Пример #1
0
/**
 * @brief Refreshes after permission changed or friending, etc.
 *
 * zot_refresh is typically invoked when somebody has changed permissions of a channel and they are notified
 * to fetch new permissions via a finger/discovery operation. This may result in a new connection
 * (abook entry) being added to a local channel and it may result in auto-permissions being granted.
 *
 * Friending in zot is accomplished by sending a refresh packet to a specific channel which indicates a
 * permission change has been made by the sender which affects the target channel. The hub controlling
 * the target channel does targetted discovery (a zot-finger request requesting permissions for the local
 * channel). These are decoded here, and if necessary and abook structure (addressbook) is created to store
 * the permissions assigned to this channel.
 *
 * Initially these abook structures are created with a 'pending' flag, so that no reverse permissions are
 * implied until this is approved by the owner channel. A channel can also auto-populate permissions in
 * return and send back a refresh packet of its own. This is used by forum and group communication channels
 * so that friending and membership in the channel's "club" is automatic.
 *
 * @param array $them => xchan structure of sender
 * @param array $channel => local channel structure of target recipient, required for "friending" operations
 * @param array $force default false
 *
 * @returns boolean true if successful, else false
 */
function zot_refresh($them, $channel = null, $force = false)
{
    if (array_key_exists('xchan_network', $them) && $them['xchan_network'] !== 'zot') {
        logger('zot_refresh: not got zot. ' . $them['xchan_name']);
        return true;
    }
    logger('zot_refresh: them: ' . print_r($them, true), LOGGER_DATA);
    if ($channel) {
        logger('zot_refresh: channel: ' . print_r($channel, true), LOGGER_DATA);
    }
    $url = null;
    if ($them['hubloc_url']) {
        $url = $them['hubloc_url'];
    } else {
        $r = null;
        // if they re-installed the server we could end up with the wrong record - pointing to the old install.
        // We'll order by reverse id to try and pick off the newest one first and hopefully end up with the
        // correct hubloc. If this doesn't work we may have to re-write this section to try them all.
        if (array_key_exists('xchan_addr', $them) && $them['xchan_addr']) {
            $r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_addr = '%s' order by hubloc_id desc", dbesc($them['xchan_addr']));
        }
        if (!$r) {
            $r = q("select hubloc_url, hubloc_primary from hubloc where hubloc_hash = '%s' order by hubloc_id desc", dbesc($them['xchan_hash']));
        }
        if ($r) {
            foreach ($r as $rr) {
                if (intval($rr['hubloc_primary'])) {
                    $url = $rr['hubloc_url'];
                    break;
                }
            }
            if (!$url) {
                $url = $r[0]['hubloc_url'];
            }
        }
    }
    if (!$url) {
        logger('zot_refresh: no url');
        return false;
    }
    $postvars = array();
    if ($channel) {
        $postvars['target'] = $channel['channel_guid'];
        $postvars['target_sig'] = $channel['channel_guid_sig'];
        $postvars['key'] = $channel['channel_pubkey'];
    }
    if (array_key_exists('xchan_addr', $them) && $them['xchan_addr']) {
        $postvars['address'] = $them['xchan_addr'];
    }
    if (array_key_exists('xchan_hash', $them) && $them['xchan_hash']) {
        $postvars['guid_hash'] = $them['xchan_hash'];
    }
    if (array_key_exists('xchan_guid', $them) && $them['xchan_guid'] && array_key_exists('xchan_guid_sig', $them) && $them['xchan_guid_sig']) {
        $postvars['guid'] = $them['xchan_guid'];
        $postvars['guid_sig'] = $them['xchan_guid_sig'];
    }
    $rhs = '/.well-known/zot-info';
    $result = z_post_url($url . $rhs, $postvars);
    logger('zot_refresh: zot-info: ' . print_r($result, true), LOGGER_DATA);
    if ($result['success']) {
        $j = json_decode($result['body'], true);
        if (!($j && $j['success'])) {
            logger('zot_refresh: result not decodable');
            return false;
        }
        $x = import_xchan($j, $force ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED);
        if (!$x['success']) {
            return false;
        }
        $their_perms = 0;
        if ($channel) {
            $global_perms = get_perms();
            if ($j['permissions']['data']) {
                $permissions = crypto_unencapsulate(array('data' => $j['permissions']['data'], 'key' => $j['permissions']['key'], 'iv' => $j['permissions']['iv']), $channel['channel_prvkey']);
                if ($permissions) {
                    $permissions = json_decode($permissions, true);
                }
                logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA);
            } else {
                $permissions = $j['permissions'];
            }
            $connected_set = false;
            if ($permissions && is_array($permissions)) {
                foreach ($permissions as $k => $v) {
                    // The connected permission means you are in their address book
                    if ($k === 'connected') {
                        $connected_set = intval($v);
                        continue;
                    }
                    if ($v && array_key_exists($k, $global_perms)) {
                        $their_perms = $their_perms | intval($global_perms[$k][1]);
                    }
                }
            }
            if (array_key_exists('profile', $j) && array_key_exists('next_birthday', $j['profile'])) {
                $next_birthday = datetime_convert('UTC', 'UTC', $j['profile']['next_birthday']);
            } else {
                $next_birthday = NULL_DATE;
            }
            $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1", dbesc($x['hash']), intval($channel['channel_id']));
            if ($r) {
                // connection exists
                // if the dob is the same as what we have stored (disregarding the year), keep the one
                // we have as we may have updated the year after sending a notification; and resetting
                // to the one we just received would cause us to create duplicated events.
                if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5)) {
                    $next_birthday = $r[0]['abook_dob'];
                }
                $current_abook_connected = intval($r[0]['abook_unconnected']) ? 0 : 1;
                $y = q("update abook set abook_their_perms = %d, abook_dob = '%s'\n\t\t\t\t\twhere abook_xchan = '%s' and abook_channel = %d\n\t\t\t\t\tand abook_self = 0 ", intval($their_perms), dbescdate($next_birthday), dbesc($x['hash']), intval($channel['channel_id']));
                //				if(($connected_set === 0 || $connected_set === 1) && ($connected_set !== $current_abook_unconnected)) {
                // if they are in your address book but you aren't in theirs, and/or this does not
                // match your current connected state setting, toggle it.
                /** @FIXME uncoverted to postgres */
                /** @FIXME when this was enabled, all contacts became unconnected. Currently disabled intentionally */
                //					$y1 = q("update abook set abook_unconnected = 1
                //						where abook_xchan = '%s' and abook_channel = %d
                //						and abook_self = 0 limit 1",
                //						dbesc($x['hash']),
                //						intval($channel['channel_id'])
                //					);
                //				}
                if (!$y) {
                    logger('abook update failed');
                } else {
                    // if we were just granted read stream permission and didn't have it before, try to pull in some posts
                    if (!($r[0]['abook_their_perms'] & PERMS_R_STREAM) && $their_perms & PERMS_R_STREAM) {
                        proc_run('php', 'include/onepoll.php', $r[0]['abook_id']);
                    }
                }
            } else {
                // new connection
                $role = get_pconfig($channel['channel_id'], 'system', 'permissions_role');
                if ($role) {
                    $xx = get_role_perms($role);
                    if ($xx['perms_auto']) {
                        $default_perms = $xx['perms_accept'];
                    }
                }
                if (!$default_perms) {
                    $default_perms = intval(get_pconfig($channel['channel_id'], 'system', 'autoperms'));
                }
                // Keep original perms to check if we need to notify them
                $previous_perms = get_all_perms($channel['channel_id'], $x['hash']);
                $closeness = get_pconfig($channel['channel_id'], 'system', 'new_abook_closeness');
                if ($closeness === false) {
                    $closeness = 80;
                }
                $y = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_their_perms, abook_my_perms, abook_created, abook_updated, abook_dob, abook_pending ) values ( %d, %d, %d, '%s', %d, %d, '%s', '%s', '%s', %d )", intval($channel['channel_account_id']), intval($channel['channel_id']), intval($closeness), dbesc($x['hash']), intval($their_perms), intval($default_perms), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($next_birthday), intval($default_perms ? 0 : 1));
                if ($y) {
                    logger("New introduction received for {$channel['channel_name']}");
                    $new_perms = get_all_perms($channel['channel_id'], $x['hash']);
                    // Send a clone sync packet and a permissions update if permissions have changed
                    $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 order by abook_created desc limit 1", dbesc($x['hash']), intval($channel['channel_id']));
                    if ($new_connection) {
                        if ($new_perms != $previous_perms) {
                            proc_run('php', 'include/notifier.php', 'permission_create', $new_connection[0]['abook_id']);
                        }
                        require_once 'include/enotify.php';
                        notification(array('type' => NOTIFY_INTRO, 'from_xchan' => $x['hash'], 'to_xchan' => $channel['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id']));
                        if ($their_perms & PERMS_R_STREAM) {
                            if ($channel['channel_w_stream'] & PERMS_PENDING || !intval($new_connection[0]['abook_pending'])) {
                                proc_run('php', 'include/onepoll.php', $new_connection[0]['abook_id']);
                            }
                        }
                        unset($new_connection[0]['abook_id']);
                        unset($new_connection[0]['abook_account']);
                        unset($new_connection[0]['abook_channel']);
                        build_sync_packet($channel['channel_id'], array('abook' => $new_connection));
                    }
                }
            }
        }
        return true;
    }
    return false;
}
Пример #2
0
function settings_post(&$a)
{
    if (!local_channel()) {
        return;
    }
    if ($_SESSION['delegate']) {
        return;
    }
    $channel = $a->get_channel();
    logger('mod_settings: ' . print_r($_REQUEST, true));
    if (argc() > 1 && argv(1) === 'oauth' && x($_POST, 'remove')) {
        check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
        $key = $_POST['remove'];
        q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_channel());
        goaway($a->get_baseurl(true) . "/settings/oauth/");
        return;
    }
    if (argc() > 2 && argv(1) === 'oauth' && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST, 'submit')) {
        check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
        $name = x($_POST, 'name') ? $_POST['name'] : '';
        $key = x($_POST, 'key') ? $_POST['key'] : '';
        $secret = x($_POST, 'secret') ? $_POST['secret'] : '';
        $redirect = x($_POST, 'redirect') ? $_POST['redirect'] : '';
        $icon = x($_POST, 'icon') ? $_POST['icon'] : '';
        $ok = true;
        if ($name == '') {
            $ok = false;
            notice(t('Name is required') . EOL);
        }
        if ($key == '' || $secret == '') {
            $ok = false;
            notice(t('Key and Secret are required') . EOL);
        }
        if ($ok) {
            if ($_POST['submit'] == t("Update")) {
                $r = q("UPDATE clients SET\n\t\t\t\t\t\t\tclient_id='%s',\n\t\t\t\t\t\t\tpw='%s',\n\t\t\t\t\t\t\tname='%s',\n\t\t\t\t\t\t\tredirect_uri='%s',\n\t\t\t\t\t\t\ticon='%s',\n\t\t\t\t\t\t\tuid=%d\n\t\t\t\t\t\tWHERE client_id='%s'", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), intval(local_channel()), dbesc($key));
            } else {
                $r = q("INSERT INTO clients (client_id, pw, name, redirect_uri, icon, uid)\n\t\t\t\t\tVALUES ('%s','%s','%s','%s','%s',%d)", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), intval(local_channel()));
                $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", dbesc($key), intval(local_channel()), dbesc('all'));
            }
        }
        goaway($a->get_baseurl(true) . "/settings/oauth/");
        return;
    }
    if (argc() > 1 && argv(1) == 'featured') {
        check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured');
        call_hooks('feature_settings_post', $_POST);
        build_sync_packet();
        return;
    }
    if (argc() > 1 && argv(1) === 'features') {
        check_form_security_token_redirectOnErr('/settings/features', 'settings_features');
        // Build list of features and check which are set
        $features = get_features();
        $all_features = array();
        foreach ($features as $k => $v) {
            foreach ($v as $f) {
                $all_features[] = $f[0];
            }
        }
        foreach ($all_features as $k) {
            if (x($_POST, "feature_{$k}")) {
                set_pconfig(local_channel(), 'feature', $k, 1);
            } else {
                set_pconfig(local_channel(), 'feature', $k, 0);
            }
        }
        build_sync_packet();
        return;
    }
    if (argc() > 1 && argv(1) == 'display') {
        check_form_security_token_redirectOnErr('/settings/display', 'settings_display');
        $theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : $a->channel['channel_theme'];
        $mobile_theme = x($_POST, 'mobile_theme') ? notags(trim($_POST['mobile_theme'])) : '';
        $user_scalable = x($_POST, 'user_scalable') ? intval($_POST['user_scalable']) : 0;
        $nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
        $title_tosource = x($_POST, 'title_tosource') ? intval($_POST['title_tosource']) : 0;
        $channel_list_mode = x($_POST, 'channel_list_mode') ? intval($_POST['channel_list_mode']) : 0;
        $network_list_mode = x($_POST, 'network_list_mode') ? intval($_POST['network_list_mode']) : 0;
        $channel_divmore_height = x($_POST, 'channel_divmore_height') ? intval($_POST['channel_divmore_height']) : 400;
        if ($channel_divmore_height < 50) {
            $channel_divmore_height = 50;
        }
        $network_divmore_height = x($_POST, 'network_divmore_height') ? intval($_POST['network_divmore_height']) : 400;
        if ($network_divmore_height < 50) {
            $network_divmore_height = 50;
        }
        $browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0;
        $browser_update = $browser_update * 1000;
        if ($browser_update < 10000) {
            $browser_update = 10000;
        }
        $itemspage = x($_POST, 'itemspage') ? intval($_POST['itemspage']) : 20;
        if ($itemspage > 100) {
            $itemspage = 100;
        }
        if ($mobile_theme == "---") {
            del_pconfig(local_channel(), 'system', 'mobile_theme');
        } else {
            set_pconfig(local_channel(), 'system', 'mobile_theme', $mobile_theme);
        }
        set_pconfig(local_channel(), 'system', 'user_scalable', $user_scalable);
        set_pconfig(local_channel(), 'system', 'update_interval', $browser_update);
        set_pconfig(local_channel(), 'system', 'itemspage', $itemspage);
        set_pconfig(local_channel(), 'system', 'no_smilies', 1 - intval($nosmile));
        set_pconfig(local_channel(), 'system', 'title_tosource', $title_tosource);
        set_pconfig(local_channel(), 'system', 'channel_list_mode', $channel_list_mode);
        set_pconfig(local_channel(), 'system', 'network_list_mode', $network_list_mode);
        set_pconfig(local_channel(), 'system', 'channel_divmore_height', $channel_divmore_height);
        set_pconfig(local_channel(), 'system', 'network_divmore_height', $network_divmore_height);
        if ($theme == $a->channel['channel_theme']) {
            // call theme_post only if theme has not been changed
            if (($themeconfigfile = get_theme_config_file($theme)) != null) {
                require_once $themeconfigfile;
                theme_post($a);
            }
        }
        $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", dbesc($theme), intval(local_channel()));
        call_hooks('display_settings_post', $_POST);
        build_sync_packet();
        goaway($a->get_baseurl(true) . '/settings/display');
        return;
        // NOTREACHED
    }
    if (argc() > 1 && argv(1) === 'account') {
        check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
        call_hooks('account_settings_post', $_POST);
        //		call_hooks('settings_account', $_POST);
        $errs = array();
        if (x($_POST, 'npassword') || x($_POST, 'confirm')) {
            $newpass = $_POST['npassword'];
            $confirm = $_POST['confirm'];
            if ($newpass != $confirm) {
                $errs[] = t('Passwords do not match. Password unchanged.');
            }
            if (!x($newpass) || !x($confirm)) {
                $errs[] = t('Empty passwords are not allowed. Password unchanged.');
            }
            if (!$errs) {
                $salt = random_string(32);
                $password_encoded = hash('whirlpool', $salt . $newpass);
                $r = q("update account set account_salt = '%s', account_password = '******', account_password_changed = '%s' \n\t\t\t\t\twhere account_id = %d", dbesc($salt), dbesc($password_encoded), dbesc(datetime_convert()), intval(get_account_id()));
                if ($r) {
                    info(t('Password changed.') . EOL);
                } else {
                    $errs[] = t('Password update failed. Please try again.');
                }
            }
        }
        if ($errs) {
            foreach ($errs as $err) {
                notice($err . EOL);
            }
            $errs = array();
        }
        $email = x($_POST, 'email') ? trim(notags($_POST['email'])) : '';
        $account = $a->get_account();
        if ($email != $account['account_email']) {
            if (!valid_email($email)) {
                $errs[] = t('Not valid email.');
            }
            $adm = trim(get_config('system', 'admin_email'));
            if ($adm && strcasecmp($email, $adm) == 0) {
                $errs[] = t('Protected email address. Cannot change to that email.');
                $email = $a->user['email'];
            }
            if (!$errs) {
                $r = q("update account set account_email = '%s' where account_id = %d", dbesc($email), intval($account['account_id']));
                if (!$r) {
                    $errs[] = t('System failure storing new email. Please try again.');
                }
            }
        }
        if ($errs) {
            foreach ($errs as $err) {
                notice($err . EOL);
            }
        }
        goaway($a->get_baseurl(true) . '/settings/account');
    }
    check_form_security_token_redirectOnErr('/settings', 'settings');
    call_hooks('settings_post', $_POST);
    $set_perms = '';
    $role = x($_POST, 'permissions_role') ? notags(trim($_POST['permissions_role'])) : '';
    $oldrole = get_pconfig(local_channel(), 'system', 'permissions_role');
    if ($role != $oldrole || $role === 'custom') {
        if ($role === 'custom') {
            $hide_presence = x($_POST, 'hide_presence') && intval($_POST['hide_presence']) == 1 ? 1 : 0;
            $publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0;
            $def_group = x($_POST, 'group-selection') ? notags(trim($_POST['group-selection'])) : '';
            $r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_channel()));
            $global_perms = get_perms();
            foreach ($global_perms as $k => $v) {
                $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
            }
            $acl = new AccessList($channel);
            $acl->set_from_array($_POST);
            $x = $acl->get();
            $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', \n\t\t\t\tchannel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", dbesc($x['allow_cid']), dbesc($x['allow_gid']), dbesc($x['deny_cid']), dbesc($x['deny_gid']), intval(local_channel()));
        } else {
            $role_permissions = get_role_perms($_POST['permissions_role']);
            if (!$role_permissions) {
                notice('Permissions category could not be found.');
                return;
            }
            $hide_presence = 1 - intval($role_permissions['online']);
            if ($role_permissions['default_collection']) {
                $r = q("select hash from groups where uid = %d and name = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                if (!$r) {
                    require_once 'include/group.php';
                    group_add(local_channel(), t('Friends'));
                    group_add_member(local_channel(), t('Friends'), $channel['channel_hash']);
                    $r = q("select hash from groups where uid = %d and name = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                }
                if ($r) {
                    q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval(local_channel()));
                } else {
                    notice(sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL);
                    return;
                }
            } else {
                q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', \n\t\t\t\t\tchannel_deny_cid = '' where channel_id = %d", intval(local_channel()));
            }
            $r = q("update abook set abook_my_perms  = %d where abook_channel = %d and abook_self = 1", intval(array_key_exists('perms_accept', $role_permissions) ? $role_permissions['perms_accept'] : 0), intval(local_channel()));
            set_pconfig(local_channel(), 'system', 'autoperms', $role_permissions['perms_auto'] ? intval($role_permissions['perms_accept']) : 0);
            foreach ($role_permissions as $p => $v) {
                if (strpos($p, 'channel_') !== false) {
                    $set_perms .= ', ' . $p . ' = ' . intval($v) . ' ';
                }
                if ($p === 'directory_publish') {
                    $publish = intval($v);
                }
            }
        }
        set_pconfig(local_channel(), 'system', 'hide_online_status', $hide_presence);
        set_pconfig(local_channel(), 'system', 'permissions_role', $role);
    }
    $username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
    $timezone = x($_POST, 'timezone_select') ? notags(trim($_POST['timezone_select'])) : '';
    $defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : '';
    $openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
    $maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0;
    $expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0;
    $evdays = x($_POST, 'evdays') ? intval($_POST['evdays']) : 3;
    $photo_path = x($_POST, 'photo_path') ? escape_tags(trim($_POST['photo_path'])) : '';
    $attach_path = x($_POST, 'attach_path') ? escape_tags(trim($_POST['attach_path'])) : '';
    $channel_menu = x($_POST['channel_menu']) ? htmlspecialchars_decode(trim($_POST['channel_menu']), ENT_QUOTES) : '';
    $expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0;
    $expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0;
    $expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0;
    $expire_network_only = x($_POST, 'expire_network_only') ? intval($_POST['expire_network_only']) : 0;
    $allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0;
    $blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1;
    // this setting is inverted!
    $unkmail = x($_POST, 'unkmail') && intval($_POST['unkmail']) == 1 ? 1 : 0;
    $cntunkmail = x($_POST, 'cntunkmail') ? intval($_POST['cntunkmail']) : 0;
    $suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0;
    $post_newfriend = $_POST['post_newfriend'] == 1 ? 1 : 0;
    $post_joingroup = $_POST['post_joingroup'] == 1 ? 1 : 0;
    $post_profilechange = $_POST['post_profilechange'] == 1 ? 1 : 0;
    $adult = $_POST['adult'] == 1 ? 1 : 0;
    $cal_first_day = x($_POST, 'first_day') && intval($_POST['first_day']) == 1 ? 1 : 0;
    $channel = $a->get_channel();
    $pageflags = $channel['channel_pageflags'];
    $existing_adult = $pageflags & PAGE_ADULT ? 1 : 0;
    if ($adult != $existing_adult) {
        $pageflags = $pageflags ^ PAGE_ADULT;
    }
    $notify = 0;
    if (x($_POST, 'notify1')) {
        $notify += intval($_POST['notify1']);
    }
    if (x($_POST, 'notify2')) {
        $notify += intval($_POST['notify2']);
    }
    if (x($_POST, 'notify3')) {
        $notify += intval($_POST['notify3']);
    }
    if (x($_POST, 'notify4')) {
        $notify += intval($_POST['notify4']);
    }
    if (x($_POST, 'notify5')) {
        $notify += intval($_POST['notify5']);
    }
    if (x($_POST, 'notify6')) {
        $notify += intval($_POST['notify6']);
    }
    if (x($_POST, 'notify7')) {
        $notify += intval($_POST['notify7']);
    }
    if (x($_POST, 'notify8')) {
        $notify += intval($_POST['notify8']);
    }
    $vnotify = 0;
    if (x($_POST, 'vnotify1')) {
        $vnotify += intval($_POST['vnotify1']);
    }
    if (x($_POST, 'vnotify2')) {
        $vnotify += intval($_POST['vnotify2']);
    }
    if (x($_POST, 'vnotify3')) {
        $vnotify += intval($_POST['vnotify3']);
    }
    if (x($_POST, 'vnotify4')) {
        $vnotify += intval($_POST['vnotify4']);
    }
    if (x($_POST, 'vnotify5')) {
        $vnotify += intval($_POST['vnotify5']);
    }
    if (x($_POST, 'vnotify6')) {
        $vnotify += intval($_POST['vnotify6']);
    }
    if (x($_POST, 'vnotify7')) {
        $vnotify += intval($_POST['vnotify7']);
    }
    if (x($_POST, 'vnotify8')) {
        $vnotify += intval($_POST['vnotify8']);
    }
    if (x($_POST, 'vnotify9')) {
        $vnotify += intval($_POST['vnotify9']);
    }
    if (x($_POST, 'vnotify10')) {
        $vnotify += intval($_POST['vnotify10']);
    }
    if (x($_POST, 'vnotify11')) {
        $vnotify += intval($_POST['vnotify11']);
    }
    $always_show_in_notices = x($_POST, 'always_show_in_notices') ? 1 : 0;
    $channel = $a->get_channel();
    $err = '';
    $name_change = false;
    if ($username != $channel['channel_name']) {
        $name_change = true;
        require_once 'include/identity.php';
        $err = validate_channelname($username);
        if ($err) {
            notice($err);
            return;
        }
    }
    if ($timezone != $channel['channel_timezone']) {
        if (strlen($timezone)) {
            date_default_timezone_set($timezone);
        }
    }
    set_pconfig(local_channel(), 'system', 'use_browser_location', $allow_location);
    set_pconfig(local_channel(), 'system', 'suggestme', $suggestme);
    set_pconfig(local_channel(), 'system', 'post_newfriend', $post_newfriend);
    set_pconfig(local_channel(), 'system', 'post_joingroup', $post_joingroup);
    set_pconfig(local_channel(), 'system', 'post_profilechange', $post_profilechange);
    set_pconfig(local_channel(), 'system', 'blocktags', $blocktags);
    set_pconfig(local_channel(), 'system', 'channel_menu', $channel_menu);
    set_pconfig(local_channel(), 'system', 'vnotify', $vnotify);
    set_pconfig(local_channel(), 'system', 'always_show_in_notices', $always_show_in_notices);
    set_pconfig(local_channel(), 'system', 'evdays', $evdays);
    set_pconfig(local_channel(), 'system', 'photo_path', $photo_path);
    set_pconfig(local_channel(), 'system', 'attach_path', $attach_path);
    set_pconfig(local_channel(), 'system', 'cal_first_day', $cal_first_day);
    $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d {$set_perms} where channel_id = %d", dbesc($username), intval($pageflags), dbesc($timezone), dbesc($defloc), intval($notify), intval($unkmail), intval($maxreq), intval($expire), intval(local_channel()));
    if ($r) {
        info(t('Settings updated.') . EOL);
    }
    if (!is_null($publish)) {
        $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_channel()));
    }
    if ($name_change) {
        $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", dbesc($username), dbesc(datetime_convert()), dbesc($channel['channel_hash']));
        $r = q("update profile set name = '%s' where uid = %d and is_default = 1", dbesc($username), intval($channel['channel_id']));
    }
    proc_run('php', 'include/directory.php', local_channel());
    build_sync_packet();
    //$_SESSION['theme'] = $theme;
    if ($email_changed && $a->config['system']['register_policy'] == REGISTER_VERIFY) {
        // FIXME - set to un-verified, blocked and redirect to logout
        // Why? Are we verifying people or email addresses?
    }
    goaway($a->get_baseurl(true) . '/settings');
    return;
    // NOTREACHED
}
Пример #3
0
/**
 * @brief Create a new channel.
 *
 * Also creates the related xchan, hubloc, profile, and "self" abook records,
 * and an empty "Friends" group/collection for the new channel.
 *
 * @param array $arr assoziative array with:
 *  * \e string \b name full name of channel
 *  * \e string \b nickname "email/url-compliant" nickname
 *  * \e int \b account_id to attach with this channel
 *  * [other identity fields as desired]
 *
 * @returns array
 *     'success' => boolean true or false
 *     'message' => optional error text if success is false
 *     'channel' => if successful the created channel array
 */
function create_identity($arr)
{
    $a = get_app();
    $ret = array('success' => false);
    if (!$arr['account_id']) {
        $ret['message'] = t('No account identifier');
        return $ret;
    }
    $ret = identity_check_service_class($arr['account_id']);
    if (!$ret['success']) {
        return $ret;
    }
    // save this for auto_friending
    $total_identities = $ret['total_identities'];
    $nick = mb_strtolower(trim($arr['nickname']));
    if (!$nick) {
        $ret['message'] = t('Nickname is required.');
        return $ret;
    }
    $name = escape_tags($arr['name']);
    $pageflags = x($arr, 'pageflags') ? intval($arr['pageflags']) : PAGE_NORMAL;
    $system = x($arr, 'system') ? intval($arr['system']) : 0;
    $name_error = validate_channelname($arr['name']);
    if ($name_error) {
        $ret['message'] = $name_error;
        return $ret;
    }
    if ($nick === 'sys' && !$system) {
        $ret['message'] = t('Reserved nickname. Please choose another.');
        return $ret;
    }
    if (check_webbie(array($nick)) !== $nick) {
        $ret['message'] = t('Nickname has unsupported characters or is already being used on this site.');
        return $ret;
    }
    $guid = zot_new_uid($nick);
    $key = new_keypair(4096);
    $sig = base64url_encode(rsa_sign($guid, $key['prvkey']));
    $hash = make_xchan_hash($guid, $sig);
    // Force a few things on the short term until we can provide a theme or app with choice
    $publish = 1;
    if (array_key_exists('publish', $arr)) {
        $publish = intval($arr['publish']);
    }
    $primary = true;
    if (array_key_exists('primary', $arr)) {
        $primary = intval($arr['primary']);
    }
    $role_permissions = null;
    $global_perms = get_perms();
    if (array_key_exists('permissions_role', $arr) && $arr['permissions_role']) {
        $role_permissions = get_role_perms($arr['permissions_role']);
        if ($role_permissions) {
            foreach ($role_permissions as $p => $v) {
                if (strpos($p, 'channel_') !== false) {
                    $perms_keys .= ', ' . $p;
                    $perms_vals .= ', ' . intval($v);
                }
                if ($p === 'directory_publish') {
                    $publish = intval($v);
                }
            }
        }
    } else {
        $defperms = site_default_perms();
        foreach ($defperms as $p => $v) {
            $perms_keys .= ', ' . $global_perms[$p][0];
            $perms_vals .= ', ' . intval($v);
        }
    }
    $expire = 0;
    $r = q("insert into channel ( channel_account_id, channel_primary, \n\t\tchannel_name, channel_address, channel_guid, channel_guid_sig,\n\t\tchannel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone {$perms_keys} )\n\t\tvalues ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' {$perms_vals} ) ", intval($arr['account_id']), intval($primary), dbesc($name), dbesc($nick), dbesc($guid), dbesc($sig), dbesc($hash), dbesc($key['prvkey']), dbesc($key['pubkey']), intval($pageflags), intval($system), intval($expire), dbesc($a->timezone));
    $r = q("select * from channel where channel_account_id = %d \n\t\tand channel_guid = '%s' limit 1", intval($arr['account_id']), dbesc($guid));
    if (!$r) {
        $ret['message'] = t('Unable to retrieve created identity');
        return $ret;
    }
    $ret['channel'] = $r[0];
    if (intval($arr['account_id'])) {
        set_default_login_identity($arr['account_id'], $ret['channel']['channel_id'], false);
    }
    // Create a verified hub location pointing to this site.
    $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary, \n\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )\n\t\tvalues ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )", dbesc($guid), dbesc($sig), dbesc($hash), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), intval($primary), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $ret['channel']['channel_prvkey']))), dbesc(get_app()->get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')), dbesc('zot'));
    if (!$r) {
        logger('create_identity: Unable to store hub location');
    }
    $newuid = $ret['channel']['channel_id'];
    $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_system ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", dbesc($hash), dbesc($guid), dbesc($sig), dbesc($key['pubkey']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/s/{$newuid}"), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), dbesc(z_root() . '/channel/' . $ret['channel']['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $ret['channel']['channel_address']), dbesc($ret['channel']['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($system));
    // Not checking return value.
    // It's ok for this to fail if it's an imported channel, and therefore the hash is a duplicate
    $r = q("INSERT INTO profile ( aid, uid, profile_guid, profile_name, is_default, publish, name, photo, thumb)\n\t\tVALUES ( %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s') ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc(random_string()), t('Default Profile'), 1, $publish, dbesc($ret['channel']['channel_name']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"));
    if ($role_permissions) {
        $myperms = array_key_exists('perms_auto', $role_permissions) && $role_permissions['perms_auto'] ? intval($role_permissions['perms_accept']) : 0;
    } else {
        $myperms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_WALL | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES | PERMS_W_LIKE;
    }
    $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_self, abook_my_perms )\n\t\tvalues ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc($hash), intval(0), dbesc(datetime_convert()), dbesc(datetime_convert()), intval(1), intval($myperms));
    if (intval($ret['channel']['channel_account_id'])) {
        // Save our permissions role so we can perhaps call it up and modify it later.
        if ($role_permissions) {
            set_pconfig($newuid, 'system', 'permissions_role', $arr['permissions_role']);
            if (array_key_exists('online', $role_permissions)) {
                set_pconfig($newuid, 'system', 'hide_presence', 1 - intval($role_permissions['online']));
            }
            if (array_key_exists('perms_auto', $role_permissions)) {
                set_pconfig($newuid, 'system', 'autoperms', $role_permissions['perms_auto'] ? $role_permissions['perms_accept'] : 0);
            }
        }
        // Create a group with yourself as a member. This allows somebody to use it
        // right away as a default group for new contacts.
        require_once 'include/group.php';
        group_add($newuid, t('Friends'));
        group_add_member($newuid, t('Friends'), $ret['channel']['channel_hash']);
        // if our role_permissions indicate that we're using a default collection ACL, add it.
        if (is_array($role_permissions) && $role_permissions['default_collection']) {
            $r = q("select hash from groups where uid = %d and name = '%s' limit 1", intval($newuid), dbesc(t('Friends')));
            if ($r) {
                q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval($newuid));
            }
        }
        if (!$system) {
            set_pconfig($ret['channel']['channel_id'], 'system', 'photo_path', '%Y-%m');
            set_pconfig($ret['channel']['channel_id'], 'system', 'attach_path', '%Y-%m');
        }
        // auto-follow any of the hub's pre-configured channel choices.
        // Only do this if it's the first channel for this account;
        // otherwise it could get annoying. Don't make this list too big
        // or it will impact registration time.
        $accts = get_config('system', 'auto_follow');
        if ($accts && !$total_identities) {
            require_once 'include/follow.php';
            if (!is_array($accts)) {
                $accts = array($accts);
            }
            foreach ($accts as $acct) {
                if (trim($acct)) {
                    new_contact($newuid, trim($acct), $ret['channel'], false);
                }
            }
        }
        call_hooks('create_identity', $newuid);
        proc_run('php', 'include/directory.php', $ret['channel']['channel_id']);
    }
    $ret['success'] = true;
    return $ret;
}
Пример #4
0
function new_contact($uid, $url, $channel, $interactive = false, $confirm = false)
{
    $result = array('success' => false, 'message' => '');
    $a = get_app();
    $is_red = false;
    $is_http = strpos($url, '://') !== false ? true : false;
    if ($is_http && substr($url, -1, 1) === '/') {
        $url = substr($url, 0, -1);
    }
    if (!allowed_url($url)) {
        $result['message'] = t('Channel is blocked on this site.');
        return $result;
    }
    if (!$url) {
        $result['message'] = t('Channel location missing.');
        return $result;
    }
    // check service class limits
    $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", intval($uid));
    if ($r) {
        $total_channels = $r[0]['total'];
    }
    if (!service_class_allows($uid, 'total_channels', $total_channels)) {
        $result['message'] = upgrade_message();
        return $result;
    }
    $arr = array('url' => $url, 'channel' => array());
    call_hooks('follow', $arr);
    if ($arr['channel']['success']) {
        $ret = $arr['channel'];
    } elseif (!$is_http) {
        $ret = zot_finger($url, $channel);
    }
    if ($ret && $ret['success']) {
        $is_red = true;
        $j = json_decode($ret['body'], true);
    }
    $my_perms = get_channel_default_perms($uid);
    $role = get_pconfig($uid, 'system', 'permissions_role');
    if ($role) {
        $x = get_role_perms($role);
        if ($x['perms_follow']) {
            $my_perms = $x['perms_follow'];
        }
    }
    if ($is_red && $j) {
        logger('follow: ' . $url . ' ' . print_r($j, true), LOGGER_DEBUG);
        if (!($j['success'] && $j['guid'])) {
            $result['message'] = t('Response from remote channel was incomplete.');
            logger('mod_follow: ' . $result['message']);
            return $result;
        }
        // Premium channel, set confirm before callback to avoid recursion
        if (array_key_exists('connect_url', $j) && $interactive && !$confirm) {
            goaway(zid($j['connect_url']));
        }
        // do we have an xchan and hubloc?
        // If not, create them.
        $x = import_xchan($j);
        if (array_key_exists('deleted', $j) && intval($j['deleted'])) {
            $result['message'] = t('Channel was deleted and no longer exists.');
            return $result;
        }
        if (!$x['success']) {
            return $x;
        }
        $xchan_hash = $x['hash'];
        $their_perms = 0;
        $global_perms = get_perms();
        if (array_key_exists('permissions', $j) && array_key_exists('data', $j['permissions'])) {
            $permissions = crypto_unencapsulate(array('data' => $j['permissions']['data'], 'key' => $j['permissions']['key'], 'iv' => $j['permissions']['iv']), $channel['channel_prvkey']);
            if ($permissions) {
                $permissions = json_decode($permissions, true);
            }
            logger('decrypted permissions: ' . print_r($permissions, true), LOGGER_DATA);
        } else {
            $permissions = $j['permissions'];
        }
        foreach ($permissions as $k => $v) {
            if ($v) {
                $their_perms = $their_perms | intval($global_perms[$k][1]);
            }
        }
    } else {
        $their_perms = 0;
        $xchan_hash = '';
        $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", dbesc($url), dbesc($url));
        if (!$r) {
            // attempt network auto-discovery
            if (strpos($url, '@') && !$is_http) {
                $r = discover_by_webbie($url);
            } elseif ($is_http) {
                $r = discover_by_url($url);
                $r['allowed'] = intval(get_config('system', 'feed_contacts'));
            }
            if ($r) {
                $r['channel_id'] = $uid;
                call_hooks('follow_allow', $r);
                if (!$r['allowed']) {
                    $result['message'] = t('Protocol disabled.');
                    return $result;
                }
                $r = q("select * from xchan where xchan_hash = '%s' or xchan_url = '%s' limit 1", dbesc($url), dbesc($url));
            }
        }
        if ($r) {
            $xchan_hash = $r[0]['xchan_hash'];
            $their_perms = 0;
        }
    }
    if (!$xchan_hash) {
        $result['message'] = t('Channel discovery failed.');
        logger('follow: ' . $result['message']);
        return $result;
    }
    if (local_channel() && $uid == local_channel()) {
        $aid = get_account_id();
        $hash = get_observer_hash();
        $ch = $a->get_channel();
        $default_group = $ch['channel_default_group'];
    } else {
        $r = q("select * from channel where channel_id = %d limit 1", intval($uid));
        if (!$r) {
            $result['message'] = t('local account not found.');
            return $result;
        }
        $aid = $r[0]['channel_account_id'];
        $hash = $r[0]['channel_hash'];
        $default_group = $r[0]['channel_default_group'];
    }
    if ($is_http) {
        $r = q("select count(*) as total from abook where abook_account = %d and abook_feed = 1 ", intval($aid));
        if ($r) {
            $total_feeds = $r[0]['total'];
        }
        if (!service_class_allows($uid, 'total_feeds', $total_feeds)) {
            $result['message'] = upgrade_message();
            return $result;
        }
    }
    if ($hash == $xchan_hash) {
        $result['message'] = t('Cannot connect to yourself.');
        return $result;
    }
    $r = q("select abook_xchan from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), intval($uid));
    if ($r) {
        $x = q("update abook set abook_their_perms = %d where abook_id = %d", intval($their_perms), intval($r[0]['abook_id']));
    } else {
        $closeness = get_pconfig($uid, 'system', 'new_abook_closeness');
        if ($closeness === false) {
            $closeness = 80;
        }
        $r = q("insert into abook ( abook_account, abook_channel, abook_closeness, abook_xchan, abook_feed, abook_their_perms, abook_my_perms, abook_created, abook_updated )\n\t\t\tvalues( %d, %d, %d, '%s', %d, %d, %d, '%s', '%s' ) ", intval($aid), intval($uid), intval($closeness), dbesc($xchan_hash), intval($is_http ? 1 : 0), intval($is_http ? $their_perms | PERMS_R_STREAM | PERMS_A_REPUBLISH : $their_perms), intval($my_perms), dbesc(datetime_convert()), dbesc(datetime_convert()));
    }
    if (!$r) {
        logger('mod_follow: abook creation failed');
    }
    $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash \n\t\twhere abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan_hash), intval($uid));
    if ($r) {
        $result['abook'] = $r[0];
        proc_run('php', 'include/notifier.php', 'permission_update', $result['abook']['abook_id']);
    }
    $arr = array('channel_id' => $uid, 'abook' => $result['abook']);
    call_hooks('follow', $arr);
    /** If there is a default group for this channel, add this member to it */
    if ($default_group) {
        require_once 'include/group.php';
        $g = group_rec_byhash($uid, $default_group);
        if ($g) {
            group_add_member($uid, '', $xchan_hash, $g['id']);
        }
    }
    $result['success'] = true;
    return $result;
}
Пример #5
0
function diaspora_request($importer, $xml)
{
    $a = get_app();
    $sender_handle = unxmlify($xml->sender_handle);
    $recipient_handle = unxmlify($xml->recipient_handle);
    if (!$sender_handle || !$recipient_handle) {
        return;
    }
    // Do we already have an abook record?
    $contact = diaspora_get_contact_by_handle($importer['channel_id'], $sender_handle);
    if ($contact && $contact['abook_id']) {
        // perhaps we were already sharing with this person. Now they're sharing with us.
        // That makes us friends. Maybe.
        // Please note some of these permissions such as PERMS_R_PAGES are impossible for Disapora.
        // They cannot authenticate to our system.
        $newperms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES;
        $r = q("update abook set abook_their_perms = %d where abook_id = %d and abook_channel = %d", intval($newperms), intval($contact['abook_id']), intval($importer['channel_id']));
        return;
    }
    $ret = find_diaspora_person_by_handle($sender_handle);
    if (!$ret || !strstr($ret['xchan_network'], 'diaspora')) {
        logger('diaspora_request: Cannot resolve diaspora handle ' . $sender_handle . ' for ' . $recipient_handle);
        return;
    }
    //FIXME
    /*
    	if(feature_enabled($channel['channel_id'],'premium_channel')) {
    		$myaddr = $importer['channel_address'] . '@' .  get_app()->get_hostname();
    		$cnv = random_string();
    		$mid = random_string();
    		$msg = t('You have started sharing with a Redmatrix premium channel.');
    		$msg .= t('Redmatrix premium channels are not available for sharing with Diaspora members. This sharing request has been blocked.') . "\r";
    		$msg .= t('Please do not reply to this message, as this channel is not sharing with you and any reply will not be seen by the recipient.') . "\r";
    		$created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d H:i:s \U\T\C');
    		$signed_text =  $mid . ';' . $cnv . ';' . $msg .  ';'
            . $created . ';' . $myaddr . ';' . $cnv;
    		$sig = base64_encode(rsa_sign($signed_text,$importer['channel_prvkey'],'sha256'));
    		$conv = array(
    			'guid' => xmlify($cnv),
    			'subject' => xmlify(t('Sharing request failed.')),
    			'created_at' => xmlify($created),
    			'diaspora_handle' => xmlify($myaddr),
    			'participant_handles' => xmlify($myaddr . ';' . $sender_handle)
    		);
    		$msg = array(
    			'guid' => xmlify($mid),
    			'parent_guid' => xmlify($cnv),
    			'parent_author_signature' => xmlify($sig),
    			'author_signature' => xmlify($sig),
    			'text' => xmlify($msg),
    			'created_at' => xmlify($created),
    			'diaspora_handle' => xmlify($myaddr),
    			'conversation_guid' => xmlify($cnv)
    		);
    		$conv['messages'] = array($msg);
    		$tpl = get_markup_template('diaspora_conversation.tpl');
    		$xmsg = replace_macros($tpl, array('$conv' => $conv));
    		$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg,$importer,$ret,$importer['channel_prvkey'],$ret['xchan_pubkey'],false)));
    		diaspora_transmit($importer,$ret,$slap,false);
    		return;
    	}
    */
    // End FIXME
    $role = get_pconfig($channel['channel_id'], 'system', 'permissions_role');
    if ($role) {
        $x = get_role_perms($role);
        if ($x['perms_auto']) {
            $default_perms = $x['perms_accept'];
        }
    }
    if (!$default_perms) {
        $default_perms = intval(get_pconfig($importer['channel_id'], 'system', 'autoperms'));
    }
    $their_perms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES;
    $closeness = get_pconfig($importer['channel_id'], 'system', 'new_abook_closeness');
    if ($closeness === false) {
        $closeness = 80;
    }
    $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_rating, abook_created, abook_updated, abook_connected, abook_dob, abook_flags) values ( %d, %d, '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', %d )", intval($importer['channel_account_id']), intval($importer['channel_id']), dbesc($ret['xchan_hash']), intval($default_perms), intval($their_perms), intval($closeness), intval(0), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(NULL_DATE), intval($default_perms ? 0 : ABOOK_FLAG_PENDING));
    if ($r) {
        logger("New Diaspora introduction received for {$importer['channel_name']}");
        $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash left join hubloc on hubloc_hash = xchan_hash where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1", intval($importer['channel_id']), dbesc($ret['xchan_hash']));
        if ($new_connection) {
            require_once 'include/enotify.php';
            notification(array('type' => NOTIFY_INTRO, 'from_xchan' => $ret['xchan_hash'], 'to_xchan' => $importer['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id']));
            if ($default_perms) {
                // Send back a sharing notification to them
                diaspora_share($importer, $new_connection[0]);
            }
        }
    }
    // find the abook record we just created
    $contact_record = diaspora_get_contact_by_handle($importer['channel_id'], $sender_handle);
    if (!$contact_record) {
        logger('diaspora_request: unable to locate newly created contact record.');
        return;
    }
    /** If there is a default group for this channel, add this member to it */
    if ($importer['channel_default_group']) {
        require_once 'include/group.php';
        $g = group_rec_byhash($importer['channel_id'], $importer['channel_default_group']);
        if ($g) {
            group_add_member($importer['channel_id'], '', $contact_record['xchan_hash'], $g['id']);
        }
    }
    return;
}
Пример #6
0
 function get()
 {
     $sort_type = 0;
     $o = '';
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return login();
     }
     $channel = \App::get_channel();
     $my_perms = get_channel_default_perms(local_channel());
     $role = get_pconfig(local_channel(), 'system', 'permissions_role');
     if ($role) {
         $x = get_role_perms($role);
         if ($x['perms_accept']) {
             $my_perms = $x['perms_accept'];
         }
     }
     $yes_no = array(t('No'), t('Yes'));
     if ($my_perms) {
         $o .= "<script>function connectDefaultShare() {\n\t\t\t\$('.abook-edit-me').each(function() {\n\t\t\t\tif(! \$(this).is(':disabled'))\n\t\t\t\t\t\$(this).prop('checked', false);\n\t\t\t});\n\n";
         $perms = get_perms();
         foreach ($perms as $p => $v) {
             if ($my_perms & $v[1]) {
                 $o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
             }
         }
         $o .= " }\n</script>\n";
     }
     if (argc() == 3) {
         $contact_id = intval(argv(1));
         if (!$contact_id) {
             return;
         }
         $cmd = argv(2);
         $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\t\tWHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1", intval($contact_id), intval(local_channel()));
         if (!count($orig_record)) {
             notice(t('Could not access address book record.') . EOL);
             goaway(z_root() . '/connections');
         }
         if ($cmd === 'update') {
             // pull feed and consume it, which should subscribe to the hub.
             proc_run('php', "include/poller.php", "{$contact_id}");
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'refresh') {
             if ($orig_record[0]['xchan_network'] === 'zot') {
                 if (!zot_refresh($orig_record[0], \App::get_channel())) {
                     notice(t('Refresh failed - channel is currently unavailable.'));
                 }
             } else {
                 // if you are on a different network we'll force a refresh of the connection basic info
                 proc_run('php', 'include/notifier.php', 'permission_update', $contact_id);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'block') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'ignore') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'archive') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'hide') {
             if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
                 $this->connedit_clone($a);
             } else {
                 notice(t('Unable to set address book parameters.') . EOL);
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         // We'll prevent somebody from unapproving an already approved contact.
         // Though maybe somebody will want this eventually (??)
         if ($cmd === 'approve') {
             if (intval($orig_record[0]['abook_pending'])) {
                 if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
                     $this->connedit_clone($a);
                 } else {
                     notice(t('Unable to set address book parameters.') . EOL);
                 }
             }
             goaway(z_root() . '/connedit/' . $contact_id);
         }
         if ($cmd === 'drop') {
             require_once 'include/Contact.php';
             // FIXME
             // We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
             // The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
             // in the background there could be a race condition preventing this packet from being sent in all cases.
             // PLACEHOLDER
             contact_remove(local_channel(), $orig_record[0]['abook_id']);
             build_sync_packet(0, array('abook' => array(array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true))));
             info(t('Connection has been removed.') . EOL);
             if (x($_SESSION, 'return_url')) {
                 goaway(z_root() . '/' . $_SESSION['return_url']);
             }
             goaway(z_root() . '/contacts');
         }
     }
     if (\App::$poi) {
         $contact_id = \App::$poi['abook_id'];
         $contact = \App::$poi;
         $tools = array('view' => array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), 'refresh' => array('label' => t('Refresh Permissions'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), 'recent' => array('label' => t('Recent Activity'), 'url' => z_root() . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')), 'block' => array('label' => intval($contact['abook_blocked']) ? t('Unblock') : t('Block'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => intval($contact['abook_blocked']) ? 'active' : '', 'title' => t('Block (or Unblock) all communications with this connection'), 'info' => intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''), 'ignore' => array('label' => intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => intval($contact['abook_ignored']) ? 'active' : '', 'title' => t('Ignore (or Unignore) all inbound communications from this connection'), 'info' => intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''), 'archive' => array('label' => intval($contact['abook_archived']) ? t('Unarchive') : t('Archive'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => intval($contact['abook_archived']) ? 'active' : '', 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'), 'info' => intval($contact['abook_archived']) ? t('This connection is archived!') : ''), 'hide' => array('label' => intval($contact['abook_hidden']) ? t('Unhide') : t('Hide'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => intval($contact['abook_hidden']) ? 'active' : '', 'title' => t('Hide or Unhide this connection from your other connections'), 'info' => intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''), 'delete' => array('label' => t('Delete'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
         $self = false;
         if (intval($contact['abook_self'])) {
             $self = true;
         }
         require_once 'include/contact_selectors.php';
         $tpl = get_markup_template("abook_edit.tpl");
         if (feature_enabled(local_channel(), 'affinity')) {
             $labels = array(t('Me'), t('Family'), t('Friends'), t('Acquaintances'), t('All'));
             call_hooks('affinity_labels', $labels);
             $label_str = '';
             if ($labels) {
                 foreach ($labels as $l) {
                     if ($label_str) {
                         $label_str .= ", '|'";
                         $label_str .= ", '" . $l . "'";
                     } else {
                         $label_str .= "'" . $l . "'";
                     }
                 }
             }
             $slider_tpl = get_markup_template('contact_slider.tpl');
             $slide = replace_macros($slider_tpl, array('$min' => 1, '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$labels' => $label_str));
         }
         $rating_val = 0;
         $rating_text = '';
         $xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']));
         if ($xl) {
             $rating_val = intval($xl[0]['xlink_rating']);
             $rating_text = $xl[0]['xlink_rating_text'];
         }
         $poco_rating = get_config('system', 'poco_rating_enable');
         // if unset default to enabled
         if ($poco_rating === false) {
             $poco_rating = true;
         }
         if ($poco_rating) {
             $rating = replace_macros(get_markup_template('rating_slider.tpl'), array('$min' => -10, '$val' => $rating_val));
         } else {
             $rating = false;
         }
         $perms = array();
         $channel = \App::get_channel();
         $global_perms = get_perms();
         $existing = get_all_perms(local_channel(), $contact['abook_xchan']);
         $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'), 'Yes'));
         $multiprofs = feature_enabled(local_channel(), 'multi_profiles') ? true : false;
         if ($slide && !$multiprofs) {
             $affinity = t('Set Affinity');
         }
         if (!$slide && $multiprofs) {
             $affinity = t('Set Profile');
         }
         if ($slide && $multiprofs) {
             $affinity = t('Set Affinity & Profile');
         }
         foreach ($global_perms as $k => $v) {
             $thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
             $checkinherited = $channel[$v[0]] && $channel[$v[0]] != PERMS_SPECIFIC ? "1" : '';
             // For auto permissions (when $self is true) we don't want to look at existing
             // permissions because they are enabled for the channel owner
             if (!$self && $existing[$k]) {
                 $thisperm = "1";
             }
             $perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC ? '' : '1', $v[4], $checkinherited);
         }
         $locstr = '';
         $locs = q("select hubloc_addr as location from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s'\n\t\t\t\tand hubloc_deleted = 0 and site_dead = 0", dbesc($contact['xchan_hash']));
         if ($locs) {
             foreach ($locs as $l) {
                 if (!$l['location']) {
                     continue;
                 }
                 if (strpos($locstr, $l['location']) !== false) {
                     continue;
                 }
                 if (strlen($locstr)) {
                     $locstr .= ', ';
                 }
                 $locstr .= $l['location'];
             }
         } else {
             $locstr = t('none');
         }
         $o .= replace_macros($tpl, array('$header' => $self ? t('Connection Default Permissions') : sprintf(t('Connection: %s'), $contact['xchan_name']), '$autoperms' => array('autoperms', t('Apply these permissions automatically'), get_pconfig(local_channel(), 'system', 'autoperms') ? 1 : 0, t('Connection requests will be approved without your interaction'), $yes_no), '$addr' => $contact['xchan_addr'], '$addr_text' => t('This connection\'s primary address is'), '$loc_text' => t('Available locations:'), '$locstr' => $locstr, '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('The permissions indicated on this page will be applied to all new connections.'), '$tools_label' => t('Connection Tools'), '$tools' => $self ? '' : $tools, '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$lbl_rating' => t('Rating'), '$lbl_rating_label' => t('Slide to adjust your rating'), '$lbl_rating_txt' => t('Optionally explain your rating'), '$connfilter' => feature_enabled(local_channel(), 'connfilter'), '$connfilter_label' => t('Custom Filter'), '$incl' => array('abook_incl', t('Only import posts with this text'), $contact['abook_incl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$excl' => array('abook_excl', t('Do not import posts with this text'), $contact['abook_excl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$rating_text' => array('rating_text', t('Optionally explain your rating'), $rating_text, ''), '$rating_info' => t('This information is public!'), '$rating' => $rating, '$rating_val' => $rating_val, '$slide' => $slide, '$affinity' => $affinity, '$pending_label' => t('Connection Pending Approval'), '$is_pending' => intval($contact['abook_pending']) ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$submit' => t('Submit'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'), '$permnote_self' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can change those settings here but they wont have any impact unless the inherited setting changes.'), '$lastupdtext' => t('Last update:'), '$last_update' => relative_date($contact['abook_connected']), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => $multiprofs, '$contact_id' => $contact['abook_id'], '$name' => $contact['xchan_name']));
         $arr = array('contact' => $contact, 'output' => $o);
         call_hooks('contact_edit', $arr);
         return $arr['output'];
     }
 }
Пример #7
0
function connedit_content(&$a)
{
    $sort_type = 0;
    $o = '';
    if (!local_channel()) {
        notice(t('Permission denied.') . EOL);
        return login();
    }
    $channel = $a->get_channel();
    $my_perms = get_channel_default_perms(local_channel());
    $role = get_pconfig(local_channel(), 'system', 'permissions_role');
    if ($role) {
        $x = get_role_perms($role);
        if ($x['perms_accept']) {
            $my_perms = $x['perms_accept'];
        }
    }
    if ($my_perms) {
        $o .= "<script>function connectDefaultShare() {\n\t\t\$('.abook-edit-me').each(function() {\n\t\t\tif(! \$(this).is(':disabled'))\n\t\t\t\t\$(this).removeAttr('checked');\n\t\t});\n\n";
        $perms = get_perms();
        foreach ($perms as $p => $v) {
            if ($my_perms & $v[1]) {
                $o .= "\$('#me_id_perms_" . $p . "').attr('checked','checked'); \n";
            }
        }
        $o .= " }\n</script>\n";
    }
    if (argc() == 3) {
        $contact_id = intval(argv(1));
        if (!$contact_id) {
            return;
        }
        $cmd = argv(2);
        $orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\tWHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d )>0 LIMIT 1", intval($contact_id), intval(local_channel()), intval(ABOOK_FLAG_SELF));
        if (!count($orig_record)) {
            notice(t('Could not access address book record.') . EOL);
            goaway($a->get_baseurl(true) . '/connections');
        }
        if ($cmd === 'update') {
            // pull feed and consume it, which should subscribe to the hub.
            proc_run('php', "include/poller.php", "{$contact_id}");
            goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
        }
        if ($cmd === 'refresh') {
            if (!zot_refresh($orig_record[0], get_app()->get_channel())) {
                notice(t('Refresh failed - channel is currently unavailable.'));
            }
            goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
        }
        if ($cmd === 'block') {
            if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
                info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Channel has been unblocked') : t('Channel has been blocked')) . EOL);
                connedit_clone($a);
            } else {
                notice(t('Unable to set address book parameters.') . EOL);
            }
            goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
        }
        if ($cmd === 'ignore') {
            if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
                info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Channel has been unignored') : t('Channel has been ignored')) . EOL);
                connedit_clone($a);
            } else {
                notice(t('Unable to set address book parameters.') . EOL);
            }
            goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
        }
        if ($cmd === 'archive') {
            if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
                info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Channel has been unarchived') : t('Channel has been archived')) . EOL);
                connedit_clone($a);
            } else {
                notice(t('Unable to set address book parameters.') . EOL);
            }
            goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
        }
        if ($cmd === 'hide') {
            if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
                info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Channel has been unhidden') : t('Channel has been hidden')) . EOL);
                connedit_clone($a);
            } else {
                notice(t('Unable to set address book parameters.') . EOL);
            }
            goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
        }
        // We'll prevent somebody from unapproving an already approved contact.
        // Though maybe somebody will want this eventually (??)
        if ($cmd === 'approve') {
            if ($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
                if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
                    info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING ? t('Channel has been approved') : t('Channel has been unapproved')) . EOL);
                    connedit_clone($a);
                } else {
                    notice(t('Unable to set address book parameters.') . EOL);
                }
            }
            goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
        }
        if ($cmd === 'drop') {
            require_once 'include/Contact.php';
            // FIXME
            // We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
            // The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
            // in the background there could be a race condition preventing this packet from being sent in all cases.
            // PLACEHOLDER
            contact_remove(local_channel(), $orig_record[0]['abook_id']);
            build_sync_packet(0, array('abook' => array(array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true))));
            info(t('Connection has been removed.') . EOL);
            if (x($_SESSION, 'return_url')) {
                goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
            }
            goaway($a->get_baseurl(true) . '/contacts');
        }
    }
    if ($a->poi) {
        $contact_id = $a->poi['abook_id'];
        $contact = $a->poi;
        $tabs = array(array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), array('label' => t('Refresh Permissions'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), array('label' => t('Recent Activity'), 'url' => $a->get_baseurl(true) . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')));
        $buttons = array(array('label' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Unblock') : t('Block'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? 'active' : '', 'title' => t('Block (or Unblock) all communications with this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Unignore') : t('Ignore'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? 'active' : '', 'title' => t('Ignore (or Unignore) all inbound communications from this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Unarchive') : t('Archive'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? 'active' : '', 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Unhide') : t('Hide'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? 'active' : '', 'title' => t('Hide or Unhide this connection from your other connections')), array('label' => t('Delete'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
        $self = false;
        if (!($contact['abook_flags'] & ABOOK_FLAG_SELF)) {
            $tab_tpl = get_markup_template('common_tabs.tpl');
            $t = replace_macros($tab_tpl, array('$tabs' => $tabs));
        } else {
            $self = true;
        }
        $a->page['htmlhead'] .= replace_macros(get_markup_template('contact_head.tpl'), array('$baseurl' => $a->get_baseurl(true), '$editselect' => $editselect));
        require_once 'include/contact_selectors.php';
        $tpl = get_markup_template("abook_edit.tpl");
        if (feature_enabled(local_channel(), 'affinity')) {
            $slider_tpl = get_markup_template('contact_slider.tpl');
            $slide = replace_macros($slider_tpl, array('$me' => t('Me'), '$min' => 1, '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$intimate' => t('Best Friends'), '$friends' => t('Friends'), '$oldfriends' => t('Former Friends'), '$acquaintances' => t('Acquaintances'), '$world' => t('Unknown')));
        }
        $rating_val = 0;
        $rating_text = '';
        $xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']));
        if ($xl) {
            $rating_val = intval($xl[0]['xlink_rating']);
            $rating_text = $xl[0]['xlink_rating_text'];
        }
        $poco_rating = get_config('system', 'poco_rating_enable');
        // if unset default to enabled
        if ($poco_rating === false) {
            $poco_rating = true;
        }
        if ($poco_rating) {
            $rating = replace_macros(get_markup_template('rating_slider.tpl'), array('$min' => -10, '$val' => $rating_val));
        } else {
            $rating = false;
        }
        $perms = array();
        $channel = $a->get_channel();
        $global_perms = get_perms();
        $existing = get_all_perms(local_channel(), $contact['abook_xchan']);
        $unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'));
        foreach ($global_perms as $k => $v) {
            $thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
            // For auto permissions (when $self is true) we don't want to look at existing
            // permissions because they are enabled for the channel owner
            if (!$self && $existing[$k]) {
                $thisperm = "1";
            }
            $perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC || $self ? '' : '1', $v[4]);
        }
        $o .= replace_macros($tpl, array('$header' => $self ? t('Connection Default Permissions') : sprintf(t('Connections: settings for %s'), $contact['xchan_name']), '$autoperms' => array('autoperms', t('Apply these permissions automatically'), get_pconfig(local_channel(), 'system', 'autoperms') ? 1 : 0, ''), '$addr' => $contact['xchan_addr'], '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('Apply the permissions indicated on this page to all new connections.'), '$buttons' => $self ? '' : $buttons, '$viewprof' => t('View Profile'), '$clickme' => t('Click to open/close'), '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$lbl_rating' => t('Rating (this information is public)'), '$lbl_rating_txt' => t('Optionally explain your rating (this information is public)'), '$rating_txt' => $rating_text, '$rating' => $rating, '$rating_val' => $rating_val, '$slide' => $slide, '$tabs' => $t, '$tab_str' => $tab_str, '$perms_step1' => t('Default permissions for your channel type have (just) been applied. They have not yet been submitted. Please review the permissions on this page and make any desired changes at this time. This new connection may <em>not</em> be able to communicate with you until you submit this page, which will install and apply the selected permissions.'), '$is_pending' => $contact['abook_flags'] & ABOOK_FLAG_PENDING ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$approve' => t('Approve this connection'), '$noperms' => $contact['abook_my_perms'] ? false : true, '$no_perms' => !$self && !$contact['abook_my_perms'] ? t('Connection has no individual permissions!') : '', '$noperm_desc' => !$self && !$contact['abook_my_perms'] ? t('This may be appropriate based on your <a href="settings">privacy settings</a>, though you may wish to review the "Advanced Permissions".') : '', '$submit' => t('Submit'), '$lbl_vis1' => t('Profile Visibility'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$lbl_info1' => t('Contact Information / Notes'), '$infedit' => t('Edit contact notes'), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$perms_new' => t('Default permissions for this channel type have (just) been applied. They have <em>not</em> been saved and there are currently no stored default permissions. Please review/edit the applied settings and click [Submit] to finalize.'), '$clear' => t('Clear/Disable Automatic Permissions'), '$forum' => t('Forum Members'), '$soapbox' => t('Soapbox'), '$full' => t('Full Sharing (typical social network permissions)'), '$cautious' => t('Cautious Sharing '), '$follow' => t('Follow Only'), '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel <a href="settings">privacy settings</a>, which have higher priority than individual settings. Changing those inherited settings on this page will have no effect.'), '$advanced' => t('Advanced Permissions'), '$quick' => t('Simple Permissions (select one and submit)'), '$common_link' => $a->get_baseurl(true) . '/common/loc/' . local_channel() . '/' . $contact['id'], '$all_friends' => $all_friends, '$relation_text' => $relation_text, '$visit' => sprintf(t('Visit %s\'s profile - %s'), $contact['xchan_name'], $contact['xchan_url']), '$blockunblock' => t('Block/Unblock contact'), '$ignorecont' => t('Ignore contact'), '$lblcrepair' => t("Repair URL settings"), '$lblrecent' => t('View conversations'), '$lblsuggest' => $lblsuggest, '$delete' => t('Delete contact'), '$poll_interval' => contact_poll_interval($contact['priority'], !$poll_enabled), '$poll_enabled' => $poll_enabled, '$lastupdtext' => t('Last update:'), '$lost_contact' => $lost_contact, '$updpub' => t('Update public posts'), '$last_update' => relative_date($contact['abook_connected']), '$udnow' => t('Update now'), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => feature_enabled(local_channel(), 'multi_profiles'), '$contact_id' => $contact['abook_id'], '$block_text' => $contact['blocked'] ? t('Unblock') : t('Block'), '$ignore_text' => $contact['readonly'] ? t('Unignore') : t('Ignore'), '$blocked' => $contact['blocked'] ? t('Currently blocked') : '', '$ignored' => $contact['readonly'] ? t('Currently ignored') : '', '$archived' => $contact['archive'] ? t('Currently archived') : '', '$pending' => $contact['archive'] ? t('Currently pending') : '', '$name' => $contact['name'], '$alt_text' => $alt_text, '$url' => $url));
        $arr = array('contact' => $contact, 'output' => $o);
        call_hooks('contact_edit', $arr);
        return $arr['output'];
    }
}
Пример #8
0
function gnusoc_follow_from_feed(&$a, &$b)
{
    $item = $b['item'];
    $importer = $b['channel'];
    $xchan = $b['xchan'];
    $author = $b['author'];
    $b['caught'] = true;
    logger('follow activity received');
    if ($author && !$xchan) {
        $r = q("select * from xchan where xchan_guid = '%s' limit 1", dbesc($author['author_link']));
        if (!$r) {
            if (discover_by_webbie($author['author_link'])) {
                $r = q("select * from xchan where xchan_guid = '%s' limit 1", dbesc($author['author_link']));
                if (!$r) {
                    logger('discovery failed');
                    return;
                }
            }
            $xchan = $r[0];
        }
        $r = q("select * from abook where abook_channel = %d and abook_xchan = '%s' limit 1", intval($importer['channel_id']), dbesc($xchan['xchan_hash']));
        if ($r) {
            $contact = $r[0];
            $newperms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES;
            $abook_instance = $contact['abook_instance'];
            if ($abook_instance) {
                $abook_instance .= ',';
            }
            $abook_instance .= z_root();
            $r = q("update abook set abook_their_perms = %d, abook_instance = '%s' where abook_id = %d and abook_channel = %d", intval($newperms), dbesc($abook_instance), intval($contact['abook_id']), intval($importer['channel_id']));
        } else {
            $role = get_pconfig($importer['channel_id'], 'system', 'permissions_role');
            if ($role) {
                $x = get_role_perms($role);
                if ($x['perms_auto']) {
                    $default_perms = $x['perms_accept'];
                }
            }
            if (!$default_perms) {
                $default_perms = intval(get_pconfig($importer['channel_id'], 'system', 'autoperms'));
            }
            $their_perms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES;
            $closeness = get_pconfig($importer['channel_id'], 'system', 'new_abook_closeness');
            if ($closeness === false) {
                $closeness = 80;
            }
            $r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_created, abook_updated, abook_connected, abook_dob, abook_pending, abook_instance ) values ( %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', %d, '%s' )", intval($importer['channel_account_id']), intval($importer['channel_id']), dbesc($xchan['xchan_hash']), intval($default_perms), intval($their_perms), intval($closeness), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(NULL_DATE), intval($default_perms ? 0 : 1), dbesc(z_root()));
            if ($r) {
                logger("New GNU-Social follower received for {$importer['channel_name']}");
                $new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash left join hubloc on hubloc_hash = xchan_hash where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1", intval($importer['channel_id']), dbesc($xchan['xchan_hash']));
                if ($new_connection) {
                    \Zotlabs\Lib\Enotify::submit(array('type' => NOTIFY_INTRO, 'from_xchan' => $xchan['xchan_hash'], 'to_xchan' => $importer['channel_hash'], 'link' => z_root() . '/connedit/' . $new_connection[0]['abook_id']));
                    if ($default_perms) {
                        // Send back a sharing notification to them
                        $deliver = gnusoc_remote_follow($importer, $new_connection[0]);
                        if ($deliver) {
                            Zotlabs\Daemon\Master::Summon(array('Deliver', $deliver));
                        }
                    }
                    $clone = array();
                    foreach ($new_connection[0] as $k => $v) {
                        if (strpos($k, 'abook_') === 0) {
                            $clone[$k] = $v;
                        }
                    }
                    unset($clone['abook_id']);
                    unset($clone['abook_account']);
                    unset($clone['abook_channel']);
                    $abconfig = load_abconfig($importer['channel_hash'], $clone['abook_xchan']);
                    if ($abconfig) {
                        $clone['abconfig'] = $abconfig;
                    }
                    build_sync_packet($importer['channel_id'], array('abook' => array($clone)));
                }
            }
        }
        return;
    }
}