require_once('include/cache.php');
require_once('library/Mobile_Detect/Mobile_Detect.php');
require_once('include/features.php');
+require_once('include/identity.php');
require_once('update.php');
require_once('include/dbstructure.php');
$this->cmd = trim($_GET['q'],'/\\');
- // fix query_string
- $this->query_string = str_replace($this->cmd."&",$this->cmd."?", $this->query_string);
+ // fix query_string
+ $this->query_string = str_replace($this->cmd."&",$this->cmd."?", $this->query_string);
// unix style "homedir"
if(substr($this->cmd,0,1) === '~')
- $this->cmd = 'profile/' . substr($this->cmd,1);
+ $this->cmd = 'profile/' . substr($this->cmd,1);
// Diaspora style profile url
if(x($v,"name")) $name = $v['name'];
}
if ($name===""){
- echo "template engine <tt>$class</tt> cannot be registered without a name.\n";
+ echo "template engine <tt>$class</tt> cannot be registered without a name.\n";
killme();
- }
+ }
$this->template_engines[$name] = $class;
}
}
}
-
-
-/**
- *
- * Function : profile_load
- * @parameter App $a
- * @parameter string $nickname
- * @parameter int $profile
- *
- * Summary: Loads a profile into the page sidebar.
- * The function requires a writeable copy of the main App structure, and the nickname
- * of a registered local account.
- *
- * If the viewer is an authenticated remote viewer, the profile displayed is the
- * one that has been configured for his/her viewing in the Contact manager.
- * Passing a non-zero profile ID can also allow a preview of a selected profile
- * by the owner.
- *
- * Profile information is placed in the App structure for later retrieval.
- * Honours the owner's chosen theme for display.
- *
- * IMPORTANT: Should only be run in the _init() functions of a module. That ensures that
- * the theme is chosen before the _init() function of a theme is run, which will usually
- * load a lot of theme-specific content
- *
- */
-
-if(! function_exists('profile_load')) {
- function profile_load(&$a, $nickname, $profile = 0, $profiledata = array()) {
-
- $user = q("SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1",
- dbesc($nickname)
- );
-
- if(!$user && count($user) && !count($profiledata)) {
- logger('profile error: ' . $a->query_string, LOGGER_DEBUG);
- notice( t('Requested account is not available.') . EOL );
- $a->error = 404;
- return;
- }
-
- if(remote_user() && count($_SESSION['remote'])) {
- foreach($_SESSION['remote'] as $visitor) {
- if($visitor['uid'] == $user[0]['uid']) {
- $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
- intval($visitor['cid'])
- );
- if(count($r))
- $profile = $r[0]['profile-id'];
- break;
- }
- }
- }
-
- $r = null;
-
- if($profile) {
- $profile_int = intval($profile);
- $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
- INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
- WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d and `contact`.`self` = 1 LIMIT 1",
- dbesc($nickname),
- intval($profile_int)
- );
- }
- if((!$r) && (!count($r))) {
- $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
- INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
- WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 and `contact`.`self` = 1 LIMIT 1",
- dbesc($nickname)
- );
- }
-
- if(($r === false) || (!count($r)) && !count($profiledata)) {
- logger('profile error: ' . $a->query_string, LOGGER_DEBUG);
- notice( t('Requested profile is not available.') . EOL );
- $a->error = 404;
- return;
- }
-
- // fetch user tags if this isn't the default profile
-
- if(!$r[0]['is-default']) {
- $x = q("select `pub_keywords` from `profile` where uid = %d and `is-default` = 1 limit 1",
- intval($r[0]['profile_uid'])
- );
- if($x && count($x))
- $r[0]['pub_keywords'] = $x[0]['pub_keywords'];
- }
-
- $a->profile = $r[0];
-
- $a->profile['mobile-theme'] = get_pconfig($a->profile['profile_uid'], 'system', 'mobile_theme');
- $a->profile['network'] = NETWORK_DFRN;
-
- $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
-
- if (!$profiledata)
- $_SESSION['theme'] = $a->profile['theme'];
-
- $_SESSION['mobile-theme'] = $a->profile['mobile-theme'];
-
- /**
- * load/reload current theme info
- */
-
- $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
-
- $theme_info_file = "view/theme/".current_theme()."/theme.php";
- if (file_exists($theme_info_file)){
- require_once($theme_info_file);
- }
-
- if(! (x($a->page,'aside')))
- $a->page['aside'] = '';
-
- if(local_user() && local_user() == $a->profile['uid'] && $profiledata) {
- $a->page['aside'] .= replace_macros(get_markup_template('profile_edlink.tpl'),array(
- '$editprofile' => t('Edit profile'),
- '$profid' => $a->profile['id']
- ));
- }
-
- $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
-
- // To-Do:
- // By now, the contact block isn't shown, when a different profile is given
- // But: When this profile was on the same server, then we could display the contacts
- if ($profiledata)
- $a->page['aside'] .= profile_sidebar($profiledata, true);
- else
- $a->page['aside'] .= profile_sidebar($a->profile, $block);
-
-
- /*if(! $block)
- $a->page['aside'] .= contact_block();*/
-
- return;
- }
-}
-
-
-/**
- *
- * Function: profile_sidebar
- *
- * Formats a profile for display in the sidebar.
- * It is very difficult to templatise the HTML completely
- * because of all the conditional logic.
- *
- * @parameter: array $profile
- *
- * Returns HTML string stuitable for sidebar inclusion
- * Exceptions: Returns empty string if passed $profile is wrong type or not populated
- *
- */
-
-
-if(! function_exists('profile_sidebar')) {
- function profile_sidebar($profile, $block = 0) {
- $a = get_app();
-
- $o = '';
- $location = false;
- $address = false;
- $pdesc = true;
-
- if((! is_array($profile)) && (! count($profile)))
- return $o;
-
- $profile['picdate'] = urlencode($profile['picdate']);
-
- if (($profile['network'] != "") AND ($profile['network'] != NETWORK_DFRN)) {
- require_once('include/contact_selectors.php');
- if ($profile['url'] != "")
- $profile['network_name'] = '<a href="'.$profile['url'].'">'.network_to_name($profile['network'])."</a>";
- else
- $profile['network_name'] = network_to_name($profile['network']);
- } else
- $profile['network_name'] = "";
-
- call_hooks('profile_sidebar_enter', $profile);
-
-
- // don't show connect link to yourself
- $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
-
- // don't show connect link to authenticated visitors either
- if(remote_user() && count($_SESSION['remote'])) {
- foreach($_SESSION['remote'] as $visitor) {
- if($visitor['uid'] == $profile['uid']) {
- $connect = false;
- break;
- }
- }
- }
-
- // Is the local user already connected to that user?
- if ($connect AND local_user()) {
- if (isset($profile["url"]))
- $profile_url = normalise_link($profile["url"]);
- else
- $profile_url = normalise_link($a->get_baseurl()."/profile/".$profile["nickname"]);
-
- $r = q("SELECT * FROM `contact` WHERE NOT `pending` AND `uid` = %d AND `nurl` = '%s'",
- local_user(), $profile_url);
- if (count($r))
- $connect = false;
- }
-
- if ($connect AND ($profile['network'] != NETWORK_DFRN) AND !isset($profile['remoteconnect']))
- $connect = false;
-
- if (isset($profile['remoteconnect']))
- $remoteconnect = $profile['remoteconnect'];
-
- if( get_my_url() && $profile['unkmail'] && ($profile['uid'] != local_user()) )
- $wallmessage = t('Message');
- else
- $wallmessage = false;
-
- // show edit profile to yourself
- if ($profile['uid'] == local_user() && feature_enabled(local_user(),'multi_profiles')) {
- $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
- $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
- local_user());
-
- $profile['menu'] = array(
- 'chg_photo' => t('Change profile photo'),
- 'cr_new' => t('Create New Profile'),
- 'entries' => array(),
- );
-
- if(count($r)) {
-
- foreach($r as $rr) {
- $profile['menu']['entries'][] = array(
- 'photo' => $rr['thumb'],
- 'id' => $rr['id'],
- 'alt' => t('Profile Image'),
- 'profile_name' => $rr['profile-name'],
- 'isdefault' => $rr['is-default'],
- 'visibile_to_everybody' => t('visible to everybody'),
- 'edit_visibility' => t('Edit visibility'),
-
- );
- }
-
-
- }
- }
- if ($profile['uid'] == local_user() && !feature_enabled(local_user(),'multi_profiles')) {
- $profile['edit'] = array($a->get_baseurl(). '/profiles/'.$profile['id'], t('Edit profile'),"", t('Edit profile'));
- $profile['menu'] = array(
- 'chg_photo' => t('Change profile photo'),
- 'cr_new' => null,
- 'entries' => array(),
- );
- }
-
- if((x($profile,'address') == 1)
- || (x($profile,'locality') == 1)
- || (x($profile,'region') == 1)
- || (x($profile,'postal-code') == 1)
- || (x($profile,'country-name') == 1))
- $location = t('Location:');
-
- $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
-
-
- $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
-
- $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
-
- $about = ((x($profile,'about') == 1) ? t('About:') : False);
-
- if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
- $location = $pdesc = $gender = $marital = $homepage = $about = False;
- }
-
- $firstname = ((strpos($profile['name'],' '))
- ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
- $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
-
- $diaspora = array(
- 'podloc' => $a->get_baseurl(),
- 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
- 'nickname' => $profile['nickname'],
- 'fullname' => $profile['name'],
- 'firstname' => $firstname,
- 'lastname' => $lastname,
- 'photo300' => $a->get_cached_avatar_image($a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg'),
- 'photo100' => $a->get_cached_avatar_image($a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg'),
- 'photo50' => $a->get_cached_avatar_image($a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg'),
- );
-
- if (!$block){
- $contact_block = contact_block();
-
- if(is_array($a->profile) AND !$a->profile['hide-friends']) {
- $r = q("SELECT `gcontact`.`updated` FROM `contact` INNER JOIN `gcontact` WHERE `gcontact`.`nurl` = `contact`.`nurl` AND `self` AND `uid` = %d LIMIT 1",
- intval($a->profile['uid']));
- if(count($r))
- $updated = date("c", strtotime($r[0]['updated']));
-
- $r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 and `pending` = 0 AND `hidden` = 0 AND `archive` = 0
- AND `network` IN ('%s', '%s', '%s', '')",
- intval($profile['uid']),
- dbesc(NETWORK_DFRN),
- dbesc(NETWORK_DIASPORA),
- dbesc(NETWORK_OSTATUS)
- );
- if(count($r))
- $contacts = intval($r[0]['total']);
- }
- }
-
- $p = array();
- foreach($profile as $k => $v) {
- $k = str_replace('-','_',$k);
- $p[$k] = $v;
- }
-
- if($a->theme['template_engine'] === 'internal')
- $location = template_escape($location);
-
- $tpl = get_markup_template('profile_vcard.tpl');
- $o .= replace_macros($tpl, array(
- '$profile' => $p,
- '$connect' => $connect,
- '$remoteconnect' => $remoteconnect,
- '$wallmessage' => $wallmessage,
- '$location' => $location,
- '$gender' => $gender,
- '$pdesc' => $pdesc,
- '$marital' => $marital,
- '$homepage' => $homepage,
- '$about' => $about,
- '$network' => t('Network:'),
- '$contacts' => $contacts,
- '$updated' => $updated,
- '$diaspora' => $diaspora,
- '$contact_block' => $contact_block,
- ));
-
-
- $arr = array('profile' => &$profile, 'entry' => &$o);
-
- call_hooks('profile_sidebar', $arr);
-
- return $o;
- }
-}
-
-
-if(! function_exists('get_birthdays')) {
- function get_birthdays() {
-
- $a = get_app();
- $o = '';
-
- if(! local_user() || $a->is_mobile || $a->is_tablet)
- return $o;
-
-// $mobile_detect = new Mobile_Detect();
-// $is_mobile = $mobile_detect->isMobile() || $mobile_detect->isTablet();
-
-// if($is_mobile)
-// return $o;
-
- $bd_format = t('g A l F d') ; // 8 AM Friday January 18
- $bd_short = t('F d');
-
- $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
- INNER JOIN `contact` ON `contact`.`id` = `event`.`cid`
- WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
- ORDER BY `start` ASC ",
- intval(local_user()),
- dbesc(datetime_convert('UTC','UTC','now + 6 days')),
- dbesc(datetime_convert('UTC','UTC','now'))
- );
-
- if($r && count($r)) {
- $total = 0;
- $now = strtotime('now');
- $cids = array();
-
- $istoday = false;
- foreach($r as $rr) {
- if(strlen($rr['name']))
- $total ++;
- if((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now))
- $istoday = true;
- }
- $classtoday = $istoday ? ' birthday-today ' : '';
- if($total) {
- foreach($r as &$rr) {
- if(! strlen($rr['name']))
- continue;
-
- // avoid duplicates
-
- if(in_array($rr['cid'],$cids))
- continue;
- $cids[] = $rr['cid'];
-
- $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
- $sparkle = '';
- $url = $rr['url'];
- if($rr['network'] === NETWORK_DFRN) {
- $sparkle = " sparkle";
- $url = $a->get_baseurl() . '/redir/' . $rr['cid'];
- }
-
- $rr['link'] = $url;
- $rr['title'] = $rr['name'];
- $rr['date'] = day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . t('[today]') : '');
- $rr['startime'] = Null;
- $rr['today'] = $today;
-
- }
- }
- }
- $tpl = get_markup_template("birthdays_reminder.tpl");
- return replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
- '$classtoday' => $classtoday,
- '$count' => $total,
- '$event_reminders' => t('Birthday Reminders'),
- '$event_title' => t('Birthdays this week:'),
- '$events' => $r,
- '$lbr' => '{', // raw brackets mess up if/endif macro processing
- '$rbr' => '}'
-
- ));
- }
-}
-
-
-if(! function_exists('get_events')) {
- function get_events() {
-
- require_once('include/bbcode.php');
-
- $a = get_app();
-
- if(! local_user() || $a->is_mobile || $a->is_tablet)
- return $o;
-
-
-// $mobile_detect = new Mobile_Detect();
-// $is_mobile = $mobile_detect->isMobile() || $mobile_detect->isTablet();
-
-// if($is_mobile)
-// return $o;
-
- $bd_format = t('g A l F d') ; // 8 AM Friday January 18
- $bd_short = t('F d');
-
- $r = q("SELECT `event`.* FROM `event`
- WHERE `event`.`uid` = %d AND `type` != 'birthday' AND `start` < '%s' AND `start` >= '%s'
- ORDER BY `start` ASC ",
- intval(local_user()),
- dbesc(datetime_convert('UTC','UTC','now + 7 days')),
- dbesc(datetime_convert('UTC','UTC','now - 1 days'))
- );
-
- if($r && count($r)) {
- $now = strtotime('now');
- $istoday = false;
- foreach($r as $rr) {
- if(strlen($rr['name']))
- $total ++;
-
- $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start'],'Y-m-d');
- if($strt === datetime_convert('UTC',$a->timezone,'now','Y-m-d'))
- $istoday = true;
- }
- $classtoday = (($istoday) ? 'event-today' : '');
-
- $skip = 0;
-
- foreach($r as &$rr) {
- $title = strip_tags(html_entity_decode(bbcode($rr['summary']),ENT_QUOTES,'UTF-8'));
-
- if(strlen($title) > 35)
- $title = substr($title,0,32) . '... ';
-
- $description = substr(strip_tags(bbcode($rr['desc'])),0,32) . '... ';
- if(! $description)
- $description = t('[No description]');
-
- $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start']);
-
- if(substr($strt,0,10) < datetime_convert('UTC',$a->timezone,'now','Y-m-d')) {
- $skip++;
- continue;
- }
-
- $today = ((substr($strt,0,10) === datetime_convert('UTC',$a->timezone,'now','Y-m-d')) ? true : false);
-
- $rr['title'] = $title;
- $rr['description'] = $desciption;
- $rr['date'] = day_translate(datetime_convert('UTC', $rr['adjust'] ? $a->timezone : 'UTC', $rr['start'], $bd_format)) . (($today) ? ' ' . t('[today]') : '');
- $rr['startime'] = $strt;
- $rr['today'] = $today;
- }
- }
-
- $tpl = get_markup_template("events_reminder.tpl");
- return replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
- '$classtoday' => $classtoday,
- '$count' => count($r) - $skip,
- '$event_reminders' => t('Event Reminders'),
- '$event_title' => t('Events this week:'),
- '$events' => $r,
- ));
- }
-}
-
-
/**
*
* Wrap calls to proc_close(proc_open()) and call hook
if(count($args) && $args[0] === 'php')
$args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
- // add baseurl to args. cli scripts can't construct it
- $args[] = $a->get_baseurl();
+ // add baseurl to args. cli scripts can't construct it
+ $args[] = $a->get_baseurl();
- for($x = 0; $x < count($args); $x ++)
+ for($x = 0; $x < count($args); $x ++)
$args[$x] = escapeshellarg($args[$x]);
}
}
-if(! function_exists('profile_tabs')){
- function profile_tabs($a, $is_owner=False, $nickname=Null){
- //echo "<pre>"; var_dump($a->user); killme();
-
- if (is_null($nickname))
- $nickname = $a->user['nickname'];
-
- if(x($_GET,'tab'))
- $tab = notags(trim($_GET['tab']));
-
- $url = $a->get_baseurl() . '/profile/' . $nickname;
-
- $tabs = array(
- array(
- 'label'=>t('Status'),
- 'url' => $url,
- 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
- 'title' => t('Status Messages and Posts'),
- 'id' => 'status-tab',
- ),
- array(
- 'label' => t('Profile'),
- 'url' => $url.'/?tab=profile',
- 'sel' => ((isset($tab) && $tab=='profile')?'active':''),
- 'title' => t('Profile Details'),
- 'id' => 'profile-tab',
- ),
- array(
- 'label' => t('Photos'),
- 'url' => $a->get_baseurl() . '/photos/' . $nickname,
- 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
- 'title' => t('Photo Albums'),
- 'id' => 'photo-tab',
- ),
- array(
- 'label' => t('Videos'),
- 'url' => $a->get_baseurl() . '/videos/' . $nickname,
- 'sel' => ((!isset($tab)&&$a->argv[0]=='videos')?'active':''),
- 'title' => t('Videos'),
- 'id' => 'video-tab',
- ),
- );
-
- if ($is_owner){
- $tabs[] = array(
- 'label' => t('Events'),
- 'url' => $a->get_baseurl() . '/events',
- 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
- 'title' => t('Events and Calendar'),
- 'id' => 'events-tab',
- );
- $tabs[] = array(
- 'label' => t('Personal Notes'),
- 'url' => $a->get_baseurl() . '/notes',
- 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
- 'title' => t('Only You Can See This'),
- 'id' => 'notes-tab',
- );
- }
-
-
- $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs);
- call_hooks('profile_tabs', $arr);
-
- $tpl = get_markup_template('common_tabs.tpl');
-
- return replace_macros($tpl,array('$tabs' => $arr['tabs']));
- }
-}
-
-function get_my_url() {
- if(x($_SESSION,'my_url'))
- return $_SESSION['my_url'];
- return false;
-}
-
-function zrl_init(&$a) {
- $tmp_str = get_my_url();
- if(validate_url($tmp_str)) {
-
- // Is it a DDoS attempt?
- // The check fetches the cached value from gprobe to reduce the load for this system
- $urlparts = parse_url($tmp_str);
-
- $result = Cache::get("gprobe:".$urlparts["host"]);
- if (!is_null($result)) {
- $result = unserialize($result);
- if ($result["network"] == NETWORK_FEED) {
- logger("DDoS attempt detected for ".$urlparts["host"]." by ".$_SERVER["REMOTE_ADDR"].". server data: ".print_r($_SERVER, true), LOGGER_DEBUG);
- return;
- }
- }
-
- proc_run('php','include/gprobe.php',bin2hex($tmp_str));
- $arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
- call_hooks('zrl_init',$arr);
- }
-}
-
-function zrl($s,$force = false) {
- if(! strlen($s))
- return $s;
- if((! strpos($s,'/profile/')) && (! $force))
- return $s;
- if($force && substr($s,-1,1) !== '/')
- $s = $s . '/';
- $achar = strpos($s,'?') ? '&' : '?';
- $mine = get_my_url();
- if($mine and ! link_compare($mine,$s))
- return $s . $achar . 'zrl=' . urlencode($mine);
- return $s;
-}
-
/**
* returns querystring as string from a mapped array
*
}
if(!function_exists('exif_imagetype')) {
- function exif_imagetype($file) {
- $size = getimagesize($file);
- return($size[2]);
- }
+ function exif_imagetype($file) {
+ $size = getimagesize($file);
+ return($size[2]);
+ }
}
$a->config['system']['huburl'] = '[internal]';
-// Server-to-server private message encryption (RINO) is allowed by default.
-// Encryption will only be provided if this setting is true and the
-// PHP mcrypt extension is installed on both systems
-
-$a->config['system']['rino_encrypt'] = true;
-
// allowed themes (change this from admin panel after installation)
$a->config['system']['allowed_themes'] = 'dispy,quattro,vier,darkzero,duepuntozero,greenzero,purplezero,slackr,diabook';
$search = $_REQUEST['query'];
}
- logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
+// logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
if ($search!=""){
$sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
if(! function_exists('aes_decrypt')) {
+// DEPRECATED IN 3.4.1
function aes_decrypt($val,$ky)
{
$key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
if(! function_exists('aes_encrypt')) {
+// DEPRECATED IN 3.4.1
function aes_encrypt($val,$ky)
{
$key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
return mcrypt_encrypt($enc, $key, $val, $mode, mcrypt_create_iv( mcrypt_get_iv_size($enc, $mode), MCRYPT_DEV_URANDOM));
}}
-
function pkcs5_pad ($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return substr($text, 0, -1 * $pad);
}
-function AES256CBC_encrypt($data,$key,$iv) {
- return mcrypt_encrypt(
- MCRYPT_RIJNDAEL_128,
- str_pad($key,32,"\0"),
- pkcs5_pad($data,16),
- MCRYPT_MODE_CBC,
- str_pad($iv,16,"\0"));
-}
-
-function AES256CBC_decrypt($data,$key,$iv) {
- return pkcs5_unpad(mcrypt_decrypt(
- MCRYPT_RIJNDAEL_128,
- str_pad($key,32,"\0"),
- $data,
- MCRYPT_MODE_CBC,
- str_pad($iv,16,"\0")));
-}
-
-function aes_encapsulate($data,$pubkey) {
- $key = random_string(32,RANDOM_STRING_TEXT);
- $iv = random_string(16,RANDOM_STRING_TEXT);
- $result['data'] = base64url_encode(AES256CBC_encrypt($data,$key,$iv),true);
- openssl_public_encrypt($key,$k,$pubkey);
- $result['key'] = base64url_encode($k,true);
- openssl_public_encrypt($iv,$i,$pubkey);
- $result['iv'] = base64url_encode($i,true);
- return $result;
-}
-
-function aes_unencapsulate($data,$prvkey) {
- openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey);
- openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey);
- return AES256CBC_decrypt(base64url_decode($data['data']),$k,$i);
-}
function new_keypair($bits) {
--- /dev/null
+<?php
+
+
+/**
+ *
+ * Function : profile_load
+ * @parameter App $a
+ * @parameter string $nickname
+ * @parameter int $profile
+ *
+ * Summary: Loads a profile into the page sidebar.
+ * The function requires a writeable copy of the main App structure, and the nickname
+ * of a registered local account.
+ *
+ * If the viewer is an authenticated remote viewer, the profile displayed is the
+ * one that has been configured for his/her viewing in the Contact manager.
+ * Passing a non-zero profile ID can also allow a preview of a selected profile
+ * by the owner.
+ *
+ * Profile information is placed in the App structure for later retrieval.
+ * Honours the owner's chosen theme for display.
+ *
+ * IMPORTANT: Should only be run in the _init() functions of a module. That ensures that
+ * the theme is chosen before the _init() function of a theme is run, which will usually
+ * load a lot of theme-specific content
+ *
+ */
+
+if(! function_exists('profile_load')) {
+ function profile_load(&$a, $nickname, $profile = 0, $profiledata = array()) {
+
+ $user = q("SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1",
+ dbesc($nickname)
+ );
+
+ if(!$user && count($user) && !count($profiledata)) {
+ logger('profile error: ' . $a->query_string, LOGGER_DEBUG);
+ notice( t('Requested account is not available.') . EOL );
+ $a->error = 404;
+ return;
+ }
+
+ if(remote_user() && count($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $user[0]['uid']) {
+ $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
+ intval($visitor['cid'])
+ );
+ if(count($r))
+ $profile = $r[0]['profile-id'];
+ break;
+ }
+ }
+ }
+
+ $r = null;
+
+ if($profile) {
+ $profile_int = intval($profile);
+ $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
+ INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
+ WHERE `user`.`nickname` = '%s' AND `profile`.`id` = %d and `contact`.`self` = 1 LIMIT 1",
+ dbesc($nickname),
+ intval($profile_int)
+ );
+ }
+ if((!$r) && (!count($r))) {
+ $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
+ INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
+ WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 and `contact`.`self` = 1 LIMIT 1",
+ dbesc($nickname)
+ );
+ }
+
+ if(($r === false) || (!count($r)) && !count($profiledata)) {
+ logger('profile error: ' . $a->query_string, LOGGER_DEBUG);
+ notice( t('Requested profile is not available.') . EOL );
+ $a->error = 404;
+ return;
+ }
+
+ // fetch user tags if this isn't the default profile
+
+ if(!$r[0]['is-default']) {
+ $x = q("select `pub_keywords` from `profile` where uid = %d and `is-default` = 1 limit 1",
+ intval($r[0]['profile_uid'])
+ );
+ if($x && count($x))
+ $r[0]['pub_keywords'] = $x[0]['pub_keywords'];
+ }
+
+ $a->profile = $r[0];
+
+ $a->profile['mobile-theme'] = get_pconfig($a->profile['profile_uid'], 'system', 'mobile_theme');
+ $a->profile['network'] = NETWORK_DFRN;
+
+ $a->page['title'] = $a->profile['name'] . " @ " . $a->config['sitename'];
+
+ if (!$profiledata)
+ $_SESSION['theme'] = $a->profile['theme'];
+
+ $_SESSION['mobile-theme'] = $a->profile['mobile-theme'];
+
+ /**
+ * load/reload current theme info
+ */
+
+ $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
+
+ $theme_info_file = "view/theme/".current_theme()."/theme.php";
+ if (file_exists($theme_info_file)){
+ require_once($theme_info_file);
+ }
+
+ if(! (x($a->page,'aside')))
+ $a->page['aside'] = '';
+
+ if(local_user() && local_user() == $a->profile['uid'] && $profiledata) {
+ $a->page['aside'] .= replace_macros(get_markup_template('profile_edlink.tpl'),array(
+ '$editprofile' => t('Edit profile'),
+ '$profid' => $a->profile['id']
+ ));
+ }
+
+ $block = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
+
+ // To-Do:
+ // By now, the contact block isn't shown, when a different profile is given
+ // But: When this profile was on the same server, then we could display the contacts
+ if ($profiledata)
+ $a->page['aside'] .= profile_sidebar($profiledata, true);
+ else
+ $a->page['aside'] .= profile_sidebar($a->profile, $block);
+
+
+ /*if(! $block)
+ $a->page['aside'] .= contact_block();*/
+
+ return;
+ }
+}
+
+
+/**
+ *
+ * Function: profile_sidebar
+ *
+ * Formats a profile for display in the sidebar.
+ * It is very difficult to templatise the HTML completely
+ * because of all the conditional logic.
+ *
+ * @parameter: array $profile
+ *
+ * Returns HTML string stuitable for sidebar inclusion
+ * Exceptions: Returns empty string if passed $profile is wrong type or not populated
+ *
+ */
+
+
+if(! function_exists('profile_sidebar')) {
+ function profile_sidebar($profile, $block = 0) {
+ $a = get_app();
+
+ $o = '';
+ $location = false;
+ $address = false;
+ $pdesc = true;
+
+ if((! is_array($profile)) && (! count($profile)))
+ return $o;
+
+ $profile['picdate'] = urlencode($profile['picdate']);
+
+ if (($profile['network'] != "") AND ($profile['network'] != NETWORK_DFRN)) {
+ require_once('include/contact_selectors.php');
+ if ($profile['url'] != "")
+ $profile['network_name'] = '<a href="'.$profile['url'].'">'.network_to_name($profile['network'])."</a>";
+ else
+ $profile['network_name'] = network_to_name($profile['network']);
+ } else
+ $profile['network_name'] = "";
+
+ call_hooks('profile_sidebar_enter', $profile);
+
+
+ // don't show connect link to yourself
+ $connect = (($profile['uid'] != local_user()) ? t('Connect') : False);
+
+ // don't show connect link to authenticated visitors either
+ if(remote_user() && count($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $profile['uid']) {
+ $connect = false;
+ break;
+ }
+ }
+ }
+
+ // Is the local user already connected to that user?
+ if ($connect AND local_user()) {
+ if (isset($profile["url"]))
+ $profile_url = normalise_link($profile["url"]);
+ else
+ $profile_url = normalise_link($a->get_baseurl()."/profile/".$profile["nickname"]);
+
+ $r = q("SELECT * FROM `contact` WHERE NOT `pending` AND `uid` = %d AND `nurl` = '%s'",
+ local_user(), $profile_url);
+ if (count($r))
+ $connect = false;
+ }
+
+ if ($connect AND ($profile['network'] != NETWORK_DFRN) AND !isset($profile['remoteconnect']))
+ $connect = false;
+
+ if (isset($profile['remoteconnect']))
+ $remoteconnect = $profile['remoteconnect'];
+
+ if( get_my_url() && $profile['unkmail'] && ($profile['uid'] != local_user()) )
+ $wallmessage = t('Message');
+ else
+ $wallmessage = false;
+
+ // show edit profile to yourself
+ if ($profile['uid'] == local_user() && feature_enabled(local_user(),'multi_profiles')) {
+ $profile['edit'] = array($a->get_baseurl(). '/profiles', t('Profiles'),"", t('Manage/edit profiles'));
+ $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
+ local_user());
+
+ $profile['menu'] = array(
+ 'chg_photo' => t('Change profile photo'),
+ 'cr_new' => t('Create New Profile'),
+ 'entries' => array(),
+ );
+
+ if(count($r)) {
+
+ foreach($r as $rr) {
+ $profile['menu']['entries'][] = array(
+ 'photo' => $rr['thumb'],
+ 'id' => $rr['id'],
+ 'alt' => t('Profile Image'),
+ 'profile_name' => $rr['profile-name'],
+ 'isdefault' => $rr['is-default'],
+ 'visibile_to_everybody' => t('visible to everybody'),
+ 'edit_visibility' => t('Edit visibility'),
+
+ );
+ }
+
+
+ }
+ }
+ if ($profile['uid'] == local_user() && !feature_enabled(local_user(),'multi_profiles')) {
+ $profile['edit'] = array($a->get_baseurl(). '/profiles/'.$profile['id'], t('Edit profile'),"", t('Edit profile'));
+ $profile['menu'] = array(
+ 'chg_photo' => t('Change profile photo'),
+ 'cr_new' => null,
+ 'entries' => array(),
+ );
+ }
+
+ if((x($profile,'address') == 1)
+ || (x($profile,'locality') == 1)
+ || (x($profile,'region') == 1)
+ || (x($profile,'postal-code') == 1)
+ || (x($profile,'country-name') == 1))
+ $location = t('Location:');
+
+ $gender = ((x($profile,'gender') == 1) ? t('Gender:') : False);
+
+
+ $marital = ((x($profile,'marital') == 1) ? t('Status:') : False);
+
+ $homepage = ((x($profile,'homepage') == 1) ? t('Homepage:') : False);
+
+ $about = ((x($profile,'about') == 1) ? t('About:') : False);
+
+ if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) {
+ $location = $pdesc = $gender = $marital = $homepage = $about = False;
+ }
+
+ $firstname = ((strpos($profile['name'],' '))
+ ? trim(substr($profile['name'],0,strpos($profile['name'],' '))) : $profile['name']);
+ $lastname = (($firstname === $profile['name']) ? '' : trim(substr($profile['name'],strlen($firstname))));
+
+ $diaspora = array(
+ 'podloc' => $a->get_baseurl(),
+ 'searchable' => (($profile['publish'] && $profile['net-publish']) ? 'true' : 'false' ),
+ 'nickname' => $profile['nickname'],
+ 'fullname' => $profile['name'],
+ 'firstname' => $firstname,
+ 'lastname' => $lastname,
+ 'photo300' => $a->get_cached_avatar_image($a->get_baseurl() . '/photo/custom/300/' . $profile['uid'] . '.jpg'),
+ 'photo100' => $a->get_cached_avatar_image($a->get_baseurl() . '/photo/custom/100/' . $profile['uid'] . '.jpg'),
+ 'photo50' => $a->get_cached_avatar_image($a->get_baseurl() . '/photo/custom/50/' . $profile['uid'] . '.jpg'),
+ );
+
+ if (!$block){
+ $contact_block = contact_block();
+
+ if(is_array($a->profile) AND !$a->profile['hide-friends']) {
+ $r = q("SELECT `gcontact`.`updated` FROM `contact` INNER JOIN `gcontact` WHERE `gcontact`.`nurl` = `contact`.`nurl` AND `self` AND `uid` = %d LIMIT 1",
+ intval($a->profile['uid']));
+ if(count($r))
+ $updated = date("c", strtotime($r[0]['updated']));
+
+ $r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 and `pending` = 0 AND `hidden` = 0 AND `archive` = 0
+ AND `network` IN ('%s', '%s', '%s', '')",
+ intval($profile['uid']),
+ dbesc(NETWORK_DFRN),
+ dbesc(NETWORK_DIASPORA),
+ dbesc(NETWORK_OSTATUS)
+ );
+ if(count($r))
+ $contacts = intval($r[0]['total']);
+ }
+ }
+
+ $p = array();
+ foreach($profile as $k => $v) {
+ $k = str_replace('-','_',$k);
+ $p[$k] = $v;
+ }
+
+ if($a->theme['template_engine'] === 'internal')
+ $location = template_escape($location);
+
+ $tpl = get_markup_template('profile_vcard.tpl');
+ $o .= replace_macros($tpl, array(
+ '$profile' => $p,
+ '$connect' => $connect,
+ '$remoteconnect' => $remoteconnect,
+ '$wallmessage' => $wallmessage,
+ '$location' => $location,
+ '$gender' => $gender,
+ '$pdesc' => $pdesc,
+ '$marital' => $marital,
+ '$homepage' => $homepage,
+ '$about' => $about,
+ '$network' => t('Network:'),
+ '$contacts' => $contacts,
+ '$updated' => $updated,
+ '$diaspora' => $diaspora,
+ '$contact_block' => $contact_block,
+ ));
+
+
+ $arr = array('profile' => &$profile, 'entry' => &$o);
+
+ call_hooks('profile_sidebar', $arr);
+
+ return $o;
+ }
+}
+
+
+if(! function_exists('get_birthdays')) {
+ function get_birthdays() {
+
+ $a = get_app();
+ $o = '';
+
+ if(! local_user() || $a->is_mobile || $a->is_tablet)
+ return $o;
+
+// $mobile_detect = new Mobile_Detect();
+// $is_mobile = $mobile_detect->isMobile() || $mobile_detect->isTablet();
+
+// if($is_mobile)
+// return $o;
+
+ $bd_format = t('g A l F d') ; // 8 AM Friday January 18
+ $bd_short = t('F d');
+
+ $r = q("SELECT `event`.*, `event`.`id` AS `eid`, `contact`.* FROM `event`
+ INNER JOIN `contact` ON `contact`.`id` = `event`.`cid`
+ WHERE `event`.`uid` = %d AND `type` = 'birthday' AND `start` < '%s' AND `finish` > '%s'
+ ORDER BY `start` ASC ",
+ intval(local_user()),
+ dbesc(datetime_convert('UTC','UTC','now + 6 days')),
+ dbesc(datetime_convert('UTC','UTC','now'))
+ );
+
+ if($r && count($r)) {
+ $total = 0;
+ $now = strtotime('now');
+ $cids = array();
+
+ $istoday = false;
+ foreach($r as $rr) {
+ if(strlen($rr['name']))
+ $total ++;
+ if((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now))
+ $istoday = true;
+ }
+ $classtoday = $istoday ? ' birthday-today ' : '';
+ if($total) {
+ foreach($r as &$rr) {
+ if(! strlen($rr['name']))
+ continue;
+
+ // avoid duplicates
+
+ if(in_array($rr['cid'],$cids))
+ continue;
+ $cids[] = $rr['cid'];
+
+ $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false);
+ $sparkle = '';
+ $url = $rr['url'];
+ if($rr['network'] === NETWORK_DFRN) {
+ $sparkle = " sparkle";
+ $url = $a->get_baseurl() . '/redir/' . $rr['cid'];
+ }
+
+ $rr['link'] = $url;
+ $rr['title'] = $rr['name'];
+ $rr['date'] = day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . t('[today]') : '');
+ $rr['startime'] = Null;
+ $rr['today'] = $today;
+
+ }
+ }
+ }
+ $tpl = get_markup_template("birthdays_reminder.tpl");
+ return replace_macros($tpl, array(
+ '$baseurl' => $a->get_baseurl(),
+ '$classtoday' => $classtoday,
+ '$count' => $total,
+ '$event_reminders' => t('Birthday Reminders'),
+ '$event_title' => t('Birthdays this week:'),
+ '$events' => $r,
+ '$lbr' => '{', // raw brackets mess up if/endif macro processing
+ '$rbr' => '}'
+
+ ));
+ }
+}
+
+
+if(! function_exists('get_events')) {
+ function get_events() {
+
+ require_once('include/bbcode.php');
+
+ $a = get_app();
+
+ if(! local_user() || $a->is_mobile || $a->is_tablet)
+ return $o;
+
+
+// $mobile_detect = new Mobile_Detect();
+// $is_mobile = $mobile_detect->isMobile() || $mobile_detect->isTablet();
+
+// if($is_mobile)
+// return $o;
+
+ $bd_format = t('g A l F d') ; // 8 AM Friday January 18
+ $bd_short = t('F d');
+
+ $r = q("SELECT `event`.* FROM `event`
+ WHERE `event`.`uid` = %d AND `type` != 'birthday' AND `start` < '%s' AND `start` >= '%s'
+ ORDER BY `start` ASC ",
+ intval(local_user()),
+ dbesc(datetime_convert('UTC','UTC','now + 7 days')),
+ dbesc(datetime_convert('UTC','UTC','now - 1 days'))
+ );
+
+ if($r && count($r)) {
+ $now = strtotime('now');
+ $istoday = false;
+ foreach($r as $rr) {
+ if(strlen($rr['name']))
+ $total ++;
+
+ $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start'],'Y-m-d');
+ if($strt === datetime_convert('UTC',$a->timezone,'now','Y-m-d'))
+ $istoday = true;
+ }
+ $classtoday = (($istoday) ? 'event-today' : '');
+
+ $skip = 0;
+
+ foreach($r as &$rr) {
+ $title = strip_tags(html_entity_decode(bbcode($rr['summary']),ENT_QUOTES,'UTF-8'));
+
+ if(strlen($title) > 35)
+ $title = substr($title,0,32) . '... ';
+
+ $description = substr(strip_tags(bbcode($rr['desc'])),0,32) . '... ';
+ if(! $description)
+ $description = t('[No description]');
+
+ $strt = datetime_convert('UTC',$rr['convert'] ? $a->timezone : 'UTC',$rr['start']);
+
+ if(substr($strt,0,10) < datetime_convert('UTC',$a->timezone,'now','Y-m-d')) {
+ $skip++;
+ continue;
+ }
+
+ $today = ((substr($strt,0,10) === datetime_convert('UTC',$a->timezone,'now','Y-m-d')) ? true : false);
+
+ $rr['title'] = $title;
+ $rr['description'] = $desciption;
+ $rr['date'] = day_translate(datetime_convert('UTC', $rr['adjust'] ? $a->timezone : 'UTC', $rr['start'], $bd_format)) . (($today) ? ' ' . t('[today]') : '');
+ $rr['startime'] = $strt;
+ $rr['today'] = $today;
+ }
+ }
+
+ $tpl = get_markup_template("events_reminder.tpl");
+ return replace_macros($tpl, array(
+ '$baseurl' => $a->get_baseurl(),
+ '$classtoday' => $classtoday,
+ '$count' => count($r) - $skip,
+ '$event_reminders' => t('Event Reminders'),
+ '$event_title' => t('Events this week:'),
+ '$events' => $r,
+ ));
+ }
+}
+
+function advanced_profile(&$a) {
+
+ $o = '';
+
+ $o .= replace_macros(get_markup_template("section_title.tpl"),array(
+ '$title' => t('Profile')
+ ));
+
+ if($a->profile['name']) {
+
+ $tpl = get_markup_template('profile_advanced.tpl');
+
+ $profile = array();
+
+ $profile['fullname'] = array( t('Full Name:'), $a->profile['name'] ) ;
+
+ if($a->profile['gender']) $profile['gender'] = array( t('Gender:'), $a->profile['gender'] );
+
+
+ if(($a->profile['dob']) && ($a->profile['dob'] != '0000-00-00')) {
+
+ $year_bd_format = t('j F, Y');
+ $short_bd_format = t('j F');
+
+
+ $val = ((intval($a->profile['dob']))
+ ? day_translate(datetime_convert('UTC','UTC',$a->profile['dob'] . ' 00:00 +00:00',$year_bd_format))
+ : day_translate(datetime_convert('UTC','UTC','2001-' . substr($a->profile['dob'],5) . ' 00:00 +00:00',$short_bd_format)));
+
+ $profile['birthday'] = array( t('Birthday:'), $val);
+
+ }
+
+ if($age = age($a->profile['dob'],$a->profile['timezone'],'')) $profile['age'] = array( t('Age:'), $age );
+
+
+ if($a->profile['marital']) $profile['marital'] = array( t('Status:'), $a->profile['marital']);
+
+
+ if($a->profile['with']) $profile['marital']['with'] = $a->profile['with'];
+
+ if(strlen($a->profile['howlong']) && $a->profile['howlong'] !== '0000-00-00 00:00:00') {
+ $profile['howlong'] = relative_date($a->profile['howlong'], t('for %1$d %2$s'));
+ }
+
+ if($a->profile['sexual']) $profile['sexual'] = array( t('Sexual Preference:'), $a->profile['sexual'] );
+
+ if($a->profile['homepage']) $profile['homepage'] = array( t('Homepage:'), linkify($a->profile['homepage']) );
+
+ if($a->profile['hometown']) $profile['hometown'] = array( t('Hometown:'), linkify($a->profile['hometown']) );
+
+ if($a->profile['pub_keywords']) $profile['pub_keywords'] = array( t('Tags:'), $a->profile['pub_keywords']);
+
+ if($a->profile['politic']) $profile['politic'] = array( t('Political Views:'), $a->profile['politic']);
+
+ if($a->profile['religion']) $profile['religion'] = array( t('Religion:'), $a->profile['religion']);
+
+ if($txt = prepare_text($a->profile['about'])) $profile['about'] = array( t('About:'), $txt );
+
+ if($txt = prepare_text($a->profile['interest'])) $profile['interest'] = array( t('Hobbies/Interests:'), $txt);
+
+ if($txt = prepare_text($a->profile['likes'])) $profile['likes'] = array( t('Likes:'), $txt);
+
+ if($txt = prepare_text($a->profile['dislikes'])) $profile['dislikes'] = array( t('Dislikes:'), $txt);
+
+
+ if($txt = prepare_text($a->profile['contact'])) $profile['contact'] = array( t('Contact information and Social Networks:'), $txt);
+
+ if($txt = prepare_text($a->profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt);
+
+ if($txt = prepare_text($a->profile['book'])) $profile['book'] = array( t('Books, literature:'), $txt);
+
+ if($txt = prepare_text($a->profile['tv'])) $profile['tv'] = array( t('Television:'), $txt);
+
+ if($txt = prepare_text($a->profile['film'])) $profile['film'] = array( t('Film/dance/culture/entertainment:'), $txt);
+
+ if($txt = prepare_text($a->profile['romance'])) $profile['romance'] = array( t('Love/Romance:'), $txt);
+
+ if($txt = prepare_text($a->profile['work'])) $profile['work'] = array( t('Work/employment:'), $txt);
+
+ if($txt = prepare_text($a->profile['education'])) $profile['education'] = array( t('School/education:'), $txt );
+
+ if ($a->profile['uid'] == local_user())
+ $profile['edit'] = array($a->get_baseurl(). '/profiles/'.$a->profile['id'], t('Edit profile'),"", t('Edit profile'));
+
+ return replace_macros($tpl, array(
+ '$title' => t('Profile'),
+ '$profile' => $profile
+ ));
+ }
+
+ return '';
+}
+
+if(! function_exists('profile_tabs')){
+ function profile_tabs($a, $is_owner=False, $nickname=Null){
+ //echo "<pre>"; var_dump($a->user); killme();
+
+ if (is_null($nickname))
+ $nickname = $a->user['nickname'];
+
+ if(x($_GET,'tab'))
+ $tab = notags(trim($_GET['tab']));
+
+ $url = $a->get_baseurl() . '/profile/' . $nickname;
+
+ $tabs = array(
+ array(
+ 'label'=>t('Status'),
+ 'url' => $url,
+ 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
+ 'title' => t('Status Messages and Posts'),
+ 'id' => 'status-tab',
+ ),
+ array(
+ 'label' => t('Profile'),
+ 'url' => $url.'/?tab=profile',
+ 'sel' => ((isset($tab) && $tab=='profile')?'active':''),
+ 'title' => t('Profile Details'),
+ 'id' => 'profile-tab',
+ ),
+ array(
+ 'label' => t('Photos'),
+ 'url' => $a->get_baseurl() . '/photos/' . $nickname,
+ 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
+ 'title' => t('Photo Albums'),
+ 'id' => 'photo-tab',
+ ),
+ array(
+ 'label' => t('Videos'),
+ 'url' => $a->get_baseurl() . '/videos/' . $nickname,
+ 'sel' => ((!isset($tab)&&$a->argv[0]=='videos')?'active':''),
+ 'title' => t('Videos'),
+ 'id' => 'video-tab',
+ ),
+ );
+
+ if ($is_owner){
+ $tabs[] = array(
+ 'label' => t('Events'),
+ 'url' => $a->get_baseurl() . '/events',
+ 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
+ 'title' => t('Events and Calendar'),
+ 'id' => 'events-tab',
+ );
+ $tabs[] = array(
+ 'label' => t('Personal Notes'),
+ 'url' => $a->get_baseurl() . '/notes',
+ 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
+ 'title' => t('Only You Can See This'),
+ 'id' => 'notes-tab',
+ );
+ }
+
+
+ $arr = array('is_owner' => $is_owner, 'nickname' => $nickname, 'tab' => (($tab) ? $tab : false), 'tabs' => $tabs);
+ call_hooks('profile_tabs', $arr);
+
+ $tpl = get_markup_template('common_tabs.tpl');
+
+ return replace_macros($tpl,array('$tabs' => $arr['tabs']));
+ }
+}
+
+function get_my_url() {
+ if(x($_SESSION,'my_url'))
+ return $_SESSION['my_url'];
+ return false;
+}
+
+function zrl_init(&$a) {
+ $tmp_str = get_my_url();
+ if(validate_url($tmp_str)) {
+
+ // Is it a DDoS attempt?
+ // The check fetches the cached value from gprobe to reduce the load for this system
+ $urlparts = parse_url($tmp_str);
+
+ $result = Cache::get("gprobe:".$urlparts["host"]);
+ if (!is_null($result)) {
+ $result = unserialize($result);
+ if ($result["network"] == NETWORK_FEED) {
+ logger("DDoS attempt detected for ".$urlparts["host"]." by ".$_SERVER["REMOTE_ADDR"].". server data: ".print_r($_SERVER, true), LOGGER_DEBUG);
+ return;
+ }
+ }
+
+ proc_run('php','include/gprobe.php',bin2hex($tmp_str));
+ $arr = array('zrl' => $tmp_str, 'url' => $a->cmd);
+ call_hooks('zrl_init',$arr);
+ }
+}
+
+function zrl($s,$force = false) {
+ if(! strlen($s))
+ return $s;
+ if((! strpos($s,'/profile/')) && (! $force))
+ return $s;
+ if($force && substr($s,-1,1) !== '/')
+ $s = $s . '/';
+ $achar = strpos($s,'?') ? '&' : '?';
+ $mine = get_my_url();
+ if($mine and ! link_compare($mine,$s))
+ return $s . $achar . 'zrl=' . urlencode($mine);
+ return $s;
+}
require_once('include/ostatus.php');
require_once('mod/share.php');
+require_once('library/defuse/php-encryption-1.2.1/Crypto.php');
+
+
function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0, $forpubsub = false) {
if($contact['duplex'] && $contact['issued-id'])
$idtosend = '1:' . $orig_id;
- $rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);
-
- $rino_enable = get_config('system','rino_encrypt');
+
+ $rino = get_config('system','rino_encrypt');
+ $rino = intval($rino);
- if(! $rino_enable)
- $rino = 0;
+
+
$ssl_val = intval(get_config('system','ssl_policy'));
$ssl_policy = '';
break;
}
- $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
+ $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino='.$rino : '');
logger('dfrn_deliver: ' . $url);
$challenge = hex2bin((string) $res->challenge);
$perm = (($res->perm) ? $res->perm : null);
$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
- $rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
+ $rino_remote_version = intval($res->rino);
$page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
if($owner['page-flags'] == PAGE_PRVGROUP)
if($page)
$postvars['page'] = $page;
- if($rino && $rino_allowed && (! $dissolve)) {
- $key = substr(random_string(),0,16);
- $data = bin2hex(aes_encrypt($postvars['data'],$key));
- $postvars['data'] = $data;
- logger('rino: sent key = ' . $key, LOGGER_DEBUG);
+
+ if($rino>0 && $rino_remote_version>0 && (! $dissolve)) {
+ logger('rino version: '. $rino_remote_version);
+
+ switch($rino_remote_version) {
+ case 1:
+ // Deprecated rino version!
+ $key = substr(random_string(),0,16);
+ $data = aes_encrypt($postvars['data'],$key);
+ break;
+ case 2:
+ // RINO 2 based on php-encryption
+ try {
+ $key = Crypto::createNewRandomKey();
+ } catch (CryptoTestFailed $ex) {
+ logger('Cannot safely create a key');
+ return -1;
+ } catch (CannotPerformOperation $ex) {
+ logger('Cannot safely create a key');
+ return -1;
+ }
+ try {
+ $data = Crypto::encrypt($postvars['data'], $key);
+ } catch (CryptoTestFailed $ex) {
+ logger('Cannot safely perform encryption');
+ return -1;
+ } catch (CannotPerformOperation $ex) {
+ logger('Cannot safely perform encryption');
+ return -1;
+ }
+ break;
+ default:
+ logger("rino: invalid requested verision '$rino_remote_version'");
+ return -1;
+ }
+
+ $postvars['rino'] = $rino_remote_version;
+ $postvars['data'] = bin2hex($data);
+
+ #logger('rino: sent key = ' . $key, LOGGER_DEBUG);
if($dfrn_version >= 2.1) {
$postvars['key'] = bin2hex($postvars['key']);
}
+
logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true), LOGGER_DATA);
logger("Item was stored with id ".$item_id, LOGGER_DEBUG);
$item["id"] = $item_id;
- if (!isset($item["parent"]) OR ($item["parent"] == 0))
- $item["parent"] = $item_id;
-
if ($mention) {
$u = q("SELECT `notify-flags`, `language`, `username`, `email` FROM user WHERE uid = %d LIMIT 1", intval($item['uid']));
+ $r = q("SELECT `parent` FROM `item` WHERE `id` = %d", intval($item_id));
notification(array(
'type' => NOTIFY_TAGSELF,
'to_email' => $u[0]["email"],
'uid' => $item["uid"],
'item' => $item,
- 'link' => $a->get_baseurl().'/display/'.urlencode(get_item_guid($item["id"])),
+ 'link' => $a->get_baseurl().'/display/'.urlencode(get_item_guid($item_id)),
'source_name' => $item["author-name"],
'source_link' => $item["author-link"],
'source_photo' => $item["author-avatar"],
'verb' => ACTIVITY_TAG,
'otype' => 'item',
- 'parent' => $item["parent"]
+ 'parent' => $r[0]["parent"]
));
}
}
function ostatus_completion($conversation_url, $uid, $item = array()) {
+ $a = get_app();
+
$item_stored = -1;
$conversation_url = ostatus_convert_href($conversation_url);
$items = array_reverse($items);
+ $r = q("SELECT `nurl` FROM `contact` WHERE `uid` = %d AND `self`", intval($uid));
+ $importer = $r[0];
+
foreach ($items as $single_conv) {
// Test - remove before flight
//$tempfile = tempnam(get_temppath(), "conversation");
//file_put_contents($tempfile, json_encode($single_conv));
+ $mention = false;
if (isset($single_conv->object->id))
$single_conv->id = $single_conv->object->id;
continue;
}
+ if (is_array($single_conv->to))
+ foreach($single_conv->to AS $to)
+ if ($importer["nurl"] == normalise_link($to->id))
+ $mention = true;
+
$actor = $single_conv->actor->id;
if (isset($single_conv->actor->url))
$actor = $single_conv->actor->url;
// Add the conversation entry (but don't fetch the whole conversation)
ostatus_store_conversation($newitem, $conversation_url);
+ if ($mention) {
+ $u = q("SELECT `notify-flags`, `language`, `username`, `email` FROM user WHERE uid = %d LIMIT 1", intval($uid));
+ $r = q("SELECT `parent` FROM `item` WHERE `id` = %d", intval($newitem));
+
+ notification(array(
+ 'type' => NOTIFY_TAGSELF,
+ 'notify_flags' => $u[0]["notify-flags"],
+ 'language' => $u[0]["language"],
+ 'to_name' => $u[0]["username"],
+ 'to_email' => $u[0]["email"],
+ 'uid' => $uid,
+ 'item' => $arr,
+ 'link' => $a->get_baseurl().'/display/'.urlencode(get_item_guid($newitem)),
+ 'source_name' => $arr["author-name"],
+ 'source_link' => $arr["author-link"],
+ 'source_photo' => $arr["author-avatar"],
+ 'verb' => ACTIVITY_TAG,
+ 'otype' => 'item',
+ 'parent' => $r[0]["parent"]
+ ));
+ }
+
// If the newly created item is the top item then change the parent settings of the thread
// This shouldn't happen anymore. This is supposed to be absolote.
if ($arr["uri"] == $first_id) {
+++ /dev/null
-<?php
-
-function advanced_profile(&$a) {
-
- $o = '';
-
- $o .= replace_macros(get_markup_template("section_title.tpl"),array(
- '$title' => t('Profile')
- ));
-
- if($a->profile['name']) {
-
- $tpl = get_markup_template('profile_advanced.tpl');
-
- $profile = array();
-
- $profile['fullname'] = array( t('Full Name:'), $a->profile['name'] ) ;
-
- if($a->profile['gender']) $profile['gender'] = array( t('Gender:'), $a->profile['gender'] );
-
-
- if(($a->profile['dob']) && ($a->profile['dob'] != '0000-00-00')) {
-
- $year_bd_format = t('j F, Y');
- $short_bd_format = t('j F');
-
-
- $val = ((intval($a->profile['dob']))
- ? day_translate(datetime_convert('UTC','UTC',$a->profile['dob'] . ' 00:00 +00:00',$year_bd_format))
- : day_translate(datetime_convert('UTC','UTC','2001-' . substr($a->profile['dob'],5) . ' 00:00 +00:00',$short_bd_format)));
-
- $profile['birthday'] = array( t('Birthday:'), $val);
-
- }
-
- if($age = age($a->profile['dob'],$a->profile['timezone'],'')) $profile['age'] = array( t('Age:'), $age );
-
-
- if($a->profile['marital']) $profile['marital'] = array( t('Status:'), $a->profile['marital']);
-
-
- if($a->profile['with']) $profile['marital']['with'] = $a->profile['with'];
-
- if(strlen($a->profile['howlong']) && $a->profile['howlong'] !== '0000-00-00 00:00:00') {
- $profile['howlong'] = relative_date($a->profile['howlong'], t('for %1$d %2$s'));
- }
-
- if($a->profile['sexual']) $profile['sexual'] = array( t('Sexual Preference:'), $a->profile['sexual'] );
-
- if($a->profile['homepage']) $profile['homepage'] = array( t('Homepage:'), linkify($a->profile['homepage']) );
-
- if($a->profile['hometown']) $profile['hometown'] = array( t('Hometown:'), linkify($a->profile['hometown']) );
-
- if($a->profile['pub_keywords']) $profile['pub_keywords'] = array( t('Tags:'), $a->profile['pub_keywords']);
-
- if($a->profile['politic']) $profile['politic'] = array( t('Political Views:'), $a->profile['politic']);
-
- if($a->profile['religion']) $profile['religion'] = array( t('Religion:'), $a->profile['religion']);
-
- if($txt = prepare_text($a->profile['about'])) $profile['about'] = array( t('About:'), $txt );
-
- if($txt = prepare_text($a->profile['interest'])) $profile['interest'] = array( t('Hobbies/Interests:'), $txt);
-
- if($txt = prepare_text($a->profile['likes'])) $profile['likes'] = array( t('Likes:'), $txt);
-
- if($txt = prepare_text($a->profile['dislikes'])) $profile['dislikes'] = array( t('Dislikes:'), $txt);
-
-
- if($txt = prepare_text($a->profile['contact'])) $profile['contact'] = array( t('Contact information and Social Networks:'), $txt);
-
- if($txt = prepare_text($a->profile['music'])) $profile['music'] = array( t('Musical interests:'), $txt);
-
- if($txt = prepare_text($a->profile['book'])) $profile['book'] = array( t('Books, literature:'), $txt);
-
- if($txt = prepare_text($a->profile['tv'])) $profile['tv'] = array( t('Television:'), $txt);
-
- if($txt = prepare_text($a->profile['film'])) $profile['film'] = array( t('Film/dance/culture/entertainment:'), $txt);
-
- if($txt = prepare_text($a->profile['romance'])) $profile['romance'] = array( t('Love/Romance:'), $txt);
-
- if($txt = prepare_text($a->profile['work'])) $profile['work'] = array( t('Work/employment:'), $txt);
-
- if($txt = prepare_text($a->profile['education'])) $profile['education'] = array( t('School/education:'), $txt );
-
- if ($a->profile['uid'] == local_user())
- $profile['edit'] = array($a->get_baseurl(). '/profiles/'.$a->profile['id'], t('Edit profile'),"", t('Edit profile'));
-
- return replace_macros($tpl, array(
- '$title' => t('Profile'),
- '$profile' => $profile
- ));
- }
-
- return '';
-}
return implode("\n", $lines);
}
+
+function formatBytes($bytes, $precision = 2) {
+ $units = array('B', 'KB', 'MB', 'GB', 'TB');
+
+ $bytes = max($bytes, 0);
+ $pow = floor(($bytes ? log($bytes) : 0) / log(1024));
+ $pow = min($pow, count($units) - 1);
+
+ $bytes /= pow(1024, $pow);
+
+ return round($bytes, $precision) . ' ' . $units[$pow];
+}
--- /dev/null
+language: php
+php:
+ - "5.6"
+ - "5.5"
+ - "5.4"
+ - "5.3"
+ - "5.2"
+# Versions below here are not installed on travis-ci
+# - "5.1"
+# - "5.0"
+# - "4.4"
+# - "4.3"
+# - "4.2"
+# - "4.1"
+# - "4.0"
+
+matrix:
+ allow_failures:
+ - php: "5.3"
+ - php: "5.2"
+
+script: ./test.sh
--- /dev/null
+<?php
+
+/*
+ * PHP Encryption Library
+ * Copyright (c) 2014, Taylor Hornby
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Web: https://defuse.ca/secure-php-encryption.htm
+ * GitHub: https://github.com/defuse/php-encryption
+ *
+ * WARNING: This encryption library is not a silver bullet. It only provides
+ * symmetric encryption given a uniformly random key. This means you MUST NOT
+ * use an ASCII string like a password as the key parameter, it MUST be
+ * a uniformly random key generated by CreateNewRandomKey(). If you want to
+ * encrypt something with a password, apply a password key derivation function
+ * like PBKDF2 or scrypt with a random salt to generate a key.
+ *
+ * WARNING: Error handling is very important, especially for crypto code!
+ *
+ * How to use this code:
+ *
+ * Generating a Key
+ * ----------------
+ * try {
+ * $key = self::CreateNewRandomKey();
+ * // WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
+ * // they may leak the key to the attacker through side channels.
+ * } catch (CryptoTestFailedException $ex) {
+ * die('Cannot safely create a key');
+ * } catch (CannotPerformOperationException $ex) {
+ * die('Cannot safely create a key');
+ * }
+ *
+ * Encrypting a Message
+ * --------------------
+ * $message = "ATTACK AT DAWN";
+ * try {
+ * $ciphertext = self::Encrypt($message, $key);
+ * } catch (CryptoTestFailedException $ex) {
+ * die('Cannot safely perform encryption');
+ * } catch (CannotPerformOperationException $ex) {
+ * die('Cannot safely perform decryption');
+ * }
+ *
+ * Decrypting a Message
+ * --------------------
+ * try {
+ * $decrypted = self::Decrypt($ciphertext, $key);
+ * } catch (InvalidCiphertextException $ex) { // VERY IMPORTANT
+ * // Either:
+ * // 1. The ciphertext was modified by the attacker,
+ * // 2. The key is wrong, or
+ * // 3. $ciphertext is not a valid ciphertext or was corrupted.
+ * // Assume the worst.
+ * die('DANGER! DANGER! The ciphertext has been tampered with!');
+ * } catch (CryptoTestFailedException $ex) {
+ * die('Cannot safely perform encryption');
+ * } catch (CannotPerformOperationException $ex) {
+ * die('Cannot safely perform decryption');
+ * }
+ */
+
+/*
+ * Raised by Decrypt() when one of the following conditions are met:
+ * - The key is wrong.
+ * - The ciphertext is invalid or not in the correct format.
+ * - The attacker modified the ciphertext.
+ */
+class InvalidCiphertextException extends Exception {}
+/* If you see these, it means it is NOT SAFE to do encryption on your system. */
+class CannotPerformOperationException extends Exception {}
+class CryptoTestFailedException extends Exception {}
+
+final class Crypto
+{
+ // Ciphertext format: [____HMAC____][____IV____][____CIPHERTEXT____].
+
+ /* DO NOT CHANGE THESE CONSTANTS!
+ *
+ * We spent *weeks* testing this code, making sure it is as perfect and
+ * correct as possible. Are you going to do the same after making your
+ * changes? Probably not. Besides, any change to these constants will break
+ * the runtime tests, which are extremely important for your security.
+ * You're literally millions of times more likely to screw up your own
+ * security by changing something here than you are to fall victim to an
+ * 128-bit key brute-force attack. You're also breaking your own
+ * compatibility with future updates to this library, so you'll be left
+ * vulnerable if we ever find a security bug and release a fix.
+ *
+ * So, PLEASE, do not change these constants.
+ */
+ const CIPHER = 'aes-128';
+ const KEY_BYTE_SIZE = 16;
+ const CIPHER_MODE = 'cbc';
+ const HASH_FUNCTION = 'sha256';
+ const MAC_BYTE_SIZE = 32;
+ const ENCRYPTION_INFO = 'DefusePHP|KeyForEncryption';
+ const AUTHENTICATION_INFO = 'DefusePHP|KeyForAuthentication';
+
+ /*
+ * Use this to generate a random encryption key.
+ */
+ public static function CreateNewRandomKey()
+ {
+ self::RuntimeTest();
+ return self::SecureRandom(self::KEY_BYTE_SIZE);
+ }
+
+ /*
+ * Encrypts a message.
+ * $plaintext is the message to encrypt.
+ * $key is the encryption key, a value generated by CreateNewRandomKey().
+ * You MUST catch exceptions thrown by this function. See docs above.
+ */
+ public static function Encrypt($plaintext, $key)
+ {
+ self::RuntimeTest();
+
+ if (self::our_strlen($key) !== self::KEY_BYTE_SIZE)
+ {
+ throw new CannotPerformOperationException("Bad key.");
+ }
+
+ $method = self::CIPHER.'-'.self::CIPHER_MODE;
+
+ self::EnsureFunctionExists('openssl_get_cipher_methods');
+ if (in_array($method, openssl_get_cipher_methods()) === FALSE) {
+ throw new CannotPerformOperationException("Cipher method not supported.");
+ }
+
+ // Generate a sub-key for encryption.
+ $keysize = self::KEY_BYTE_SIZE;
+ $ekey = self::HKDF(self::HASH_FUNCTION, $key, $keysize, self::ENCRYPTION_INFO);
+
+ // Generate a random initialization vector.
+ self::EnsureFunctionExists("openssl_cipher_iv_length");
+ $ivsize = openssl_cipher_iv_length($method);
+ if ($ivsize === FALSE || $ivsize <= 0) {
+ throw new CannotPerformOperationException();
+ }
+ $iv = self::SecureRandom($ivsize);
+
+ $ciphertext = $iv . self::PlainEncrypt($plaintext, $ekey, $iv);
+
+ // Generate a sub-key for authentication and apply the HMAC.
+ $akey = self::HKDF(self::HASH_FUNCTION, $key, self::KEY_BYTE_SIZE, self::AUTHENTICATION_INFO);
+ $auth = hash_hmac(self::HASH_FUNCTION, $ciphertext, $akey, true);
+ $ciphertext = $auth . $ciphertext;
+
+ return $ciphertext;
+ }
+
+ /*
+ * Decrypts a ciphertext.
+ * $ciphertext is the ciphertext to decrypt.
+ * $key is the key that the ciphertext was encrypted with.
+ * You MUST catch exceptions thrown by this function. See docs above.
+ */
+ public static function Decrypt($ciphertext, $key)
+ {
+ self::RuntimeTest();
+
+ $method = self::CIPHER.'-'.self::CIPHER_MODE;
+
+ self::EnsureFunctionExists('openssl_get_cipher_methods');
+ if (in_array($method, openssl_get_cipher_methods()) === FALSE) {
+ throw new CannotPerformOperationException("Cipher method not supported.");
+ }
+
+ // Extract the HMAC from the front of the ciphertext.
+ if (self::our_strlen($ciphertext) <= self::MAC_BYTE_SIZE) {
+ throw new InvalidCiphertextException();
+ }
+ $hmac = self::our_substr($ciphertext, 0, self::MAC_BYTE_SIZE);
+ if ($hmac === FALSE) {
+ throw new CannotPerformOperationException();
+ }
+ $ciphertext = self::our_substr($ciphertext, self::MAC_BYTE_SIZE);
+ if ($ciphertext === FALSE) {
+ throw new CannotPerformOperationException();
+ }
+
+ // Regenerate the same authentication sub-key.
+ $akey = self::HKDF(self::HASH_FUNCTION, $key, self::KEY_BYTE_SIZE, self::AUTHENTICATION_INFO);
+
+ if (self::VerifyHMAC($hmac, $ciphertext, $akey))
+ {
+ // Regenerate the same encryption sub-key.
+ $keysize = self::KEY_BYTE_SIZE;
+ $ekey = self::HKDF(self::HASH_FUNCTION, $key, $keysize, self::ENCRYPTION_INFO);
+
+ // Extract the initialization vector from the ciphertext.
+ self::EnsureFunctionExists("openssl_cipher_iv_length");
+ $ivsize = openssl_cipher_iv_length($method);
+ if ($ivsize === FALSE || $ivsize <= 0) {
+ throw new CannotPerformOperationException();
+ }
+ if (self::our_strlen($ciphertext) <= $ivsize) {
+ throw new InvalidCiphertextException();
+ }
+ $iv = self::our_substr($ciphertext, 0, $ivsize);
+ if ($iv === FALSE) {
+ throw new CannotPerformOperationException();
+ }
+ $ciphertext = self::our_substr($ciphertext, $ivsize);
+ if ($ciphertext === FALSE) {
+ throw new CannotPerformOperationException();
+ }
+
+ $plaintext = self::PlainDecrypt($ciphertext, $ekey, $iv);
+
+ return $plaintext;
+ }
+ else
+ {
+ /*
+ * We throw an exception instead of returning FALSE because we want
+ * a script that doesn't handle this condition to CRASH, instead
+ * of thinking the ciphertext decrypted to the value FALSE.
+ */
+ throw new InvalidCiphertextException();
+ }
+ }
+
+ /*
+ * Runs tests.
+ * Raises CannotPerformOperationException or CryptoTestFailedException if
+ * one of the tests fail. If any tests fails, your system is not capable of
+ * performing encryption, so make sure you fail safe in that case.
+ */
+ public static function RuntimeTest()
+ {
+ // 0: Tests haven't been run yet.
+ // 1: Tests have passed.
+ // 2: Tests are running right now.
+ // 3: Tests have failed.
+ static $test_state = 0;
+
+ if ($test_state === 1 || $test_state === 2) {
+ return;
+ }
+
+ try {
+ $test_state = 2;
+ self::AESTestVector();
+ self::HMACTestVector();
+ self::HKDFTestVector();
+
+ self::TestEncryptDecrypt();
+ if (self::our_strlen(self::CreateNewRandomKey()) != self::KEY_BYTE_SIZE) {
+ throw new CryptoTestFailedException();
+ }
+
+ if (self::ENCRYPTION_INFO == self::AUTHENTICATION_INFO) {
+ throw new CryptoTestFailedException();
+ }
+ } catch (CryptoTestFailedException $ex) {
+ // Do this, otherwise it will stay in the "tests are running" state.
+ $test_state = 3;
+ throw $ex;
+ }
+
+ // Change this to '0' make the tests always re-run (for benchmarking).
+ $test_state = 1;
+ }
+
+ /*
+ * Never call this method directly!
+ */
+ private static function PlainEncrypt($plaintext, $key, $iv)
+ {
+
+ $method = self::CIPHER.'-'.self::CIPHER_MODE;
+
+ self::EnsureConstantExists("OPENSSL_RAW_DATA");
+ self::EnsureFunctionExists("openssl_encrypt");
+ $ciphertext = openssl_encrypt(
+ $plaintext,
+ $method,
+ $key,
+ OPENSSL_RAW_DATA,
+ $iv
+ );
+
+ if ($ciphertext === false) {
+ throw new CannotPerformOperationException();
+ }
+
+ return $ciphertext;
+ }
+
+ /*
+ * Never call this method directly!
+ */
+ private static function PlainDecrypt($ciphertext, $key, $iv)
+ {
+
+ $method = self::CIPHER.'-'.self::CIPHER_MODE;
+
+ self::EnsureConstantExists("OPENSSL_RAW_DATA");
+ self::EnsureFunctionExists("openssl_encrypt");
+ $plaintext = openssl_decrypt(
+ $ciphertext,
+ $method,
+ $key,
+ OPENSSL_RAW_DATA,
+ $iv
+ );
+ if ($plaintext === FALSE) {
+ throw new CannotPerformOperationException();
+ }
+
+ return $plaintext;
+ }
+
+ /*
+ * Returns a random binary string of length $octets bytes.
+ */
+ private static function SecureRandom($octets)
+ {
+ self::EnsureFunctionExists("mcrypt_create_iv");
+ $random = mcrypt_create_iv($octets, MCRYPT_DEV_URANDOM);
+ if ($random === FALSE) {
+ throw new CannotPerformOperationException();
+ } else {
+ return $random;
+ }
+ }
+
+ /*
+ * Use HKDF to derive multiple keys from one.
+ * http://tools.ietf.org/html/rfc5869
+ */
+ private static function HKDF($hash, $ikm, $length, $info = '', $salt = NULL)
+ {
+ // Find the correct digest length as quickly as we can.
+ $digest_length = self::MAC_BYTE_SIZE;
+ if ($hash != self::HASH_FUNCTION) {
+ $digest_length = self::our_strlen(hash_hmac($hash, '', '', true));
+ }
+
+ // Sanity-check the desired output length.
+ if (empty($length) || !is_int($length) ||
+ $length < 0 || $length > 255 * $digest_length) {
+ throw new CannotPerformOperationException();
+ }
+
+ // "if [salt] not provided, is set to a string of HashLen zeroes."
+ if (is_null($salt)) {
+ $salt = str_repeat("\x00", $digest_length);
+ }
+
+ // HKDF-Extract:
+ // PRK = HMAC-Hash(salt, IKM)
+ // The salt is the HMAC key.
+ $prk = hash_hmac($hash, $ikm, $salt, true);
+
+ // HKDF-Expand:
+
+ // This check is useless, but it serves as a reminder to the spec.
+ if (self::our_strlen($prk) < $digest_length) {
+ throw new CannotPerformOperationException();
+ }
+
+ // T(0) = ''
+ $t = '';
+ $last_block = '';
+ for ($block_index = 1; self::our_strlen($t) < $length; $block_index++) {
+ // T(i) = HMAC-Hash(PRK, T(i-1) | info | 0x??)
+ $last_block = hash_hmac(
+ $hash,
+ $last_block . $info . chr($block_index),
+ $prk,
+ true
+ );
+ // T = T(1) | T(2) | T(3) | ... | T(N)
+ $t .= $last_block;
+ }
+
+ // ORM = first L octets of T
+ $orm = self::our_substr($t, 0, $length);
+ if ($orm === FALSE) {
+ throw new CannotPerformOperationException();
+ }
+ return $orm;
+ }
+
+ private static function VerifyHMAC($correct_hmac, $message, $key)
+ {
+ $message_hmac = hash_hmac(self::HASH_FUNCTION, $message, $key, true);
+
+ // We can't just compare the strings with '==', since it would make
+ // timing attacks possible. We could use the XOR-OR constant-time
+ // comparison algorithm, but I'm not sure if that's good enough way up
+ // here in an interpreted language. So we use the method of HMACing the
+ // strings we want to compare with a random key, then comparing those.
+
+ // NOTE: This leaks information when the strings are not the same
+ // length, but they should always be the same length here. Enforce it:
+ if (self::our_strlen($correct_hmac) !== self::our_strlen($message_hmac)) {
+ throw new CannotPerformOperationException();
+ }
+
+ $blind = self::CreateNewRandomKey();
+ $message_compare = hash_hmac(self::HASH_FUNCTION, $message_hmac, $blind);
+ $correct_compare = hash_hmac(self::HASH_FUNCTION, $correct_hmac, $blind);
+ return $correct_compare === $message_compare;
+ }
+
+ private static function TestEncryptDecrypt()
+ {
+ $key = self::CreateNewRandomKey();
+ $data = "EnCrYpT EvErYThInG\x00\x00";
+
+ // Make sure encrypting then decrypting doesn't change the message.
+ $ciphertext = self::Encrypt($data, $key);
+ try {
+ $decrypted = self::Decrypt($ciphertext, $key);
+ } catch (InvalidCiphertextException $ex) {
+ // It's important to catch this and change it into a
+ // CryptoTestFailedException, otherwise a test failure could trick
+ // the user into thinking it's just an invalid ciphertext!
+ throw new CryptoTestFailedException();
+ }
+ if($decrypted !== $data)
+ {
+ throw new CryptoTestFailedException();
+ }
+
+ // Modifying the ciphertext: Appending a string.
+ try {
+ self::Decrypt($ciphertext . "a", $key);
+ throw new CryptoTestFailedException();
+ } catch (InvalidCiphertextException $e) { /* expected */ }
+
+ // Modifying the ciphertext: Changing an IV byte.
+ try {
+ $ciphertext[0] = chr((ord($ciphertext[0]) + 1) % 256);
+ self::Decrypt($ciphertext, $key);
+ throw new CryptoTestFailedException();
+ } catch (InvalidCiphertextException $e) { /* expected */ }
+
+ // Decrypting with the wrong key.
+ $key = self::CreateNewRandomKey();
+ $data = "abcdef";
+ $ciphertext = self::Encrypt($data, $key);
+ $wrong_key = self::CreateNewRandomKey();
+ try {
+ self::Decrypt($ciphertext, $wrong_key);
+ throw new CryptoTestFailedException();
+ } catch (InvalidCiphertextException $e) { /* expected */ }
+
+ // Ciphertext too small (shorter than HMAC).
+ $key = self::CreateNewRandomKey();
+ $ciphertext = str_repeat("A", self::MAC_BYTE_SIZE - 1);
+ try {
+ self::Decrypt($ciphertext, $key);
+ throw new CryptoTestFailedException();
+ } catch (InvalidCiphertextException $e) { /* expected */ }
+ }
+
+ private static function HKDFTestVector()
+ {
+ // HKDF test vectors from RFC 5869
+
+ // Test Case 1
+ $ikm = str_repeat("\x0b", 22);
+ $salt = self::hexToBytes("000102030405060708090a0b0c");
+ $info = self::hexToBytes("f0f1f2f3f4f5f6f7f8f9");
+ $length = 42;
+ $okm = self::hexToBytes(
+ "3cb25f25faacd57a90434f64d0362f2a" .
+ "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" .
+ "34007208d5b887185865"
+ );
+ $computed_okm = self::HKDF("sha256", $ikm, $length, $info, $salt);
+ if ($computed_okm !== $okm) {
+ throw new CryptoTestFailedException();
+ }
+
+ // Test Case 7
+ $ikm = str_repeat("\x0c", 22);
+ $length = 42;
+ $okm = self::hexToBytes(
+ "2c91117204d745f3500d636a62f64f0a" .
+ "b3bae548aa53d423b0d1f27ebba6f5e5" .
+ "673a081d70cce7acfc48"
+ );
+ $computed_okm = self::HKDF("sha1", $ikm, $length);
+ if ($computed_okm !== $okm) {
+ throw new CryptoTestFailedException();
+ }
+
+ }
+
+ private static function HMACTestVector()
+ {
+ // HMAC test vector From RFC 4231 (Test Case 1)
+ $key = str_repeat("\x0b", 20);
+ $data = "Hi There";
+ $correct = "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7";
+ if (hash_hmac(self::HASH_FUNCTION, $data, $key) != $correct) {
+ throw new CryptoTestFailedException();
+ }
+ }
+
+ private static function AESTestVector()
+ {
+ // AES CBC mode test vector from NIST SP 800-38A
+ $key = self::hexToBytes("2b7e151628aed2a6abf7158809cf4f3c");
+ $iv = self::hexToBytes("000102030405060708090a0b0c0d0e0f");
+ $plaintext = self::hexToBytes(
+ "6bc1bee22e409f96e93d7e117393172a" .
+ "ae2d8a571e03ac9c9eb76fac45af8e51" .
+ "30c81c46a35ce411e5fbc1191a0a52ef" .
+ "f69f2445df4f9b17ad2b417be66c3710"
+ );
+ $ciphertext = self::hexToBytes(
+ "7649abac8119b246cee98e9b12e9197d" .
+ "5086cb9b507219ee95db113a917678b2" .
+ "73bed6b8e3c1743b7116e69e22229516" .
+ "3ff1caa1681fac09120eca307586e1a7" .
+ /* Block due to padding. Not from NIST test vector.
+ Padding Block: 10101010101010101010101010101010
+ Ciphertext: 3ff1caa1681fac09120eca307586e1a7
+ (+) 2fe1dab1780fbc19021eda206596f1b7
+ AES 8cb82807230e1321d3fae00d18cc2012
+
+ */
+ "8cb82807230e1321d3fae00d18cc2012"
+ );
+
+ $computed_ciphertext = self::PlainEncrypt($plaintext, $key, $iv);
+ if ($computed_ciphertext !== $ciphertext) {
+ throw new CryptoTestFailedException();
+ }
+
+ $computed_plaintext = self::PlainDecrypt($ciphertext, $key, $iv);
+ if ($computed_plaintext !== $plaintext) {
+ throw new CryptoTestFailedException();
+ }
+ }
+
+ /* WARNING: Do not call this function on secrets. It creates side channels. */
+ private static function hexToBytes($hex_string)
+ {
+ return pack("H*", $hex_string);
+ }
+
+ private static function EnsureConstantExists($name)
+ {
+ if (!defined($name)) {
+ throw new CannotPerformOperationException();
+ }
+ }
+
+ private static function EnsureFunctionExists($name)
+ {
+ if (!function_exists($name)) {
+ throw new CannotPerformOperationException();
+ }
+ }
+
+ /*
+ * We need these strlen() and substr() functions because when
+ * 'mbstring.func_overload' is set in php.ini, the standard strlen() and
+ * substr() are replaced by mb_strlen() and mb_substr().
+ */
+
+ private static function our_strlen($str)
+ {
+ if (function_exists('mb_strlen')) {
+ $length = mb_strlen($str, '8bit');
+ if ($length === FALSE) {
+ throw new CannotPerformOperationException();
+ }
+ return $length;
+ } else {
+ return strlen($str);
+ }
+ }
+
+ private static function our_substr($str, $start, $length = NULL)
+ {
+ if (function_exists('mb_substr'))
+ {
+ // mb_substr($str, 0, NULL, '8bit') returns an empty string on PHP
+ // 5.3, so we have to find the length ourselves.
+ if (!isset($length)) {
+ if ($start >= 0) {
+ $length = self::our_strlen($str) - $start;
+ } else {
+ $length = -$start;
+ }
+ }
+
+ return mb_substr($str, $start, $length, '8bit');
+ }
+
+ // Unlike mb_substr(), substr() doesn't accept NULL for length
+ if (isset($length)) {
+ return substr($str, $start, $length);
+ } else {
+ return substr($str, $start);
+ }
+ }
+
+}
+
+/*
+ * We want to catch all uncaught exceptions that come from the Crypto class,
+ * since by default, PHP will leak the key in the stack trace from an uncaught
+ * exception. This is a really ugly hack, but I think it's justified.
+ *
+ * Everything up to handler() getting called should be reliable, so this should
+ * reliably suppress the stack traces. The rest is just a bonus so that we don't
+ * make it impossible to debug other exceptions.
+ *
+ * This bit of code was adapted from: http://stackoverflow.com/a/7939492
+ */
+
+class CryptoExceptionHandler
+{
+ private $rethrow = NULL;
+
+ public function __construct()
+ {
+ set_exception_handler(array($this, "handler"));
+ }
+
+ public function handler($ex)
+ {
+ if (
+ $ex instanceof InvalidCiphertextException ||
+ $ex instanceof CannotPerformOperationException ||
+ $ex instanceof CryptoTestFailedException
+ ) {
+ echo "FATAL ERROR: Uncaught crypto exception. Suppresssing output.\n";
+ } else {
+ /* Re-throw the exception in the destructor. */
+ $this->rethrow = $ex;
+ }
+ }
+
+ public function __destruct() {
+ if ($this->rethrow) {
+ throw $this->rethrow;
+ }
+ }
+}
+
+$crypto_exception_handler_object_dont_touch_me = new CryptoExceptionHandler();
+
--- /dev/null
+php-encryption
+===============
+
+This is a class for doing symmetric encryption in PHP. **Requires PHP 5.4 or newer.**
+
+[](https://travis-ci.org/defuse/php-encryption)
+
+Implementation
+--------------
+
+Messages are encrypted with AES-128 in CBC mode and are authenticated with
+HMAC-SHA256 (Encrypt-then-Mac). PKCS7 padding is used to pad the message to
+a multiple of the block size. HKDF is used to split the user-provided key into
+two keys: one for encryption, and the other for authentication. It is
+implemented using the `openssl_` and `hash_hmac` functions.
+
+Warning
+--------
+
+This is new code, and it hasn't received much review by experts. I have spent
+many hours making it as secure as possible (extensive runtime tests, secure
+coding practices), and auditing it for problems, but I may have missed some
+issues. So be careful. Don't trust it with your life. Check out the open GitHub
+issues for a list of known issues. If you find a problem with this library,
+please report it by opening a GitHub issue.
+
+That said, you're probably much better off using this library than any other
+encryption library written in PHP.
+
+Philosophy
+-----------
+
+This library was created after noticing how much insecure PHP encryption code
+there is. I once did a Google search for "php encryption" and found insecure
+code or advice on 9 of the top 10 results.
+
+Encryption is becoming an essential component of modern websites. This library
+aims to fulfil a subset of that need: Authenticated symmetric encryption of
+short strings, given a random key.
+
+This library is developed around several core values:
+
+- Rule #1: Security is prioritized over everything else.
+
+ > Whenever there is a conflict between security and some other property,
+ > security will be favored. For example, the library has runtime tests,
+ > which make it slower, but will hopefully stop it from encrypting stuff
+ > if the platform it's running on is broken.
+
+- Rule #2: It should be difficult to misuse the library.
+
+ > We assume the developers using this library have no experience with
+ > cryptography. We only assume that they know that the "key" is something
+ > you need to encrypt and decrypt the messages, and that it must be
+ > protected. Whenever possible, the library should refuse to encrypt or
+ > decrypt messages when it is not being used correctly.
+
+- Rule #3: The library aims only to be compatible with itself.
+
+ > Other PHP encryption libraries try to support every possible type of
+ > encryption, even the insecure ones (e.g. ECB mode). Because there are so
+ > many options, inexperienced developers must make decisions between
+ > things like "CBC" mode and "ECB" mode, knowing nothing about either one,
+ > which inevitably creates vulnerabilities.
+
+ > This library will only support one secure mode. A developer using this
+ > library will call "encrypt" and "decrypt" not caring about how they are
+ > implemented.
+
+- Rule #4: The library should consist of a single PHP file and nothing more.
+
+ > Some PHP encryption libraries, like libsodium-php [1], are not
+ > straightforward to install and cannot packaged with "just download and
+ > extract" applications. This library will always be just one PHP file
+ > that you can put in your source tree and require().
+
+References:
+
+ [1] https://github.com/jedisct1/libsodium-php
--- /dev/null
+<?php
+
+require_once('Crypto.php');
+
+// Note: By default, the runtime tests are "cached" and not re-executed for
+// every call. To disable this, look at the RuntimeTest() function.
+
+$start = microtime(true);
+for ($i = 0; $i < 1000; $i++) {
+ $key = Crypto::CreateNewRandomKey();
+}
+$end = microtime(true);
+showResults("CreateNewRandomKey()", $start, $end, 1000);
+
+$start = microtime(true);
+for ($i = 0; $i < 100; $i++) {
+ $ciphertext = Crypto::Encrypt(
+ str_repeat("A", 1024*1024),
+ str_repeat("B", 16)
+ );
+}
+$end = microtime(true);
+showResults("Encrypt(1MB)", $start, $end, 100);
+
+$start = microtime(true);
+for ($i = 0; $i < 1000; $i++) {
+ $ciphertext = Crypto::Encrypt(
+ str_repeat("A", 1024),
+ str_repeat("B", 16)
+ );
+}
+$end = microtime(true);
+showResults("Encrypt(1KB)", $start, $end, 1000);
+
+function showResults($type, $start, $end, $count)
+{
+ $time = $end - $start;
+ $rate = $count / $time;
+ echo "$type: $rate calls/s\n";
+}
+
+?>
--- /dev/null
+{
+ "name": "defuse/php-encryption",
+ "description": "Secure PHP Encryption Library",
+ "license": "MIT",
+ "keywords": ["security", "encryption", "AES", "mcrypt", "cipher"],
+ "authors": [
+ {
+ "name": "Taylor Hornby",
+ "email": "havoc@defuse.ca"
+ }
+ ],
+ "autoload": {
+ "files": ["Crypto.php"]
+ },
+ "require": {
+ "php": ">=5.4.0",
+ "ext-openssl": "*",
+ "ext-mcrypt": "*"
+ }
+}
--- /dev/null
+<?php
+require_once('Crypto.php');
+ try {
+ $key = Crypto::CreateNewRandomKey();
+ // WARNING: Do NOT encode $key with bin2hex() or base64_encode(),
+ // they may leak the key to the attacker through side channels.
+ } catch (CryptoTestFailedException $ex) {
+ die('Cannot safely create a key');
+ } catch (CannotPerformOperationException $ex) {
+ die('Cannot safely create a key');
+ }
+
+ $message = "ATTACK AT DAWN";
+ try {
+ $ciphertext = Crypto::Encrypt($message, $key);
+ } catch (CryptoTestFailedException $ex) {
+ die('Cannot safely perform encryption');
+ } catch (CannotPerformOperationException $ex) {
+ die('Cannot safely perform decryption');
+ }
+
+ try {
+ $decrypted = Crypto::Decrypt($ciphertext, $key);
+ } catch (InvalidCiphertextException $ex) { // VERY IMPORTANT
+ // Either:
+ // 1. The ciphertext was modified by the attacker,
+ // 2. The key is wrong, or
+ // 3. $ciphertext is not a valid ciphertext or was corrupted.
+ // Assume the worst.
+ die('DANGER! DANGER! The ciphertext has been tampered with!');
+ } catch (CryptoTestFailedException $ex) {
+ die('Cannot safely perform encryption');
+ } catch (CannotPerformOperationException $ex) {
+ die('Cannot safely perform decryption');
+ }
+?>
--- /dev/null
+#!/bin/bash
+
+echo "Normal"
+echo "--------------------------------------------------"
+php -d mbstring.func_overload=0 tests/runtime.php
+if [ $? -ne 0 ]; then
+ echo "FAIL."
+ exit 1
+fi
+echo "--------------------------------------------------"
+
+echo ""
+
+echo "Multibyte"
+echo "--------------------------------------------------"
+php -d mbstring.func_overload=7 tests/runtime.php
+if [ $? -ne 0 ]; then
+ echo "FAIL."
+ exit 1
+fi
+echo "--------------------------------------------------"
+
+echo ""
+
+if [ -z "$(php Crypto.php)" ]; then
+ echo "PASS: Crypto.php output is empty."
+else
+ echo "FAIL: Crypto.php output is not empty."
+ exit 1
+fi
--- /dev/null
+<?php
+
+// Set the encoding to something more "challenging."
+$ret = mb_internal_encoding('UTF-8');
+if ($ret === FALSE) {
+ echo "Couldn't set encoding.";
+ exit(1);
+}
+
+// Dump out the settings / encoding for future reference.
+$val = ini_get("mbstring.func_overload");
+echo "Settings: \n";
+echo " func_overload: " . $val . "\n";
+echo " mb_internal_encoding(): " . mb_internal_encoding() . "\n";
+
+// Perform the tests.
+require_once('Crypto.php');
+try {
+ Crypto::RuntimeTest();
+ echo "TEST PASSED!\n";
+ exit(0);
+} catch (CryptoTestFailedException $ex) {
+ echo "TEST FAILED!\n";
+ var_dump($ex);
+ exit(1);
+} catch (CannotPerformOperationException $ex) {
+ echo "TEST FAILED\n";
+ var_dump($ex);
+ exit(1);
+}
+
+?>
$proxy_disabled = ((x($_POST,'proxy_disabled')) ? True : False);
$old_pager = ((x($_POST,'old_pager')) ? True : False);
$only_tag_search = ((x($_POST,'only_tag_search')) ? True : False);
-
+ $rino = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
+
+
if($ssl_policy != intval(get_config('system','ssl_policy'))) {
if($ssl_policy == SSL_POLICY_FULL) {
q("update `contact` set
set_config('system','suppress_tags',$suppress_tags);
set_config('system','shortcut_icon',$shortcut_icon);
set_config('system','touch_icon',$touch_icon);
+
if ($banner==""){
// don't know why, but del_config doesn't work...
q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
set_config('system','old_pager', $old_pager);
set_config('system','only_tag_search', $only_tag_search);
+ set_config('system','rino_encrypt', $rino);
+
+
info( t('Site settings updated.') . EOL);
goaway($a->get_baseurl(true) . '/admin/site' );
return; // NOTREACHED
'$only_tag_search' => array('only_tag_search', t("Only search in tags"), get_config('system','only_tag_search'), t("On large systems the text search can slow down the system extremely.")),
'$relocate_url' => array('relocate_url', t("New base url"), $a->get_baseurl(), "Change base url for this server. Sends relocate message to all DFRN contacts of all users."),
- '$form_security_token' => get_form_security_token("admin_site")
+
+ '$rino' => array('rino', t("RINO Encryption"), intval(get_config('system','rino_encrypt')), t("Encryption layer between nodes."), array("Disabled", "RINO1 (deprecated)", "RINO2")),
+
+ '$form_security_token' => get_form_security_token("admin_site")
));
require_once('include/items.php');
require_once('include/event.php');
+require_once('library/defuse/php-encryption-1.2.1/Crypto.php');
function dfrn_notify_post(&$a) {
logger(__function__, LOGGER_TRACE);
$challenge = ((x($_POST,'challenge')) ? notags(trim($_POST['challenge'])) : '');
$data = ((x($_POST,'data')) ? $_POST['data'] : '');
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
+ $rino_remote = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0);
$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0);
$perm = ((x($_POST,'perm')) ? notags(trim($_POST['perm'])) : 'r');
$ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none');
if($importer['page-flags'] == PAGE_SOAPBOX)
xml_status(0);
-
+
if(strlen($key)) {
+
+ // if local rino is lower than remote rino, abort: should not happen!
+ // but only for $remote_rino > 1, because old code did't send rino version
+ if ($rino_remote_version > 1 && $rino < $rino_remote) {
+ logger("rino version '$rino_remote' is lower than supported '$rino'");
+ xml_status(0,"rino version '$rino_remote' is lower than supported '$rino'");
+ }
+
$rawkey = hex2bin(trim($key));
logger('rino: md5 raw key: ' . md5($rawkey));
$final_key = '';
}
}
- logger('rino: received key : ' . $final_key);
- $data = aes_decrypt(hex2bin($data),$final_key);
+ #logger('rino: received key : ' . $final_key);
+
+ switch($rino_remote) {
+ case 0:
+ case 1:
+ // we got a key. old code send only the key, without RINO version.
+ // we assume RINO 1 if key and no RINO version
+ $data = aes_decrypt(hex2bin($data),$final_key);
+ break;
+ case 2:
+ try {
+ $data = Crypto::decrypt(hex2bin($data),$final_key);
+ } catch (InvalidCiphertext $ex) { // VERY IMPORTANT
+ // Either:
+ // 1. The ciphertext was modified by the attacker,
+ // 2. The key is wrong, or
+ // 3. $ciphertext is not a valid ciphertext or was corrupted.
+ // Assume the worst.
+ logger('The ciphertext has been tampered with!');
+ xml_status(0,'The ciphertext has been tampered with!');
+ } catch (Ex\CryptoTestFailed $ex) {
+ logger('Cannot safely perform dencryption');
+ xml_status(0,'CryptoTestFailed');
+ } catch (Ex\CannotPerformOperation $ex) {
+ logger('Cannot safely perform decryption');
+ xml_status(0,'Cannot safely perform decryption');
+ }
+ break;
+ default:
+ logger("rino: invalid sent verision '$rino_remote'");
+ xml_status(0);
+ }
+
+
logger('rino: decrypted data: ' . $data, LOGGER_DATA);
}
-
$ret = local_delivery($importer,$data);
xml_status($ret);
$dfrn_id = notags(trim($_GET['dfrn_id']));
$dfrn_version = (float) $_GET['dfrn_version'];
+ $rino_remote = ((x($_GET,'rino')) ? intval($_GET['rino']) : 0);
$type = "";
$last_update = "";
$challenge = bin2hex($challenge);
$encrypted_id = bin2hex($encrypted_id);
- $rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);
-
- $rino_enable = get_config('system','rino_encrypt');
-
- if(! $rino_enable)
- $rino = 0;
-
+
+ $rino = get_config('system','rino_encrypt');
+ $rino = intval($rino);
+
+ // if requested rino is lower than enabled local rino, lower local rino version
+ // if requested rino is higher than enabled local rino, reply with local rino
+ if ($rino_remote < $rino) $rino = $rino_remote;
+
if((($r[0]['rel']) && ($r[0]['rel'] != CONTACT_IS_SHARING)) || ($r[0]['page-flags'] == PAGE_COMMUNITY)) {
$perm = 'rw';
}
$maximagesize = get_config('system','maximagesize');
if(($maximagesize) && ($filesize > $maximagesize)) {
- notice( t('Image exceeds size limit of ') . $maximagesize . EOL);
+ notice( sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize)) . EOL);
@unlink($src);
$foo = 0;
call_hooks('photo_post_end',$foo);
if($tab === 'profile') {
- require_once('include/profile_advanced.php');
$o .= advanced_profile($a);
call_hooks('profile_advanced',$o);
return $o;
$maximagesize = get_config('system','maximagesize');
if(($maximagesize) && ($filesize > $maximagesize)) {
- notice( sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL);
+ notice( sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize)) . EOL);
@unlink($src);
return;
}
}
if(($maxfilesize) && ($filesize > $maxfilesize)) {
- notice( sprintf(t('File exceeds size limit of %d'), $maxfilesize) . EOL);
+ echo sprintf(t('File exceeds size limit of %s'), formatBytes($maxfilesize)) . EOL;
@unlink($src);
- return;
+ killme();
}
$r = q("select sum(octet_length(data)) as total from attach where uid = %d ",
$maximagesize = get_config('system','maximagesize');
if(($maximagesize) && ($filesize > $maximagesize)) {
- echo sprintf( t('Image exceeds size limit of %d'), $maximagesize) . EOL;
+ echo sprintf( t('Image exceeds size limit of %s'), formatBytes($maximagesize)) . EOL;
@unlink($src);
killme();
}
<div class="submit"><input type="submit" name="page_site" value="{{$submit|escape:'html'}}" /></div>
<h3>{{$advanced}}</h3>
+ {{include file="field_select.tpl" field=$rino}}
{{include file="field_checkbox.tpl" field=$no_utf}}
{{include file="field_checkbox.tpl" field=$verifyssl}}
{{include file="field_input.tpl" field=$proxy}}
top: 56px;
}
+.notify-unseen { background-color: #FFF; }
+
.notify-seen {
- background: none repeat scroll 0 0 #DDDDDD;
+ background: none repeat scroll 0 0 #EEE;
}
ul.menu-popup {
projects / friendica.git / commitdiff