aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Block.php
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-04-18 20:38:38 -0700
committerredmatrix <git@macgirvin.com>2016-04-18 20:38:38 -0700
commit2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289 (patch)
tree2376d950ba2bdc7753336a3e2b94865c95c238f2 /Zotlabs/Module/Block.php
parent2a61817bad96526994c0499f1fc0a843a9cc9405 (diff)
downloadvolse-hubzilla-2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289.tar.gz
volse-hubzilla-2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289.tar.bz2
volse-hubzilla-2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289.zip
module updates
Diffstat (limited to 'Zotlabs/Module/Block.php')
-rw-r--r--Zotlabs/Module/Block.php92
1 files changed, 92 insertions, 0 deletions
diff --git a/Zotlabs/Module/Block.php b/Zotlabs/Module/Block.php
new file mode 100644
index 000000000..062befdb5
--- /dev/null
+++ b/Zotlabs/Module/Block.php
@@ -0,0 +1,92 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/items.php');
+require_once('include/conversation.php');
+require_once('include/page_widgets.php');
+
+
+class Block extends \Zotlabs\Web\Controller {
+
+ function init() {
+
+ $which = argv(1);
+ $profile = 0;
+ profile_load($a,$which,$profile);
+
+ if(\App::$profile['profile_uid'])
+ head_set_icon(\App::$profile['thumb']);
+
+ }
+
+
+ function get() {
+
+ if(! perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'view_pages')) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ if(argc() < 3) {
+ notice( t('Invalid item.') . EOL);
+ return;
+ }
+
+ $channel_address = argv(1);
+ $page_id = argv(2);
+
+ $u = q("select channel_id from channel where channel_address = '%s' limit 1",
+ dbesc($channel_address)
+ );
+
+ if(! $u) {
+ notice( t('Channel not found.') . EOL);
+ return;
+ }
+
+ if($_REQUEST['rev'])
+ $revision = " and revision = " . intval($_REQUEST['rev']) . " ";
+ else
+ $revision = " order by revision desc ";
+
+ require_once('include/security.php');
+ $sql_options = item_permissions_sql($u[0]['channel_id']);
+
+ $r = q("select item.* from item left join item_id on item.id = item_id.iid
+ where item.uid = %d and sid = '%s' and service = 'BUILDBLOCK' and
+ item_type = %d $sql_options $revision limit 1",
+ intval($u[0]['channel_id']),
+ dbesc($page_id),
+ intval(ITEM_TYPE_BLOCK)
+ );
+
+ if(! $r) {
+
+ // Check again with no permissions clause to see if it is a permissions issue
+
+ $x = q("select item.* from item left join item_id on item.id = item_id.iid
+ where item.uid = %d and sid = '%s' and service = 'BUILDBLOCK' and
+ item_type = %d $revision limit 1",
+ intval($u[0]['channel_id']),
+ dbesc($page_id),
+ intval(ITEM_TYPE_BLOCK)
+ );
+ if($x) {
+ // Yes, it's there. You just aren't allowed to see it.
+ notice( t('Permission denied.') . EOL);
+ }
+ else {
+ notice( t('Page not found.') . EOL);
+ }
+ return;
+ }
+
+ xchan_query($r);
+ $r = fetch_post_tags($r,true);
+
+ $o .= prepare_page($r[0]);
+ return $o;
+
+ }
+
+}