clean up the photo storage backend, revamp mod/wall_upload

3 files changed, 15 insertions, 329 deletions

diff --git a/include/Photo.php b/include/Photo.php
index c3165cc9f..a60cfc868 100644
--- a/include/Photo.php
+++ b/include/Photo.php
@@ -523,7 +523,7 @@ class Photo {
 
 
 
-    public function store($uid, $xchan, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') {
+    public function store($aid, $uid, $xchan, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') {
 
         $x = q("select id from photo where `resource_id` = '%s' and uid = %d and `xchan` = '%s' and `scale` = %d limit 1",
                 dbesc($rid),
@@ -533,6 +533,7 @@ class Photo {
         );
         if(count($x)) {
             $r = q("UPDATE `photo`
+				set `aid` = %d,
                 set `uid` = %d,
                 `xchan` = '%s',
                 `resource_id` = '%s',
@@ -544,6 +545,7 @@ class Photo {
                 `height` = %d,
                 `width` = %d,
                 `data` = '%s',
+				`size` = %d,
                 `scale` = %d,
                 `profile` = %d,
                 `allow_cid` = '%s',
@@ -552,6 +554,7 @@ class Photo {
                 `deny_gid` = '%s'
                 where id = %d limit 1",
 
+				intval($aid),
                 intval($uid),
                 dbesc($xchan),
                 dbesc($rid),
@@ -563,6 +566,7 @@ class Photo {
                 intval($this->getHeight()),
                 intval($this->getWidth()),
                 dbesc($this->imageString()),
+				intval(strlen($this->imageString())),
                 intval($scale),
                 intval($profile),
                 dbesc($allow_cid),
@@ -574,8 +578,9 @@ class Photo {
         }
         else {
             $r = q("INSERT INTO `photo`
-                ( `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
-                VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s' )",
+                ( `aid`, `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `size`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
+                VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s' )",
+				intval($aid),
                 intval($uid),
                 dbesc($xchan),
                 dbesc($rid),
@@ -587,6 +592,7 @@ class Photo {
                 intval($this->getHeight()),
                 intval($this->getWidth()),
                 dbesc($this->imageString()),
+				intval(strlen($this->imageString())),
                 intval($scale),
                 intval($profile),
                 dbesc($allow_cid),
@@ -669,21 +675,21 @@ function import_profile_photo($photo,$xchan) {
 
         $img->scaleImageSquare(175);
 
-        $r = $img->store(0, $xchan, $hash, $filename, 'Contact Photos', 4 );
+        $r = $img->store(0, 0, $xchan, $hash, $filename, 'Contact Photos', 4 );
 
         if($r === false)
             $photo_failure = true;
 
         $img->scaleImage(80);
 
-        $r = $img->store(0, $xchan, $hash, $filename, 'Contact Photos', 5 );
+        $r = $img->store(0, 0, $xchan, $hash, $filename, 'Contact Photos', 5 );
 
         if($r === false)
             $photo_failure = true;
 
         $img->scaleImage(48);
 
-        $r = $img->store(0, $xchan, $hash, $filename, 'Contact Photos', 6 );
+        $r = $img->store(0, 0, $xchan, $hash, $filename, 'Contact Photos', 6 );
 
         if($r === false)
             $photo_failure = true;
diff --git a/include/items.php b/include/items.php
index fe8aadcbf..9ab39d7ae 100755
--- a/include/items.php
+++ b/include/items.php
@@ -2080,13 +2080,13 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
 			$img->scaleImageSquare(175);
 				
 			$hash = $resource_id;
-			$r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 4);
+			$r = $img->store(0, $contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 4);
 				
 			$img->scaleImage(80);
-			$r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 5);
+			$r = $img->store(0, $contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 5);
 
 			$img->scaleImage(48);
-			$r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 6);
+			$r = $img->store(0, $contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 6);
 
 			$a = get_app();
 
diff --git a/include/user.php b/include/user.php
deleted file mode 100644
index d71f024d1..000000000
--- a/include/user.php
+++ /dev/null
@@ -1,320 +0,0 @@
-<?php
-
-require_once('include/config.php');
-require_once('include/network.php');
-require_once('include/plugin.php');
-require_once('include/text.php');
-require_once('include/language.php');
-require_once('include/datetime.php');
-
-function create_user($arr) {
-
-	// Required: { username, nickname, email } or { openid_url }
-
-	$a = get_app();
-	$result = array('success' => false, 'user' => null, 'password' => '', 'message' => '');
-
-	$using_invites = get_config('system','invitation_only');
-	$num_invites   = get_config('system','number_invites');
-
-
-	$invite_id  = ((x($arr,'invite_id'))  ? notags(trim($arr['invite_id']))  : '');
-	$username   = ((x($arr,'username'))   ? notags(trim($arr['username']))   : '');
-	$nickname   = ((x($arr,'nickname'))   ? notags(trim($arr['nickname']))   : '');
-	$email      = ((x($arr,'email'))      ? notags(trim($arr['email']))      : '');
-	$openid_url = ((x($arr,'openid_url')) ? notags(trim($arr['openid_url'])) : '');
-	$photo      = ((x($arr,'photo'))      ? notags(trim($arr['photo']))      : '');
-	$password   = ((x($arr,'password'))   ? trim($arr['password'])           : '');
-	$blocked    = ((x($arr,'blocked'))    ? intval($arr['blocked'])  : 0);
-	$verified   = ((x($arr,'verified'))   ? intval($arr['verified']) : 0);
-
-	$publish    = ((x($arr,'profile_publish_reg') && intval($arr['profile_publish_reg'])) ? 1 : 0);
-	$netpublish = ((strlen(get_config('system','directory_submit_url'))) ? $publish : 0);
-		
-	$tmp_str = $openid_url;
-
-	if($using_invites) {
-		if(! $invite_id) {
-			$result['message'] .= t('An invitation is required.') . EOL;
-			return $result;
-		}
-		$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
-		if(! results($r)) {
-			$result['message'] .= t('Invitation could not be verified.') . EOL;
-			return $result;
-		}
-	} 
-
-	if((! x($username)) || (! x($email)) || (! x($nickname))) {
-		if($openid_url) {
-			if(! validate_url($tmp_str)) {
-				$result['message'] .= t('Invalid OpenID url') . EOL;
-				return $result;
-			}
-			$_SESSION['register'] = 1;
-			$_SESSION['openid'] = $openid_url;
-			require_once('library/openid.php');
-			$openid = new LightOpenID;
-			$openid->identity = $openid_url;
-			$openid->returnUrl = $a->get_baseurl() . '/openid'; 
-			$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
-			$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
-			goaway($openid->authUrl());
-			// NOTREACHED	
-		}
-
-		notice( t('Please enter the required information.') . EOL );
-		return;
-	}
-
-	if(! validate_url($tmp_str))
-		$openid_url = '';
-
-
-	$err = '';
-
-	// collapse multiple spaces in name
-	$username = preg_replace('/ +/',' ',$username);
-
-	if(mb_strlen($username) > 48)
-		$result['message'] .= t('Please use a shorter name.') . EOL;
-	if(mb_strlen($username) < 3)
-		$result['message'] .= t('Name too short.') . EOL;
-
-	// I don't really like having this rule, but it cuts down
-	// on the number of auto-registrations by Russian spammers
-	
-	//  Using preg_match was completely unreliable, due to mixed UTF-8 regex support
-	//	$no_utf = get_config('system','no_utf');
-	//	$pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' ); 
-
-	// So now we are just looking for a space in the full name. 
-	
-	$loose_reg = get_config('system','no_regfullname');
-	if(! $loose_reg) {
-		$username = mb_convert_case($username,MB_CASE_TITLE,'UTF-8');
-		if(! strpos($username,' '))
-			$result['message'] .= t("That doesn't appear to be your full \x28First Last\x29 name.") . EOL;
-	}
-
-
-	if(! allowed_email($email))
-		$result['message'] .= t('Your email domain is not among those allowed on this site.') . EOL;
-
-	if((! valid_email($email)) || (! validate_email($email)))
-		$result['message'] .= t('Not a valid email address.') . EOL;
-		
-	// Disallow somebody creating an account using openid that uses the admin email address,
-	// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
-
-	if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
-		$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
-			dbesc($email)
-		);
-		if(count($r))
-			$result['message'] .= t('Cannot use that email.') . EOL;
-	}
-
-	$nickname = $arr['nickname'] = strtolower($nickname);
-
-	if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname))
-		$result['message'] .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
-	$r = q("SELECT `uid` FROM `user`
-               	WHERE `nickname` = '%s' LIMIT 1",
-               	dbesc($nickname)
-	);
-	if(count($r))
-		$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
-
-	// Check deleted accounts that had this nickname. Doesn't matter to us,
-	// but could be a security issue for federated platforms.
-
-	$r = q("SELECT * FROM `userd`
-               	WHERE `username` = '%s' LIMIT 1",
-               	dbesc($nickname)
-	);
-	if(count($r))
-		$result['message'] .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
-
-	if(strlen($result['message'])) {
-		return $result;
-	}
-
-	$new_password = ((strlen($password)) ? $password : autoname(6) . mt_rand(100,9999));
-	$new_password_encoded = hash('whirlpool',$new_password);
-
-	$result['password'] = $new_password;
-
-	require_once('include/crypto.php');
-
-	$keys = new_keypair(4096);
-
-	if($keys === false) {
-		$result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL;
-		return $result;
-	}
-
-	$default_service_class = get_config('system','default_service_class');
-	if(! $default_service_class)
-		$default_service_class = '';
-
-
-	$prvkey = $keys['prvkey'];
-	$pubkey = $keys['pubkey'];
-
-	$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
-		`pubkey`, `prvkey`, `register_date`, `verified`, `blocked`, `timezone`, `service_class` )
-		VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC', '%s' )",
-		dbesc(generate_user_guid()),
-		dbesc($username),
-		dbesc($new_password_encoded),
-		dbesc($email),
-		dbesc($openid_url),
-		dbesc($nickname),
-		dbesc($pubkey),
-		dbesc($prvkey),
-		dbesc(datetime_convert()),
-		intval($verified),
-		intval($blocked),
-		dbesc($default_service_class)
-	);
-
-	if($r) {
-		$r = q("SELECT * FROM `user` 
-			WHERE `username` = '%s' AND `password` = '%s' LIMIT 1",
-			dbesc($username),
-			dbesc($new_password_encoded)
-		);
-		if($r !== false && count($r)) {
-			$u = $r[0];
-			$newuid = intval($r[0]['uid']);
-		}
-	}
-	else {
-		$result['message'] .=  t('An error occurred during registration. Please try again.') . EOL ;
-		return $result;
-	} 		
-
-	/**
-	 * if somebody clicked submit twice very quickly, they could end up with two accounts 
-	 * due to race condition. Remove this one.
-	 */
-
-	$r = q("SELECT `uid` FROM `user`
-               	WHERE `nickname` = '%s' ",
-               	dbesc($nickname)
-	);
-	if((count($r) > 1) && $newuid) {
-		$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
-		q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
-			intval($newuid)
-		);
-		return $result;
-	}
-
-	if(x($newuid) !== false) {
-		$r = q("INSERT INTO `profile` ( `uid`, `profile_name`, `is_default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )
-			VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ",
-			intval($newuid),
-			t('default'),
-			1,
-			dbesc($username),
-			dbesc($a->get_baseurl() . "/photo/profile/{$newuid}"),
-			dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}"),
-			intval($publish),
-			intval($netpublish)
-
-		);
-		if($r === false) {
-			$result['message'] .=  t('An error occurred creating your default profile. Please try again.') . EOL;
-			// Start fresh next time.
-			$r = q("DELETE FROM `user` WHERE `uid` = %d",
-				intval($newuid));
-			return $result;
-		}
-		$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,
-			`request`, `notify`, `poll`, `confirm`, `poco`, `name_date`, `uri_date`, `avatar_date`, `closeness` )
-			VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ",
-			intval($newuid),
-			datetime_convert(),
-			dbesc($username),
-			dbesc($nickname),
-			dbesc($a->get_baseurl() . "/photo/profile/{$newuid}"),
-			dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}"),
-			dbesc($a->get_baseurl() . "/photo/micro/{$newuid}"),
-			dbesc($a->get_baseurl() . "/channel/$nickname"),
-			dbesc(normalise_link($a->get_baseurl() . "/channel/$nickname")),
-			dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
-			dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"),
-			dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"),
-			dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname"),
-			dbesc($a->get_baseurl() . "/poco/$nickname"),
-			dbesc(datetime_convert()),
-			dbesc(datetime_convert()),
-			dbesc(datetime_convert())
-		);
-
-		// Create a group with no members. This allows somebody to use it 
-		// right away as a default group for new contacts. 
-
-		require_once('include/group.php');
-		group_add($newuid, t('Friends'));
-
-	}
-
-	// if we have no OpenID photo try to look up an avatar
-	if(! strlen($photo))
-		$photo = avatar_img($email);
-
-	// unless there is no avatar-plugin loaded
-	if(strlen($photo)) {
-		require_once('include/Photo.php');
-		$photo_failure = false;
-
-		$filename = basename($photo);
-		$img_str = fetch_url($photo,true);
-		// guess mimetype from headers or filename
-		$type = guess_image_type($photo,true);
-
-		
-		$img = new Photo($img_str, $type);
-		if($img->is_valid()) {
-
-			$img->scaleImageSquare(175);
-
-			$hash = photo_new_resource();
-
-			$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4 );
-
-			if($r === false)
-				$photo_failure = true;
-
-			$img->scaleImage(80);
-
-			$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5 );
-
-			if($r === false)
-				$photo_failure = true;
-
-			$img->scaleImage(48);
-
-			$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6 );
-
-			if($r === false)
-				$photo_failure = true;
-
-			if(! $photo_failure) {
-				q("UPDATE `photo` SET `profile` = 1 WHERE `resource_id` = '%s' ",
-					dbesc($hash)
-				);
-			}
-		}
-	}
-
-	call_hooks('register_account', $newuid);
-
-	$result['success'] = true;
-	$result['user'] = $u;
-	return $result;
-
-}