function post()
{
check_form_security_token_redirectOnErr('/admin/security', 'admin_security');
$allowed_email = x($_POST, 'allowed_email') ? notags(trim($_POST['allowed_email'])) : '';
$not_allowed_email = x($_POST, 'not_allowed_email') ? notags(trim($_POST['not_allowed_email'])) : '';
set_config('system', 'allowed_email', $allowed_email);
set_config('system', 'not_allowed_email', $not_allowed_email);
$block_public = x($_POST, 'block_public') ? True : False;
set_config('system', 'block_public', $block_public);
$ws = $this->trim_array_elems(explode("\n", $_POST['whitelisted_sites']));
set_config('system', 'whitelisted_sites', $ws);
$bs = $this->trim_array_elems(explode("\n", $_POST['blacklisted_sites']));
set_config('system', 'blacklisted_sites', $bs);
$wc = $this->trim_array_elems(explode("\n", $_POST['whitelisted_channels']));
set_config('system', 'whitelisted_channels', $wc);
$bc = $this->trim_array_elems(explode("\n", $_POST['blacklisted_channels']));
set_config('system', 'blacklisted_channels', $bc);
$embed_sslonly = x($_POST, 'embed_sslonly') ? True : False;
set_config('system', 'embed_sslonly', $embed_sslonly);
$we = $this->trim_array_elems(explode("\n", $_POST['embed_allow']));
set_config('system', 'embed_allow', $we);
$be = $this->trim_array_elems(explode("\n", $_POST['embed_deny']));
set_config('system', 'embed_deny', $be);
$ts = x($_POST, 'transport_security') ? True : False;
set_config('system', 'transport_security_header', $ts);
$cs = x($_POST, 'content_security') ? True : False;
set_config('system', 'content_security_policy', $cs);
goaway(z_root() . '/admin/security');
}
function post()
{
check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured');
call_hooks('feature_settings_post', $_POST);
build_sync_packet();
return;
}
function get()
{
if (argc() > 2 && argv(2) === 'add') {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional'))));
return $o;
}
if (argc() > 3 && argv(2) === 'edit') {
$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
if (!count($r)) {
notice(t('Application not found.'));
return;
}
$app = $r[0];
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['clname'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
return $o;
}
if (argc() > 3 && argv(2) === 'delete') {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
goaway(z_root() . "/settings/oauth/");
return;
}
$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel());
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => z_root(), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
return $o;
}
function defaultfeatures_plugin_admin_post(&$a)
{
check_form_security_token_redirectOnErr('/admin/plugins/defaultfeatures', 'defaultfeaturessave');
foreach ($_POST as $k => $v) {
if (strpos($k, 'feature_') === 0) {
set_config('defaultfeatures', substr($k, 8), intval($v) ? 1 : 0);
}
}
info(t('Features updated') . EOL);
}
function post()
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/', 'send_invite');
$max_invites = intval(get_config('system', 'max_invites'));
if (!$max_invites) {
$max_invites = 50;
}
$current_invites = intval(get_pconfig(local_channel(), 'system', 'sent_invites'));
if ($current_invites > $max_invites) {
notice(t('Total invitation limit exceeded.') . EOL);
return;
}
$recips = x($_POST, 'recipients') ? explode("\n", $_POST['recipients']) : array();
$message = x($_POST, 'message') ? notags(trim($_POST['message'])) : '';
$total = 0;
if (get_config('system', 'invitation_only')) {
$invonly = true;
$x = get_pconfig(local_channel(), 'system', 'invites_remaining');
if (!$x && !is_site_admin()) {
return;
}
}
foreach ($recips as $recip) {
$recip = trim($recip);
if (!$recip) {
continue;
}
if (!valid_email($recip)) {
notice(sprintf(t('%s : Not a valid email address.'), $recip) . EOL);
continue;
} else {
$nmessage = $message;
}
$account = \App::get_account();
$res = mail($recip, sprintf(t('Please join us on $Projectname'), \App::$config['sitename']), $nmessage, "From: " . $account['account_email'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
if ($res) {
$total++;
$current_invites++;
set_pconfig(local_channel(), 'system', 'sent_invites', $current_invites);
if ($current_invites > $max_invites) {
notice(t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
return;
}
} else {
notice(sprintf(t('%s : Message delivery failed.'), $recip) . EOL);
}
}
notice(sprintf(tt("%d message sent.", "%d messages sent.", $total), $total) . EOL);
return;
}
/**
* @brief POST handler for logs admin page.
*
*/
function post()
{
if (x($_POST, 'page_logs')) {
check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
$logfile = x($_POST, 'logfile') ? notags(trim($_POST['logfile'])) : '';
$debugging = x($_POST, 'debugging') ? true : false;
$loglevel = x($_POST, 'loglevel') ? intval(trim($_POST['loglevel'])) : 0;
set_config('system', 'logfile', $logfile);
set_config('system', 'debugging', $debugging);
set_config('system', 'loglevel', $loglevel);
}
info(t('Log settings updated.'));
goaway(z_root() . '/admin/logs');
}
function post()
{
$channel = \App::get_channel();
check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens');
$token_errs = 0;
if (array_key_exists('token', $_POST)) {
$atoken_id = $_POST['atoken_id'] ? intval($_POST['atoken_id']) : 0;
$name = trim(escape_tags($_POST['name']));
$token = trim($_POST['token']);
if (!$name || !$token) {
$token_errs++;
}
if (trim($_POST['expires'])) {
$expires = datetime_convert(date_default_timezone_get(), 'UTC', $_POST['expires']);
} else {
$expires = NULL_DATE;
}
$max_atokens = service_class_fetch(local_channel(), 'access_tokens');
if ($max_atokens) {
$r = q("select count(atoken_id) as total where atoken_uid = %d", intval(local_channel()));
if ($r && intval($r[0]['total']) >= $max_tokens) {
notice(sprintf(t('This channel is limited to %d tokens'), $max_tokens) . EOL);
return;
}
}
}
if ($token_errs) {
notice(t('Name and Password are required.') . EOL);
return;
}
if ($atoken_id) {
$r = q("update atoken set atoken_name = '%s', atoken_token = '%s', atoken_expires = '%s' \n\t\t\t\twhere atoken_id = %d and atoken_uid = %d", dbesc($name), dbesc($token), dbesc($expires), intval($atoken_id), intval($channel['channel_id']));
} else {
$r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )\n\t\t\t\tvalues ( %d, %d, '%s', '%s', '%s' ) ", intval($channel['channel_account_id']), intval($channel['channel_id']), dbesc($name), dbesc($token), dbesc($expires));
}
$atoken_xchan = substr($channel['channel_hash'], 0, 16) . '.' . $name;
$all_perms = \Zotlabs\Access\Permissions::Perms();
if ($all_perms) {
foreach ($all_perms as $perm => $desc) {
if (array_key_exists('perms_' . $perm, $_POST)) {
set_abconfig($channel['channel_id'], $atoken_xchan, 'my_perms', $perm, intval($_POST['perms_' . $perm]));
} else {
set_abconfig($channel['channel_id'], $atoken_xchan, 'my_perms', $perm, 0);
}
}
}
info(t('Token saved.') . EOL);
return;
}
function post()
{
check_form_security_token_redirectOnErr('/settings/features', 'settings_features');
// Build list of features and check which are set
// We will not create any settings for features that are above our techlevel
$features = get_features();
$all_features = array();
foreach ($features as $k => $v) {
foreach ($v as $f) {
$all_features[] = $f[0];
}
}
foreach ($all_features as $k) {
if (x($_POST, "feature_{$k}")) {
set_pconfig(local_channel(), 'feature', $k, 1);
} else {
set_pconfig(local_channel(), 'feature', $k, 0);
}
}
build_sync_packet();
return;
}
function post()
{
if (!local_channel()) {
return;
}
if ($_SESSION['delegate']) {
return;
}
check_form_security_token_redirectOnErr('/pconfig', 'pconfig');
$cat = trim(escape_tags($_POST['cat']));
$k = trim(escape_tags($_POST['k']));
$v = trim($_POST['v']);
if (in_array(argv(2), $this->disallowed_pconfig())) {
notice(t('This setting requires special processing and editing has been blocked.') . EOL);
return;
}
if (strpos($k, 'password') !== false) {
$v = z_obscure($v);
}
set_pconfig(local_channel(), $cat, $k, $v);
build_sync_packet();
goaway(z_root() . '/pconfig/' . $cat . '/' . $k);
}
function post()
{
check_form_security_token_redirectOnErr('/admin/features', 'admin_manage_features');
logger('postvars: ' . print_r($_POST, true));
$arr = array();
$features = get_features(false);
foreach ($features as $fname => $fdata) {
foreach (array_slice($fdata, 1) as $f) {
$feature = $f[0];
if (array_key_exists('feature_' . $feature, $_POST)) {
$val = intval($_POST['feature_' . $feature]);
} else {
$val = 0;
}
set_config('feature', $feature, $val);
if (array_key_exists('featurelock_' . $feature, $_POST)) {
set_config('feature_lock', $feature, $val);
} else {
del_config('feature_lock', $feature);
}
}
}
goaway(z_root() . '/admin/features');
}
/**
* Logs admin page
*
* @param App $a
*/
function admin_page_logs_post(&$a)
{
if (x($_POST, "page_logs")) {
check_form_security_token_redirectOnErr('/admin/logs', 'admin_logs');
$logfile = x($_POST, 'logfile') ? notags(trim($_POST['logfile'])) : '';
$debugging = x($_POST, 'debugging') ? true : false;
$loglevel = x($_POST, 'loglevel') ? intval(trim($_POST['loglevel'])) : 0;
set_config('system', 'logfile', $logfile);
set_config('system', 'debugging', $debugging);
set_config('system', 'loglevel', $loglevel);
}
info(t("Log settings updated."));
goaway($a->get_baseurl(true) . '/admin/logs');
return;
// NOTREACHED
}
function settings_content(&$a)
{
$o = '';
nav_set_selected('settings');
if (!local_channel() || $_SESSION['delegate']) {
notice(t('Permission denied.') . EOL);
return login();
}
$channel = $a->get_channel();
if ($channel) {
head_set_icon($channel['xchan_photo_s']);
}
$yes_no = array(t('No'), t('Yes'));
if (argc() > 1 && argv(1) === 'oauth') {
if (argc() > 2 && argv(2) === 'add') {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional'))));
return $o;
}
if (argc() > 3 && argv(2) === 'edit') {
$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
if (!count($r)) {
notice(t("You can't edit this application."));
return;
}
$app = $r[0];
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['name'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
return $o;
}
if (argc() > 3 && argv(2) === 'delete') {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
goaway($a->get_baseurl(true) . "/settings/oauth/");
return;
}
$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel());
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => $a->get_baseurl(true), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
return $o;
}
if (argc() > 1 && argv(1) === 'featured') {
$settings_addons = "";
$o = '';
$r = q("SELECT * FROM `hook` WHERE `hook` = 'feature_settings' ");
if (!$r) {
$settings_addons = t('No feature settings configured');
}
call_hooks('feature_settings', $settings_addons);
$tpl = get_markup_template("settings_addons.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_featured"), '$title' => t('Feature/Addon Settings'), '$settings_addons' => $settings_addons));
return $o;
}
/*
* ACCOUNT SETTINGS
*/
if (argc() > 1 && argv(1) === 'account') {
$account_settings = "";
call_hooks('account_settings', $account_settings);
$email = $a->account['account_email'];
$tpl = get_markup_template("settings_account.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_account"), '$title' => t('Account Settings'), '$password1' => array('npassword', t('Enter New Password:'******'', ''), '$password2' => array('confirm', t('Confirm New Password:'******'', t('Leave password fields blank unless changing')), '$submit' => t('Submit'), '$email' => array('email', t('Email Address:'), $email, ''), '$removeme' => t('Remove Account'), '$removeaccount' => t('Remove this account including all its channels'), '$account_settings' => $account_settings));
return $o;
}
if (argc() > 1 && argv(1) === 'features') {
$arr = array();
$features = get_features();
foreach ($features as $fname => $fdata) {
$arr[$fname] = array();
$arr[$fname][0] = $fdata[0];
foreach (array_slice($fdata, 1) as $f) {
$arr[$fname][1][] = array('feature_' . $f[0], $f[1], intval(feature_enabled(local_channel(), $f[0])) ? "1" : '', $f[2], array(t('Off'), t('On')));
}
}
$tpl = get_markup_template("settings_features.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_features"), '$title' => t('Additional Features'), '$features' => $arr, '$submit' => t('Submit')));
return $o;
}
if (argc() > 1 && argv(1) === 'connectors') {
$settings_connectors = "";
call_hooks('connector_settings', $settings_connectors);
$r = null;
$tpl = get_markup_template("settings_connectors.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_connectors"), '$title' => t('Connector Settings'), '$submit' => t('Submit'), '$settings_connectors' => $settings_connectors));
call_hooks('display_settings', $o);
return $o;
}
/*
* DISPLAY SETTINGS
*/
if (argc() > 1 && argv(1) === 'display') {
$default_theme = get_config('system', 'theme');
if (!$default_theme) {
$default_theme = 'default';
}
$default_mobile_theme = get_config('system', 'mobile_theme');
if (!$mobile_default_theme) {
$mobile_default_theme = 'none';
}
$allowed_themes_str = get_config('system', 'allowed_themes');
$allowed_themes_raw = explode(',', $allowed_themes_str);
$allowed_themes = array();
if (count($allowed_themes_raw)) {
foreach ($allowed_themes_raw as $x) {
if (strlen(trim($x)) && is_dir("view/theme/{$x}")) {
$allowed_themes[] = trim($x);
}
}
}
$themes = array();
$files = glob('view/theme/*');
if ($allowed_themes) {
foreach ($allowed_themes as $th) {
$f = $th;
$is_experimental = file_exists('view/theme/' . $th . '/experimental');
$unsupported = file_exists('view/theme/' . $th . '/unsupported');
$is_mobile = file_exists('view/theme/' . $th . '/mobile');
$is_library = file_exists('view/theme/' . $th . '/library');
$mobile_themes["---"] = t("No special theme for mobile devices");
if (!$is_experimental or $is_experimental && (get_config('experimentals', 'exp_themes') == 1 or get_config('experimentals', 'exp_themes') === false)) {
$theme_name = $is_experimental ? sprintf(t('%s - (Experimental)'), $f) : $f;
if (!$is_library) {
if ($is_mobile) {
$mobile_themes[$f] = $themes[$f] = $theme_name . ' (' . t('mobile') . ')';
} else {
$mobile_themes[$f] = $themes[$f] = $theme_name;
}
}
}
}
}
$theme_selected = !x($_SESSION, 'theme') ? $default_theme : $_SESSION['theme'];
$mobile_theme_selected = !x($_SESSION, 'mobile_theme') ? $default_mobile_theme : $_SESSION['mobile_theme'];
$user_scalable = get_pconfig(local_channel(), 'system', 'user_scalable');
$user_scalable = $user_scalable === false ? '1' : $user_scalable;
// default if not set: 1
$browser_update = intval(get_pconfig(local_channel(), 'system', 'update_interval'));
$browser_update = $browser_update == 0 ? 80 : $browser_update / 1000;
// default if not set: 40 seconds
$itemspage = intval(get_pconfig(local_channel(), 'system', 'itemspage'));
$itemspage = $itemspage > 0 && $itemspage < 101 ? $itemspage : 20;
// default if not set: 20 items
$nosmile = get_pconfig(local_channel(), 'system', 'no_smilies');
$nosmile = $nosmile === false ? '0' : $nosmile;
// default if not set: 0
$title_tosource = get_pconfig(local_channel(), 'system', 'title_tosource');
$title_tosource = $title_tosource === false ? '0' : $title_tosource;
// default if not set: 0
$theme_config = "";
if (($themeconfigfile = get_theme_config_file($theme_selected)) != null) {
require_once $themeconfigfile;
$theme_config = theme_content($a);
}
$tpl = get_markup_template("settings_display.tpl");
$o = replace_macros($tpl, array('$ptitle' => t('Display Settings'), '$d_tset' => t('Theme Settings'), '$d_ctset' => t('Custom Theme Settings'), '$d_cset' => t('Content Settings'), '$form_security_token' => get_form_security_token("settings_display"), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_channel(), '$theme' => $themes ? array('theme', t('Display Theme:'), $theme_selected, '', $themes, 'preview') : false, '$mobile_theme' => $mobile_themes ? array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, '') : false, '$user_scalable' => array('user_scalable', t("Enable user zoom on mobile devices"), $user_scalable, '', $yes_no), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage' => array('itemspage', t("Maximum number of conversations to load at any time:"), $itemspage, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Show emoticons (smilies) as images"), 1 - intval($nosmile), '', $yes_no), '$title_tosource' => array('title_tosource', t("Link post titles to source"), $title_tosource, '', $yes_no), '$layout_editor' => t('System Page Layout Editor - (advanced)'), '$theme_config' => $theme_config, '$expert' => feature_enabled(local_channel(), 'expert'), '$channel_list_mode' => array('channel_list_mode', t('Use blog/list mode on channel page'), get_pconfig(local_channel(), 'system', 'channel_list_mode'), t('(comments displayed separately)'), $yes_no), '$network_list_mode' => array('network_list_mode', t('Use blog/list mode on grid page'), get_pconfig(local_channel(), 'system', 'network_list_mode'), t('(comments displayed separately)'), $yes_no), '$channel_divmore_height' => array('channel_divmore_height', t('Channel page max height of content (in pixels)'), get_pconfig(local_channel(), 'system', 'channel_divmore_height') ? get_pconfig(local_channel(), 'system', 'channel_divmore_height') : 400, t('click to expand content exceeding this height')), '$network_divmore_height' => array('network_divmore_height', t('Grid page max height of content (in pixels)'), get_pconfig(local_channel(), 'system', 'network_divmore_height') ? get_pconfig(local_channel(), 'system', 'network_divmore_height') : 400, t('click to expand content exceeding this height'))));
return $o;
}
if (argv(1) === 'channel') {
require_once 'include/acl_selectors.php';
require_once 'include/permissions.php';
$p = q("SELECT * FROM `profile` WHERE `is_default` = 1 AND `uid` = %d LIMIT 1", intval(local_channel()));
if (count($p)) {
$profile = $p[0];
}
load_pconfig(local_channel(), 'expire');
$channel = $a->get_channel();
$global_perms = get_perms();
$permiss = array();
$perm_opts = array(array(t('Nobody except yourself'), 0), array(t('Only those you specifically allow'), PERMS_SPECIFIC), array(t('Approved connections'), PERMS_CONTACTS), array(t('Any connections'), PERMS_PENDING), array(t('Anybody on this website'), PERMS_SITE), array(t('Anybody in this network'), PERMS_NETWORK), array(t('Anybody authenticated'), PERMS_AUTHED), array(t('Anybody on the internet'), PERMS_PUBLIC));
foreach ($global_perms as $k => $perm) {
$options = array();
foreach ($perm_opts as $opt) {
if (!$perm[2] && $opt[1] == PERMS_PUBLIC) {
continue;
}
$options[$opt[1]] = $opt[0];
}
$permiss[] = array($k, $perm[3], $channel[$perm[0]], $perm[4], $options);
}
// logger('permiss: ' . print_r($permiss,true));
$username = $channel['channel_name'];
$nickname = $channel['channel_address'];
$timezone = $channel['channel_timezone'];
$notify = $channel['channel_notifyflags'];
$defloc = $channel['channel_location'];
$maxreq = $channel['channel_max_friend_req'];
$expire = $channel['channel_expire_days'];
$adult_flag = intval($channel['channel_pageflags'] & PAGE_ADULT);
$sys_expire = get_config('system', 'default_expire_days');
// $unkmail = $a->user['unkmail'];
// $cntunkmail = $a->user['cntunkmail'];
$hide_presence = intval(get_pconfig(local_channel(), 'system', 'hide_online_status'));
$expire_items = get_pconfig(local_channel(), 'expire', 'items');
$expire_items = $expire_items === false ? '1' : $expire_items;
// default if not set: 1
$expire_notes = get_pconfig(local_channel(), 'expire', 'notes');
$expire_notes = $expire_notes === false ? '1' : $expire_notes;
// default if not set: 1
$expire_starred = get_pconfig(local_channel(), 'expire', 'starred');
$expire_starred = $expire_starred === false ? '1' : $expire_starred;
// default if not set: 1
$expire_photos = get_pconfig(local_channel(), 'expire', 'photos');
$expire_photos = $expire_photos === false ? '0' : $expire_photos;
// default if not set: 0
$expire_network_only = get_pconfig(local_channel(), 'expire', 'network_only');
$expire_network_only = $expire_network_only === false ? '0' : $expire_network_only;
// default if not set: 0
$suggestme = get_pconfig(local_channel(), 'system', 'suggestme');
$suggestme = $suggestme === false ? '0' : $suggestme;
// default if not set: 0
$post_newfriend = get_pconfig(local_channel(), 'system', 'post_newfriend');
$post_newfriend = $post_newfriend === false ? '0' : $post_newfriend;
// default if not set: 0
$post_joingroup = get_pconfig(local_channel(), 'system', 'post_joingroup');
$post_joingroup = $post_joingroup === false ? '0' : $post_joingroup;
// default if not set: 0
$post_profilechange = get_pconfig(local_channel(), 'system', 'post_profilechange');
$post_profilechange = $post_profilechange === false ? '0' : $post_profilechange;
// default if not set: 0
$blocktags = get_pconfig(local_channel(), 'system', 'blocktags');
$blocktags = $blocktags === false ? '0' : $blocktags;
$timezone = date_default_timezone_get();
$opt_tpl = get_markup_template("field_checkbox.tpl");
if (get_config('system', 'publish_all')) {
$profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />';
} else {
$profile_in_dir = replace_macros($opt_tpl, array('$field' => array('profile_in_directory', t('Publish your default profile in the network directory'), $profile['publish'], '', $yes_no)));
}
$suggestme = replace_macros($opt_tpl, array('$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', $yes_no)));
$subdir = strlen($a->get_path()) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/channel/' . $nickname : '';
$tpl_addr = get_markup_template("settings_nick_set.tpl");
$prof_addr = replace_macros($tpl_addr, array('$desc' => t('Your channel address is'), '$nickname' => $nickname, '$subdir' => $subdir, '$basepath' => $a->get_hostname()));
$stpl = get_markup_template('settings.tpl');
$acl = new AccessList($channel);
$perm_defaults = $acl->get();
require_once 'include/group.php';
$group_select = mini_group_select(local_channel(), $channel['channel_default_group']);
require_once 'include/menu.php';
$m1 = menu_list(local_channel());
$menu = false;
if ($m1) {
$menu = array();
$current = get_pconfig(local_channel(), 'system', 'channel_menu');
$menu[] = array('name' => '', 'selected' => !$current ? true : false);
foreach ($m1 as $m) {
$menu[] = array('name' => htmlspecialchars($m['menu_name'], ENT_COMPAT, 'UTF-8'), 'selected' => $m['menu_name'] === $current ? ' selected="selected" ' : false);
}
}
$evdays = get_pconfig(local_channel(), 'system', 'evdays');
if (!$evdays) {
$evdays = 3;
}
$permissions_role = get_pconfig(local_channel(), 'system', 'permissions_role');
if (!$permissions_role) {
$permissions_role = 'custom';
}
$permissions_set = $permissions_role != 'custom' ? true : false;
$vnotify = get_pconfig(local_channel(), 'system', 'vnotify');
$always_show_in_notices = get_pconfig(local_channel(), 'system', 'always_show_in_notices');
if ($vnotify === false) {
$vnotify = -1;
}
$o .= replace_macros($stpl, array('$ptitle' => t('Channel Settings'), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_channel(), '$form_security_token' => get_form_security_token("settings"), '$nickname_block' => $prof_addr, '$h_basic' => t('Basic Settings'), '$username' => array('username', t('Full Name:'), $username, ''), '$email' => array('email', t('Email Address:'), $email, ''), '$timezone' => array('timezone_select', t('Your Timezone:'), $timezone, '', get_timezones()), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, t('Geographical location to display on your posts')), '$allowloc' => array('allow_location', t('Use Browser Location:'), get_pconfig(local_channel(), 'system', 'use_browser_location') ? 1 : '', '', $yes_no), '$adult' => array('adult', t('Adult Content'), $adult_flag, t('This channel frequently or regularly publishes adult content. (Please tag any adult material and/or nudity with #NSFW)'), $yes_no), '$h_prv' => t('Security and Privacy Settings'), '$permissions_set' => $permissions_set, '$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'), '$hide_presence' => array('hide_presence', t('Hide my online presence'), $hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no), '$lbl_pmacro' => t('Simple Privacy Settings:'), '$pmacro3' => t('Very Public - <em>extremely permissive (should be used with caution)</em>'), '$pmacro2' => t('Typical - <em>default public, privacy when desired (similar to social network permissions but with improved privacy)</em>'), '$pmacro1' => t('Private - <em>default private, never open or public</em>'), '$pmacro0' => t('Blocked - <em>default blocked to/from everybody</em>'), '$permiss_arr' => $permiss, '$blocktags' => array('blocktags', t('Allow others to tag your posts'), 1 - $blocktags, t('Often used by the community to retro-actively flag inappropriate content'), $yes_no), '$lbl_p2macro' => t('Advanced Privacy Settings'), '$expire' => array('expire', t('Expire other channel content after this many days'), $expire, sprintf(t('0 or blank to use the website limit. The website expires after %d days.'), intval($sys_expire))), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), intval($channel['channel_max_friend_req']), t('May reduce spam activity')), '$permissions' => t('Default Post Permissions'), '$permdesc' => t("(click to open/close)"), '$aclselect' => populate_acl($perm_defaults, false), '$suggestme' => $suggestme, '$group_select' => $group_select, '$role' => array('permissions_role', t('Channel permissions category:'), $permissions_role, '', get_roles()), '$profile_in_dir' => $profile_in_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, '$unkmail' => $unkmail, '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), intval($channel['channel_max_anon_mail']), t("Useful to reduce spamming")), '$h_not' => t('Notification Settings'), '$activity_options' => t('By default post a status message when:'), '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, '', $yes_no), '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, '', $yes_no), '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, '', $yes_no), '$lbl_not' => t('Send a notification email when:'), '$notify1' => array('notify1', t('You receive a connection request'), $notify & NOTIFY_INTRO, NOTIFY_INTRO, '', $yes_no), '$notify2' => array('notify2', t('Your connections are confirmed'), $notify & NOTIFY_CONFIRM, NOTIFY_CONFIRM, '', $yes_no), '$notify3' => array('notify3', t('Someone writes on your profile wall'), $notify & NOTIFY_WALL, NOTIFY_WALL, '', $yes_no), '$notify4' => array('notify4', t('Someone writes a followup comment'), $notify & NOTIFY_COMMENT, NOTIFY_COMMENT, '', $yes_no), '$notify5' => array('notify5', t('You receive a private message'), $notify & NOTIFY_MAIL, NOTIFY_MAIL, '', $yes_no), '$notify6' => array('notify6', t('You receive a friend suggestion'), $notify & NOTIFY_SUGGEST, NOTIFY_SUGGEST, '', $yes_no), '$notify7' => array('notify7', t('You are tagged in a post'), $notify & NOTIFY_TAGSELF, NOTIFY_TAGSELF, '', $yes_no), '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), $notify & NOTIFY_POKE, NOTIFY_POKE, '', $yes_no), '$lbl_vnot' => t('Show visual notifications including:'), '$vnotify1' => array('vnotify1', t('Unseen grid activity'), $vnotify & VNOTIFY_NETWORK, VNOTIFY_NETWORK, '', $yes_no), '$vnotify2' => array('vnotify2', t('Unseen channel activity'), $vnotify & VNOTIFY_CHANNEL, VNOTIFY_CHANNEL, '', $yes_no), '$vnotify3' => array('vnotify3', t('Unseen private messages'), $vnotify & VNOTIFY_MAIL, VNOTIFY_MAIL, t('Recommended'), $yes_no), '$vnotify4' => array('vnotify4', t('Upcoming events'), $vnotify & VNOTIFY_EVENT, VNOTIFY_EVENT, '', $yes_no), '$vnotify5' => array('vnotify5', t('Events today'), $vnotify & VNOTIFY_EVENTTODAY, VNOTIFY_EVENTTODAY, '', $yes_no), '$vnotify6' => array('vnotify6', t('Upcoming birthdays'), $vnotify & VNOTIFY_BIRTHDAY, VNOTIFY_BIRTHDAY, t('Not available in all themes'), $yes_no), '$vnotify7' => array('vnotify7', t('System (personal) notifications'), $vnotify & VNOTIFY_SYSTEM, VNOTIFY_SYSTEM, '', $yes_no), '$vnotify8' => array('vnotify8', t('System info messages'), $vnotify & VNOTIFY_INFO, VNOTIFY_INFO, t('Recommended'), $yes_no), '$vnotify9' => array('vnotify9', t('System critical alerts'), $vnotify & VNOTIFY_ALERT, VNOTIFY_ALERT, t('Recommended'), $yes_no), '$vnotify10' => array('vnotify10', t('New connections'), $vnotify & VNOTIFY_INTRO, VNOTIFY_INTRO, t('Recommended'), $yes_no), '$vnotify11' => array('vnotify11', t('System Registrations'), $vnotify & VNOTIFY_REGISTER, VNOTIFY_REGISTER, '', $yes_no), '$always_show_in_notices' => array('always_show_in_notices', t('Also show new wall posts, private messages and connections under Notices'), $always_show_in_notices, 1, '', $yes_no), '$evdays' => array('evdays', t('Notify me of events this many days in advance'), $evdays, t('Must be greater than 0')), '$h_advn' => t('Advanced Account/Page Type Settings'), '$h_descadvn' => t('Change the behaviour of this account for special situations'), '$pagetype' => $pagetype, '$expert' => feature_enabled(local_channel(), 'expert'), '$hint' => t('Please enable expert mode (in <a href="settings/features">Settings > Additional features</a>) to adjust!'), '$lbl_misc' => t('Miscellaneous Settings'), '$photo_path' => array('photo_path', t('Default photo upload folder'), get_pconfig(local_channel(), 'system', 'photo_path'), t('%Y - current year, %m - current month')), '$attach_path' => array('attach_path', t('Default file upload folder'), get_pconfig(local_channel(), 'system', 'attach_path'), t('%Y - current year, %m - current month')), '$menus' => $menu, '$menu_desc' => t('Personal menu to display in your channel pages'), '$removeme' => t('Remove Channel'), '$removechannel' => t('Remove this channel.'), '$firefoxshare' => t('Firefox Share $Projectname provider'), '$cal_first_day' => array('first_day', t('Start calendar week on monday'), get_pconfig(local_channel(), 'system', 'cal_first_day') ? 1 : '', '', $yes_no)));
call_hooks('settings_form', $o);
$o .= '</form>' . "\r\n";
return $o;
}
}
function profile_photo_post(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) {
// unless proven otherwise
$is_default_profile = 1;
if ($_REQUEST['profile']) {
$r = q("select id, `is-default` from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_user()));
if (count($r) && !intval($r[0]['is-default'])) {
$is_default_profile = 0;
}
}
// phase 2 - we have finished cropping
if ($a->argc != 2) {
notice(t('Image uploaded but image cropping failed.') . EOL);
return;
}
$image_id = $a->argv[1];
if (substr($image_id, -2, 1) == '-') {
$scale = substr($image_id, -1, 1);
$image_id = substr($image_id, 0, -2);
}
$srcX = $_POST['xstart'];
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
$r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id), dbesc(local_user()), intval($scale));
if (count($r)) {
$base_image = $r[0];
$im = new Photo($base_image['data'], $base_image['type']);
if ($im->is_valid()) {
$im->cropImage(175, $srcX, $srcY, $srcW, $srcH);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 4, $is_default_profile);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "175") . EOL);
}
$im->scaleImage(80);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 5, $is_default_profile);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "80") . EOL);
}
$im->scaleImage(48);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 6, $is_default_profile);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "48") . EOL);
}
// If setting for the default profile, unset the profile photo flag from any other photos I own
if ($is_default_profile) {
$r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", dbesc($base_image['resource-id']), intval(local_user()));
$r = q("UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `self` AND `uid` = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-6.' . $im->getExt()), intval(local_user()));
} else {
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5.' . $im->getExt()), intval($_REQUEST['profile']), intval(local_user()));
}
// we'll set the updated profile-photo timestamp even if it isn't the default profile,
// so that browsers will do a cache update unconditionally
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc(datetime_convert()), intval(local_user()));
info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
// Update global directory in background
$url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
if ($url && strlen(get_config('system', 'directory'))) {
proc_run('php', "include/directory.php", "{$url}");
}
require_once 'include/profile_update.php';
profile_change();
} else {
notice(t('Unable to process image') . EOL);
}
}
goaway($a->get_baseurl() . '/profiles');
return;
// NOTREACHED
}
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type'];
if ($filetype == "") {
$filetype = guess_image_type($filename);
}
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
notice(sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize)) . EOL);
@unlink($src);
return;
}
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata, $filetype);
if (!$ph->is_valid()) {
notice(t('Unable to process image.') . EOL);
@unlink($src);
return;
}
$ph->orient($src);
@unlink($src);
return profile_photo_crop_ui_head($a, $ph);
}
function group_content(&$a)
{
$change = false;
if (!local_user()) {
notice(t('Permission denied') . EOL);
return;
}
// Switch to text mode interface if we have more than 'n' contacts or group members
$switchtotext = get_pconfig(local_user(), 'system', 'groupedit_image_limit');
if ($switchtotext === false) {
$switchtotext = get_config('system', 'groupedit_image_limit');
}
if ($switchtotext === false) {
$switchtotext = 400;
}
$tpl = get_markup_template('group_edit.tpl');
$context = array('$submit' => t('Submit'));
if ($a->argc == 2 && $a->argv[1] === 'new') {
return replace_macros($tpl, $context + array('$title' => t('Create a group of contacts/friends.'), '$gname' => array('groupname', t('Group Name: '), '', ''), '$gid' => 'new', '$form_security_token' => get_form_security_token("group_edit")));
}
if ($a->argc == 3 && $a->argv[1] === 'drop') {
check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
if (intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[2]), intval(local_user()));
if (count($r)) {
$result = group_rmv(local_user(), $r[0]['name']);
}
if ($result) {
info(t('Group removed.') . EOL);
} else {
notice(t('Unable to remove group.') . EOL);
}
}
goaway($a->get_baseurl() . '/group');
// NOTREACHED
}
if ($a->argc > 2 && intval($a->argv[1]) && intval($a->argv[2])) {
check_form_security_token_ForbiddenOnErr('group_member_change', 't');
$r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1", intval($a->argv[2]), intval(local_user()));
if (count($r)) {
$change = intval($a->argv[2]);
}
}
if ($a->argc > 1 && intval($a->argv[1])) {
require_once 'include/acl_selectors.php';
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", intval($a->argv[1]), intval(local_user()));
if (!count($r)) {
notice(t('Group not found.') . EOL);
goaway($a->get_baseurl() . '/contacts');
}
$group = $r[0];
$members = group_get_members($group['id']);
$preselected = array();
if (count($members)) {
foreach ($members as $member) {
$preselected[] = $member['id'];
}
}
if ($change) {
if (in_array($change, $preselected)) {
group_rmv_member(local_user(), $group['name'], $change);
} else {
group_add_member(local_user(), $group['name'], $change);
}
$members = group_get_members($group['id']);
$preselected = array();
if (count($members)) {
foreach ($members as $member) {
$preselected[] = $member['id'];
}
}
}
$drop_tpl = get_markup_template('group_drop.tpl');
$drop_txt = replace_macros($drop_tpl, array('$id' => $group['id'], '$delete' => t('Delete'), '$form_security_token' => get_form_security_token("group_drop")));
$celeb = $a->user['page-flags'] == PAGE_SOAPBOX || $a->user['page-flags'] == PAGE_COMMUNITY ? true : false;
$context = $context + array('$title' => t('Group Editor'), '$gname' => array('groupname', t('Group Name: '), $group['name'], ''), '$gid' => $group['id'], '$drop' => $drop_txt, '$form_security_token' => get_form_security_token('group_edit'));
}
if (!isset($group)) {
return;
}
$groupeditor = array('label_members' => t('Members'), 'members' => array(), 'label_contacts' => t('All Contacts'), 'contacts' => array());
$sec_token = addslashes(get_form_security_token('group_member_change'));
$textmode = $switchtotext && count($members) > $switchtotext ? true : false;
foreach ($members as $member) {
if ($member['url']) {
$member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
$groupeditor['members'][] = micropro($member, true, 'mpgroup', $textmode);
} else {
group_rmv_member(local_user(), $group['name'], $member['id']);
}
}
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 and `pending` = 0 and `self` = 0 ORDER BY `name` ASC", intval(local_user()));
if (count($r)) {
$textmode = $switchtotext && count($r) > $switchtotext ? true : false;
foreach ($r as $member) {
if (!in_array($member['id'], $preselected)) {
$member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
$groupeditor['contacts'][] = micropro($member, true, 'mpall', $textmode);
}
}
}
$context['$groupeditor'] = $groupeditor;
$context['$desc'] = t('Click on a contact to add or remove.');
if ($change) {
$tpl = get_markup_template('groupeditor.tpl');
echo replace_macros($tpl, $context);
killme();
}
return replace_macros($tpl, $context);
}
function profile_photo_post(&$a)
{
if (!local_channel()) {
return;
}
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) {
// unless proven otherwise
$is_default_profile = 1;
if ($_REQUEST['profile']) {
$r = q("select id, is_default from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_channel()));
if ($r && !intval($r[0]['is_default'])) {
$is_default_profile = 0;
}
}
// phase 2 - we have finished cropping
if (argc() != 2) {
notice(t('Image uploaded but image cropping failed.') . EOL);
return;
}
$image_id = argv(1);
if (substr($image_id, -2, 1) == '-') {
$scale = substr($image_id, -1, 1);
$image_id = substr($image_id, 0, -2);
}
$srcX = $_POST['xstart'];
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND scale = %d LIMIT 1", dbesc($image_id), dbesc(local_channel()), intval($scale));
if ($r) {
$base_image = $r[0];
$base_image['data'] = dbunescbin($base_image['data']);
$im = photo_factory($base_image['data'], $base_image['type']);
if ($im->is_valid()) {
$im->cropImage(175, $srcX, $srcY, $srcW, $srcH);
$aid = get_account_id();
$p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], 'filename' => $base_image['filename'], 'album' => t('Profile Photos'));
$p['scale'] = 4;
$p['photo_flags'] = $is_default_profile ? PHOTO_PROFILE : PHOTO_NORMAL;
$r1 = $im->save($p);
$im->scaleImage(80);
$p['scale'] = 5;
$r2 = $im->save($p);
$im->scaleImage(48);
$p['scale'] = 6;
$r3 = $im->save($p);
if ($r1 === false || $r2 === false || $r3 === false) {
// if one failed, delete them all so we can start over.
notice(t('Image resize failed.') . EOL);
$x = q("delete from photo where resource_id = '%s' and uid = %d and scale >= 4 ", dbesc($base_image['resource_id']), local_channel());
return;
}
// If setting for the default profile, unset the profile photo flag from any other photos I own
if ($is_default_profile) {
$r = q("UPDATE photo SET profile = 0 WHERE profile = 1 AND resource_id != '%s' AND `uid` = %d", dbesc($base_image['resource_id']), intval(local_channel()));
$r = q("UPDATE photo SET photo_flags = ( photo_flags & ~%d ) WHERE ( photo_flags & %d )>0 \n\t\t\t\t\t\tAND resource_id != '%s' AND `uid` = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), dbesc($base_image['resource_id']), intval(local_channel()));
} else {
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource_id'] . '-4'), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource_id'] . '-5'), intval($_REQUEST['profile']), intval(local_channel()));
}
// We'll set the updated profile-photo timestamp even if it isn't the default profile,
// so that browsers will do a cache update unconditionally
$channel = $a->get_channel();
$r = q("UPDATE xchan set xchan_photo_mimetype = '%s', xchan_photo_date = '%s' \n\t\t\t\t\twhere xchan_hash = '%s'", dbesc($im->getType()), dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
// Update directory in background
proc_run('php', "include/directory.php", $channel['channel_id']);
// Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures'
profile_photo_set_profile_perms($_REQUEST['profile']);
} else {
notice(t('Unable to process image') . EOL);
}
}
goaway($a->get_baseurl() . '/profiles');
return;
// NOTREACHED
}
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type'];
if ($filetype == "") {
$filetype = guess_image_type($filename);
}
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
notice(sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL);
@unlink($src);
return;
}
$imagedata = @file_get_contents($src);
$ph = photo_factory($imagedata, $filetype);
if (!$ph->is_valid()) {
notice(t('Unable to process image.') . EOL);
@unlink($src);
return;
}
$ph->orient($src);
@unlink($src);
return profile_photo_crop_ui_head($a, $ph);
}
function profile_photo_post(&$a)
{
if (!local_channel()) {
return;
}
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) {
// unless proven otherwise
$is_default_profile = 1;
if ($_REQUEST['profile']) {
$r = q("select id, profile_guid, is_default, gender from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_channel()));
if ($r) {
$profile = $r[0];
if (!intval($profile['is_default'])) {
$is_default_profile = 0;
}
}
}
// phase 2 - we have finished cropping
if (argc() != 2) {
notice(t('Image uploaded but image cropping failed.') . EOL);
return;
}
$image_id = argv(1);
if (substr($image_id, -2, 1) == '-') {
$scale = substr($image_id, -1, 1);
$image_id = substr($image_id, 0, -2);
}
$srcX = $_POST['xstart'];
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND scale = %d LIMIT 1", dbesc($image_id), dbesc(local_channel()), intval($scale));
if ($r) {
$base_image = $r[0];
$base_image['data'] = $r[0]['os_storage'] ? @file_get_contents($base_image['data']) : dbunescbin($base_image['data']);
$im = photo_factory($base_image['data'], $base_image['type']);
if ($im->is_valid()) {
$im->cropImage(300, $srcX, $srcY, $srcW, $srcH);
$aid = get_account_id();
$p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], 'filename' => $base_image['filename'], 'album' => t('Profile Photos'));
$p['scale'] = 4;
$p['photo_usage'] = $is_default_profile ? PHOTO_PROFILE : PHOTO_NORMAL;
$r1 = $im->save($p);
$im->scaleImage(80);
$p['scale'] = 5;
$r2 = $im->save($p);
$im->scaleImage(48);
$p['scale'] = 6;
$r3 = $im->save($p);
if ($r1 === false || $r2 === false || $r3 === false) {
// if one failed, delete them all so we can start over.
notice(t('Image resize failed.') . EOL);
$x = q("delete from photo where resource_id = '%s' and uid = %d and scale >= 4 ", dbesc($base_image['resource_id']), local_channel());
return;
}
$channel = App::get_channel();
// If setting for the default profile, unset the profile photo flag from any other photos I own
if ($is_default_profile) {
$r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d\n\t\t\t\t\t\tAND resource_id != '%s' AND `uid` = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), dbesc($base_image['resource_id']), intval(local_channel()));
send_profile_photo_activity($channel, $base_image, $profile);
} else {
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc(z_root() . '/photo/' . $base_image['resource_id'] . '-4'), dbesc(z_root() . '/photo/' . $base_image['resource_id'] . '-5'), intval($_REQUEST['profile']), intval(local_channel()));
}
profiles_build_sync(local_channel());
// We'll set the updated profile-photo timestamp even if it isn't the default profile,
// so that browsers will do a cache update unconditionally
$r = q("UPDATE xchan set xchan_photo_mimetype = '%s', xchan_photo_date = '%s' \n\t\t\t\t\twhere xchan_hash = '%s'", dbesc($im->getType()), dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
// Update directory in background
proc_run('php', "include/directory.php", $channel['channel_id']);
// Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures'
profile_photo_set_profile_perms($_REQUEST['profile']);
} else {
notice(t('Unable to process image') . EOL);
}
}
goaway(z_root() . '/profiles');
return;
// NOTREACHED
}
$hash = photo_new_resource();
$smallest = 0;
require_once 'include/attach.php';
$res = attach_store(App::get_channel(), get_observer_hash(), '', array('album' => t('Profile Photos'), 'hash' => $hash));
logger('attach_store: ' . print_r($res, true));
if ($res && intval($res['data']['is_photo'])) {
$i = q("select * from photo where resource_id = '%s' and uid = %d order by scale", dbesc($hash), intval(local_channel()));
if (!$i) {
notice(t('Image upload failed.') . EOL);
return;
}
$os_storage = false;
foreach ($i as $ii) {
if (intval($ii['scale']) < 2) {
$smallest = intval($ii['scale']);
$os_storage = intval($ii['os_storage']);
$imagedata = $ii['data'];
$filetype = $ii['type'];
}
}
}
$imagedata = $os_storage ? @file_get_contents($imagedata) : $imagedata;
$ph = photo_factory($imagedata, $filetype);
if (!$ph->is_valid()) {
notice(t('Unable to process image.') . EOL);
return;
}
return profile_photo_crop_ui_head($a, $ph, $hash, $smallest);
}
function post()
{
check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
call_hooks('account_settings_post', $_POST);
$errs = array();
$email = x($_POST, 'email') ? trim(notags($_POST['email'])) : '';
$techlevel = array_key_exists('techlevel', $_POST) ? intval($_POST['techlevel']) : 0;
$account = \App::get_account();
if ($email != $account['account_email']) {
if (!valid_email($email)) {
$errs[] = t('Not valid email.');
}
$adm = trim(get_config('system', 'admin_email'));
if ($adm && strcasecmp($email, $adm) == 0) {
$errs[] = t('Protected email address. Cannot change to that email.');
$email = \App::$account['account_email'];
}
if (!$errs) {
$r = q("update account set account_email = '%s' where account_id = %d", dbesc($email), intval($account['account_id']));
if (!$r) {
$errs[] = t('System failure storing new email. Please try again.');
}
}
}
if ($techlevel != $account['account_level']) {
$r = q("update account set account_level = %d where account_id = %d", intval($techlevel), intval($account['account_id']));
info(t('Technical skill level updated') . EOL);
}
if ($errs) {
foreach ($errs as $err) {
notice($err . EOL);
}
$errs = array();
}
if (x($_POST, 'npassword') || x($_POST, 'confirm')) {
$origpass = trim($_POST['origpass']);
require_once 'include/auth.php';
if (!account_verify_password($email, $origpass)) {
$errs[] = t('Password verification failed.');
}
$newpass = trim($_POST['npassword']);
$confirm = trim($_POST['confirm']);
if ($newpass != $confirm) {
$errs[] = t('Passwords do not match. Password unchanged.');
}
if (!x($newpass) || !x($confirm)) {
$errs[] = t('Empty passwords are not allowed. Password unchanged.');
}
if (!$errs) {
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $newpass);
$r = q("update account set account_salt = '%s', account_password = '******', account_password_changed = '%s' \n\t\t\t\t\twhere account_id = %d", dbesc($salt), dbesc($password_encoded), dbesc(datetime_convert()), intval(get_account_id()));
if ($r) {
info(t('Password changed.') . EOL);
} else {
$errs[] = t('Password update failed. Please try again.');
}
}
}
if ($errs) {
foreach ($errs as $err) {
notice($err . EOL);
}
}
goaway(z_root() . '/settings/account');
}
function profiles_post(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$namechanged = false;
call_hooks('profile_post', $_POST);
if ($a->argc > 1 && $a->argv[1] !== "new" && intval($a->argv[1])) {
$orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), intval(local_user()));
if (!count($orig)) {
notice(t('Profile not found.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
$is_default = $orig[0]['is-default'] ? 1 : 0;
$profile_name = notags(trim($_POST['profile_name']));
if (!strlen($profile_name)) {
notice(t('Profile Name is required.') . EOL);
return;
}
$dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00';
// FIXME: Needs to be validated?
$y = substr($dob, 0, 4);
if (!ctype_digit($y) || $y < 1900) {
$ignore_year = true;
} else {
$ignore_year = false;
}
if ($dob != '0000-00-00') {
if (strpos($dob, '0000-') === 0) {
$ignore_year = true;
$dob = substr($dob, 5);
}
$dob = datetime_convert('UTC', 'UTC', $ignore_year ? '1900-' . $dob : $dob, $ignore_year ? 'm-d' : 'Y-m-d');
if ($ignore_year) {
$dob = '0000-' . $dob;
}
}
$name = notags(trim($_POST['name']));
if (!strlen($name)) {
$name = '[No Name]';
}
if ($orig[0]['name'] != $name) {
$namechanged = true;
}
$pdesc = notags(trim($_POST['pdesc']));
$gender = notags(trim($_POST['gender']));
$address = notags(trim($_POST['address']));
$locality = notags(trim($_POST['locality']));
$region = notags(trim($_POST['region']));
$postal_code = notags(trim($_POST['postal_code']));
$country_name = notags(trim($_POST['country_name']));
$pub_keywords = profile_clean_keywords(notags(trim($_POST['pub_keywords'])));
$prv_keywords = profile_clean_keywords(notags(trim($_POST['prv_keywords'])));
$marital = notags(trim($_POST['marital']));
$howlong = notags(trim($_POST['howlong']));
$with = x($_POST, 'with') ? notags(trim($_POST['with'])) : '';
if (!strlen($howlong)) {
$howlong = '0000-00-00 00:00:00';
} else {
$howlong = datetime_convert(date_default_timezone_get(), 'UTC', $howlong);
}
// linkify the relationship target if applicable
$withchanged = false;
if (strlen($with)) {
if ($with != strip_tags($orig[0]['with'])) {
$withchanged = true;
$prf = '';
$lookup = $with;
if (strpos($lookup, '@') === 0) {
$lookup = substr($lookup, 1);
}
$lookup = str_replace('_', ' ', $lookup);
if (strpos($lookup, '@') || strpos($lookup, 'http://')) {
$newname = $lookup;
$links = @lrdd($lookup);
if (count($links)) {
foreach ($links as $link) {
if ($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
$prf = $link['@attributes']['href'];
}
}
}
} else {
$newname = $lookup;
/* if(strstr($lookup,' ')) {
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
dbesc($newname),
intval(local_user())
);
}
else {
$r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1",
dbesc($lookup),
intval(local_user())
);
}*/
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", dbesc($newname), intval(local_user()));
if (!$r) {
$r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1", dbesc($lookup), intval(local_user()));
}
if (count($r)) {
$prf = $r[0]['url'];
$newname = $r[0]['name'];
}
}
if ($prf) {
$with = str_replace($lookup, '<a href="' . $prf . '">' . $newname . '</a>', $with);
if (strpos($with, '@') === 0) {
$with = substr($with, 1);
}
}
} else {
$with = $orig[0]['with'];
}
}
$sexual = notags(trim($_POST['sexual']));
$homepage = notags(trim($_POST['homepage']));
if (strpos($homepage, 'http') !== 0 && strlen($homepage)) {
// neither http nor https in URL, add them
$homepage = 'http://' . $homepage;
}
$hometown = notags(trim($_POST['hometown']));
$politic = notags(trim($_POST['politic']));
$religion = notags(trim($_POST['religion']));
$likes = fix_mce_lf(escape_tags(trim($_POST['likes'])));
$dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes'])));
$about = fix_mce_lf(escape_tags(trim($_POST['about'])));
$interest = fix_mce_lf(escape_tags(trim($_POST['interest'])));
$contact = fix_mce_lf(escape_tags(trim($_POST['contact'])));
$music = fix_mce_lf(escape_tags(trim($_POST['music'])));
$book = fix_mce_lf(escape_tags(trim($_POST['book'])));
$tv = fix_mce_lf(escape_tags(trim($_POST['tv'])));
$film = fix_mce_lf(escape_tags(trim($_POST['film'])));
$romance = fix_mce_lf(escape_tags(trim($_POST['romance'])));
$work = fix_mce_lf(escape_tags(trim($_POST['work'])));
$education = fix_mce_lf(escape_tags(trim($_POST['education'])));
$hide_friends = $_POST['hide-friends'] == 1 ? 1 : 0;
$changes = array();
$value = '';
if ($is_default) {
if ($marital != $orig[0]['marital']) {
$changes[] = '[color=#ff0000]♥[/color] ' . t('Marital Status');
$value = $marital;
}
if ($withchanged) {
$changes[] = '[color=#ff0000]♥[/color] ' . t('Romantic Partner');
$value = strip_tags($with);
}
if ($likes != $orig[0]['likes']) {
$changes[] = t('Likes');
$value = $likes;
}
if ($dislikes != $orig[0]['dislikes']) {
$changes[] = t('Dislikes');
$value = $dislikes;
}
if ($work != $orig[0]['work']) {
$changes[] = t('Work/Employment');
}
if ($religion != $orig[0]['religion']) {
$changes[] = t('Religion');
$value = $religion;
}
if ($politic != $orig[0]['politic']) {
$changes[] = t('Political Views');
$value = $politic;
}
if ($gender != $orig[0]['gender']) {
$changes[] = t('Gender');
$value = $gender;
}
if ($sexual != $orig[0]['sexual']) {
$changes[] = t('Sexual Preference');
$value = $sexual;
}
if ($homepage != $orig[0]['homepage']) {
$changes[] = t('Homepage');
$value = $homepage;
}
if ($interest != $orig[0]['interest']) {
$changes[] = t('Interests');
$value = $interest;
}
if ($address != $orig[0]['address']) {
$changes[] = t('Address');
// New address not sent in notifications, potential privacy issues
// in case this leaks to unintended recipients. Yes, it's in the public
// profile but that doesn't mean we have to broadcast it to everybody.
}
if ($locality != $orig[0]['locality'] || $region != $orig[0]['region'] || $country_name != $orig[0]['country-name']) {
$changes[] = t('Location');
$comma1 = $locality && ($region || $country_name) ? ', ' : ' ';
$comma2 = $region && $country_name ? ', ' : '';
$value = $locality . $comma1 . $region . $comma2 . $country_name;
}
profile_activity($changes, $value);
}
$r = q("UPDATE `profile`\n\t\t\tSET `profile-name` = '%s',\n\t\t\t`name` = '%s',\n\t\t\t`pdesc` = '%s',\n\t\t\t`gender` = '%s',\n\t\t\t`dob` = '%s',\n\t\t\t`address` = '%s',\n\t\t\t`locality` = '%s',\n\t\t\t`region` = '%s',\n\t\t\t`postal-code` = '%s',\n\t\t\t`country-name` = '%s',\n\t\t\t`marital` = '%s',\n\t\t\t`with` = '%s',\n\t\t\t`howlong` = '%s',\n\t\t\t`sexual` = '%s',\n\t\t\t`homepage` = '%s',\n\t\t\t`hometown` = '%s',\n\t\t\t`politic` = '%s',\n\t\t\t`religion` = '%s',\n\t\t\t`pub_keywords` = '%s',\n\t\t\t`prv_keywords` = '%s',\n\t\t\t`likes` = '%s',\n\t\t\t`dislikes` = '%s',\n\t\t\t`about` = '%s',\n\t\t\t`interest` = '%s',\n\t\t\t`contact` = '%s',\n\t\t\t`music` = '%s',\n\t\t\t`book` = '%s',\n\t\t\t`tv` = '%s',\n\t\t\t`film` = '%s',\n\t\t\t`romance` = '%s',\n\t\t\t`work` = '%s',\n\t\t\t`education` = '%s',\n\t\t\t`hide-friends` = %d\n\t\t\tWHERE `id` = %d AND `uid` = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), dbesc($gender), dbesc($dob), dbesc($address), dbesc($locality), dbesc($region), dbesc($postal_code), dbesc($country_name), dbesc($marital), dbesc($with), dbesc($howlong), dbesc($sexual), dbesc($homepage), dbesc($hometown), dbesc($politic), dbesc($religion), dbesc($pub_keywords), dbesc($prv_keywords), dbesc($likes), dbesc($dislikes), dbesc($about), dbesc($interest), dbesc($contact), dbesc($music), dbesc($book), dbesc($tv), dbesc($film), dbesc($romance), dbesc($work), dbesc($education), intval($hide_friends), intval($a->argv[1]), intval(local_user()));
if ($r) {
info(t('Profile updated.') . EOL);
}
if ($namechanged && $is_default) {
$r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc($name), dbesc(datetime_convert()), intval(local_user()));
$r = q("UPDATE `user` set `username` = '%s' where `uid` = %d", dbesc($name), intval(local_user()));
}
if ($is_default) {
$location = $locality;
if ($region != "") {
if ($location != "") {
$location .= ", ";
}
$location .= $region;
}
if ($country_name != "") {
if ($location != "") {
$location .= ", ";
}
$location .= $country_name;
}
$r = q("UPDATE `contact` SET `about` = '%s', `location` = '%s', `keywords` = '%s', `gender` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc($about), dbesc($location), dbesc($pub_keywords), dbesc($gender), intval(local_user()));
// Update global directory in background
$url = $_SESSION['my_url'];
if ($url && strlen(get_config('system', 'directory'))) {
proc_run('php', "include/directory.php", "{$url}");
}
require_once 'include/profile_update.php';
profile_change();
}
}
}
/**
* @param App $a
*/
function fbpost_plugin_admin_post(&$a)
{
check_form_security_token_redirectOnErr('/admin/plugins/fbpost', 'fbsave');
if (x($_REQUEST, 'fb_save_keys')) {
set_config('facebook', 'appid', $_REQUEST['appid']);
set_config('facebook', 'appsecret', $_REQUEST['appsecret']);
info(t('The new values have been saved.'));
}
}
function cover_photo_post(&$a)
{
if (!local_channel()) {
return;
}
$channel = App::get_channel();
check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) {
// phase 2 - we have finished cropping
if (argc() != 2) {
notice(t('Image uploaded but image cropping failed.') . EOL);
return;
}
$image_id = argv(1);
if (substr($image_id, -2, 1) == '-') {
$scale = substr($image_id, -1, 1);
$image_id = substr($image_id, 0, -2);
}
$srcX = $_POST['xstart'];
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
$r = q("select gender from profile where uid = %d and is_default = 1 limit 1", intval(local_channel()));
if ($r) {
$profile = $r[0];
}
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND scale = 0 LIMIT 1", dbesc($image_id), intval(local_channel()));
if ($r) {
$base_image = $r[0];
$base_image['data'] = $r[0]['os_storage'] ? @file_get_contents($base_image['data']) : dbunescbin($base_image['data']);
$im = photo_factory($base_image['data'], $base_image['type']);
if ($im->is_valid()) {
// We are scaling and cropping the relative pixel locations to the original photo instead of the
// scaled photo we operated on.
// First load the scaled photo to check its size. (Should probably pass this in the post form and save
// a query.)
$g = q("select width, height from photo where resource_id = '%s' and uid = %d and scale = 3", dbesc($image_id), intval(local_channel()));
$scaled_width = $g[0]['width'];
$scaled_height = $g[0]['height'];
if (!$scaled_width || !$scaled_height) {
logger('potential divide by zero scaling cover photo');
return;
}
// unset all other cover photos
q("update photo set photo_usage = %d where photo_usage = %d and uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_COVER), intval(local_channel()));
$orig_srcx = $r[0]['width'] / $scaled_width * $srcX;
$orig_srcy = $r[0]['height'] / $scaled_height * $srcY;
$orig_srcw = $srcW / $scaled_width * $r[0]['width'];
$orig_srch = $srcH / $scaled_height * $r[0]['height'];
$im->cropImageRect(1200, 435, $orig_srcx, $orig_srcy, $orig_srcw, $orig_srch);
$aid = get_account_id();
$p = array('aid' => $aid, 'uid' => local_channel(), 'resource_id' => $base_image['resource_id'], 'filename' => $base_image['filename'], 'album' => t('Cover Photos'));
$p['scale'] = 7;
$p['photo_usage'] = PHOTO_COVER;
$r1 = $im->save($p);
$im->doScaleImage(850, 310);
$p['scale'] = 8;
$r2 = $im->save($p);
$im->doScaleImage(425, 160);
$p['scale'] = 9;
$r3 = $im->save($p);
if ($r1 === false || $r2 === false || $r3 === false) {
// if one failed, delete them all so we can start over.
notice(t('Image resize failed.') . EOL);
$x = q("delete from photo where resource_id = '%s' and uid = %d and scale >= 7 ", dbesc($base_image['resource_id']), local_channel());
return;
}
$channel = App::get_channel();
send_cover_photo_activity($channel, $base_image, $profile);
} else {
notice(t('Unable to process image') . EOL);
}
}
goaway(z_root() . '/channel/' . $channel['channel_address']);
}
$hash = photo_new_resource();
$smallest = 0;
require_once 'include/attach.php';
$res = attach_store(App::get_channel(), get_observer_hash(), '', array('album' => t('Cover Photos'), 'hash' => $hash));
logger('attach_store: ' . print_r($res, true));
if ($res && intval($res['data']['is_photo'])) {
$i = q("select * from photo where resource_id = '%s' and uid = %d and scale = 0", dbesc($hash), intval(local_channel()));
if (!$i) {
notice(t('Image upload failed.') . EOL);
return;
}
$os_storage = false;
foreach ($i as $ii) {
$smallest = intval($ii['scale']);
$os_storage = intval($ii['os_storage']);
$imagedata = $ii['data'];
$filetype = $ii['type'];
}
}
$imagedata = $os_storage ? @file_get_contents($imagedata) : $imagedata;
$ph = photo_factory($imagedata, $filetype);
if (!$ph->is_valid()) {
notice(t('Unable to process image.') . EOL);
return;
}
return cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
}
function profile_photo_post(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) {
// phase 2 - we have finished cropping
if ($a->argc != 2) {
notice(t('Image uploaded but image cropping failed.') . EOL);
return;
}
$image_id = $a->argv[1];
if (substr($image_id, -2, 1) == '-') {
$scale = substr($image_id, -1, 1);
$image_id = substr($image_id, 0, -2);
}
$srcX = $_POST['xstart'];
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
$r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id), dbesc(local_user()), intval($scale));
if (count($r)) {
$base_image = $r[0];
$im = new Photo($base_image['data']);
if ($im->is_valid()) {
$im->cropImage(175, $srcX, $srcY, $srcW, $srcH);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 4, 1);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "175") . EOL);
}
$im->scaleImage(80);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 5, 1);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "80") . EOL);
}
$im->scaleImage(48);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 6, 1);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "48") . EOL);
}
// Unset the profile photo flag from any other photos I own
$r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", dbesc($base_image['resource-id']), intval(local_user()));
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1", dbesc(datetime_convert()), intval(local_user()));
info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
// Update global directory in background
$url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
if ($url && strlen(get_config('system', 'directory_submit_url'))) {
proc_run('php', "include/directory.php", "{$url}");
}
require_once 'include/profile_update.php';
profile_change();
} else {
notice(t('Unable to process image') . EOL);
}
}
goaway($a->get_baseurl() . '/profiles');
return;
// NOTREACHED
}
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
notice(sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL);
@unlink($src);
return;
}
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata);
if (!$ph->is_valid()) {
notice(t('Unable to process image.') . EOL);
@unlink($src);
return;
}
@unlink($src);
return profile_photo_crop_ui_head($a, $ph);
}
function post()
{
$channel = \App::get_channel();
check_form_security_token_redirectOnErr('/settings', 'settings');
call_hooks('settings_post', $_POST);
$set_perms = '';
$role = x($_POST, 'permissions_role') ? notags(trim($_POST['permissions_role'])) : '';
$oldrole = get_pconfig(local_channel(), 'system', 'permissions_role');
if ($role != $oldrole || $role === 'custom') {
if ($role === 'custom') {
$hide_presence = x($_POST, 'hide_presence') && intval($_POST['hide_presence']) == 1 ? 1 : 0;
$publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0;
$def_group = x($_POST, 'group-selection') ? notags(trim($_POST['group-selection'])) : '';
$r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_channel()));
$global_perms = \Zotlabs\Access\Permissions::Perms();
foreach ($global_perms as $k => $v) {
\Zotlabs\Access\PermissionLimits::Set(local_channel(), $k, intval($_POST[$k]));
}
$acl = new \Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_POST);
$x = $acl->get();
$r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', \n\t\t\t\t\tchannel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", dbesc($x['allow_cid']), dbesc($x['allow_gid']), dbesc($x['deny_cid']), dbesc($x['deny_gid']), intval(local_channel()));
} else {
$role_permissions = \Zotlabs\Access\PermissionRoles::role_perms($_POST['permissions_role']);
if (!$role_permissions) {
notice('Permissions category could not be found.');
return;
}
$hide_presence = 1 - intval($role_permissions['online']);
if ($role_permissions['default_collection']) {
$r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
if (!$r) {
require_once 'include/group.php';
group_add(local_channel(), t('Friends'));
group_add_member(local_channel(), t('Friends'), $channel['channel_hash']);
$r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
}
if ($r) {
q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval(local_channel()));
} else {
notice(sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL);
return;
}
} else {
q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', \n\t\t\t\t\t\tchannel_deny_cid = '' where channel_id = %d", intval(local_channel()));
}
$x = \Zotlabs\Access\Permissions::FilledPerms($role_permissions['perms_connect']);
foreach ($x as $k => $v) {
set_abconfig(local_channel(), $channel['channel_hash'], 'my_perms', $k, $v);
if ($role_permissions['perms_auto']) {
set_pconfig(local_channel(), 'autoperms', $k, $v);
} else {
del_pconfig(local_channel(), 'autoperms', $k);
}
}
if ($role_permissions['limits']) {
foreach ($role_permissions['limits'] as $k => $v) {
\Zotlabs\Access\PermissionLimits::Set(local_channel(), $k, $v);
}
}
if (array_key_exists('directory_publish', $role_permissions)) {
$publish = intval($role_permissions['directory_publish']);
}
}
set_pconfig(local_channel(), 'system', 'hide_online_status', $hide_presence);
set_pconfig(local_channel(), 'system', 'permissions_role', $role);
}
$username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
$timezone = x($_POST, 'timezone_select') ? notags(trim($_POST['timezone_select'])) : '';
$defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : '';
$openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
$maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0;
$expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0;
$evdays = x($_POST, 'evdays') ? intval($_POST['evdays']) : 3;
$photo_path = x($_POST, 'photo_path') ? escape_tags(trim($_POST['photo_path'])) : '';
$attach_path = x($_POST, 'attach_path') ? escape_tags(trim($_POST['attach_path'])) : '';
$channel_menu = x($_POST['channel_menu']) ? htmlspecialchars_decode(trim($_POST['channel_menu']), ENT_QUOTES) : '';
$expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0;
$expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0;
$expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0;
$expire_network_only = x($_POST, 'expire_network_only') ? intval($_POST['expire_network_only']) : 0;
$allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0;
$blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1;
// this setting is inverted!
$unkmail = x($_POST, 'unkmail') && intval($_POST['unkmail']) == 1 ? 1 : 0;
$cntunkmail = x($_POST, 'cntunkmail') ? intval($_POST['cntunkmail']) : 0;
$suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0;
$post_newfriend = $_POST['post_newfriend'] == 1 ? 1 : 0;
$post_joingroup = $_POST['post_joingroup'] == 1 ? 1 : 0;
$post_profilechange = $_POST['post_profilechange'] == 1 ? 1 : 0;
$adult = $_POST['adult'] == 1 ? 1 : 0;
$cal_first_day = x($_POST, 'first_day') && intval($_POST['first_day']) == 1 ? 1 : 0;
$pageflags = $channel['channel_pageflags'];
$existing_adult = $pageflags & PAGE_ADULT ? 1 : 0;
if ($adult != $existing_adult) {
$pageflags = $pageflags ^ PAGE_ADULT;
}
$notify = 0;
if (x($_POST, 'notify1')) {
$notify += intval($_POST['notify1']);
}
if (x($_POST, 'notify2')) {
$notify += intval($_POST['notify2']);
}
if (x($_POST, 'notify3')) {
$notify += intval($_POST['notify3']);
}
if (x($_POST, 'notify4')) {
$notify += intval($_POST['notify4']);
}
if (x($_POST, 'notify5')) {
$notify += intval($_POST['notify5']);
}
if (x($_POST, 'notify6')) {
$notify += intval($_POST['notify6']);
}
if (x($_POST, 'notify7')) {
$notify += intval($_POST['notify7']);
}
if (x($_POST, 'notify8')) {
$notify += intval($_POST['notify8']);
}
$vnotify = 0;
if (x($_POST, 'vnotify1')) {
$vnotify += intval($_POST['vnotify1']);
}
if (x($_POST, 'vnotify2')) {
$vnotify += intval($_POST['vnotify2']);
}
if (x($_POST, 'vnotify3')) {
$vnotify += intval($_POST['vnotify3']);
}
if (x($_POST, 'vnotify4')) {
$vnotify += intval($_POST['vnotify4']);
}
if (x($_POST, 'vnotify5')) {
$vnotify += intval($_POST['vnotify5']);
}
if (x($_POST, 'vnotify6')) {
$vnotify += intval($_POST['vnotify6']);
}
if (x($_POST, 'vnotify7')) {
$vnotify += intval($_POST['vnotify7']);
}
if (x($_POST, 'vnotify8')) {
$vnotify += intval($_POST['vnotify8']);
}
if (x($_POST, 'vnotify9')) {
$vnotify += intval($_POST['vnotify9']);
}
if (x($_POST, 'vnotify10')) {
$vnotify += intval($_POST['vnotify10']);
}
if (x($_POST, 'vnotify11')) {
$vnotify += intval($_POST['vnotify11']);
}
$always_show_in_notices = x($_POST, 'always_show_in_notices') ? 1 : 0;
$err = '';
$name_change = false;
if ($username != $channel['channel_name']) {
$name_change = true;
require_once 'include/channel.php';
$err = validate_channelname($username);
if ($err) {
notice($err);
return;
}
}
if ($timezone != $channel['channel_timezone']) {
if (strlen($timezone)) {
date_default_timezone_set($timezone);
}
}
set_pconfig(local_channel(), 'system', 'use_browser_location', $allow_location);
set_pconfig(local_channel(), 'system', 'suggestme', $suggestme);
set_pconfig(local_channel(), 'system', 'post_newfriend', $post_newfriend);
set_pconfig(local_channel(), 'system', 'post_joingroup', $post_joingroup);
set_pconfig(local_channel(), 'system', 'post_profilechange', $post_profilechange);
set_pconfig(local_channel(), 'system', 'blocktags', $blocktags);
set_pconfig(local_channel(), 'system', 'channel_menu', $channel_menu);
set_pconfig(local_channel(), 'system', 'vnotify', $vnotify);
set_pconfig(local_channel(), 'system', 'always_show_in_notices', $always_show_in_notices);
set_pconfig(local_channel(), 'system', 'evdays', $evdays);
set_pconfig(local_channel(), 'system', 'photo_path', $photo_path);
set_pconfig(local_channel(), 'system', 'attach_path', $attach_path);
set_pconfig(local_channel(), 'system', 'cal_first_day', $cal_first_day);
$r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d {$set_perms} where channel_id = %d", dbesc($username), intval($pageflags), dbesc($timezone), dbesc($defloc), intval($notify), intval($unkmail), intval($maxreq), intval($expire), intval(local_channel()));
if ($r) {
info(t('Settings updated.') . EOL);
}
if (!is_null($publish)) {
$r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_channel()));
}
if ($name_change) {
$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", dbesc($username), dbesc(datetime_convert()), dbesc($channel['channel_hash']));
$r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", dbesc($username), intval($channel['channel_id']));
}
\Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
build_sync_packet();
if ($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) {
// FIXME - set to un-verified, blocked and redirect to logout
// Why? Are we verifying people or email addresses?
}
goaway(z_root() . '/settings');
return;
// NOTREACHED
}
/**
* @brief Themes admin page.
*
* @return string
*/
function get()
{
$allowed_themes_str = get_config('system', 'allowed_themes');
$allowed_themes_raw = explode(',', $allowed_themes_str);
$allowed_themes = array();
if (count($allowed_themes_raw)) {
foreach ($allowed_themes_raw as $x) {
if (strlen(trim($x))) {
$allowed_themes[] = trim($x);
}
}
}
$themes = array();
$files = glob('view/theme/*');
if ($files) {
foreach ($files as $file) {
$f = basename($file);
$is_experimental = intval(file_exists($file . '/.experimental'));
$is_supported = 1 - intval(file_exists($file . '/.unsupported'));
// Is not used yet
$is_allowed = intval(in_array($f, $allowed_themes));
$themes[] = array('name' => $f, 'experimental' => $is_experimental, 'supported' => $is_supported, 'allowed' => $is_allowed);
}
}
if (!count($themes)) {
notice(t('No themes found.'));
return '';
}
/*
* Single theme
*/
if (\App::$argc == 3) {
$theme = \App::$argv[2];
if (!is_dir("view/theme/{$theme}")) {
notice(t("Item not found."));
return '';
}
if (x($_GET, "a") && $_GET['a'] == "t") {
check_form_security_token_redirectOnErr('/admin/themes', 'admin_themes', 't');
// Toggle theme status
$this->toggle_theme($themes, $theme, $result);
$s = $this->rebuild_theme_table($themes);
if ($result) {
info(sprintf('Theme %s enabled.', $theme));
} else {
info(sprintf('Theme %s disabled.', $theme));
}
set_config('system', 'allowed_themes', $s);
goaway(z_root() . '/admin/themes');
}
// display theme details
require_once 'library/markdown.php';
if ($this->theme_status($themes, $theme)) {
$status = "on";
$action = t("Disable");
} else {
$status = "off";
$action = t("Enable");
}
$readme = Null;
if (is_file("view/theme/{$theme}/README.md")) {
$readme = file_get_contents("view/theme/{$theme}/README.md");
$readme = Markdown($readme);
} else {
if (is_file("view/theme/{$theme}/README")) {
$readme = "<pre>" . file_get_contents("view/theme/{$theme}/README") . "</pre>";
}
}
$admin_form = '';
if (is_file("view/theme/{$theme}/php/config.php")) {
require_once "view/theme/{$theme}/php/config.php";
if (function_exists("theme_admin")) {
$admin_form = theme_admin($a);
}
}
$screenshot = array(get_theme_screenshot($theme), t('Screenshot'));
if (!stristr($screenshot[0], $theme)) {
$screenshot = null;
}
$t = get_markup_template('admin_plugins_details.tpl');
return replace_macros($t, array('$title' => t('Administration'), '$page' => t('Themes'), '$toggle' => t('Toggle'), '$settings' => t('Settings'), '$baseurl' => z_root(), '$plugin' => $theme, '$status' => $status, '$action' => $action, '$info' => get_theme_info($theme), '$function' => 'themes', '$admin_form' => $admin_form, '$str_author' => t('Author: '), '$str_maintainer' => t('Maintainer: '), '$screenshot' => $screenshot, '$readme' => $readme, '$form_security_token' => get_form_security_token('admin_themes')));
}
/*
* List themes
*/
$xthemes = array();
if ($themes) {
foreach ($themes as $th) {
$xthemes[] = array($th['name'], $th['allowed'] ? "on" : "off", get_theme_info($th['name']));
}
}
$t = get_markup_template('admin_plugins.tpl');
return replace_macros($t, array('$title' => t('Administration'), '$page' => t('Themes'), '$submit' => t('Submit'), '$baseurl' => z_root(), '$function' => 'themes', '$plugins' => $xthemes, '$experimental' => t('[Experimental]'), '$unsupported' => t('[Unsupported]'), '$form_security_token' => get_form_security_token('admin_themes')));
}
function settings_content(&$a)
{
$o = '';
nav_set_selected('settings');
if (!local_user()) {
#notice( t('Permission denied.') . EOL );
return;
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
notice(t('Permission denied.') . EOL);
return;
}
if ($a->argc > 1 && $a->argv[1] === 'oauth') {
if ($a->argc > 2 && $a->argv[2] === 'add') {
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Save Settings'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', ''), '$key' => array('key', t('Consumer Key'), '', ''), '$secret' => array('secret', t('Consumer Secret'), '', ''), '$redirect' => array('redirect', t('Redirect'), '', ''), '$icon' => array('icon', t('Icon url'), '', '')));
return $o;
}
if ($a->argc > 3 && $a->argv[2] === 'edit') {
$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc($a->argv[3]), local_user());
if (!count($r)) {
notice(t("You can't edit this application."));
return;
}
$app = $r[0];
$tpl = get_markup_template("settings_oauth_edit.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['name'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
return $o;
}
if ($a->argc > 3 && $a->argv[2] === 'delete') {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc($a->argv[3]), local_user());
goaway($a->get_baseurl(true) . "/settings/oauth/");
return;
}
$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my\n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_user(), local_user());
$tpl = get_markup_template("settings_oauth.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => $a->get_baseurl(true), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
return $o;
}
if ($a->argc > 1 && $a->argv[1] === 'addon') {
$settings_addons = "";
$r = q("SELECT * FROM `hook` WHERE `hook` = 'plugin_settings' ");
if (!count($r)) {
$settings_addons = t('No Plugin settings configured');
}
call_hooks('plugin_settings', $settings_addons);
$tpl = get_markup_template("settings_addons.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_addon"), '$title' => t('Plugin Settings'), '$settings_addons' => $settings_addons));
return $o;
}
if ($a->argc > 1 && $a->argv[1] === 'features') {
$arr = array();
$features = get_features();
foreach ($features as $fname => $fdata) {
$arr[$fname] = array();
$arr[$fname][0] = $fdata[0];
foreach (array_slice($fdata, 1) as $f) {
$arr[$fname][1][] = array('feature_' . $f[0], $f[1], intval(get_pconfig(local_user(), 'feature', $f[0])) ? "1" : '', $f[2], array(t('Off'), t('On')));
}
}
$tpl = get_markup_template("settings_features.tpl");
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_features"), '$title' => t('Additional Features'), '$features' => $arr, '$submit' => t('Save Settings')));
return $o;
}
if ($a->argc > 1 && $a->argv[1] === 'connectors') {
$settings_connectors = "";
call_hooks('connector_settings', $settings_connectors);
if (is_site_admin()) {
$diasp_enabled = sprintf(t('Built-in support for %s connectivity is %s'), t('Diaspora'), get_config('system', 'diaspora_enabled') ? t('enabled') : t('disabled'));
$ostat_enabled = sprintf(t('Built-in support for %s connectivity is %s'), t('StatusNet'), get_config('system', 'ostatus_disabled') ? t('disabled') : t('enabled'));
} else {
$diasp_enabled = "";
$ostat_enabled = "";
}
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (get_config('system', 'dfrn_only')) {
$mail_disabled = 1;
}
if (!$mail_disabled) {
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", local_user());
} else {
$r = null;
}
$mail_server = count($r) ? $r[0]['server'] : '';
$mail_port = count($r) && intval($r[0]['port']) ? intval($r[0]['port']) : '';
$mail_ssl = count($r) ? $r[0]['ssltype'] : '';
$mail_user = count($r) ? $r[0]['user'] : '';
$mail_replyto = count($r) ? $r[0]['reply_to'] : '';
$mail_pubmail = count($r) ? $r[0]['pubmail'] : 0;
$mail_action = count($r) ? $r[0]['action'] : 0;
$mail_movetofolder = count($r) ? $r[0]['movetofolder'] : '';
$mail_chk = count($r) ? $r[0]['last_check'] : '0000-00-00 00:00:00';
$tpl = get_markup_template("settings_connectors.tpl");
if (!service_class_allows(local_user(), 'email_connect')) {
$mail_disabled_message = upgrade_bool_message();
} else {
$mail_disabled_message = $mail_disabled ? t('Email access is disabled on this site.') : '';
}
$o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_connectors"), '$title' => t('Social Networks'), '$diasp_enabled' => $diasp_enabled, '$ostat_enabled' => $ostat_enabled, '$h_imap' => t('Email/Mailbox Setup'), '$imap_desc' => t("If you wish to communicate with email contacts using this service (optional), please specify how to connect to your mailbox."), '$imap_lastcheck' => array('imap_lastcheck', t('Last successful email check:'), $mail_chk, ''), '$mail_disabled' => $mail_disabled_message, '$mail_server' => array('mail_server', t('IMAP server name:'), $mail_server, ''), '$mail_port' => array('mail_port', t('IMAP port:'), $mail_port, ''), '$mail_ssl' => array('mail_ssl', t('Security:'), strtoupper($mail_ssl), '', array('notls' => t('None'), 'TLS' => 'TLS', 'SSL' => 'SSL')), '$mail_user' => array('mail_user', t('Email login name:'), $mail_user, ''), '$mail_pass' => array('mail_pass', t('Email password:'******'', ''), '$mail_replyto' => array('mail_replyto', t('Reply-to address:'), $mail_replyto, 'Optional'), '$mail_pubmail' => array('mail_pubmail', t('Send public posts to all email contacts:'), $mail_pubmail, ''), '$mail_action' => array('mail_action', t('Action after import:'), $mail_action, '', array(0 => t('None'), 2 => t('Mark as seen'), 3 => t('Move to folder'))), '$mail_movetofolder' => array('mail_movetofolder', t('Move to folder:'), $mail_movetofolder, ''), '$submit' => t('Save Settings'), '$settings_connectors' => $settings_connectors));
call_hooks('display_settings', $o);
return $o;
}
/*
* DISPLAY SETTINGS
*/
if ($a->argc > 1 && $a->argv[1] === 'display') {
$default_theme = get_config('system', 'theme');
if (!$default_theme) {
$default_theme = 'default';
}
$default_mobile_theme = get_config('system', 'mobile-theme');
if (!$mobile_default_theme) {
$mobile_default_theme = 'none';
}
$allowed_themes_str = get_config('system', 'allowed_themes');
$allowed_themes_raw = explode(',', $allowed_themes_str);
$allowed_themes = array();
if (count($allowed_themes_raw)) {
foreach ($allowed_themes_raw as $x) {
if (strlen(trim($x)) && is_dir("view/theme/{$x}")) {
$allowed_themes[] = trim($x);
}
}
}
$themes = array();
$mobile_themes = array("---" => t('No special theme for mobile devices'));
$files = glob('view/theme/*');
/* */
if ($allowed_themes) {
foreach ($allowed_themes as $th) {
$f = $th;
$is_experimental = file_exists('view/theme/' . $th . '/experimental');
$unsupported = file_exists('view/theme/' . $th . '/unsupported');
$is_mobile = file_exists('view/theme/' . $th . '/mobile');
if (!$is_experimental or $is_experimental && (get_config('experimentals', 'exp_themes') == 1 or get_config('experimentals', 'exp_themes') === false)) {
$theme_name = $is_experimental ? sprintf("%s - (Experimental)", $f) : $f;
if ($is_mobile) {
$mobile_themes[$f] = $theme_name;
} else {
$themes[$f] = $theme_name;
}
}
}
}
$theme_selected = !x($_SESSION, 'theme') ? $default_theme : $_SESSION['theme'];
$mobile_theme_selected = !x($_SESSION, 'mobile-theme') ? $default_mobile_theme : $_SESSION['mobile-theme'];
$browser_update = intval(get_pconfig(local_user(), 'system', 'update_interval'));
$browser_update = $browser_update == 0 ? 40 : $browser_update / 1000;
// default if not set: 40 seconds
$itemspage_network = intval(get_pconfig(local_user(), 'system', 'itemspage_network'));
$itemspage_network = $itemspage_network > 0 && $itemspage_network < 101 ? $itemspage_network : 40;
// default if not set: 40 items
$itemspage_mobile_network = intval(get_pconfig(local_user(), 'system', 'itemspage_mobile_network'));
$itemspage_mobile_network = $itemspage_mobile_network > 0 && $itemspage_mobile_network < 101 ? $itemspage_mobile_network : 20;
// default if not set: 20 items
$nosmile = get_pconfig(local_user(), 'system', 'no_smilies');
$nosmile = $nosmile === false ? '0' : $nosmile;
// default if not set: 0
$noinfo = get_pconfig(local_user(), 'system', 'ignore_info');
$noinfo = $noinfo === false ? '0' : $noinfo;
// default if not set: 0
$infinite_scroll = get_pconfig(local_user(), 'system', 'infinite_scroll');
$infinite_scroll = $infinite_scroll === false ? '0' : $infinite_scroll;
// default if not set: 0
$no_auto_update = get_pconfig(local_user(), 'system', 'no_auto_update');
$no_auto_update = $no_auto_update === false ? '0' : $no_auto_update;
// default if not set: 0
$theme_config = "";
if (($themeconfigfile = get_theme_config_file($theme_selected)) != null) {
require_once $themeconfigfile;
$theme_config = theme_content($a);
}
$tpl = get_markup_template("settings_display.tpl");
$o = replace_macros($tpl, array('$ptitle' => t('Display Settings'), '$form_security_token' => get_form_security_token("settings_display"), '$submit' => t('Save Settings'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes, true), '$mobile_theme' => array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, false), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage_network' => array('itemspage_network', t("Number of items to display per page:"), $itemspage_network, t('Maximum of 100 items')), '$itemspage_mobile_network' => array('itemspage_mobile_network', t("Number of items to display per page when viewed from mobile device:"), $itemspage_mobile_network, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Don't show emoticons"), $nosmile, ''), '$noinfo' => array('noinfo', t("Don't show notices"), $noinfo, ''), '$infinite_scroll' => array('infinite_scroll', t("Infinite scroll"), $infinite_scroll, ''), '$no_auto_update' => array('no_auto_update', t("Automatic updates only at the top of the network page"), $no_auto_update, 'When disabled, the network page is updated all the time, which could be confusing while reading.'), '$theme_config' => $theme_config));
$tpl = get_markup_template("settings_display_end.tpl");
$a->page['end'] .= replace_macros($tpl, array('$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes)));
return $o;
}
/*
* ACCOUNT SETTINGS
*/
require_once 'include/acl_selectors.php';
$p = q("SELECT * FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", intval(local_user()));
if (count($p)) {
$profile = $p[0];
}
$username = $a->user['username'];
$email = $a->user['email'];
$nickname = $a->user['nickname'];
$timezone = $a->user['timezone'];
$notify = $a->user['notify-flags'];
$defloc = $a->user['default-location'];
$openid = $a->user['openid'];
$maxreq = $a->user['maxreq'];
$expire = intval($a->user['expire']) ? $a->user['expire'] : '';
$blockwall = $a->user['blockwall'];
$blocktags = $a->user['blocktags'];
$unkmail = $a->user['unkmail'];
$cntunkmail = $a->user['cntunkmail'];
$expire_items = get_pconfig(local_user(), 'expire', 'items');
$expire_items = $expire_items === false ? '1' : $expire_items;
// default if not set: 1
$expire_notes = get_pconfig(local_user(), 'expire', 'notes');
$expire_notes = $expire_notes === false ? '1' : $expire_notes;
// default if not set: 1
$expire_starred = get_pconfig(local_user(), 'expire', 'starred');
$expire_starred = $expire_starred === false ? '1' : $expire_starred;
// default if not set: 1
$expire_photos = get_pconfig(local_user(), 'expire', 'photos');
$expire_photos = $expire_photos === false ? '0' : $expire_photos;
// default if not set: 0
$expire_network_only = get_pconfig(local_user(), 'expire', 'network_only');
$expire_network_only = $expire_network_only === false ? '0' : $expire_network_only;
// default if not set: 0
$suggestme = get_pconfig(local_user(), 'system', 'suggestme');
$suggestme = $suggestme === false ? '0' : $suggestme;
// default if not set: 0
$post_newfriend = get_pconfig(local_user(), 'system', 'post_newfriend');
$post_newfriend = $post_newfriend === false ? '0' : $post_newfriend;
// default if not set: 0
$post_joingroup = get_pconfig(local_user(), 'system', 'post_joingroup');
$post_joingroup = $post_joingroup === false ? '0' : $post_joingroup;
// default if not set: 0
$post_profilechange = get_pconfig(local_user(), 'system', 'post_profilechange');
$post_profilechange = $post_profilechange === false ? '0' : $post_profilechange;
// default if not set: 0
// nowarn_insecure
if (!strlen($a->user['timezone'])) {
$timezone = date_default_timezone_get();
}
$pageset_tpl = get_markup_template('pagetypes.tpl');
$pagetype = replace_macros($pageset_tpl, array('$user' => t("User Types"), '$community' => t("Community Types"), '$page_normal' => array('page-flags', t('Normal Account Page'), PAGE_NORMAL, t('This account is a normal personal profile'), $a->user['page-flags'] == PAGE_NORMAL), '$page_soapbox' => array('page-flags', t('Soapbox Page'), PAGE_SOAPBOX, t('Automatically approve all connection/friend requests as read-only fans'), $a->user['page-flags'] == PAGE_SOAPBOX), '$page_community' => array('page-flags', t('Community Forum/Celebrity Account'), PAGE_COMMUNITY, t('Automatically approve all connection/friend requests as read-write fans'), $a->user['page-flags'] == PAGE_COMMUNITY), '$page_freelove' => array('page-flags', t('Automatic Friend Page'), PAGE_FREELOVE, t('Automatically approve all connection/friend requests as friends'), $a->user['page-flags'] == PAGE_FREELOVE), '$page_prvgroup' => array('page-flags', t('Private Forum [Experimental]'), PAGE_PRVGROUP, t('Private forum - approved members only'), $a->user['page-flags'] == PAGE_PRVGROUP)));
$noid = get_config('system', 'no_openid');
if ($noid) {
$openid_field = false;
} else {
$openid_field = array('openid_url', t('OpenID:'), $openid, t("(Optional) Allow this OpenID to login to this account."));
}
$opt_tpl = get_markup_template("field_yesno.tpl");
if (get_config('system', 'publish_all')) {
$profile_in_dir = '<input type="hidden" name="profile_in_directory" value="1" />';
} else {
$profile_in_dir = replace_macros($opt_tpl, array('$field' => array('profile_in_directory', t('Publish your default profile in your local site directory?'), $profile['publish'], '', array(t('No'), t('Yes')))));
}
if (strlen(get_config('system', 'directory_submit_url'))) {
$profile_in_net_dir = replace_macros($opt_tpl, array('$field' => array('profile_in_netdirectory', t('Publish your default profile in the global social directory?'), $profile['net-publish'], '', array(t('No'), t('Yes')))));
} else {
$profile_in_net_dir = '';
}
$hide_friends = replace_macros($opt_tpl, array('$field' => array('hide-friends', t('Hide your contact/friend list from viewers of your default profile?'), $profile['hide-friends'], '', array(t('No'), t('Yes')))));
$hide_wall = replace_macros($opt_tpl, array('$field' => array('hidewall', t('Hide your profile details from unknown viewers?'), $a->user['hidewall'], t("If enabled, posting public messages to Diaspora and other networks isn't possible."), array(t('No'), t('Yes')))));
$blockwall = replace_macros($opt_tpl, array('$field' => array('blockwall', t('Allow friends to post to your profile page?'), intval($a->user['blockwall']) ? '0' : '1', '', array(t('No'), t('Yes')))));
$blocktags = replace_macros($opt_tpl, array('$field' => array('blocktags', t('Allow friends to tag your posts?'), intval($a->user['blocktags']) ? '0' : '1', '', array(t('No'), t('Yes')))));
$suggestme = replace_macros($opt_tpl, array('$field' => array('suggestme', t('Allow us to suggest you as a potential friend to new members?'), $suggestme, '', array(t('No'), t('Yes')))));
$unkmail = replace_macros($opt_tpl, array('$field' => array('unkmail', t('Permit unknown people to send you private mail?'), $unkmail, '', array(t('No'), t('Yes')))));
$invisible = !$profile['publish'] && !$profile['net-publish'] ? true : false;
if ($invisible) {
info(t('Profile is <strong>not published</strong>.') . EOL);
}
$subdir = strlen($a->get_path()) ? '<br />' . t('or') . ' ' . $a->get_baseurl(true) . '/profile/' . $nickname : '';
$tpl_addr = get_markup_template("settings_nick_set.tpl");
$prof_addr = replace_macros($tpl_addr, array('$desc' => t('Your Identity Address is'), '$nickname' => $nickname, '$subdir' => $subdir, '$basepath' => $a->get_hostname()));
$stpl = get_markup_template('settings.tpl');
$celeb = $a->user['page-flags'] == PAGE_SOAPBOX || $a->user['page-flags'] == PAGE_COMMUNITY ? true : false;
$expire_arr = array('days' => array('expire', t("Automatically expire posts after this many days:"), $expire, t('If empty, posts will not expire. Expired posts will be deleted')), 'advanced' => t('Advanced expiration settings'), 'label' => t('Advanced Expiration'), 'items' => array('expire_items', t("Expire posts:"), $expire_items, '', array(t('No'), t('Yes'))), 'notes' => array('expire_notes', t("Expire personal notes:"), $expire_notes, '', array(t('No'), t('Yes'))), 'starred' => array('expire_starred', t("Expire starred posts:"), $expire_starred, '', array(t('No'), t('Yes'))), 'photos' => array('expire_photos', t("Expire photos:"), $expire_photos, '', array(t('No'), t('Yes'))), 'network_only' => array('expire_network_only', t("Only expire posts by others:"), $expire_network_only, '', array(t('No'), t('Yes'))));
require_once 'include/group.php';
$group_select = mini_group_select(local_user(), $a->user['def_gid']);
// Private/public post links for the non-JS ACL form
$private_post = 1;
if ($_REQUEST['public']) {
$private_post = 0;
}
$query_str = $a->query_string;
if (strpos($query_str, 'public=1') !== false) {
$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
}
// I think $a->query_string may never have ? in it, but I could be wrong
// It looks like it's from the index.php?q=[etc] rewrite that the web
// server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
if (strpos($query_str, '?') === false) {
$public_post_link = '?public=1';
} else {
$public_post_link = '&public=1';
}
$o .= replace_macros($stpl, array('$ptitle' => t('Account Settings'), '$submit' => t('Save Settings'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), '$form_security_token' => get_form_security_token("settings"), '$nickname_block' => $prof_addr, '$h_pass' => t('Password Settings'), '$password1' => array('password', t('New Password:'******'', ''), '$password2' => array('confirm', t('Confirm:'), '', t('Leave password fields blank unless changing')), '$password3' => array('opassword', t('Current Password:'******'', t('Your current password to confirm the changes')), '$password4' => array('mpassword', t('Password:'******'', t('Your current password to confirm the changes')), '$oid_enable' => !get_config('system', 'no_openid'), '$openid' => $openid_field, '$h_basic' => t('Basic Settings'), '$username' => array('username', t('Full Name:'), $username, ''), '$email' => array('email', t('Email Address:'), $email, '', '', '', 'email'), '$timezone' => array('timezone_select', t('Your Timezone:'), select_timezone($timezone), ''), '$defloc' => array('defloc', t('Default Post Location:'), $defloc, ''), '$allowloc' => array('allow_location', t('Use Browser Location:'), $a->user['allow_location'] == 1, ''), '$h_prv' => t('Security and Privacy Settings'), '$maxreq' => array('maxreq', t('Maximum Friend Requests/Day:'), $maxreq, t("(to prevent spam abuse)")), '$permissions' => t('Default Post Permissions'), '$permdesc' => t("(click to open/close)"), '$visibility' => $profile['net-publish'], '$aclselect' => populate_acl($a->user, $celeb), '$suggestme' => $suggestme, '$blockwall' => $blockwall, '$blocktags' => $blocktags, '$acl_data' => construct_acl_data($a, $a->user), '$group_perms' => t('Show to Groups'), '$contact_perms' => t('Show to Contacts'), '$private' => t('Default Private Post'), '$public' => t('Default Public Post'), '$is_private' => $private_post, '$return_path' => $query_str, '$public_link' => $public_post_link, '$settings_perms' => t('Default Permissions for New Posts'), '$group_select' => $group_select, '$expire' => $expire_arr, '$profile_in_dir' => $profile_in_dir, '$profile_in_net_dir' => $profile_in_net_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, '$unkmail' => $unkmail, '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), $cntunkmail, t("(to prevent spam abuse)")), '$h_not' => t('Notification Settings'), '$activity_options' => t('By default post a status message when:'), '$post_newfriend' => array('post_newfriend', t('accepting a friend request'), $post_newfriend, ''), '$post_joingroup' => array('post_joingroup', t('joining a forum/community'), $post_joingroup, ''), '$post_profilechange' => array('post_profilechange', t('making an <em>interesting</em> profile change'), $post_profilechange, ''), '$lbl_not' => t('Send a notification email when:'), '$notify1' => array('notify1', t('You receive an introduction'), $notify & NOTIFY_INTRO, NOTIFY_INTRO, ''), '$notify2' => array('notify2', t('Your introductions are confirmed'), $notify & NOTIFY_CONFIRM, NOTIFY_CONFIRM, ''), '$notify3' => array('notify3', t('Someone writes on your profile wall'), $notify & NOTIFY_WALL, NOTIFY_WALL, ''), '$notify4' => array('notify4', t('Someone writes a followup comment'), $notify & NOTIFY_COMMENT, NOTIFY_COMMENT, ''), '$notify5' => array('notify5', t('You receive a private message'), $notify & NOTIFY_MAIL, NOTIFY_MAIL, ''), '$notify6' => array('notify6', t('You receive a friend suggestion'), $notify & NOTIFY_SUGGEST, NOTIFY_SUGGEST, ''), '$notify7' => array('notify7', t('You are tagged in a post'), $notify & NOTIFY_TAGSELF, NOTIFY_TAGSELF, ''), '$notify8' => array('notify8', t('You are poked/prodded/etc. in a post'), $notify & NOTIFY_POKE, NOTIFY_POKE, ''), '$email_textonly' => array('email_textonly', t('Text-only notification emails'), get_pconfig(local_user(), 'system', 'email_textonly'), t('Send text only notification emails, without the html part')), '$h_advn' => t('Advanced Account/Page Type Settings'), '$h_descadvn' => t('Change the behaviour of this account for special situations'), '$pagetype' => $pagetype, '$relocate' => t('Relocate'), '$relocate_text' => t("If you have moved this profile from another server, and some of your contacts don't receive your updates, try pushing this button."), '$relocate_button' => t("Resend relocate message to contacts")));
call_hooks('settings_form', $o);
$o .= '</form>' . "\r\n";
return $o;
}
/**
* @param App $a
* @param null|object $o
*/
function privacy_image_cache_plugin_admin_post(&$a = null, &$o = null)
{
check_form_security_token_redirectOnErr('/admin/plugins/privacy_image_cache', 'picsave');
if (isset($_REQUEST['save'])) {
$cachetime_h = IntVal($_REQUEST['cachetime']);
if ($cachetime_h < 1) {
$cachetime_h = 1;
}
set_config('privacy_image_cache', 'cache_time', $cachetime_h * 3600);
}
if (isset($_REQUEST['delete_all'])) {
q('DELETE FROM `photo` WHERE `uid` = 0 AND `resource-id` LIKE "pic:%%"');
}
}
/**
* module: invite.php
*
* send email invitations to join social network
*
*/
function invite_post(&$a)
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/', 'send_invite');
$max_invites = intval(get_config('system', 'max_invites'));
if (!$max_invites) {
$max_invites = 50;
}
$current_invites = intval(get_pconfig(local_channel(), 'system', 'sent_invites'));
if ($current_invites > $max_invites) {
notice(t('Total invitation limit exceeded.') . EOL);
return;
}
$recips = x($_POST, 'recipients') ? explode("\n", $_POST['recipients']) : array();
$message = x($_POST, 'message') ? notags(trim($_POST['message'])) : '';
$total = 0;
if (get_config('system', 'invitation_only')) {
$invonly = true;
$x = get_pconfig(local_channel(), 'system', 'invites_remaining');
if (!$x && !is_site_admin()) {
return;
}
}
foreach ($recips as $recip) {
$recip = trim($recip);
if (!$recip) {
continue;
}
if (!valid_email($recip)) {
notice(sprintf(t('%s : Not a valid email address.'), $recip) . EOL);
continue;
}
if ($invonly && ($x || is_site_admin())) {
$code = autoname(8) . srand(1000, 9999);
$nmessage = str_replace('$invite_code', $code, $message);
$r = q("INSERT INTO `register` (`hash`,`created`) VALUES ('%s', '%s') ", dbesc($code), dbesc(datetime_convert()));
if (!is_site_admin()) {
$x--;
if ($x >= 0) {
set_pconfig(local_channel(), 'system', 'invites_remaining', $x);
} else {
return;
}
}
} else {
$nmessage = $message;
}
$account = $a->get_account();
$res = mail($recip, sprintf(t('Please join us on Red'), $a->config['sitename']), $nmessage, "From: " . $account['account_email'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
if ($res) {
$total++;
$current_invites++;
set_pconfig(local_channel(), 'system', 'sent_invites', $current_invites);
if ($current_invites > $max_invites) {
notice(t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
return;
}
} else {
notice(sprintf(t('%s : Message delivery failed.'), $recip) . EOL);
}
}
notice(sprintf(tt("%d message sent.", "%d messages sent.", $total), $total) . EOL);
return;
}
function get()
{
$change = false;
logger('mod_group: ' . \App::$cmd, LOGGER_DEBUG);
if (!local_channel()) {
notice(t('Permission denied') . EOL);
return;
}
// Switch to text mode interface if we have more than 'n' contacts or group members
$switchtotext = get_pconfig(local_channel(), 'system', 'groupedit_image_limit');
if ($switchtotext === false) {
$switchtotext = get_config('system', 'groupedit_image_limit');
}
if ($switchtotext === false) {
$switchtotext = 400;
}
$tpl = get_markup_template('group_edit.tpl');
$context = array('$submit' => t('Submit'));
if (argc() == 2 && argv(1) === 'new') {
return replace_macros($tpl, $context + array('$title' => t('Create a group of channels.'), '$gname' => array('groupname', t('Privacy group name: '), '', ''), '$gid' => 'new', '$public' => array('public', t('Members are visible to other channels'), false, ''), '$form_security_token' => get_form_security_token("group_edit")));
}
if (argc() == 3 && argv(1) === 'drop') {
check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
if (intval(argv(2))) {
$r = q("SELECT `name` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval(argv(2)), intval(local_channel()));
if ($r) {
$result = group_rmv(local_channel(), $r[0]['gname']);
}
if ($result) {
info(t('Privacy group removed.') . EOL);
} else {
notice(t('Unable to remove privacy group.') . EOL);
}
}
goaway(z_root() . '/group');
// NOTREACHED
}
if (argc() > 2 && intval(argv(1)) && argv(2)) {
check_form_security_token_ForbiddenOnErr('group_member_change', 't');
$r = q("SELECT abook_xchan from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and xchan_deleted = 0 and abook_self = 0 and abook_blocked = 0 and abook_pending = 0 limit 1", dbesc(base64url_decode(argv(2))), intval(local_channel()));
if (count($r)) {
$change = base64url_decode(argv(2));
}
}
if (argc() > 1 && intval(argv(1))) {
require_once 'include/acl_selectors.php';
$r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", intval(argv(1)), intval(local_channel()));
if (!$r) {
notice(t('Privacy group not found.') . EOL);
goaway(z_root() . '/connections');
}
$group = $r[0];
$members = group_get_members($group['id']);
$preselected = array();
if (count($members)) {
foreach ($members as $member) {
if (!in_array($member['xchan_hash'], $preselected)) {
$preselected[] = $member['xchan_hash'];
}
}
}
if ($change) {
if (in_array($change, $preselected)) {
group_rmv_member(local_channel(), $group['gname'], $change);
} else {
group_add_member(local_channel(), $group['gname'], $change);
}
$members = group_get_members($group['id']);
$preselected = array();
if (count($members)) {
foreach ($members as $member) {
$preselected[] = $member['xchan_hash'];
}
}
}
$drop_tpl = get_markup_template('group_drop.tpl');
$drop_txt = replace_macros($drop_tpl, array('$id' => $group['id'], '$delete' => t('Delete'), '$form_security_token' => get_form_security_token("group_drop")));
$context = $context + array('$title' => t('Privacy group editor'), '$gname' => array('groupname', t('Privacy group name: '), $group['gname'], ''), '$gid' => $group['id'], '$drop' => $drop_txt, '$public' => array('public', t('Members are visible to other channels'), $group['visible'], ''), '$form_security_token' => get_form_security_token('group_edit'));
}
if (!isset($group)) {
return;
}
$groupeditor = array('label_members' => t('Members'), 'members' => array(), 'label_contacts' => t('All Connected Channels'), 'contacts' => array());
$sec_token = addslashes(get_form_security_token('group_member_change'));
$textmode = $switchtotext && count($members) > $switchtotext ? true : false;
foreach ($members as $member) {
if ($member['xchan_url']) {
$member['archived'] = intval($member['abook_archived']) ? true : false;
$member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;';
$groupeditor['members'][] = micropro($member, true, 'mpgroup', $textmode);
} else {
group_rmv_member(local_channel(), $group['gname'], $member['xchan_hash']);
}
}
$r = q("SELECT abook.*, xchan.* FROM `abook` left join xchan on abook_xchan = xchan_hash WHERE `abook_channel` = %d AND abook_self = 0 and abook_blocked = 0 and abook_pending = 0 and xchan_deleted = 0 order by xchan_name asc", intval(local_channel()));
if (count($r)) {
$textmode = $switchtotext && count($r) > $switchtotext ? true : false;
foreach ($r as $member) {
if (!in_array($member['xchan_hash'], $preselected)) {
$member['archived'] = intval($member['abook_archived']) ? true : false;
$member['click'] = 'groupChangeMember(' . $group['id'] . ',\'' . base64url_encode($member['xchan_hash']) . '\',\'' . $sec_token . '\'); return false;';
$groupeditor['contacts'][] = micropro($member, true, 'mpall', $textmode);
}
}
}
$context['$groupeditor'] = $groupeditor;
$context['$desc'] = t('Click on a channel to add or remove.');
if ($change) {
$tpl = get_markup_template('groupeditor.tpl');
echo replace_macros($tpl, $context);
killme();
}
return replace_macros($tpl, $context);
}
function post()
{
check_form_security_token_redirectOnErr('/settings/display', 'settings_display');
$themespec = explode(':', \App::$channel['channel_theme']);
$existing_theme = $themespec[0];
$existing_schema = $themespec[1];
$theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : $existing_theme;
if (!$theme) {
$theme = 'redbasic';
}
$mobile_theme = x($_POST, 'mobile_theme') ? notags(trim($_POST['mobile_theme'])) : '';
$preload_images = x($_POST, 'preload_images') ? intval($_POST['preload_images']) : 0;
$user_scalable = x($_POST, 'user_scalable') ? intval($_POST['user_scalable']) : 0;
$nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
$title_tosource = x($_POST, 'title_tosource') ? intval($_POST['title_tosource']) : 0;
$channel_list_mode = x($_POST, 'channel_list_mode') ? intval($_POST['channel_list_mode']) : 0;
$network_list_mode = x($_POST, 'network_list_mode') ? intval($_POST['network_list_mode']) : 0;
$channel_divmore_height = x($_POST, 'channel_divmore_height') ? intval($_POST['channel_divmore_height']) : 400;
if ($channel_divmore_height < 50) {
$channel_divmore_height = 50;
}
$network_divmore_height = x($_POST, 'network_divmore_height') ? intval($_POST['network_divmore_height']) : 400;
if ($network_divmore_height < 50) {
$network_divmore_height = 50;
}
$browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0;
$browser_update = $browser_update * 1000;
if ($browser_update < 10000) {
$browser_update = 10000;
}
$itemspage = x($_POST, 'itemspage') ? intval($_POST['itemspage']) : 20;
if ($itemspage > 100) {
$itemspage = 100;
}
if ($mobile_theme == "---") {
del_pconfig(local_channel(), 'system', 'mobile_theme');
} else {
set_pconfig(local_channel(), 'system', 'mobile_theme', $mobile_theme);
}
set_pconfig(local_channel(), 'system', 'preload_images', $preload_images);
set_pconfig(local_channel(), 'system', 'user_scalable', $user_scalable);
set_pconfig(local_channel(), 'system', 'update_interval', $browser_update);
set_pconfig(local_channel(), 'system', 'itemspage', $itemspage);
set_pconfig(local_channel(), 'system', 'no_smilies', 1 - intval($nosmile));
set_pconfig(local_channel(), 'system', 'title_tosource', $title_tosource);
set_pconfig(local_channel(), 'system', 'channel_list_mode', $channel_list_mode);
set_pconfig(local_channel(), 'system', 'network_list_mode', $network_list_mode);
set_pconfig(local_channel(), 'system', 'channel_divmore_height', $channel_divmore_height);
set_pconfig(local_channel(), 'system', 'network_divmore_height', $network_divmore_height);
$newschema = '';
if ($theme == $existing_theme) {
// call theme_post only if theme has not been changed
if (($themeconfigfile = $this->get_theme_config_file($theme)) != null) {
require_once $themeconfigfile;
if (class_exists('\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config')) {
$clsname = '\\Zotlabs\\Theme\\' . ucfirst($theme) . 'Config';
$theme_config = new $clsname();
$schemas = $theme_config->get_schemas();
if (array_key_exists($_POST['schema'], $schemas)) {
$newschema = $_POST['schema'];
}
if ($newschema === '---') {
$newschema = '';
}
$theme_config->post();
}
}
}
logger('theme: ' . $theme . ($newschema ? ':' . $newschema : ''));
$_SESSION['theme'] = $theme . ($newschema ? ':' . $newschema : '');
$r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", dbesc($theme . ($newschema ? ':' . $newschema : '')), intval(local_channel()));
call_hooks('display_settings_post', $_POST);
build_sync_packet();
goaway(z_root() . '/settings/display');
return;
// NOTREACHED
}
/**
* @param App $a
* @param null|object $o
*/
function dav_plugin_admin_post(&$a = null, &$o = null)
{
check_form_security_token_redirectOnErr('/admin/plugins/dav', 'dav_admin_save');
require_once __DIR__ . "/database-init.inc.php";
if (isset($_REQUEST["install"])) {
$errs = dav_create_tables();
if (count($errs) == 0) {
info(t('The database tables have been installed.') . EOL);
} else {
notice(t("An error occurred during the installation.") . EOL);
}
}
}
function post()
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
require_once 'include/activities.php';
$namechanged = false;
// import from json export file.
// Only import fields that are allowed on this hub
if (x($_FILES, 'userfile')) {
$src = $_FILES['userfile']['tmp_name'];
$filesize = intval($_FILES['userfile']['size']);
if ($filesize) {
$j = @json_decode(@file_get_contents($src), true);
@unlink($src);
if ($j) {
$fields = get_profile_fields_advanced();
if ($fields) {
foreach ($j as $jj => $v) {
foreach ($fields as $f => $n) {
if ($jj == $f) {
$_POST[$f] = $v;
break;
}
}
}
}
}
}
}
call_hooks('profile_post', $_POST);
if (argc() > 1 && argv(1) !== "new" && intval(argv(1))) {
$orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval(\App::$argv[1]), intval(local_channel()));
if (!count($orig)) {
notice(t('Profile not found.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
$is_default = $orig[0]['is_default'] ? 1 : 0;
$profile_name = notags(trim($_POST['profile_name']));
if (!strlen($profile_name)) {
notice(t('Profile Name is required.') . EOL);
return;
}
$dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00';
// FIXME: Needs to be validated?
$y = substr($dob, 0, 4);
if (!ctype_digit($y) || $y < 1900) {
$ignore_year = true;
} else {
$ignore_year = false;
}
if ($dob != '0000-00-00') {
if (strpos($dob, '0000-') === 0) {
$ignore_year = true;
$dob = substr($dob, 5);
}
$dob = datetime_convert('UTC', 'UTC', $ignore_year ? '1900-' . $dob : $dob, $ignore_year ? 'm-d' : 'Y-m-d');
if ($ignore_year) {
$dob = '0000-' . $dob;
}
}
$name = escape_tags(trim($_POST['name']));
if ($orig[0]['fullname'] != $name) {
$namechanged = true;
$v = validate_channelname($name);
if ($v) {
notice($v);
$namechanged = false;
$name = $orig[0]['fullname'];
}
}
$pdesc = escape_tags(trim($_POST['pdesc']));
$gender = escape_tags(trim($_POST['gender']));
$address = escape_tags(trim($_POST['address']));
$locality = escape_tags(trim($_POST['locality']));
$region = escape_tags(trim($_POST['region']));
$postal_code = escape_tags(trim($_POST['postal_code']));
$country_name = escape_tags(trim($_POST['country_name']));
$keywords = escape_tags(trim($_POST['keywords']));
$marital = escape_tags(trim($_POST['marital']));
$howlong = escape_tags(trim($_POST['howlong']));
$sexual = escape_tags(trim($_POST['sexual']));
$homepage = escape_tags(trim($_POST['homepage']));
$hometown = escape_tags(trim($_POST['hometown']));
$politic = escape_tags(trim($_POST['politic']));
$religion = escape_tags(trim($_POST['religion']));
$likes = fix_mce_lf(escape_tags(trim($_POST['likes'])));
$dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes'])));
$about = fix_mce_lf(escape_tags(trim($_POST['about'])));
$interest = fix_mce_lf(escape_tags(trim($_POST['interest'])));
$contact = fix_mce_lf(escape_tags(trim($_POST['contact'])));
$channels = fix_mce_lf(escape_tags(trim($_POST['channels'])));
$music = fix_mce_lf(escape_tags(trim($_POST['music'])));
$book = fix_mce_lf(escape_tags(trim($_POST['book'])));
$tv = fix_mce_lf(escape_tags(trim($_POST['tv'])));
$film = fix_mce_lf(escape_tags(trim($_POST['film'])));
$romance = fix_mce_lf(escape_tags(trim($_POST['romance'])));
$work = fix_mce_lf(escape_tags(trim($_POST['work'])));
$education = fix_mce_lf(escape_tags(trim($_POST['education'])));
$hide_friends = intval($_POST['hide_friends']) ? 1 : 0;
require_once 'include/text.php';
linkify_tags($a, $likes, local_channel());
linkify_tags($a, $dislikes, local_channel());
linkify_tags($a, $about, local_channel());
linkify_tags($a, $interest, local_channel());
linkify_tags($a, $interest, local_channel());
linkify_tags($a, $contact, local_channel());
linkify_tags($a, $channels, local_channel());
linkify_tags($a, $music, local_channel());
linkify_tags($a, $book, local_channel());
linkify_tags($a, $tv, local_channel());
linkify_tags($a, $film, local_channel());
linkify_tags($a, $romance, local_channel());
linkify_tags($a, $work, local_channel());
linkify_tags($a, $education, local_channel());
$with = x($_POST, 'with') ? escape_tags(trim($_POST['with'])) : '';
if (!strlen($howlong)) {
$howlong = NULL_DATE;
} else {
$howlong = datetime_convert(date_default_timezone_get(), 'UTC', $howlong);
}
// linkify the relationship target if applicable
$withchanged = false;
if (strlen($with)) {
if ($with != strip_tags($orig[0]['partner'])) {
$withchanged = true;
$prf = '';
$lookup = $with;
if (strpos($lookup, '@') === 0) {
$lookup = substr($lookup, 1);
}
$lookup = str_replace('_', ' ', $lookup);
$newname = $lookup;
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", dbesc($newname), intval(local_channel()));
if (!$r) {
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE xchan_addr = '%s' AND abook_channel = %d LIMIT 1", dbesc($lookup . '@%'), intval(local_channel()));
}
if ($r) {
$prf = $r[0]['xchan_url'];
$newname = $r[0]['xchan_name'];
}
if ($prf) {
$with = str_replace($lookup, '<a href="' . $prf . '">' . $newname . '</a>', $with);
if (strpos($with, '@') === 0) {
$with = substr($with, 1);
}
}
} else {
$with = $orig[0]['partner'];
}
}
$profile_fields_basic = get_profile_fields_basic();
$profile_fields_advanced = get_profile_fields_advanced();
$advanced = feature_enabled(local_channel(), 'advanced_profiles') ? true : false;
if ($advanced) {
$fields = $profile_fields_advanced;
} else {
$fields = $profile_fields_basic;
}
$z = q("select * from profdef where true");
if ($z) {
foreach ($z as $zz) {
if (array_key_exists($zz['field_name'], $fields)) {
$w = q("select * from profext where channel_id = %d and hash = '%s' and k = '%s' limit 1", intval(local_channel()), dbesc($orig[0]['profile_guid']), dbesc($zz['field_name']));
if ($w) {
q("update profext set v = '%s' where id = %d", dbesc(escape_tags(trim($_POST[$zz['field_name']]))), intval($w[0]['id']));
} else {
q("insert into profext ( channel_id, hash, k, v ) values ( %d, '%s', '%s', '%s') ", intval(local_channel()), dbesc($orig[0]['profile_guid']), dbesc($zz['field_name']), dbesc(escape_tags(trim($_POST[$zz['field_name']]))));
}
}
}
}
$changes = array();
$value = '';
if ($is_default) {
if ($marital != $orig[0]['marital']) {
$changes[] = '[color=#ff0000]♥[/color] ' . t('Marital Status');
$value = $marital;
}
if ($withchanged) {
$changes[] = '[color=#ff0000]♥[/color] ' . t('Romantic Partner');
$value = strip_tags($with);
}
if ($likes != $orig[0]['likes']) {
$changes[] = t('Likes');
$value = $likes;
}
if ($dislikes != $orig[0]['dislikes']) {
$changes[] = t('Dislikes');
$value = $dislikes;
}
if ($work != $orig[0]['employment']) {
$changes[] = t('Work/Employment');
}
if ($religion != $orig[0]['religion']) {
$changes[] = t('Religion');
$value = $religion;
}
if ($politic != $orig[0]['politic']) {
$changes[] = t('Political Views');
$value = $politic;
}
if ($gender != $orig[0]['gender']) {
$changes[] = t('Gender');
$value = $gender;
}
if ($sexual != $orig[0]['sexual']) {
$changes[] = t('Sexual Preference');
$value = $sexual;
}
if ($homepage != $orig[0]['homepage']) {
$changes[] = t('Homepage');
$value = $homepage;
}
if ($interest != $orig[0]['interest']) {
$changes[] = t('Interests');
$value = $interest;
}
if ($address != $orig[0]['address']) {
$changes[] = t('Address');
// New address not sent in notifications, potential privacy issues
// in case this leaks to unintended recipients. Yes, it's in the public
// profile but that doesn't mean we have to broadcast it to everybody.
}
if ($locality != $orig[0]['locality'] || $region != $orig[0]['region'] || $country_name != $orig[0]['country_name']) {
$changes[] = t('Location');
$comma1 = $locality && ($region || $country_name) ? ', ' : ' ';
$comma2 = $region && $country_name ? ', ' : '';
$value = $locality . $comma1 . $region . $comma2 . $country_name;
}
profile_activity($changes, $value);
}
$r = q("UPDATE `profile` \n\t\t\t\tSET `profile_name` = '%s',\n\t\t\t\t`fullname` = '%s',\n\t\t\t\t`pdesc` = '%s',\n\t\t\t\t`gender` = '%s',\n\t\t\t\t`dob` = '%s',\n\t\t\t\t`address` = '%s',\n\t\t\t\t`locality` = '%s',\n\t\t\t\t`region` = '%s',\n\t\t\t\t`postal_code` = '%s',\n\t\t\t\t`country_name` = '%s',\n\t\t\t\t`marital` = '%s',\n\t\t\t\t`partner` = '%s',\n\t\t\t\t`howlong` = '%s',\n\t\t\t\t`sexual` = '%s',\n\t\t\t\t`homepage` = '%s',\n\t\t\t\t`hometown` = '%s',\n\t\t\t\t`politic` = '%s',\n\t\t\t\t`religion` = '%s',\n\t\t\t\t`keywords` = '%s',\n\t\t\t\t`likes` = '%s',\n\t\t\t\t`dislikes` = '%s',\n\t\t\t\t`about` = '%s',\n\t\t\t\t`interest` = '%s',\n\t\t\t\t`contact` = '%s',\n\t\t\t\t`channels` = '%s',\n\t\t\t\t`music` = '%s',\n\t\t\t\t`book` = '%s',\n\t\t\t\t`tv` = '%s',\n\t\t\t\t`film` = '%s',\n\t\t\t\t`romance` = '%s',\n\t\t\t\t`employment` = '%s',\n\t\t\t\t`education` = '%s',\n\t\t\t\t`hide_friends` = %d\n\t\t\t\tWHERE `id` = %d AND `uid` = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), dbesc($gender), dbesc($dob), dbesc($address), dbesc($locality), dbesc($region), dbesc($postal_code), dbesc($country_name), dbesc($marital), dbesc($with), dbesc($howlong), dbesc($sexual), dbesc($homepage), dbesc($hometown), dbesc($politic), dbesc($religion), dbesc($keywords), dbesc($likes), dbesc($dislikes), dbesc($about), dbesc($interest), dbesc($contact), dbesc($channels), dbesc($music), dbesc($book), dbesc($tv), dbesc($film), dbesc($romance), dbesc($work), dbesc($education), intval($hide_friends), intval(argv(1)), intval(local_channel()));
if ($r) {
info(t('Profile updated.') . EOL);
}
$r = q("select * from profile where id = %d and uid = %d limit 1", intval(argv(1)), intval(local_channel()));
if ($r) {
require_once 'include/zot.php';
build_sync_packet(local_channel(), array('profile' => $r));
}
$channel = \App::get_channel();
if ($namechanged && $is_default) {
$r = q("UPDATE xchan SET xchan_name = '%s', xchan_name_date = '%s' WHERE xchan_hash = '%s'", dbesc($name), dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
$r = q("UPDATE channel SET channel_name = '%s' WHERE channel_hash = '%s'", dbesc($name), dbesc($channel['xchan_hash']));
}
if ($is_default) {
// reload the info for the sidebar widget - why does this not work?
profile_load($channel['channel_address']);
\Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
}
}
}
