diff options
| author | friendica <info@friendica.com> | 2013-11-13 03:15:07 -0800 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2013-11-13 03:15:07 -0800 |
| commit | 251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b (patch) | |
| tree | aefad98d41e39f7a1687378ffcb1f5978eb57fa4 | |
| parent | a1b8f6e4ec4fb0b9a56857173bb2f390f4f42fdd (diff) | |
| download | volse-hubzilla-251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b.tar.gz volse-hubzilla-251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b.tar.bz2 volse-hubzilla-251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b.zip | |
fix photo permissions on encrypted posts
| -rw-r--r-- | mod/item.php | 10 | ||||
| -rw-r--r-- | version.inc | 2 | ||||
| -rwxr-xr-x | view/tpl/jot-header.tpl | 2 | ||||
| -rwxr-xr-x | view/tpl/jot.tpl | 1 |
4 files changed, 12 insertions, 3 deletions
diff --git a/mod/item.php b/mod/item.php index be24d242c..b564c7545 100644 --- a/mod/item.php +++ b/mod/item.php @@ -412,12 +412,18 @@ function item_post(&$a) { * now. So now we'll look for links of uploaded photos and attachments that are in the * post and set them to the same permissions as the post itself. * + * If the post was end-to-end encrypted we can't find images and attachments in the body, + * use our media_str input instead which only contains these elements - but only do this + * when encrypted content exists because the photo/attachment may have been removed from + * the post and we should keep it private. If it's encrypted we have no way of knowing + * so we'll set the permissions regardless and realise that the media may not be + * referenced in the post. */ if(! $preview) { - fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],$body,$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - fix_attached_file_permissions($channel,$observer['xchan_hash'],$body,$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); } diff --git a/version.inc b/version.inc index c8184c2cf..9bfc4c094 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2013-11-12.495 +2013-11-13.496 diff --git a/view/tpl/jot-header.tpl b/view/tpl/jot-header.tpl index 97c638fd4..1ceca04c6 100755 --- a/view/tpl/jot-header.tpl +++ b/view/tpl/jot-header.tpl @@ -120,6 +120,7 @@ function enableOnUser(){ onSubmit: function(file,ext) { $('#profile-rotator').spin('tiny'); }, onComplete: function(file,response) { addeditortext(response); + $('#jot-media').val($('#jot-media').val() + response); $('#profile-rotator').spin(false); } } @@ -131,6 +132,7 @@ function enableOnUser(){ onSubmit: function(file,ext) { $('#profile-rotator').spin('tiny'); }, onComplete: function(file,response) { addeditortext(response); + $('#jot-media').val($('#jot-media').val() + response); $('#profile-rotator').spin(false); } } diff --git a/view/tpl/jot.tpl b/view/tpl/jot.tpl index 924f7d9bc..cf65b976e 100755 --- a/view/tpl/jot.tpl +++ b/view/tpl/jot.tpl @@ -6,6 +6,7 @@ <input type="hidden" name="return" value="{{$return_path}}" /> <input type="hidden" name="location" id="jot-location" value="{{$defloc}}" /> <input type="hidden" name="expire" id="jot-expire" value="{{$defexpire}}" /> + <input type="hidden" name="media_str" id="jot-media" value="" /> <input type="hidden" name="coord" id="jot-coord" value="" /> <input type="hidden" name="post_id" value="{{$post_id}}" /> <input type="hidden" name="webpage" value="{{$webpage}}" /> |