Exemplo n.º 1
0
 function get()
 {
     $o = '';
     if (!\App::$profile['profile_uid']) {
         return;
     }
     $observer_hash = get_observer_hash();
     if (!perm_is_allowed(\App::$profile['profile_uid'], $observer_hash, 'view_contacts')) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $o .= '<h2>' . t('Common connections') . '</h2>';
     $t = count_common_friends(\App::$profile['profile_uid'], $observer_hash);
     if (!$t) {
         notice(t('No connections in common.') . EOL);
         return $o;
     }
     $r = common_friends(\App::$profile['profile_uid'], $observer_hash);
     if ($r) {
         $tpl = get_markup_template('common_friends.tpl');
         foreach ($r as $rr) {
             $o .= replace_macros($tpl, array('$url' => $rr['xchan_url'], '$name' => $rr['xchan_name'], '$photo' => $rr['xchan_photo_m'], '$tags' => ''));
         }
         $o .= cleardiv();
     }
     return $o;
 }
Exemplo n.º 2
0
function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $restrict = 0, $type = TERM_HASHTAG)
{
    require_once 'include/security.php';
    if (!perm_is_allowed($uid, get_observer_hash(), 'view_stream')) {
        return array();
    }
    $item_normal = item_normal();
    $sql_options = item_permissions_sql($uid);
    $count = intval($count);
    if ($flags) {
        if ($flags === 'wall') {
            $sql_options .= " and item_wall = 1 ";
        }
    }
    if ($authors) {
        if (!is_array($authors)) {
            $authors = array($authors);
        }
        stringify_array_elms($authors, true);
        $sql_options .= " and author_xchan in (" . implode(',', $authors) . ") ";
    }
    if ($owner) {
        $sql_options .= " and owner_xchan  = '" . dbesc($owner) . "' ";
    }
    // Fetch tags
    $r = q("select term, count(term) as total from term left join item on term.oid = item.id\n\t\twhere term.uid = %d and term.ttype = %d \n\t\tand otype = %d and item_type = %d and item_private = 0\n\t\t{$sql_options} {$item_normal}\n\t\tgroup by term order by total desc %s", intval($uid), intval($type), intval(TERM_OBJ_POST), intval($restrict), intval($count) ? "limit {$count}" : '');
    if (!$r) {
        return array();
    }
    return Zotlabs\Text\Tagadelic::calc($r);
}
Exemplo n.º 3
0
function p_init(&$a)
{
    if (argc() < 2) {
        http_status_exit(401);
    }
    $mid = str_replace('.xml', '', argv(1));
    $r = q("select * from item where mid = '%s' and item_wall = 1 and item_private = 0 limit 1", dbesc($mid));
    if (!$r || !perm_is_allowed($r[0]['uid'], '', 'view_stream')) {
        http_status_exit(404);
    }
    $c = q("select * from channel where channel_id = %d limit 1", intval($r[0]['uid']));
    if (!$c) {
        http_status_exit(404);
    }
    $myaddr = $c[0]['channel_address'] . '@' . App::get_hostname();
    $item = $r[0];
    $title = $item['title'];
    $body = bb2diaspora_itembody($item);
    $created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C');
    $tpl = get_markup_template('diaspora_post.tpl', 'addon/diaspora');
    $msg = replace_macros($tpl, array('$body' => xmlify($body), '$guid' => $item['mid'], '$handle' => xmlify($myaddr), '$public' => 'true', '$created' => $created, '$provider' => $item['app'] ? $item['app'] : t('$projectname')));
    header('Content-type: text/xml');
    echo $msg;
    killme();
}
Exemplo n.º 4
0
 /**
  * Copied from include/widgets.php::widget_album() with a modification to get the profile_uid from
  * the input array as in widget_item()
  * @param type $name
  * @return string
  */
 function embedphotos_widget_album($args)
 {
     $channel_id = 0;
     if (array_key_exists('channel', $args)) {
         $channel = $args['channel'];
     }
     $channel_id = intval($channel['channel_id']);
     if (!$channel_id) {
         $channel_id = \App::$profile_uid;
     }
     if (!$channel_id) {
         return '';
     }
     $owner_uid = $channel_id;
     require_once 'include/security.php';
     $sql_extra = permissions_sql($channel_id);
     if (!perm_is_allowed($channel_id, get_observer_hash(), 'view_storage')) {
         return '';
     }
     if ($args['album']) {
         $album = $args['album'];
     }
     if ($args['title']) {
         $title = $args['title'];
     }
     /** 
      * This may return incorrect permissions if you have multiple directories of the same name.
      * It is a limitation of the photo table using a name for a photo album instead of a folder hash
      */
     if ($album) {
         $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", dbesc($album), intval($owner_uid));
         if ($x) {
             $y = attach_can_view_folder($owner_uid, get_observer_hash(), $x[0]['hash']);
             if (!$y) {
                 return '';
             }
         }
     }
     $order = 'DESC';
     $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN\n\t\t\t\t(SELECT resource_id, max(imgscale) imgscale FROM photo WHERE uid = %d AND album = '%s' AND imgscale <= 4 AND photo_usage IN ( %d, %d ) {$sql_extra} GROUP BY resource_id) ph \n\t\t\t\tON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)\n\t\t\tORDER BY created {$order}", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
     $photos = array();
     if (count($r)) {
         $twist = 'rotright';
         foreach ($r as $rr) {
             if ($twist == 'rotright') {
                 $twist = 'rotleft';
             } else {
                 $twist = 'rotright';
             }
             $ext = $phototypes[$rr['mimetype']];
             $imgalt_e = $rr['filename'];
             $desc_e = $rr['description'];
             $imagelink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : '');
             $photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $imagelink, 'title' => t('View Photo'), 'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['imgscale'] . '.' . $ext, 'alt' => $imgalt_e, 'desc' => $desc_e, 'ext' => $ext, 'hash' => $rr['resource_id'], 'unknown' => t('Unknown'));
         }
     }
     $tpl = get_markup_template('photo_album.tpl');
     $o .= replace_macros($tpl, array('$photos' => $photos, '$album' => $title ? $title : $album, '$album_id' => rand(), '$album_edit' => array(t('Edit Album'), $album_edit), '$can_post' => false, '$upload' => array(t('Upload'), z_root() . '/photos/' . \App::$profile['channel_address'] . '/upload/' . bin2hex($album)), '$order' => false, '$upload_form' => $upload_form, '$no_fullscreen_btn' => true));
     return $o;
 }
Exemplo n.º 5
0
/**
 * @brief
 *
 * @param array $channel
 * @param string $observer_hash
 * @param array $params
 * @return string
 */
function get_feed_for($channel, $observer_hash, $params)
{
    if (!channel) {
        http_status_exit(401);
    }
    if ($params['pages']) {
        if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'view_pages')) {
            http_status_exit(403);
        }
    } else {
        if (!perm_is_allowed($channel['channel_id'], $observer_hash, 'view_stream')) {
            http_status_exit(403);
        }
    }
    $items = items_fetch(array('wall' => '1', 'datequery' => $params['end'], 'datequery2' => $params['begin'], 'start' => $params['start'], 'records' => $params['records'], 'direction' => $params['direction'], 'pages' => $params['pages'], 'order' => 'post', 'top' => $params['top'], 'cat' => $params['cat']), $channel, $observer_hash, CLIENT_MODE_NORMAL, App::$module);
    $feed_template = get_markup_template('atom_feed.tpl');
    $atom = '';
    $atom .= replace_macros($feed_template, array('$version' => xmlify(Zotlabs\Lib\System::get_project_version()), '$red' => xmlify(Zotlabs\Lib\System::get_platform_name()), '$feed_id' => xmlify($channel['xchan_url']), '$feed_title' => xmlify($channel['channel_name']), '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now', ATOM_TIME)), '$hub' => '', '$salmon' => '', '$name' => xmlify($channel['channel_name']), '$profile_page' => xmlify($channel['xchan_url']), '$mimephoto' => xmlify($channel['xchan_photo_mimetype']), '$photo' => xmlify($channel['xchan_photo_l']), '$thumb' => xmlify($channel['xchan_photo_m']), '$picdate' => '', '$uridate' => '', '$namdate' => '', '$birthday' => '', '$community' => ''));
    call_hooks('atom_feed', $atom);
    if ($items) {
        $type = 'html';
        foreach ($items as $item) {
            if ($item['item_private']) {
                continue;
            }
            /** @BUG $owner is undefined in this call */
            $atom .= atom_entry($item, $type, null, $owner, true);
        }
    }
    call_hooks('atom_feed_end', $atom);
    $atom .= '</feed>' . "\r\n";
    return $atom;
}
Exemplo n.º 6
0
 function get()
 {
     if (!\App::$profile) {
         notice(t('Requested profile is not available.') . EOL);
         \App::$error = 404;
         return;
     }
     $which = argv(1);
     $uid = local_channel();
     $owner = 0;
     $channel = null;
     $observer = \App::get_observer();
     $channel = \App::get_channel();
     if (\App::$is_sys && is_site_admin()) {
         $sys = get_sys_channel();
         if ($sys && intval($sys['channel_id'])) {
             $uid = $owner = intval($sys['channel_id']);
             $channel = $sys;
             $observer = $sys;
         }
     }
     if (!$owner) {
         // Figure out who the page owner is.
         $r = q("select channel_id from channel where channel_address = '%s'", dbesc($which));
         if ($r) {
             $owner = intval($r[0]['channel_id']);
         }
     }
     $ob_hash = $observer ? $observer['xchan_hash'] : '';
     if (!perm_is_allowed($owner, $ob_hash, 'write_pages')) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $is_owner = $uid && $uid == $owner ? true : false;
     $o = '';
     // Figure out which post we're editing
     $post_id = argc() > 2 ? intval(argv(2)) : 0;
     if (!$post_id) {
         notice(t('Item not found') . EOL);
         return;
     }
     // Now we've got a post and an owner, let's find out if we're allowed to edit it
     $ob_hash = $observer ? $observer['xchan_hash'] : '';
     $perms = get_all_perms($owner, $ob_hash);
     if (!$perms['write_pages']) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", intval($post_id), intval($owner));
     $item_id = q("select * from item_id where service = 'PDL' and iid = %d limit 1", intval($itm[0]['id']));
     if ($item_id) {
         $layout_title = $item_id[0]['sid'];
     }
     $rp = 'layouts/' . $which;
     $x = array('webpage' => ITEM_TYPE_PDL, 'nickname' => $channel['channel_address'], 'editor_autocomplete' => true, 'bbco_autocomplete' => 'comanche', 'return_path' => $rp, 'button' => t('Edit'), 'hide_voting' => true, 'hide_future' => true, 'hide_expire' => true, 'hide_location' => true, 'hide_weblink' => true, 'hide_attach' => true, 'hide_preview' => true, 'ptyp' => $itm[0]['obj_type'], 'body' => undo_post_tagging($itm[0]['body']), 'post_id' => $post_id, 'title' => htmlspecialchars($itm[0]['title'], ENT_COMPAT, 'UTF-8'), 'pagetitle' => $layout_title, 'ptlabel' => t('Layout Name'), 'placeholdertitle' => t('Layout Description (Optional)'), 'showacl' => false, 'profile_uid' => intval($owner));
     $editor = status_editor($a, $x);
     $o .= replace_macros(get_markup_template('edpost_head.tpl'), array('$title' => t('Edit Layout'), '$delete' => $itm[0]['author_xchan'] === $ob_hash || $itm[0]['owner_xchan'] === $ob_hash ? t('Delete') : false, '$id' => $itm[0]['id'], '$editor' => $editor));
     return $o;
 }
Exemplo n.º 7
0
 function get()
 {
     if (!\App::$profile) {
         notice(t('Requested profile is not available.') . EOL);
         \App::$error = 404;
         return;
     }
     $which = argv(1);
     $uid = local_channel();
     $owner = 0;
     $channel = null;
     $observer = \App::get_observer();
     $channel = \App::get_channel();
     if (\App::$is_sys && is_site_admin()) {
         $sys = get_sys_channel();
         if ($sys && intval($sys['channel_id'])) {
             $uid = $owner = intval($sys['channel_id']);
             $channel = $sys;
             $observer = $sys;
         }
     }
     if (!$owner) {
         // Figure out who the page owner is.
         $r = q("select channel_id from channel where channel_address = '%s'", dbesc($which));
         if ($r) {
             $owner = intval($r[0]['channel_id']);
         }
     }
     $ob_hash = $observer ? $observer['xchan_hash'] : '';
     if (!perm_is_allowed($owner, $ob_hash, 'write_pages')) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $is_owner = $uid && $uid == $owner ? true : false;
     $o = '';
     // Figure out which post we're editing
     $post_id = argc() > 2 ? intval(argv(2)) : 0;
     if (!($post_id && $owner)) {
         notice(t('Item not found') . EOL);
         return;
     }
     $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1", intval($post_id), intval($owner));
     if ($itm) {
         $item_id = q("select * from item_id where service = 'BUILDBLOCK' and iid = %d limit 1", intval($itm[0]['id']));
         if ($item_id) {
             $block_title = $item_id[0]['sid'];
         }
     } else {
         notice(t('Item not found') . EOL);
         return;
     }
     $mimetype = $itm[0]['mimetype'];
     $rp = 'blocks/' . $channel['channel_address'];
     $x = array('nickname' => $channel['channel_address'], 'bbco_autocomplete' => $mimetype == 'text/bbcode' ? 'bbcode' : 'comanche-block', 'return_path' => $rp, 'webpage' => ITEM_TYPE_BLOCK, 'ptlabel' => t('Block Name'), 'button' => t('Edit'), 'writefiles' => $mimetype == 'text/bbcode' ? perm_is_allowed($owner, get_observer_hash(), 'write_storage') : false, 'weblink' => $mimetype == 'text/bbcode' ? t('Insert web link') : false, 'hide_voting' => true, 'hide_future' => true, 'hide_location' => true, 'hide_expire' => true, 'showacl' => false, 'ptyp' => $itm[0]['type'], 'mimeselect' => true, 'mimetype' => $itm[0]['mimetype'], 'body' => undo_post_tagging($itm[0]['body']), 'post_id' => $post_id, 'visitor' => true, 'title' => htmlspecialchars($itm[0]['title'], ENT_COMPAT, 'UTF-8'), 'placeholdertitle' => t('Title (optional)'), 'pagetitle' => $block_title, 'profile_uid' => intval($channel['channel_id']), 'bbcode' => $mimetype == 'text/bbcode' ? true : false);
     $editor = status_editor($a, $x);
     $o .= replace_macros(get_markup_template('edpost_head.tpl'), array('$title' => t('Edit Block'), '$delete' => $itm[0]['author_xchan'] === $ob_hash || $itm[0]['owner_xchan'] === $ob_hash ? t('Delete') : false, '$id' => $itm[0]['id'], '$editor' => $editor));
     return $o;
 }
Exemplo n.º 8
0
 function get()
 {
     if (observer_prohibited()) {
         notice(t('Public access denied.') . EOL);
         return;
     }
     if (!count(\App::$profile) || \App::$profile['hide_friends']) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     if (!perm_is_allowed(\App::$profile['uid'], get_observer_hash(), 'view_contacts')) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     if (!$_REQUEST['aj']) {
         $_SESSION['return_url'] = \App::$query_string;
     }
     $is_owner = local_channel() && local_channel() == \App::$profile['uid'] ? true : false;
     $abook_flags = " and abook_pending = 0 and abook_self = 0 ";
     $sql_extra = '';
     if (!$is_owner) {
         $abook_flags = " and abook_hidden = 0 ";
         $sql_extra = " and xchan_hidden = 0 ";
     }
     $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d {$abook_flags} and xchan_orphan = 0 and xchan_deleted = 0 {$sql_extra} ", intval(\App::$profile['uid']));
     if ($r) {
         \App::set_pager_total($r[0]['total']);
     }
     $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d {$abook_flags} and xchan_orphan = 0 and xchan_deleted = 0 {$sql_extra} order by xchan_name LIMIT %d OFFSET %d ", intval(\App::$profile['uid']), intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
     if (!$r && !$_REQUEST['aj']) {
         info(t('No connections.') . EOL);
         return $o;
     }
     $contacts = array();
     foreach ($r as $rr) {
         $url = chanlink_url($rr['xchan_url']);
         if ($url) {
             $contacts[] = array('id' => $rr['abook_id'], 'archived' => intval($rr['abook_archived']) ? true : false, 'img_hover' => sprintf(t('Visit %s\'s profile [%s]'), $rr['xchan_name'], $rr['xchan_url']), 'thumb' => $rr['xchan_photo_m'], 'name' => substr($rr['xchan_name'], 0, 20), 'username' => $rr['xchan_addr'], 'link' => $url, 'sparkle' => '', 'itemurl' => $rr['url'], 'network' => '');
         }
     }
     if ($_REQUEST['aj']) {
         if ($contacts) {
             $o = replace_macros(get_markup_template('viewcontactsajax.tpl'), array('$contacts' => $contacts));
         } else {
             $o = '<div id="content-complete"></div>';
         }
         echo $o;
         killme();
     } else {
         $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
         $tpl = get_markup_template("viewcontact_template.tpl");
         $o .= replace_macros($tpl, array('$title' => t('View Connections'), '$contacts' => $contacts));
     }
     if (!$contacts) {
         $o .= '<div id="content-complete"></div>';
     }
     return $o;
 }
Exemplo n.º 9
0
function viewconnections_content(&$a)
{
    if (get_config('system', 'block_public') && !local_channel() && !remote_channel()) {
        notice(t('Public access denied.') . EOL);
        return;
    }
    if (!count($a->profile) || $a->profile['hide_friends']) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    if (!perm_is_allowed($a->profile['uid'], get_observer_hash(), 'view_contacts')) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    if (!$_REQUEST['aj']) {
        $_SESSION['return_url'] = $a->query_string;
    }
    $is_owner = local_channel() && local_channel() == $a->profile['uid'] ? true : false;
    $abook_flags = ABOOK_FLAG_PENDING | ABOOK_FLAG_SELF;
    $xchan_flags = XCHAN_FLAGS_ORPHAN | XCHAN_FLAGS_DELETED;
    if (!$is_owner) {
        $abook_flags = $abook_flags | ABOOK_FLAG_HIDDEN;
        $xchan_flags = $xchan_flags | XCHAN_FLAGS_HIDDEN;
    }
    $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d )>0 and not ( xchan_flags & %d )>0 ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags));
    if ($r) {
        $a->set_pager_total($r[0]['total']);
    }
    $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d )>0 and not ( xchan_flags & %d )>0 order by xchan_name LIMIT %d OFFSET %d ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags), intval($a->pager['itemspage']), intval($a->pager['start']));
    if (!$r && !$_REQUEST['aj']) {
        info(t('No connections.') . EOL);
        return $o;
    }
    $contacts = array();
    foreach ($r as $rr) {
        $url = chanlink_url($rr['xchan_url']);
        if ($url) {
            $contacts[] = array('id' => $rr['abook_id'], 'archived' => $rr['abook_flags'] & ABOOK_FLAG_ARCHIVED ? true : false, 'img_hover' => sprintf(t('Visit %s\'s profile [%s]'), $rr['xchan_name'], $rr['xchan_url']), 'thumb' => $rr['xchan_photo_m'], 'name' => substr($rr['xchan_name'], 0, 20), 'username' => $rr['xchan_addr'], 'link' => $url, 'sparkle' => '', 'itemurl' => $rr['url'], 'network' => '');
        }
    }
    if ($_REQUEST['aj']) {
        if ($contacts) {
            $o = replace_macros(get_markup_template('viewcontactsajax.tpl'), array('$contacts' => $contacts));
        } else {
            $o = '<div id="content-complete"></div>';
        }
        echo $o;
        killme();
    } else {
        $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
        $tpl = get_markup_template("viewcontact_template.tpl");
        $o .= replace_macros($tpl, array('$title' => t('View Connections'), '$contacts' => $contacts));
    }
    if (!$contacts) {
        $o .= '<div id="content-complete"></div>';
    }
    return $o;
}
Exemplo n.º 10
0
 /**
  * The DAV browser is instantiated after the auth module and directory classes
  * but before we know the current directory and who the owner and observer
  * are. So we add a pointer to the browser into the auth module and vice versa.
  * Then when we've figured out what directory is actually being accessed, we
  * call the following function to decide whether or not to show web elements
  * which include writeable objects.
  *
  * @fixme It only disable/enable the visible parts. Not the POST handler
  * which handels the actual requests when uploading files or creating folders.
  *
  * @todo Maybe this whole way of doing this can be solved with some
  * $server->subscribeEvent().
  */
 public function set_writeable()
 {
     if (!$this->auth->owner_id) {
         $this->enablePost = false;
     }
     if (!perm_is_allowed($this->auth->owner_id, get_observer_hash(), 'write_storage')) {
         $this->enablePost = false;
     } else {
         $this->enablePost = true;
     }
 }
Exemplo n.º 11
0
function chatsvc_init(&$a)
{
    //logger('chatsvc');
    $ret = array('success' => false);
    $a->data['chat']['room_id'] = intval($_REQUEST['room_id']);
    $x = q("select cr_uid from chatroom where cr_id = %d and cr_id != 0 limit 1", intval($a->data['chat']['room_id']));
    if (!$x) {
        json_return_and_die($ret);
    }
    $a->data['chat']['uid'] = $x[0]['cr_uid'];
    if (!perm_is_allowed($a->data['chat']['uid'], get_observer_hash(), 'chat')) {
        json_return_and_die($ret);
    }
}
Exemplo n.º 12
0
function tagadelic($uid, $count = 0, $authors = '', $owner = '', $flags = 0, $restrict = 0, $type = TERM_HASHTAG)
{
    require_once 'include/security.php';
    if (!perm_is_allowed($uid, get_observer_hash(), 'view_stream')) {
        return array();
    }
    $item_normal = item_normal();
    $sql_options = item_permissions_sql($uid);
    $count = intval($count);
    if ($flags) {
        if ($flags === 'wall') {
            $sql_options .= " and item_wall = 1 ";
        }
    }
    if ($authors) {
        if (!is_array($authors)) {
            $authors = array($authors);
        }
        stringify_array_elms($authors, true);
        $sql_options .= " and author_xchan in (" . implode(',', $authors) . ") ";
    }
    if ($owner) {
        $sql_options .= " and owner_xchan  = '" . dbesc($owner) . "' ";
    }
    // Fetch tags
    $r = q("select term, count(term) as total from term left join item on term.oid = item.id\n\t\twhere term.uid = %d and term.type = %d \n\t\tand otype = %d and item_type = %d and item_private = 0\n\t\t{$sql_options} {$item_normal}\n\t\tgroup by term order by total desc %s", intval($uid), intval($type), intval(TERM_OBJ_POST), intval($restrict), intval($count) ? "limit {$count}" : '');
    if (!$r) {
        return array();
    }
    // Find minimum and maximum log-count.
    $tags = array();
    $min = 1000000000.0;
    $max = -1000000000.0;
    $x = 0;
    foreach ($r as $rr) {
        $tags[$x][0] = $rr['term'];
        $tags[$x][1] = log($rr['total']);
        $tags[$x][2] = 0;
        $min = min($min, $tags[$x][1]);
        $max = max($max, $tags[$x][1]);
        $x++;
    }
    usort($tags, 'tags_sort');
    $range = max(0.01, $max - $min) * 1.0001;
    for ($x = 0; $x < count($tags); $x++) {
        $tags[$x][2] = 1 + floor(9 * ($tags[$x][1] - $min) / $range);
    }
    return $tags;
}
Exemplo n.º 13
0
/**
 * @brief Returns an array with viewable channels.
 *
 * Get a list of RedDirectory objects with all the channels where the visitor
 * has <b>view_storage</b> perms.
 *
 * @todo Is there any reason why this is not inside RedDirectory class?
 * @fixme function name looks like a class name, should we rename it?
 *
 * @param RedBasicAuth &$auth
 * @return array RedDirectory[]
 */
function RedChannelList(&$auth)
{
    $ret = array();
    $r = q("SELECT channel_id, channel_address FROM channel WHERE NOT (channel_pageflags & %d)>0 AND NOT (channel_pageflags & %d)>0", intval(PAGE_REMOVED), intval(PAGE_HIDDEN));
    if ($r) {
        foreach ($r as $rr) {
            if (perm_is_allowed($rr['channel_id'], $auth->observer, 'view_storage')) {
                logger('found channel: /cloud/' . $rr['channel_address'], LOGGER_DATA);
                // @todo can't we drop '/cloud'? It gets stripped off anyway in RedDirectory
                $ret[] = new RedDAV\RedDirectory('/cloud/' . $rr['channel_address'], $auth);
            }
        }
    }
    return $ret;
}
Exemplo n.º 14
0
function common_friends_visitor_widget($profile_uid)
{
    if (local_channel() == $profile_uid) {
        return;
    }
    $observer_hash = get_observer_hash();
    if (!$observer_hash || !perm_is_allowed($profile_uid, $observer_hash, 'view_contacts')) {
        return;
    }
    require_once 'include/socgraph.php';
    $t = count_common_friends($profile_uid, $observer_hash);
    if (!$t) {
        return;
    }
    $r = common_friends($profile_uid, $observer_hash, 0, 5, true);
    return replace_macros(get_markup_template('remote_friends_common.tpl'), array('$desc' => sprintf(tt("%d connection in common", "%d connections in common", $t), $t), '$base' => z_root(), '$uid' => $profile_uid, '$cid' => $observer, '$linkmore' => $t > 5 ? 'true' : '', '$more' => t('show more'), '$items' => $r));
}
Exemplo n.º 15
0
function block_content(&$a)
{
    if (!perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_pages')) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    if (argc() < 3) {
        notice(t('Invalid item.') . EOL);
        return;
    }
    $channel_address = argv(1);
    $page_id = argv(2);
    $u = q("select channel_id from channel where channel_address = '%s' limit 1", dbesc($channel_address));
    if (!$u) {
        notice(t('Channel not found.') . EOL);
        return;
    }
    if ($_REQUEST['rev']) {
        $revision = " and revision = " . intval($_REQUEST['rev']) . " ";
    } else {
        $revision = " order by revision desc ";
    }
    require_once 'include/security.php';
    $sql_options = item_permissions_sql($u[0]['channel_id']);
    $r = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\twhere item.uid = %d and sid = '%s' and service = 'BUILDBLOCK' and \n\t\titem_type = %d {$sql_options} {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_TYPE_BLOCK));
    if (!$r) {
        // Check again with no permissions clause to see if it is a permissions issue
        $x = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\twhere item.uid = %d and sid = '%s' and service = 'BUILDBLOCK' and \n\t\titem_type = %d {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_TYPE_BLOCK));
        if ($x) {
            // Yes, it's there. You just aren't allowed to see it.
            notice(t('Permission denied.') . EOL);
        } else {
            notice(t('Page not found.') . EOL);
        }
        return;
    }
    xchan_query($r);
    $r = fetch_post_tags($r, true);
    $o .= prepare_page($r[0]);
    return $o;
}
Exemplo n.º 16
0
function viewconnections_content(&$a)
{
    if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
        notice(t('Public access denied.') . EOL);
        return;
    }
    if (!count($a->profile) || $a->profile['hide_friends']) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    if (!perm_is_allowed($a->profile['uid'], get_observer_hash(), 'view_contacts')) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $is_owner = local_user() && local_user() == $a->profile['uid'] ? true : false;
    $abook_flags = ABOOK_FLAG_PENDING | ABOOK_FLAG_SELF;
    $xchan_flags = XCHAN_FLAGS_ORPHAN | XCHAN_FLAGS_DELETED;
    if (!$is_owner) {
        $abook_flags = $abook_flags | ABOOK_FLAG_HIDDEN;
        $xchan_flags = $xchan_flags | XCHAN_FLAGS_HIDDEN;
    }
    $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d ) and not ( xchan_flags & %d ) ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags));
    if ($r) {
        $a->set_pager_total($r[0]['total']);
    }
    $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags), intval($a->pager['start']), intval($a->pager['itemspage']));
    if (!$r) {
        info(t('No connections.') . EOL);
        return $o;
    }
    $contacts = array();
    foreach ($r as $rr) {
        $url = chanlink_url($rr['xchan_url']);
        if ($url) {
            $contacts[] = array('id' => $rr['abook_id'], 'archived' => $rr['abook_flags'] & ABOOK_FLAG_ARCHIVED ? true : false, 'img_hover' => sprintf(t('Visit %s\'s profile [%s]'), $rr['xchan_name'], $rr['xchan_url']), 'thumb' => $rr['xchan_photo_m'], 'name' => substr($rr['xchan_name'], 0, 20), 'username' => $rr['xchan_addr'], 'link' => $url, 'sparkle' => '', 'itemurl' => $rr['url'], 'network' => '');
        }
    }
    $tpl = get_markup_template("viewcontact_template.tpl");
    $o .= replace_macros($tpl, array('$title' => t('View Connnections'), '$contacts' => $contacts, '$paginate' => paginate($a)));
    return $o;
}
Exemplo n.º 17
0
function profile_content(&$a, $update = 0)
{
    if (get_config('system', 'block_public') && !get_account_id() && !remote_channel()) {
        return login();
    }
    $groups = array();
    $tab = 'profile';
    $o = '';
    if (!perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_profile')) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $is_owner = local_channel() && local_channel() == $a->profile['profile_uid'] ? true : false;
    if ($a->profile['hidewall'] && !$is_owner && !remote_channel()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
    $o .= advanced_profile($a);
    call_hooks('profile_advanced', $o);
    return $o;
}
Exemplo n.º 18
0
function profile_content(&$a, $update = 0)
{
    if (get_config('system', 'block_public') && !get_account_id() && !remote_channel()) {
        return login();
    }
    $groups = array();
    $tab = 'profile';
    $o = '';
    if (!perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_profile')) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $is_owner = local_channel() && local_channel() == $a->profile['profile_uid'] ? true : false;
    if ($a->profile['hidewall'] && !$is_owner && !remote_channel()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
    $a->page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . $a->query_string) . '" title="oembed" />' . "\r\n";
    $o .= advanced_profile($a);
    call_hooks('profile_advanced', $o);
    return $o;
}
Exemplo n.º 19
0
 function get()
 {
     if (observer_prohibited(true)) {
         return login();
     }
     $groups = array();
     $tab = 'profile';
     $o = '';
     if (!perm_is_allowed(\App::$profile['profile_uid'], get_observer_hash(), 'view_profile')) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $is_owner = local_channel() && local_channel() == \App::$profile['profile_uid'] ? true : false;
     if (\App::$profile['hidewall'] && !$is_owner && !remote_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']);
     \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n";
     $o .= advanced_profile($a);
     call_hooks('profile_advanced', $o);
     return $o;
 }
Exemplo n.º 20
0
function api_favorites(&$a, $type)
{
    if (api_user() === false) {
        return false;
    }
    $user_info = api_get_user($a);
    // params
    $count = x($_REQUEST, 'count') ? $_REQUEST['count'] : 20;
    $page = x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0;
    if ($page < 0) {
        $page = 0;
    }
    $since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0;
    $max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0;
    $exclude_replies = x($_REQUEST, 'exclude_replies') ? 1 : 0;
    $start = $page * $count;
    //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
    $sql_extra = '';
    if ($max_id > 0) {
        $sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
    }
    if ($exclude_replies > 0) {
        $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
    }
    if (api_user() != $user_info['uid']) {
        $observer = get_app()->get_observer();
        require_once 'include/permissions.php';
        if (!perm_is_allowed($user_info['uid'], $observer ? $observer['xchan_hash'] : '', 'view_stream')) {
            return '';
        }
        $sql_extra .= " and item_private = 0 ";
    }
    $item_normal = item_normal();
    $r = q("SELECT * from item WHERE uid = %d {$item_normal}\n\t\t\tand item_starred = 1 {$sql_extra}\n\t\t\tAND id > %d\n\t\t\tORDER BY received DESC LIMIT %d ,%d ", intval($user_info['uid']), intval($since_id), intval($start), intval($count));
    xchan_query($r, true);
    $ret = api_format_items($r, $user_info);
    $data = array('$statuses' => $ret);
    switch ($type) {
        case "atom":
        case "rss":
            $data = api_rss_extra($a, $data, $user_info);
            break;
        case "as":
            $as = api_format_as($a, $ret, $user_info);
            $as['title'] = $a->config['sitename'] . " Home Timeline";
            $as['link']['url'] = $a->get_baseurl() . "/" . $user_info["screen_name"] . "/all";
            return $as;
            break;
    }
    return api_apply_template("timeline", $type, $data);
}
Exemplo n.º 21
0
function widget_item($arr)
{
    $uid = $a->profile['profile_uid'];
    if (!$uid || !$arr['mid']) {
        return '';
    }
    if (!perm_is_allowed($uid, get_observer_hash(), 'view_pages')) {
        return '';
    }
    require_once 'include/security.php';
    $sql_extra = item_permissions_sql($uid);
    $r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " {$sql_extra} limit 1", dbesc($arr['mid']), intval($uid));
    if (!$r) {
        return '';
    }
    xchan_query($r);
    $r = fetch_post_tags($r, true);
    $o .= prepare_page($r[0]);
    return $o;
}
Exemplo n.º 22
0
function gnusoc_notifier_process(&$a, &$b)
{
    logger('notifier process gnusoc');
    if (!($b['normal_mode'] || $b['relay_to_owner'])) {
        return;
    }
    if ($b['private'] || $b['packet_type'] || $b['mail']) {
        return;
    }
    if ($b['target_item']['public_policy']) {
        logger('non-public post');
        return;
    }
    if ($b['top_level_post']) {
        // should have been processed by pubsubhubub
        logger('not a comment');
        return;
    }
    $channel = $b['channel'];
    if (!perm_is_allowed($channel['channel_id'], '', 'view_stream')) {
        return;
    }
    // find gnusoc subscribers following this $owner
    $r = q("select * from abook left join hubloc on abook_xchan = hubloc_hash where hubloc_network = 'gnusoc' and abook_channel = %d", intval($channel['channel_id']));
    if (!$r) {
        return;
    }
    $recips = array();
    foreach ($r as $rr) {
        if (perm_is_allowed($channel['channel_id'], $rr['hubloc_hash'], 'view_stream')) {
            $recips[] = $rr['hubloc_hash'];
        }
    }
    if (!$recips) {
        return;
    }
    $slap = get_atom_entry($target_item, 'html', null, null, false);
    $slap = str_replace('<entry>', '<entry xmlns="http://www.w3.org/2005/Atom"
      xmlns:thr="http://purl.org/syndication/thread/1.0"
      xmlns:at="http://purl.org/atompub/tombstones/1.0"
      xmlns:media="http://purl.org/syndication/atommedia"
      xmlns:dfrn="http://purl.org/macgirvin/dfrn/1.0" 
      xmlns:zot="http://purl.org/zot"
      xmlns:as="http://activitystrea.ms/spec/1.0/"
      xmlns:georss="http://www.georss.org/georss" 
      xmlns:poco="http://portablecontacts.net/spec/1.0" 
      xmlns:ostatus="http://ostatus.org/schema/1.0" 
	  xmlns:statusnet="http://status.net/schema/api/1/" >', $slap);
    foreach ($recips as $recip) {
        $h = slapper($channel, $recip['hubloc_callback'], $slap);
        $b['queued'][] = $h;
    }
}
Exemplo n.º 23
0
function diaspora_process_outbound(&$a, &$arr)
{
    /*
    
    	We are passed the following array from the notifier, providing everything we need to make delivery decisions.
    
    			$arr = array(
    				'channel' => $channel,
    				'env_recips' => $env_recips,
    				'packet_recips' => $packet_recips,
    				'recipients' => $recipients,
    				'item' => $item,
    				'target_item' => $target_item,
    				'hub' => $hub,
    				'top_level_post' => $top_level_post,
    				'private' => $private,
    				'relay_to_owner' => $relay_to_owner,
    				'uplink' => $uplink,
    				'cmd' => $cmd,
    				'mail' => $mail,
    				'location' => $location,
    				'normal_mode' => $normal_mode,
    				'packet_type' => $packet_type,
    				'walltowall' => $walltowall,
    				'queued' => pass these queued items (outq_hash) back to notifier.php for delivery
    			);
    */
    //	logger('notifier_array: ' . print_r($arr,true), LOGGER_ALL, LOG_INFO);
    // allow this to be set per message
    if (strpos($arr['target_item']['postopts'], 'nodspr') !== false) {
        return;
    }
    $allowed = get_pconfig($arr['channel']['channel_id'], 'system', 'diaspora_allowed');
    if (!intval($allowed)) {
        logger('mod-diaspora: disallowed for channel ' . $arr['channel']['channel_name']);
        return;
    }
    if ($arr['location']) {
        return;
    }
    // send to public relay server - not ready for prime time
    if ($arr['top_level_post'] && !$arr['env_recips']) {
        // Add the relay server to the list of hubs.
        // = array('hubloc_callback' => 'https://relay.iliketoast.net/receive', 'xchan_pubkey' => 'bogus');
    }
    $target_item = $arr['target_item'];
    if ($target_item && array_key_exists('item_obscured', $target_item) && intval($target_item['item_obscured'])) {
        $key = get_config('system', 'prvkey');
        if ($target_item['title']) {
            $target_item['title'] = crypto_unencapsulate(json_decode($target_item['title'], true), $key);
        }
        if ($target_item['body']) {
            $target_item['body'] = crypto_unencapsulate(json_decode($target_item['body'], true), $key);
        }
    }
    $prv_recips = $arr['env_recips'];
    // The Diaspora profile message is unusual in that it is sent privately.
    if ($arr['cmd'] === 'refresh_all' && $arr['recipients']) {
        $prv_recips = array();
        foreach ($arr['recipients'] as $r) {
            $prv_recips[] = array('hash' => trim($r, "'"));
        }
    }
    if ($prv_recips) {
        $hashes = array();
        // re-explode the recipients, but only for this hub/pod
        foreach ($prv_recips as $recip) {
            $hashes[] = "'" . $recip['hash'] . "'";
        }
        $r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_url = '%s' \n\t\t\tand xchan_hash in (" . implode(',', $hashes) . ") and xchan_network in ('diaspora', 'friendica-over-diaspora') ", dbesc($arr['hub']['hubloc_url']));
        if (!$r) {
            logger('diaspora_process_outbound: no recipients');
            return;
        }
        foreach ($r as $contact) {
            if (!deliverable_singleton($arr['channel']['channel_id'], $contact)) {
                logger('not deliverable from this hub');
                continue;
            }
            if ($arr['packet_type'] == 'refresh') {
                $qi = diaspora_profile_change($arr['channel'], $contact);
                if ($qi) {
                    $arr['queued'][] = $qi;
                }
                return;
            }
            if ($arr['mail']) {
                $qi = diaspora_send_mail($arr['item'], $arr['channel'], $contact);
                if ($qi) {
                    $arr['queued'][] = $qi;
                }
                continue;
            }
            if (!$arr['normal_mode']) {
                continue;
            }
            // special handling for send_upstream to public post
            // all other public posts processed as public batches further below
            if (!$arr['private'] && $arr['relay_to_owner']) {
                $qi = diaspora_send_upstream($target_item, $arr['channel'], $contact, true);
                if ($qi) {
                    $arr['queued'][] = $qi;
                }
                continue;
            }
            if (!$contact['xchan_pubkey']) {
                continue;
            }
            if (intval($target_item['item_deleted']) && ($target_item['mid'] === $target_item['parent_mid'] || $arr['relay_to_owner'])) {
                // send both top-level retractions and relayable retractions for owner to relay
                $qi = diaspora_send_retraction($target_item, $arr['channel'], $contact);
                if ($qi) {
                    $arr['queued'][] = $qi;
                }
                continue;
            } elseif ($arr['relay_to_owner'] || $arr['uplink']) {
                // send comments and likes to owner to relay
                $qi = diaspora_send_upstream($target_item, $arr['channel'], $contact, false, $arr['uplink'] && !$arr['relay_to_owner'] ? true : false);
                if ($qi) {
                    $arr['queued'][] = $qi;
                }
                continue;
            } elseif ($target_item['mid'] !== $target_item['parent_mid']) {
                // we are the relay - send comments, likes and relayable_retractions
                // (of comments and likes) to our conversants
                $qi = diaspora_send_downstream($target_item, $arr['channel'], $contact);
                if ($qi) {
                    $arr['queued'][] = $qi;
                }
                continue;
            } elseif ($arr['top_level_post']) {
                $qi = diaspora_send_status($target_item, $arr['channel'], $contact);
                if ($qi) {
                    foreach ($qi as $q) {
                        $arr['queued'][] = $q;
                    }
                }
                continue;
            }
        }
    } else {
        // public message
        $contact = $arr['hub'];
        if (intval($target_item['item_deleted']) && $target_item['mid'] === $target_item['parent_mid']) {
            // top-level retraction
            logger('delivery: diaspora retract: ' . $loc);
            $qi = diaspora_send_retraction($target_item, $arr['channel'], $contact, true);
            if ($qi) {
                $arr['queued'][] = $qi;
            }
            return;
        } elseif ($target_item['mid'] !== $target_item['parent_mid']) {
            // we are the relay - send comments, likes and relayable_retractions to our conversants
            logger('delivery: diaspora relay: ' . $loc);
            $qi = diaspora_send_downstream($target_item, $arr['channel'], $contact, true);
            if ($qi) {
                $arr['queued'][] = $qi;
            }
            return;
        } elseif ($arr['top_level_post']) {
            if (perm_is_allowed($arr['channel']['channel_id'], '', 'view_stream')) {
                logger('delivery: diaspora status: ' . $loc);
                $qi = diaspora_send_status($target_item, $arr['channel'], $contact, true);
                if ($qi) {
                    foreach ($qi as $q) {
                        $arr['queued'][] = $q;
                    }
                }
                return;
            }
        }
    }
}
Exemplo n.º 24
0
 function get()
 {
     if (observer_prohibited()) {
         return;
     }
     $channel = null;
     if (argc() > 1) {
         $channel = channelx_by_nick(argv(1));
     }
     if (!$channel) {
         notice(t('Channel not found.') . EOL);
         return;
     }
     // since we don't currently have an event permission - use the stream permission
     if (!perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) {
         notice(t('Permissions denied.') . EOL);
         return;
     }
     $sql_extra = permissions_sql($channel['channel_id'], get_observer_hash(), 'event');
     $first_day = get_pconfig(local_channel(), 'system', 'cal_first_day');
     $first_day = $first_day ? $first_day : 0;
     $htpl = get_markup_template('event_head.tpl');
     \App::$page['htmlhead'] .= replace_macros($htpl, array('$baseurl' => z_root(), '$module_url' => '/cal/' . $channel['channel_address'], '$modparams' => 2, '$lang' => \App::$language, '$first_day' => $first_day));
     $o = '';
     $tabs = profile_tabs($a, True, $channel['channel_address']);
     $mode = 'view';
     $y = 0;
     $m = 0;
     $ignored = x($_REQUEST, 'ignored') ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : '';
     // logger('args: ' . print_r(\App::$argv,true));
     if (argc() > 3 && intval(argv(2)) && intval(argv(3))) {
         $mode = 'view';
         $y = intval(argv(2));
         $m = intval(argv(3));
     }
     if (argc() <= 3) {
         $mode = 'view';
         $event_id = argv(2);
     }
     if ($mode == 'view') {
         /* edit/create form */
         if ($event_id) {
             $r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1", dbesc($event_id), intval($channel['channel_id']));
             if (count($r)) {
                 $orig_event = $r[0];
             }
         }
         // Passed parameters overrides anything found in the DB
         if (!x($orig_event)) {
             $orig_event = array();
         }
         $tz = date_default_timezone_get();
         if (x($orig_event)) {
             $tz = $orig_event['adjust'] ? date_default_timezone_get() : 'UTC';
         }
         $syear = datetime_convert('UTC', $tz, $sdt, 'Y');
         $smonth = datetime_convert('UTC', $tz, $sdt, 'm');
         $sday = datetime_convert('UTC', $tz, $sdt, 'd');
         $shour = datetime_convert('UTC', $tz, $sdt, 'H');
         $sminute = datetime_convert('UTC', $tz, $sdt, 'i');
         $stext = datetime_convert('UTC', $tz, $sdt);
         $stext = substr($stext, 0, 14) . "00:00";
         $fyear = datetime_convert('UTC', $tz, $fdt, 'Y');
         $fmonth = datetime_convert('UTC', $tz, $fdt, 'm');
         $fday = datetime_convert('UTC', $tz, $fdt, 'd');
         $fhour = datetime_convert('UTC', $tz, $fdt, 'H');
         $fminute = datetime_convert('UTC', $tz, $fdt, 'i');
         $ftext = datetime_convert('UTC', $tz, $fdt);
         $ftext = substr($ftext, 0, 14) . "00:00";
         $type = x($orig_event) ? $orig_event['etype'] : 'event';
         $f = get_config('system', 'event_input_format');
         if (!$f) {
             $f = 'ymd';
         }
         $catsenabled = feature_enabled($channel['channel_id'], 'categories');
         $show_bd = perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts');
         if (!$show_bd) {
             $sql_extra .= " and event.etype != 'birthday' ";
         }
         $category = '';
         $thisyear = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y');
         $thismonth = datetime_convert('UTC', date_default_timezone_get(), 'now', 'm');
         if (!$y) {
             $y = intval($thisyear);
         }
         if (!$m) {
             $m = intval($thismonth);
         }
         // Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
         // An upper limit was chosen to keep search engines from exploring links millions of years in the future.
         if ($y < 1901) {
             $y = 1900;
         }
         if ($y > 2099) {
             $y = 2100;
         }
         $nextyear = $y;
         $nextmonth = $m + 1;
         if ($nextmonth > 12) {
             $nextmonth = 1;
             $nextyear++;
         }
         $prevyear = $y;
         if ($m > 1) {
             $prevmonth = $m - 1;
         } else {
             $prevmonth = 12;
             $prevyear--;
         }
         $dim = get_dim($y, $m);
         $start = sprintf('%d-%d-%d %d:%d:%d', $y, $m, 1, 0, 0, 0);
         $finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59);
         if (argv(2) === 'json') {
             if (x($_GET, 'start')) {
                 $start = $_GET['start'];
             }
             if (x($_GET, 'end')) {
                 $finish = $_GET['end'];
             }
         }
         $start = datetime_convert('UTC', 'UTC', $start);
         $finish = datetime_convert('UTC', 'UTC', $finish);
         $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start);
         $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish);
         if (x($_GET, 'id')) {
             $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan\n\t                                from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d {$sql_extra} limit 1", intval($channel['channel_id']), intval($_GET['id']));
         } else {
             // fixed an issue with "nofinish" events not showing up in the calendar.
             // There's still an issue if the finish date crosses the end of month.
             // Noting this for now - it will need to be fixed here and in Friendica.
             // Ultimately the finish date shouldn't be involved in the query.
             $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan\n\t                              from event left join item on event_hash = resource_id \n\t\t\t\t\twhere resource_type = 'event' and event.uid = %d {$ignored} \n\t\t\t\t\tAND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) \n\t\t\t\t\tOR  (  adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) {$sql_extra} ", intval($channel['channel_id']), dbesc($start), dbesc($finish), dbesc($adjust_start), dbesc($adjust_finish));
         }
         $links = array();
         if ($r) {
             xchan_query($r);
             $r = fetch_post_tags($r, true);
             $r = sort_by_date($r);
         }
         if ($r) {
             foreach ($r as $rr) {
                 $j = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'j') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'j');
                 if (!x($links, $j)) {
                     $links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j;
                 }
             }
         }
         $events = array();
         $last_date = '';
         $fmt = t('l, F j');
         if ($r) {
             foreach ($r as $rr) {
                 $j = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'j') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'j');
                 $d = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], $fmt) : datetime_convert('UTC', 'UTC', $rr['dtstart'], $fmt);
                 $d = day_translate($d);
                 $start = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c');
                 if ($rr['nofinish']) {
                     $end = null;
                 } else {
                     $end = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c');
                 }
                 $is_first = $d !== $last_date;
                 $last_date = $d;
                 $edit = false;
                 $drop = false;
                 $title = strip_tags(html_entity_decode(bbcode($rr['summary']), ENT_QUOTES, 'UTF-8'));
                 if (!$title) {
                     list($title, $_trash) = explode("<br", bbcode($rr['desc']), 2);
                     $title = strip_tags(html_entity_decode($title, ENT_QUOTES, 'UTF-8'));
                 }
                 $html = format_event_html($rr);
                 $rr['desc'] = bbcode($rr['desc']);
                 $rr['location'] = bbcode($rr['location']);
                 $events[] = array('id' => $rr['id'], 'hash' => $rr['event_hash'], 'start' => $start, 'end' => $end, 'drop' => $drop, 'allDay' => false, 'title' => $title, 'j' => $j, 'd' => $d, 'edit' => $edit, 'is_first' => $is_first, 'item' => $rr, 'html' => $html, 'plink' => array($rr['plink'], t('Link to Source'), '', ''));
             }
         }
         if (argv(2) === 'json') {
             echo json_encode($events);
             killme();
         }
         // links: array('href', 'text', 'extra css classes', 'title')
         if (x($_GET, 'id')) {
             $tpl = get_markup_template("event_cal.tpl");
         } else {
             $tpl = get_markup_template("events_cal-js.tpl");
         }
         $nick = $channel['channel_address'];
         $o = replace_macros($tpl, array('$baseurl' => z_root(), '$new_event' => array(z_root() . '/cal', $event_id ? t('Edit Event') : t('Create Event'), '', ''), '$previus' => array(z_root() . "/cal/{$nick}/{$prevyear}/{$prevmonth}", t('Previous'), '', ''), '$next' => array(z_root() . "/cal/{$nick}/{$nextyear}/{$nextmonth}", t('Next'), '', ''), '$export' => array(z_root() . "/cal/{$nick}/{$y}/{$m}/export", t('Export'), '', ''), '$calendar' => cal($y, $m, $links, ' eventcal'), '$events' => $events, '$upload' => t('Import'), '$submit' => t('Submit'), '$prev' => t('Previous'), '$next' => t('Next'), '$today' => t('Today'), '$form' => $form, '$expandform' => x($_GET, 'expandform') ? true : false, '$tabs' => $tabs));
         if (x($_GET, 'id')) {
             echo $o;
             killme();
         }
         return $o;
     }
 }
Exemplo n.º 25
0
 function get($update = 0, $load = false)
 {
     $checkjs = new \Zotlabs\Web\CheckJS(1);
     if ($load) {
         $_SESSION['loadtime'] = datetime_convert();
     }
     if (observer_prohibited()) {
         notice(t('Public access denied.') . EOL);
         return;
     }
     require_once "include/bbcode.php";
     require_once 'include/security.php';
     require_once 'include/conversation.php';
     require_once 'include/acl_selectors.php';
     require_once 'include/items.php';
     \App::$page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array());
     if (argc() > 1 && argv(1) !== 'load') {
         $item_hash = argv(1);
     }
     if ($_REQUEST['mid']) {
         $item_hash = $_REQUEST['mid'];
     }
     if (!$item_hash) {
         \App::$error = 404;
         notice(t('Item not found.') . EOL);
         return;
     }
     $observer_is_owner = false;
     if (local_channel() && !$update) {
         $channel = \App::get_channel();
         $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
         $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($channel_acl), 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, 'profile_uid' => local_channel(), 'return_path' => 'channel/' . $channel['channel_address'], 'expanded' => true, 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true);
         $o = '<div id="jot-popup">';
         $o .= status_editor($a, $x);
         $o .= '</div>';
     }
     // This page can be viewed by anybody so the query could be complicated
     // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally.
     // If that fails (or we aren't logged in locally),
     // query an item in which the observer (if logged in remotely) has cid or gid rights
     // and if that fails, look for a copy of the post that has no privacy restrictions.
     // If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported.
     // find a copy of the item somewhere
     $target_item = null;
     $r = q("select id, uid, mid, parent_mid, item_type, item_deleted from item where mid like '%s' limit 1", dbesc($item_hash . '%'));
     if ($r) {
         $target_item = $r[0];
     }
     $r = null;
     if ($target_item['item_type'] == ITEM_TYPE_WEBPAGE) {
         $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']));
         $y = q("select * from iconfig left join item on iconfig.iid = item.id \n\t\t\t\twhere item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['id']));
         if ($x && $y) {
             goaway(z_root() . '/page/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
         } else {
             notice(t('Page not found.') . EOL);
             return '';
         }
     }
     $simple_update = $update ? " AND item_unseen = 1 " : '';
     if ($update && $_SESSION['loadtime']) {
         $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
     }
     if ($load) {
         $simple_update = '';
     }
     if (!$update && !$load) {
         $o .= '<div id="live-display"></div>' . "\r\n";
         $o .= "<script> var profile_uid = " . (intval(local_channel()) ? local_channel() : -1) . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n";
         \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'display', '$uid' => '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '99', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$fh' => '0', '$nouveau' => '0', '$wall' => '0', '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$search' => '', '$order' => '', '$file' => '', '$cats' => '', '$tags' => '', '$dend' => '', '$dbegin' => '', '$verb' => '', '$mid' => $item_hash));
     }
     $observer_hash = get_observer_hash();
     $item_normal = item_normal();
     $sql_extra = public_permissions_sql($observer_hash);
     if ($update && $load || $checkjs->disabled()) {
         $updateable = false;
         $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
         if ($load || $checkjs->disabled()) {
             $r = null;
             require_once 'include/channel.php';
             $sys = get_sys_channel();
             $sysid = $sys['channel_id'];
             if (local_channel()) {
                 $r = q("SELECT * from item\n\t\t\t\t\t\tWHERE uid = %d\n\t\t\t\t\t\tand mid = '%s'\n\t\t\t\t\t\t{$item_normal}\n\t\t\t\t\t\tlimit 1", intval(local_channel()), dbesc($target_item['parent_mid']));
                 if ($r) {
                     $updateable = true;
                 }
             }
             if ($r === null) {
                 // in case somebody turned off public access to sys channel content using permissions
                 // make that content unsearchable by ensuring the owner_xchan can't match
                 if (!perm_is_allowed($sysid, $observer_hash, 'view_stream')) {
                     $sysid = 0;
                 }
                 $r = q("SELECT * from item\n\t\t\t\t\t\tWHERE mid = '%s'\n\t\t\t\t\t\tAND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' \n\t\t\t\t\t\tAND `item`.`deny_gid`  = '' AND item_private = 0 ) \n\t\t\t\t\t\tand owner_xchan in ( " . stream_perms_xchans($observer_hash ? PERMS_NETWORK | PERMS_PUBLIC : PERMS_PUBLIC) . " ))\n\t\t\t\t\t\tOR uid = %d )\n\t\t\t\t\t\t{$sql_extra} )\n\t\t\t\t\t\t{$item_normal}\n\t\t\t\t\t\tlimit 1", dbesc($target_item['parent_mid']), intval($sysid));
             }
         }
     } elseif ($update && !$load) {
         $r = null;
         require_once 'include/channel.php';
         $sys = get_sys_channel();
         $sysid = $sys['channel_id'];
         if (local_channel()) {
             $r = q("SELECT * from item\n\t\t\t\t\tWHERE uid = %d\n\t\t\t\t\tand mid = '%s'\n\t\t\t\t\t{$item_normal}\n\t\t\t\t\t{$simple_update}\n\t\t\t\t\tlimit 1", intval(local_channel()), dbesc($target_item['parent_mid']));
             if ($r) {
                 $updateable = true;
             }
         }
         if ($r === null) {
             // in case somebody turned off public access to sys channel content using permissions
             // make that content unsearchable by ensuring the owner_xchan can't match
             if (!perm_is_allowed($sysid, $observer_hash, 'view_stream')) {
                 $sysid = 0;
             }
             $r = q("SELECT * from item\n\t\t\t\t\tWHERE mid = '%s'\n\t\t\t\t\tAND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' \n\t\t\t\t\tAND `item`.`deny_gid`  = '' AND item_private = 0 ) \n\t\t\t\t\tand owner_xchan in ( " . stream_perms_xchans($observer_hash ? PERMS_NETWORK | PERMS_PUBLIC : PERMS_PUBLIC) . " ))\n\t\t\t\t\tOR uid = %d )\n\t\t\t\t\t{$sql_extra} )\n\t\t\t\t\t{$item_normal}\n\t\t\t\t\t{$simple_update}\n\t\t\t\t\tlimit 1", dbesc($target_item['parent_mid']), intval($sysid));
         }
         $_SESSION['loadtime'] = datetime_convert();
     } else {
         $r = array();
     }
     if ($r) {
         $parents_str = ids_to_querystr($r, 'id');
         if ($parents_str) {
             $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\t\t\tFROM `item`\n\t\t\t\t\tWHERE parent in ( %s ) {$item_normal} ", dbesc($parents_str));
             xchan_query($items);
             $items = fetch_post_tags($items, true);
             $items = conv_sort($items, 'created');
         }
     } else {
         $items = array();
     }
     if ($checkjs->disabled()) {
         $o .= conversation($a, $items, 'display', $update, 'traditional');
         if ($items[0]['title']) {
             \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
         }
     } else {
         $o .= conversation($a, $items, 'display', $update, 'client');
     }
     if ($updateable) {
         $x = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 AND uid = %d and parent = %d ", intval(local_channel()), intval($r[0]['parent']));
     }
     $o .= '<div id="content-complete"></div>';
     return $o;
     /*
     	elseif((! $update) && (!  {
     		
     		$r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1",
     			dbesc($item_hash),
     			dbesc($item_hash)
     		);
     		if($r) {
     			if(intval($r[0]['item_deleted'])) {
     				notice( t('Item has been removed.') . EOL );
     			}
     			else {	
     				notice( t('Permission denied.') . EOL ); 
     			}
     		}
     		else {
     			notice( t('Item not found.') . EOL );
     		}
     
     	}
     */
 }
Exemplo n.º 26
0
Arquivo: zot.php Projeto: 23n/hubzilla
function process_mail_delivery($sender, $arr, $deliveries)
{
    $result = array();
    if ($sender['hash'] != $arr['from_xchan']) {
        logger('process_mail_delivery: sender is not mail author');
        return;
    }
    foreach ($deliveries as $d) {
        $DR = new DReport(z_root(), $sender['hash'], $d['hash'], $arr['mid']);
        $r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($d['hash']));
        if (!$r) {
            $DR->update('recipient not found');
            $result[] = $DR->get();
            continue;
        }
        $channel = $r[0];
        $DR->addto_recipient($channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>');
        if (!perm_is_allowed($channel['channel_id'], $sender['hash'], 'post_mail')) {
            logger("permission denied for mail delivery {$channel['channel_id']}");
            $DR->update('permission denied');
            $result[] = $DR->get();
            continue;
        }
        $r = q("select id from mail where mid = '%s' and channel_id = %d limit 1", dbesc($arr['mid']), intval($channel['channel_id']));
        if ($r) {
            if (intval($arr['mail_recalled'])) {
                $x = q("delete from mail where id = %d and channel_id = %d", intval($r[0]['id']), intval($channel['channel_id']));
                $DR->update('mail recalled');
                $result[] = $DR->get();
                logger('mail_recalled');
            } else {
                $DR->update('duplicate mail received');
                $result[] = $DR->get();
                logger('duplicate mail received');
            }
            continue;
        } else {
            $arr['account_id'] = $channel['channel_account_id'];
            $arr['channel_id'] = $channel['channel_id'];
            $item_id = mail_store($arr);
            $DR->update('mail delivered');
            $result[] = $DR->get();
        }
    }
    return $result;
}
Exemplo n.º 27
0
function dwpost_send(&$a, &$b)
{
    if (!is_item_normal($b) || $b['item_private'] || $b['created'] !== $b['edited']) {
        return;
    }
    if (!perm_is_allowed($b['uid'], '', 'view_stream')) {
        return;
    }
    if (!strstr($b['postopts'], 'dwpost')) {
        return;
    }
    if ($b['parent'] != $b['id']) {
        return;
    }
    // dreamwidth post in the LJ user's timezone.
    // Hopefully the person's Friendica account
    // will be set to the same thing.
    $tz = 'UTC';
    $x = q("select channel_timezone from channel where channel_id = %d limit 1", intval($b['uid']));
    if ($x && strlen($x[0]['channel_timezone'])) {
        $tz = $x[0]['channel_timezone'];
    }
    $dw_username = get_pconfig($b['uid'], 'dwpost', 'dw_username');
    $dw_password = z_unobscure(get_pconfig($b['uid'], 'dwpost', 'dw_password'));
    $dw_blog = 'http://www.dreamwidth.org/interface/xmlrpc';
    if ($dw_username && $dw_password && $dw_blog) {
        require_once 'include/bbcode.php';
        require_once 'include/datetime.php';
        $title = $b['title'];
        $post = bbcode($b['body']);
        $post = xmlify($post);
        $tags = dwpost_get_tags($b['tag']);
        $date = datetime_convert('UTC', $tz, $b['created'], 'Y-m-d H:i:s');
        $year = intval(substr($date, 0, 4));
        $mon = intval(substr($date, 5, 2));
        $day = intval(substr($date, 8, 2));
        $hour = intval(substr($date, 11, 2));
        $min = intval(substr($date, 14, 2));
        $xml = <<<EOT
<?xml version="1.0" encoding="utf-8"?>
<methodCall><methodName>LJ.XMLRPC.postevent</methodName>
<params><param>
<value><struct>
<member><name>year</name><value><int>{$year}</int></value></member>
<member><name>mon</name><value><int>{$mon}</int></value></member>
<member><name>day</name><value><int>{$day}</int></value></member>
<member><name>hour</name><value><int>{$hour}</int></value></member>
<member><name>min</name><value><int>{$min}</int></value></member>
<member><name>event</name><value><string>{$post}</string></value></member>
<member><name>username</name><value><string>{$dw_username}</string></value></member>
<member><name>password</name><value><string>{$dw_password}</string></value></member>
<member><name>subject</name><value><string>{$title}</string></value></member>
<member><name>lineendings</name><value><string>unix</string></value></member>
<member><name>ver</name><value><int>1</int></value></member>
<member><name>props</name>
<value><struct>
<member><name>useragent</name><value><string>Friendica</string></value></member>
<member><name>taglist</name><value><string>{$tags}</string></value></member>
</struct></value></member>
</struct></value>
</param></params>
</methodCall>

EOT;
        logger('dwpost: data: ' . $xml, LOGGER_DATA);
        if ($dw_blog !== 'test') {
            $x = z_post_url($dw_blog, $xml, array('headers' => array("Content-Type: text/xml")));
        }
        logger('posted to dreamwidth: ' . print_r($x, true), LOGGER_DEBUG);
    }
}
Exemplo n.º 28
0
 function init()
 {
     // We need this to make sure the channel theme is always loaded.
     $which = argv(1);
     $profile = 0;
     profile_load($a, $which, $profile);
     if (\App::$profile['profile_uid']) {
         head_set_icon(\App::$profile['thumb']);
     }
     // load the item here in the init function because we need to extract
     // the page layout and initialise the correct theme.
     $observer = \App::get_observer();
     $ob_hash = $observer ? $observer['xchan_hash'] : '';
     // perm_is_allowed is denied unconditionally when 'site blocked to unauthenticated members'.
     // This bypasses that restriction for sys channel (public) content
     if (!perm_is_allowed(\App::$profile['profile_uid'], $ob_hash, 'view_pages') && !is_sys_channel(\App::$profile['profile_uid'])) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     if (argc() < 3) {
         notice(t('Invalid item.') . EOL);
         return;
     }
     $channel_address = argv(1);
     // The page link title was stored in a urlencoded format
     // php or the browser may/will have decoded it, so re-encode it for our search
     $page_id = urlencode(argv(2));
     $u = q("select channel_id from channel where channel_address = '%s' limit 1", dbesc($channel_address));
     if (!$u) {
         notice(t('Channel not found.') . EOL);
         return;
     }
     if ($_REQUEST['rev']) {
         $revision = " and revision = " . intval($_REQUEST['rev']) . " ";
     } else {
         $revision = " order by revision desc ";
     }
     require_once 'include/security.php';
     $sql_options = item_permissions_sql($u[0]['channel_id']);
     $r = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\t\twhere item.uid = %d and sid = '%s' and item.item_delayed = 0 and (( service = 'WEBPAGE' and item_type = %d ) \n\t\t\tOR ( service = 'PDL' AND item_type = %d )) {$sql_options} {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_TYPE_WEBPAGE), intval(ITEM_TYPE_PDL));
     if (!$r) {
         // Check again with no permissions clause to see if it is a permissions issue
         $x = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\t\twhere item.uid = %d and sid = '%s' and item.item_delayed = 0 and service = 'WEBPAGE' and \n\t\t\titem_type = %d {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_TYPE_WEBPAGE));
         if ($x) {
             // Yes, it's there. You just aren't allowed to see it.
             notice(t('Permission denied.') . EOL);
         } else {
             notice(t('Page not found.') . EOL);
         }
         return;
     }
     if ($r[0]['title']) {
         \App::$page['title'] = escape_tags($r[0]['title']);
     }
     if ($r[0]['item_type'] == ITEM_TYPE_PDL) {
         \App::$comanche = new \Zotlabs\Render\Comanche();
         \App::$comanche->parse($r[0]['body']);
         \App::$pdl = $r[0]['body'];
     } elseif ($r[0]['layout_mid']) {
         $l = q("select body from item where mid = '%s' and uid = %d limit 1", dbesc($r[0]['layout_mid']), intval($u[0]['channel_id']));
         if ($l) {
             \App::$comanche = new \Zotlabs\Render\Comanche();
             \App::$comanche->parse($l[0]['body']);
             \App::$pdl = $l[0]['body'];
         }
     }
     \App::$data['webpage'] = $r;
 }
Exemplo n.º 29
0
function advanced_profile(&$a)
{
    require_once 'include/text.php';
    if (!perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_profile')) {
        return '';
    }
    $o = '';
    $o .= '<h2>' . t('Profile') . '</h2>';
    if ($a->profile['name']) {
        $tpl = get_markup_template('profile_advanced.tpl');
        $profile = array();
        $profile['fullname'] = array(t('Full Name:'), $a->profile['name']);
        if ($a->profile['gender']) {
            $profile['gender'] = array(t('Gender:'), $a->profile['gender']);
        }
        $ob_hash = get_observer_hash();
        if ($ob_hash && perm_is_allowed($a->profile['profile_uid'], $ob_hash, 'post_like')) {
            $profile['canlike'] = true;
            $profile['likethis'] = t('Like this channel');
            $profile['profile_guid'] = $a->profile['profile_guid'];
        }
        $likers = q("select liker, xchan.*  from likes left join xchan on liker = xchan_hash where channel_id = %d and target_type = '%s' and verb = '%s'", intval($a->profile['profile_uid']), dbesc(ACTIVITY_OBJ_PROFILE), dbesc(ACTIVITY_LIKE));
        $profile['likers'] = array();
        $profile['like_count'] = count($likers);
        $profile['like_button_label'] = tt('Like', 'Likes', $profile['like_count'], 'noun');
        if ($likers) {
            foreach ($likers as $l) {
                $profile['likers'][] = array('name' => $l['xchan_name'], 'url' => zid($l['xchan_url']));
            }
        }
        if ($a->profile['dob'] && $a->profile['dob'] != '0000-00-00') {
            $val = '';
            if (substr($a->profile['dob'], 5, 2) === '00' || substr($a->profile['dob'], 8, 2) === '00') {
                $val = substr($a->profile['dob'], 0, 4);
            }
            $year_bd_format = t('j F, Y');
            $short_bd_format = t('j F');
            if (!$val) {
                $val = intval($a->profile['dob']) ? day_translate(datetime_convert('UTC', 'UTC', $a->profile['dob'] . ' 00:00 +00:00', $year_bd_format)) : day_translate(datetime_convert('UTC', 'UTC', '2001-' . substr($a->profile['dob'], 5) . ' 00:00 +00:00', $short_bd_format));
            }
            $profile['birthday'] = array(t('Birthday:'), $val);
        }
        if ($age = age($a->profile['dob'], $a->profile['timezone'], '')) {
            $profile['age'] = array(t('Age:'), $age);
        }
        if ($a->profile['marital']) {
            $profile['marital'] = array(t('Status:'), $a->profile['marital']);
        }
        if ($a->profile['with']) {
            $profile['marital']['with'] = bbcode($a->profile['with']);
        }
        if (strlen($a->profile['howlong']) && $a->profile['howlong'] !== NULL_DATE) {
            $profile['howlong'] = relative_date($a->profile['howlong'], t('for %1$d %2$s'));
        }
        if ($a->profile['sexual']) {
            $profile['sexual'] = array(t('Sexual Preference:'), $a->profile['sexual']);
        }
        if ($a->profile['homepage']) {
            $profile['homepage'] = array(t('Homepage:'), linkify($a->profile['homepage']));
        }
        if ($a->profile['hometown']) {
            $profile['hometown'] = array(t('Hometown:'), linkify($a->profile['hometown']));
        }
        if ($a->profile['keywords']) {
            $profile['keywords'] = array(t('Tags:'), $a->profile['keywords']);
        }
        if ($a->profile['politic']) {
            $profile['politic'] = array(t('Political Views:'), $a->profile['politic']);
        }
        if ($a->profile['religion']) {
            $profile['religion'] = array(t('Religion:'), $a->profile['religion']);
        }
        if ($txt = prepare_text($a->profile['about'])) {
            $profile['about'] = array(t('About:'), $txt);
        }
        if ($txt = prepare_text($a->profile['interest'])) {
            $profile['interest'] = array(t('Hobbies/Interests:'), $txt);
        }
        if ($txt = prepare_text($a->profile['likes'])) {
            $profile['likes'] = array(t('Likes:'), $txt);
        }
        if ($txt = prepare_text($a->profile['dislikes'])) {
            $profile['dislikes'] = array(t('Dislikes:'), $txt);
        }
        if ($txt = prepare_text($a->profile['contact'])) {
            $profile['contact'] = array(t('Contact information and Social Networks:'), $txt);
        }
        if ($txt = prepare_text($a->profile['channels'])) {
            $profile['channels'] = array(t('My other channels:'), $txt);
        }
        if ($txt = prepare_text($a->profile['music'])) {
            $profile['music'] = array(t('Musical interests:'), $txt);
        }
        if ($txt = prepare_text($a->profile['book'])) {
            $profile['book'] = array(t('Books, literature:'), $txt);
        }
        if ($txt = prepare_text($a->profile['tv'])) {
            $profile['tv'] = array(t('Television:'), $txt);
        }
        if ($txt = prepare_text($a->profile['film'])) {
            $profile['film'] = array(t('Film/dance/culture/entertainment:'), $txt);
        }
        if ($txt = prepare_text($a->profile['romance'])) {
            $profile['romance'] = array(t('Love/Romance:'), $txt);
        }
        if ($txt = prepare_text($a->profile['work'])) {
            $profile['work'] = array(t('Work/employment:'), $txt);
        }
        if ($txt = prepare_text($a->profile['education'])) {
            $profile['education'] = array(t('School/education:'), $txt);
        }
        if ($a->profile['extra_fields']) {
            foreach ($a->profile['extra_fields'] as $f) {
                $x = q("select * from profdef where field_name = '%s' limit 1", dbesc($f));
                if ($x && ($txt = prepare_text($a->profile[$f]))) {
                    $profile[$f] = array($x[0]['field_desc'] . ':', $txt);
                }
            }
            $profile['extra_fields'] = $a->profile['extra_fields'];
        }
        $things = get_things($a->profile['profile_guid'], $a->profile['profile_uid']);
        //		logger('mod_profile: things: ' . print_r($things,true), LOGGER_DATA);
        return replace_macros($tpl, array('$title' => t('Profile'), '$canlike' => $profile['canlike'] ? true : false, '$likethis' => t('Like this thing'), '$profile' => $profile, '$things' => $things));
    }
    return '';
}
Exemplo n.º 30
0
function zot_feed($uid, $observer_hash, $arr)
{
    $result = array();
    $mindate = null;
    $message_id = null;
    require_once 'include/security.php';
    if (array_key_exists('mindate', $arr)) {
        $mindate = datetime_convert('UTC', 'UTC', $arr['mindate']);
    }
    if (array_key_exists('message_id', $arr)) {
        $message_id = $arr['message_id'];
    }
    if (!$mindate) {
        $mindate = NULL_DATE;
    }
    $mindate = dbesc($mindate);
    logger('zot_feed: requested for uid ' . $uid . ' from observer ' . $observer_hash, LOGGER_DEBUG);
    if ($message_id) {
        logger('message_id: ' . $message_id, LOGGER_DEBUG);
    }
    if (!perm_is_allowed($uid, $observer_hash, 'view_stream')) {
        logger('zot_feed: permission denied.');
        return $result;
    }
    if (!is_sys_channel($uid)) {
        $sql_extra = item_permissions_sql($uid, $observer_hash);
    }
    $limit = " LIMIT 100 ";
    if ($mindate != NULL_DATE) {
        $sql_extra .= " and ( created > '{$mindate}' or changed > '{$mindate}' ) ";
    }
    if ($message_id) {
        $sql_extra .= " and mid = '" . dbesc($message_id) . "' ";
        $limit = '';
    }
    $items = array();
    /** @FIXME fix this part for PostgreSQL */
    if (ACTIVE_DBTYPE == DBTYPE_POSTGRES) {
        return array();
    }
    if (is_sys_channel($uid)) {
        $r = q("SELECT parent, created, postopts from item\n\t\t\tWHERE uid != %d\n\t\t\tAND item_private = 0 AND item_restrict = 0 AND uid in (" . stream_perms_api_uids(PERMS_PUBLIC, 10, 1) . ")\n\t\t\tAND (item_flags &  %d) > 0\n\t\t\t{$sql_extra} GROUP BY parent ORDER BY created ASC {$limit}", intval($uid), intval(ITEM_WALL));
    } else {
        $r = q("SELECT parent, created, postopts from item\n\t\t\tWHERE uid = %d AND item_restrict = 0\n\t\t\tAND (item_flags &  %d) > 0\n\t\t\t{$sql_extra} GROUP BY parent ORDER BY created ASC {$limit}", intval($uid), intval(ITEM_WALL));
    }
    if ($r) {
        for ($x = 0; $x < count($r); $x++) {
            if (strpos($r[$x]['postopts'], 'nodeliver') !== false) {
                unset($r[$x]);
            }
        }
        $parents_str = ids_to_querystr($r, 'parent');
        $sys_query = is_sys_channel($uid) ? $sql_extra : '';
        $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item`\n\t\t\tWHERE `item`.`item_restrict` = 0\n\t\t\tAND `item`.`parent` IN ( %s ) {$sys_query} ", dbesc($parents_str));
    }
    if ($items) {
        xchan_query($items);
        $items = fetch_post_tags($items);
        require_once 'include/conversation.php';
        $items = conv_sort($items, 'ascending');
    } else {
        $items = array();
    }
    logger('zot_feed: number items: ' . count($items), LOGGER_DEBUG);
    foreach ($items as $item) {
        $result[] = encode_item($item);
    }
    return $result;
}