Merge branch 'master' of https://github.com/friendica/red

3 files changed, 53 insertions, 111 deletions

diff --git a/include/api.php b/include/api.php
index e854012e5..dc270167b 100644
--- a/include/api.php
+++ b/include/api.php
@@ -7,6 +7,7 @@ require_once("oauth.php");
 require_once("html2plain.php");
 require_once('include/security.php');
 require_once('include/photos.php');
+require_once('include/items.php');
 
 	/*
 	 *
@@ -1242,27 +1243,43 @@ require_once('include/photos.php');
 
 		$sql_extra = '';
 		if ($user_info['self']==1) $sql_extra .= " AND `item`.`wall` = 1 ";
+
+//FIXME - this isn't yet implemented
 		if ($exclude_replies > 0)  $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
 
-		$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
-			`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
-			`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn_id`, `contact`.`self`,
-			`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
-			FROM `item`, `contact`
-			WHERE `item`.`uid` = %d
-			AND `item`.`contact-id` = %d
-			AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
-			AND `contact`.`id` = `item`.`contact-id`
-			AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
-			$sql_extra
-			AND `item`.`id`>%d
-			ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
-			intval(api_user()),
-			intval($user_info['id']),
-			intval($since_id),
-			intval($start),	intval($count)
-		);
+// 	$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
+// 			`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+// 			`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn_id`, `contact`.`self`,
+// 			`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
+// 			FROM `item`, `contact`
+// 			WHERE `item`.`uid` = %d
+// 			AND `item`.`contact-id` = %d
+// 			AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
+// 			AND `contact`.`id` = `item`.`contact-id`
+// 			AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+// 			$sql_extra
+// 			AND `item`.`id`>%d
+// 			ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
+// 			intval(api_user()),
+// 			intval($user_info['id']),
+// 			intval($since_id),
+// 			intval($start),	intval($count)
+// 		);
+
+		$arr = array(
+          'uid' => api_user(),
+          'since_id' => $since_id,
+          'start' => $start,
+          'records' => $count);
+	
+		if ($user_info['self']==1)
+			$arr['wall'] = 1;
+		else
+			$arr['cid'] = $user_info['id'];
+
 
+		$r = items_fetch($arr,get_app()->get_channel(),get_observer_hash());
+        
 		$ret = api_format_items($r,$user_info);
 
 
diff --git a/include/items.php b/include/items.php
index 12823c6f9..2fe923303 100755
--- a/include/items.php
+++ b/include/items.php
@@ -3719,21 +3719,26 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
 	$def_acl = '';
 
 	$item_uids = ' true ';
-
+	
+	if ($arr['uid']) $uid= $arr['uid'];
+	
 	if($channel) {
 		$uid = $channel['channel_id'];
 		$uidhash = $channel['channel_hash'];
 		$item_uids = " item.uid = " . intval($uid) . " ";
 	}
-	
+
 	if($arr['star'])
 		$sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ") ";
 
 	if($arr['wall'])
 		$sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ") ";
-
+									
 	$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) ";
-
+	
+	if($arr['since_id'])
+   		$sql_extra .= " and item.id > " . $since_id . " ";
+   		
     if($arr['gid'] && $uid) {
         $r = q("SELECT * FROM `groups` WHERE id = %d AND uid = %d LIMIT 1",
             intval($arr['group']),
@@ -3813,6 +3818,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
         );
     }
 
+
     if(($client_mode & CLIENT_MODE_UPDATE) && (! ($client_mode & CLIENT_MODE_LOAD))) {
 
         // only setup pagination on initial page view
@@ -3825,6 +3831,8 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
         $pager_sql = sprintf(" LIMIT %d, %d ",intval(get_app()->pager['start']), intval(get_app()->pager['itemspage']));
     }
 
+	if(isset($arr['start']) && isset($arr['records']))
+        $pager_sql = sprintf(" LIMIT %d, %d ",intval($arr['start']), intval($arr['records']));
 
     if(($arr['cmin'] != 0) || ($arr['cmax'] != 99)) {
 
@@ -3859,7 +3867,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
 		$item_restrict = " AND item_restrict = 0 ";
 
 
-    if($arr['nouveau'] && ($client_mode & CLIENT_MODELOAD) && $channel) {
+    if($arr['nouveau'] && ($client_mode & CLIENT_MODE_LOAD) && $channel) {
         // "New Item View" - show all items unthreaded in reverse created date order
 
         $items = q("SELECT item.*, item.id AS item_id FROM item
@@ -3884,7 +3892,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
         else
 			$ordering = "commented";
 
-        if(($client_mode & CLIENT_MODE_LOAD) || ($client_mode & CLIENT_MODE_NORMAL)) {
+        if(($client_mode & CLIENT_MODE_LOAD) || ($client_mode == CLIENT_MODE_NORMAL)) {
 
             // Fetch a page full of parent items for this page
 
@@ -3897,7 +3905,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
                 ORDER BY item.$ordering DESC $pager_sql ",
                 intval(ABOOK_FLAG_BLOCKED)
             );
-
+            
         }
         else {
             // update
diff --git a/include/security.php b/include/security.php
index 9943cf88d..4a15e52af 100644
--- a/include/security.php
+++ b/include/security.php
@@ -31,90 +31,6 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 		}
 
 	}
-	else {
-		$_SESSION['uid'] = $user_record['uid'];
-		$_SESSION['theme'] = $user_record['theme'];
-		$_SESSION['mobile_theme'] = get_pconfig($user_record['uid'], 'system', 'mobile_theme');
-		$_SESSION['authenticated'] = 1;
-		$_SESSION['page_flags'] = $user_record['page-flags'];
-		$_SESSION['my_url'] = $a->get_baseurl() . '/channel/' . $user_record['nickname'];
-		$_SESSION['my_address'] = $user_record['nickname'] . '@' . substr($a->get_baseurl(),strpos($a->get_baseurl(),'://')+3);
-
-		$a->user = $user_record;
-
-		if($interactive) {
-			if($a->user['login_date'] === '0000-00-00 00:00:00') {
-				$_SESSION['return_url'] = 'profile_photo/new';
-				$a->module = 'profile_photo';
-				info( t("Welcome ") . $a->user['username'] . EOL);
-				info( t('Please upload a profile photo.') . EOL);
-			}
-			else
-				info( t("Welcome back ") . $a->user['username'] . EOL);
-		}
-
-		$member_since = strtotime($a->user['register_date']);
-		if(time() < ($member_since + ( 60 * 60 * 24 * 14)))
-			$_SESSION['new_member'] = true;
-		else
-			$_SESSION['new_member'] = false;
-		if(strlen($a->user['timezone'])) {
-			date_default_timezone_set($a->user['timezone']);
-			$a->timezone = $a->user['timezone'];
-		}
-
-		$master_record = $a->user;	
-
-		if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
-			$r = q("select * from user where uid = %d limit 1",
-				intval($_SESSION['submanage'])
-			);
-			if(count($r))
-				$master_record = $r[0];
-		}
-
-		$r = q("SELECT `uid`,`username`,`nickname` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
-			dbesc($master_record['password']),
-			dbesc($master_record['email'])
-		);
-		if($r && count($r))
-			$a->identities = $r;
-		else
-			$a->identities = array();
-
-		$r = q("select `user`.`uid`, `user`.`username`, `user`.`nickname` 
-			from manage left join user on manage.mid = user.uid 
-			where `manage`.`uid` = %d",
-			intval($master_record['uid'])
-		);
-		if($r && count($r))
-			$a->identities = array_merge($a->identities,$r);
-
-		if($login_initial)
-			logger('auth_identities: ' . print_r($a->identities,true), LOGGER_DEBUG);
-
-		$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-			intval($_SESSION['uid']));
-		if(count($r)) {
-			$a->contact = $r[0];
-			$a->cid = $r[0]['id'];
-			$_SESSION['cid'] = $a->cid;
-		}
-
-		header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
-
-		if($login_initial) {
-			$l = get_browser_language();
-
-			q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1",
-				dbesc(datetime_convert()),
-				dbesc($l),
-				intval($_SESSION['uid'])
-			);
-
-
-		}
-	}
 
 	if($login_initial)
 		call_hooks('logged_in', $user_record);
@@ -144,7 +60,8 @@ function change_channel($change_channel) {
 			intval(get_account_id()),
 			intval(PAGE_REMOVED)
 		);
-		if($r) {
+
+	if($r) {
 			$hash = $r[0]['channel_hash'];
 			$_SESSION['uid'] = intval($r[0]['channel_id']);
 			get_app()->set_channel($r[0]);
@@ -158,7 +75,7 @@ function change_channel($change_channel) {
 		);
 		if($x) {
 			$_SESSION['my_url'] = $x[0]['xchan_url'];
-			$_SESSION['my_address'] = $x[0]['xchan_addr'];
+			$_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(),strpos(get_app()->get_baseurl(),'://')+3);
 
 			get_app()->set_observer($x[0]);
 			get_app()->set_perms(get_all_perms(local_user(),$hash));