celebrity/group/community pages about 75% implemented
This commit is contained in:
parent
f5a8a92df1
commit
0f47ac282c
18
boot.php
18
boot.php
|
@ -22,11 +22,16 @@ define ( 'REL_BUD', 3);
|
|||
|
||||
|
||||
// page/profile types
|
||||
// PAGE_NORMAL is a typical personal profile account
|
||||
// PAGE_SOAPBOX automatically approves all friend requests as REL_FAN, (readonly)
|
||||
// PAGE_COMMUNITY automatically approves all friend requests as REL_FAN, but with
|
||||
// write access to wall and comments (no email and not included in page owner's ACL lists)
|
||||
// PAGE_FREELOVE automatically approves all friend requests as full friends (REL_BUD).
|
||||
|
||||
define ( 'PAGE_NORMAL', 0 );
|
||||
define ( 'PAGE_AUTO_FAN', 1 );
|
||||
define ( 'PAGE_AUTO_FAN_RW', 2 );
|
||||
define ( 'PAGE_AUTO_BUD', 3 );
|
||||
define ( 'PAGE_SOAPBOX', 1 );
|
||||
define ( 'PAGE_COMMUNITY', 2 );
|
||||
define ( 'PAGE_FREELOVE', 3 );
|
||||
|
||||
// Maximum number of "people who like (or don't like) this"
|
||||
// that we will list by name
|
||||
|
@ -102,6 +107,7 @@ class App {
|
|||
public $pager;
|
||||
public $strings;
|
||||
public $path;
|
||||
public $interactive = true;
|
||||
|
||||
private $scheme;
|
||||
private $hostname;
|
||||
|
@ -579,9 +585,9 @@ function remote_user() {
|
|||
|
||||
if(! function_exists('notice')) {
|
||||
function notice($s) {
|
||||
|
||||
$_SESSION['sysmsg'] .= $s;
|
||||
|
||||
$a = get_app();
|
||||
if($a->interactive)
|
||||
$_SESSION['sysmsg'] .= $s;
|
||||
}}
|
||||
|
||||
// wrapper around config to limit the text length of an incoming message
|
||||
|
|
|
@ -14,6 +14,7 @@ if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) {
|
|||
unset($_SESSION['administrator']);
|
||||
unset($_SESSION['cid']);
|
||||
unset($_SESSION['theme']);
|
||||
unset($_SESSION['page_flags']);
|
||||
notice( t('Logged out.') . EOL);
|
||||
goaway($a->get_baseurl());
|
||||
}
|
||||
|
@ -34,6 +35,7 @@ if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) {
|
|||
|
||||
$a->user = $r[0];
|
||||
$_SESSION['theme'] = $a->user['theme'];
|
||||
$_SESSION['page_flags'] = $a->user['page-flags'];
|
||||
if(strlen($a->user['timezone']))
|
||||
date_default_timezone_set($a->user['timezone']);
|
||||
|
||||
|
@ -58,6 +60,7 @@ else {
|
|||
unset($_SESSION['cid']);
|
||||
unset($_SESSION['theme']);
|
||||
unset($_SESSION['my_url']);
|
||||
unset($_SESSION['page_flags']);
|
||||
|
||||
$encrypted = hash('whirlpool',trim($_POST['password']));
|
||||
|
||||
|
@ -77,6 +80,7 @@ else {
|
|||
$_SESSION['uid'] = $r[0]['uid'];
|
||||
$_SESSION['theme'] = $r[0]['theme'];
|
||||
$_SESSION['authenticated'] = 1;
|
||||
$_SESSION['page_flags'] = $r[0]['page-flags'];
|
||||
$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
|
||||
|
||||
notice( t("Welcome back ") . $r[0]['username'] . EOL);
|
||||
|
|
|
@ -27,8 +27,12 @@ else {
|
|||
$a->page['nav'] .= '<a id="nav-home-link" class="nav-commlink" href="profile/' . $a->user['nickname'] . '">'
|
||||
. t('Home') . '</a><span id="home-update" class="nav-ajax-left"></span>' . "\r\n";
|
||||
|
||||
$a->page['nav'] .= '<a id="nav-notify-link" class="nav-commlink" href="notifications">' . t('Notifications')
|
||||
. '</a><span id="notify-update" class="nav-ajax-left"></span>' . "\r\n";
|
||||
// only show friend requests for normal pages. Other page types have automatic friendship.
|
||||
|
||||
if($_SESSION['page_flags'] == PAGE_NORMAL) {
|
||||
$a->page['nav'] .= '<a id="nav-notify-link" class="nav-commlink" href="notifications">' . t('Notifications')
|
||||
. '</a><span id="notify-update" class="nav-ajax-left"></span>' . "\r\n";
|
||||
}
|
||||
|
||||
$a->page['nav'] .= '<a id="nav-messages-link" class="nav-commlink" href="message">' . t('Messages')
|
||||
. '</a><span id="mail-update" class="nav-ajax-left"></span>' . "\r\n";
|
||||
|
|
|
@ -3,15 +3,18 @@
|
|||
function can_write_wall(&$a,$owner) {
|
||||
if((! (local_user())) && (! (remote_user())))
|
||||
return false;
|
||||
if((local_user()) && ($_SESSION['uid'] == $owner))
|
||||
$uid = get_uid();
|
||||
if(($uid) && ($uid === $owner))
|
||||
return true;
|
||||
|
||||
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `id` = %d AND `blocked` = 0 AND `pending` = 0
|
||||
AND `readonly` = 0 AND `rel` IN ( %d , %d ) LIMIT 1",
|
||||
intval($owner),
|
||||
intval($_SESSION['visitor_id']),
|
||||
intval(REL_VIP),
|
||||
intval(REL_BUD)
|
||||
$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid`
|
||||
WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
|
||||
AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page_flags` = %d ) LIMIT 1",
|
||||
intval($owner),
|
||||
intval($_SESSION['visitor_id']),
|
||||
intval(REL_VIP),
|
||||
intval(REL_BUD),
|
||||
intval(PAGE_COMMUNITY)
|
||||
);
|
||||
if(count($r))
|
||||
return true;
|
||||
|
|
|
@ -88,6 +88,7 @@ if(x($_SESSION,'sysmsg')) {
|
|||
unset($_SESSION['sysmsg']);
|
||||
}
|
||||
|
||||
|
||||
// Feel free to comment out this line on production sites.
|
||||
$a->page['content'] .= $debug_text;
|
||||
|
||||
|
|
|
@ -1,31 +1,59 @@
|
|||
<?php
|
||||
|
||||
// There are two possible entry points. Both are called via POST.
|
||||
// There are two possible entry points.
|
||||
|
||||
function dfrn_confirm_post(&$a) {
|
||||
function dfrn_confirm_post(&$a,$handsfree = null) {
|
||||
|
||||
if($a->argc > 1)
|
||||
$node = $a->argv[1];
|
||||
if(is_array($handsfree)) {
|
||||
|
||||
// called directly from dfrn_request due to automatic friend acceptance
|
||||
// any $_POST parameters we might need are supplied in the $handsfree array
|
||||
|
||||
$node = $handsfree['node'];
|
||||
$a->interactive = false; // notice() becomes a no-op since nobody is there to see it
|
||||
|
||||
}
|
||||
else {
|
||||
if($a->argc > 1)
|
||||
$node = $a->argv[1];
|
||||
}
|
||||
|
||||
// Main entry point. Our user received a friend request notification (perhaps
|
||||
// from another site) and clicked 'Accept'. $POST['source_url'] is not set.
|
||||
// They will perform the following:
|
||||
// OR we have been called directly from dfrn_request ($handsfree != null) due to
|
||||
// this being a page type which supports automatic friend acceptance.
|
||||
|
||||
if(! x($_POST,'source_url')) {
|
||||
|
||||
$uid = get_uid();
|
||||
|
||||
$uid = ((is_array($handsfree)) ? $handsfree['uid'] : get_uid());
|
||||
|
||||
if(! $uid) {
|
||||
notice( t('Permission denied.') . EOL );
|
||||
return;
|
||||
}
|
||||
|
||||
// These come from the friend request notification form.
|
||||
|
||||
$dfrn_id = ((x($_POST,'dfrn_id')) ? notags(trim($_POST['dfrn_id'])) : "");
|
||||
$intro_id = intval($_POST['intro_id']);
|
||||
$duplex = intval($_POST['duplex']);
|
||||
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
|
||||
intval($uid)
|
||||
);
|
||||
|
||||
if(! $user) {
|
||||
notice( t('Profile not found.') . EOL );
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
// These come from the friend request notification form or $handsfree reply.
|
||||
|
||||
if(is_array($handsfree)) {
|
||||
$dfrn_id = $handsfree['dfrn_id'];
|
||||
$intro_id = $handsfree['intro_id'];
|
||||
$duplex = $handsfre['duplex'];
|
||||
}
|
||||
else {
|
||||
$dfrn_id = ((x($_POST,'dfrn_id')) ? notags(trim($_POST['dfrn_id'])) : "");
|
||||
$intro_id = intval($_POST['intro_id']);
|
||||
$duplex = intval($_POST['duplex']);
|
||||
}
|
||||
|
||||
// The other person will have been issued an ID when they first requested friendship.
|
||||
// Locate their record. At this time, their record will have both pending and blocked set to 1.
|
||||
|
@ -75,7 +103,6 @@ function dfrn_confirm_post(&$a) {
|
|||
intval($uid)
|
||||
);
|
||||
|
||||
|
||||
$params = array();
|
||||
|
||||
// Per the protocol document, we will verify both ends by encrypting the dfrn_id with our
|
||||
|
@ -92,13 +119,13 @@ function dfrn_confirm_post(&$a) {
|
|||
$src_aes_key = random_string();
|
||||
|
||||
$result = '';
|
||||
openssl_private_encrypt($dfrn_id,$result,$a->user['prvkey']);
|
||||
openssl_private_encrypt($dfrn_id,$result,$user[0]['prvkey']);
|
||||
|
||||
$params['dfrn_id'] = bin2hex($result);
|
||||
$params['public_key'] = $public_key;
|
||||
|
||||
|
||||
$my_url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
|
||||
$my_url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
|
||||
|
||||
openssl_public_encrypt($my_url, $params['source_url'], $site_pubkey);
|
||||
$params['source_url'] = bin2hex($params['source_url']);
|
||||
|
@ -266,7 +293,8 @@ function dfrn_confirm_post(&$a) {
|
|||
// Let's send our user to the contact editor in case they want to
|
||||
// do anything special with this new friend.
|
||||
|
||||
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
|
||||
if($handsfree === null)
|
||||
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
|
||||
return; //NOTREACHED
|
||||
}
|
||||
|
||||
|
|
|
@ -208,11 +208,16 @@ function dfrn_request_post(&$a) {
|
|||
notice( t('You have already introduced yourself here.') . EOL );
|
||||
return;
|
||||
}
|
||||
elseif($ret[0]['rel'] == REL_BUD) {
|
||||
notice( t('Apparently you are already friends with .') . $a->profile['name'] . EOL);
|
||||
return;
|
||||
}
|
||||
else {
|
||||
$contact_record = $ret[0];
|
||||
$parms = array('dfrn-request' => $ret[0]['request']);
|
||||
}
|
||||
}
|
||||
|
||||
$issued_id = random_string();
|
||||
|
||||
if(is_array($contact_record)) {
|
||||
|
@ -314,8 +319,7 @@ function dfrn_request_post(&$a) {
|
|||
);
|
||||
}
|
||||
|
||||
|
||||
// This notice will only be seen by the requestor if the requestor and requestee are on the same server.
|
||||
// This notice will only be seen by the requestor if the requestor and requestee are on the same server.
|
||||
|
||||
if(! $failed)
|
||||
notice( t('Your introduction has been sent.') . EOL );
|
||||
|
@ -417,9 +421,13 @@ function dfrn_request_content(&$a) {
|
|||
WHERE `contact`.`id` = %d LIMIT 1",
|
||||
intval($intro[0]['contact-id'])
|
||||
);
|
||||
if(count($r)) {
|
||||
|
||||
if($r[0]['notify-flags'] & NOTIFY_INTRO) {
|
||||
$auto_confirm = false;
|
||||
|
||||
if(count($r)) {
|
||||
if($r[0]['page-flags'] != PAGE_NORMAL)
|
||||
$auto_confirm = true;
|
||||
if(($r[0]['notify-flags'] & NOTIFY_INTRO) && (! $auto_confirm)) {
|
||||
$email_tpl = load_view_file('view/request_notify_eml.tpl');
|
||||
$email = replace_macros($email_tpl, array(
|
||||
'$requestor' => ((strlen(stripslashes($r[0]['name']))) ? stripslashes($r[0]['name']) : t('[Name Withheld]')),
|
||||
|
@ -434,12 +442,29 @@ function dfrn_request_content(&$a) {
|
|||
'From: ' . t('Administrator') . '@' . $_SERVER[SERVER_NAME] );
|
||||
// This is a redundant notification - no point throwing errors if it fails.
|
||||
}
|
||||
if($auto_confirm) {
|
||||
require_once('mod/dfrn_confirm.php');
|
||||
$handsfree = array(
|
||||
'uid' => $r[0]['uid'],
|
||||
'node' => $r[0]['nickname'],
|
||||
'dfrn_id' => $r[0]['issued-id'],
|
||||
'intro_id' => $intro[0]['id'],
|
||||
'duplex' => (($r[0]['page-flags'] == PAGE_FREELOVE) ? 1 : 0)
|
||||
);
|
||||
dfrn_confirm_post($a,$handsfree);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1",
|
||||
dbesc($_GET['confirm_key'])
|
||||
);
|
||||
if(! $auto_confirm) {
|
||||
|
||||
// If we are auto_confirming, this record will have already been nuked
|
||||
// in dfrn_confirm_post()
|
||||
|
||||
$r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1",
|
||||
dbesc($_GET['confirm_key'])
|
||||
);
|
||||
}
|
||||
}
|
||||
killme();
|
||||
return; // NOTREACHED
|
||||
|
|
|
@ -7,7 +7,8 @@ function lostpass_post(&$a) {
|
|||
if(! $email)
|
||||
goaway($a->get_baseurl());
|
||||
|
||||
$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
|
||||
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) LIMIT 1",
|
||||
dbesc($email),
|
||||
dbesc($email)
|
||||
);
|
||||
if(! count($r))
|
||||
|
|
|
@ -250,7 +250,13 @@ function register_post(&$a) {
|
|||
if(! function_exists('register_content')) {
|
||||
function register_content(&$a) {
|
||||
|
||||
if($a->config['register_policy'] == REGISTER_CLOSED) {
|
||||
// logged in users can register others (people/pages/groups)
|
||||
// even with closed registrations, unless specifically prohibited by site policy.
|
||||
// 'block_extended_register' blocks all registrations, period.
|
||||
|
||||
$block = get_config('system','block_extended_register');
|
||||
|
||||
if((($a->config['register_policy'] == REGISTER_CLOSED) && (! getuid())) || ($block)) {
|
||||
notice("Permission denied." . EOL);
|
||||
return;
|
||||
}
|
||||
|
|
|
@ -198,7 +198,7 @@ function settings_content(&$a) {
|
|||
? true : false);
|
||||
|
||||
if($invisible)
|
||||
notice( t('Profile is not published.') . EOL );
|
||||
notice( t('Profile is <strong>not published</strong>.') . EOL );
|
||||
|
||||
$nickname_block = load_view_file("view/settings_nick_set.tpl");
|
||||
|
||||
|
|
|
@ -28,7 +28,7 @@ function xrd_content(&$a) {
|
|||
'$accturi' => $uri,
|
||||
'$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'],
|
||||
'$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'],
|
||||
'$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'],
|
||||
'$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg',
|
||||
'$salmon' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'],
|
||||
'$salmen' => $a->get_baseurl() . '/salmon/' . $r[0]['nickname'] . '/mention',
|
||||
'$modexp' => 'data:application/magic-public-key,' . $salmon_key
|
||||
|
|
|
@ -1,27 +1,19 @@
|
|||
|
||||
Dear $username,
|
||||
|
||||
I've got good news and bad news... first the good news.
|
||||
'$fn' at '$dfrn_url' has accepted your connection request at
|
||||
'$sitename'.
|
||||
'$fn' at '$dfrn_url' has accepted
|
||||
your connection request at '$sitename'.
|
||||
|
||||
The bad news is that '$fn' did not make you a "full friend",
|
||||
but rather accepted you as a "fan". [Maybe you were expecting this,
|
||||
maybe not.]
|
||||
'$fn' has chosen to accept you a "fan", which restricts
|
||||
some forms of communication - such as private messaging and some profile
|
||||
interactions. If this is a celebrity or community page, these settings were
|
||||
applied automatically.
|
||||
|
||||
What this means is that '$fn' can communicate with you at any
|
||||
time and comment on your activities, but your communications to
|
||||
'$fn' may be restricted. In particular, you do NOT have the
|
||||
ability to exchange private mail. You are only able to communicate
|
||||
with '$fn' via your own status updates.
|
||||
'$fn' may choose to extend this into a two-way or more permissive
|
||||
relationship in the future.
|
||||
|
||||
In the future, '$fn' MAY decide to seek a full connection and make
|
||||
a reciprocal request. If you approve such a request, you will then be
|
||||
considered mutual friends with full communication ability.
|
||||
|
||||
The network at $sitename allows many types of relationships -
|
||||
as opposed to older social networks where friendship is either
|
||||
"yes" or "no" - with nothing in between.
|
||||
You will start receiving public status updates from '$fn',
|
||||
which will appear on your 'Network' page at
|
||||
|
||||
$siteurl
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
<form action="" method="post" >
|
||||
<input type="hidden" name="auth-params" value="login" />
|
||||
<div id="login-name-wrapper">
|
||||
<label for="login-name" id="label-login-name">Username or Email: </label>
|
||||
<label for="login-name" id="label-login-name">Nickname or Email: </label>
|
||||
<input type="text" maxlength="60" name="login-name" id="login-name" value="" />
|
||||
</div>
|
||||
<div id="login-name-end" ></div>
|
||||
|
|
|
@ -6,7 +6,7 @@ Enter your email address and submit to have your password reset. Then check your
|
|||
|
||||
<form action="lostpass" method="post" >
|
||||
<div id="login-name-wrapper">
|
||||
<label for="login-name" id="label-login-name">Email address: </label>
|
||||
<label for="login-name" id="label-login-name">Nickname or Email: </label>
|
||||
<input type="text" maxlength="60" name="login-name" id="login-name" value="" />
|
||||
</div>
|
||||
<div id="login-extra-end"></div>
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
type="text/html"
|
||||
href="$profile_url" />
|
||||
<Link rel="http://webfinger.net/rel/avatar"
|
||||
type="image/jpeg"
|
||||
href="$photo" />
|
||||
<Link rel="salmon"
|
||||
href="$salmon" />
|
||||
|
|
Loading…
Reference in New Issue
Block a user