more work on objs/things

1 files changed, 26 insertions, 30 deletions

diff --git a/mod/thing.php b/mod/thing.php
index f673b8c43..ed0f97efa 100644
--- a/mod/thing.php
+++ b/mod/thing.php
@@ -61,10 +61,24 @@ function thing_init(&$a) {
 	 * Future work on this module might produce more complex activities with targets, e.g. Phillip likes Karen's moustache
 	 * and to describe other non-thing objects like channels, such as Karl wants Susan - where Susan represents a channel profile.
 	 */
+
+	/** @FIXME add and fix ACL support to the input forms */
+
  
 	if((! $name) || (! $translated_verb))
 		return;
 
+	$acl = new AccessList($channel);
+
+	if(array_key_exists('contact_allow',$_REQUEST)
+		|| array_key_exists('group_allow',$_REQUEST)
+		|| array_key_exists('contact_deny',$_REQUEST)
+		|| array_key_exists('group_deny',$_REQUEST)) {
+		$acl->set_from_array($_REQUEST);
+	}
+
+	$x = $acl->get();
+ 
 	if($term_hash) {
 		$t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1",
 			dbesc($term_hash),
@@ -81,13 +95,17 @@ function thing_init(&$a) {
 			$local_photo_type = $arr[3];
 		}
 		else
-			$local_photo = $orig_record['imgurl'];
+			$local_photo = $orig_record['obj_imgurl'];
 
-		$r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s' where obj_obj = '%s' and uid = %d",
+		$r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ",
 			dbesc($name),
 			dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash),
 			dbesc($local_photo),
 			dbesc(datetime_convert()),
+			dbesc($x['allow_cid']),
+			dbesc($x['allow_gid']),
+			dbesc($x['deny_cid']),
+			dbesc($x['deny_gid']),
 			dbesc($term_hash),
 			intval(local_channel())
 		);
@@ -114,36 +132,10 @@ function thing_init(&$a) {
 		$local_photo_type = $arr[3];
 	}
 
-	$r = q("select * from obj where obj_channel = %d and obj_type = %d and obj_term = '%s' limit 1",
-		intval(local_channel()),
-		intval(TERM_OBJ_THING),
-		dbesc($name)
-	);
-	if(! $r) {
-		$r = q("insert into term ( aid, uid, oid, otype, type, term, url, imgurl, term_hash )
-			values( %d, %d, %d, %d, %d, '%s', '%s', '%s', '%s' ) ",
-			intval($account_id),
-			intval(local_channel()),
-			0,
-			intval(TERM_OBJ_THING),
-			intval(TERM_THING),
-			dbesc($name),
-			dbesc(($url) ? $url : z_root() . '/thing/' . $hash),
-			dbesc(($photo) ? $local_photo : ''),
-			dbesc($hash)
-		);
-		$r = q("select * from term where uid = %d and otype = %d and type = %d and term = '%s' limit 1",
-			intval(local_channel()),
-			intval(TERM_OBJ_THING),
-			intval(TERM_THING),
-			dbesc($name)
-		);
-	}
-
 	$created = datetime_convert();
 	$url = (($url) ? $url : z_root() . '/thing/' . $hash);
 
-	$r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s') ",
+	$r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ",
 		dbesc($profile['profile_guid']),
 		dbesc($verb),
 		intval(TERM_OBJ_THING),
@@ -153,7 +145,11 @@ function thing_init(&$a) {
 		dbesc($url),
 		dbesc(($photo) ? $local_photo : ''),
 		dbesc($created),
-		dbesc($created)
+		dbesc($created),
+		dbesc($x['allow_cid']),
+		dbesc($x['allow_gid']),
+		dbesc($x['deny_cid']),
+		dbesc($x['deny_gid'])
 	);
 
 	if(! $r) {