diff options
author | redmatrix <git@macgirvin.com> | 2016-08-15 13:18:25 -0700 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-08-15 13:18:25 -0700 |
commit | 4facae674d0f0047339860cb7011d8a13b3e601d (patch) | |
tree | ab0745de308b0d81f24a1366d7d95ac99f494fbd | |
parent | 39005634c6f5d4d3e613761e4fafb3997cc65a00 (diff) | |
download | volse-hubzilla-4facae674d0f0047339860cb7011d8a13b3e601d.tar.gz volse-hubzilla-4facae674d0f0047339860cb7011d8a13b3e601d.tar.bz2 volse-hubzilla-4facae674d0f0047339860cb7011d8a13b3e601d.zip |
fix attached photo/file permissions on clones
-rw-r--r-- | Zotlabs/Module/Item.php | 136 | ||||
-rw-r--r-- | include/import.php | 4 | ||||
-rwxr-xr-x | include/items.php | 134 |
3 files changed, 140 insertions, 134 deletions
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 8d6d75426..97b1e883d 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -626,9 +626,9 @@ class Item extends \Zotlabs\Web\Controller { */ if(! $preview) { - $this->fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); - $this->fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); + fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny); } @@ -1090,138 +1090,6 @@ class Item extends \Zotlabs\Web\Controller { } - function fix_attached_photo_permissions($uid,$xchan_hash,$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { - - if(get_pconfig($uid,'system','force_public_uploads')) { - $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; - } - - $match = null; - // match img and zmg image links - if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { - $images = $match[2]; - if($images) { - foreach($images as $image) { - if(! stristr($image,z_root() . '/photo/')) - continue; - $image_uri = substr($image,strrpos($image,'/') + 1); - if(strpos($image_uri,'-') !== false) - $image_uri = substr($image_uri,0, strpos($image_uri,'-')); - if(strpos($image_uri,'.') !== false) - $image_uri = substr($image_uri,0, strpos($image_uri,'.')); - if(! strlen($image_uri)) - continue; - $srch = '<' . $xchan_hash . '>'; - - $r = q("select folder from attach where hash = '%s' and uid = %d limit 1", - dbesc($image_uri), - intval($uid) - ); - if($r && $r[0]['folder']) { - $f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1", - dbesc($r[0]['folder']), - intval($uid) - ); - if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) { - $str_contact_allow = $f[0]['allow_cid']; - $str_group_allow = $f[0]['allow_gid']; - $str_contact_deny = $f[0]['deny_cid']; - $str_group_deny = $f[0]['deny_gid']; - } - } - - $r = q("SELECT id FROM photo - WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' - AND resource_id = '%s' AND uid = %d LIMIT 1", - dbesc($srch), - dbesc($image_uri), - intval($uid) - ); - - if($r) { - $r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' - WHERE resource_id = '%s' AND uid = %d ", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - dbesc($image_uri), - intval($uid) - ); - - // also update the linked item (which is probably invisible) - - $r = q("select id from item - WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' - AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1", - dbesc($srch), - dbesc($image_uri), - intval($uid) - ); - if($r) { - $private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); - - $r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d - WHERE id = %d AND uid = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($private), - intval($r[0]['id']), - intval($uid) - ); - } - $r = q("select id from attach where hash = '%s' and uid = %d limit 1", - dbesc($image_uri), - intval($uid) - ); - if($r) { - q("update attach SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' - WHERE id = %d AND uid = %d", - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny), - intval($r[0]['id']), - intval($uid) - ); - } - } - } - } - } - } - - - function fix_attached_file_permissions($channel,$observer_hash,$body, - $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { - - if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) { - $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; - } - - $match = false; - - if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) { - $attaches = $match[1]; - if($attaches) { - foreach($attaches as $attach) { - $hash = substr($attach,0,strpos($attach,',')); - $rev = intval(substr($attach,strpos($attach,','))); - attach_store($channel,$observer_hash,$options = 'update', array( - 'hash' => $hash, - 'revision' => $rev, - 'allow_cid' => $str_contact_allow, - 'allow_gid' => $str_group_allow, - 'deny_cid' => $str_contact_deny, - 'deny_gid' => $str_group_deny - )); - } - } - } - } function item_check_service_class($channel_id,$iswebpage) { $ret = array('success' => false, 'message' => ''); diff --git a/include/import.php b/include/import.php index 5bbed828f..84881a420 100644 --- a/include/import.php +++ b/include/import.php @@ -629,6 +629,10 @@ function import_items($channel,$items,$sync = false,$relocate = null) { $item_result = item_store($item,$allow_code,$deliver); } + fix_attached_photo_permissions($channel['channel_id'],$item['author_xchan'],$item['body'],$item['allow_cid'],$item['allow_gid'],$item['deny_cid'],$item['deny_gid']); + + fix_attached_file_permissions($channel,$item['author_xchan'],$item['body'],$item['allow_cid'],$item['allow_gid'],$item['deny_cid'],$item['deny_gid']); + if($sync && $item['item_wall']) { // deliver singletons if we have any if($item_result && $item_result['success']) { diff --git a/include/items.php b/include/items.php index 5bd0b0968..0373dcb0d 100755 --- a/include/items.php +++ b/include/items.php @@ -4327,3 +4327,137 @@ function sync_an_item($channel_id,$item_id) { build_sync_packet($channel_d,array('item' => array(encode_item($sync_item[0],true)),'item_id' => $rid)); } } + + +function fix_attached_photo_permissions($uid,$xchan_hash,$body, + $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { + + if(get_pconfig($uid,'system','force_public_uploads')) { + $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; + } + + $match = null; + // match img and zmg image links + if(preg_match_all("/\[[zi]mg(.*?)\](.*?)\[\/[zi]mg\]/",$body,$match)) { + $images = $match[2]; + if($images) { + foreach($images as $image) { + if(! stristr($image,z_root() . '/photo/')) + continue; + $image_uri = substr($image,strrpos($image,'/') + 1); + if(strpos($image_uri,'-') !== false) + $image_uri = substr($image_uri,0, strpos($image_uri,'-')); + if(strpos($image_uri,'.') !== false) + $image_uri = substr($image_uri,0, strpos($image_uri,'.')); + if(! strlen($image_uri)) + continue; + $srch = '<' . $xchan_hash . '>'; + + $r = q("select folder from attach where hash = '%s' and uid = %d limit 1", + dbesc($image_uri), + intval($uid) + ); + if($r && $r[0]['folder']) { + $f = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1", + dbesc($r[0]['folder']), + intval($uid) + ); + if(($f) && (($f[0]['allow_cid']) || ($f[0]['allow_gid']) || ($f[0]['deny_cid']) || ($f[0]['deny_gid']))) { + $str_contact_allow = $f[0]['allow_cid']; + $str_group_allow = $f[0]['allow_gid']; + $str_contact_deny = $f[0]['deny_cid']; + $str_group_deny = $f[0]['deny_gid']; + } + } + + $r = q("SELECT id FROM photo + WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' + AND resource_id = '%s' AND uid = %d LIMIT 1", + dbesc($srch), + dbesc($image_uri), + intval($uid) + ); + + if($r) { + $r = q("UPDATE photo SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' + WHERE resource_id = '%s' AND uid = %d ", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + dbesc($image_uri), + intval($uid) + ); + + // also update the linked item (which is probably invisible) + + $r = q("select id from item + WHERE allow_cid = '%s' AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' + AND resource_id = '%s' and resource_type = 'photo' AND uid = %d LIMIT 1", + dbesc($srch), + dbesc($image_uri), + intval($uid) + ); + if($r) { + $private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); + + $r = q("UPDATE item SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d + WHERE id = %d AND uid = %d", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + intval($private), + intval($r[0]['id']), + intval($uid) + ); + } + $r = q("select id from attach where hash = '%s' and uid = %d limit 1", + dbesc($image_uri), + intval($uid) + ); + if($r) { + q("update attach SET allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' + WHERE id = %d AND uid = %d", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + intval($r[0]['id']), + intval($uid) + ); + } + } + } + } + } +} + + +function fix_attached_file_permissions($channel,$observer_hash,$body, + $str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny) { + + if(get_pconfig($channel['channel_id'],'system','force_public_uploads')) { + $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; + } + + $match = false; + + if(preg_match_all("/\[attachment\](.*?)\[\/attachment\]/",$body,$match)) { + $attaches = $match[1]; + if($attaches) { + foreach($attaches as $attach) { + $hash = substr($attach,0,strpos($attach,',')); + $rev = intval(substr($attach,strpos($attach,','))); + attach_store($channel,$observer_hash,$options = 'update', array( + 'hash' => $hash, + 'revision' => $rev, + 'allow_cid' => $str_contact_allow, + 'allow_gid' => $str_group_allow, + 'deny_cid' => $str_contact_deny, + 'deny_gid' => $str_group_deny + )); + } + } + } +} |