示例#1
2
function removeme_post(&$a)
{
    if (!local_channel()) {
        return;
    }
    if ($_SESSION['delegate']) {
        return;
    }
    if (!x($_POST, 'qxz_password') || !strlen(trim($_POST['qxz_password']))) {
        return;
    }
    if (!x($_POST, 'verify') || !strlen(trim($_POST['verify']))) {
        return;
    }
    if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
        return;
    }
    $account = App::get_account();
    if (!account_verify_password($account['account_email'], $_POST['qxz_password'])) {
        return;
    }
    if ($account['account_password_changed'] != NULL_DATE) {
        $d1 = datetime_convert('UTC', 'UTC', 'now - 48 hours');
        if ($account['account_password_changed'] > d1) {
            notice(t('Channel removals are not allowed within 48 hours of changing the account password.') . EOL);
            return;
        }
    }
    require_once 'include/Contact.php';
    $global_remove = intval($_POST['global']);
    channel_remove(local_channel(), 1 - $global_remove, true);
}
 function post()
 {
     if (!local_channel()) {
         return;
     }
     if ($_SESSION['delegate']) {
         return;
     }
     if (!x($_POST, 'qxz_password') || !strlen(trim($_POST['qxz_password']))) {
         return;
     }
     if (!x($_POST, 'verify') || !strlen(trim($_POST['verify']))) {
         return;
     }
     if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
         return;
     }
     $account = \App::get_account();
     $account_id = get_account_id();
     if (!account_verify_password($account['account_email'], $_POST['qxz_password'])) {
         return;
     }
     if ($account['account_password_changed'] != NULL_DATE) {
         $d1 = datetime_convert('UTC', 'UTC', 'now - 48 hours');
         if ($account['account_password_changed'] > d1) {
             notice(t('Account removals are not allowed within 48 hours of changing the account password.') . EOL);
             return;
         }
     }
     $global_remove = intval($_POST['global']);
     account_remove($account_id, 1 - $global_remove);
 }
示例#3
0
 function get()
 {
     $acc = \App::get_account();
     if (!$acc || $acc['account_id'] != get_account_id()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $default_role = '';
     $aid = get_account_id();
     if ($aid) {
         $r = q("select count(channel_id) as total from channel where channel_account_id = %d", intval($aid));
         if ($r && !intval($r[0]['total'])) {
             $default_role = get_config('system', 'default_permissions_role');
         }
         $limit = account_service_class_fetch(get_account_id(), 'total_identities');
         if ($r && $limit !== false) {
             $channel_usage_message = sprintf(t("You have created %1\$.0f of %2\$.0f allowed channels."), $r[0]['total'], $limit);
         } else {
             $channel_usage_message = '';
         }
     }
     $privacy_role = x($_REQUEST, 'permissions_role') ? $_REQUEST['permissions_role'] : "";
     $perm_roles = \Zotlabs\Access\PermissionRoles::roles();
     if (get_account_techlevel() < 4 && $privacy_role !== 'custom') {
         unset($perm_roles[t('Other')]);
     }
     $name = array('name', t('Name or caption'), x($_REQUEST, 'name') ? $_REQUEST['name'] : '', t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*");
     $nickhub = '@' . \App::get_hostname();
     $nickname = array('nickname', t('Choose a short nickname'), x($_REQUEST, 'nickname') ? $_REQUEST['nickname'] : '', sprintf(t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*");
     $role = array('permissions_role', t('Channel role and privacy'), $privacy_role ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>', $perm_roles);
     $o = replace_macros(get_markup_template('new_channel.tpl'), array('$title' => t('Create Channel'), '$desc' => t('A channel is your identity on this network. It can represent a person, a blog, or a forum to name a few. Channels can make connections with other channels to share information with highly detailed permissions.'), '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, '$default_role' => $default_role, '$nickname' => $nickname, '$submit' => t('Create'), '$channel_usage_message' => $channel_usage_message));
     return $o;
 }
示例#4
0
 function post()
 {
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     check_form_security_token_redirectOnErr('/', 'send_invite');
     $max_invites = intval(get_config('system', 'max_invites'));
     if (!$max_invites) {
         $max_invites = 50;
     }
     $current_invites = intval(get_pconfig(local_channel(), 'system', 'sent_invites'));
     if ($current_invites > $max_invites) {
         notice(t('Total invitation limit exceeded.') . EOL);
         return;
     }
     $recips = x($_POST, 'recipients') ? explode("\n", $_POST['recipients']) : array();
     $message = x($_POST, 'message') ? notags(trim($_POST['message'])) : '';
     $total = 0;
     if (get_config('system', 'invitation_only')) {
         $invonly = true;
         $x = get_pconfig(local_channel(), 'system', 'invites_remaining');
         if (!$x && !is_site_admin()) {
             return;
         }
     }
     foreach ($recips as $recip) {
         $recip = trim($recip);
         if (!$recip) {
             continue;
         }
         if (!valid_email($recip)) {
             notice(sprintf(t('%s : Not a valid email address.'), $recip) . EOL);
             continue;
         } else {
             $nmessage = $message;
         }
         $account = \App::get_account();
         $res = mail($recip, sprintf(t('Please join us on $Projectname'), \App::$config['sitename']), $nmessage, "From: " . $account['account_email'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
         if ($res) {
             $total++;
             $current_invites++;
             set_pconfig(local_channel(), 'system', 'sent_invites', $current_invites);
             if ($current_invites > $max_invites) {
                 notice(t('Invitation limit exceeded. Please contact your site administrator.') . EOL);
                 return;
             }
         } else {
             notice(sprintf(t('%s : Message delivery failed.'), $recip) . EOL);
         }
     }
     notice(sprintf(tt("%d message sent.", "%d messages sent.", $total), $total) . EOL);
     return;
 }
/** @file */
function service_limits_content(&$a)
{
    if (!local_channel()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $account = App::get_account();
    if ($account['account_service_class']) {
        $x = get_config('service_class', $account['account_service_class']);
        if ($x) {
            $o = print_r($x, true);
            return $o;
        }
    }
    return t('No service class restrictions found.');
}
示例#6
0
 function get()
 {
     if (!get_account_id() || $_SESSION['delegate']) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     require_once 'include/security.php';
     $change_channel = argc() > 1 ? intval(argv(1)) : 0;
     if (argc() > 2 && argv(2) === 'default') {
         $r = q("select channel_id from channel where channel_id = %d and channel_account_id = %d limit 1", intval($change_channel), intval(get_account_id()));
         if ($r) {
             q("update account set account_default_channel = %d where account_id = %d", intval($change_channel), intval(get_account_id()));
         }
         goaway(z_root() . '/manage');
     }
     if ($change_channel) {
         $r = change_channel($change_channel);
         if (argc() > 2 && !(argv(2) === 'default')) {
             goaway(z_root() . '/' . implode('/', array_slice(\App::$argv, 2)));
             // Go to whatever is after /manage/, but with the new channel
         } else {
             if ($r && $r['channel_startpage']) {
                 goaway(z_root() . '/' . $r['channel_startpage']);
             }
             // If nothing extra is specified, go to the default page
         }
         goaway(z_root());
     }
     $channels = null;
     if (local_channel()) {
         $r = q("select channel.*, xchan.* from channel left join xchan on channel.channel_hash = xchan.xchan_hash where channel.channel_account_id = %d and channel_removed = 0 order by channel_name ", intval(get_account_id()));
         $account = \App::get_account();
         if ($r && count($r)) {
             $channels = $r;
             for ($x = 0; $x < count($channels); $x++) {
                 $channels[$x]['link'] = 'manage/' . intval($channels[$x]['channel_id']);
                 $channels[$x]['default'] = $channels[$x]['channel_id'] == $account['account_default_channel'] ? "1" : '';
                 $channels[$x]['default_links'] = '1';
                 $c = q("SELECT id, item_wall FROM item\n\t\t\t\t\t\tWHERE item_unseen = 1 and uid = %d " . item_normal(), intval($channels[$x]['channel_id']));
                 if ($c) {
                     foreach ($c as $it) {
                         if (intval($it['item_wall'])) {
                             $channels[$x]['home']++;
                         } else {
                             $channels[$x]['network']++;
                         }
                     }
                 }
                 $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and abook_pending = 1 and abook_self = 0 and abook_ignored = 0 and xchan_deleted = 0 and xchan_orphan = 0 ", intval($channels[$x]['channel_id']));
                 if ($intr) {
                     $channels[$x]['intros'] = intval($intr[0]['total']);
                 }
                 $mails = q("SELECT count(id) as total from mail WHERE channel_id = %d AND mail_seen = 0 and from_xchan != '%s' ", intval($channels[$x]['channel_id']), dbesc($channels[$x]['channel_hash']));
                 if ($mails) {
                     $channels[$x]['mail'] = intval($mails[0]['total']);
                 }
                 $events = q("SELECT type, start, adjust FROM `event`\n\t\t\t\t\t\tWHERE `event`.`uid` = %d AND start < '%s' AND start > '%s' and `ignore` = 0\n\t\t\t\t\t\tORDER BY `start` ASC ", intval($channels[$x]['channel_id']), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days')));
                 if ($events) {
                     $channels[$x]['all_events'] = count($events);
                     if ($channels[$x]['all_events']) {
                         $str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d');
                         foreach ($events as $e) {
                             $bd = false;
                             if ($e['type'] === 'birthday') {
                                 $channels[$x]['birthdays']++;
                                 $bd = true;
                             } else {
                                 $channels[$x]['events']++;
                             }
                             if (datetime_convert('UTC', intval($e['adjust']) ? date_default_timezone_get() : 'UTC', $e['start'], 'Y-m-d') === $str_now) {
                                 $channels[$x]['all_events_today']++;
                                 if ($bd) {
                                     $channels[$x]['birthdays_today']++;
                                 } else {
                                     $channels[$x]['events_today']++;
                                 }
                             }
                         }
                     }
                 }
             }
         }
         $r = q("select count(channel_id) as total from channel where channel_account_id = %d and channel_removed = 0", intval(get_account_id()));
         $limit = account_service_class_fetch(get_account_id(), 'total_identities');
         if ($limit !== false) {
             $channel_usage_message = sprintf(t("You have created %1\$.0f of %2\$.0f allowed channels."), $r[0]['total'], $limit);
         } else {
             $channel_usage_message = '';
         }
     }
     $create = array('new_channel', t('Create a new channel'), t('Create New'));
     $delegates = q("select * from abook left join xchan on abook_xchan = xchan_hash where \n\t\t\tabook_channel = %d and (abook_their_perms & %d) > 0", intval(local_channel()), intval(PERMS_A_DELEGATE));
     if ($delegates) {
         for ($x = 0; $x < count($delegates); $x++) {
             $delegates[$x]['link'] = 'magic?f=&dest=' . urlencode($delegates[$x]['xchan_url']) . '&delegate=' . urlencode($delegates[$x]['xchan_addr']);
             $delegates[$x]['channel_name'] = $delegates[$x]['xchan_name'];
             $delegates[$x]['delegate'] = 1;
         }
     } else {
         $delegates = null;
     }
     $o = replace_macros(get_markup_template('channels.tpl'), array('$header' => t('Channel Manager'), '$msg_selected' => t('Current Channel'), '$selected' => local_channel(), '$desc' => t('Switch to one of your channels by selecting it.'), '$msg_default' => t('Default Channel'), '$msg_make_default' => t('Make Default'), '$create' => $create, '$all_channels' => $channels, '$mail_format' => t('%d new messages'), '$intros_format' => t('%d new introductions'), '$channel_usage_message' => $channel_usage_message, '$delegated_desc' => t('Delegated Channel'), '$delegates' => $delegates));
     return $o;
 }
示例#7
0
 function post()
 {
     check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
     call_hooks('account_settings_post', $_POST);
     $errs = array();
     $email = x($_POST, 'email') ? trim(notags($_POST['email'])) : '';
     $techlevel = array_key_exists('techlevel', $_POST) ? intval($_POST['techlevel']) : 0;
     $account = \App::get_account();
     if ($email != $account['account_email']) {
         if (!valid_email($email)) {
             $errs[] = t('Not valid email.');
         }
         $adm = trim(get_config('system', 'admin_email'));
         if ($adm && strcasecmp($email, $adm) == 0) {
             $errs[] = t('Protected email address. Cannot change to that email.');
             $email = \App::$account['account_email'];
         }
         if (!$errs) {
             $r = q("update account set account_email = '%s' where account_id = %d", dbesc($email), intval($account['account_id']));
             if (!$r) {
                 $errs[] = t('System failure storing new email. Please try again.');
             }
         }
     }
     if ($techlevel != $account['account_level']) {
         $r = q("update account set account_level = %d where account_id = %d", intval($techlevel), intval($account['account_id']));
         info(t('Technical skill level updated') . EOL);
     }
     if ($errs) {
         foreach ($errs as $err) {
             notice($err . EOL);
         }
         $errs = array();
     }
     if (x($_POST, 'npassword') || x($_POST, 'confirm')) {
         $origpass = trim($_POST['origpass']);
         require_once 'include/auth.php';
         if (!account_verify_password($email, $origpass)) {
             $errs[] = t('Password verification failed.');
         }
         $newpass = trim($_POST['npassword']);
         $confirm = trim($_POST['confirm']);
         if ($newpass != $confirm) {
             $errs[] = t('Passwords do not match. Password unchanged.');
         }
         if (!x($newpass) || !x($confirm)) {
             $errs[] = t('Empty passwords are not allowed. Password unchanged.');
         }
         if (!$errs) {
             $salt = random_string(32);
             $password_encoded = hash('whirlpool', $salt . $newpass);
             $r = q("update account set account_salt = '%s', account_password = '******', account_password_changed = '%s' \n\t\t\t\t\twhere account_id = %d", dbesc($salt), dbesc($password_encoded), dbesc(datetime_convert()), intval(get_account_id()));
             if ($r) {
                 info(t('Password changed.') . EOL);
             } else {
                 $errs[] = t('Password update failed. Please try again.');
             }
         }
     }
     if ($errs) {
         foreach ($errs as $err) {
             notice($err . EOL);
         }
     }
     goaway(z_root() . '/settings/account');
 }
示例#8
0
 function post()
 {
     if (!local_channel()) {
         return;
     }
     if ($_SESSION['delegate']) {
         return;
     }
     $channel = \App::get_channel();
     logger('mod_settings: ' . print_r($_REQUEST, true));
     if (argc() > 1 && argv(1) === 'oauth' && x($_POST, 'remove')) {
         check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
         $key = $_POST['remove'];
         q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_channel());
         goaway(z_root() . "/settings/oauth/");
         return;
     }
     if (argc() > 2 && argv(1) === 'oauth' && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST, 'submit')) {
         check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
         $name = x($_POST, 'name') ? $_POST['name'] : '';
         $key = x($_POST, 'key') ? $_POST['key'] : '';
         $secret = x($_POST, 'secret') ? $_POST['secret'] : '';
         $redirect = x($_POST, 'redirect') ? $_POST['redirect'] : '';
         $icon = x($_POST, 'icon') ? $_POST['icon'] : '';
         $ok = true;
         if ($name == '') {
             $ok = false;
             notice(t('Name is required') . EOL);
         }
         if ($key == '' || $secret == '') {
             $ok = false;
             notice(t('Key and Secret are required') . EOL);
         }
         if ($ok) {
             if ($_POST['submit'] == t("Update")) {
                 $r = q("UPDATE clients SET\n\t\t\t\t\t\t\t\tclient_id='%s',\n\t\t\t\t\t\t\t\tpw='%s',\n\t\t\t\t\t\t\t\tclname='%s',\n\t\t\t\t\t\t\t\tredirect_uri='%s',\n\t\t\t\t\t\t\t\ticon='%s',\n\t\t\t\t\t\t\t\tuid=%d\n\t\t\t\t\t\t\tWHERE client_id='%s'", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), intval(local_channel()), dbesc($key));
             } else {
                 $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid)\n\t\t\t\t\t\tVALUES ('%s','%s','%s','%s','%s',%d)", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), intval(local_channel()));
                 $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", dbesc($key), intval(local_channel()), dbesc('all'));
             }
         }
         goaway(z_root() . "/settings/oauth/");
         return;
     }
     if (argc() > 1 && argv(1) == 'featured') {
         check_form_security_token_redirectOnErr('/settings/featured', 'settings_featured');
         call_hooks('feature_settings_post', $_POST);
         build_sync_packet();
         return;
     }
     if (argc() > 1 && argv(1) == 'tokens') {
         check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens');
         $token_errs = 0;
         if (array_key_exists('token', $_POST)) {
             $atoken_id = $_POST['atoken_id'] ? intval($_POST['atoken_id']) : 0;
             $name = trim(escape_tags($_POST['name']));
             $token = trim($_POST['token']);
             if (!$name || !$token) {
                 $token_errs++;
             }
             if (trim($_POST['expires'])) {
                 $expires = datetime_convert(date_default_timezone_get(), 'UTC', $_POST['expires']);
             } else {
                 $expires = NULL_DATE;
             }
             $max_atokens = service_class_fetch(local_channel(), 'access_tokens');
             if ($max_atokens) {
                 $r = q("select count(atoken_id) as total where atoken_uid = %d", intval(local_channel()));
                 if ($r && intval($r[0]['total']) >= $max_tokens) {
                     notice(sprintf(t('This channel is limited to %d tokens'), $max_tokens) . EOL);
                     return;
                 }
             }
         }
         if ($token_errs) {
             notice(t('Name and Password are required.') . EOL);
             return;
         }
         if ($atoken_id) {
             $r = q("update atoken set atoken_name = '%s', atoken_token = '%s' atoken_expires = '%s' \n\t\t\t\t\twhere atoken_id = %d and atoken_uid = %d", dbesc($name), dbesc($token), dbesc($expires), intval($atoken_id), intval($channel['channel_id']));
         } else {
             $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires )\n\t\t\t\t\tvalues ( %d, %d, '%s', '%s', '%s' ) ", intval($channel['channel_account_id']), intval($channel['channel_id']), dbesc($name), dbesc($token), dbesc($expires));
         }
         info(t('Token saved.') . EOL);
         return;
     }
     if (argc() > 1 && argv(1) === 'features') {
         check_form_security_token_redirectOnErr('/settings/features', 'settings_features');
         // Build list of features and check which are set
         $features = get_features();
         $all_features = array();
         foreach ($features as $k => $v) {
             foreach ($v as $f) {
                 $all_features[] = $f[0];
             }
         }
         foreach ($all_features as $k) {
             if (x($_POST, "feature_{$k}")) {
                 set_pconfig(local_channel(), 'feature', $k, 1);
             } else {
                 set_pconfig(local_channel(), 'feature', $k, 0);
             }
         }
         build_sync_packet();
         return;
     }
     if (argc() > 1 && argv(1) == 'display') {
         check_form_security_token_redirectOnErr('/settings/display', 'settings_display');
         $theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : \App::$channel['channel_theme'];
         $mobile_theme = x($_POST, 'mobile_theme') ? notags(trim($_POST['mobile_theme'])) : '';
         $preload_images = x($_POST, 'preload_images') ? intval($_POST['preload_images']) : 0;
         $user_scalable = x($_POST, 'user_scalable') ? intval($_POST['user_scalable']) : 0;
         $nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
         $title_tosource = x($_POST, 'title_tosource') ? intval($_POST['title_tosource']) : 0;
         $channel_list_mode = x($_POST, 'channel_list_mode') ? intval($_POST['channel_list_mode']) : 0;
         $network_list_mode = x($_POST, 'network_list_mode') ? intval($_POST['network_list_mode']) : 0;
         $channel_divmore_height = x($_POST, 'channel_divmore_height') ? intval($_POST['channel_divmore_height']) : 400;
         if ($channel_divmore_height < 50) {
             $channel_divmore_height = 50;
         }
         $network_divmore_height = x($_POST, 'network_divmore_height') ? intval($_POST['network_divmore_height']) : 400;
         if ($network_divmore_height < 50) {
             $network_divmore_height = 50;
         }
         $browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0;
         $browser_update = $browser_update * 1000;
         if ($browser_update < 10000) {
             $browser_update = 10000;
         }
         $itemspage = x($_POST, 'itemspage') ? intval($_POST['itemspage']) : 20;
         if ($itemspage > 100) {
             $itemspage = 100;
         }
         if ($mobile_theme == "---") {
             del_pconfig(local_channel(), 'system', 'mobile_theme');
         } else {
             set_pconfig(local_channel(), 'system', 'mobile_theme', $mobile_theme);
         }
         set_pconfig(local_channel(), 'system', 'preload_images', $preload_images);
         set_pconfig(local_channel(), 'system', 'user_scalable', $user_scalable);
         set_pconfig(local_channel(), 'system', 'update_interval', $browser_update);
         set_pconfig(local_channel(), 'system', 'itemspage', $itemspage);
         set_pconfig(local_channel(), 'system', 'no_smilies', 1 - intval($nosmile));
         set_pconfig(local_channel(), 'system', 'title_tosource', $title_tosource);
         set_pconfig(local_channel(), 'system', 'channel_list_mode', $channel_list_mode);
         set_pconfig(local_channel(), 'system', 'network_list_mode', $network_list_mode);
         set_pconfig(local_channel(), 'system', 'channel_divmore_height', $channel_divmore_height);
         set_pconfig(local_channel(), 'system', 'network_divmore_height', $network_divmore_height);
         if ($theme == \App::$channel['channel_theme']) {
             // call theme_post only if theme has not been changed
             if (($themeconfigfile = $this->get_theme_config_file($theme)) != null) {
                 require_once $themeconfigfile;
                 theme_post($a);
             }
         }
         $r = q("UPDATE channel SET channel_theme = '%s' WHERE channel_id = %d", dbesc($theme), intval(local_channel()));
         call_hooks('display_settings_post', $_POST);
         build_sync_packet();
         goaway(z_root() . '/settings/display');
         return;
         // NOTREACHED
     }
     if (argc() > 1 && argv(1) === 'account') {
         check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
         call_hooks('account_settings_post', $_POST);
         //		call_hooks('settings_account', $_POST);
         $errs = array();
         $email = x($_POST, 'email') ? trim(notags($_POST['email'])) : '';
         $account = \App::get_account();
         if ($email != $account['account_email']) {
             if (!valid_email($email)) {
                 $errs[] = t('Not valid email.');
             }
             $adm = trim(get_config('system', 'admin_email'));
             if ($adm && strcasecmp($email, $adm) == 0) {
                 $errs[] = t('Protected email address. Cannot change to that email.');
                 $email = \App::$user['email'];
             }
             if (!$errs) {
                 $r = q("update account set account_email = '%s' where account_id = %d", dbesc($email), intval($account['account_id']));
                 if (!$r) {
                     $errs[] = t('System failure storing new email. Please try again.');
                 }
             }
         }
         if ($errs) {
             foreach ($errs as $err) {
                 notice($err . EOL);
             }
             $errs = array();
         }
         if (x($_POST, 'npassword') || x($_POST, 'confirm')) {
             $origpass = trim($_POST['origpass']);
             require_once 'include/auth.php';
             if (!account_verify_password($email, $origpass)) {
                 $errs[] = t('Password verification failed.');
             }
             $newpass = trim($_POST['npassword']);
             $confirm = trim($_POST['confirm']);
             if ($newpass != $confirm) {
                 $errs[] = t('Passwords do not match. Password unchanged.');
             }
             if (!x($newpass) || !x($confirm)) {
                 $errs[] = t('Empty passwords are not allowed. Password unchanged.');
             }
             if (!$errs) {
                 $salt = random_string(32);
                 $password_encoded = hash('whirlpool', $salt . $newpass);
                 $r = q("update account set account_salt = '%s', account_password = '******', account_password_changed = '%s' \n\t\t\t\t\t\twhere account_id = %d", dbesc($salt), dbesc($password_encoded), dbesc(datetime_convert()), intval(get_account_id()));
                 if ($r) {
                     info(t('Password changed.') . EOL);
                 } else {
                     $errs[] = t('Password update failed. Please try again.');
                 }
             }
         }
         if ($errs) {
             foreach ($errs as $err) {
                 notice($err . EOL);
             }
         }
         goaway(z_root() . '/settings/account');
     }
     check_form_security_token_redirectOnErr('/settings', 'settings');
     call_hooks('settings_post', $_POST);
     $set_perms = '';
     $role = x($_POST, 'permissions_role') ? notags(trim($_POST['permissions_role'])) : '';
     $oldrole = get_pconfig(local_channel(), 'system', 'permissions_role');
     if ($role != $oldrole || $role === 'custom') {
         if ($role === 'custom') {
             $hide_presence = x($_POST, 'hide_presence') && intval($_POST['hide_presence']) == 1 ? 1 : 0;
             $publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0;
             $def_group = x($_POST, 'group-selection') ? notags(trim($_POST['group-selection'])) : '';
             $r = q("update channel set channel_default_group = '%s' where channel_id = %d", dbesc($def_group), intval(local_channel()));
             $global_perms = get_perms();
             foreach ($global_perms as $k => $v) {
                 $set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
             }
             $acl = new \Zotlabs\Access\AccessList($channel);
             $acl->set_from_array($_POST);
             $x = $acl->get();
             $r = q("update channel set channel_allow_cid = '%s', channel_allow_gid = '%s', \n\t\t\t\t\tchannel_deny_cid = '%s', channel_deny_gid = '%s' where channel_id = %d", dbesc($x['allow_cid']), dbesc($x['allow_gid']), dbesc($x['deny_cid']), dbesc($x['deny_gid']), intval(local_channel()));
         } else {
             $role_permissions = get_role_perms($_POST['permissions_role']);
             if (!$role_permissions) {
                 notice('Permissions category could not be found.');
                 return;
             }
             $hide_presence = 1 - intval($role_permissions['online']);
             if ($role_permissions['default_collection']) {
                 $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                 if (!$r) {
                     require_once 'include/group.php';
                     group_add(local_channel(), t('Friends'));
                     group_add_member(local_channel(), t('Friends'), $channel['channel_hash']);
                     $r = q("select hash from groups where uid = %d and gname = '%s' limit 1", intval(local_channel()), dbesc(t('Friends')));
                 }
                 if ($r) {
                     q("update channel set channel_default_group = '%s', channel_allow_gid = '%s', channel_allow_cid = '', channel_deny_gid = '', channel_deny_cid = '' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval(local_channel()));
                 } else {
                     notice(sprintf('Default privacy group \'%s\' not found. Please create and re-submit permission change.', t('Friends')) . EOL);
                     return;
                 }
             } else {
                 q("update channel set channel_default_group = '', channel_allow_gid = '', channel_allow_cid = '', channel_deny_gid = '', \n\t\t\t\t\t\tchannel_deny_cid = '' where channel_id = %d", intval(local_channel()));
             }
             $r = q("update abook set abook_my_perms  = %d where abook_channel = %d and abook_self = 1", intval(array_key_exists('perms_accept', $role_permissions) ? $role_permissions['perms_accept'] : 0), intval(local_channel()));
             set_pconfig(local_channel(), 'system', 'autoperms', $role_permissions['perms_auto'] ? intval($role_permissions['perms_accept']) : 0);
             foreach ($role_permissions as $p => $v) {
                 if (strpos($p, 'channel_') !== false) {
                     $set_perms .= ', ' . $p . ' = ' . intval($v) . ' ';
                 }
                 if ($p === 'directory_publish') {
                     $publish = intval($v);
                 }
             }
         }
         set_pconfig(local_channel(), 'system', 'hide_online_status', $hide_presence);
         set_pconfig(local_channel(), 'system', 'permissions_role', $role);
     }
     $username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
     $timezone = x($_POST, 'timezone_select') ? notags(trim($_POST['timezone_select'])) : '';
     $defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : '';
     $openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
     $maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0;
     $expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0;
     $evdays = x($_POST, 'evdays') ? intval($_POST['evdays']) : 3;
     $photo_path = x($_POST, 'photo_path') ? escape_tags(trim($_POST['photo_path'])) : '';
     $attach_path = x($_POST, 'attach_path') ? escape_tags(trim($_POST['attach_path'])) : '';
     $channel_menu = x($_POST['channel_menu']) ? htmlspecialchars_decode(trim($_POST['channel_menu']), ENT_QUOTES) : '';
     $expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0;
     $expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0;
     $expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0;
     $expire_network_only = x($_POST, 'expire_network_only') ? intval($_POST['expire_network_only']) : 0;
     $allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0;
     $blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1;
     // this setting is inverted!
     $unkmail = x($_POST, 'unkmail') && intval($_POST['unkmail']) == 1 ? 1 : 0;
     $cntunkmail = x($_POST, 'cntunkmail') ? intval($_POST['cntunkmail']) : 0;
     $suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0;
     $post_newfriend = $_POST['post_newfriend'] == 1 ? 1 : 0;
     $post_joingroup = $_POST['post_joingroup'] == 1 ? 1 : 0;
     $post_profilechange = $_POST['post_profilechange'] == 1 ? 1 : 0;
     $adult = $_POST['adult'] == 1 ? 1 : 0;
     $cal_first_day = x($_POST, 'first_day') && intval($_POST['first_day']) == 1 ? 1 : 0;
     $channel = \App::get_channel();
     $pageflags = $channel['channel_pageflags'];
     $existing_adult = $pageflags & PAGE_ADULT ? 1 : 0;
     if ($adult != $existing_adult) {
         $pageflags = $pageflags ^ PAGE_ADULT;
     }
     $notify = 0;
     if (x($_POST, 'notify1')) {
         $notify += intval($_POST['notify1']);
     }
     if (x($_POST, 'notify2')) {
         $notify += intval($_POST['notify2']);
     }
     if (x($_POST, 'notify3')) {
         $notify += intval($_POST['notify3']);
     }
     if (x($_POST, 'notify4')) {
         $notify += intval($_POST['notify4']);
     }
     if (x($_POST, 'notify5')) {
         $notify += intval($_POST['notify5']);
     }
     if (x($_POST, 'notify6')) {
         $notify += intval($_POST['notify6']);
     }
     if (x($_POST, 'notify7')) {
         $notify += intval($_POST['notify7']);
     }
     if (x($_POST, 'notify8')) {
         $notify += intval($_POST['notify8']);
     }
     $vnotify = 0;
     if (x($_POST, 'vnotify1')) {
         $vnotify += intval($_POST['vnotify1']);
     }
     if (x($_POST, 'vnotify2')) {
         $vnotify += intval($_POST['vnotify2']);
     }
     if (x($_POST, 'vnotify3')) {
         $vnotify += intval($_POST['vnotify3']);
     }
     if (x($_POST, 'vnotify4')) {
         $vnotify += intval($_POST['vnotify4']);
     }
     if (x($_POST, 'vnotify5')) {
         $vnotify += intval($_POST['vnotify5']);
     }
     if (x($_POST, 'vnotify6')) {
         $vnotify += intval($_POST['vnotify6']);
     }
     if (x($_POST, 'vnotify7')) {
         $vnotify += intval($_POST['vnotify7']);
     }
     if (x($_POST, 'vnotify8')) {
         $vnotify += intval($_POST['vnotify8']);
     }
     if (x($_POST, 'vnotify9')) {
         $vnotify += intval($_POST['vnotify9']);
     }
     if (x($_POST, 'vnotify10')) {
         $vnotify += intval($_POST['vnotify10']);
     }
     if (x($_POST, 'vnotify11')) {
         $vnotify += intval($_POST['vnotify11']);
     }
     $always_show_in_notices = x($_POST, 'always_show_in_notices') ? 1 : 0;
     $channel = \App::get_channel();
     $err = '';
     $name_change = false;
     if ($username != $channel['channel_name']) {
         $name_change = true;
         require_once 'include/channel.php';
         $err = validate_channelname($username);
         if ($err) {
             notice($err);
             return;
         }
     }
     if ($timezone != $channel['channel_timezone']) {
         if (strlen($timezone)) {
             date_default_timezone_set($timezone);
         }
     }
     set_pconfig(local_channel(), 'system', 'use_browser_location', $allow_location);
     set_pconfig(local_channel(), 'system', 'suggestme', $suggestme);
     set_pconfig(local_channel(), 'system', 'post_newfriend', $post_newfriend);
     set_pconfig(local_channel(), 'system', 'post_joingroup', $post_joingroup);
     set_pconfig(local_channel(), 'system', 'post_profilechange', $post_profilechange);
     set_pconfig(local_channel(), 'system', 'blocktags', $blocktags);
     set_pconfig(local_channel(), 'system', 'channel_menu', $channel_menu);
     set_pconfig(local_channel(), 'system', 'vnotify', $vnotify);
     set_pconfig(local_channel(), 'system', 'always_show_in_notices', $always_show_in_notices);
     set_pconfig(local_channel(), 'system', 'evdays', $evdays);
     set_pconfig(local_channel(), 'system', 'photo_path', $photo_path);
     set_pconfig(local_channel(), 'system', 'attach_path', $attach_path);
     set_pconfig(local_channel(), 'system', 'cal_first_day', $cal_first_day);
     $r = q("update channel set channel_name = '%s', channel_pageflags = %d, channel_timezone = '%s', channel_location = '%s', channel_notifyflags = %d, channel_max_anon_mail = %d, channel_max_friend_req = %d, channel_expire_days = %d {$set_perms} where channel_id = %d", dbesc($username), intval($pageflags), dbesc($timezone), dbesc($defloc), intval($notify), intval($unkmail), intval($maxreq), intval($expire), intval(local_channel()));
     if ($r) {
         info(t('Settings updated.') . EOL);
     }
     if (!is_null($publish)) {
         $r = q("UPDATE profile SET publish = %d WHERE is_default = 1 AND uid = %d", intval($publish), intval(local_channel()));
     }
     if ($name_change) {
         $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s'", dbesc($username), dbesc(datetime_convert()), dbesc($channel['channel_hash']));
         $r = q("update profile set fullname = '%s' where uid = %d and is_default = 1", dbesc($username), intval($channel['channel_id']));
     }
     \Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
     build_sync_packet();
     //$_SESSION['theme'] = $theme;
     if ($email_changed && \App::$config['system']['register_policy'] == REGISTER_VERIFY) {
         // FIXME - set to un-verified, blocked and redirect to logout
         // Why? Are we verifying people or email addresses?
     }
     goaway(z_root() . '/settings');
     return;
     // NOTREACHED
 }
示例#9
0
function get_account_techlevel($account_id = 0)
{
    $role = \Zotlabs\Lib\System::get_server_role();
    if ($role == 'basic') {
        return 0;
    }
    if ($role == 'standard') {
        return 5;
    }
    if (!$account_id) {
        $x = \App::get_account();
    } else {
        $x = get_account_by_id($account_id);
    }
    return $x ? intval($x['account_level']) : 0;
}
示例#10
0
function import_diaspora($data)
{
    $account = App::get_account();
    if (!$account) {
        return false;
    }
    $address = escape_tags($data['user']['username']);
    if (!$address) {
        notice(t('No username found in import file.') . EOL);
        return false;
    }
    $r = q("select * from channel where channel_address = '%s' limit 1", dbesc($address));
    if ($r) {
        // try at most ten times to generate a unique address.
        $x = 0;
        $found_unique = false;
        do {
            $tmp = $address . mt_rand(1000, 9999);
            $r = q("select * from channel where channel_address = '%s' limit 1", dbesc($tmp));
            if (!$r) {
                $address = $tmp;
                $found_unique = true;
                break;
            }
            $x++;
        } while ($x < 10);
        if (!$found_unique) {
            logger('import_diaspora: duplicate channel address. randomisation failed.');
            notice(t('Unable to create a unique channel address. Import failed.') . EOL);
            return;
        }
    }
    $c = create_identity(array('name' => escape_tags($data['user']['name']), 'nickname' => $address, 'account_id' => $account['account_id'], 'permissions_role' => 'social'));
    if (!$c['success']) {
        return;
    }
    $channel_id = $c['channel']['channel_id'];
    // Hubzilla only: Turn on the Diaspora protocol so that follow requests will be sent.
    set_pconfig($channel_id, 'system', 'diaspora_allowed', '1');
    // todo - add auto follow settings, (and strip exif in hubzilla)
    $location = escape_tags($data['user']['profile']['location']);
    if (!$location) {
        $location = '';
    }
    q("update channel set channel_location = '%s' where channel_id = %d", dbesc($location), intval($channel_id));
    if ($data['user']['profile']['nsfw']) {
        q("update channel set channel_pageflags = (channel_pageflags | %d) where channel_id = %d", intval(PAGE_ADULT), intval($channel_id));
    }
    if ($data['user']['profile']['image_url']) {
        $p = z_fetch_url($data['user']['profile']['image_url'], true);
        if ($p['success']) {
            $rawbytes = $p['body'];
            $type = guess_image_type('dummyfile', $p['header']);
            import_channel_photo($rawbytes, $type, $c['channel']['channel_account_id'], $channel_id);
        }
    }
    $gender = escape_tags($data['user']['profile']['gender']);
    $about = diaspora2bb($data['user']['profile']['bio']);
    $publish = intval($data['user']['profile']['searchable']);
    if ($data['user']['profile']['birthday']) {
        $dob = datetime_convert('UTC', 'UTC', $data['user']['profile']['birthday'], 'Y-m-d');
    } else {
        $dob = '0000-00-00';
    }
    // we're relying on the fact that this channel was just created and will only
    // have the default profile currently
    $r = q("update profile set gender = '%s', about = '%s', dob = '%s', publish = %d where uid = %d", dbesc($gender), dbesc($about), dbesc($dob), dbesc($publish), intval($channel_id));
    if ($data['user']['aspects']) {
        foreach ($data['user']['aspects'] as $aspect) {
            group_add($channel_id, escape_tags($aspect['name']), intval($aspect['contacts_visible']));
        }
    }
    // now add connections and send friend requests
    if ($data['user']['contacts']) {
        foreach ($data['user']['contacts'] as $contact) {
            $result = new_contact($channel_id, $contact['person_diaspora_handle'], $c['channel']);
            if ($result['success']) {
                if ($contact['aspects']) {
                    foreach ($contact['aspects'] as $aspect) {
                        group_add_member($channel_id, $aspect['name'], $result['abook']['xchan_hash']);
                    }
                }
            }
        }
    }
    // Then add items - note this can't be done until Diaspora adds guids to exported
    // items and comments
    // This will indirectly perform a refresh_all *and* update the directory
    proc_run('php', 'include/directory.php', $channel_id);
    notice(t('Import completed.') . EOL);
    change_channel($channel_id);
    goaway(z_root() . '/network');
}