Esempio n. 1
1
function search_ac_init(&$a)
{
    if (!local_channel()) {
        killme();
    }
    $start = x($_REQUEST, 'start') ? $_REQUEST['start'] : 0;
    $count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 100;
    $search = x($_REQUEST, 'search') ? $_REQUEST['search'] : "";
    if (x($_REQUEST, 'query') && strlen($_REQUEST['query'])) {
        $search = $_REQUEST['query'];
    }
    // Priority to people searches
    if ($search) {
        $people_sql_extra = protect_sprintf(" AND `xchan_name` LIKE '%" . dbesc($search) . "%' ");
        $tag_sql_extra = protect_sprintf(" AND term LIKE '%" . dbesc($search) . "%' ");
    }
    $r = q("SELECT `abook_id`, `xchan_name`, `xchan_photo_s`, `xchan_url`, `xchan_addr` FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d \n\t\t{$people_sql_extra}\n\t\tORDER BY `xchan_name` ASC ", intval(local_channel()));
    $results = array();
    if ($r) {
        foreach ($r as $g) {
            $results[] = array("photo" => $g['xchan_photo_s'], "name" => '@' . $g['xchan_name'], "id" => $g['abook_id'], "link" => $g['xchan_url'], "label" => '', "nick" => '');
        }
    }
    $r = q("select distinct term, tid, url from term where type in ( %d, %d ) {$tag_sql_extra} group by term order by term asc", intval(TERM_HASHTAG), intval(TERM_COMMUNITYTAG));
    if (count($r)) {
        foreach ($r as $g) {
            $results[] = array("photo" => $a->get_baseurl() . '/images/hashtag.png', "name" => '#' . $g['term'], "id" => $g['tid'], "link" => $g['url'], "label" => '', "nick" => '');
        }
    }
    header("content-type: application/json");
    $o = array('start' => $start, 'count' => $count, 'items' => $results);
    echo json_encode($o);
    logger('search_ac: ' . print_r($x, true));
    killme();
}
Esempio n. 2
0
 function new_access_token($token, $consumer, $verifier = null)
 {
     logger(__FUNCTION__ . ":" . $token . ", " . $consumer . ", " . $verifier, LOGGER_DEBUG);
     // return a new access token attached to this consumer
     // for the user associated with this token if the request token
     // is authorized
     // should also invalidate the request token
     $ret = Null;
     // get user for this verifier
     $uverifier = get_config("oauth", $verifier);
     logger(__FUNCTION__ . ":" . $verifier . "," . $uverifier, LOGGER_DEBUG);
     if (is_null($verifier) || $uverifier !== false) {
         $key = $this->gen_token();
         $sec = $this->gen_token();
         $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires, uid) VALUES ('%s','%s','%s','%s', %d, %d)", dbesc($key), dbesc($sec), dbesc($consumer->key), 'access', time() + intval(ACCESS_TOKEN_DURATION), intval($uverifier));
         if ($r) {
             $ret = new OAuth1Token($key, $sec);
         }
     }
     q("DELETE FROM tokens WHERE id='%s'", $token->key);
     if (!is_null($ret) && $uverifier !== false) {
         del_config("oauth", $verifier);
         //	$apps = get_pconfig($uverifier, "oauth", "apps");
         //	if ($apps===false) $apps=array();
         //  $apps[] = $consumer->key;
         // set_pconfig($uverifier, "oauth", "apps", $apps);
     }
     return $ret;
 }
Esempio n. 3
0
 function post()
 {
     if (!local_channel()) {
         return;
     }
     if (\App::$argc != 2) {
         return;
     }
     $contact_id = intval(\App::$argv[1]);
     $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval(local_channel()));
     if (!count($r)) {
         notice(t('Contact not found.') . EOL);
         return;
     }
     $contact = $r[0];
     $new_contact = intval($_POST['suggest']);
     $hash = random_string();
     $note = escape_tags(trim($_POST['note']));
     if ($new_contact) {
         $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($new_contact), intval(local_channel()));
         if (count($r)) {
             $x = q("INSERT INTO `fsuggest` ( `uid`,`cid`,`name`,`url`,`request`,`photo`,`note`,`created`)\n\t\t\t\t\tVALUES ( %d, %d, '%s','%s','%s','%s','%s','%s')", intval(local_channel()), intval($contact_id), dbesc($r[0]['name']), dbesc($r[0]['url']), dbesc($r[0]['request']), dbesc($r[0]['photo']), dbesc($hash), dbesc(datetime_convert()));
             $r = q("SELECT `id` FROM `fsuggest` WHERE `note` = '%s' AND `uid` = %d LIMIT 1", dbesc($hash), intval(local_channel()));
             if (count($r)) {
                 $fsuggest_id = $r[0]['id'];
                 q("UPDATE `fsuggest` SET `note` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($note), intval($fsuggest_id), intval(local_channel()));
                 proc_run('php', 'include/notifier.php', 'suggest', $fsuggest_id);
             }
             info(t('Friend suggestion sent.') . EOL);
         }
     }
 }
Esempio n. 4
0
function repair_ostatus_content(&$a)
{
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        goaway($_SESSION['return_url']);
        // NOTREACHED
    }
    $o = "<h2>" . t("Resubsribing to OStatus contacts") . "</h2>";
    $uid = local_user();
    $a = get_app();
    $counter = intval($_REQUEST['counter']);
    $r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE\n                `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING));
    if (!$r) {
        return $o . t("Error");
    }
    $total = $r[0]["total"];
    $r = q("SELECT `url` FROM `contact` WHERE\n                `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)\n\t\tORDER BY `url`\n\t\tLIMIT %d, 1", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING), $counter++);
    if (!$r) {
        $o .= t("Done");
        return $o;
    }
    $o .= "<p>" . $counter . "/" . $total . ": " . $r[0]["url"] . "</p>";
    $o .= "<p>" . t("Keep this window open until done.") . "</p>";
    $result = new_contact($uid, $r[0]["url"], true);
    $a->page['htmlhead'] = '<meta http-equiv="refresh" content="1; URL=' . $a->get_baseurl() . '/repair_ostatus?counter=' . $counter . '">';
    return $o;
}
Esempio n. 5
0
function bookmarks_init(&$a)
{
    if (!local_user()) {
        return;
    }
    $item_id = intval($_REQUEST['item']);
    if (!$item_id) {
        return;
    }
    $u = $a->get_channel();
    $i = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval(local_user()));
    if (!$i) {
        return;
    }
    $i = fetch_post_tags($i);
    $item = $i[0];
    $terms = get_terms_oftype($item['term'], TERM_BOOKMARK);
    if ($terms && !$item['item_restrict']) {
        require_once 'include/bookmarks.php';
        $s = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item['author_xchan']));
        if (!$s) {
            logger('mod_bookmarks: author lookup failed.');
            killme();
        }
        foreach ($terms as $t) {
            bookmark_add($u, $s[0], $t, $item['item_private']);
            info(t('Bookmark added') . EOL);
        }
    }
    killme();
}
Esempio n. 6
0
function siteinfo_init(&$a)
{
    if ($a->argv[1] == "json") {
        $register_policy = array('REGISTER_CLOSED', 'REGISTER_APPROVE', 'REGISTER_OPEN');
        $sql_extra = '';
        if (x($a->config, 'admin_nickname')) {
            $sql_extra = sprintf(" AND nickname = '%s' ", dbesc($a->config['admin_nickname']));
        }
        if (isset($a->config['admin_email']) && $a->config['admin_email'] != '') {
            $r = q("SELECT username, nickname FROM user WHERE email='%s' {$sql_extra}", dbesc($a->config['admin_email']));
            $admin = array('name' => $r[0]['username'], 'profile' => $a->get_baseurl() . '/channel/' . $r[0]['nickname']);
        } else {
            $admin = false;
        }
        $visible_plugins = array();
        if (is_array($a->plugins) && count($a->plugins)) {
            $r = q("select * from addon where hidden = 0");
            if (count($r)) {
                foreach ($r as $rr) {
                    $visible_plugins[] = $rr['name'];
                }
            }
        }
        if (@is_dir('.git') && function_exists('shell_exec')) {
            $commit = @shell_exec('git log -1 --format="%h"');
        }
        if (!isset($commit) || strlen($commit) > 16) {
            $commit = '';
        }
        $data = array('version' => RED_VERSION, 'commit' => $commit, 'url' => z_root(), 'plugins' => $visible_plugins, 'register_policy' => $register_policy[$a->config['system']['register_policy']], 'admin' => $admin, 'site_name' => $a->config['sitename'], 'platform' => RED_PLATFORM, 'info' => x($a->config, 'info') ? $a->config['info'] : '');
        echo json_encode($data);
        killme();
    }
}
Esempio n. 7
0
function xrd_init(&$a)
{
    $uri = urldecode(notags(trim($_GET['uri'])));
    if (substr($uri, 0, 4) === 'http') {
        $name = basename($uri);
    } else {
        $local = str_replace('acct:', '', $uri);
        if (substr($local, 0, 2) == '//') {
            $local = substr($local, 2);
        }
        $name = substr($local, 0, strpos($local, '@'));
    }
    $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", dbesc($name));
    if (!count($r)) {
        killme();
    }
    $salmon_key = salmon_key($r[0]['spubkey']);
    header('Access-Control-Allow-Origin: *');
    header("Content-type: text/xml");
    if (get_config('system', 'diaspora_enabled')) {
        //$tpl = file_get_contents('view/xrd_diaspora.tpl');
        $tpl = get_markup_template('xrd_diaspora.tpl');
        $dspr = replace_macros($tpl, array('$baseurl' => $a->get_baseurl(), '$dspr_guid' => $r[0]['guid'], '$dspr_key' => base64_encode(pemtorsa($r[0]['pubkey']))));
    } else {
        $dspr = '';
    }
    //$tpl = file_get_contents('view/xrd_person.tpl');
    $tpl = get_markup_template('xrd_person.tpl');
    $o = replace_macros($tpl, array('$nick' => $r[0]['nickname'], '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'], '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['nickname'], '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['nickname'], '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg', '$dspr' => $dspr, '$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'], '$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'] . '/mention', '$subscribe' => $a->get_baseurl() . '/follow?url={uri}', '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$bigkey' => salmon_key($r[0]['pubkey'])));
    $arr = array('user' => $r[0], 'xml' => $o);
    call_hooks('personal_xrd', $arr);
    echo $arr['xml'];
    killme();
}
 /**
  * Updates an addressbook's properties
  *
  * See Sabre_DAV_IProperties for a description of the mutations array, as
  * well as the return value.
  *
  * @param mixed $addressBookId
  * @param array $mutations
  * @throws Sabre_DAV_Exception_Forbidden
  * @see Sabre_DAV_IProperties::updateProperties
  * @return bool|array
  */
 public function updateAddressBook($addressBookId, array $mutations)
 {
     $updates = array();
     foreach ($mutations as $property => $newValue) {
         switch ($property) {
             case '{DAV:}displayname':
                 $updates['displayname'] = $newValue;
                 break;
             case '{' . Sabre_CardDAV_Plugin::NS_CARDDAV . '}addressbook-description':
                 $updates['description'] = $newValue;
                 break;
             default:
                 // If any unsupported values were being updated, we must
                 // let the entire request fail.
                 return false;
         }
     }
     // No values are being updated?
     if (!$updates) {
         return false;
     }
     $query = 'UPDATE ' . CALDAV_SQL_DB . CALDAV_SQL_PREFIX . 'addressbooks SET ctag = ctag + 1 ';
     foreach ($updates as $key => $value) {
         $query .= ', `' . dbesc($key) . '` = ' . dbesc($key) . ' ';
     }
     $query .= ' WHERE id = ' . IntVal($addressBookId);
     q($query);
     return true;
 }
Esempio n. 9
0
function checksites_run($argv, $argc)
{
    cli_startup();
    $a = get_app();
    logger('checksites: start');
    if ($argc > 1 && $argv[1]) {
        $site_id = $argv[1];
    }
    if ($site_id) {
        $sql_options = " and site_url = '" . dbesc($argv[1]) . "' ";
    }
    $days = intval(get_config('system', 'sitecheckdays'));
    if ($days < 1) {
        $days = 30;
    }
    $r = q("select * from site where site_dead = 0 and site_update < %s - INTERVAL %s and site_type = %d {$sql_options} ", db_utcnow(), db_quoteinterval($days . ' DAY'), intval(SITE_TYPE_ZOT));
    if (!$r) {
        return;
    }
    foreach ($r as $rr) {
        if (!strcasecmp($rr['site_url'], z_root())) {
            continue;
        }
        $x = ping_site($rr['site_url']);
        if ($x['success']) {
            logger('checksites: ' . $rr['site_url']);
            q("update site set site_update = '%s' where site_url = '%s' ", dbesc(datetime_convert()), dbesc($rr['site_url']));
        } else {
            logger('marking dead site: ' . $x['message']);
            q("update site set site_dead = 1 where site_url = '%s' ", dbesc($rr['site_url']));
        }
    }
    return;
}
Esempio n. 10
0
function xrd_init(&$a)
{
    $uri = urldecode(notags(trim($_GET['uri'])));
    if (substr($uri, 0, 4) === 'http') {
        $name = basename($uri);
    } else {
        $local = str_replace('acct:', '', $uri);
        if (substr($local, 0, 2) == '//') {
            $local = substr($local, 2);
        }
        $name = substr($local, 0, strpos($local, '@'));
    }
    $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", dbesc($name));
    if (!$r) {
        killme();
    }
    $dspr = replace_macros(get_markup_template('xrd_diaspora.tpl'), array('$baseurl' => $a->get_baseurl(), '$dspr_guid' => $r[0]['channel_guid'], '$dspr_key' => base64_encode(pemtorsa($r[0]['channel_pubkey']))));
    $salmon_key = salmon_key($r[0]['channel_pubkey']);
    header('Access-Control-Allow-Origin: *');
    header("Content-type: text/xml");
    $tpl = get_markup_template('view/xrd_person.tpl');
    $o = replace_macros(get_markup_template('xrd_person.tpl'), array('$nick' => $r[0]['channel_address'], '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/channel/' . $r[0]['channel_address'], '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['channel_address'], '$atom' => $a->get_baseurl() . '/feed/' . $r[0]['channel_address'], '$zot_post' => $a->get_baseurl() . '/post/' . $r[0]['channel_address'], '$poco_url' => $a->get_baseurl() . '/poco/' . $r[0]['channel_address'], '$photo' => $a->get_baseurl() . '/photo/profile/l/' . $r[0]['channel_id'], '$dspr' => $dspr, '$modexp' => 'data:application/magic-public-key,' . $salmon_key));
    $arr = array('user' => $r[0], 'xml' => $o);
    call_hooks('personal_xrd', $arr);
    echo $arr['xml'];
    killme();
}
Esempio n. 11
0
function chat_post(&$a)
{
    if ($_POST['room_name']) {
        $room = strip_tags(trim($_POST['room_name']));
    }
    if (!$room || !local_channel()) {
        return;
    }
    $channel = $a->get_channel();
    if ($_POST['action'] === 'drop') {
        logger('delete chatroom');
        chatroom_destroy($channel, array('cr_name' => $room));
        goaway(z_root() . '/chat/' . $channel['channel_address']);
    }
    $arr = array('name' => $room);
    $arr['allow_gid'] = perms2str($_REQUEST['group_allow']);
    $arr['allow_cid'] = perms2str($_REQUEST['contact_allow']);
    $arr['deny_gid'] = perms2str($_REQUEST['group_deny']);
    $arr['deny_cid'] = perms2str($_REQUEST['contact_deny']);
    chatroom_create($channel, $arr);
    $x = q("select cr_id from chatroom where cr_name = '%s' and cr_uid = %d limit 1", dbesc($room), intval(local_channel()));
    if ($x) {
        goaway(z_root() . '/chat/' . $channel['channel_address'] . '/' . $x[0]['cr_id']);
    }
    // that failed. Try again perhaps?
    goaway(z_root() . '/chat/' . $channel['channel_address'] . '/new');
}
Esempio n. 12
0
function notify_init(&$a)
{
    if (!local_user()) {
        return;
    }
    if ($a->argc > 2 && $a->argv[1] === 'view' && intval($a->argv[2])) {
        $r = q("select * from notify where id = %d and uid = %d limit 1", intval($a->argv[2]), intval(local_user()));
        if (count($r)) {
            q("update notify set seen = 1 where ( link = '%s' or ( parent != 0 and parent = %d and otype = '%s' )) and uid = %d", dbesc($r[0]['link']), intval($r[0]['parent']), dbesc($r[0]['otype']), intval(local_user()));
            // The friendica client has problems with the GUID. this is some workaround
            if ($a->is_friendica_app()) {
                require_once "include/items.php";
                $urldata = parse_url($r[0]['link']);
                $guid = basename($urldata["path"]);
                $itemdata = get_item_id($guid, local_user());
                if ($itemdata["id"] != 0) {
                    $r[0]['link'] = $a->get_baseurl() . '/display/' . $itemdata["nick"] . '/' . $itemdata["id"];
                }
            }
            goaway($r[0]['link']);
        }
        goaway($a->get_baseurl(true));
    }
    if ($a->argc > 2 && $a->argv[1] === 'mark' && $a->argv[2] === 'all') {
        $r = q("update notify set seen = 1 where uid = %d", intval(local_user()));
        $j = json_encode(array('result' => $r ? 'success' : 'fail'));
        echo $j;
        killme();
    }
}
Esempio n. 13
0
function attach_init(&$a)
{
    if ($a->argc != 2) {
        notice(t('Item not available.') . EOL);
        return;
    }
    $item_id = intval($a->argv[1]);
    // Check for existence, which will also provide us the owner uid
    $r = q("SELECT * FROM `attach` WHERE `id` = %d LIMIT 1", intval($item_id));
    if (!count($r)) {
        notice(t('Item was not found.') . EOL);
        return;
    }
    $sql_extra = permissions_sql($r[0]['uid']);
    // Now we'll see if we can access the attachment
    $r = q("SELECT * FROM `attach` WHERE `id` = '%d' {$sql_extra} LIMIT 1", dbesc($item_id));
    if (!count($r)) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    // Use quotes around the filename to prevent a "multiple Content-Disposition"
    // error in Chrome for filenames with commas in them
    header('Content-type: ' . $r[0]['filetype']);
    header('Content-length: ' . $r[0]['filesize']);
    if (isset($_GET['attachment']) && $_GET['attachment'] === '0') {
        header('Content-disposition: filename="' . $r[0]['filename'] . '"');
    } else {
        header('Content-disposition: attachment; filename="' . $r[0]['filename'] . '"');
    }
    echo $r[0]['data'];
    killme();
    // NOTREACHED
}
Esempio n. 14
0
function pubsub_post(&$a)
{
    $xml = file_get_contents('php://input');
    logger('pubsub: feed arrived from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $a->cmd);
    logger('pubsub: user-agent: ' . $_SERVER['HTTP_USER_AGENT']);
    logger('pubsub: data: ' . $xml, LOGGER_DATA);
    //	if(! stristr($xml,'<?xml')) {
    //		logger('pubsub_post: bad xml');
    //		hub_post_return();
    //	}
    $nick = $a->argc > 1 ? notags(trim($a->argv[1])) : '';
    $contact_id = $a->argc > 2 ? intval($a->argv[2]) : 0;
    $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1", dbesc($nick));
    if (!count($r)) {
        hub_post_return();
    }
    $importer = $r[0];
    $r = q("SELECT * FROM `contact` WHERE `subhub` = 1 AND `id` = %d AND `uid` = %d \n\t\tAND ( `rel` = %d OR `rel` = %d OR network = '%s' ) AND `blocked` = 0 AND `readonly` = 0 LIMIT 1", intval($contact_id), intval($importer['uid']), intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND), dbesc(NETWORK_FEED));
    if (!count($r)) {
        logger('pubsub: no contact record for "' . $nick . ' (' . $contact_id . ')" - ignored. ' . $xml);
        hub_post_return();
    }
    $contact = $r[0];
    // we have no way to match Diaspora guid's with atom post id's and could get duplicates.
    // we'll assume that direct delivery is robust (and this is a bad assumption, but the duplicates are messy).
    if ($r[0]['network'] === NETWORK_DIASPORA) {
        hub_post_return();
    }
    $feedhub = '';
    require_once 'include/items.php';
    consume_feed($xml, $importer, $contact, $feedhub, 1, 1);
    // do it a second time so that any children find their parents.
    consume_feed($xml, $importer, $contact, $feedhub, 1, 2);
    hub_post_return();
}
Esempio n. 15
0
 function get()
 {
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $channel = \App::get_channel();
     $app = null;
     $embed = null;
     if ($_REQUEST['appid']) {
         $r = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($_REQUEST['appid']), dbesc(local_channel()));
         if ($r) {
             $app = $r[0];
             $term = q("select * from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($r[0]['id']));
             if ($term) {
                 $app['categories'] = '';
                 foreach ($term as $t) {
                     if ($app['categories']) {
                         $app['categories'] .= ',';
                     }
                     $app['categories'] .= $t['term'];
                 }
             }
         }
         $embed = array('embed', t('Embed code'), app_encode($app, true), '', 'onclick="this.select();"');
     }
     return replace_macros(get_markup_template('app_create.tpl'), array('$banner' => $app ? t('Edit App') : t('Create App'), '$app' => $app, '$guid' => $app ? $app['app_id'] : '', '$author' => $app ? $app['app_author'] : $channel['channel_hash'], '$addr' => $app ? $app['app_addr'] : $channel['xchan_addr'], '$name' => array('name', t('Name of app'), $app ? $app['app_name'] : '', t('Required')), '$url' => array('url', t('Location (URL) of app'), $app ? $app['app_url'] : '', t('Required')), '$desc' => array('desc', t('Description'), $app ? $app['app_desc'] : '', ''), '$photo' => array('photo', t('Photo icon URL'), $app ? $app['app_photo'] : '', t('80 x 80 pixels - optional')), '$categories' => array('categories', t('Categories (optional, comma separated list)'), $app ? $app['categories'] : '', ''), '$version' => array('version', t('Version ID'), $app ? $app['app_version'] : '', ''), '$price' => array('price', t('Price of app'), $app ? $app['app_price'] : '', ''), '$page' => array('page', t('Location (URL) to purchase app'), $app ? $app['app_page'] : '', ''), '$system' => $app ? intval($app['app_system']) : 0, '$requires' => $app ? $app['app_requires'] : '', '$embed' => $embed, '$submit' => t('Submit')));
 }
Esempio n. 16
0
 function init()
 {
     $result = array('success' => false);
     $mindate = $_REQUEST['mindate'] ? datetime_convert('UTC', 'UTC', $_REQUEST['mindate']) : '';
     if (!$mindate) {
         $mindate = datetime_convert('UTC', 'UTC', 'now - 14 days');
     }
     if (observer_prohibited()) {
         $result['message'] = 'Public access denied';
         json_return_and_die($result);
     }
     $observer = \App::get_observer();
     $channel_address = argc() > 1 ? argv(1) : '';
     if ($channel_address) {
         $r = q("select channel_id, channel_name from channel where channel_address = '%s' and channel_removed = 0 limit 1", dbesc(argv(1)));
     } else {
         $x = get_sys_channel();
         if ($x) {
             $r = array($x);
         }
         $mindate = datetime_convert('UTC', 'UTC', 'now - 14 days');
     }
     if (!$r) {
         $result['message'] = 'Channel not found.';
         json_return_and_die($result);
     }
     logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG);
     $result['messages'] = zot_feed($r[0]['channel_id'], $observer['xchan_hash'], array('mindate' => $mindate));
     $result['success'] = true;
     json_return_and_die($result);
 }
Esempio n. 17
0
/**
 * Display admin settings for this addon
 */
function libravatar_plugin_admin(&$a, &$o)
{
    $t = get_markup_template("admin.tpl", "addon/libravatar");
    $default_avatar = get_config('libravatar', 'default_img');
    // set default values for first configuration
    if (!$default_avatar) {
        $default_avatar = 'identicon';
    }
    // pseudo-random geometric pattern based on email hash
    // Available options for the select boxes
    $default_avatars = array('mm' => t('generic profile image'), 'identicon' => t('random geometric pattern'), 'monsterid' => t('monster face'), 'wavatar' => t('computer generated face'), 'retro' => t('retro arcade style face'));
    // Show warning if PHP version is too old
    if (!version_compare(PHP_VERSION, '5.3.0', '>=')) {
        $o = '<h5>' . t('Warning') . '</h5><p>';
        $o .= sprintf(t('Your PHP version %s is lower than the required PHP >= 5.3.'), PHP_VERSION);
        $o .= '<br>' . t('This addon is not functional on your server.') . '<p><br>';
        return;
    }
    // Libravatar falls back to gravatar, so show warning about gravatar addon if enabled
    $r = q("SELECT * FROM `addon` WHERE `name` = '%s' and `installed` = 1", dbesc('gravatar'));
    if (count($r)) {
        $o = '<h5>' . t('Information') . '</h5><p>' . t('Gravatar addon is installed. Please disable the Gravatar addon.<br>The Libravatar addon will fall back to Gravatar if nothing was found at Libravatar.') . '</p><br><br>';
    }
    // output Libravatar settings
    $o .= '<input type="hidden" name="form_security_token" value="' . get_form_security_token("libravatarsave") . '">';
    $o .= replace_macros($t, array('$submit' => t('Save Settings'), '$default_avatar' => array('avatar', t('Default avatar image'), $default_avatar, t('Select default avatar image if none was found. See README'), $default_avatars)));
}
Esempio n. 18
0
function zotfeed_init(&$a)
{
    $result = array('success' => false);
    $mindate = $_REQUEST['mindate'] ? datetime_convert('UTC', 'UTC', $_REQUEST['mindate']) : '';
    if (!$mindate) {
        $mindate = datetime_convert('UTC', 'UTC', 'now - 1 month');
    }
    if (get_config('system', 'block_public') && !get_account_id() && !remote_user()) {
        $result['message'] = 'Public access denied';
        json_return_and_die($result);
    }
    $observer = $a->get_observer();
    $channel_address = argc() > 1 ? argv(1) : '';
    if ($channel_address) {
        $r = q("select channel_id, channel_name from channel where channel_address = '%s' and not (channel_pageflags & %d) limit 1", dbesc(argv(1)), intval(PAGE_REMOVED));
    } else {
        $x = get_sys_channel();
        if ($x) {
            $r = array($x);
        }
    }
    if (!$r) {
        $result['message'] = 'Channel not found.';
        json_return_and_die($result);
    }
    logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG);
    $result['messages'] = zot_feed($r[0]['channel_id'], $observer['xchan_hash'], $mindate);
    $result['success'] = true;
    json_return_and_die($result);
}
Esempio n. 19
0
function p_init(&$a)
{
    if (argc() < 2) {
        http_status_exit(401);
    }
    $mid = str_replace('.xml', '', argv(1));
    $r = q("select * from item where mid = '%s' and item_wall = 1 and item_private = 0 limit 1", dbesc($mid));
    if (!$r || !perm_is_allowed($r[0]['uid'], '', 'view_stream')) {
        http_status_exit(404);
    }
    $c = q("select * from channel where channel_id = %d limit 1", intval($r[0]['uid']));
    if (!$c) {
        http_status_exit(404);
    }
    $myaddr = $c[0]['channel_address'] . '@' . App::get_hostname();
    $item = $r[0];
    $title = $item['title'];
    $body = bb2diaspora_itembody($item);
    $created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C');
    $tpl = get_markup_template('diaspora_post.tpl', 'addon/diaspora');
    $msg = replace_macros($tpl, array('$body' => xmlify($body), '$guid' => $item['mid'], '$handle' => xmlify($myaddr), '$public' => 'true', '$created' => $created, '$provider' => $item['app'] ? $item['app'] : t('$projectname')));
    header('Content-type: text/xml');
    echo $msg;
    killme();
}
Esempio n. 20
0
function onedirsync_run($argv, $argc)
{
    cli_startup();
    $a = get_app();
    logger('onedirsync: start ' . intval($argv[1]));
    if ($argc > 1 && intval($argv[1])) {
        $update_id = intval($argv[1]);
    }
    if (!$update_id) {
        logger('onedirsync: no update');
        return;
    }
    $r = q("select * from updates where ud_id = %d limit 1", intval($update_id));
    if (!$r) {
        return;
    }
    if ($r[0]['ud_flags'] & UPDATE_FLAGS_UPDATED || !$r[0]['ud_addr']) {
        return;
    }
    // Have we probed this channel more recently than the other directory server
    // (where we received this update from) ?
    // If we have, we don't need to do anything except mark any older entries updated
    $x = q("select * from updates where ud_addr = '%s' and ud_date > '%s' and ( ud_flags & %d ) order by ud_date desc limit 1", dbesc($r[0]['ud_addr']), dbesc($r[0]['ud_date']), intval(UPDATE_FLAGS_UPDATED));
    if ($x) {
        $y = q("update updates set ud_flags = ( ud_flags | %d ) where ud_addr = '%s' and not ( ud_flags & %d ) and ud_date < '%s' ", intval(UPDATE_FLAGS_UPDATED), dbesc($r[0]['ud_addr']), intval(UPDATE_FLAGS_UPDATED), dbesc($x[0]['ud_date']));
        return;
    }
    update_directory_entry($r[0]);
    return;
}
Esempio n. 21
0
function handle_pubsubhubbub()
{
    global $a, $db;
    logger('start');
    // We'll push to each subscriber that has push > 0,
    // i.e. there has been an update (set in notifier.php).
    $r = q("SELECT * FROM `push_subscriber` WHERE `push` > 0");
    foreach ($r as $rr) {
        $params = get_feed_for($a, '', $rr['nickname'], $rr['last_update'], 0, true);
        $hmac_sig = hash_hmac("sha1", $params, $rr['secret']);
        $headers = array("Content-type: application/atom+xml", sprintf("Link: <%s>;rel=hub," . "<%s>;rel=self", $a->get_baseurl() . '/pubsubhubbub', $rr['topic']), "X-Hub-Signature: sha1=" . $hmac_sig);
        logger('POST ' . print_r($headers, true) . "\n" . $params, LOGGER_DEBUG);
        post_url($rr['callback_url'], $params, $headers);
        $ret = $a->get_curl_code();
        if ($ret >= 200 && $ret <= 299) {
            logger('successfully pushed to ' . $rr['callback_url']);
            // set last_update to "now", and reset push=0
            $date_now = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s');
            q("UPDATE `push_subscriber` SET `push` = 0, last_update = '%s' WHERE id = %d", dbesc($date_now), intval($rr['id']));
        } else {
            logger('error when pushing to ' . $rr['callback_url'] . ' HTTP: ' . $ret);
            // we use the push variable also as a counter, if we failed we
            // increment this until some upper limit where we give up
            $new_push = intval($rr['push']) + 1;
            if ($new_push > 30) {
                // OK, let's give up
                $new_push = 0;
            }
            q("UPDATE `push_subscriber` SET `push` = %d WHERE id = %d", $new_push, intval($rr['id']));
        }
    }
    logger('done');
}
Esempio n. 22
0
function lostpass_content(&$a)
{
    if (x($_GET, 'verify')) {
        $verify = $_GET['verify'];
        $hash = hash('whirlpool', $verify);
        $r = q("SELECT * FROM `user` WHERE `pwdreset` = '%s' LIMIT 1", dbesc($hash));
        if (!count($r)) {
            notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL);
            goaway(z_root());
            return;
        }
        $uid = $r[0]['uid'];
        $username = $r[0]['username'];
        $email = $r[0]['email'];
        $new_password = autoname(6) . mt_rand(100, 9999);
        $new_password_encoded = hash('whirlpool', $new_password);
        $r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = ''  WHERE `uid` = %d LIMIT 1", dbesc($new_password_encoded), intval($uid));
        if ($r) {
            $tpl = get_markup_template('pwdreset.tpl');
            $o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl()));
            info("Your password has been reset." . EOL);
            $email_tpl = get_intltext_template("passchanged_eml.tpl");
            $email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid));
            $res = mail($email, "Your password has changed at {$a->config['sitename']}", $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
            return $o;
        }
    } else {
        $tpl = get_markup_template('lostpass.tpl');
        $o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Nickname or Email: '), '$submit' => t('Reset')));
        return $o;
    }
}
Esempio n. 23
0
 function init()
 {
     if (argc() > 1) {
         $which = argv(1);
     } else {
         notice(t('Requested profile is not available.') . EOL);
         \App::$error = 404;
         return;
     }
     $profile = '';
     $channel = \App::get_channel();
     if (local_channel() && argc() > 2 && argv(2) === 'view') {
         $which = $channel['channel_address'];
         $profile = argv(1);
         $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel()));
         if (!$r) {
             $profile = '';
         }
         $profile = $r[0]['profile_guid'];
     }
     \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n";
     if (!$profile) {
         $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", dbesc(argv(1)));
         if ($x) {
             \App::$profile = $x[0];
         }
     }
     profile_load($a, $which, $profile);
 }
Esempio n. 24
0
 function init()
 {
     $uri = urldecode(notags(trim($_GET['uri'])));
     logger('xrd: ' . $uri, LOGGER_DEBUG);
     $resource = $uri;
     if (substr($uri, 0, 4) === 'http') {
         $uri = str_replace('~', '', $uri);
         $name = basename($uri);
     } else {
         $local = str_replace('acct:', '', $uri);
         if (substr($local, 0, 2) == '//') {
             $local = substr($local, 2);
         }
         $name = substr($local, 0, strpos($local, '@'));
     }
     $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", dbesc($name));
     if (!$r) {
         killme();
     }
     $dspr = replace_macros(get_markup_template('xrd_diaspora.tpl'), array('$baseurl' => z_root(), '$dspr_guid' => $r[0]['channel_guid'] . str_replace('.', '', \App::get_hostname()), '$dspr_key' => base64_encode(pemtorsa($r[0]['channel_pubkey']))));
     $salmon_key = salmon_key($r[0]['channel_pubkey']);
     header('Access-Control-Allow-Origin: *');
     header("Content-type: application/xrd+xml");
     $aliases = array('acct:' . channel_reddress($r[0]), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']);
     for ($x = 0; $x < count($aliases); $x++) {
         if ($aliases[$x] === $resource) {
             unset($aliases[$x]);
         }
     }
     $o = replace_macros(get_markup_template('xrd_person.tpl'), array('$nick' => $r[0]['channel_address'], '$accturi' => $resource, '$aliases' => $aliases, '$profile_url' => z_root() . '/channel/' . $r[0]['channel_address'], '$hcard_url' => z_root() . '/hcard/' . $r[0]['channel_address'], '$atom' => z_root() . '/feed/' . $r[0]['channel_address'], '$zot_post' => z_root() . '/post/' . $r[0]['channel_address'], '$poco_url' => z_root() . '/poco/' . $r[0]['channel_address'], '$photo' => z_root() . '/photo/profile/l/' . $r[0]['channel_id'], '$dspr' => $dspr, '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$subscribe' => z_root() . '/follow?url={uri}', '$bigkey' => salmon_key($r[0]['channel_pubkey'])));
     $arr = array('user' => $r[0], 'xml' => $o);
     call_hooks('personal_xrd', $arr);
     echo $arr['xml'];
     killme();
 }
Esempio n. 25
0
 public static function clear()
 {
     q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 30 days")), intval(CACHE_MONTH));
     q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 7 days")), intval(CACHE_WEEK));
     q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 1 days")), intval(CACHE_DAY));
     q("DELETE FROM `cache` WHERE `updated` < '%s' AND `expire_mode` = %d", dbesc(datetime_convert('UTC', 'UTC', "now - 1 hours")), intval(CACHE_HOUR));
 }
Esempio n. 26
0
function chat_post(&$a)
{
    if ($_POST['room_name']) {
        $room = strip_tags(trim($_POST['room_name']));
    }
    if (!$room || !local_channel()) {
        return;
    }
    $channel = $a->get_channel();
    if ($_POST['action'] === 'drop') {
        logger('delete chatroom');
        chatroom_destroy($channel, array('cr_name' => $room));
        goaway(z_root() . '/chat/' . $channel['channel_address']);
    }
    $acl = new AccessList($channel);
    $acl->set_from_array($_REQUEST);
    $arr = $acl->get();
    $arr['name'] = $room;
    $arr['expire'] = intval($_POST['chat_expire']);
    if (intval($arr['expire']) < 0) {
        $arr['expire'] = 0;
    }
    chatroom_create($channel, $arr);
    $x = q("select * from chatroom where cr_name = '%s' and cr_uid = %d limit 1", dbesc($room), intval(local_channel()));
    build_sync_packet(0, array('chatroom' => $x));
    if ($x) {
        goaway(z_root() . '/chat/' . $channel['channel_address'] . '/' . $x[0]['cr_id']);
    }
    // that failed. Try again perhaps?
    goaway(z_root() . '/chat/' . $channel['channel_address'] . '/new');
}
Esempio n. 27
0
 function get()
 {
     if (argc() > 2 && argv(2) === 'add') {
         $tpl = get_markup_template("settings_oauth_edit.tpl");
         $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional'))));
         return $o;
     }
     if (argc() > 3 && argv(2) === 'edit') {
         $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
         if (!count($r)) {
             notice(t('Application not found.'));
             return;
         }
         $app = $r[0];
         $tpl = get_markup_template("settings_oauth_edit.tpl");
         $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['clname'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
         return $o;
     }
     if (argc() > 3 && argv(2) === 'delete') {
         check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
         $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
         goaway(z_root() . "/settings/oauth/");
         return;
     }
     $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel());
     $tpl = get_markup_template("settings_oauth.tpl");
     $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => z_root(), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
     return $o;
 }
Esempio n. 28
0
function find_diaspora_person_by_handle($handle)
{
    $person = false;
    $refresh = false;
    if (diaspora_is_blacklisted($handle)) {
        return false;
    }
    $r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' limit 1", dbesc($handle));
    if ($r) {
        $person = $r[0];
        logger('find_diaspora_person_by handle: in cache ' . print_r($r, true), LOGGER_DATA, LOG_DEBUG);
        if ($person['xchan_name_date'] < datetime_convert('UTC', 'UTC', 'now - 1 month')) {
            logger('Updating Diaspora cached record for ' . $handle);
            $refresh = true;
        }
    }
    if (!$person || $refresh) {
        // try webfinger. Make sure to distinguish between diaspora,
        // hubzilla w/diaspora protocol and friendica w/diaspora protocol.
        $result = discover_by_webbie($handle);
        if ($result) {
            $r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' limit 1", dbesc(str_replace('acct:', '', $handle)));
            if ($r) {
                $person = $r[0];
                logger('find_diaspora_person_by handle: discovered ' . print_r($r, true), LOGGER_DATA, LOG_DEBUG);
            }
        }
    }
    return $person;
}
Esempio n. 29
0
function tagrm_post(&$a)
{
    if (!local_user()) {
        goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
    }
    if (x($_POST, 'submit') && $_POST['submit'] === t('Cancel')) {
        goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
    }
    $tag = x($_POST, 'tag') ? hex2bin(notags(trim($_POST['tag']))) : '';
    $item = x($_POST, 'item') ? intval($_POST['item']) : 0;
    $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item), intval(local_user()));
    if (!count($r)) {
        goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
    }
    $arr = explode(',', $r[0]['tag']);
    for ($x = 0; $x < count($arr); $x++) {
        if ($arr[$x] === $tag) {
            unset($arr[$x]);
            break;
        }
    }
    $tag_str = implode(',', $arr);
    q("UPDATE `item` SET `tag` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($tag_str), intval($item), intval(local_user()));
    info(t('Tag removed') . EOL);
    goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
    // NOTREACHED
}
Esempio n. 30
0
function lostpass_content(&$a)
{
    if (x($_GET, 'verify')) {
        $verify = $_GET['verify'];
        $r = q("SELECT * FROM account WHERE account_reset = '%s' LIMIT 1", dbesc($verify));
        if (!$r) {
            notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL);
            goaway(z_root());
            return;
        }
        $aid = $r[0]['account_id'];
        $email = $r[0]['account_email'];
        $new_password = autoname(6) . mt_rand(100, 9999);
        $salt = random_string(32);
        $password_encoded = hash('whirlpool', $salt . $new_password);
        $r = q("UPDATE account SET account_salt = '%s', account_password = '******', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d", dbesc($salt), dbesc($password_encoded), intval(ACCOUNT_UNVERIFIED), intval($aid));
        if ($r) {
            $tpl = get_markup_template('pwdreset.tpl');
            $o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl()));
            info("Your password has been reset." . EOL);
            $email_tpl = get_intltext_template("passchanged_eml.tpl");
            $message = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => sprintf(t('Site Member (%s)'), $email), '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid));
            $subject = email_header_encode(sprintf(t('Your password has changed at %s'), get_config('system', 'sitename')), 'UTF-8');
            $res = mail($email, $subject, $message, 'From: ' . 'Administrator@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
            return $o;
        }
    } else {
        $tpl = get_markup_template('lostpass.tpl');
        $o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Email Address'), '$submit' => t('Reset')));
        return $o;
    }
}