aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-01-30 17:27:32 -0800
committerfriendica <info@friendica.com>2013-01-30 17:27:32 -0800
commit3767bba3c3669b6e882139abfaa3553db61d1474 (patch)
tree5d2b662c62b42027d64292b6229edecdb2dd782b
parente270bd3874bb4526138cc06cd26e2a1153778894 (diff)
downloadvolse-hubzilla-3767bba3c3669b6e882139abfaa3553db61d1474.tar.gz
volse-hubzilla-3767bba3c3669b6e882139abfaa3553db61d1474.tar.bz2
volse-hubzilla-3767bba3c3669b6e882139abfaa3553db61d1474.zip
beginning of backend file/attachment api
-rw-r--r--boot.php10
-rw-r--r--include/attach.php68
-rw-r--r--install/database.sql7
-rw-r--r--install/update.php8
-rw-r--r--mod/wall_attach.php4
-rw-r--r--version.inc2
6 files changed, 92 insertions, 7 deletions
diff --git a/boot.php b/boot.php
index e2760fefb..266347700 100644
--- a/boot.php
+++ b/boot.php
@@ -16,7 +16,7 @@ require_once('include/features.php');
define ( 'FRIENDICA_PLATFORM', 'Friendica Red');
define ( 'FRIENDICA_VERSION', trim(file_get_contents('version.inc')) . 'R');
define ( 'ZOT_REVISION', 1 );
-define ( 'DB_UPDATE_VERSION', 1022 );
+define ( 'DB_UPDATE_VERSION', 1023 );
define ( 'EOL', '<br />' . "\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
@@ -2032,6 +2032,14 @@ function dba_timer() {
return microtime(true);
}
+function get_observer_hash() {
+ $observer = get_app()->get_observer();
+ if(is_array($observer))
+ return $observer['xchan_hash'];
+ return '';
+}
+
+
/**
* Returns the complete URL of the current page, e.g.: http(s)://something.com/network
*
diff --git a/include/attach.php b/include/attach.php
index 6d611cec0..61514bb51 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -81,3 +81,71 @@ function z_mime_content_type($filename) {
}
}
+
+
+function attach_count_files($channel_id, $observer, $hash = '', $filename = '', $filetype = '') {
+
+ $ret = array('success' => false);
+
+ if(! perm_is_allowed($channel_id,$observer, 'read_storage')) {
+ $ret['message'] = t('Permission denied.');
+ return $ret;
+ }
+
+ require_once('include/security.php');
+ $sql_extra = permissions_sql($channel_id);
+
+ if($hash)
+ $sql_extra .= protect_sprintf(" and hash = '" . dbesc($hash) . "' ");
+
+ if($filename)
+ $sql_extra .= protect_sprintf(" and filename like '@" . dbesc($filename) . "@' ");
+
+ if($filetype)
+ $sql_extra .= protect_sprintf(" and filetype like '@" . dbesc($filetype) . "@' ");
+
+ $r = q("select id from attach where channel_id = %d $sql_extra",
+ intval($channel_id)
+ );
+
+ $ret['success'] = ((is_array($r)) ? true : false);
+ $ret['results'] = ((is_array($r)) ? count($r) : false);
+ return $ret;
+
+}
+
+function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $filetype = '', $orderby = 'created desc', $start = 0, $entries = 0) {
+
+ $ret = array('success' => false);
+
+ if(! perm_is_allowed($channel_id,$observer, 'read_storage')) {
+ $ret['message'] = t('Permission denied.');
+ return $ret;
+ }
+
+ require_once('include/security.php');
+ $sql_extra = permissions_sql($channel_id);
+
+ if($hash)
+ $sql_extra .= protect_sprintf(" and hash = '" . dbesc($hash) . "' ");
+
+ if($filename)
+ $sql_extra .= protect_sprintf(" and filename like '@" . dbesc($filename) . "@' ");
+
+ if($filetype)
+ $sql_extra .= protect_sprintf(" and filetype like '@" . dbesc($filetype) . "@' ");
+
+ if($entries)
+ $limit = " limit " . intval($start) . ", " . intval(entries) . " ";
+
+ // Retrieve all columns except 'data'
+
+ $r = q("select id, aid, uid, hash, filename, filetype, filesize, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where channel_id = %d $sql_extra $orderby $limit",
+ intval($channel_id)
+ );
+
+ $ret['success'] = ((is_array($r)) ? true : false);
+ $ret['results'] = ((is_array($r)) ? $r : false);
+ return $ret;
+
+}
diff --git a/install/database.sql b/install/database.sql
index aee87c119..ba063bfa4 100644
--- a/install/database.sql
+++ b/install/database.sql
@@ -94,7 +94,12 @@ CREATE TABLE IF NOT EXISTS `attach` (
PRIMARY KEY (`id`),
KEY `aid` (`aid`),
KEY `uid` (`uid`),
- KEY `hash` (`hash`)
+ KEY `hash` (`hash`),
+ KEY `filename` (`filename`),
+ KEY `filetype` (`filetype`),
+ KEY `filesize` (`filesize`),
+ KEY `created` (`created`),
+ KEY `edited` (`edited`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `auth_codes` (
diff --git a/install/update.php b/install/update.php
index 41c6a7565..b0eed4818 100644
--- a/install/update.php
+++ b/install/update.php
@@ -1,6 +1,6 @@
<?php
-define( 'UPDATE_VERSION' , 1022 );
+define( 'UPDATE_VERSION' , 1023 );
/**
*
@@ -303,3 +303,9 @@ function update_r1021() {
return UPDATE_FAILED;
}
+function update_r1022() {
+ $r = q("alter table attach add index ( filename ), add index ( filetype ), add index ( filesize ), add index ( created ), add index ( edited ) ");
+ if($r)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+}
diff --git a/mod/wall_attach.php b/mod/wall_attach.php
index 865605313..8b8a6ddaa 100644
--- a/mod/wall_attach.php
+++ b/mod/wall_attach.php
@@ -29,9 +29,7 @@ function wall_attach_post(&$a) {
$page_owner_uid = $channel['channel_id'];
- $observer = $a->get_observer();
-
- if(! perm_is_allowed($page_owner_uid,$observer['xchan_hash'],'write_storage')) {
+ if(! perm_is_allowed($page_owner_uid,get_observer_hash(),'write_storage')) {
notice( t('Permission denied.') . EOL);
killme();
}
diff --git a/version.inc b/version.inc
index 127eebfe8..d9f88242f 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2013-01-29.215
+2013-01-30.216