From 2e03a3a47fe46fd953f3dbbe3486579f90dcd5f8 Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Mon, 12 Feb 2018 03:25:09 +0100 Subject: [PATCH 1/8] fix undeclared variables or wrong variable names (/mod) --- mod/dfrn_request.php | 2 +- mod/editpost.php | 2 ++ mod/install.php | 1 + mod/localtime.php | 2 +- mod/lostpass.php | 1 + mod/message.php | 1 - mod/network.php | 2 +- mod/notify.php | 2 +- mod/photos.php | 2 +- mod/ping.php | 4 ++-- mod/probe.php | 2 +- mod/profile_photo.php | 6 +++--- mod/profperm.php | 3 ++- mod/register.php | 1 + mod/regmod.php | 4 ++-- mod/removeme.php | 2 +- mod/search.php | 3 ++- mod/tagger.php | 2 +- mod/viewcontacts.php | 5 ++--- mod/viewsrc.php | 1 + mod/wallmessage.php | 3 +-- mod/webfinger.php | 2 +- 22 files changed, 29 insertions(+), 24 deletions(-) diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 34cc9cf25..e8bc50926 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -168,7 +168,7 @@ function dfrn_request_post(App $a) $parms['key'] // this was already escaped ); if (DBM::is_result($r)) { - Group::addMember(User::getDefaultGroup($uid, $r[0]["network"]), $r[0]['id']); + Group::addMember(User::getDefaultGroup(local_user(), $r[0]["network"]), $r[0]['id']); if (isset($photo)) { Contact::updateAvatar($photo, local_user(), $r[0]["id"], true); diff --git a/mod/editpost.php b/mod/editpost.php index af8f4e317..f28e7a50b 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -38,6 +38,8 @@ function editpost_content(App $a) { return; } + $geotag = ''; + $o .= replace_macros(get_markup_template("section_title.tpl"),[ '$title' => L10n::t('Edit post') ]); diff --git a/mod/install.php b/mod/install.php index f3969a6f2..3adcb75aa 100644 --- a/mod/install.php +++ b/mod/install.php @@ -222,6 +222,7 @@ function install_content(App $a) { $dbdata = notags(trim($_POST['dbdata'])); $phpath = notags(trim($_POST['phpath'])); + $adminmail = notags(trim($_POST['adminmail'])); $tpl = get_markup_template('install_db.tpl'); $o .= replace_macros($tpl, [ diff --git a/mod/localtime.php b/mod/localtime.php index b10f1571a..9a754ac80 100644 --- a/mod/localtime.php +++ b/mod/localtime.php @@ -30,7 +30,7 @@ function localtime_content(App $a) $t = 'now'; } - $o .= '

' . L10n::t('Time Conversion') . '

'; + $o = '

' . L10n::t('Time Conversion') . '

'; $o .= '

' . L10n::t('Friendica provides this service for sharing events with other networks and friends in unknown timezones.') . '

'; diff --git a/mod/lostpass.php b/mod/lostpass.php index 73167e6fe..56ad7e30e 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -125,6 +125,7 @@ function lostpass_form() function lostpass_generate_password($user) { $o = ''; + $a = get_app(); $new_password = User::generateNewPassword(); $result = User::updatePassword($user['uid'], $new_password); diff --git a/mod/message.php b/mod/message.php index f1e3b7645..8940ee44b 100644 --- a/mod/message.php +++ b/mod/message.php @@ -250,7 +250,6 @@ function message_content(App $a) '$to' => L10n::t('To:'), '$showinputs' => 'true', '$prefill' => $prefill, - '$autocomp' => $autocomp, '$preid' => $preid, '$subject' => L10n::t('Subject:'), '$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '', diff --git a/mod/network.php b/mod/network.php index 834eedf49..3013e9498 100644 --- a/mod/network.php +++ b/mod/network.php @@ -444,7 +444,7 @@ function networkFlatView(App $a, $update = 0) } if (strlen($file)) { - $sql_post_table .= sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ", + $sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ", dbesc(protect_sprintf($file)), intval(TERM_OBJ_POST), intval(TERM_FILE), intval(local_user())); } else { $sql_post_table = " INNER JOIN `thread` ON `thread`.`iid` = `item`.`parent`"; diff --git a/mod/notify.php b/mod/notify.php index 0ab2b0d41..dff7d147f 100644 --- a/mod/notify.php +++ b/mod/notify.php @@ -77,7 +77,7 @@ function notify_content(App $a) $notif_content .= L10n::t('No more system notifications.'); } - $o .= replace_macros($notif_tpl, [ + $o = replace_macros($notif_tpl, [ '$notif_header' => L10n::t('System Notifications'), '$tabs' => false, // $tabs, '$notif_content' => $notif_content, diff --git a/mod/photos.php b/mod/photos.php index 9515d1795..4b031e5b5 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -865,7 +865,7 @@ function photos_post(App $a) // Create item container $lat = $lon = null; - if ($exif && $exif['GPS'] && Feature::isEnabled($channel_id, 'photo_location')) { + if ($exif && $exif['GPS'] && Feature::isEnabled($page_owner_uid, 'photo_location')) { $lat = Photo::getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']); $lon = Photo::getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']); } diff --git a/mod/ping.php b/mod/ping.php index 1bb8f147f..62ab2644c 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -571,8 +571,8 @@ function ping_format_xml_data($data, $sysnotify, $notifs, $sysmsgs, $sysmsgs_inf $forums = []; if (count($forums_unseen)) { foreach ($forums_unseen as $key => $item) { - $forums[$count . ':forum'] = $item['count']; - $forums[$count . ':@attributes'] = ['id' => $item['id']]; + $forums[$key . ':forum'] = $item['count']; + $forums[$key . ':@attributes'] = ['id' => $item['id']]; } $data['forums'] = $forums; } diff --git a/mod/probe.php b/mod/probe.php index b4f6ff3a4..5e7a5253f 100644 --- a/mod/probe.php +++ b/mod/probe.php @@ -15,7 +15,7 @@ function probe_content(App $a) killme(); } - $o .= '

Probe Diagnostic

'; + $o = '

Probe Diagnostic

'; $o .= '
'; $o .= 'Lookup address: '; diff --git a/mod/profile_photo.php b/mod/profile_photo.php index 370e19ce5..5556553cf 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -257,7 +257,7 @@ function profile_photo_content(App $a) { $tpl = get_markup_template('profile_photo.tpl'); - $o .= replace_macros($tpl,[ + $o = replace_macros($tpl,[ '$user' => $a->user['nickname'], '$lbl_upfile' => L10n::t('Upload File:'), '$lbl_profiles' => L10n::t('Select a profile:'), @@ -272,9 +272,8 @@ function profile_photo_content(App $a) { } else { $filename = $a->config['imagecrop'] . '-' . $a->config['imagecrop_resolution'] . '.'.$a->config['imagecrop_ext']; - $resolution = $a->config['imagecrop_resolution']; $tpl = get_markup_template("cropbody.tpl"); - $o .= replace_macros($tpl,[ + $o = replace_macros($tpl,[ '$filename' => $filename, '$profile' => intval($_REQUEST['profile']), '$resource' => $a->config['imagecrop'] . '-' . $a->config['imagecrop_resolution'], @@ -313,6 +312,7 @@ function profile_photo_crop_ui_head(App $a, Image $Image) { $smallest = 0; + $filename = ''; $r = Photo::store($Image, local_user(), 0, $hash, $filename, L10n::t('Profile Photos'), 0); diff --git a/mod/profperm.php b/mod/profperm.php index 3486a1df5..0f864d42f 100644 --- a/mod/profperm.php +++ b/mod/profperm.php @@ -35,6 +35,8 @@ function profperm_content(App $a) { return; } + $o = ''; + // Switch to text mod interface if we have more than 'n' contacts or group members $switchtotext = PConfig::get(local_user(),'system','groupedit_image_limit'); @@ -165,4 +167,3 @@ function profperm_content(App $a) { return $o; } - diff --git a/mod/register.php b/mod/register.php index bf87c9259..4a59277b4 100644 --- a/mod/register.php +++ b/mod/register.php @@ -58,6 +58,7 @@ function register_post(App $a) break; } + $netpublish = (((x($_POST, 'profile_publish_reg')) &intval($_POST['profile_publish_reg']) = 1) ? 1 : 0); $arr = $_POST; diff --git a/mod/regmod.php b/mod/regmod.php index 89e348d50..aa64986d0 100644 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -55,7 +55,7 @@ function user_allow($hash) L10n::pushLang($register[0]['language']); - User::sendRegisterOpenEmail( + $res = User::sendRegisterOpenEmail( $user[0]['email'], $a->config['sitename'], System::baseUrl(), @@ -100,7 +100,7 @@ function regmod_content(App $a) if (!local_user()) { info(L10n::t('Please login.') . EOL); - $o .= '

' . Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1); + $o = '

' . Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1); return $o; } diff --git a/mod/removeme.php b/mod/removeme.php index 27d501d66..0363bf9f3 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -49,7 +49,7 @@ function removeme_content(App $a) $_SESSION['remove_account_verify'] = $hash; $tpl = get_markup_template('removeme.tpl'); - $o .= replace_macros($tpl, [ + $o = replace_macros($tpl, [ '$basedir' => System::baseUrl(), '$hash' => $hash, '$title' => L10n::t('Remove My Account'), diff --git a/mod/search.php b/mod/search.php index f1f10addb..afe94121d 100644 --- a/mod/search.php +++ b/mod/search.php @@ -19,6 +19,7 @@ require_once 'mod/dirfind.php'; function search_saved_searches() { $o = ''; + $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); if (! Feature::isEnabled(local_user(),'savedsearch')) return $o; @@ -150,7 +151,7 @@ function search_content(App $a) { } // contruct a wrapper for the search header - $o .= replace_macros(get_markup_template("content_wrapper.tpl"),[ + $o = replace_macros(get_markup_template("content_wrapper.tpl"),[ 'name' => "search-header", '$title' => L10n::t("Search"), '$title_size' => 3, diff --git a/mod/tagger.php b/mod/tagger.php index 6016d443b..0ee8d88b6 100644 --- a/mod/tagger.php +++ b/mod/tagger.php @@ -72,7 +72,7 @@ function tagger_content(App $a) { $targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE ); $link = xmlify('' . "\n") ; + . System::baseUrl() . '/display/' . $r['nickname'] . '/' . $item['id'] . '" />' . "\n") ; $body = xmlify($item['body']); diff --git a/mod/viewcontacts.php b/mod/viewcontacts.php index b45980fec..20585676d 100644 --- a/mod/viewcontacts.php +++ b/mod/viewcontacts.php @@ -46,6 +46,8 @@ function viewcontacts_content(App $a) return; } + $is_owner = ((local_user() && ($a->profile['profile_uid'] == local_user())) ? true : false); + $o = ""; // tabs @@ -97,9 +99,6 @@ function viewcontacts_content(App $a) $url = $rr['url']; // route DFRN profiles through the redirect - - $is_owner = ((local_user() && ($a->profile['profile_uid'] == local_user())) ? true : false); - if ($is_owner && ($rr['network'] === NETWORK_DFRN) && ($rr['rel'])) { $url = 'redir/' . $rr['id']; } else { diff --git a/mod/viewsrc.php b/mod/viewsrc.php index 376e2ef68..d2f0d01a0 100644 --- a/mod/viewsrc.php +++ b/mod/viewsrc.php @@ -13,6 +13,7 @@ function viewsrc_content(App $a) { return; } + $o = ''; $item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0); if(! $item_id) { diff --git a/mod/wallmessage.php b/mod/wallmessage.php index 250b7d70d..75aca1f68 100644 --- a/mod/wallmessage.php +++ b/mod/wallmessage.php @@ -128,7 +128,7 @@ function wallmessage_content(App $a) { ]); $tpl = get_markup_template('wallmessage.tpl'); - $o .= replace_macros($tpl, [ + $o = replace_macros($tpl, [ '$header' => L10n::t('Send Private Message'), '$subheader' => L10n::t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.', $user['username']), '$to' => L10n::t('To:'), @@ -139,7 +139,6 @@ function wallmessage_content(App $a) { '$text' => ((x($_REQUEST, 'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''), '$readonly' => '', '$yourmessage' => L10n::t('Your message:'), - '$select' => $select, '$parent' => '', '$upload' => L10n::t('Upload photo'), '$insert' => L10n::t('Insert web link'), diff --git a/mod/webfinger.php b/mod/webfinger.php index c88679352..6f49a8f28 100644 --- a/mod/webfinger.php +++ b/mod/webfinger.php @@ -20,7 +20,7 @@ function webfinger_content(App $a) killme(); } - $o .= '

Webfinger Diagnostic

'; + $o = '

Webfinger Diagnostic

'; $o .= ''; $o .= 'Lookup address: '; From 049a4f5f867c45e768f6cef09c551d867d85210c Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Mon, 12 Feb 2018 04:10:11 +0100 Subject: [PATCH 2/8] some polishing --- mod/register.php | 2 +- mod/viewcontacts.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/register.php b/mod/register.php index 4a59277b4..40aa7c1bc 100644 --- a/mod/register.php +++ b/mod/register.php @@ -58,7 +58,7 @@ function register_post(App $a) break; } - $netpublish = (((x($_POST, 'profile_publish_reg')) &intval($_POST['profile_publish_reg']) = 1) ? 1 : 0); + $netpublish = !empty($_POST['profile_publish_reg']); $arr = $_POST; diff --git a/mod/viewcontacts.php b/mod/viewcontacts.php index 20585676d..7763dc8bf 100644 --- a/mod/viewcontacts.php +++ b/mod/viewcontacts.php @@ -46,7 +46,7 @@ function viewcontacts_content(App $a) return; } - $is_owner = ((local_user() && ($a->profile['profile_uid'] == local_user())) ? true : false); + $is_owner = $a->profile['profile_uid'] == local_user(); $o = ""; From 02654c28f7f5f7969f07acfcc79ad482245b59c8 Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Mon, 12 Feb 2018 17:46:34 +0100 Subject: [PATCH 3/8] tagger_content(): use the $owner_nickname for constructing the link --- mod/tagger.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/tagger.php b/mod/tagger.php index 0ee8d88b6..4da4ecafb 100644 --- a/mod/tagger.php +++ b/mod/tagger.php @@ -72,7 +72,7 @@ function tagger_content(App $a) { $targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE ); $link = xmlify('' . "\n") ; + . System::baseUrl() . '/display/' . $owner_nick . '/' . $item['id'] . '" />' . "\n") ; $body = xmlify($item['body']); From 1a87fcb5b3bc28dc7b245218d6ea6e87b05eaf25 Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Mon, 12 Feb 2018 19:28:14 +0100 Subject: [PATCH 4/8] tagger_content(): handle case where $owner_nick is empty --- mod/tagger.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/mod/tagger.php b/mod/tagger.php index 4da4ecafb..c602613f1 100644 --- a/mod/tagger.php +++ b/mod/tagger.php @@ -44,6 +44,8 @@ function tagger_content(App $a) { $item = $r[0]; $owner_uid = $item['uid']; + $owner_nick = ''; + $blocktags = 0; $r = q("select `nickname`,`blocktags` from user where uid = %d limit 1", intval($owner_uid) @@ -71,8 +73,13 @@ function tagger_content(App $a) { $post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status')); $targettype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE ); - $link = xmlify('' . "\n") ; + if ($owner_nick) { + $href = System::baseUrl() . '/display/' . $owner_nick . '/' . $item['id']; + } else { + $href = System::baseUrl() . '/display/' . $item['guid']; + } + + $link = xmlify('' . "\n") ; $body = xmlify($item['body']); From ea770ed778584340d442472059ebe4a4898dd9bf Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Mon, 12 Feb 2018 20:24:33 +0100 Subject: [PATCH 5/8] remove code in function follow_post() that was never executed. --- mod/follow.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/mod/follow.php b/mod/follow.php index a3270e30d..83263f403 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -41,11 +41,7 @@ function follow_post(App $a) { goaway(System::baseUrl().'/contacts/'.$result['cid']); } - info(L10n::t('Contact added').EOL); - - if (strstr($return_url, 'contacts')) { - goaway(System::baseUrl().'/contacts/'.$contact_id); - } + info(L10n::t('The contact could not be added.').EOL); goaway($return_url); // NOTREACHED From abe0d8355af7a7a72e85327036ae6dd1ad1ddebb Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Mon, 12 Feb 2018 20:27:10 +0100 Subject: [PATCH 6/8] remove code with undeclared variable in function poke_init( --- mod/poke.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/mod/poke.php b/mod/poke.php index 1e6c53e17..c12079173 100644 --- a/mod/poke.php +++ b/mod/poke.php @@ -138,11 +138,8 @@ function poke_init(App $a) { Worker::add(PRIORITY_HIGH, "Notifier", "tag", $item_id); } - Addon::callHooks('post_local_end', $arr); - Worker::add(PRIORITY_HIGH, "Notifier", "like", $post_id); - return; } From 2f8d78fd9f2039ebd8aa1acfa363c5cb06d37b7f Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Mon, 12 Feb 2018 22:26:25 +0100 Subject: [PATCH 7/8] the lockstate should be now correct in editpost_content() --- mod/editpost.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mod/editpost.php b/mod/editpost.php index f28e7a50b..86099e745 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -63,10 +63,11 @@ function editpost_content(App $a) { $tpl = get_markup_template("jot.tpl"); - if(($group) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) + if (strlen($itm['allow_cid']) || strlen($itm['allow_gid']) || strlen($itm['deny_cid']) || strlen($itm['deny_gid'])) { $lockstate = 'lock'; - else + } else { $lockstate = 'unlock'; + } $jotplugins = ''; $jotnets = ''; From fb81d266bd61ab33d251d2ae68afb57d13c4f31b Mon Sep 17 00:00:00 2001 From: rabuzarus Date: Tue, 13 Feb 2018 01:20:16 +0100 Subject: [PATCH 8/8] declare $bang variable in editpost_content() --- mod/editpost.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/editpost.php b/mod/editpost.php index 86099e745..3081b6729 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -143,7 +143,7 @@ function editpost_content(App $a) { '$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'), '$lockstate' => $lockstate, '$acl' => '', // populate_acl((($group) ? $group_acl : $a->user)), - '$bang' => (($group) ? '!' : ''), + '$bang' => ($lockstate === 'lock' ? '!' : ''), '$profile_uid' => $_SESSION['uid'], '$preview' => L10n::t('Preview'), '$jotplugins' => $jotplugins,