diff options
| author | friendica <info@friendica.com> | 2012-10-01 18:02:11 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2012-10-01 18:02:11 -0700 |
| commit | 846a9813b23911ae2a87d87fb6fd9f188ed84dc0 (patch) | |
| tree | a8a78b379cc8f4e25812c5b2cac603c86b6b1472 /include | |
| parent | d261fe271fdee747244c76f7ba4679b8372a2e8c (diff) | |
| download | volse-hubzilla-846a9813b23911ae2a87d87fb6fd9f188ed84dc0.tar.gz volse-hubzilla-846a9813b23911ae2a87d87fb6fd9f188ed84dc0.tar.bz2 volse-hubzilla-846a9813b23911ae2a87d87fb6fd9f188ed84dc0.zip | |
here's where the heavy lifting begins - everything is likely to be broken for quite some time as we add location and db independence to items and conversations and work through the rest of the permissions and how to federate the buggers.
Diffstat (limited to 'include')
| -rw-r--r-- | include/Photo.php | 78 | ||||
| -rw-r--r-- | include/Scrape.php | 15 | ||||
| -rw-r--r-- | include/conversation.php | 45 | ||||
| -rw-r--r-- | include/email.php | 4 | ||||
| -rw-r--r-- | include/group.php | 35 | ||||
| -rwxr-xr-x | include/items.php | 40 | ||||
| -rw-r--r-- | include/message.php | 2 | ||||
| -rw-r--r-- | include/security.php | 12 | ||||
| -rw-r--r-- | include/text.php | 4 | ||||
| -rw-r--r-- | include/user.php | 2 |
10 files changed, 164 insertions, 73 deletions
diff --git a/include/Photo.php b/include/Photo.php index d5e9ac9e6..d5cbb8d24 100644 --- a/include/Photo.php +++ b/include/Photo.php @@ -179,19 +179,6 @@ class Photo { if(!$this->is_valid()) return FALSE; - if($this->is_imagick()) { - /** - * If it is not animated, there will be only one iteration here, - * so don't bother checking - */ - // Don't forget to go back to the first frame - $this->image->setFirstIterator(); - do { - $this->image->resizeImage($max, $max, imagick::FILTER_LANCZOS, 1, true); - } while ($this->image->nextImage()); - return; - } - $width = $this->width; $height = $this->height; @@ -201,7 +188,18 @@ class Photo { return FALSE; if($width > $max && $height > $max) { - if($width > $height) { + + // very tall image (greater than 16:9) + // constrain the width - let the height float. + + if((($height * 9) / 16) > $width) { + $dest_width = $max; + $dest_height = intval(( $height * $max ) / $width); + } + + // else constrain both dimensions + + elseif($width > $height) { $dest_width = $max; $dest_height = intval(( $height * $max ) / $width); } @@ -217,8 +215,18 @@ class Photo { } else { if( $height > $max ) { - $dest_width = intval(( $width * $max ) / $height); - $dest_height = $max; + + // very tall image (greater than 16:9) + // but width is OK - don't do anything + + if((($height * 9) / 16) > $width) { + $dest_width = $width; + $dest_height = $height; + } + else { + $dest_width = intval(( $width * $max ) / $height); + $dest_height = $max; + } } else { $dest_width = $width; @@ -228,6 +236,28 @@ class Photo { } + if($this->is_imagick()) { + /** + * If it is not animated, there will be only one iteration here, + * so don't bother checking + */ + // Don't forget to go back to the first frame + $this->image->setFirstIterator(); + do { + + // FIXME - implement horizantal bias for scaling as in followin GD functions + // to allow very tall images to be constrained only horizontally. + + $this->image->scaleImage($dest_width, $dest_height); + } while ($this->image->nextImage()); + + // FIXME - also we need to copy the new dimensions to $this->height, $this->width as other functions + // may rely on it. + + return; + } + + $dest = imagecreatetruecolor( $dest_width, $dest_height ); imagealphablending($dest, false); imagesavealpha($dest, true); @@ -341,8 +371,6 @@ class Photo { if(!$this->is_valid()) return FALSE; - if($this->is_imagick()) - return $this->scaleImage($min); $width = $this->width; $height = $this->height; @@ -379,6 +407,8 @@ class Photo { } } + if($this->is_imagick()) + return $this->scaleImage($dest_width,$dest_height); $dest = imagecreatetruecolor( $dest_width, $dest_height ); imagealphablending($dest, false); @@ -401,7 +431,7 @@ class Photo { if($this->is_imagick()) { $this->image->setFirstIterator(); do { - $this->image->resizeImage($dim, $dim, imagick::FILTER_LANCZOS, 1, false); + $this->image->scaleImage($dim, $dim); } while ($this->image->nextImage()); return; } @@ -495,7 +525,7 @@ class Photo { public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') { - $x = q("select id from photo where `resource-id` = '%s' and uid = %d and `contact-id` = %d and `scale` = %d limit 1", + $x = q("select id from photo where `resource_id` = '%s' and uid = %d and `contact-id` = %d and `scale` = %d limit 1", dbesc($rid), intval($uid), intval($cid), @@ -505,7 +535,7 @@ class Photo { $r = q("UPDATE `photo` set `uid` = %d, `contact-id` = %d, - `resource-id` = '%s', + `resource_id` = '%s', `created` = '%s', `edited` = '%s', `filename` = '%s', @@ -544,7 +574,7 @@ class Photo { } else { $r = q("INSERT INTO `photo` - ( `uid`, `contact-id`, `resource-id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` ) + ( `uid`, `contact-id`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` ) VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s' )", intval($uid), intval($cid), @@ -618,12 +648,12 @@ function import_profile_photo($photo,$uid,$cid) { $a = get_app(); - $r = q("select `resource-id` from photo where `uid` = %d and `contact-id` = %d and `scale` = 4 and `album` = 'Contact Photos' limit 1", + $r = q("select `resource_id` from photo where `uid` = %d and `contact-id` = %d and `scale` = 4 and `album` = 'Contact Photos' limit 1", intval($uid), intval($cid) ); if(count($r)) { - $hash = $r[0]['resource-id']; + $hash = $r[0]['resource_id']; } else { $hash = photo_new_resource(); diff --git a/include/Scrape.php b/include/Scrape.php index 2e5ed7d32..806106ef1 100644 --- a/include/Scrape.php +++ b/include/Scrape.php @@ -438,10 +438,10 @@ function probe_url($url, $mode = PROBE_NORMAL) { $poll = 'email ' . random_string(); $priority = 0; $x = email_msg_meta($mbox,$msgs[0]); - if(stristr($x->from,$orig_url)) - $adr = imap_rfc822_parse_adrlist($x->from,''); - elseif(stristr($x->to,$orig_url)) - $adr = imap_rfc822_parse_adrlist($x->to,''); + if(stristr($x[0]->from,$orig_url)) + $adr = imap_rfc822_parse_adrlist($x[0]->from,''); + elseif(stristr($x[0]->to,$orig_url)) + $adr = imap_rfc822_parse_adrlist($x[0]->to,''); if(isset($adr)) { foreach($adr as $feadr) { if((strcasecmp($feadr->mailbox,$name) == 0) @@ -523,6 +523,13 @@ function probe_url($url, $mode = PROBE_NORMAL) { logger('probe_url: scrape_vcard: ' . print_r($vcard,true), LOGGER_DATA); } + if($diaspora && $addr) { + // Diaspora returns the name as the nick. As the nick will never be updated, + // let's use the Diaspora nickname (the first part of the handle) as the nick instead + $addr_parts = explode('@', $addr); + $vcard['nick'] = $addr_parts[0]; + } + if($twitter) { logger('twitter: setup'); $tid = basename($url); diff --git a/include/conversation.php b/include/conversation.php index 621032349..bad511551 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -111,7 +111,7 @@ function localize_item(&$item){ } break; default: - if($obj['resource-id']){ + if($obj['resource_id']){ $post_type = t('photo'); $m=array(); preg_match("/\[url=([^]]*)\]/", $obj['body'], $m); $rr['plink'] = $m[1]; @@ -239,7 +239,7 @@ function localize_item(&$item){ } break; default: - if($obj['resource-id']){ + if($obj['resource_id']){ $post_type = t('photo'); $m=array(); preg_match("/\[url=([^]]*)\]/", $obj['body'], $m); $rr['plink'] = $m[1]; @@ -329,11 +329,14 @@ function count_descendants($item) { function visible_activity($item) { - if(activity_match($child['verb'],ACTIVITY_LIKE) || activity_match($child['verb'],ACTIVITY_DISLIKE)) + if(activity_match($item['verb'],ACTIVITY_LIKE) || activity_match($item['verb'],ACTIVITY_DISLIKE)) return false; - if(activity_match($item['verb'],ACTIVITY_FOLLOW) && $item['object-type'] === ACTIVITY_OBJ_NOTE && $item['uid'] != local_user()) - return false; + if(activity_match($item['verb'],ACTIVITY_FOLLOW) && $item['object-type'] === ACTIVITY_OBJ_NOTE) { + if(! (($item['self']) && ($item['uid'] == local_user()))) { + return false; + } + } return true; } @@ -1372,6 +1375,7 @@ function item_photo_menu($item){ if(! count($a->contacts)) load_contact_links(local_user()); } + $sub_link=""; $poke_link=""; $contact_url=""; $pm_url=""; @@ -1379,6 +1383,10 @@ function item_photo_menu($item){ $photos_link=""; $posts_link=""; + if((local_user()) && local_user() == $item['uid'] && $item['parent'] == $item['id'] && (! $item['self'])) { + $sub_link = 'javascript:dosubthread(' . $item['id'] . '); return false;'; + } + $sparkle = false; $profile_link = best_link_url($item,$sparkle,$ssl_state); @@ -1417,6 +1425,7 @@ function item_photo_menu($item){ } $menu = Array( + t("Follow Thread") => $sub_link, t("View Status") => $status_link, t("View Profile") => $profile_link, t("View Photos") => $photos_link, @@ -1435,7 +1444,11 @@ function item_photo_menu($item){ $o = ""; foreach($menu as $k=>$v){ - if ($v!="") $o .= "<li><a href=\"$v\">$k</a></li>\n"; + if(strpos($v,'javascript:') === 0) { + $v = substr($v,11); + $o .= "<li><a href=\"#\" onclick=\"$v\">$k</a></li>\n"; + } + elseif ($v!="") $o .= "<li><a href=\"$v\">$k</a></li>\n"; } return $o; }} @@ -1456,16 +1469,16 @@ function like_puller($a,$item,&$arr,$mode) { else $url = zrl($url); - if(! $item['thr-parent']) - $item['thr-parent'] = $item['parent_uri']; + if(! $item['thr_parent']) + $item['thr_parent'] = $item['parent_uri']; - if(! ((isset($arr[$item['thr-parent'] . '-l'])) && (is_array($arr[$item['thr-parent'] . '-l'])))) - $arr[$item['thr-parent'] . '-l'] = array(); - if(! isset($arr[$item['thr-parent']])) - $arr[$item['thr-parent']] = 1; + if(! ((isset($arr[$item['thr_parent'] . '-l'])) && (is_array($arr[$item['thr_parent'] . '-l'])))) + $arr[$item['thr_parent'] . '-l'] = array(); + if(! isset($arr[$item['thr_parent']])) + $arr[$item['thr_parent']] = 1; else - $arr[$item['thr-parent']] ++; - $arr[$item['thr-parent'] . '-l'][] = '<a href="'. $url . '"'. $sparkle .'>' . $item['author-name'] . '</a>'; + $arr[$item['thr_parent']] ++; + $arr[$item['thr_parent'] . '-l'][] = '<a href="'. $url . '"'. $sparkle .'>' . $item['author-name'] . '</a>'; } return; }} @@ -1603,8 +1616,8 @@ function get_item_children($arr, $parent) { foreach($arr as $item) { if($item['id'] != $item['parent']) { if(get_config('system','thread_allow')) { - // Fallback to parent_uri if thr-parent is not set - $thr_parent = $item['thr-parent']; + // Fallback to parent_uri if thr_parent is not set + $thr_parent = $item['thr_parent']; if($thr_parent == '') $thr_parent = $item['parent_uri']; diff --git a/include/email.php b/include/email.php index b43ae0dc1..46feb4582 100644 --- a/include/email.php +++ b/include/email.php @@ -48,8 +48,8 @@ function construct_mailbox_name($mailacct) { function email_msg_meta($mbox,$uid) { - $ret = (($mbox && $uid) ? @imap_fetch_overview($mbox,$uid,FT_UID) : array(array())); - return ((count($ret)) ? $ret[0] : array()); + $ret = (($mbox && $uid) ? @imap_fetch_overview($mbox,$uid,FT_UID) : array(array())); // POSSIBLE CLEANUP --> array(array()) is probably redundant now + return ((count($ret)) ? $ret : array()); } function email_msg_headers($mbox,$uid) { diff --git a/include/group.php b/include/group.php index 8aaeb513f..0df3a7b15 100644 --- a/include/group.php +++ b/include/group.php @@ -40,7 +40,7 @@ function group_add($uid,$name) { function group_rmv($uid,$name) { $ret = false; if(x($uid) && x($name)) { - $r = q("SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' LIMIT 1", + $r = q("SELECT id FROM `group` WHERE `uid` = %d AND `name` = '%s' LIMIT 1", intval($uid), dbesc($name) ); @@ -49,6 +49,37 @@ function group_rmv($uid,$name) { if(! $group_id) return false; + // remove group from default posting lists + $r = q("SELECT def_gid, allow_gid, deny_gid FROM user WHERE uid = %d LIMIT 1", + intval($uid) + ); + if($r) { + $user_info = $r[0]; + $change = false; + + if($user_info['def_gid'] == $group_id) { + $user_info['def_gid'] = 0; + $change = true; + } + if(strpos($user_info['allow_gid'], '<' . $group_id . '>') !== false) { + $user_info['allow_gid'] = str_replace('<' . $group_id . '>', '', $user_info['allow_gid']); + $change = true; + } + if(strpos($user_info['deny_gid'], '<' . $group_id . '>') !== false) { + $user_info['deny_gid'] = str_replace('<' . $group_id . '>', '', $user_info['deny_gid']); + $change = true; + } + + if($change) { + q("UPDATE user SET def_gid = %d, allow_gid = '%s', deny_gid = '%s' WHERE uid = %d", + intval($user_info['def_gid']), + dbesc($user_info['allow_gid']), + dbesc($user_info['deny_gid']), + intval($uid) + ); + } + } + // remove all members $r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d ", intval($uid), @@ -103,7 +134,7 @@ function group_add_member($uid,$name,$member,$gid = 0) { if((! $gid) || (! $uid) || (! $member)) return false; - $r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `id` = %d AND `contact-id` = %d LIMIT 1", + $r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1", intval($uid), intval($gid), intval($member) diff --git a/include/items.php b/include/items.php index ba7d54c94..07b941074 100755 --- a/include/items.php +++ b/include/items.php @@ -1000,7 +1000,7 @@ function item_store($arr,$force_parent = false) { $arr['origin'] = ((x($arr,'origin')) ? intval($arr['origin']) : 0 ); - $arr['thr-parent'] = $arr['parent_uri']; + $arr['thr_parent'] = $arr['parent_uri']; if($arr['parent_uri'] === $arr['uri']) { $parent_id = 0; $parent_deleted = 0; @@ -1670,12 +1670,12 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) $photo_failure = false; $have_photo = false; - $r = q("SELECT `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT `resource_id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1", intval($contact['id']), intval($contact['uid']) ); if(count($r)) { - $resource_id = $r[0]['resource-id']; + $resource_id = $r[0]['resource_id']; $have_photo = true; } else { @@ -1690,7 +1690,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) $img = new Photo($img_str, $type); if($img->is_valid()) { if($have_photo) { - q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `contact-id` = %d AND `uid` = %d", + q("DELETE FROM `photo` WHERE `resource_id` = '%s' AND `contact-id` = %d AND `uid` = %d", dbesc($resource_id), intval($contact['id']), intval($contact['uid']) @@ -1985,7 +1985,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) $datarray['type'] = 'activity'; $datarray['gravity'] = GRAVITY_LIKE; // only one like or dislike per person - $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr-parent` = '%s') limit 1", + $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr_parent` = '%s') limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), @@ -2216,12 +2216,12 @@ function local_delivery($importer,$data) { $photo_failure = false; $have_photo = false; - $r = q("SELECT `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT `resource_id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1", intval($importer['id']), intval($importer['importer_uid']) ); if(count($r)) { - $resource_id = $r[0]['resource-id']; + $resource_id = $r[0]['resource_id']; $have_photo = true; } else { @@ -2236,7 +2236,7 @@ function local_delivery($importer,$data) { $img = new Photo($img_str, $type); if($img->is_valid()) { if($have_photo) { - q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `contact-id` = %d AND `uid` = %d", + q("DELETE FROM `photo` WHERE `resource_id` = '%s' AND `contact-id` = %d AND `uid` = %d", dbesc($resource_id), intval($importer['id']), intval($importer['importer_uid']) @@ -2536,7 +2536,7 @@ function local_delivery($importer,$data) { $r = q("select `item`.`id`, `item`.`uri`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`, `contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr-parent` = '%s') + WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr_parent` = '%s') AND `item`.`uid` = %d $sql_extra LIMIT 1", @@ -2678,7 +2678,7 @@ function local_delivery($importer,$data) { $r = q("select `item`.`id`, `item`.`uri`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`, `contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr-parent` = '%s') + WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr_parent` = '%s') AND `item`.`uid` = %d $sql_extra LIMIT 1", @@ -2762,7 +2762,7 @@ function local_delivery($importer,$data) { $datarray['gravity'] = GRAVITY_LIKE; // only one like or dislike per person - $r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`thr-parent` = '%s' or `parent_uri` = '%s') and deleted = 0 limit 1", + $r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`thr_parent` = '%s' or `parent_uri` = '%s') and deleted = 0 limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), @@ -2916,7 +2916,7 @@ function local_delivery($importer,$data) { $datarray['type'] = 'activity'; $datarray['gravity'] = GRAVITY_LIKE; // only one like or dislike per person - $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr-parent` = '%s') limit 1", + $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr_parent` = '%s') limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), @@ -3316,8 +3316,8 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { if(strlen($item['owner-name'])) $o .= atom_author('dfrn:owner',$item['owner-name'],$item['owner-link'],80,80,$item['owner-avatar']); - if(($item['parent'] != $item['id']) || ($item['parent_uri'] !== $item['uri']) || (($item['thr-parent'] !== '') && ($item['thr-parent'] !== $item['uri']))) { - $parent_item = (($item['thr-parent']) ? $item['thr-parent'] : $item['parent_uri']); + if(($item['parent'] != $item['id']) || ($item['parent_uri'] !== $item['uri']) || (($item['thr_parent'] !== '') && ($item['thr_parent'] !== $item['uri']))) { + $parent_item = (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_uri']); $o .= '<thr:in-reply-to ref="' . xmlify($parent_item) . '" type="text/html" href="' . xmlify($a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['parent']) . '" />' . "\r\n"; } @@ -3403,7 +3403,7 @@ function fix_private_photos($s, $uid, $item = null, $cid = 0) { if($x) { $res = substr($i,$x+1); $i = substr($i,0,$x); - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d AND `uid` = %d", + $r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `scale` = %d AND `uid` = %d", dbesc($i), intval($res), intval($uid) @@ -3597,7 +3597,7 @@ function item_expire($uid,$days) { // Only expire posts, not photos and photo comments - if($expire_photos==0 && strlen($item['resource-id'])) + if($expire_photos==0 && strlen($item['resource_id'])) continue; if($expire_starred==0 && intval($item['starred'])) continue; @@ -3702,11 +3702,11 @@ function drop_item($id,$interactive = true) { // If item is a link to a photo resource, nuke all the associated photos // (visitors will not have photo resources) // This only applies to photos uploaded from the photos page. Photos inserted into a post do not - // generate a resource-id and therefore aren't intimately linked to the item. + // generate a resource_id and therefore aren't intimately linked to the item. - if(strlen($item['resource-id'])) { - q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ", - dbesc($item['resource-id']), + if(strlen($item['resource_id'])) { + q("DELETE FROM `photo` WHERE `resource_id` = '%s' AND `uid` = %d ", + dbesc($item['resource_id']), intval($item['uid']) ); // ignore the result diff --git a/include/message.php b/include/message.php index 0f31b116a..cf0fe96da 100644 --- a/include/message.php +++ b/include/message.php @@ -138,7 +138,7 @@ function send_message($recipient=0, $body='', $subject='', $replyto=''){ $image_uri = substr($image,strrpos($image,'/') + 1); $image_uri = substr($image_uri,0, strpos($image_uri,'-')); $r = q("UPDATE `photo` SET `allow_cid` = '%s' - WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ", + WHERE `resource_id` = '%s' AND `album` = '%s' AND `uid` = %d ", dbesc('<' . $recipient . '>'), dbesc($image_uri), dbesc( t('Wall Photos')), diff --git a/include/security.php b/include/security.php index f5e829e47..e221ad59b 100644 --- a/include/security.php +++ b/include/security.php @@ -274,7 +274,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { $gs .= '|<' . intval($g) . '>'; } - $sql = sprintf( + /*$sql = sprintf( " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) @@ -284,6 +284,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { intval($remote_user), dbesc($gs), dbesc($gs) + );*/ + $sql = sprintf( + " AND ( NOT (deny_cid REGEXP '<%d>' OR deny_gid REGEXP '%s') + AND ( allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') ) + ) + ", + intval($remote_user), + dbesc($gs), + intval($remote_user), + dbesc($gs) ); } } diff --git a/include/text.php b/include/text.php index 61c7e6389..d0ad414fa 100644 --- a/include/text.php +++ b/include/text.php @@ -378,7 +378,7 @@ function photo_new_resource() { do { $found = false; $resource = hash('md5',uniqid(mt_rand(),true)); - $r = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1", + $r = q("SELECT `id` FROM `photo` WHERE `resource_id` = '%s' LIMIT 1", dbesc($resource) ); if(count($r)) @@ -1325,7 +1325,7 @@ function reltoabs($text, $base) function item_post_type($item) { if(intval($item['event-id'])) return t('event'); - if(strlen($item['resource-id'])) + if(strlen($item['resource_id'])) return t('photo'); if(strlen($item['verb']) && $item['verb'] !== ACTIVITY_POST) return t('activity'); diff --git a/include/user.php b/include/user.php index b94317dab..99837e357 100644 --- a/include/user.php +++ b/include/user.php @@ -304,7 +304,7 @@ function create_user($arr) { $photo_failure = true; if(! $photo_failure) { - q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ", + q("UPDATE `photo` SET `profile` = 1 WHERE `resource_id` = '%s' ", dbesc($hash) ); } |