function post() { check_form_security_token_redirectOnErr('/admin/security', 'admin_security'); $allowed_email = x($_POST, 'allowed_email') ? notags(trim($_POST['allowed_email'])) : ''; $not_allowed_email = x($_POST, 'not_allowed_email') ? notags(trim($_POST['not_allowed_email'])) : ''; set_config('system', 'allowed_email', $allowed_email); set_config('system', 'not_allowed_email', $not_allowed_email); $block_public = x($_POST, 'block_public') ? True : False; set_config('system', 'block_public', $block_public); $ws = $this->trim_array_elems(explode("\n", $_POST['whitelisted_sites'])); set_config('system', 'whitelisted_sites', $ws); $bs = $this->trim_array_elems(explode("\n", $_POST['blacklisted_sites'])); set_config('system', 'blacklisted_sites', $bs); $wc = $this->trim_array_elems(explode("\n", $_POST['whitelisted_channels'])); set_config('system', 'whitelisted_channels', $wc); $bc = $this->trim_array_elems(explode("\n", $_POST['blacklisted_channels'])); set_config('system', 'blacklisted_channels', $bc); $embed_sslonly = x($_POST, 'embed_sslonly') ? True : False; set_config('system', 'embed_sslonly', $embed_sslonly); $we = $this->trim_array_elems(explode("\n", $_POST['embed_allow'])); set_config('system', 'embed_allow', $we); $be = $this->trim_array_elems(explode("\n", $_POST['embed_deny'])); set_config('system', 'embed_deny', $be); $ts = x($_POST, 'transport_security') ? True : False; set_config('system', 'transport_security_header', $ts); $cs = x($_POST, 'content_security') ? True : False; set_config('system', 'content_security_policy', $cs); goaway(z_root() . '/admin/security'); }
function post() { check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured'); call_hooks('feature_settings_post', $_POST); build_sync_packet(); return; }
function get() { if (argc() > 2 && argv(2) === 'add') { $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional')))); return $o; } if (argc() > 3 && argv(2) === 'edit') { $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel()); if (!count($r)) { notice(t('Application not found.')); return; } $app = $r[0]; $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['clname'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], ''))); return $o; } if (argc() > 3 && argv(2) === 'delete') { check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel()); goaway(z_root() . "/settings/oauth/"); return; } $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel()); $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => z_root(), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r)); return $o; }
function defaultfeatures_plugin_admin_post(&$a) { check_form_security_token_redirectOnErr('/admin/plugins/defaultfeatures', 'defaultfeaturessave'); foreach ($_POST as $k => $v) { if (strpos($k, 'feature_') === 0) { set_config('defaultfeatures', substr($k, 8), intval($v) ? 1 : 0); } } info(t('Features updated') . EOL); }
function post() { if (!local_channel()) { notice(t('Permission denied.') . EOL); return; } check_form_security_token_redirectOnErr('/', 'send_invite'); $max_invites = intval(get_config('system', 'max_invites')); if (!$max_invites) { $max_invites = 50; } $current_invites = intval(get_pconfig(local_channel(), 'system', 'sent_invites')); if ($current_invites > $max_invites) { notice(t('Total invitation limit exceeded.') . EOL); return; } $recips = x($_POST, 'recipients') ? explode("\n", $_POST['recipients']) : array(); $message = x($_POST, 'message') ? notags(trim($_POST['message'])) : ''; $total = 0; if (get_config('system', 'invitation_only')) { $invonly = true; $x = get_pconfig(local_channel(), 'system', 'invites_remaining'); if (!$x && !is_site_admin()) { return; } } foreach ($recips as $recip) { $recip = trim($recip); if (!$recip) { continue; } if (!valid_email($recip)) { notice(sprintf(t('%s : Not a valid email address.'), $recip) . EOL); continue; } else { $nmessage = $message; } $account = \App::get_account(); $res = mail($recip, sprintf(t('Please join us on $Projectname'), \App::$config['sitename']), $nmessage, "From: " . $account['account_email'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit'); if ($res) { $total++; $current_invites++; set_pconfig(local_channel(), 'system', 'sent_invites', $current_invites); if ($current_invites > $max_invites) { notice(t('Invitation limit exceeded. Please contact your site administrator.') . EOL); return; } } else { notice(sprintf(t('%s : Message delivery failed.'), $recip) . EOL); } } notice(sprintf(tt("%d message sent.", "%d messages sent.", $total), $total) . EOL); return; }
/** * @brief POST handler for logs admin page. * */ function post() { if (x($_POST, 'page_logs')) { check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs'); $logfile = x($_POST, 'logfile') ? notags(trim($_POST['logfile'])) : ''; $debugging = x($_POST, 'debugging') ? true : false; $loglevel = x($_POST, 'loglevel') ? intval(trim($_POST['loglevel'])) : 0; set_config('system', 'logfile', $logfile); set_config('system', 'debugging', $debugging); set_config('system', 'loglevel', $loglevel); } info(t('Log settings updated.')); goaway(z_root() . '/admin/logs'); }
function post() { $channel = \App::get_channel(); check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens'); $token_errs = 0; if (array_key_exists('token', $_POST)) { $atoken_id = $_POST['atoken_id'] ? intval($_POST['atoken_id']) : 0; $name = trim(escape_tags($_POST['name'])); $token = trim($_POST['token']); if (!$name || !$token) { $token_errs++; } if (trim($_POST['expires'])) { $expires = datetime_convert(date_default_timezone_get(), 'UTC', $_POST['expires']); } else { $expires = NULL_DATE; } $max_atokens = service_class_fetch(local_channel(), 'access_tokens'); if ($max_atokens) { $r = q("select count(atoken_id) as total where atoken_uid = %d", intval(local_channel())); if ($r && intval($r[0]['total']) >= $max_tokens) { notice(sprintf(t('This channel is limited to %d tokens'), $max_tokens) . EOL); return; } } } if ($token_errs) { notice(t('Name and Password are required.') . EOL); return; } if ($atoken_id) { $r = q("update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s' \n\t\t\t\twhere atoken_id = %d and atoken_uid = %d", dbesc($name), dbesc($token), dbesc($expires), intval($atoken_id), intval($channel['channel_id'])); } else { $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )\n\t\t\t\tvalues ( %d, %d, '%s', '%s', '%s' ) ", intval($channel['channel_account_id']), intval($channel['channel_id']), dbesc($name), dbesc($token), dbesc($expires)); } $atoken_xchan = substr($channel['channel_hash'], 0, 16) . '.' . $name; $all_perms = \Zotlabs\Access\Permissions::Perms(); if ($all_perms) { foreach ($all_perms as $perm => $desc) { if (array_key_exists('perms_' . $perm, $_POST)) { set_abconfig($channel['channel_id'], $atoken_xchan, 'my_perms', $perm, intval($_POST['perms_' . $perm])); } else { set_abconfig($channel['channel_id'], $atoken_xchan, 'my_perms', $perm, 0); } } } info(t('Token saved.') . EOL); return; }
function post() { check_form_security_token_redirectOnErr('/settings/features', 'settings_features'); // Build list of features and check which are set // We will not create any settings for features that are above our techlevel $features = get_features(); $all_features = array(); foreach ($features as $k => $v) { foreach ($v as $f) { $all_features[] = $f[0]; } } foreach ($all_features as $k) { if (x($_POST, "feature_{$k}")) { set_pconfig(local_channel(), 'feature', $k, 1); } else { set_pconfig(local_channel(), 'feature', $k, 0); } } build_sync_packet(); return; }
function post() { if (!local_channel()) { return; } if ($_SESSION['delegate']) { return; } check_form_security_token_redirectOnErr('/pconfig', 'pconfig'); $cat = trim(escape_tags($_POST['cat'])); $k = trim(escape_tags($_POST['k'])); $v = trim($_POST['v']); if (in_array(argv(2), $this->disallowed_pconfig())) { notice(t('This setting requires special processing and editing has been blocked.') . EOL); return; } if (strpos($k, 'password') !== false) { $v = z_obscure($v); } set_pconfig(local_channel(), $cat, $k, $v); build_sync_packet(); goaway(z_root() . '/pconfig/' . $cat . '/' . $k); }
function post() { check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features'); logger('postvars: ' . print_r($_POST, true)); $arr = array(); $features = get_features(false); foreach ($features as $fname => $fdata) { foreach (array_slice($fdata, 1) as $f) { $feature = $f[0]; if (array_key_exists('feature_' . $feature, $_POST)) { $val = intval($_POST['feature_' . $feature]); } else { $val = 0; } set_config('feature', $feature, $val); if (array_key_exists('featurelock_' . $feature, $_POST)) { set_config('feature_lock', $feature, $val); } else { del_config('feature_lock', $feature); } } } goaway(z_root() . '/admin/features'); }
/** * Logs admin page * * @param App $a */ function admin_page_logs_post(&$a) { if (x($_POST, "page_logs")) { check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs'); $logfile = x($_POST, 'logfile') ? notags(trim($_POST['logfile'])) : ''; $debugging = x($_POST, 'debugging') ? true : false; $loglevel = x($_POST, 'loglevel') ? intval(trim($_POST['loglevel'])) : 0; set_config('system', 'logfile', $logfile); set_config('system', 'debugging', $debugging); set_config('system', 'loglevel', $loglevel); } info(t("Log settings updated.")); goaway($a->get_baseurl(true) . '/admin/logs'); return; // NOTREACHED }
function settings_content(&$a) { $o = ''; nav_set_selected('settings'); if (!local_channel() || $_SESSION['delegate']) { notice(t('Permission denied.') . EOL); return login(); } $channel = $a->get_channel(); if ($channel) { head_set_icon($channel['xchan_photo_s']); } $yes_no = array(t('No'), t('Yes')); if (argc() > 1 && argv(1) === 'oauth') { if (argc() > 2 && argv(2) === 'add') { $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional')))); return $o; } if (argc() > 3 && argv(2) === 'edit') { $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel()); if (!count($r)) { notice(t("You can't edit this application.")); return; } $app = $r[0]; $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['name'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], ''))); return $o; } if (argc() > 3 && argv(2) === 'delete') { check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel()); goaway($a->get_baseurl(true) . "/settings/oauth/"); return; } $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel()); $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => $a->get_baseurl(true), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r)); return $o; } if (argc() > 1 && argv(1) === 'featured') { $settings_addons = ""; $o = ''; $r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' "); if (!$r) { $settings_addons = t('No feature settings configured'); } call_hooks('feature_settings', $settings_addons); $tpl = get_markup_template("settings_addons.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_featured"), '$title' => t('Feature/Addon Settings'), '$settings_addons' => $settings_addons)); return $o; } /* * ACCOUNT SETTINGS */ if (argc() > 1 && argv(1) === 'account') { $account_settings = ""; call_hooks('account_settings', $account_settings); $email = $a->account['account_email']; $tpl = get_markup_template("settings_account.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_account"), '$title' => t('Account Settings'), '$password1' => array('npassword', t('Enter New Password:'******'', ''), '$password2' => array('confirm', t('Confirm New Password:'******'', t('Leave password fields blank unless changing')), '$submit' => t('Submit'), '$email' => array('email', t('Email Address:'), $email, ''), '$removeme' => t('Remove Account'), '$removeaccount' => t('Remove this account including all its channels'), '$account_settings' => $account_settings)); return $o; } if (argc() > 1 && argv(1) === 'features') { $arr = array(); $features = get_features(); foreach ($features as $fname => $fdata) { $arr[$fname] = array(); $arr[$fname][0] = $fdata[0]; foreach (array_slice($fdata, 1) as $f) { $arr[$fname][1][] = array('feature_' . $f[0], $f[1], intval(feature_enabled(local_channel(), $f[0])) ? "1" : '', $f[2], array(t('Off'), t('On'))); } } $tpl = get_markup_template("settings_features.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_features"), '$title' => t('Additional Features'), '$features' => $arr, '$submit' => t('Submit'))); return $o; } if (argc() > 1 && argv(1) === 'connectors') { $settings_connectors = ""; call_hooks('connector_settings', $settings_connectors); $r = null; $tpl = get_markup_template("settings_connectors.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_connectors"), '$title' => t('Connector Settings'), '$submit' => t('Submit'), '$settings_connectors' => $settings_connectors)); call_hooks('display_settings', $o); return $o; } /* * DISPLAY SETTINGS */ if (argc() > 1 && argv(1) === 'display') { $default_theme = get_config('system', 'theme'); if (!$default_theme) { $default_theme = 'default'; } $default_mobile_theme = get_config('system', 'mobile_theme'); if (!$mobile_default_theme) { $mobile_default_theme = 'none'; } $allowed_themes_str = get_config('system', 'allowed_themes'); $allowed_themes_raw = explode(',', $allowed_themes_str); $allowed_themes = array(); if (count($allowed_themes_raw)) { foreach ($allowed_themes_raw as $x) { if (strlen(trim($x)) && is_dir("view/theme/{$x}")) { $allowed_themes[] = trim($x); } } } $themes = array(); $files = glob('view/theme/*'); if ($allowed_themes) { foreach ($allowed_themes as $th) { $f = $th; $is_experimental = file_exists('view/theme/' . $th . '/experimental'); $unsupported = file_exists('view/theme/' . $th . '/unsupported'); $is_mobile = file_exists('view/theme/' . $th . '/mobile'); $is_library = file_exists('view/theme/' . $th . '/library'); $mobile_themes["---"] = t("No special theme for mobile devices"); if (!$is_experimental or $is_experimental && (get_config('experimentals', 'exp_themes') == 1 or get_config('experimentals', 'exp_themes') === false)) { $theme_name = $is_experimental ? sprintf(t('%s - (Experimental)'), $f) : $f; if (!$is_library) { if ($is_mobile) { $mobile_themes[$f] = $themes[$f] = $theme_name . ' (' . t('mobile') . ')'; } else { $mobile_themes[$f] = $themes[$f] = $theme_name; } } } } } $theme_selected = !x($_SESSION, 'theme') ? $default_theme : $_SESSION['theme']; $mobile_theme_selected = !x($_SESSION, 'mobile_theme') ? $default_mobile_theme : $_SESSION['mobile_theme']; $user_scalable = get_pconfig(local_channel(), 'system', 'user_scalable'); $user_scalable = $user_scalable === false ? '1' : $user_scalable; // default if not set: 1 $browser_update = intval(get_pconfig(local_channel(), 'system', 'update_interval')); $browser_update = $browser_update == 0 ? 80 : $browser_update / 1000; // default if not set: 40 seconds $itemspage = intval(get_pconfig(local_channel(), 'system', 'itemspage')); $itemspage = $itemspage > 0 && $itemspage < 101 ? $itemspage : 20; // default if not set: 20 items $nosmile = get_pconfig(local_channel(), 'system', 'no_smilies'); $nosmile = $nosmile === false ? '0' : $nosmile; // default if not set: 0 $title_tosource = get_pconfig(local_channel(), 'system', 'title_tosource'); $title_tosource = $title_tosource === false ? '0' : $title_tosource; // default if not set: 0 $theme_config = ""; if (($themeconfigfile = get_theme_config_file($theme_selected)) != null) { require_once $themeconfigfile; $theme_config = theme_content($a); } $tpl = get_markup_template("settings_display.tpl"); $o = replace_macros($tpl, array('$ptitle' => t('Display Settings'), '$d_tset' => t('Theme Settings'), '$d_ctset' => t('Custom Theme Settings'), '$d_cset' => t('Content Settings'), '$form_security_token' => get_form_security_token("settings_display"), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_channel(), '$theme' => $themes ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false, '$mobile_theme' => $mobile_themes ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false, '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1 - intval($nosmile), '', $yes_no), '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), '$layout_editor' => t('System Page Layout Editor - (advanced)'), '$theme_config' => $theme_config, '$expert' => feature_enabled(local_channel(), 'expert'), '$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(), 'system', 'channel_list_mode'), t('(comments displayed separately)'), $yes_no), '$network_list_mode' => array('network_list_mode', t('Use blog/list mode on grid page'), get_pconfig(local_channel(), 'system', 'network_list_mode'), t('(comments displayed separately)'), $yes_no), '$channel_divmore_height' => array('channel_divmore_height', t('Channel page max height of content (in pixels)'), get_pconfig(local_channel(), 'system', 'channel_divmore_height') ? get_pconfig(local_channel(), 'system', 'channel_divmore_height') : 400, t('click to expand content exceeding this height')), '$network_divmore_height' => array('network_divmore_height', t('Grid page max height of content (in pixels)'), get_pconfig(local_channel(), 'system', 'network_divmore_height') ? get_pconfig(local_channel(), 'system', 'network_divmore_height') : 400, t('click to expand content exceeding this height')))); return $o; } if (argv(1) === 'channel') { require_once 'include/acl_selectors.php'; require_once 'include/permissions.php'; $p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1", intval(local_channel())); if (count($p)) { $profile = $p[0]; } load_pconfig(local_channel(), 'expire'); $channel = $a->get_channel(); $global_perms = get_perms(); $permiss = array(); $perm_opts = array(array(t('Nobody except yourself'), 0), array(t('Only those you specifically allow'), PERMS_SPECIFIC), array(t('Approved connections'), PERMS_CONTACTS), array(t('Any connections'), PERMS_PENDING), array(t('Anybody on this website'), PERMS_SITE), array(t('Anybody in this network'), PERMS_NETWORK), array(t('Anybody authenticated'), PERMS_AUTHED), array(t('Anybody on the internet'), PERMS_PUBLIC)); foreach ($global_perms as $k => $perm) { $options = array(); foreach ($perm_opts as $opt) { if (!$perm[2] && $opt[1] == PERMS_PUBLIC) { continue; } $options[$opt[1]] = $opt[0]; } $permiss[] = array($k, $perm[3], $channel[$perm[0]], $perm[4], $options); } // logger('permiss: ' . print_r($permiss,true)); $username = $channel['channel_name']; $nickname = $channel['channel_address']; $timezone = $channel['channel_timezone']; $notify = $channel['channel_notifyflags']; $defloc = $channel['channel_location']; $maxreq = $channel['channel_max_friend_req']; $expire = $channel['channel_expire_days']; $adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT); $sys_expire = get_config('system', 'default_expire_days'); // $unkmail = $a->user['unkmail']; // $cntunkmail = $a->user['cntunkmail']; $hide_presence = intval(get_pconfig(local_channel(), 'system', 'hide_online_status')); $expire_items = get_pconfig(local_channel(), 'expire', 'items'); $expire_items = $expire_items === false ? '1' : $expire_items; // default if not set: 1 $expire_notes = get_pconfig(local_channel(), 'expire', 'notes'); $expire_notes = $expire_notes === false ? '1' : $expire_notes; // default if not set: 1 $expire_starred = get_pconfig(local_channel(), 'expire', 'starred'); $expire_starred = $expire_starred === false ? '1' : $expire_starred; // default if not set: 1 $expire_photos = get_pconfig(local_channel(), 'expire', 'photos'); $expire_photos = $expire_photos === false ? '0' : $expire_photos; // default if not set: 0 $expire_network_only = get_pconfig(local_channel(), 'expire', 'network_only'); $expire_network_only = $expire_network_only === false ? '0' : $expire_network_only; // default if not set: 0 $suggestme = get_pconfig(local_channel(), 'system', 'suggestme'); $suggestme = $suggestme === false ? '0' : $suggestme; // default if not set: 0 $post_newfriend = get_pconfig(local_channel(), 'system', 'post_newfriend'); $post_newfriend = $post_newfriend === false ? '0' : $post_newfriend; // default if not set: 0 $post_joingroup = get_pconfig(local_channel(), 'system', 'post_joingroup'); $post_joingroup = $post_joingroup === false ? '0' : $post_joingroup; // default if not set: 0 $post_profilechange = get_pconfig(local_channel(), 'system', 'post_profilechange'); $post_profilechange = $post_profilechange === false ? '0' : $post_profilechange; // default if not set: 0 $blocktags = get_pconfig(local_channel(), 'system', 'blocktags'); $blocktags = $blocktags === false ? '0' : $blocktags; $timezone = date_default_timezone_get(); $opt_tpl = get_markup_template("field_checkbox.tpl"); if (get_config('system', 'publish_all')) { $profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />'; } else { $profile_in_dir = replace_macros($opt_tpl, array('$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no))); } $suggestme = replace_macros($opt_tpl, array('$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no))); $subdir = strlen($a->get_path()) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/channel/' . $nickname : ''; $tpl_addr = get_markup_template("settings_nick_set.tpl"); $prof_addr = replace_macros($tpl_addr, array('$desc' => t('Your channel address is'), '$nickname' => $nickname, '$subdir' => $subdir, '$basepath' => $a->get_hostname())); $stpl = get_markup_template('settings.tpl'); $acl = new AccessList($channel); $perm_defaults = $acl->get(); require_once 'include/group.php'; $group_select = mini_group_select(local_channel(), $channel['channel_default_group']); require_once 'include/menu.php'; $m1 = menu_list(local_channel()); $menu = false; if ($m1) { $menu = array(); $current = get_pconfig(local_channel(), 'system', 'channel_menu'); $menu[] = array('name' => '', 'selected' => !$current ? true : false); foreach ($m1 as $m) { $menu[] = array('name' => htmlspecialchars($m['menu_name'], ENT_COMPAT, 'UTF-8'), 'selected' => $m['menu_name'] === $current ? ' selected="selected" ' : false); } } $evdays = get_pconfig(local_channel(), 'system', 'evdays'); if (!$evdays) { $evdays = 3; } $permissions_role = get_pconfig(local_channel(), 'system', 'permissions_role'); if (!$permissions_role) { $permissions_role = 'custom'; } $permissions_set = $permissions_role != 'custom' ? true : false; $vnotify = get_pconfig(local_channel(), 'system', 'vnotify'); $always_show_in_notices = get_pconfig(local_channel(), 'system', 'always_show_in_notices'); if ($vnotify === false) { $vnotify = -1; } $o .= replace_macros($stpl, array('$ptitle' => t('Channel Settings'), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_channel(), '$form_security_token' => get_form_security_token("settings"), '$nickname_block' => $prof_addr, '$h_basic' => t('Basic Settings'), '$username' => array('username', t('Full Name:'), $username, ''), '$email' => array('email', t('Email Address:'), $email, ''), '$timezone' => array('timezone_select', t('Your Timezone:'), $timezone, '', get_timezones()), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), '$allowloc' => array('allow_location', t('Use Browser Location:'), get_pconfig(local_channel(), 'system', 'use_browser_location') ? 1 : '', '', $yes_no), '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no), '$h_prv' => t('Security and Privacy Settings'), '$permissions_set' => $permissions_set, '$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'), '$hide_presence' => array('hide_presence', t('Hide my online presence'), $hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no), '$lbl_pmacro' => t('Simple Privacy Settings:'), '$pmacro3' => t('Very Public - <em>extremely permissive (should be used with caution)</em>'), '$pmacro2' => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'), '$pmacro1' => t('Private - <em>default private, never open or public</em>'), '$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'), '$permiss_arr' => $permiss, '$blocktags' => array('blocktags', t('Allow others to tag your posts'), 1 - $blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no), '$lbl_p2macro' => t('Advanced Privacy Settings'), '$expire' => array('expire', t('Expire other channel content after this many days'), $expire, sprintf(t('0 or blank to use the website limit. The website expires after %d days.'), intval($sys_expire))), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']), t('May reduce spam activity')), '$permissions' => t('Default Post Permissions'), '$permdesc' => t("(click to open/close)"), '$aclselect' => populate_acl($perm_defaults, false), '$suggestme' => $suggestme, '$group_select' => $group_select, '$role' => array('permissions_role', t('Channel permissions category:'), $permissions_role, '', get_roles()), '$profile_in_dir' => $profile_in_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, '$unkmail' => $unkmail, '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']), t("Useful to reduce spamming")), '$h_not' => t('Notification Settings'), '$activity_options' => t('By default post a status message when:'), '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, '', $yes_no), '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, '', $yes_no), '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, '', $yes_no), '$lbl_not' => t('Send a notification email when:'), '$notify1' => array('notify1', t('You receive a connection request'), $notify & NOTIFY_INTRO, NOTIFY_INTRO, '', $yes_no), '$notify2' => array('notify2', t('Your connections are confirmed'), $notify & NOTIFY_CONFIRM, NOTIFY_CONFIRM, '', $yes_no), '$notify3' => array('notify3', t('Someone writes on your profile wall'), $notify & NOTIFY_WALL, NOTIFY_WALL, '', $yes_no), '$notify4' => array('notify4', t('Someone writes a followup comment'), $notify & NOTIFY_COMMENT, NOTIFY_COMMENT, '', $yes_no), '$notify5' => array('notify5', t('You receive a private message'), $notify & NOTIFY_MAIL, NOTIFY_MAIL, '', $yes_no), '$notify6' => array('notify6', t('You receive a friend suggestion'), $notify & NOTIFY_SUGGEST, NOTIFY_SUGGEST, '', $yes_no), '$notify7' => array('notify7', t('You are tagged in a post'), $notify & NOTIFY_TAGSELF, NOTIFY_TAGSELF, '', $yes_no), '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), $notify & NOTIFY_POKE, NOTIFY_POKE, '', $yes_no), '$lbl_vnot' => t('Show visual notifications including:'), '$vnotify1' => array('vnotify1', t('Unseen grid activity'), $vnotify & VNOTIFY_NETWORK, VNOTIFY_NETWORK, '', $yes_no), '$vnotify2' => array('vnotify2', t('Unseen channel activity'), $vnotify & VNOTIFY_CHANNEL, VNOTIFY_CHANNEL, '', $yes_no), '$vnotify3' => array('vnotify3', t('Unseen private messages'), $vnotify & VNOTIFY_MAIL, VNOTIFY_MAIL, t('Recommended'), $yes_no), '$vnotify4' => array('vnotify4', t('Upcoming events'), $vnotify & VNOTIFY_EVENT, VNOTIFY_EVENT, '', $yes_no), '$vnotify5' => array('vnotify5', t('Events today'), $vnotify & VNOTIFY_EVENTTODAY, VNOTIFY_EVENTTODAY, '', $yes_no), '$vnotify6' => array('vnotify6', t('Upcoming birthdays'), $vnotify & VNOTIFY_BIRTHDAY, VNOTIFY_BIRTHDAY, t('Not available in all themes'), $yes_no), '$vnotify7' => array('vnotify7', t('System (personal) notifications'), $vnotify & VNOTIFY_SYSTEM, VNOTIFY_SYSTEM, '', $yes_no), '$vnotify8' => array('vnotify8', t('System info messages'), $vnotify & VNOTIFY_INFO, VNOTIFY_INFO, t('Recommended'), $yes_no), '$vnotify9' => array('vnotify9', t('System critical alerts'), $vnotify & VNOTIFY_ALERT, VNOTIFY_ALERT, t('Recommended'), $yes_no), '$vnotify10' => array('vnotify10', t('New connections'), $vnotify & VNOTIFY_INTRO, VNOTIFY_INTRO, t('Recommended'), $yes_no), '$vnotify11' => array('vnotify11', t('System Registrations'), $vnotify & VNOTIFY_REGISTER, VNOTIFY_REGISTER, '', $yes_no), '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), '$h_advn' => t('Advanced Account/Page Type Settings'), '$h_descadvn' => t('Change the behaviour of this account for special situations'), '$pagetype' => $pagetype, '$expert' => feature_enabled(local_channel(), 'expert'), '$hint' => t('Please enable expert mode (in <a href="settings/features">Settings > Additional features</a>) to adjust!'), '$lbl_misc' => t('Miscellaneous Settings'), '$photo_path' => array('photo_path', t('Default photo upload folder'), get_pconfig(local_channel(), 'system', 'photo_path'), t('%Y - current year, %m - current month')), '$attach_path' => array('attach_path', t('Default file upload folder'), get_pconfig(local_channel(), 'system', 'attach_path'), t('%Y - current year, %m - current month')), '$menus' => $menu, '$menu_desc' => t('Personal menu to display in your channel pages'), '$removeme' => t('Remove Channel'), '$removechannel' => t('Remove this channel.'), '$firefoxshare' => t('Firefox Share $Projectname provider'), '$cal_first_day' => array('first_day', t('Start calendar week on monday'), get_pconfig(local_channel(), 'system', 'cal_first_day') ? 1 : '', '', $yes_no))); call_hooks('settings_form', $o); $o .= '</form>' . "\r\n"; return $o; } }
function profile_photo_post(&$a) { if (!local_user()) { notice(t('Permission denied.') . EOL); return; } check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) { // unless proven otherwise $is_default_profile = 1; if ($_REQUEST['profile']) { $r = q("select id, `is-default` from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_user())); if (count($r) && !intval($r[0]['is-default'])) { $is_default_profile = 0; } } // phase 2 - we have finished cropping if ($a->argc != 2) { notice(t('Image uploaded but image cropping failed.') . EOL); return; } $image_id = $a->argv[1]; if (substr($image_id, -2, 1) == '-') { $scale = substr($image_id, -1, 1); $image_id = substr($image_id, 0, -2); } $srcX = $_POST['xstart']; $srcY = $_POST['ystart']; $srcW = $_POST['xfinal'] - $srcX; $srcH = $_POST['yfinal'] - $srcY; $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id), dbesc(local_user()), intval($scale)); if (count($r)) { $base_image = $r[0]; $im = new Photo($base_image['data'], $base_image['type']); if ($im->is_valid()) { $im->cropImage(175, $srcX, $srcY, $srcW, $srcH); $r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 4, $is_default_profile); if ($r === false) { notice(sprintf(t('Image size reduction [%s] failed.'), "175") . EOL); } $im->scaleImage(80); $r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 5, $is_default_profile); if ($r === false) { notice(sprintf(t('Image size reduction [%s] failed.'), "80") . EOL); } $im->scaleImage(48); $r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 6, $is_default_profile); if ($r === false) { notice(sprintf(t('Image size reduction [%s] failed.'), "48") . EOL); } // If setting for the default profile, unset the profile photo flag from any other photos I own if ($is_default_profile) { $r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", dbesc($base_image['resource-id']), intval(local_user())); $r = q("UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `self` AND `uid` = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-6.' . $im->getExt()), intval(local_user())); } else { $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5.' . $im->getExt()), intval($_REQUEST['profile']), intval(local_user())); } // we'll set the updated profile-photo timestamp even if it isn't the default profile, // so that browsers will do a cache update unconditionally $r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc(datetime_convert()), intval(local_user())); info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL); // Update global directory in background $url = $a->get_baseurl() . '/profile/' . $a->user['nickname']; if ($url && strlen(get_config('system', 'directory'))) { proc_run('php', "include/directory.php", "{$url}"); } require_once 'include/profile_update.php'; profile_change(); } else { notice(t('Unable to process image') . EOL); } } goaway($a->get_baseurl() . '/profiles'); return; // NOTREACHED } $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); $filetype = $_FILES['userfile']['type']; if ($filetype == "") { $filetype = guess_image_type($filename); } $maximagesize = get_config('system', 'maximagesize'); if ($maximagesize && $filesize > $maximagesize) { notice(sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize)) . EOL); @unlink($src); return; } $imagedata = @file_get_contents($src); $ph = new Photo($imagedata, $filetype); if (!$ph->is_valid()) { notice(t('Unable to process image.') . EOL); @unlink($src); return; } $ph->orient($src); @unlink($src); return profile_photo_crop_ui_head($a, $ph); }
function group_content(&$a) { $change = false; if (!local_user()) { notice(t('Permission denied') . EOL); return; } // Switch to text mode interface if we have more than 'n' contacts or group members $switchtotext = get_pconfig(local_user(), 'system', 'groupedit_image_limit'); if ($switchtotext === false) { $switchtotext = get_config('system', 'groupedit_image_limit'); } if ($switchtotext === false) { $switchtotext = 400; } $tpl = get_markup_template('group_edit.tpl'); $context = array('$submit' => t('Submit')); if ($a->argc == 2 && $a->argv[1] === 'new') { return replace_macros($tpl, $context + array('$title' => t('Create a group of contacts/friends.'), '$gname' => array('groupname', t('Group Name: '), '', ''), '$gid' => 'new', '$form_security_token' => get_form_security_token("group_edit"))); } if ($a->argc == 3 && $a->argv[1] === 'drop') { check_form_security_token_redirectOnErr('/group', 'group_drop', 't'); if (intval($a->argv[2])) { $r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[2]), intval(local_user())); if (count($r)) { $result = group_rmv(local_user(), $r[0]['name']); } if ($result) { info(t('Group removed.') . EOL); } else { notice(t('Unable to remove group.') . EOL); } } goaway($a->get_baseurl() . '/group'); // NOTREACHED } if ($a->argc > 2 && intval($a->argv[1]) && intval($a->argv[2])) { check_form_security_token_ForbiddenOnErr('group_member_change', 't'); $r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1", intval($a->argv[2]), intval(local_user())); if (count($r)) { $change = intval($a->argv[2]); } } if ($a->argc > 1 && intval($a->argv[1])) { require_once 'include/acl_selectors.php'; $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", intval($a->argv[1]), intval(local_user())); if (!count($r)) { notice(t('Group not found.') . EOL); goaway($a->get_baseurl() . '/contacts'); } $group = $r[0]; $members = group_get_members($group['id']); $preselected = array(); if (count($members)) { foreach ($members as $member) { $preselected[] = $member['id']; } } if ($change) { if (in_array($change, $preselected)) { group_rmv_member(local_user(), $group['name'], $change); } else { group_add_member(local_user(), $group['name'], $change); } $members = group_get_members($group['id']); $preselected = array(); if (count($members)) { foreach ($members as $member) { $preselected[] = $member['id']; } } } $drop_tpl = get_markup_template('group_drop.tpl'); $drop_txt = replace_macros($drop_tpl, array('$id' => $group['id'], '$delete' => t('Delete'), '$form_security_token' => get_form_security_token("group_drop"))); $celeb = $a->user['page-flags'] == PAGE_SOAPBOX || $a->user['page-flags'] == PAGE_COMMUNITY ? true : false; $context = $context + array('$title' => t('Group Editor'), '$gname' => array('groupname', t('Group Name: '), $group['name'], ''), '$gid' => $group['id'], '$drop' => $drop_txt, '$form_security_token' => get_form_security_token('group_edit')); } if (!isset($group)) { return; } $groupeditor = array('label_members' => t('Members'), 'members' => array(), 'label_contacts' => t('All Contacts'), 'contacts' => array()); $sec_token = addslashes(get_form_security_token('group_member_change')); $textmode = $switchtotext && count($members) > $switchtotext ? true : false; foreach ($members as $member) { if ($member['url']) { $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;'; $groupeditor['members'][] = micropro($member, true, 'mpgroup', $textmode); } else { group_rmv_member(local_user(), $group['name'], $member['id']); } } $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 and `pending` = 0 and `self` = 0 ORDER BY `name` ASC", intval(local_user())); if (count($r)) { $textmode = $switchtotext && count($r) > $switchtotext ? true : false; foreach ($r as $member) { if (!in_array($member['id'], $preselected)) { $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;'; $groupeditor['contacts'][] = micropro($member, true, 'mpall', $textmode); } } } $context['$groupeditor'] = $groupeditor; $context['$desc'] = t('Click on a contact to add or remove.'); if ($change) { $tpl = get_markup_template('groupeditor.tpl'); echo replace_macros($tpl, $context); killme(); } return replace_macros($tpl, $context); }
function profile_photo_post(&$a) { if (!local_channel()) { return; } check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) { // unless proven otherwise $is_default_profile = 1; if ($_REQUEST['profile']) { $r = q("select id, is_default from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_channel())); if ($r && !intval($r[0]['is_default'])) { $is_default_profile = 0; } } // phase 2 - we have finished cropping if (argc() != 2) { notice(t('Image uploaded but image cropping failed.') . EOL); return; } $image_id = argv(1); if (substr($image_id, -2, 1) == '-') { $scale = substr($image_id, -1, 1); $image_id = substr($image_id, 0, -2); } $srcX = $_POST['xstart']; $srcY = $_POST['ystart']; $srcW = $_POST['xfinal'] - $srcX; $srcH = $_POST['yfinal'] - $srcY; $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND scale = %d LIMIT 1", dbesc($image_id), dbesc(local_channel()), intval($scale)); if ($r) { $base_image = $r[0]; $base_image['data'] = dbunescbin($base_image['data']); $im = photo_factory($base_image['data'], $base_image['type']); if ($im->is_valid()) { $im->cropImage(175, $srcX, $srcY, $srcW, $srcH); $aid = get_account_id(); $p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], 'filename' => $base_image['filename'], 'album' => t('Profile Photos')); $p['scale'] = 4; $p['photo_flags'] = $is_default_profile ? PHOTO_PROFILE : PHOTO_NORMAL; $r1 = $im->save($p); $im->scaleImage(80); $p['scale'] = 5; $r2 = $im->save($p); $im->scaleImage(48); $p['scale'] = 6; $r3 = $im->save($p); if ($r1 === false || $r2 === false || $r3 === false) { // if one failed, delete them all so we can start over. notice(t('Image resize failed.') . EOL); $x = q("delete from photo where resource_id = '%s' and uid = %d and scale >= 4 ", dbesc($base_image['resource_id']), local_channel()); return; } // If setting for the default profile, unset the profile photo flag from any other photos I own if ($is_default_profile) { $r = q("UPDATE photo SET profile = 0 WHERE profile = 1 AND resource_id != '%s' AND `uid` = %d", dbesc($base_image['resource_id']), intval(local_channel())); $r = q("UPDATE photo SET photo_flags = ( photo_flags & ~%d ) WHERE ( photo_flags & %d )>0 \n\t\t\t\t\t\tAND resource_id != '%s' AND `uid` = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), dbesc($base_image['resource_id']), intval(local_channel())); } else { $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource_id'] . '-4'), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource_id'] . '-5'), intval($_REQUEST['profile']), intval(local_channel())); } // We'll set the updated profile-photo timestamp even if it isn't the default profile, // so that browsers will do a cache update unconditionally $channel = $a->get_channel(); $r = q("UPDATE xchan set xchan_photo_mimetype = '%s', xchan_photo_date = '%s' \n\t\t\t\t\twhere xchan_hash = '%s'", dbesc($im->getType()), dbesc(datetime_convert()), dbesc($channel['xchan_hash'])); info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL); // Update directory in background proc_run('php', "include/directory.php", $channel['channel_id']); // Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures' profile_photo_set_profile_perms($_REQUEST['profile']); } else { notice(t('Unable to process image') . EOL); } } goaway($a->get_baseurl() . '/profiles'); return; // NOTREACHED } $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); $filetype = $_FILES['userfile']['type']; if ($filetype == "") { $filetype = guess_image_type($filename); } $maximagesize = get_config('system', 'maximagesize'); if ($maximagesize && $filesize > $maximagesize) { notice(sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL); @unlink($src); return; } $imagedata = @file_get_contents($src); $ph = photo_factory($imagedata, $filetype); if (!$ph->is_valid()) { notice(t('Unable to process image.') . EOL); @unlink($src); return; } $ph->orient($src); @unlink($src); return profile_photo_crop_ui_head($a, $ph); }
function profile_photo_post(&$a) { if (!local_channel()) { return; } check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) { // unless proven otherwise $is_default_profile = 1; if ($_REQUEST['profile']) { $r = q("select id, profile_guid, is_default, gender from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_channel())); if ($r) { $profile = $r[0]; if (!intval($profile['is_default'])) { $is_default_profile = 0; } } } // phase 2 - we have finished cropping if (argc() != 2) { notice(t('Image uploaded but image cropping failed.') . EOL); return; } $image_id = argv(1); if (substr($image_id, -2, 1) == '-') { $scale = substr($image_id, -1, 1); $image_id = substr($image_id, 0, -2); } $srcX = $_POST['xstart']; $srcY = $_POST['ystart']; $srcW = $_POST['xfinal'] - $srcX; $srcH = $_POST['yfinal'] - $srcY; $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND scale = %d LIMIT 1", dbesc($image_id), dbesc(local_channel()), intval($scale)); if ($r) { $base_image = $r[0]; $base_image['data'] = $r[0]['os_storage'] ? @file_get_contents($base_image['data']) : dbunescbin($base_image['data']); $im = photo_factory($base_image['data'], $base_image['type']); if ($im->is_valid()) { $im->cropImage(300, $srcX, $srcY, $srcW, $srcH); $aid = get_account_id(); $p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], 'filename' => $base_image['filename'], 'album' => t('Profile Photos')); $p['scale'] = 4; $p['photo_usage'] = $is_default_profile ? PHOTO_PROFILE : PHOTO_NORMAL; $r1 = $im->save($p); $im->scaleImage(80); $p['scale'] = 5; $r2 = $im->save($p); $im->scaleImage(48); $p['scale'] = 6; $r3 = $im->save($p); if ($r1 === false || $r2 === false || $r3 === false) { // if one failed, delete them all so we can start over. notice(t('Image resize failed.') . EOL); $x = q("delete from photo where resource_id = '%s' and uid = %d and scale >= 4 ", dbesc($base_image['resource_id']), local_channel()); return; } $channel = App::get_channel(); // If setting for the default profile, unset the profile photo flag from any other photos I own if ($is_default_profile) { $r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d\n\t\t\t\t\t\tAND resource_id != '%s' AND `uid` = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), dbesc($base_image['resource_id']), intval(local_channel())); send_profile_photo_activity($channel, $base_image, $profile); } else { $r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc(z_root() . '/photo/' . $base_image['resource_id'] . '-4'), dbesc(z_root() . '/photo/' . $base_image['resource_id'] . '-5'), intval($_REQUEST['profile']), intval(local_channel())); } profiles_build_sync(local_channel()); // We'll set the updated profile-photo timestamp even if it isn't the default profile, // so that browsers will do a cache update unconditionally $r = q("UPDATE xchan set xchan_photo_mimetype = '%s', xchan_photo_date = '%s' \n\t\t\t\t\twhere xchan_hash = '%s'", dbesc($im->getType()), dbesc(datetime_convert()), dbesc($channel['xchan_hash'])); info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL); // Update directory in background proc_run('php', "include/directory.php", $channel['channel_id']); // Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures' profile_photo_set_profile_perms($_REQUEST['profile']); } else { notice(t('Unable to process image') . EOL); } } goaway(z_root() . '/profiles'); return; // NOTREACHED } $hash = photo_new_resource(); $smallest = 0; require_once 'include/attach.php'; $res = attach_store(App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash)); logger('attach_store: ' . print_r($res, true)); if ($res && intval($res['data']['is_photo'])) { $i = q("select * from photo where resource_id = '%s' and uid = %d order by scale", dbesc($hash), intval(local_channel())); if (!$i) { notice(t('Image upload failed.') . EOL); return; } $os_storage = false; foreach ($i as $ii) { if (intval($ii['scale']) < 2) { $smallest = intval($ii['scale']); $os_storage = intval($ii['os_storage']); $imagedata = $ii['data']; $filetype = $ii['type']; } } } $imagedata = $os_storage ? @file_get_contents($imagedata) : $imagedata; $ph = photo_factory($imagedata, $filetype); if (!$ph->is_valid()) { notice(t('Unable to process image.') . EOL); return; } return profile_photo_crop_ui_head($a, $ph, $hash, $smallest); }
function post() { check_form_security_token_redirectOnErr('/settings/account', 'settings_account'); call_hooks('account_settings_post', $_POST); $errs = array(); $email = x($_POST, 'email') ? trim(notags($_POST['email'])) : ''; $techlevel = array_key_exists('techlevel', $_POST) ? intval($_POST['techlevel']) : 0; $account = \App::get_account(); if ($email != $account['account_email']) { if (!valid_email($email)) { $errs[] = t('Not valid email.'); } $adm = trim(get_config('system', 'admin_email')); if ($adm && strcasecmp($email, $adm) == 0) { $errs[] = t('Protected email address. Cannot change to that email.'); $email = \App::$account['account_email']; } if (!$errs) { $r = q("update account set account_email = '%s' where account_id = %d", dbesc($email), intval($account['account_id'])); if (!$r) { $errs[] = t('System failure storing new email. Please try again.'); } } } if ($techlevel != $account['account_level']) { $r = q("update account set account_level = %d where account_id = %d", intval($techlevel), intval($account['account_id'])); info(t('Technical skill level updated') . EOL); } if ($errs) { foreach ($errs as $err) { notice($err . EOL); } $errs = array(); } if (x($_POST, 'npassword') || x($_POST, 'confirm')) { $origpass = trim($_POST['origpass']); require_once 'include/auth.php'; if (!account_verify_password($email, $origpass)) { $errs[] = t('Password verification failed.'); } $newpass = trim($_POST['npassword']); $confirm = trim($_POST['confirm']); if ($newpass != $confirm) { $errs[] = t('Passwords do not match. Password unchanged.'); } if (!x($newpass) || !x($confirm)) { $errs[] = t('Empty passwords are not allowed. Password unchanged.'); } if (!$errs) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $newpass); $r = q("update account set account_salt = '%s', account_password = '******', account_password_changed = '%s' \n\t\t\t\t\twhere account_id = %d", dbesc($salt), dbesc($password_encoded), dbesc(datetime_convert()), intval(get_account_id())); if ($r) { info(t('Password changed.') . EOL); } else { $errs[] = t('Password update failed. Please try again.'); } } } if ($errs) { foreach ($errs as $err) { notice($err . EOL); } } goaway(z_root() . '/settings/account'); }
function profiles_post(&$a) { if (!local_user()) { notice(t('Permission denied.') . EOL); return; } $namechanged = false; call_hooks('profile_post', $_POST); if ($a->argc > 1 && $a->argv[1] !== "new" && intval($a->argv[1])) { $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), intval(local_user())); if (!count($orig)) { notice(t('Profile not found.') . EOL); return; } check_form_security_token_redirectOnErr('/profiles', 'profile_edit'); $is_default = $orig[0]['is-default'] ? 1 : 0; $profile_name = notags(trim($_POST['profile_name'])); if (!strlen($profile_name)) { notice(t('Profile Name is required.') . EOL); return; } $dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00'; // FIXME: Needs to be validated? $y = substr($dob, 0, 4); if (!ctype_digit($y) || $y < 1900) { $ignore_year = true; } else { $ignore_year = false; } if ($dob != '0000-00-00') { if (strpos($dob, '0000-') === 0) { $ignore_year = true; $dob = substr($dob, 5); } $dob = datetime_convert('UTC', 'UTC', $ignore_year ? '1900-' . $dob : $dob, $ignore_year ? 'm-d' : 'Y-m-d'); if ($ignore_year) { $dob = '0000-' . $dob; } } $name = notags(trim($_POST['name'])); if (!strlen($name)) { $name = '[No Name]'; } if ($orig[0]['name'] != $name) { $namechanged = true; } $pdesc = notags(trim($_POST['pdesc'])); $gender = notags(trim($_POST['gender'])); $address = notags(trim($_POST['address'])); $locality = notags(trim($_POST['locality'])); $region = notags(trim($_POST['region'])); $postal_code = notags(trim($_POST['postal_code'])); $country_name = notags(trim($_POST['country_name'])); $pub_keywords = profile_clean_keywords(notags(trim($_POST['pub_keywords']))); $prv_keywords = profile_clean_keywords(notags(trim($_POST['prv_keywords']))); $marital = notags(trim($_POST['marital'])); $howlong = notags(trim($_POST['howlong'])); $with = x($_POST, 'with') ? notags(trim($_POST['with'])) : ''; if (!strlen($howlong)) { $howlong = '0000-00-00 00:00:00'; } else { $howlong = datetime_convert(date_default_timezone_get(), 'UTC', $howlong); } // linkify the relationship target if applicable $withchanged = false; if (strlen($with)) { if ($with != strip_tags($orig[0]['with'])) { $withchanged = true; $prf = ''; $lookup = $with; if (strpos($lookup, '@') === 0) { $lookup = substr($lookup, 1); } $lookup = str_replace('_', ' ', $lookup); if (strpos($lookup, '@') || strpos($lookup, 'http://')) { $newname = $lookup; $links = @lrdd($lookup); if (count($links)) { foreach ($links as $link) { if ($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') { $prf = $link['@attributes']['href']; } } } } else { $newname = $lookup; /* if(strstr($lookup,' ')) { $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", dbesc($newname), intval(local_user()) ); } else { $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1", dbesc($lookup), intval(local_user()) ); }*/ $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", dbesc($newname), intval(local_user())); if (!$r) { $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1", dbesc($lookup), intval(local_user())); } if (count($r)) { $prf = $r[0]['url']; $newname = $r[0]['name']; } } if ($prf) { $with = str_replace($lookup, '<a href="' . $prf . '">' . $newname . '</a>', $with); if (strpos($with, '@') === 0) { $with = substr($with, 1); } } } else { $with = $orig[0]['with']; } } $sexual = notags(trim($_POST['sexual'])); $homepage = notags(trim($_POST['homepage'])); if (strpos($homepage, 'http') !== 0 && strlen($homepage)) { // neither http nor https in URL, add them $homepage = 'http://' . $homepage; } $hometown = notags(trim($_POST['hometown'])); $politic = notags(trim($_POST['politic'])); $religion = notags(trim($_POST['religion'])); $likes = fix_mce_lf(escape_tags(trim($_POST['likes']))); $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes']))); $about = fix_mce_lf(escape_tags(trim($_POST['about']))); $interest = fix_mce_lf(escape_tags(trim($_POST['interest']))); $contact = fix_mce_lf(escape_tags(trim($_POST['contact']))); $music = fix_mce_lf(escape_tags(trim($_POST['music']))); $book = fix_mce_lf(escape_tags(trim($_POST['book']))); $tv = fix_mce_lf(escape_tags(trim($_POST['tv']))); $film = fix_mce_lf(escape_tags(trim($_POST['film']))); $romance = fix_mce_lf(escape_tags(trim($_POST['romance']))); $work = fix_mce_lf(escape_tags(trim($_POST['work']))); $education = fix_mce_lf(escape_tags(trim($_POST['education']))); $hide_friends = $_POST['hide-friends'] == 1 ? 1 : 0; $changes = array(); $value = ''; if ($is_default) { if ($marital != $orig[0]['marital']) { $changes[] = '[color=#ff0000]♥[/color] ' . t('Marital Status'); $value = $marital; } if ($withchanged) { $changes[] = '[color=#ff0000]♥[/color] ' . t('Romantic Partner'); $value = strip_tags($with); } if ($likes != $orig[0]['likes']) { $changes[] = t('Likes'); $value = $likes; } if ($dislikes != $orig[0]['dislikes']) { $changes[] = t('Dislikes'); $value = $dislikes; } if ($work != $orig[0]['work']) { $changes[] = t('Work/Employment'); } if ($religion != $orig[0]['religion']) { $changes[] = t('Religion'); $value = $religion; } if ($politic != $orig[0]['politic']) { $changes[] = t('Political Views'); $value = $politic; } if ($gender != $orig[0]['gender']) { $changes[] = t('Gender'); $value = $gender; } if ($sexual != $orig[0]['sexual']) { $changes[] = t('Sexual Preference'); $value = $sexual; } if ($homepage != $orig[0]['homepage']) { $changes[] = t('Homepage'); $value = $homepage; } if ($interest != $orig[0]['interest']) { $changes[] = t('Interests'); $value = $interest; } if ($address != $orig[0]['address']) { $changes[] = t('Address'); // New address not sent in notifications, potential privacy issues // in case this leaks to unintended recipients. Yes, it's in the public // profile but that doesn't mean we have to broadcast it to everybody. } if ($locality != $orig[0]['locality'] || $region != $orig[0]['region'] || $country_name != $orig[0]['country-name']) { $changes[] = t('Location'); $comma1 = $locality && ($region || $country_name) ? ', ' : ' '; $comma2 = $region && $country_name ? ', ' : ''; $value = $locality . $comma1 . $region . $comma2 . $country_name; } profile_activity($changes, $value); } $r = q("UPDATE `profile`\n\t\t\tSET `profile-name` = '%s',\n\t\t\t`name` = '%s',\n\t\t\t`pdesc` = '%s',\n\t\t\t`gender` = '%s',\n\t\t\t`dob` = '%s',\n\t\t\t`address` = '%s',\n\t\t\t`locality` = '%s',\n\t\t\t`region` = '%s',\n\t\t\t`postal-code` = '%s',\n\t\t\t`country-name` = '%s',\n\t\t\t`marital` = '%s',\n\t\t\t`with` = '%s',\n\t\t\t`howlong` = '%s',\n\t\t\t`sexual` = '%s',\n\t\t\t`homepage` = '%s',\n\t\t\t`hometown` = '%s',\n\t\t\t`politic` = '%s',\n\t\t\t`religion` = '%s',\n\t\t\t`pub_keywords` = '%s',\n\t\t\t`prv_keywords` = '%s',\n\t\t\t`likes` = '%s',\n\t\t\t`dislikes` = '%s',\n\t\t\t`about` = '%s',\n\t\t\t`interest` = '%s',\n\t\t\t`contact` = '%s',\n\t\t\t`music` = '%s',\n\t\t\t`book` = '%s',\n\t\t\t`tv` = '%s',\n\t\t\t`film` = '%s',\n\t\t\t`romance` = '%s',\n\t\t\t`work` = '%s',\n\t\t\t`education` = '%s',\n\t\t\t`hide-friends` = %d\n\t\t\tWHERE `id` = %d AND `uid` = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), dbesc($gender), dbesc($dob), dbesc($address), dbesc($locality), dbesc($region), dbesc($postal_code), dbesc($country_name), dbesc($marital), dbesc($with), dbesc($howlong), dbesc($sexual), dbesc($homepage), dbesc($hometown), dbesc($politic), dbesc($religion), dbesc($pub_keywords), dbesc($prv_keywords), dbesc($likes), dbesc($dislikes), dbesc($about), dbesc($interest), dbesc($contact), dbesc($music), dbesc($book), dbesc($tv), dbesc($film), dbesc($romance), dbesc($work), dbesc($education), intval($hide_friends), intval($a->argv[1]), intval(local_user())); if ($r) { info(t('Profile updated.') . EOL); } if ($namechanged && $is_default) { $r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc($name), dbesc(datetime_convert()), intval(local_user())); $r = q("UPDATE `user` set `username` = '%s' where `uid` = %d", dbesc($name), intval(local_user())); } if ($is_default) { $location = $locality; if ($region != "") { if ($location != "") { $location .= ", "; } $location .= $region; } if ($country_name != "") { if ($location != "") { $location .= ", "; } $location .= $country_name; } $r = q("UPDATE `contact` SET `about` = '%s', `location` = '%s', `keywords` = '%s', `gender` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc($about), dbesc($location), dbesc($pub_keywords), dbesc($gender), intval(local_user())); // Update global directory in background $url = $_SESSION['my_url']; if ($url && strlen(get_config('system', 'directory'))) { proc_run('php', "include/directory.php", "{$url}"); } require_once 'include/profile_update.php'; profile_change(); } } }
/** * @param App $a */ function fbpost_plugin_admin_post(&$a) { check_form_security_token_redirectOnErr('/admin/plugins/fbpost', 'fbsave'); if (x($_REQUEST, 'fb_save_keys')) { set_config('facebook', 'appid', $_REQUEST['appid']); set_config('facebook', 'appsecret', $_REQUEST['appsecret']); info(t('The new values have been saved.')); } }
function cover_photo_post(&$a) { if (!local_channel()) { return; } $channel = App::get_channel(); check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo'); if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) { // phase 2 - we have finished cropping if (argc() != 2) { notice(t('Image uploaded but image cropping failed.') . EOL); return; } $image_id = argv(1); if (substr($image_id, -2, 1) == '-') { $scale = substr($image_id, -1, 1); $image_id = substr($image_id, 0, -2); } $srcX = $_POST['xstart']; $srcY = $_POST['ystart']; $srcW = $_POST['xfinal'] - $srcX; $srcH = $_POST['yfinal'] - $srcY; $r = q("select gender from profile where uid = %d and is_default = 1 limit 1", intval(local_channel())); if ($r) { $profile = $r[0]; } $r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND scale = 0 LIMIT 1", dbesc($image_id), intval(local_channel())); if ($r) { $base_image = $r[0]; $base_image['data'] = $r[0]['os_storage'] ? @file_get_contents($base_image['data']) : dbunescbin($base_image['data']); $im = photo_factory($base_image['data'], $base_image['type']); if ($im->is_valid()) { // We are scaling and cropping the relative pixel locations to the original photo instead of the // scaled photo we operated on. // First load the scaled photo to check its size. (Should probably pass this in the post form and save // a query.) $g = q("select width, height from photo where resource_id = '%s' and uid = %d and scale = 3", dbesc($image_id), intval(local_channel())); $scaled_width = $g[0]['width']; $scaled_height = $g[0]['height']; if (!$scaled_width || !$scaled_height) { logger('potential divide by zero scaling cover photo'); return; } // unset all other cover photos q("update photo set photo_usage = %d where photo_usage = %d and uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_COVER), intval(local_channel())); $orig_srcx = $r[0]['width'] / $scaled_width * $srcX; $orig_srcy = $r[0]['height'] / $scaled_height * $srcY; $orig_srcw = $srcW / $scaled_width * $r[0]['width']; $orig_srch = $srcH / $scaled_height * $r[0]['height']; $im->cropImageRect(1200, 435, $orig_srcx, $orig_srcy, $orig_srcw, $orig_srch); $aid = get_account_id(); $p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], 'filename' => $base_image['filename'], 'album' => t('Cover Photos')); $p['scale'] = 7; $p['photo_usage'] = PHOTO_COVER; $r1 = $im->save($p); $im->doScaleImage(850, 310); $p['scale'] = 8; $r2 = $im->save($p); $im->doScaleImage(425, 160); $p['scale'] = 9; $r3 = $im->save($p); if ($r1 === false || $r2 === false || $r3 === false) { // if one failed, delete them all so we can start over. notice(t('Image resize failed.') . EOL); $x = q("delete from photo where resource_id = '%s' and uid = %d and scale >= 7 ", dbesc($base_image['resource_id']), local_channel()); return; } $channel = App::get_channel(); send_cover_photo_activity($channel, $base_image, $profile); } else { notice(t('Unable to process image') . EOL); } } goaway(z_root() . '/channel/' . $channel['channel_address']); } $hash = photo_new_resource(); $smallest = 0; require_once 'include/attach.php'; $res = attach_store(App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash)); logger('attach_store: ' . print_r($res, true)); if ($res && intval($res['data']['is_photo'])) { $i = q("select * from photo where resource_id = '%s' and uid = %d and scale = 0", dbesc($hash), intval(local_channel())); if (!$i) { notice(t('Image upload failed.') . EOL); return; } $os_storage = false; foreach ($i as $ii) { $smallest = intval($ii['scale']); $os_storage = intval($ii['os_storage']); $imagedata = $ii['data']; $filetype = $ii['type']; } } $imagedata = $os_storage ? @file_get_contents($imagedata) : $imagedata; $ph = photo_factory($imagedata, $filetype); if (!$ph->is_valid()) { notice(t('Unable to process image.') . EOL); return; } return cover_photo_crop_ui_head($a, $ph, $hash, $smallest); }
function profile_photo_post(&$a) { if (!local_user()) { notice(t('Permission denied.') . EOL); return; } check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo'); if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) { // phase 2 - we have finished cropping if ($a->argc != 2) { notice(t('Image uploaded but image cropping failed.') . EOL); return; } $image_id = $a->argv[1]; if (substr($image_id, -2, 1) == '-') { $scale = substr($image_id, -1, 1); $image_id = substr($image_id, 0, -2); } $srcX = $_POST['xstart']; $srcY = $_POST['ystart']; $srcW = $_POST['xfinal'] - $srcX; $srcH = $_POST['yfinal'] - $srcY; $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id), dbesc(local_user()), intval($scale)); if (count($r)) { $base_image = $r[0]; $im = new Photo($base_image['data']); if ($im->is_valid()) { $im->cropImage(175, $srcX, $srcY, $srcW, $srcH); $r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 4, 1); if ($r === false) { notice(sprintf(t('Image size reduction [%s] failed.'), "175") . EOL); } $im->scaleImage(80); $r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 5, 1); if ($r === false) { notice(sprintf(t('Image size reduction [%s] failed.'), "80") . EOL); } $im->scaleImage(48); $r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 6, 1); if ($r === false) { notice(sprintf(t('Image size reduction [%s] failed.'), "48") . EOL); } // Unset the profile photo flag from any other photos I own $r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", dbesc($base_image['resource-id']), intval(local_user())); $r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1", dbesc(datetime_convert()), intval(local_user())); info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL); // Update global directory in background $url = $a->get_baseurl() . '/profile/' . $a->user['nickname']; if ($url && strlen(get_config('system', 'directory_submit_url'))) { proc_run('php', "include/directory.php", "{$url}"); } require_once 'include/profile_update.php'; profile_change(); } else { notice(t('Unable to process image') . EOL); } } goaway($a->get_baseurl() . '/profiles'); return; // NOTREACHED } $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); $maximagesize = get_config('system', 'maximagesize'); if ($maximagesize && $filesize > $maximagesize) { notice(sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL); @unlink($src); return; } $imagedata = @file_get_contents($src); $ph = new Photo($imagedata); if (!$ph->is_valid()) { notice(t('Unable to process image.') . EOL); @unlink($src); return; } @unlink($src); return profile_photo_crop_ui_head($a, $ph); }
function post() { $channel = \App::get_channel(); check_form_security_token_redirectOnErr('/settings', 'settings'); call_hooks('settings_post', $_POST); $set_perms = ''; $role = x($_POST, 'permissions_role') ? notags(trim($_POST['permissions_role'])) : ''; $oldrole = get_pconfig(local_channel(), 'system', 'permissions_role'); if ($role != $oldrole || $role === 'custom') { if ($role === 'custom') { $hide_presence = x($_POST, 'hide_presence') && intval($_POST['hide_presence']) == 1 ? 1 : 0; $publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0; $def_group = x($_POST, 'group-selection') ? notags(trim($_POST['group-selection'])) : ''; $r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_channel())); $global_perms = \Zotlabs\Access\Permissions::Perms(); foreach ($global_perms as $k => $v) { \Zotlabs\Access\PermissionLimits::Set(local_channel(), $k, intval($_POST[$k])); } $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_POST); $x = $acl->get(); $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', \n\t\t\t\t\tchannel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", dbesc($x['allow_cid']), dbesc($x['allow_gid']), dbesc($x['deny_cid']), dbesc($x['deny_gid']), intval(local_channel())); } else { $role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']); if (!$role_permissions) { notice('Permissions category could not be found.'); return; } $hide_presence = 1 - intval($role_permissions['online']); if ($role_permissions['default_collection']) { $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends'))); if (!$r) { require_once 'include/group.php'; group_add(local_channel(), t('Friends')); group_add_member(local_channel(), t('Friends'), $channel['channel_hash']); $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends'))); } if ($r) { q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval(local_channel())); } else { notice(sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL); return; } } else { q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', \n\t\t\t\t\t\tchannel_deny_cid = '' where channel_id = %d", intval(local_channel())); } $x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']); foreach ($x as $k => $v) { set_abconfig(local_channel(), $channel['channel_hash'], 'my_perms', $k, $v); if ($role_permissions['perms_auto']) { set_pconfig(local_channel(), 'autoperms', $k, $v); } else { del_pconfig(local_channel(), 'autoperms', $k); } } if ($role_permissions['limits']) { foreach ($role_permissions['limits'] as $k => $v) { \Zotlabs\Access\PermissionLimits::Set(local_channel(), $k, $v); } } if (array_key_exists('directory_publish', $role_permissions)) { $publish = intval($role_permissions['directory_publish']); } } set_pconfig(local_channel(), 'system', 'hide_online_status', $hide_presence); set_pconfig(local_channel(), 'system', 'permissions_role', $role); } $username = x($_POST, 'username') ? notags(trim($_POST['username'])) : ''; $timezone = x($_POST, 'timezone_select') ? notags(trim($_POST['timezone_select'])) : ''; $defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : ''; $openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : ''; $maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0; $expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0; $evdays = x($_POST, 'evdays') ? intval($_POST['evdays']) : 3; $photo_path = x($_POST, 'photo_path') ? escape_tags(trim($_POST['photo_path'])) : ''; $attach_path = x($_POST, 'attach_path') ? escape_tags(trim($_POST['attach_path'])) : ''; $channel_menu = x($_POST['channel_menu']) ? htmlspecialchars_decode(trim($_POST['channel_menu']), ENT_QUOTES) : ''; $expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0; $expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0; $expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0; $expire_network_only = x($_POST, 'expire_network_only') ? intval($_POST['expire_network_only']) : 0; $allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0; $blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1; // this setting is inverted! $unkmail = x($_POST, 'unkmail') && intval($_POST['unkmail']) == 1 ? 1 : 0; $cntunkmail = x($_POST, 'cntunkmail') ? intval($_POST['cntunkmail']) : 0; $suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0; $post_newfriend = $_POST['post_newfriend'] == 1 ? 1 : 0; $post_joingroup = $_POST['post_joingroup'] == 1 ? 1 : 0; $post_profilechange = $_POST['post_profilechange'] == 1 ? 1 : 0; $adult = $_POST['adult'] == 1 ? 1 : 0; $cal_first_day = x($_POST, 'first_day') && intval($_POST['first_day']) == 1 ? 1 : 0; $pageflags = $channel['channel_pageflags']; $existing_adult = $pageflags & PAGE_ADULT ? 1 : 0; if ($adult != $existing_adult) { $pageflags = $pageflags ^ PAGE_ADULT; } $notify = 0; if (x($_POST, 'notify1')) { $notify += intval($_POST['notify1']); } if (x($_POST, 'notify2')) { $notify += intval($_POST['notify2']); } if (x($_POST, 'notify3')) { $notify += intval($_POST['notify3']); } if (x($_POST, 'notify4')) { $notify += intval($_POST['notify4']); } if (x($_POST, 'notify5')) { $notify += intval($_POST['notify5']); } if (x($_POST, 'notify6')) { $notify += intval($_POST['notify6']); } if (x($_POST, 'notify7')) { $notify += intval($_POST['notify7']); } if (x($_POST, 'notify8')) { $notify += intval($_POST['notify8']); } $vnotify = 0; if (x($_POST, 'vnotify1')) { $vnotify += intval($_POST['vnotify1']); } if (x($_POST, 'vnotify2')) { $vnotify += intval($_POST['vnotify2']); } if (x($_POST, 'vnotify3')) { $vnotify += intval($_POST['vnotify3']); } if (x($_POST, 'vnotify4')) { $vnotify += intval($_POST['vnotify4']); } if (x($_POST, 'vnotify5')) { $vnotify += intval($_POST['vnotify5']); } if (x($_POST, 'vnotify6')) { $vnotify += intval($_POST['vnotify6']); } if (x($_POST, 'vnotify7')) { $vnotify += intval($_POST['vnotify7']); } if (x($_POST, 'vnotify8')) { $vnotify += intval($_POST['vnotify8']); } if (x($_POST, 'vnotify9')) { $vnotify += intval($_POST['vnotify9']); } if (x($_POST, 'vnotify10')) { $vnotify += intval($_POST['vnotify10']); } if (x($_POST, 'vnotify11')) { $vnotify += intval($_POST['vnotify11']); } $always_show_in_notices = x($_POST, 'always_show_in_notices') ? 1 : 0; $err = ''; $name_change = false; if ($username != $channel['channel_name']) { $name_change = true; require_once 'include/channel.php'; $err = validate_channelname($username); if ($err) { notice($err); return; } } if ($timezone != $channel['channel_timezone']) { if (strlen($timezone)) { date_default_timezone_set($timezone); } } set_pconfig(local_channel(), 'system', 'use_browser_location', $allow_location); set_pconfig(local_channel(), 'system', 'suggestme', $suggestme); set_pconfig(local_channel(), 'system', 'post_newfriend', $post_newfriend); set_pconfig(local_channel(), 'system', 'post_joingroup', $post_joingroup); set_pconfig(local_channel(), 'system', 'post_profilechange', $post_profilechange); set_pconfig(local_channel(), 'system', 'blocktags', $blocktags); set_pconfig(local_channel(), 'system', 'channel_menu', $channel_menu); set_pconfig(local_channel(), 'system', 'vnotify', $vnotify); set_pconfig(local_channel(), 'system', 'always_show_in_notices', $always_show_in_notices); set_pconfig(local_channel(), 'system', 'evdays', $evdays); set_pconfig(local_channel(), 'system', 'photo_path', $photo_path); set_pconfig(local_channel(), 'system', 'attach_path', $attach_path); set_pconfig(local_channel(), 'system', 'cal_first_day', $cal_first_day); $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d {$set_perms} where channel_id = %d", dbesc($username), intval($pageflags), dbesc($timezone), dbesc($defloc), intval($notify), intval($unkmail), intval($maxreq), intval($expire), intval(local_channel())); if ($r) { info(t('Settings updated.') . EOL); } if (!is_null($publish)) { $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_channel())); } if ($name_change) { $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", dbesc($username), dbesc(datetime_convert()), dbesc($channel['channel_hash'])); $r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", dbesc($username), intval($channel['channel_id'])); } \Zotlabs\Daemon\Master::Summon(array('Directory', local_channel())); build_sync_packet(); if ($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) { // FIXME - set to un-verified, blocked and redirect to logout // Why? Are we verifying people or email addresses? } goaway(z_root() . '/settings'); return; // NOTREACHED }
/** * @brief Themes admin page. * * @return string */ function get() { $allowed_themes_str = get_config('system', 'allowed_themes'); $allowed_themes_raw = explode(',', $allowed_themes_str); $allowed_themes = array(); if (count($allowed_themes_raw)) { foreach ($allowed_themes_raw as $x) { if (strlen(trim($x))) { $allowed_themes[] = trim($x); } } } $themes = array(); $files = glob('view/theme/*'); if ($files) { foreach ($files as $file) { $f = basename($file); $is_experimental = intval(file_exists($file . '/.experimental')); $is_supported = 1 - intval(file_exists($file . '/.unsupported')); // Is not used yet $is_allowed = intval(in_array($f, $allowed_themes)); $themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed); } } if (!count($themes)) { notice(t('No themes found.')); return ''; } /* * Single theme */ if (\App::$argc == 3) { $theme = \App::$argv[2]; if (!is_dir("view/theme/{$theme}")) { notice(t("Item not found.")); return ''; } if (x($_GET, "a") && $_GET['a'] == "t") { check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't'); // Toggle theme status $this->toggle_theme($themes, $theme, $result); $s = $this->rebuild_theme_table($themes); if ($result) { info(sprintf('Theme %s enabled.', $theme)); } else { info(sprintf('Theme %s disabled.', $theme)); } set_config('system', 'allowed_themes', $s); goaway(z_root() . '/admin/themes'); } // display theme details require_once 'library/markdown.php'; if ($this->theme_status($themes, $theme)) { $status = "on"; $action = t("Disable"); } else { $status = "off"; $action = t("Enable"); } $readme = Null; if (is_file("view/theme/{$theme}/README.md")) { $readme = file_get_contents("view/theme/{$theme}/README.md"); $readme = Markdown($readme); } else { if (is_file("view/theme/{$theme}/README")) { $readme = "<pre>" . file_get_contents("view/theme/{$theme}/README") . "</pre>"; } } $admin_form = ''; if (is_file("view/theme/{$theme}/php/config.php")) { require_once "view/theme/{$theme}/php/config.php"; if (function_exists("theme_admin")) { $admin_form = theme_admin($a); } } $screenshot = array(get_theme_screenshot($theme), t('Screenshot')); if (!stristr($screenshot[0], $theme)) { $screenshot = null; } $t = get_markup_template('admin_plugins_details.tpl'); return replace_macros($t, array('$title' => t('Administration'), '$page' => t('Themes'), '$toggle' => t('Toggle'), '$settings' => t('Settings'), '$baseurl' => z_root(), '$plugin' => $theme, '$status' => $status, '$action' => $action, '$info' => get_theme_info($theme), '$function' => 'themes', '$admin_form' => $admin_form, '$str_author' => t('Author: '), '$str_maintainer' => t('Maintainer: '), '$screenshot' => $screenshot, '$readme' => $readme, '$form_security_token' => get_form_security_token('admin_themes'))); } /* * List themes */ $xthemes = array(); if ($themes) { foreach ($themes as $th) { $xthemes[] = array($th['name'], $th['allowed'] ? "on" : "off", get_theme_info($th['name'])); } } $t = get_markup_template('admin_plugins.tpl'); return replace_macros($t, array('$title' => t('Administration'), '$page' => t('Themes'), '$submit' => t('Submit'), '$baseurl' => z_root(), '$function' => 'themes', '$plugins' => $xthemes, '$experimental' => t('[Experimental]'), '$unsupported' => t('[Unsupported]'), '$form_security_token' => get_form_security_token('admin_themes'))); }
function settings_content(&$a) { $o = ''; nav_set_selected('settings'); if (!local_user()) { #notice( t('Permission denied.') . EOL ); return; } if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { notice(t('Permission denied.') . EOL); return; } if ($a->argc > 1 && $a->argv[1] === 'oauth') { if ($a->argc > 2 && $a->argv[2] === 'add') { $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Save Settings'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', ''), '$key' => array('key', t('Consumer Key'), '', ''), '$secret' => array('secret', t('Consumer Secret'), '', ''), '$redirect' => array('redirect', t('Redirect'), '', ''), '$icon' => array('icon', t('Icon url'), '', ''))); return $o; } if ($a->argc > 3 && $a->argv[2] === 'edit') { $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc($a->argv[3]), local_user()); if (!count($r)) { notice(t("You can't edit this application.")); return; } $app = $r[0]; $tpl = get_markup_template("settings_oauth_edit.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['name'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], ''))); return $o; } if ($a->argc > 3 && $a->argv[2] === 'delete') { check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc($a->argv[3]), local_user()); goaway($a->get_baseurl(true) . "/settings/oauth/"); return; } $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my\n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_user(), local_user()); $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => $a->get_baseurl(true), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r)); return $o; } if ($a->argc > 1 && $a->argv[1] === 'addon') { $settings_addons = ""; $r = q("SELECT * FROM `hook` WHERE `hook` = 'plugin_settings' "); if (!count($r)) { $settings_addons = t('No Plugin settings configured'); } call_hooks('plugin_settings', $settings_addons); $tpl = get_markup_template("settings_addons.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_addon"), '$title' => t('Plugin Settings'), '$settings_addons' => $settings_addons)); return $o; } if ($a->argc > 1 && $a->argv[1] === 'features') { $arr = array(); $features = get_features(); foreach ($features as $fname => $fdata) { $arr[$fname] = array(); $arr[$fname][0] = $fdata[0]; foreach (array_slice($fdata, 1) as $f) { $arr[$fname][1][] = array('feature_' . $f[0], $f[1], intval(get_pconfig(local_user(), 'feature', $f[0])) ? "1" : '', $f[2], array(t('Off'), t('On'))); } } $tpl = get_markup_template("settings_features.tpl"); $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_features"), '$title' => t('Additional Features'), '$features' => $arr, '$submit' => t('Save Settings'))); return $o; } if ($a->argc > 1 && $a->argv[1] === 'connectors') { $settings_connectors = ""; call_hooks('connector_settings', $settings_connectors); if (is_site_admin()) { $diasp_enabled = sprintf(t('Built-in support for %s connectivity is %s'), t('Diaspora'), get_config('system', 'diaspora_enabled') ? t('enabled') : t('disabled')); $ostat_enabled = sprintf(t('Built-in support for %s connectivity is %s'), t('StatusNet'), get_config('system', 'ostatus_disabled') ? t('disabled') : t('enabled')); } else { $diasp_enabled = ""; $ostat_enabled = ""; } $mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1; if (get_config('system', 'dfrn_only')) { $mail_disabled = 1; } if (!$mail_disabled) { $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", local_user()); } else { $r = null; } $mail_server = count($r) ? $r[0]['server'] : ''; $mail_port = count($r) && intval($r[0]['port']) ? intval($r[0]['port']) : ''; $mail_ssl = count($r) ? $r[0]['ssltype'] : ''; $mail_user = count($r) ? $r[0]['user'] : ''; $mail_replyto = count($r) ? $r[0]['reply_to'] : ''; $mail_pubmail = count($r) ? $r[0]['pubmail'] : 0; $mail_action = count($r) ? $r[0]['action'] : 0; $mail_movetofolder = count($r) ? $r[0]['movetofolder'] : ''; $mail_chk = count($r) ? $r[0]['last_check'] : '0000-00-00 00:00:00'; $tpl = get_markup_template("settings_connectors.tpl"); if (!service_class_allows(local_user(), 'email_connect')) { $mail_disabled_message = upgrade_bool_message(); } else { $mail_disabled_message = $mail_disabled ? t('Email access is disabled on this site.') : ''; } $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_connectors"), '$title' => t('Social Networks'), '$diasp_enabled' => $diasp_enabled, '$ostat_enabled' => $ostat_enabled, '$h_imap' => t('Email/Mailbox Setup'), '$imap_desc' => t("If you wish to communicate with email contacts using this service (optional), please specify how to connect to your mailbox."), '$imap_lastcheck' => array('imap_lastcheck', t('Last successful email check:'), $mail_chk, ''), '$mail_disabled' => $mail_disabled_message, '$mail_server' => array('mail_server', t('IMAP server name:'), $mail_server, ''), '$mail_port' => array('mail_port', t('IMAP port:'), $mail_port, ''), '$mail_ssl' => array('mail_ssl', t('Security:'), strtoupper($mail_ssl), '', array('notls' => t('None'), 'TLS' => 'TLS', 'SSL' => 'SSL')), '$mail_user' => array('mail_user', t('Email login name:'), $mail_user, ''), '$mail_pass' => array('mail_pass', t('Email password:'******'', ''), '$mail_replyto' => array('mail_replyto', t('Reply-to address:'), $mail_replyto, 'Optional'), '$mail_pubmail' => array('mail_pubmail', t('Send public posts to all email contacts:'), $mail_pubmail, ''), '$mail_action' => array('mail_action', t('Action after import:'), $mail_action, '', array(0 => t('None'), 2 => t('Mark as seen'), 3 => t('Move to folder'))), '$mail_movetofolder' => array('mail_movetofolder', t('Move to folder:'), $mail_movetofolder, ''), '$submit' => t('Save Settings'), '$settings_connectors' => $settings_connectors)); call_hooks('display_settings', $o); return $o; } /* * DISPLAY SETTINGS */ if ($a->argc > 1 && $a->argv[1] === 'display') { $default_theme = get_config('system', 'theme'); if (!$default_theme) { $default_theme = 'default'; } $default_mobile_theme = get_config('system', 'mobile-theme'); if (!$mobile_default_theme) { $mobile_default_theme = 'none'; } $allowed_themes_str = get_config('system', 'allowed_themes'); $allowed_themes_raw = explode(',', $allowed_themes_str); $allowed_themes = array(); if (count($allowed_themes_raw)) { foreach ($allowed_themes_raw as $x) { if (strlen(trim($x)) && is_dir("view/theme/{$x}")) { $allowed_themes[] = trim($x); } } } $themes = array(); $mobile_themes = array("---" => t('No special theme for mobile devices')); $files = glob('view/theme/*'); /* */ if ($allowed_themes) { foreach ($allowed_themes as $th) { $f = $th; $is_experimental = file_exists('view/theme/' . $th . '/experimental'); $unsupported = file_exists('view/theme/' . $th . '/unsupported'); $is_mobile = file_exists('view/theme/' . $th . '/mobile'); if (!$is_experimental or $is_experimental && (get_config('experimentals', 'exp_themes') == 1 or get_config('experimentals', 'exp_themes') === false)) { $theme_name = $is_experimental ? sprintf("%s - (Experimental)", $f) : $f; if ($is_mobile) { $mobile_themes[$f] = $theme_name; } else { $themes[$f] = $theme_name; } } } } $theme_selected = !x($_SESSION, 'theme') ? $default_theme : $_SESSION['theme']; $mobile_theme_selected = !x($_SESSION, 'mobile-theme') ? $default_mobile_theme : $_SESSION['mobile-theme']; $browser_update = intval(get_pconfig(local_user(), 'system', 'update_interval')); $browser_update = $browser_update == 0 ? 40 : $browser_update / 1000; // default if not set: 40 seconds $itemspage_network = intval(get_pconfig(local_user(), 'system', 'itemspage_network')); $itemspage_network = $itemspage_network > 0 && $itemspage_network < 101 ? $itemspage_network : 40; // default if not set: 40 items $itemspage_mobile_network = intval(get_pconfig(local_user(), 'system', 'itemspage_mobile_network')); $itemspage_mobile_network = $itemspage_mobile_network > 0 && $itemspage_mobile_network < 101 ? $itemspage_mobile_network : 20; // default if not set: 20 items $nosmile = get_pconfig(local_user(), 'system', 'no_smilies'); $nosmile = $nosmile === false ? '0' : $nosmile; // default if not set: 0 $noinfo = get_pconfig(local_user(), 'system', 'ignore_info'); $noinfo = $noinfo === false ? '0' : $noinfo; // default if not set: 0 $infinite_scroll = get_pconfig(local_user(), 'system', 'infinite_scroll'); $infinite_scroll = $infinite_scroll === false ? '0' : $infinite_scroll; // default if not set: 0 $no_auto_update = get_pconfig(local_user(), 'system', 'no_auto_update'); $no_auto_update = $no_auto_update === false ? '0' : $no_auto_update; // default if not set: 0 $theme_config = ""; if (($themeconfigfile = get_theme_config_file($theme_selected)) != null) { require_once $themeconfigfile; $theme_config = theme_content($a); } $tpl = get_markup_template("settings_display.tpl"); $o = replace_macros($tpl, array('$ptitle' => t('Display Settings'), '$form_security_token' => get_form_security_token("settings_display"), '$submit' => t('Save Settings'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes, true), '$mobile_theme' => array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, false), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage_network' => array('itemspage_network', t("Number of items to display per page:"), $itemspage_network, t('Maximum of 100 items')), '$itemspage_mobile_network' => array('itemspage_mobile_network', t("Number of items to display per page when viewed from mobile device:"), $itemspage_mobile_network, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Don't show emoticons"), $nosmile, ''), '$noinfo' => array('noinfo', t("Don't show notices"), $noinfo, ''), '$infinite_scroll' => array('infinite_scroll', t("Infinite scroll"), $infinite_scroll, ''), '$no_auto_update' => array('no_auto_update', t("Automatic updates only at the top of the network page"), $no_auto_update, 'When disabled, the network page is updated all the time, which could be confusing while reading.'), '$theme_config' => $theme_config)); $tpl = get_markup_template("settings_display_end.tpl"); $a->page['end'] .= replace_macros($tpl, array('$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes))); return $o; } /* * ACCOUNT SETTINGS */ require_once 'include/acl_selectors.php'; $p = q("SELECT * FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", intval(local_user())); if (count($p)) { $profile = $p[0]; } $username = $a->user['username']; $email = $a->user['email']; $nickname = $a->user['nickname']; $timezone = $a->user['timezone']; $notify = $a->user['notify-flags']; $defloc = $a->user['default-location']; $openid = $a->user['openid']; $maxreq = $a->user['maxreq']; $expire = intval($a->user['expire']) ? $a->user['expire'] : ''; $blockwall = $a->user['blockwall']; $blocktags = $a->user['blocktags']; $unkmail = $a->user['unkmail']; $cntunkmail = $a->user['cntunkmail']; $expire_items = get_pconfig(local_user(), 'expire', 'items'); $expire_items = $expire_items === false ? '1' : $expire_items; // default if not set: 1 $expire_notes = get_pconfig(local_user(), 'expire', 'notes'); $expire_notes = $expire_notes === false ? '1' : $expire_notes; // default if not set: 1 $expire_starred = get_pconfig(local_user(), 'expire', 'starred'); $expire_starred = $expire_starred === false ? '1' : $expire_starred; // default if not set: 1 $expire_photos = get_pconfig(local_user(), 'expire', 'photos'); $expire_photos = $expire_photos === false ? '0' : $expire_photos; // default if not set: 0 $expire_network_only = get_pconfig(local_user(), 'expire', 'network_only'); $expire_network_only = $expire_network_only === false ? '0' : $expire_network_only; // default if not set: 0 $suggestme = get_pconfig(local_user(), 'system', 'suggestme'); $suggestme = $suggestme === false ? '0' : $suggestme; // default if not set: 0 $post_newfriend = get_pconfig(local_user(), 'system', 'post_newfriend'); $post_newfriend = $post_newfriend === false ? '0' : $post_newfriend; // default if not set: 0 $post_joingroup = get_pconfig(local_user(), 'system', 'post_joingroup'); $post_joingroup = $post_joingroup === false ? '0' : $post_joingroup; // default if not set: 0 $post_profilechange = get_pconfig(local_user(), 'system', 'post_profilechange'); $post_profilechange = $post_profilechange === false ? '0' : $post_profilechange; // default if not set: 0 // nowarn_insecure if (!strlen($a->user['timezone'])) { $timezone = date_default_timezone_get(); } $pageset_tpl = get_markup_template('pagetypes.tpl'); $pagetype = replace_macros($pageset_tpl, array('$user' => t("User Types"), '$community' => t("Community Types"), '$page_normal' => array('page-flags', t('Normal Account Page'), PAGE_NORMAL, t('This account is a normal personal profile'), $a->user['page-flags'] == PAGE_NORMAL), '$page_soapbox' => array('page-flags', t('Soapbox Page'), PAGE_SOAPBOX, t('Automatically approve all connection/friend requests as read-only fans'), $a->user['page-flags'] == PAGE_SOAPBOX), '$page_community' => array('page-flags', t('Community Forum/Celebrity Account'), PAGE_COMMUNITY, t('Automatically approve all connection/friend requests as read-write fans'), $a->user['page-flags'] == PAGE_COMMUNITY), '$page_freelove' => array('page-flags', t('Automatic Friend Page'), PAGE_FREELOVE, t('Automatically approve all connection/friend requests as friends'), $a->user['page-flags'] == PAGE_FREELOVE), '$page_prvgroup' => array('page-flags', t('Private Forum [Experimental]'), PAGE_PRVGROUP, t('Private forum - approved members only'), $a->user['page-flags'] == PAGE_PRVGROUP))); $noid = get_config('system', 'no_openid'); if ($noid) { $openid_field = false; } else { $openid_field = array('openid_url', t('OpenID:'), $openid, t("(Optional) Allow this OpenID to login to this account.")); } $opt_tpl = get_markup_template("field_yesno.tpl"); if (get_config('system', 'publish_all')) { $profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />'; } else { $profile_in_dir = replace_macros($opt_tpl, array('$field' => array('profile_in_directory', t('Publish your default profile in your local site directory?'), $profile['publish'], '', array(t('No'), t('Yes'))))); } if (strlen(get_config('system', 'directory_submit_url'))) { $profile_in_net_dir = replace_macros($opt_tpl, array('$field' => array('profile_in_netdirectory', t('Publish your default profile in the global social directory?'), $profile['net-publish'], '', array(t('No'), t('Yes'))))); } else { $profile_in_net_dir = ''; } $hide_friends = replace_macros($opt_tpl, array('$field' => array('hide-friends', t('Hide your contact/friend list from viewers of your default profile?'), $profile['hide-friends'], '', array(t('No'), t('Yes'))))); $hide_wall = replace_macros($opt_tpl, array('$field' => array('hidewall', t('Hide your profile details from unknown viewers?'), $a->user['hidewall'], t("If enabled, posting public messages to Diaspora and other networks isn't possible."), array(t('No'), t('Yes'))))); $blockwall = replace_macros($opt_tpl, array('$field' => array('blockwall', t('Allow friends to post to your profile page?'), intval($a->user['blockwall']) ? '0' : '1', '', array(t('No'), t('Yes'))))); $blocktags = replace_macros($opt_tpl, array('$field' => array('blocktags', t('Allow friends to tag your posts?'), intval($a->user['blocktags']) ? '0' : '1', '', array(t('No'), t('Yes'))))); $suggestme = replace_macros($opt_tpl, array('$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', array(t('No'), t('Yes'))))); $unkmail = replace_macros($opt_tpl, array('$field' => array('unkmail', t('Permit unknown people to send you private mail?'), $unkmail, '', array(t('No'), t('Yes'))))); $invisible = !$profile['publish'] && !$profile['net-publish'] ? true : false; if ($invisible) { info(t('Profile is <strong>not published</strong>.') . EOL); } $subdir = strlen($a->get_path()) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/profile/' . $nickname : ''; $tpl_addr = get_markup_template("settings_nick_set.tpl"); $prof_addr = replace_macros($tpl_addr, array('$desc' => t('Your Identity Address is'), '$nickname' => $nickname, '$subdir' => $subdir, '$basepath' => $a->get_hostname())); $stpl = get_markup_template('settings.tpl'); $celeb = $a->user['page-flags'] == PAGE_SOAPBOX || $a->user['page-flags'] == PAGE_COMMUNITY ? true : false; $expire_arr = array('days' => array('expire', t("Automatically expire posts after this many days:"), $expire, t('If empty, posts will not expire. Expired posts will be deleted')), 'advanced' => t('Advanced expiration settings'), 'label' => t('Advanced Expiration'), 'items' => array('expire_items', t("Expire posts:"), $expire_items, '', array(t('No'), t('Yes'))), 'notes' => array('expire_notes', t("Expire personal notes:"), $expire_notes, '', array(t('No'), t('Yes'))), 'starred' => array('expire_starred', t("Expire starred posts:"), $expire_starred, '', array(t('No'), t('Yes'))), 'photos' => array('expire_photos', t("Expire photos:"), $expire_photos, '', array(t('No'), t('Yes'))), 'network_only' => array('expire_network_only', t("Only expire posts by others:"), $expire_network_only, '', array(t('No'), t('Yes')))); require_once 'include/group.php'; $group_select = mini_group_select(local_user(), $a->user['def_gid']); // Private/public post links for the non-JS ACL form $private_post = 1; if ($_REQUEST['public']) { $private_post = 0; } $query_str = $a->query_string; if (strpos($query_str, 'public=1') !== false) { $query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str); } // I think $a->query_string may never have ? in it, but I could be wrong // It looks like it's from the index.php?q=[etc] rewrite that the web // server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61 if (strpos($query_str, '?') === false) { $public_post_link = '?public=1'; } else { $public_post_link = '&public=1'; } $o .= replace_macros($stpl, array('$ptitle' => t('Account Settings'), '$submit' => t('Save Settings'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), '$form_security_token' => get_form_security_token("settings"), '$nickname_block' => $prof_addr, '$h_pass' => t('Password Settings'), '$password1' => array('password', t('New Password:'******'', ''), '$password2' => array('confirm', t('Confirm:'), '', t('Leave password fields blank unless changing')), '$password3' => array('opassword', t('Current Password:'******'', t('Your current password to confirm the changes')), '$password4' => array('mpassword', t('Password:'******'', t('Your current password to confirm the changes')), '$oid_enable' => !get_config('system', 'no_openid'), '$openid' => $openid_field, '$h_basic' => t('Basic Settings'), '$username' => array('username', t('Full Name:'), $username, ''), '$email' => array('email', t('Email Address:'), $email, '', '', '', 'email'), '$timezone' => array('timezone_select', t('Your Timezone:'), select_timezone($timezone), ''), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, ''), '$allowloc' => array('allow_location', t('Use Browser Location:'), $a->user['allow_location'] == 1, ''), '$h_prv' => t('Security and Privacy Settings'), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), $maxreq, t("(to prevent spam abuse)")), '$permissions' => t('Default Post Permissions'), '$permdesc' => t("(click to open/close)"), '$visibility' => $profile['net-publish'], '$aclselect' => populate_acl($a->user, $celeb), '$suggestme' => $suggestme, '$blockwall' => $blockwall, '$blocktags' => $blocktags, '$acl_data' => construct_acl_data($a, $a->user), '$group_perms' => t('Show to Groups'), '$contact_perms' => t('Show to Contacts'), '$private' => t('Default Private Post'), '$public' => t('Default Public Post'), '$is_private' => $private_post, '$return_path' => $query_str, '$public_link' => $public_post_link, '$settings_perms' => t('Default Permissions for New Posts'), '$group_select' => $group_select, '$expire' => $expire_arr, '$profile_in_dir' => $profile_in_dir, '$profile_in_net_dir' => $profile_in_net_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, '$unkmail' => $unkmail, '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), $cntunkmail, t("(to prevent spam abuse)")), '$h_not' => t('Notification Settings'), '$activity_options' => t('By default post a status message when:'), '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, ''), '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, ''), '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, ''), '$lbl_not' => t('Send a notification email when:'), '$notify1' => array('notify1', t('You receive an introduction'), $notify & NOTIFY_INTRO, NOTIFY_INTRO, ''), '$notify2' => array('notify2', t('Your introductions are confirmed'), $notify & NOTIFY_CONFIRM, NOTIFY_CONFIRM, ''), '$notify3' => array('notify3', t('Someone writes on your profile wall'), $notify & NOTIFY_WALL, NOTIFY_WALL, ''), '$notify4' => array('notify4', t('Someone writes a followup comment'), $notify & NOTIFY_COMMENT, NOTIFY_COMMENT, ''), '$notify5' => array('notify5', t('You receive a private message'), $notify & NOTIFY_MAIL, NOTIFY_MAIL, ''), '$notify6' => array('notify6', t('You receive a friend suggestion'), $notify & NOTIFY_SUGGEST, NOTIFY_SUGGEST, ''), '$notify7' => array('notify7', t('You are tagged in a post'), $notify & NOTIFY_TAGSELF, NOTIFY_TAGSELF, ''), '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), $notify & NOTIFY_POKE, NOTIFY_POKE, ''), '$email_textonly' => array('email_textonly', t('Text-only notification emails'), get_pconfig(local_user(), 'system', 'email_textonly'), t('Send text only notification emails, without the html part')), '$h_advn' => t('Advanced Account/Page Type Settings'), '$h_descadvn' => t('Change the behaviour of this account for special situations'), '$pagetype' => $pagetype, '$relocate' => t('Relocate'), '$relocate_text' => t("If you have moved this profile from another server, and some of your contacts don't receive your updates, try pushing this button."), '$relocate_button' => t("Resend relocate message to contacts"))); call_hooks('settings_form', $o); $o .= '</form>' . "\r\n"; return $o; }
/** * @param App $a * @param null|object $o */ function privacy_image_cache_plugin_admin_post(&$a = null, &$o = null) { check_form_security_token_redirectOnErr('/admin/plugins/privacy_image_cache', 'picsave'); if (isset($_REQUEST['save'])) { $cachetime_h = IntVal($_REQUEST['cachetime']); if ($cachetime_h < 1) { $cachetime_h = 1; } set_config('privacy_image_cache', 'cache_time', $cachetime_h * 3600); } if (isset($_REQUEST['delete_all'])) { q('DELETE FROM `photo` WHERE `uid` = 0 AND `resource-id` LIKE "pic:%%"'); } }
/** * module: invite.php * * send email invitations to join social network * */ function invite_post(&$a) { if (!local_channel()) { notice(t('Permission denied.') . EOL); return; } check_form_security_token_redirectOnErr('/', 'send_invite'); $max_invites = intval(get_config('system', 'max_invites')); if (!$max_invites) { $max_invites = 50; } $current_invites = intval(get_pconfig(local_channel(), 'system', 'sent_invites')); if ($current_invites > $max_invites) { notice(t('Total invitation limit exceeded.') . EOL); return; } $recips = x($_POST, 'recipients') ? explode("\n", $_POST['recipients']) : array(); $message = x($_POST, 'message') ? notags(trim($_POST['message'])) : ''; $total = 0; if (get_config('system', 'invitation_only')) { $invonly = true; $x = get_pconfig(local_channel(), 'system', 'invites_remaining'); if (!$x && !is_site_admin()) { return; } } foreach ($recips as $recip) { $recip = trim($recip); if (!$recip) { continue; } if (!valid_email($recip)) { notice(sprintf(t('%s : Not a valid email address.'), $recip) . EOL); continue; } if ($invonly && ($x || is_site_admin())) { $code = autoname(8) . srand(1000, 9999); $nmessage = str_replace('$invite_code', $code, $message); $r = q("INSERT INTO `register` (`hash`,`created`) VALUES ('%s', '%s') ", dbesc($code), dbesc(datetime_convert())); if (!is_site_admin()) { $x--; if ($x >= 0) { set_pconfig(local_channel(), 'system', 'invites_remaining', $x); } else { return; } } } else { $nmessage = $message; } $account = $a->get_account(); $res = mail($recip, sprintf(t('Please join us on Red'), $a->config['sitename']), $nmessage, "From: " . $account['account_email'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit'); if ($res) { $total++; $current_invites++; set_pconfig(local_channel(), 'system', 'sent_invites', $current_invites); if ($current_invites > $max_invites) { notice(t('Invitation limit exceeded. Please contact your site administrator.') . EOL); return; } } else { notice(sprintf(t('%s : Message delivery failed.'), $recip) . EOL); } } notice(sprintf(tt("%d message sent.", "%d messages sent.", $total), $total) . EOL); return; }
function get() { $change = false; logger('mod_group: ' . \App::$cmd, LOGGER_DEBUG); if (!local_channel()) { notice(t('Permission denied') . EOL); return; } // Switch to text mode interface if we have more than 'n' contacts or group members $switchtotext = get_pconfig(local_channel(), 'system', 'groupedit_image_limit'); if ($switchtotext === false) { $switchtotext = get_config('system', 'groupedit_image_limit'); } if ($switchtotext === false) { $switchtotext = 400; } $tpl = get_markup_template('group_edit.tpl'); $context = array('$submit' => t('Submit')); if (argc() == 2 && argv(1) === 'new') { return replace_macros($tpl, $context + array('$title' => t('Create a group of channels.'), '$gname' => array('groupname', t('Privacy group name: '), '', ''), '$gid' => 'new', '$public' => array('public', t('Members are visible to other channels'), false, ''), '$form_security_token' => get_form_security_token("group_edit"))); } if (argc() == 3 && argv(1) === 'drop') { check_form_security_token_redirectOnErr('/group', 'group_drop', 't'); if (intval(argv(2))) { $r = q("SELECT `name` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval(argv(2)), intval(local_channel())); if ($r) { $result = group_rmv(local_channel(), $r[0]['gname']); } if ($result) { info(t('Privacy group removed.') . EOL); } else { notice(t('Unable to remove privacy group.') . EOL); } } goaway(z_root() . '/group'); // NOTREACHED } if (argc() > 2 && intval(argv(1)) && argv(2)) { check_form_security_token_ForbiddenOnErr('group_member_change', 't'); $r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 limit 1", dbesc(base64url_decode(argv(2))), intval(local_channel())); if (count($r)) { $change = base64url_decode(argv(2)); } } if (argc() > 1 && intval(argv(1))) { require_once 'include/acl_selectors.php'; $r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", intval(argv(1)), intval(local_channel())); if (!$r) { notice(t('Privacy group not found.') . EOL); goaway(z_root() . '/connections'); } $group = $r[0]; $members = group_get_members($group['id']); $preselected = array(); if (count($members)) { foreach ($members as $member) { if (!in_array($member['xchan_hash'], $preselected)) { $preselected[] = $member['xchan_hash']; } } } if ($change) { if (in_array($change, $preselected)) { group_rmv_member(local_channel(), $group['gname'], $change); } else { group_add_member(local_channel(), $group['gname'], $change); } $members = group_get_members($group['id']); $preselected = array(); if (count($members)) { foreach ($members as $member) { $preselected[] = $member['xchan_hash']; } } } $drop_tpl = get_markup_template('group_drop.tpl'); $drop_txt = replace_macros($drop_tpl, array('$id' => $group['id'], '$delete' => t('Delete'), '$form_security_token' => get_form_security_token("group_drop"))); $context = $context + array('$title' => t('Privacy group editor'), '$gname' => array('groupname', t('Privacy group name: '), $group['gname'], ''), '$gid' => $group['id'], '$drop' => $drop_txt, '$public' => array('public', t('Members are visible to other channels'), $group['visible'], ''), '$form_security_token' => get_form_security_token('group_edit')); } if (!isset($group)) { return; } $groupeditor = array('label_members' => t('Members'), 'members' => array(), 'label_contacts' => t('All Connected Channels'), 'contacts' => array()); $sec_token = addslashes(get_form_security_token('group_member_change')); $textmode = $switchtotext && count($members) > $switchtotext ? true : false; foreach ($members as $member) { if ($member['xchan_url']) { $member['archived'] = intval($member['abook_archived']) ? true : false; $member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;'; $groupeditor['members'][] = micropro($member, true, 'mpgroup', $textmode); } else { group_rmv_member(local_channel(), $group['gname'], $member['xchan_hash']); } } $r = q("SELECT abook.*, xchan.* FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel` = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc", intval(local_channel())); if (count($r)) { $textmode = $switchtotext && count($r) > $switchtotext ? true : false; foreach ($r as $member) { if (!in_array($member['xchan_hash'], $preselected)) { $member['archived'] = intval($member['abook_archived']) ? true : false; $member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;'; $groupeditor['contacts'][] = micropro($member, true, 'mpall', $textmode); } } } $context['$groupeditor'] = $groupeditor; $context['$desc'] = t('Click on a channel to add or remove.'); if ($change) { $tpl = get_markup_template('groupeditor.tpl'); echo replace_macros($tpl, $context); killme(); } return replace_macros($tpl, $context); }
function post() { check_form_security_token_redirectOnErr('/settings/display', 'settings_display'); $themespec = explode(':', \App::$channel['channel_theme']); $existing_theme = $themespec[0]; $existing_schema = $themespec[1]; $theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : $existing_theme; if (!$theme) { $theme = 'redbasic'; } $mobile_theme = x($_POST, 'mobile_theme') ? notags(trim($_POST['mobile_theme'])) : ''; $preload_images = x($_POST, 'preload_images') ? intval($_POST['preload_images']) : 0; $user_scalable = x($_POST, 'user_scalable') ? intval($_POST['user_scalable']) : 0; $nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0; $title_tosource = x($_POST, 'title_tosource') ? intval($_POST['title_tosource']) : 0; $channel_list_mode = x($_POST, 'channel_list_mode') ? intval($_POST['channel_list_mode']) : 0; $network_list_mode = x($_POST, 'network_list_mode') ? intval($_POST['network_list_mode']) : 0; $channel_divmore_height = x($_POST, 'channel_divmore_height') ? intval($_POST['channel_divmore_height']) : 400; if ($channel_divmore_height < 50) { $channel_divmore_height = 50; } $network_divmore_height = x($_POST, 'network_divmore_height') ? intval($_POST['network_divmore_height']) : 400; if ($network_divmore_height < 50) { $network_divmore_height = 50; } $browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0; $browser_update = $browser_update * 1000; if ($browser_update < 10000) { $browser_update = 10000; } $itemspage = x($_POST, 'itemspage') ? intval($_POST['itemspage']) : 20; if ($itemspage > 100) { $itemspage = 100; } if ($mobile_theme == "---") { del_pconfig(local_channel(), 'system', 'mobile_theme'); } else { set_pconfig(local_channel(), 'system', 'mobile_theme', $mobile_theme); } set_pconfig(local_channel(), 'system', 'preload_images', $preload_images); set_pconfig(local_channel(), 'system', 'user_scalable', $user_scalable); set_pconfig(local_channel(), 'system', 'update_interval', $browser_update); set_pconfig(local_channel(), 'system', 'itemspage', $itemspage); set_pconfig(local_channel(), 'system', 'no_smilies', 1 - intval($nosmile)); set_pconfig(local_channel(), 'system', 'title_tosource', $title_tosource); set_pconfig(local_channel(), 'system', 'channel_list_mode', $channel_list_mode); set_pconfig(local_channel(), 'system', 'network_list_mode', $network_list_mode); set_pconfig(local_channel(), 'system', 'channel_divmore_height', $channel_divmore_height); set_pconfig(local_channel(), 'system', 'network_divmore_height', $network_divmore_height); $newschema = ''; if ($theme == $existing_theme) { // call theme_post only if theme has not been changed if (($themeconfigfile = $this->get_theme_config_file($theme)) != null) { require_once $themeconfigfile; if (class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) { $clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config'; $theme_config = new $clsname(); $schemas = $theme_config->get_schemas(); if (array_key_exists($_POST['schema'], $schemas)) { $newschema = $_POST['schema']; } if ($newschema === '---') { $newschema = ''; } $theme_config->post(); } } } logger('theme: ' . $theme . ($newschema ? ':' . $newschema : '')); $_SESSION['theme'] = $theme . ($newschema ? ':' . $newschema : ''); $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", dbesc($theme . ($newschema ? ':' . $newschema : '')), intval(local_channel())); call_hooks('display_settings_post', $_POST); build_sync_packet(); goaway(z_root() . '/settings/display'); return; // NOTREACHED }
/** * @param App $a * @param null|object $o */ function dav_plugin_admin_post(&$a = null, &$o = null) { check_form_security_token_redirectOnErr('/admin/plugins/dav', 'dav_admin_save'); require_once __DIR__ . "/database-init.inc.php"; if (isset($_REQUEST["install"])) { $errs = dav_create_tables(); if (count($errs) == 0) { info(t('The database tables have been installed.') . EOL); } else { notice(t("An error occurred during the installation.") . EOL); } } }
function post() { if (!local_channel()) { notice(t('Permission denied.') . EOL); return; } require_once 'include/activities.php'; $namechanged = false; // import from json export file. // Only import fields that are allowed on this hub if (x($_FILES, 'userfile')) { $src = $_FILES['userfile']['tmp_name']; $filesize = intval($_FILES['userfile']['size']); if ($filesize) { $j = @json_decode(@file_get_contents($src), true); @unlink($src); if ($j) { $fields = get_profile_fields_advanced(); if ($fields) { foreach ($j as $jj => $v) { foreach ($fields as $f => $n) { if ($jj == $f) { $_POST[$f] = $v; break; } } } } } } } call_hooks('profile_post', $_POST); if (argc() > 1 && argv(1) !== "new" && intval(argv(1))) { $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval(\App::$argv[1]), intval(local_channel())); if (!count($orig)) { notice(t('Profile not found.') . EOL); return; } check_form_security_token_redirectOnErr('/profiles', 'profile_edit'); $is_default = $orig[0]['is_default'] ? 1 : 0; $profile_name = notags(trim($_POST['profile_name'])); if (!strlen($profile_name)) { notice(t('Profile Name is required.') . EOL); return; } $dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00'; // FIXME: Needs to be validated? $y = substr($dob, 0, 4); if (!ctype_digit($y) || $y < 1900) { $ignore_year = true; } else { $ignore_year = false; } if ($dob != '0000-00-00') { if (strpos($dob, '0000-') === 0) { $ignore_year = true; $dob = substr($dob, 5); } $dob = datetime_convert('UTC', 'UTC', $ignore_year ? '1900-' . $dob : $dob, $ignore_year ? 'm-d' : 'Y-m-d'); if ($ignore_year) { $dob = '0000-' . $dob; } } $name = escape_tags(trim($_POST['name'])); if ($orig[0]['fullname'] != $name) { $namechanged = true; $v = validate_channelname($name); if ($v) { notice($v); $namechanged = false; $name = $orig[0]['fullname']; } } $pdesc = escape_tags(trim($_POST['pdesc'])); $gender = escape_tags(trim($_POST['gender'])); $address = escape_tags(trim($_POST['address'])); $locality = escape_tags(trim($_POST['locality'])); $region = escape_tags(trim($_POST['region'])); $postal_code = escape_tags(trim($_POST['postal_code'])); $country_name = escape_tags(trim($_POST['country_name'])); $keywords = escape_tags(trim($_POST['keywords'])); $marital = escape_tags(trim($_POST['marital'])); $howlong = escape_tags(trim($_POST['howlong'])); $sexual = escape_tags(trim($_POST['sexual'])); $homepage = escape_tags(trim($_POST['homepage'])); $hometown = escape_tags(trim($_POST['hometown'])); $politic = escape_tags(trim($_POST['politic'])); $religion = escape_tags(trim($_POST['religion'])); $likes = fix_mce_lf(escape_tags(trim($_POST['likes']))); $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes']))); $about = fix_mce_lf(escape_tags(trim($_POST['about']))); $interest = fix_mce_lf(escape_tags(trim($_POST['interest']))); $contact = fix_mce_lf(escape_tags(trim($_POST['contact']))); $channels = fix_mce_lf(escape_tags(trim($_POST['channels']))); $music = fix_mce_lf(escape_tags(trim($_POST['music']))); $book = fix_mce_lf(escape_tags(trim($_POST['book']))); $tv = fix_mce_lf(escape_tags(trim($_POST['tv']))); $film = fix_mce_lf(escape_tags(trim($_POST['film']))); $romance = fix_mce_lf(escape_tags(trim($_POST['romance']))); $work = fix_mce_lf(escape_tags(trim($_POST['work']))); $education = fix_mce_lf(escape_tags(trim($_POST['education']))); $hide_friends = intval($_POST['hide_friends']) ? 1 : 0; require_once 'include/text.php'; linkify_tags($a, $likes, local_channel()); linkify_tags($a, $dislikes, local_channel()); linkify_tags($a, $about, local_channel()); linkify_tags($a, $interest, local_channel()); linkify_tags($a, $interest, local_channel()); linkify_tags($a, $contact, local_channel()); linkify_tags($a, $channels, local_channel()); linkify_tags($a, $music, local_channel()); linkify_tags($a, $book, local_channel()); linkify_tags($a, $tv, local_channel()); linkify_tags($a, $film, local_channel()); linkify_tags($a, $romance, local_channel()); linkify_tags($a, $work, local_channel()); linkify_tags($a, $education, local_channel()); $with = x($_POST, 'with') ? escape_tags(trim($_POST['with'])) : ''; if (!strlen($howlong)) { $howlong = NULL_DATE; } else { $howlong = datetime_convert(date_default_timezone_get(), 'UTC', $howlong); } // linkify the relationship target if applicable $withchanged = false; if (strlen($with)) { if ($with != strip_tags($orig[0]['partner'])) { $withchanged = true; $prf = ''; $lookup = $with; if (strpos($lookup, '@') === 0) { $lookup = substr($lookup, 1); } $lookup = str_replace('_', ' ', $lookup); $newname = $lookup; $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", dbesc($newname), intval(local_channel())); if (!$r) { $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_addr = '%s' AND abook_channel = %d LIMIT 1", dbesc($lookup . '@%'), intval(local_channel())); } if ($r) { $prf = $r[0]['xchan_url']; $newname = $r[0]['xchan_name']; } if ($prf) { $with = str_replace($lookup, '<a href="' . $prf . '">' . $newname . '</a>', $with); if (strpos($with, '@') === 0) { $with = substr($with, 1); } } } else { $with = $orig[0]['partner']; } } $profile_fields_basic = get_profile_fields_basic(); $profile_fields_advanced = get_profile_fields_advanced(); $advanced = feature_enabled(local_channel(), 'advanced_profiles') ? true : false; if ($advanced) { $fields = $profile_fields_advanced; } else { $fields = $profile_fields_basic; } $z = q("select * from profdef where true"); if ($z) { foreach ($z as $zz) { if (array_key_exists($zz['field_name'], $fields)) { $w = q("select * from profext where channel_id = %d and hash = '%s' and k = '%s' limit 1", intval(local_channel()), dbesc($orig[0]['profile_guid']), dbesc($zz['field_name'])); if ($w) { q("update profext set v = '%s' where id = %d", dbesc(escape_tags(trim($_POST[$zz['field_name']]))), intval($w[0]['id'])); } else { q("insert into profext ( channel_id, hash, k, v ) values ( %d, '%s', '%s', '%s') ", intval(local_channel()), dbesc($orig[0]['profile_guid']), dbesc($zz['field_name']), dbesc(escape_tags(trim($_POST[$zz['field_name']])))); } } } } $changes = array(); $value = ''; if ($is_default) { if ($marital != $orig[0]['marital']) { $changes[] = '[color=#ff0000]♥[/color] ' . t('Marital Status'); $value = $marital; } if ($withchanged) { $changes[] = '[color=#ff0000]♥[/color] ' . t('Romantic Partner'); $value = strip_tags($with); } if ($likes != $orig[0]['likes']) { $changes[] = t('Likes'); $value = $likes; } if ($dislikes != $orig[0]['dislikes']) { $changes[] = t('Dislikes'); $value = $dislikes; } if ($work != $orig[0]['employment']) { $changes[] = t('Work/Employment'); } if ($religion != $orig[0]['religion']) { $changes[] = t('Religion'); $value = $religion; } if ($politic != $orig[0]['politic']) { $changes[] = t('Political Views'); $value = $politic; } if ($gender != $orig[0]['gender']) { $changes[] = t('Gender'); $value = $gender; } if ($sexual != $orig[0]['sexual']) { $changes[] = t('Sexual Preference'); $value = $sexual; } if ($homepage != $orig[0]['homepage']) { $changes[] = t('Homepage'); $value = $homepage; } if ($interest != $orig[0]['interest']) { $changes[] = t('Interests'); $value = $interest; } if ($address != $orig[0]['address']) { $changes[] = t('Address'); // New address not sent in notifications, potential privacy issues // in case this leaks to unintended recipients. Yes, it's in the public // profile but that doesn't mean we have to broadcast it to everybody. } if ($locality != $orig[0]['locality'] || $region != $orig[0]['region'] || $country_name != $orig[0]['country_name']) { $changes[] = t('Location'); $comma1 = $locality && ($region || $country_name) ? ', ' : ' '; $comma2 = $region && $country_name ? ', ' : ''; $value = $locality . $comma1 . $region . $comma2 . $country_name; } profile_activity($changes, $value); } $r = q("UPDATE `profile` \n\t\t\t\tSET `profile_name` = '%s',\n\t\t\t\t`fullname` = '%s',\n\t\t\t\t`pdesc` = '%s',\n\t\t\t\t`gender` = '%s',\n\t\t\t\t`dob` = '%s',\n\t\t\t\t`address` = '%s',\n\t\t\t\t`locality` = '%s',\n\t\t\t\t`region` = '%s',\n\t\t\t\t`postal_code` = '%s',\n\t\t\t\t`country_name` = '%s',\n\t\t\t\t`marital` = '%s',\n\t\t\t\t`partner` = '%s',\n\t\t\t\t`howlong` = '%s',\n\t\t\t\t`sexual` = '%s',\n\t\t\t\t`homepage` = '%s',\n\t\t\t\t`hometown` = '%s',\n\t\t\t\t`politic` = '%s',\n\t\t\t\t`religion` = '%s',\n\t\t\t\t`keywords` = '%s',\n\t\t\t\t`likes` = '%s',\n\t\t\t\t`dislikes` = '%s',\n\t\t\t\t`about` = '%s',\n\t\t\t\t`interest` = '%s',\n\t\t\t\t`contact` = '%s',\n\t\t\t\t`channels` = '%s',\n\t\t\t\t`music` = '%s',\n\t\t\t\t`book` = '%s',\n\t\t\t\t`tv` = '%s',\n\t\t\t\t`film` = '%s',\n\t\t\t\t`romance` = '%s',\n\t\t\t\t`employment` = '%s',\n\t\t\t\t`education` = '%s',\n\t\t\t\t`hide_friends` = %d\n\t\t\t\tWHERE `id` = %d AND `uid` = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), dbesc($gender), dbesc($dob), dbesc($address), dbesc($locality), dbesc($region), dbesc($postal_code), dbesc($country_name), dbesc($marital), dbesc($with), dbesc($howlong), dbesc($sexual), dbesc($homepage), dbesc($hometown), dbesc($politic), dbesc($religion), dbesc($keywords), dbesc($likes), dbesc($dislikes), dbesc($about), dbesc($interest), dbesc($contact), dbesc($channels), dbesc($music), dbesc($book), dbesc($tv), dbesc($film), dbesc($romance), dbesc($work), dbesc($education), intval($hide_friends), intval(argv(1)), intval(local_channel())); if ($r) { info(t('Profile updated.') . EOL); } $r = q("select * from profile where id = %d and uid = %d limit 1", intval(argv(1)), intval(local_channel())); if ($r) { require_once 'include/zot.php'; build_sync_packet(local_channel(), array('profile' => $r)); } $channel = \App::get_channel(); if ($namechanged && $is_default) { $r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s'", dbesc($name), dbesc(datetime_convert()), dbesc($channel['xchan_hash'])); $r = q("UPDATE channel SET channel_name = '%s' WHERE channel_hash = '%s'", dbesc($name), dbesc($channel['xchan_hash'])); } if ($is_default) { // reload the info for the sidebar widget - why does this not work? profile_load($channel['channel_address']); \Zotlabs\Daemon\Master::Summon(array('Directory', local_channel())); } } }