diff options
author | Mario Vavti <mario@mariovavti.com> | 2017-05-31 09:56:35 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2017-05-31 09:56:35 +0200 |
commit | 47d55694a4c84b6c12c0db61a69bcac8b671b20e (patch) | |
tree | b15e96f4ea67e2214a66a9d28dafaf53d25b98ec /Zotlabs/Widget/Photo_rand.php | |
parent | 087f9784e3c5a860ed2b86e7f9e8e9f312038546 (diff) | |
parent | f0e615dee529e031663576286345141ad2996974 (diff) | |
download | volse-hubzilla-47d55694a4c84b6c12c0db61a69bcac8b671b20e.tar.gz volse-hubzilla-47d55694a4c84b6c12c0db61a69bcac8b671b20e.tar.bz2 volse-hubzilla-47d55694a4c84b6c12c0db61a69bcac8b671b20e.zip |
Merge branch '2.4RC'2.4
Diffstat (limited to 'Zotlabs/Widget/Photo_rand.php')
-rw-r--r-- | Zotlabs/Widget/Photo_rand.php | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/Zotlabs/Widget/Photo_rand.php b/Zotlabs/Widget/Photo_rand.php new file mode 100644 index 000000000..af80a3b9f --- /dev/null +++ b/Zotlabs/Widget/Photo_rand.php @@ -0,0 +1,66 @@ +<?php + +namespace Zotlabs\Widget; + +require_once('include/photos.php'); + +class Photo_rand { + + function widget($arr) { + + $style = false; + + if(array_key_exists('album', $arr) && isset($arr['album'])) + $album = $arr['album']; + else + $album = ''; + + $channel_id = 0; + if(array_key_exists('channel_id', $arr) && intval($arr['channel_id'])) + $channel_id = intval($arr['channel_id']); + if(! $channel_id) + $channel_id = \App::$profile_uid; + if(! $channel_id) + return ''; + + $scale = ((array_key_exists('scale',$arr)) ? intval($arr['scale']) : 0); + + $ret = photos_list_photos(array('channel_id' => $channel_id),\App::get_observer(),$album); + + $filtered = array(); + if($ret['success'] && $ret['photos']) + foreach($ret['photos'] as $p) + if($p['imgscale'] == $scale) + $filtered[] = $p['src']; + + if($filtered) { + $e = mt_rand(0, count($filtered) - 1); + $url = $filtered[$e]; + } + + if(strpos($url, 'http') !== 0) + return ''; + + if(array_key_exists('style', $arr) && isset($arr['style'])) + $style = $arr['style']; + + // ensure they can't sneak in an eval(js) function + + if(strpos($style,'(') !== false) + return ''; + + $url = zid($url); + + $o = '<div class="widget">'; + + $o .= '<img class="zrl" ' + . (($style) ? ' style="' . $style . '"' : '') + . ' src="' . $url . '" alt="' . t('photo/image') . '">'; + + $o .= '</div>'; + + return $o; + } +} + + |