* Sets the base url for use in cmdline programs which don't have
* $_SERVER variables
*/
-function check_url(App &$a) {
+function check_url(App $a) {
$url = get_config('system','url');
/**
* @brief Automatic database updates
*/
-function update_db(App &$a) {
+function update_db(App $a) {
$build = get_config('system','build');
if(! x($build))
$build = set_config('system','build',DB_UPDATE_VERSION);
* @param App $a
*
*/
-function check_plugins(App &$a) {
+function check_plugins(App $a) {
$r = q("SELECT * FROM `addon` WHERE `installed` = 1");
if (dbm::is_result($r))
}
/// @deprecated
-function set_template_engine(App &$a, $engine = 'internal') {
+function set_template_engine(App $a, $engine = 'internal') {
/// @note This function is no longer necessary, but keep it as a wrapper to the class method
/// to avoid breaking themes again unnecessarily
---
Your hook callback functions will be called with at least one and possibly two arguments
- function myhook_function(&$a, &$b) {
+ function myhook_function(App $a, &$b) {
}
$a->argc = 3
$a->argv = array(0 => 'plugin', 1 => 'arg1', 2 => 'arg2');
-Your module functions will often contain the function plugin_name_content(App &$a), which defines and returns the page body content.
-They may also contain plugin_name_post(App &$a) which is called before the _content function and typically handles the results of POST forms.
-You may also have plugin_name_init(App &$a) which is called very early on and often does module initialisation.
+Your module functions will often contain the function plugin_name_content(App $a), which defines and returns the page body content.
+They may also contain plugin_name_post(App $a) which is called before the _content function and typically handles the results of POST forms.
+You may also have plugin_name_init(App $a) which is called very early on and often does module initialisation.
Templates
---
is called after the other queries have passed.
The registered function can add, change or remove the acl_lookup() variables.
- 'results' => array of the acl_lookup() vars
+ 'results' => array of the acl_lookup() vars
Complete list of hook callbacks
file: include/ItemsManager.php\r
<?php\r
namespace \Friendica;\r
- \r
+\r
class ItemsManager {\r
public function getAll() { ... }\r
public function getByID($id) { ... }\r
```\r
file: mod/network.php\r
<?php\r
- \r
- function network_content(App &$a) {\r
+\r
+ function network_content(App $a) {\r
$itemsmanager = new \Friendica\ItemsManager();\r
$items = $itemsmanager->getAll();\r
- \r
+\r
// pass $items to template\r
// return result\r
}\r
file: include/BaseManager.php\r
<?php\r
namespace \Friendica;\r
- \r
+\r
class BaseManager {\r
public function thatFunctionEveryManagerUses() { ... }\r
}\r
file: include/ItemsManager.php\r
<?php\r
namespace \Friendica;\r
- \r
+\r
class ItemsManager extends BaseManager {\r
public function getAll() { ... }\r
public function getByID($id) { ... }\r
\r
```\r
file: include/dfrn.php\r
- <?php \r
+ <?php\r
namespace \Friendica;\r
- \r
+\r
class dfrn {\r
public static function mail($item, $owner) { ... }\r
}\r
```\r
file: mod/mail.php\r
<?php\r
- \r
+\r
mail_post($a){\r
...\r
\Friendica\dfrn::mail($item, $owner);\r
```\r
file: include/delivery.php\r
<?php\r
- \r
+\r
namespace \Friendica;\r
- \r
- // this is the same content of current include/delivery.php, \r
+\r
+ // this is the same content of current include/delivery.php,\r
// but has been declared to be in "Friendica" namespace\r
- \r
+\r
[...]\r
switch($contact['network']) {\r
- \r
+\r
case NETWORK_DFRN:\r
if ($mail) {\r
$item['body'] = ...\r
```\r
<?php\r
namespace \Frienidca;\r
- \r
+\r
class Diaspora {\r
public function md2bbcode() {\r
- $html = \Michelf\MarkdownExtra::defaultTransform($text); \r
+ $html = \Michelf\MarkdownExtra::defaultTransform($text);\r
}\r
}\r
```\r
```\r
<?php\r
namespace \Frienidca;\r
- \r
+\r
use \Michelf\MarkdownExtra;\r
- \r
+\r
class Diaspora {\r
public function md2bbcode() {\r
- $html = MarkdownExtra::defaultTransform($text); \r
+ $html = MarkdownExtra::defaultTransform($text);\r
}\r
}\r
```\r
```\r
<?php\r
namespace \Friendica\Network;\r
- \r
+\r
class DFRN {\r
}\r
```\r
```\r
<?php\r
namespace \Friendica\DBA;\r
- \r
+\r
class MySQL {\r
}\r
```\r
Deine Hook-Callback-Funktion wird mit mindestens einem und bis zu zwei Argumenten aufgerufen
- function myhook_function(&$a, &$b) {
+ function myhook_function(App $a, &$b) {
}
$a->argc = 3
$a->argv = array(0 => 'plugin', 1 => 'arg1', 2 => 'arg2');
-Deine Modulfunktionen umfassen oft die Funktion plugin_name_content(App &$a), welche den Seiteninhalt definiert und zurückgibt.
-Sie können auch plugin_name_post(App &$a) umfassen, welches vor der content-Funktion aufgerufen wird und normalerweise die Resultate der POST-Formulare handhabt.
-Du kannst ebenso plugin_name_init(App &$a) nutzen, was oft frühzeitig aufgerufen wird und das Modul initialisert.
+Deine Modulfunktionen umfassen oft die Funktion plugin_name_content(App $a), welche den Seiteninhalt definiert und zurückgibt.
+Sie können auch plugin_name_post(App $a) umfassen, welches vor der content-Funktion aufgerufen wird und normalerweise die Resultate der POST-Formulare handhabt.
+Du kannst ebenso plugin_name_init(App $a) nutzen, was oft frühzeitig aufgerufen wird und das Modul initialisert.
Derzeitige Hooks
mod/photos.php: call_hooks('photo_upload_form',$ret);
-mod/friendica.php: call_hooks('about_hook', $o);
+mod/friendica.php: call_hooks('about_hook', $o);
mod/editpost.php: call_hooks('jot_tool', $jotplugins);
Calling the t() function with the common name makes the string translateable.
The selected 1st part will be saved in the database by the theme_post function.
- function theme_post(App &$a){
+ function theme_post(App $a){
// non local users shall not pass
if (! local_user()) {
return;
<?php
/* meta informations for the theme, see below */
- function duepuntozero_lr_init(App &$a) {
+ function duepuntozero_lr_init(App $a) {
$a-> theme_info = array(
'extends' => 'duepuntozero'.
);
The name of the function is <theme-name>_init.
So in the case of quattro it is
- function quattro_init(App &$a) {
+ function quattro_init(App $a) {
$a->theme_info = array();
set_template_engine($a, 'smarty3');
}
*
* @return string posts in HTML
*/
-function posts_from_gcontact($a, $gcontact_id) {
+function posts_from_gcontact(App $a, $gcontact_id) {
require_once('include/conversation.php');
*
* @return string posts in HTML
*/
-function posts_from_contact_url($a, $contact_url) {
+function posts_from_contact_url(App $a, $contact_url) {
require_once('include/conversation.php');
do {
// FIXME - implement horizantal bias for scaling as in followin GD functions
- // to allow very tall images to be constrained only horizontally.
+ // to allow very tall images to be constrained only horizontally.
$this->image->scaleImage($dest_width, $dest_height);
} while ($this->image->nextImage());
return array("width" => $dest_width, "height" => $dest_height);
}
-function store_photo($a, $uid, $imagedata = "", $url = "") {
+function store_photo(App $a, $uid, $imagedata = "", $url = "") {
$r = q("SELECT `user`.`nickname`, `user`.`page-flags`, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`
WHERE `user`.`uid` = %d AND `user`.`blocked` = 0 AND `contact`.`self` = 1 LIMIT 1",
intval($uid));
}
-function construct_acl_data(&$a, $user) {
+function construct_acl_data(App $a, $user) {
// Get group and contact information for html ACL selector
$acl_data = acl_lookup($a, 'html');
}
-function acl_lookup(&$a, $out_type = 'json') {
+function acl_lookup(App $a, $out_type = 'json') {
if (!local_user()) {
return '';
}
/**
* @brief Searching for global contacts for autocompletion
- *
+ *
* @param App $a
* @return array with the search results
*/
-function navbar_complete(App &$a) {
+function navbar_complete(App $a) {
// logger('navbar_complete');
* @hook 'logged_in'
* array $user logged user record
*/
- function api_login(App &$a){
+ function api_login(App $a){
// login with oauth
try{
$oauth = new FKOAuth1();
* @param App $a
* @return string API call result
*/
- function api_call(App &$a){
+ function api_call(App $a){
global $API, $called_api;
$type="json";
* @param array $user_info
* @return array
*/
- function api_rss_extra(&$a, $arr, $user_info){
+ function api_rss_extra(App $a, $arr, $user_info){
if (is_null($user_info)) $user_info = api_get_user($a);
$arr['$user'] = $user_info;
$arr['$rss'] = array(
* @param int|string $contact_id Contact ID or URL
* @param string $type Return type (for errors)
*/
- function api_get_user(&$a, $contact_id = Null, $type = "json"){
+ function api_get_user(App $a, $contact_id = Null, $type = "json"){
global $called_api;
$user = null;
$extra_query = "";
* @param array $item : item from db
* @return array(array:author, array:owner)
*/
- function api_item_get_user(&$a, $item) {
+ function api_item_get_user(App $a, $item) {
$status_user = api_get_user($a, $item["author-link"]);
'homepage' => $profile['homepage'],
'users' => null);
return $profile;
- }
+ }
}
/**
// BadRequestException if no id specified (for clients using Twitter API)
if ($id == 0) throw new BadRequestException('Message id not specified');
- // add parent-uri to sql command if specified by calling app
+ // add parent-uri to sql command if specified by calling app
$sql_extra = ($parenturi != "" ? " AND `parent-uri` = '" . dbesc($parenturi) . "'" : "");
// get data of the specified message id
$r = q("SELECT `id` FROM `mail` WHERE `uid` = %d AND `id` = %d" . $sql_extra,
- intval($uid),
+ intval($uid),
intval($id));
-
+
// error message if specified id is not in database
if (!dbm::is_result($r)) {
if ($verbose == "true") {
}
// delete message
- $result = q("DELETE FROM `mail` WHERE `uid` = %d AND `id` = %d" . $sql_extra,
- intval($uid),
+ $result = q("DELETE FROM `mail` WHERE `uid` = %d AND `id` = %d" . $sql_extra,
+ intval($uid),
intval($id));
if ($verbose == "true") {
// get data of the specified message id
$r = q("SELECT `id` FROM `mail` WHERE `id` = %d AND `uid` = %d",
- intval($id),
+ intval($id),
intval($uid));
// error message if specified id is not in database
if (!dbm::is_result($r)) {
}
// update seen indicator
- $result = q("UPDATE `mail` SET `seen` = 1 WHERE `id` = %d AND `uid` = %d",
- intval($id),
+ $result = q("UPDATE `mail` SET `seen` = 1 WHERE `id` = %d AND `uid` = %d",
+ intval($id),
intval($uid));
if ($result) {
// message if nothing was found
if (!dbm::is_result($r))
$success = array('success' => false, 'search_results' => 'problem with query');
- else if (count($r) == 0)
+ else if (count($r) == 0)
$success = array('success' => false, 'search_results' => 'nothing found');
else {
$ret = Array();
*/
if(!function_exists('conversation')) {
-function conversation(&$a, $items, $mode, $update, $preview = false) {
+function conversation(App $a, $items, $mode, $update, $preview = false) {
require_once('include/bbcode.php');
require_once('include/Contact.php');
*
* @param App $a
*/
-function cron_clear_cache(App &$a) {
+function cron_clear_cache(App $a) {
$last = get_config('system','cache_last_cleared');
*
* @param App $a
*/
-function cron_repair_diaspora(App &$a) {
+function cron_repair_diaspora(App $a) {
$r = q("SELECT `id`, `url` FROM `contact`
WHERE `network` = '%s' AND (`batch` = '' OR `notify` = '' OR `poll` = '' OR pubkey = '')
ORDER BY RAND() LIMIT 50", dbesc(NETWORK_DIASPORA));
}
-function sort_by_date(App &$a) {
+function sort_by_date(App $a) {
usort($a,'ev_compare');
return $a;
/**
* @brief Get an event by its event ID
- *
+ *
* @param type $owner_uid The User ID of the owner of the event
* @param type $event_params An assoziative array with
* int 'event_id' => The ID of the event in the event table
/**
* @brief Get all events in a specific timeframe
- *
+ *
* @param int $owner_uid The User ID of the owner of the events
* @param array $event_params An assoziative array with
- * int 'ignored' =>
+ * int 'ignored' =>
* string 'start' => Start time of the timeframe
* string 'finish' => Finish time of the timeframe
- * string 'adjust_start' =>
* string 'adjust_start' =>
- *
+ * string 'adjust_start' =>
+ *
* @param string $sql_extra Additional sql conditions (e.g. permission request)
* @return array Query results
*/
/**
* @brief Convert an array query results in an arry which could be used by the events template
- *
+ *
* @param array $arr Event query array
* @return array Event array for the template
*/
/**
* @brief Format event to export format (ical/csv)
- *
+ *
* @param array $events Query result for events
* @param string $format The output format (ical/csv)
* @param string $timezone The timezone of the user (not implemented yet)
- *
+ *
* @return string Content according to selected export format
*/
function event_format_export ($events, $format = 'ical', $timezone) {
$o = '"Subject", "Start Date", "Start Time", "Description", "End Date", "End Time", "Location"' . PHP_EOL;
foreach ($events as $event) {
- /// @todo the time / date entries don't include any information about the
+ /// @todo the time / date entries don't include any information about the
// timezone the event is scheduled in :-/
$tmp1 = strtotime($event['start']);
$tmp2 = strtotime($event['finish']);
$o .= '"'.$event['summary'].'", "'.strftime($date_format, $tmp1) .
'", "'.strftime($time_format, $tmp1).'", "'.$event['desc'] .
'", "'.strftime($date_format, $tmp2) .
- '", "'.strftime($time_format, $tmp2) .
+ '", "'.strftime($time_format, $tmp2) .
'", "'.$event['location'].'"' . PHP_EOL;
}
break;
foreach ($events as $event) {
if ($event['adjust'] == 1) {
$UTC = 'Z';
- } else {
+ } else {
$UTC = '';
}
$o .= 'BEGIN:VEVENT' . PHP_EOL;
/**
* @brief Get all events for a user ID
- *
+ *
* The query for events is done permission sensitive
* If the user is the owner of the calendar he/she
* will get all of his/her available events.
* If the user is only a visitor only the public events will
* be available
- *
+ *
* @param int $uid The user ID
* @param int $sql_extra Additional sql conditions for permission
- *
+ *
* @return array Query results
*/
function events_by_uid($uid = 0, $sql_extra = '') {
if($sql_extra == '')
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' ";
- // does the user who requests happen to be the owner of the events
- // requested? then show all of your events, otherwise only those that
+ // does the user who requests happen to be the owner of the events
+ // requested? then show all of your events, otherwise only those that
// don't have limitations set in allow_cid and allow_gid
if (local_user() == $uid) {
$r = q("SELECT `start`, `finish`, `adjust`, `summary`, `desc`, `location`, `nofinish`
}
/**
- *
+ *
* @param int $uid The user ID
* @param string $format Output format (ical/csv)
* @return array With the results
* string 'format' => The output format
* string 'extension' => The file extension of the output format
* string 'content' => The formatted output content
- *
+ *
* @todo Respect authenticated users with events_by_uid()
*/
function event_export($uid, $format = 'ical') {
/**
* @brief Get the events widget
- *
+ *
* @return string Formated html of the evens widget
*/
function widget_events() {
// Cal logged in user (test permission at foreign profile page)
// If the $owner uid is available we know it is part of one of the profile pages (like /cal)
- // So we have to test if if it's the own profile page of the logged in user
+ // So we have to test if if it's the own profile page of the logged in user
// or a foreign one. For foreign profile pages we need to check if the feature
// for exporting the cal is enabled (otherwise the widget would appear for logged in users
// on foreigen profile pages even if the widget is disabled)
- if(intval($owner_uid) && local_user() !== $owner_uid && ! feature_enabled($owner_uid, "export_calendar"))
+ if(intval($owner_uid) && local_user() !== $owner_uid && ! feature_enabled($owner_uid, "export_calendar"))
return;
// If it's a kind of profile page (intval($owner_uid)) return if the user not logged in and
* @param int $profile
* @param array $profiledata
*/
-function profile_load(&$a, $nickname, $profile = 0, $profiledata = array()) {
+function profile_load(App $a, $nickname, $profile = 0, $profiledata = array()) {
$user = q("SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1",
dbesc($nickname)
/**
* @brief Get all profil data of a local user
- *
+ *
* If the viewer is an authenticated remote viewer, the profile displayed is the
* one that has been configured for his/her viewing in the Contact manager.
* Passing a non-zero profile ID can also allow a preview of a selected profile
* by the owner
- *
+ *
* @param string $nickname
* @param int $uid
* @param int $profile
/**
* @brief Formats a profile for display in the sidebar.
- *
+ *
* It is very difficult to templatise the HTML completely
* because of all the conditional logic.
- *
+ *
* @param array $profile
* @param int $block
- *
+ *
* @return HTML string stuitable for sidebar inclusion
- *
+ *
* @note Returns empty string if passed $profile is wrong type or not populated
- *
+ *
* @hooks 'profile_sidebar_enter'
* array $profile - profile data
* @hooks 'profile_sidebar'
));
}
-function advanced_profile(App &$a) {
+function advanced_profile(App $a) {
$o = '';
$uid = $a->profile['uid'];
array(
'label'=>t('Status'),
'url' => $url,
- 'sel' => ((!isset($tab)&&$a->argv[0]=='profile')?'active':''),
+ 'sel' => ((!isset($tab) && $a->argv[0]=='profile')?'active':''),
'title' => t('Status Messages and Posts'),
'id' => 'status-tab',
'accesskey' => 'm',
array(
'label' => t('Photos'),
'url' => App::get_baseurl() . '/photos/' . $nickname,
- 'sel' => ((!isset($tab)&&$a->argv[0]=='photos')?'active':''),
+ 'sel' => ((!isset($tab) && $a->argv[0]=='photos')?'active':''),
'title' => t('Photo Albums'),
'id' => 'photo-tab',
'accesskey' => 'h',
array(
'label' => t('Videos'),
'url' => App::get_baseurl() . '/videos/' . $nickname,
- 'sel' => ((!isset($tab)&&$a->argv[0]=='videos')?'active':''),
+ 'sel' => ((!isset($tab) && $a->argv[0]=='videos')?'active':''),
'title' => t('Videos'),
'id' => 'video-tab',
'accesskey' => 'v',
$tabs[] = array(
'label' => t('Events'),
'url' => App::get_baseurl() . '/events',
- 'sel' =>((!isset($tab)&&$a->argv[0]=='events')?'active':''),
+ 'sel' =>((!isset($tab) && $a->argv[0]=='events')?'active':''),
'title' => t('Events and Calendar'),
'id' => 'events-tab',
'accesskey' => 'e',
$tabs[] = array(
'label' => t('Events'),
'url' => App::get_baseurl() . '/cal/' . $nickname,
- 'sel' =>((!isset($tab)&&$a->argv[0]=='cal')?'active':''),
+ 'sel' =>((!isset($tab) && $a->argv[0]=='cal')?'active':''),
'title' => t('Events and Calendar'),
'id' => 'events-tab',
'accesskey' => 'e',
$tabs[] = array(
'label' => t('Personal Notes'),
'url' => App::get_baseurl() . '/notes',
- 'sel' =>((!isset($tab)&&$a->argv[0]=='notes')?'active':''),
+ 'sel' =>((!isset($tab) && $a->argv[0]=='notes')?'active':''),
'title' => t('Only You Can See This'),
'id' => 'notes-tab',
'accesskey' => 't',
$tabs[] = array(
'label' => t('Contacts'),
'url' => App::get_baseurl() . '/viewcontacts/' . $nickname,
- 'sel' => ((!isset($tab)&&$a->argv[0]=='viewcontacts')?'active':''),
+ 'sel' => ((!isset($tab) && $a->argv[0]=='viewcontacts')?'active':''),
'title' => t('Contacts'),
'id' => 'viewcontacts-tab',
'accesskey' => 'k',
return false;
}
-function zrl_init(App &$a) {
+function zrl_init(App $a) {
$tmp_str = get_my_url();
if(validate_url($tmp_str)) {
* settings except their own while on this site.
*
* @return int user ID
- *
+ *
* @note Returns local_user instead of user ID if "always_my_theme"
* is set to true
*/
<?php
-function nav(App &$a) {
+function nav(App $a) {
/*
*
*
* @return string XML feed
*/
- public static function feed(&$a, $owner_nick, $last_update) {
+ public static function feed(App $a, $owner_nick, $last_update) {
$r = q("SELECT `contact`.*, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
*
* @return string The converted message
*/
-function plaintext($a, $b, $limit = 0, $includedlinks = false, $htmlmode = 2, $target_network = "") {
+function plaintext(App $a, $b, $limit = 0, $includedlinks = false, $htmlmode = 2, $target_network = "") {
// Remove the hash tags
$URLSearchString = "^\[\]";
<?php
-function auto_redir(&$a, $contact_nick) {
+function auto_redir(App $a, $contact_nick) {
// prevent looping
if(strlen($dfrn_id) < 3)
return;
-
+
$sec = random_string();
q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)
$url = curPageURL();
- logger('auto_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG);
+ logger('auto_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG);
$dest = (($url) ? '&destination_url=' . $url : '');
- goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id
+ goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest );
}
-function can_write_wall(&$a,$owner) {
+function can_write_wall(App $a, $owner) {
static $verified = 0;
return false;
}
- $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` INNER JOIN `user` on `user`.`uid` = `contact`.`uid`
- WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` INNER JOIN `user` on `user`.`uid` = `contact`.`uid`
+ WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
intval($owner),
intval($cid),
* default permissions - anonymous user
*/
- $sql = " AND allow_cid = ''
- AND allow_gid = ''
- AND deny_cid = ''
- AND deny_gid = ''
+ $sql = " AND allow_cid = ''
+ AND allow_gid = ''
+ AND deny_cid = ''
+ AND deny_gid = ''
";
/**
*/
if(($local_user) && ($local_user == $owner_id)) {
- $sql = '';
+ $sql = '';
}
/**
- * Authenticated visitor. Unless pre-verified,
+ * Authenticated visitor. Unless pre-verified,
* check that the contact belongs to this $owner_id
* and load the groups the visitor belongs to.
* If pre-verified, the caller is expected to have already
if(is_array($groups) && count($groups)) {
foreach($groups as $g)
$gs .= '|<' . intval($g) . '>';
- }
+ }
/*$sql = sprintf(
- " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
- AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
+ " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
+ AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s')
",
}
/**
- * Authenticated visitor. Unless pre-verified,
+ * Authenticated visitor. Unless pre-verified,
* check that the contact belongs to this $owner_id
* and load the groups the visitor belongs to.
* If pre-verified, the caller is expected to have already
if(is_array($groups) && count($groups)) {
foreach($groups as $g)
$gs .= '|<' . intval($g) . '>';
- }
+ }
$sql = sprintf(
- /*" AND ( private = 0 OR ( private in (1,2) AND wall = 1 AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
- AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
+ /*" AND ( private = 0 OR ( private in (1,2) AND wall = 1 AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
+ AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
- AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s')))
+ AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s')))
",
intval($remote_user),
intval($remote_user),
* If the new page contains by any chance external elements, then the used security token is exposed by the referrer.
* Actually, important actions should not be triggered by Links / GET-Requests at all, but somethimes they still are,
* so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types).
- */
+ */
function get_form_security_token($typename = '') {
$a = get_app();
-
+
$timestamp = time();
$sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $timestamp . $typename);
-
+
return $timestamp . '.' . $sec_hash;
}
function check_form_security_token($typename = '', $formname = 'form_security_token') {
if (!x($_REQUEST, $formname)) return false;
$hash = $_REQUEST[$formname];
-
+
$max_livetime = 10800; // 3 hours
-
+
$a = get_app();
-
+
$x = explode('.', $hash);
if (time() > (IntVal($x[0]) + $max_livetime)) return false;
-
+
$sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $x[0] . $typename);
-
+
return ($sec_hash == $x[1]);
}
// Returns an array of group id's this contact is a member of.
// This array will only contain group id's related to the uid of this
-// DFRN contact. They are *not* neccessarily unique across the entire site.
+// DFRN contact. They are *not* neccessarily unique across the entire site.
if(! function_exists('init_groups_visitor')) {
function init_groups_visitor($contact_id) {
$groups = array();
- $r = q("SELECT `gid` FROM `group_member`
+ $r = q("SELECT `gid` FROM `group_member`
WHERE `contact-id` = %d ",
intval($contact_id)
);
* @param int $count [optional] item count (used with alt pager)
* @return Array data for pagination template
*/
-function paginate_data(&$a, $count=null) {
+function paginate_data(App $a, $count=null) {
$stripped = preg_replace('/([&?]page=[0-9]*)/','',$a->query_string);
$stripped = str_replace('q=','',$stripped);
* @param App $a App instance
* @return string html for pagination #FIXME remove html
*/
-function paginate(App &$a) {
+function paginate(App $a) {
$data = paginate_data($a);
$tpl = get_markup_template("paginate.tpl");
* @param int $i
* @return string html for pagination #FIXME remove html
*/
-function alt_pager(&$a, $i) {
+function alt_pager(App $a, $i) {
$data = paginate_data($a, $i);
$tpl = get_markup_template("paginate.tpl");
q("DELETE FROM `pconfig` WHERE uid = %d", $newuid);\r
}\r
\r
-function import_account(&$a, $file) {\r
+function import_account(App $a, $file) {\r
logger("Start user import from " . $file['tmp_name']);\r
/*\r
STEPS\r
projects / friendica.git / commitdiff