function init() { if (!is_dir('store')) { os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); } $which = null; if (argc() > 1) { $which = argv(1); } $profile = 0; \App::$page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . z_root() . '/feed/' . $which . '" />' . "\r\n"; if ($which) { profile_load($which, $profile); } $auth = new \Zotlabs\Storage\BasicAuth(); $ob_hash = get_observer_hash(); if ($ob_hash) { if (local_channel()) { $channel = \App::get_channel(); $auth->setCurrentUser($channel['channel_address']); $auth->channel_id = $channel['channel_id']; $auth->channel_hash = $channel['channel_hash']; $auth->channel_account_id = $channel['channel_account_id']; if ($channel['channel_timezone']) { $auth->setTimezone($channel['channel_timezone']); } } $auth->observer = $ob_hash; } if ($_GET['davguest']) { $_SESSION['davguest'] = true; } $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); // A SabreDAV server-object $server = new SDAV\Server($rootDirectory); // prevent overwriting changes each other with a lock backend $lockBackend = new SDAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new SDAV\Locks\Plugin($lockBackend); $server->addPlugin($lockPlugin); $is_readable = false; // provide a directory view for the cloud in Hubzilla $browser = new \Zotlabs\Storage\Browser($auth); $auth->setBrowserPlugin($browser); $server->addPlugin($browser); // Experimental QuotaPlugin // require_once('\Zotlabs\Storage/QuotaPlugin.php'); // $server->addPlugin(new \Zotlabs\Storage\\QuotaPlugin($auth)); ob_start(); // All we need to do now, is to fire up the server $server->exec(); ob_end_flush(); killme(); }
function init() { logger('oep: ' . print_r($_REQUEST, true), LOGGER_DEBUG, LOG_INFO); $html = argc() > 1 && argv(1) === 'html' ? true : false; if ($_REQUEST['url']) { $_REQUEST['url'] = strip_zids($_REQUEST['url']); $url = $_REQUEST['url']; } if (!$url) { http_status_exit(404, 'Not found'); } $maxwidth = $_REQUEST['maxwidth']; $maxheight = $_REQUEST['maxheight']; $format = $_REQUEST['format']; if ($format && $format !== 'json') { http_status_exit(501, 'Not implemented'); } if (fnmatch('*/photos/*/album/*', $url)) { $arr = $this->oep_album_reply($_REQUEST); } elseif (fnmatch('*/photos/*/image/*', $url)) { $arr = $this->oep_photo_reply($_REQUEST); } elseif (fnmatch('*/photos*', $url)) { $arr = $this->oep_phototop_reply($_REQUEST); } elseif (fnmatch('*/display/*', $url)) { $arr = $this->oep_display_reply($_REQUEST); } elseif (fnmatch('*/channel/*mid=*', $url)) { $arr = $this->oep_mid_reply($_REQUEST); } elseif (fnmatch('*/channel*', $url)) { $arr = $this->oep_profile_reply($_REQUEST); } elseif (fnmatch('*/profile/*', $url)) { $arr = $this->oep_profile_reply($_REQUEST); } if ($arr) { if ($html) { if ($arr['type'] === 'rich') { header('Content-Type: text/html'); echo $arr['html']; } } else { header('Content-Type: application/json+oembed'); echo json_encode($arr); } killme(); } http_status_exit(404, 'Not found'); }
function red_zrlify_img_callback($matches) { require_once 'include/hubloc.php'; $zrl = is_matrix_url($matches[2]); $t = strip_zids($matches[2]); if ($t !== $matches[2]) { $zrl = true; $matches[2] = $t; } if ($zrl) { return '[zmg' . $matches[1] . ']' . $matches[2] . '[/zmg]'; } return $matches[0]; }
* Language was set earlier, but we can over-ride it in the session. * We have to do it here because the session was just now opened. */ if (array_key_exists('system_language', $_POST)) { if (strlen($_POST['system_language'])) { $_SESSION['language'] = $_POST['system_language']; } else { unset($_SESSION['language']); } } if (x($_SESSION, 'language') && $_SESSION['language'] !== $lang) { $a->language = $_SESSION['language']; load_translation_table($a->language); } if (x($_GET, 'zid') && !$a->install) { $a->query_string = strip_zids($a->query_string); if (!local_channel()) { $_SESSION['my_address'] = $_GET['zid']; zid_init($a); } } if (x($_SESSION, 'authenticated') || x($_POST, 'auth-params') || $a->module === 'login') { require 'include/auth.php'; } if (!x($_SESSION, 'sysmsg')) { $_SESSION['sysmsg'] = array(); } if (!x($_SESSION, 'sysmsg_info')) { $_SESSION['sysmsg_info'] = array(); } /*
/** * @brief Fires up the SabreDAV server. * * @param App &$a */ function cloud_init(&$a) { // call ($currenttheme)_init since we're operating outside of index.php $theme_info_file = "view/theme/" . current_theme() . "/php/theme.php"; if (file_exists($theme_info_file)) { require_once $theme_info_file; if (function_exists(str_replace('-', '_', current_theme()) . '_init')) { $func = str_replace('-', '_', current_theme()) . '_init'; $func($a); } } require_once 'include/reddav.php'; if (!is_dir('store')) { os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); } $which = null; if (argc() > 1) { $which = argv(1); } $profile = 0; $channel = $a->get_channel(); $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n"; if ($which) { profile_load($a, $which, $profile); } $auth = new RedBasicAuth(); $ob_hash = get_observer_hash(); if ($ob_hash) { if (local_user()) { $channel = $a->get_channel(); $auth->setCurrentUser($channel['channel_address']); $auth->channel_name = $channel['channel_address']; $auth->channel_id = $channel['channel_id']; $auth->channel_hash = $channel['channel_hash']; $auth->channel_account_id = $channel['channel_account_id']; if ($channel['channel_timezone']) { $auth->timezone = $channel['channel_timezone']; } } $auth->observer = $ob_hash; } if ($_GET['davguest']) { $_SESSION['davguest'] = true; } $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); $rootDirectory = new RedDirectory('/', $auth); // A SabreDAV server-object $server = new DAV\Server($rootDirectory); // prevent overwriting changes each other with a lock backend $lockBackend = new DAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new DAV\Locks\Plugin($lockBackend); $server->addPlugin($lockPlugin); // The next section of code allows us to bypass prompting for http-auth if a FILE is being accessed anonymously and permissions // allow this. This way one can create hotlinks to public media files in their cloud and anonymous viewers won't get asked to login. // If a DIRECTORY is accessed or there are permission issues accessing the file and we aren't previously authenticated via zot, // prompt for HTTP-auth. This will be the default case for mounting a DAV directory. // In order to avoid prompting for passwords for viewing a DIRECTORY, add the URL query parameter 'davguest=1' $isapublic_file = false; $davguest = x($_SESSION, 'davguest') ? true : false; if (!$auth->observer && $_SERVER['REQUEST_METHOD'] === 'GET') { try { $x = RedFileData('/' . $a->cmd, $auth); if ($x instanceof RedFile) { $isapublic_file = true; } } catch (Exception $e) { $isapublic_file = false; } } if (!$auth->observer && !$isapublic_file && !$davguest) { try { $auth->Authenticate($server, t('Red Matrix - Guests: Username: {your email address}, Password: +++')); } catch (Exception $e) { logger('mod_cloud: auth exception' . $e->getMessage()); http_status_exit($e->getHTTPCode(), $e->getMessage()); } } // provide a directory view for the cloud in Red Matrix $browser = new RedBrowser($auth); $auth->setBrowserPlugin($browser); $server->addPlugin($browser); // All we need to do now, is to fire up the server $server->exec(); killme(); }
/** * @brief Fires up the SabreDAV server. * * @param App &$a */ function cloud_init(&$a) { require_once 'include/reddav.php'; if (!is_dir('store')) { os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); } $which = null; if (argc() > 1) { $which = argv(1); } $profile = 0; $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n"; if ($which) { profile_load($a, $which, $profile); } $auth = new RedDAV\RedBasicAuth(); $ob_hash = get_observer_hash(); if ($ob_hash) { if (local_channel()) { $channel = $a->get_channel(); $auth->setCurrentUser($channel['channel_address']); $auth->channel_id = $channel['channel_id']; $auth->channel_hash = $channel['channel_hash']; $auth->channel_account_id = $channel['channel_account_id']; if ($channel['channel_timezone']) { $auth->setTimezone($channel['channel_timezone']); } } $auth->observer = $ob_hash; } if ($_GET['davguest']) { $_SESSION['davguest'] = true; } $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); $rootDirectory = new RedDAV\RedDirectory('/', $auth); // A SabreDAV server-object $server = new DAV\Server($rootDirectory); // prevent overwriting changes each other with a lock backend $lockBackend = new DAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new DAV\Locks\Plugin($lockBackend); $server->addPlugin($lockPlugin); $is_readable = false; if ($_SERVER['REQUEST_METHOD'] === 'GET') { try { $x = RedFileData('/' . $a->cmd, $auth); } catch (\Exception $e) { if ($e instanceof Sabre\DAV\Exception\Forbidden) { http_status_exit(401, 'Permission denied.'); } } } require_once 'include/RedDAV/RedBrowser.php'; // provide a directory view for the cloud in Hubzilla $browser = new RedDAV\RedBrowser($auth); $auth->setBrowserPlugin($browser); $server->addPlugin($browser); // Experimental QuotaPlugin // require_once('include/RedDAV/QuotaPlugin.php'); // $server->addPlugin(new RedDAV\QuotaPlugin($auth)); // All we need to do now, is to fire up the server $server->exec(); killme(); }
* Language was set earlier, but we can over-ride it in the session. * We have to do it here because the session was just now opened. */ if (array_key_exists('system_language', $_POST)) { if (strlen($_POST['system_language'])) { $_SESSION['language'] = $_POST['system_language']; } else { unset($_SESSION['language']); } } if (x($_SESSION, 'language') && $_SESSION['language'] !== $lang) { App::$language = $_SESSION['language']; load_translation_table(App::$language); } if (x($_GET, 'zid') && !App::$install) { App::$query_string = strip_zids(App::$query_string); if (!local_channel()) { $_SESSION['my_address'] = $_GET['zid']; zid_init($a); } } if (x($_SESSION, 'authenticated') || x($_POST, 'auth-params') || App::$module === 'login') { require 'include/auth.php'; } if (!x($_SESSION, 'sysmsg')) { $_SESSION['sysmsg'] = array(); } if (!x($_SESSION, 'sysmsg_info')) { $_SESSION['sysmsg_info'] = array(); } /*
public function run() { /* * Bootstrap the application, load configuration, load modules, load theme, etc. */ require_once 'boot.php'; sys_boot(); \App::$language = get_best_language(); load_translation_table(\App::$language, \App::$install); /** * * Important stuff we always need to do. * * The order of these may be important so use caution if you think they're all * intertwingled with no logical order and decide to sort it out. Some of the * dependencies have changed, but at least at one time in the recent past - the * order was critical to everything working properly * */ if (\App::$session) { \App::$session->start(); } else { session_start(); register_shutdown_function('session_write_close'); } /** * Language was set earlier, but we can over-ride it in the session. * We have to do it here because the session was just now opened. */ if (array_key_exists('system_language', $_POST)) { if (strlen($_POST['system_language'])) { $_SESSION['language'] = $_POST['system_language']; } else { unset($_SESSION['language']); } } if (x($_SESSION, 'language') && $_SESSION['language'] !== $lang) { \App::$language = $_SESSION['language']; load_translation_table(\App::$language); } if (x($_GET, 'zid') && !\App::$install) { \App::$query_string = strip_zids(\App::$query_string); if (!local_channel()) { $_SESSION['my_address'] = $_GET['zid']; zid_init(); } } if (x($_GET, 'zat') && !\App::$install) { \App::$query_string = strip_zats(\App::$query_string); if (!local_channel()) { zat_init(); } } if (x($_SESSION, 'authenticated') || x($_POST, 'auth-params') || \App::$module === 'login') { require 'include/auth.php'; } if (!x($_SESSION, 'sysmsg')) { $_SESSION['sysmsg'] = array(); } if (!x($_SESSION, 'sysmsg_info')) { $_SESSION['sysmsg_info'] = array(); } /* * check_config() is responsible for running update scripts. These automatically * update the DB schema whenever we push a new one out. It also checks to see if * any plugins have been added or removed and reacts accordingly. */ if (\App::$install) { /* Allow an exception for the view module so that pcss will be interpreted during installation */ if (\App::$module != 'view') { \App::$module = 'setup'; } } else { check_config($a); } nav_set_selected('nothing'); $Router = new Router($a); /* initialise content region */ if (!x(\App::$page, 'content')) { \App::$page['content'] = ''; } call_hooks('page_content_top', \App::$page['content']); $Router->Dispatch($a); // If you're just visiting, let javascript take you home if (x($_SESSION, 'visitor_home')) { $homebase = $_SESSION['visitor_home']; } elseif (local_channel()) { $homebase = z_root() . '/channel/' . \App::$channel['channel_address']; } if (isset($homebase)) { \App::$page['content'] .= '<script>var homebase = "' . $homebase . '";</script>'; } // now that we've been through the module content, see if the page reported // a permission problem and if so, a 403 response would seem to be in order. if (is_array($_SESSION['sysmsg']) && stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) { header($_SERVER['SERVER_PROTOCOL'] . ' 403 ' . t('Permission denied.')); } call_hooks('page_end', \App::$page['content']); construct_page($a); killme(); }
function get() { logger('linkinfo: ' . print_r($_REQUEST, true)); $text = null; $str_tags = ''; $br = "\n"; if (x($_GET, 'binurl')) { $url = trim(hex2bin($_GET['binurl'])); } else { $url = trim($_GET['url']); } $url = strip_zids($url); if (substr($url, 0, 1) != '/' && substr($url, 0, 4) != 'http') { $url = 'http://' . $url; } if ($_GET['title']) { $title = strip_tags(trim($_GET['title'])); } if ($_GET['description']) { $text = strip_tags(trim($_GET['description'])); } if ($_GET['tags']) { $arr_tags = str_getcsv($_GET['tags']); if (count($arr_tags)) { array_walk($arr_tags, 'self::arr_add_hashes'); $str_tags = $br . implode(' ', $arr_tags) . $br; } } logger('linkinfo: ' . $url); $result = z_fetch_url($url, false, 0, array('novalidate' => true, 'nobody' => true)); if ($result['success']) { $hdrs = array(); $h = explode("\n", $result['header']); foreach ($h as $l) { list($k, $v) = array_map("trim", explode(":", trim($l), 2)); $hdrs[$k] = $v; } if (array_key_exists('Content-Type', $hdrs)) { $type = $hdrs['Content-Type']; } if ($type) { $zrl = is_matrix_url($url); if (stripos($type, 'image/') !== false) { if ($zrl) { echo $br . '[zmg]' . $url . '[/zmg]' . $br; } else { echo $br . '[img]' . $url . '[/img]' . $br; } killme(); } if (stripos($type, 'video/') !== false) { if ($zrl) { echo $br . '[zvideo]' . $url . '[/zvideo]' . $br; } else { echo $br . '[video]' . $url . '[/video]' . $br; } killme(); } if (stripos($type, 'audio/') !== false) { if ($zrl) { echo $br . '[zaudio]' . $url . '[/zaudio]' . $br; } else { echo $br . '[audio]' . $url . '[/audio]' . $br; } killme(); } } } $template = $br . '#^[url=%s]%s[/url]%s' . $br; $arr = array('url' => $url, 'text' => ''); call_hooks('parse_link', $arr); if (strlen($arr['text'])) { echo $arr['text']; killme(); } $x = oembed_process($url); if ($x) { echo $x; killme(); } if ($url && $title && $text) { $text = $br . '[quote]' . trim($text) . '[/quote]' . $br; $title = str_replace(array("\r", "\n"), array('', ''), $title); $result = sprintf($template, $url, $title ? $title : $url, $text) . $str_tags; logger('linkinfo (unparsed): returns: ' . $result); echo $result; killme(); } $siteinfo = self::parseurl_getsiteinfo($url); // If this is a Red site, use zrl rather than url so they get zids sent to them by default if (x($siteinfo, 'generator') && strpos($siteinfo['generator'], \Zotlabs\Project\System::get_platform_name() . ' ') === 0) { $template = str_replace('url', 'zrl', $template); } if ($siteinfo["title"] == "") { echo sprintf($template, $url, $url, '') . $str_tags; killme(); } else { $text = $siteinfo["text"]; $title = $siteinfo["title"]; } $image = ""; if (sizeof($siteinfo["images"]) > 0) { /* Execute below code only if image is present in siteinfo */ $total_images = 0; $max_images = get_config('system', 'max_bookmark_images'); if ($max_images === false) { $max_images = 2; } else { $max_images = intval($max_images); } foreach ($siteinfo["images"] as $imagedata) { if ($url) { $image .= sprintf('[url=%s]', $url); } $image .= '[img=' . $imagedata["width"] . 'x' . $imagedata["height"] . ']' . $imagedata["src"] . '[/img]'; if ($url) { $image .= '[/url]'; } $image .= "\n"; $total_images++; if ($max_images && $max_images >= $total_images) { break; } } } if (strlen($text)) { $text = $br . '[quote]' . trim($text) . '[/quote]' . $br; } if ($image) { $text = $br . $br . $image . $text; } $title = str_replace(array("\r", "\n"), array('', ''), $title); $result = sprintf($template, $url, $title ? $title : $url, $text) . $str_tags; logger('linkinfo: returns: ' . $result, LOGGER_DEBUG); echo trim($result); killme(); }
/** * @brief Fires up the SabreDAV server. * * @param App &$a */ function cloud_init(&$a) { require_once 'include/reddav.php'; if (!is_dir('store')) { os_mkdir('store', STORAGE_DEFAULT_PERMISSIONS, false); } $which = null; if (argc() > 1) { $which = argv(1); } $profile = 0; $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n"; if ($which) { profile_load($a, $which, $profile); } $auth = new RedDAV\RedBasicAuth(); $ob_hash = get_observer_hash(); if ($ob_hash) { if (local_channel()) { $channel = $a->get_channel(); $auth->setCurrentUser($channel['channel_address']); $auth->channel_id = $channel['channel_id']; $auth->channel_hash = $channel['channel_hash']; $auth->channel_account_id = $channel['channel_account_id']; if ($channel['channel_timezone']) { $auth->setTimezone($channel['channel_timezone']); } } $auth->observer = $ob_hash; } if ($_GET['davguest']) { $_SESSION['davguest'] = true; } $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); $_SERVER['QUERY_STRING'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['QUERY_STRING']); $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $_SERVER['REQUEST_URI'] = preg_replace('/[\\?&]davguest=(.*?)([\\?&]|$)/ism', '', $_SERVER['REQUEST_URI']); $rootDirectory = new RedDAV\RedDirectory('/', $auth); // A SabreDAV server-object $server = new DAV\Server($rootDirectory); // prevent overwriting changes each other with a lock backend $lockBackend = new DAV\Locks\Backend\File('store/[data]/locks'); $lockPlugin = new DAV\Locks\Plugin($lockBackend); $server->addPlugin($lockPlugin); /* This next bit should no longer be needed... */ // The next section of code allows us to bypass prompting for http-auth if a // FILE is being accessed anonymously and permissions allow this. This way // one can create hotlinks to public media files in their cloud and anonymous // viewers won't get asked to login. // If a DIRECTORY is accessed or there are permission issues accessing the // file and we aren't previously authenticated via zot, prompt for HTTP-auth. // This will be the default case for mounting a DAV directory. // In order to avoid prompting for passwords for viewing a DIRECTORY, add // the URL query parameter 'davguest=1'. // $isapublic_file = false; // $davguest = ((x($_SESSION, 'davguest')) ? true : false); // if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) { // try { // $x = RedFileData('/' . $a->cmd, $auth); // if($x instanceof RedDAV\RedFile) // $isapublic_file = true; // } // catch (Exception $e) { // $isapublic_file = false; // } // } // if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { // logger('mod_cloud: auth exception'); // http_status_exit(401, 'Permission denied.'); // } require_once 'include/RedDAV/RedBrowser.php'; // provide a directory view for the cloud in Hubzilla $browser = new RedDAV\RedBrowser($auth); $auth->setBrowserPlugin($browser); $server->addPlugin($browser); // Experimental QuotaPlugin // require_once('include/RedDAV/QuotaPlugin.php'); // $server->addPlugin(new RedDAV\QuotaPlugin($auth)); // All we need to do now, is to fire up the server $server->exec(); killme(); }