) {
             $self = true;
         }
         $tpl = get_markup_template("abook_edit.tpl");
         if (feature_enabled(local_channel(), 'affinity')) {
             $labels = array(t('Me'), t('Family'), t('Friends'), t('Acquaintances'), t('All'));
             call_hooks('affinity_labels', $labels);
             $label_str = '';
             if ($labels) {
                 foreach ($labels as $l) {
                     if ($label_str) {
                         $label_str .= ", '|'";
                         $label_str .= ", '" . $l . "'";
                     } else {
                         $label_str .= "'" . $l . "'";
                     }
                 }
             }
             $slider_tpl = get_markup_template('contact_slider.tpl');
             $slide = replace_macros($slider_tpl, array('$min' => 1, '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$labels' => $label_str));
         }
         $rating_val = 0;
         $rating_text = '';
         $xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']));
         if ($xl) {
             $rating_val = intval($xl[0]['xlink_rating']);
             $rating_text = $xl[0]['xlink_rating_text'];
         }
         $poco_rating = get_config('system', 'poco_rating_enable');
         // if unset default to enabled
         if ($poco_rating === false) {
             $poco_rating = true;
         }
         if ($poco_rating) {
             $rating = replace_macros(get_markup_template('rating_slider.tpl'), array('$min' => -10, '$val' => $rating_val));
         } else {
             $rating = false;
         }
         $perms = array();
         $channel = \App::get_channel();
         $global_perms = get_perms();
         $existing = get_all_perms(local_channel(), $contact['abook_xchan']);
         $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'), 'Yes'));
         $multiprofs = feature_enabled(local_channel(), 'multi_profiles') ? true : false;
         if ($slide && !$multiprofs) {
             $affinity = t('Set Affinity');
         }
         if (!$slide && $multiprofs) {
             $affinity = t('Set Profile');
         }
         if ($slide && $multiprofs) {
             $affinity = t('Set Affinity & Profile');
         }
         foreach ($global_perms as $k => $v) {
             $thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
             $checkinherited = $channel[$v[0]] && $channel[$v[0]] != PERMS_SPECIFIC ? "1" : '';
             // For auto permissions (when $self is true) we don't want to look at existing
             // permissions because they are enabled for the channel owner
             if (!$self && $existing[$k]) {
                 $thisperm = "1";
             }
             $perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC ? '' : '1', $v[4], $checkinherited);
         }
         $locstr = '';
         $locs = q("select hubloc_addr as location from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s'\n\t\t\t\tand hubloc_deleted = 0 and site_dead = 0", dbesc($contact['xchan_hash']));
         if ($locs) {
             foreach ($locs as $l) {
                 if (!$l['location']) {
                     continue;
                 }
                 if (strpos($locstr, $l['location']) !== false) {
                     continue;
                 }
                 if (strlen($locstr)) {
                     $locstr .= ', ';
                 }
                 $locstr .= $l['location'];
             }
         } else {
             $locstr = t('none');
         }
         $o .= replace_macros($tpl, array('$header' => $self ? t('Connection Default Permissions') : sprintf(t('Connection: %s'), $contact['xchan_name']), '$autoperms' => array('autoperms', t('Apply these permissions automatically'), get_pconfig(local_channel(), 'system', 'autoperms') ? 1 : 0, t('Connection requests will be approved without your interaction'), $yes_no), '$addr' => $contact['xchan_addr'], '$addr_text' => t('This connection\'s primary address is'), '$loc_text' => t('Available locations:'), '$locstr' => $locstr, '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('The permissions indicated on this page will be applied to all new connections.'), '$tools_label' => t('Connection Tools'), '$tools' => $self ? '' : $tools, '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$lbl_rating' => t('Rating'), '$lbl_rating_label' => t('Slide to adjust your rating'), '$lbl_rating_txt' => t('Optionally explain your rating'), '$connfilter' => feature_enabled(local_channel(), 'connfilter'), '$connfilter_label' => t('Custom Filter'), '$incl' => array('abook_incl', t('Only import posts with this text'), $contact['abook_incl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$excl' => array('abook_excl', t('Do not import posts with this text'), $contact['abook_excl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$rating_text' => array('rating_text', t('Optionally explain your rating'), $rating_text, ''), '$rating_info' => t('This information is public!'), '$rating' => $rating, '$rating_val' => $rating_val, '$slide' => $slide, '$affinity' => $affinity, '$pending_label' => t('Connection Pending Approval'), '$is_pending' => intval($contact['abook_pending']) ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$submit' => t('Submit'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'), '$permnote_self' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can change those settings here but they wont have any impact unless the inherited setting changes.'), '$lastupdtext' => t('Last update:'), '$last_update' => relative_date($contact['abook_connected']), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => $multiprofs, '$contact_id' => $contact['abook_id'], '$name' => $contact['xchan_name']));
         $arr = array('contact' => $contact, 'output' => $o);
         call_hooks('contact_edit', $arr);
         return $arr['output'];
     }
 }
Example #21
0
 function get()
 {
     $o = '';
     nav_set_selected('messages');
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return login();
     }
     $channel = \App::get_channel();
     head_set_icon($channel['xchan_photo_s']);
     $cipher = get_pconfig(local_channel(), 'system', 'default_cipher');
     if (!$cipher) {
         $cipher = 'aes256';
     }
     $tpl = get_markup_template('mail_head.tpl');
     $header = replace_macros($tpl, array('$header' => t('Messages')));
     if (argc() == 4 && argv(2) === 'drop') {
         if (!intval(argv(3))) {
             return;
         }
         $cmd = argv(2);
         $mailbox = argv(1);
         $r = private_messages_drop(local_channel(), argv(3));
         if ($r) {
             //info( t('Message deleted.') . EOL );
         }
         goaway(z_root() . '/mail/' . $mailbox);
     }
     if (argc() == 4 && argv(2) === 'recall') {
         if (!intval(argv(3))) {
             return;
         }
         $cmd = argv(2);
         $mailbox = argv(1);
         $r = q("update mail set mail_recalled = 1 where id = %d and channel_id = %d", intval(argv(3)), intval(local_channel()));
         $x = q("select * from mail where id = %d and channel_id = %d", intval(argv(3)), intval(local_channel()));
         if ($x) {
             build_sync_packet(local_channel(), array('mail' => encode_mail($x[0], true)));
         }
         \Zotlabs\Daemon\Master::Summon(array('Notifier', 'mail', intval(argv(3))));
         if ($r) {
             info(t('Message recalled.') . EOL);
         }
         goaway(z_root() . '/mail/' . $mailbox . '/' . argv(3));
     }
     if (argc() == 4 && argv(2) === 'dropconv') {
         if (!intval(argv(3))) {
             return;
         }
         $cmd = argv(2);
         $mailbox = argv(1);
         $r = private_messages_drop(local_channel(), argv(3), true);
         if ($r) {
             info(t('Conversation removed.') . EOL);
         }
         goaway(z_root() . '/mail/' . $mailbox);
     }
     if (argc() > 1 && argv(1) === 'new') {
         $plaintext = true;
         $tpl = get_markup_template('msg-header.tpl');
         $header = replace_macros($tpl, array('$baseurl' => z_root(), '$editselect' => $plaintext ? 'none' : '/(profile-jot-text|prvmail-text)/', '$nickname' => $channel['channel_address'], '$linkurl' => t('Please enter a link URL:'), '$expireswhen' => t('Expires YYYY-MM-DD HH:MM')));
         \App::$page['htmlhead'] .= $header;
         $prename = '';
         $preid = '';
         if (x($_REQUEST, 'hash')) {
             $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash\n\t\t\t\t\twhere abook_channel = %d and abook_xchan = '%s' limit 1", intval(local_channel()), dbesc($_REQUEST['hash']));
             if (!$r) {
                 $r = q("select * from xchan where xchan_hash = '%s' and xchan_network = 'zot' limit 1", dbesc($_REQUEST['hash']));
             }
             if ($r) {
                 $prename = $r[0]['abook_id'] ? $r[0]['xchan_name'] : $r[0]['xchan_addr'];
                 $preurl = $r[0]['xchan_url'];
                 $preid = $r[0]['abook_id'] ? $r[0]['xchan_hash'] : '';
             } else {
                 notice(t('Requested channel is not in this network') . EOL);
             }
         }
         $tpl = get_markup_template('prv_message.tpl');
         $o .= replace_macros($tpl, array('$new' => true, '$header' => t('Send Private Message'), '$to' => t('To:'), '$prefill' => $prename, '$preid' => $preid, '$subject' => t('Subject:'), '$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '', '$text' => x($_REQUEST, 'body') ? htmlspecialchars($_REQUEST['body'], ENT_COMPAT, 'UTF-8') : '', '$yourmessage' => t('Your message:'), '$parent' => '', '$attach' => t('Attach file'), '$insert' => t('Insert web link'), '$submit' => t('Send'), '$defexpire' => '', '$feature_expire' => feature_enabled(local_channel(), 'content_expire') ? true : false, '$expires' => t('Set expiration date'), '$feature_encrypt' => feature_enabled(local_channel(), 'content_encrypt') ? true : false, '$encrypt' => t('Encrypt text'), '$cipher' => $cipher));
         return $o;
     }
     switch (argv(1)) {
         case 'combined':
             $mailbox = 'combined';
             break;
         case 'inbox':
             $mailbox = 'inbox';
             break;
         case 'outbox':
             $mailbox = 'outbox';
             break;
         default:
             $mailbox = 'combined';
             break;
     }
     $last_message = private_messages_list(local_channel(), $mailbox, 0, 1);
     $mid = argc() > 2 && intval(argv(2)) ? argv(2) : $last_message[0]['id'];
     $plaintext = true;
     //	if( local_channel() && feature_enabled(local_channel(),'richtext') )
     //		$plaintext = false;
     if ($mailbox == 'combined') {
         $messages = private_messages_fetch_conversation(local_channel(), $mid, true);
     } else {
         $messages = private_messages_fetch_message(local_channel(), $mid, true);
     }
     if (!$messages) {
         //info( t('Message not found.') . EOL);
         return;
     }
     if ($messages[0]['to_xchan'] === $channel['channel_hash']) {
         \App::$poi = $messages[0]['from'];
     } else {
         \App::$poi = $messages[0]['to'];
     }
     $tpl = get_markup_template('msg-header.tpl');
     \App::$page['htmlhead'] .= replace_macros($tpl, array('$nickname' => $channel['channel_address'], '$baseurl' => z_root(), '$editselect' => $plaintext ? 'none' : '/(profile-jot-text|prvmail-text)/', '$linkurl' => t('Please enter a link URL:'), '$expireswhen' => t('Expires YYYY-MM-DD HH:MM')));
     $mails = array();
     $seen = 0;
     $unknown = false;
     foreach ($messages as $message) {
         $s = theme_attachments($message);
         $mails[] = array('mailbox' => $mailbox, 'id' => $message['id'], 'mid' => $message['mid'], 'from_name' => $message['from']['xchan_name'], 'from_url' => chanlink_hash($message['from_xchan']), 'from_photo' => $message['from']['xchan_photo_s'], 'to_name' => $message['to']['xchan_name'], 'to_url' => chanlink_hash($message['to_xchan']), 'to_photo' => $message['to']['xchan_photo_s'], 'subject' => $message['title'], 'body' => smilies(bbcode($message['body'])), 'attachments' => $s, 'delete' => t('Delete message'), 'dreport' => t('Delivery report'), 'recall' => t('Recall message'), 'can_recall' => $channel['channel_hash'] == $message['from_xchan'] ? true : false, 'is_recalled' => intval($message['mail_recalled']) ? t('Message has been recalled.') : '', 'date' => datetime_convert('UTC', date_default_timezone_get(), $message['created'], 'c'));
         $seen = $message['seen'];
     }
     $recp = $message['from_xchan'] === $channel['channel_hash'] ? 'to' : 'from';
     $tpl = get_markup_template('mail_display.tpl');
     $o = replace_macros($tpl, array('$mailbox' => $mailbox, '$prvmsg_header' => $message['title'], '$thread_id' => $mid, '$thread_subject' => $message['title'], '$thread_seen' => $seen, '$delete' => t('Delete Conversation'), '$canreply' => $unknown ? false : '1', '$unknown_text' => t("No secure communications available. You <strong>may</strong> be able to respond from the sender's profile page."), '$mails' => $mails, '$header' => t('Send Reply'), '$to' => t('To:'), '$reply' => true, '$subject' => t('Subject:'), '$subjtxt' => $message['title'], '$yourmessage' => sprintf(t('Your message for %s (%s):'), $message[$recp]['xchan_name'], $message[$recp]['xchan_addr']), '$text' => '', '$parent' => $message['parent_mid'], '$recphash' => $message[$recp]['xchan_hash'], '$attach' => t('Attach file'), '$insert' => t('Insert web link'), '$submit' => t('Submit'), '$defexpire' => '', '$feature_expire' => feature_enabled(local_channel(), 'content_expire') ? true : false, '$expires' => t('Set expiration date'), '$feature_encrypt' => feature_enabled(local_channel(), 'content_encrypt') ? true : false, '$encrypt' => t('Encrypt text'), '$cipher' => $cipher));
     return $o;
 }
Example #22
0
 function get()
 {
     if (!local_channel() && !remote_channel()) {
         return;
     }
     $observer_hash = get_observer_hash();
     //strip html-tags
     $term = notags(trim($_GET['term']));
     //check if empty
     if (!$term) {
         return;
     }
     $item_id = argc() > 1 ? notags(trim(argv(1))) : 0;
     logger('tagger: tag ' . $term . ' item ' . $item_id);
     $r = q("SELECT * FROM item left join xchan on xchan_hash = author_xchan WHERE id = '%s' and uid = %d LIMIT 1", dbesc($item_id), intval(local_channel()));
     if (!$item_id || !$r) {
         logger('tagger: no item ' . $item_id);
         return;
     }
     $item = $r[0];
     $owner_uid = $item['uid'];
     switch ($item['resource_type']) {
         case 'photo':
             $targettype = ACTIVITY_OBJ_PHOTO;
             $post_type = t('photo');
             break;
         case 'event':
             $targgettype = ACTIVITY_OBJ_EVENT;
             $post_type = t('event');
             break;
         default:
             $targettype = ACTIVITY_OBJ_NOTE;
             $post_type = t('post');
             if ($item['mid'] != $item['parent_mid']) {
                 $post_type = t('comment');
             }
             break;
     }
     $links = array(array('rel' => 'alternate', 'type' => 'text/html', 'href' => z_root() . '/display/' . $item['mid']));
     $target = json_encode(array('type' => $targettype, 'id' => $item['mid'], 'link' => $links, 'title' => $item['title'], 'content' => $item['body'], 'created' => $item['created'], 'edited' => $item['edited'], 'author' => array('name' => $item['xchan_name'], 'address' => $item['xchan_addr'], 'guid' => $item['xchan_guid'], 'guid_sig' => $item['xchan_guid_sig'], 'link' => array(array('rel' => 'alternate', 'type' => 'text/html', 'href' => $item['xchan_url']), array('rel' => 'photo', 'type' => $item['xchan_photo_mimetype'], 'href' => $item['xchan_photo_m'])))));
     $link = xmlify('<link rel="alternate" type="text/html" href="' . z_root() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n");
     $tagid = z_root() . '/search?tag=' . $term;
     $objtype = ACTIVITY_OBJ_TAGTERM;
     $obj = json_encode(array('type' => $objtype, 'id' => $tagid, 'link' => array(array('rel' => 'alternate', 'type' => 'text/html', 'href' => $tagid)), 'title' => $term, 'content' => $term));
     $bodyverb = t('%1$s tagged %2$s\'s %3$s with %4$s');
     // saving here for reference
     // also check out x22d5 and x2317 and x0d6b and x0db8 and x24d0 and xff20 !!!
     $termlink = html_entity_decode('&#x22d5;') . '[zrl=' . z_root() . '/search?tag=' . urlencode($term) . ']' . $term . '[/zrl]';
     $channel = \App::get_channel();
     $arr = array();
     $arr['owner_xchan'] = $item['owner_xchan'];
     $arr['author_xchan'] = $channel['channel_hash'];
     $arr['item_origin'] = 1;
     $arr['item_wall'] = intval($item['item_wall']) ? 1 : 0;
     $ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]';
     $alink = '[zrl=' . $item['xchan_url'] . ']' . $item['xchan_name'] . '[/zrl]';
     $plink = '[zrl=' . $item['plink'] . ']' . $post_type . '[/zrl]';
     $arr['body'] = sprintf($bodyverb, $ulink, $alink, $plink, $termlink);
     $arr['verb'] = ACTIVITY_TAG;
     $arr['tgt_type'] = $targettype;
     $arr['target'] = $target;
     $arr['obj_type'] = $objtype;
     $arr['obj'] = $obj;
     $arr['parent_mid'] = $item['mid'];
     store_item_tag($item['uid'], $item['id'], TERM_OBJ_POST, TERM_COMMUNITYTAG, $term, $tagid);
     $ret = post_activity_item($arr);
     if ($ret['success']) {
         \Zotlabs\Daemon\Master::Summon(array('Notifier', 'tag', $ret['activity']['id']));
     }
     killme();
 }