Merge pull request #20 from redmatrix/master

updating from original codebase

4 files changed, 29 insertions, 11 deletions

diff --git a/include/identity.php b/include/identity.php
index fd0b4d7f5..e1e79394a 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -924,6 +924,10 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) {
 	$pdesc = true;
 	$reddress = true;
 
+	if(! perm_is_allowed($profile['uid'],((is_array($observer)) ? $observer['xchan_hash'] : ''),'view_profile')) {
+		$block = true;
+	}
+
 	if($block && intval(get_config('system','block_public_blackout')))
 		return $o;
 
@@ -1012,9 +1016,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true) {
 
 //	logger('online: ' . $profile['online']);
 
-	if(! perm_is_allowed($profile['uid'],((is_array($observer)) ? $observer['xchan_hash'] : ''),'view_profile')) {
-		$block = true;
-	}
 
 	if(($profile['hidewall'] && (! local_channel()) && (! remote_channel())) || $block ) {
 		$location = $reddress = $pdesc = $gender = $marital = $homepage = False;
diff --git a/include/oembed.php b/include/oembed.php
index e50d34c7d..2d3e0d3f9 100755
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -78,7 +78,6 @@ function oembed_fetch_url($embedurl){
 		else {
 			// try oembed autodiscovery
 			$redirects = 0;
-
 			$result = z_fetch_url($embedurl, false, $redirects, array('timeout' => 15, 'accept_content' => "text/*", 'novalidate' => true ));
 			if($result['success'])
 				$html_text = $result['body'];
@@ -88,8 +87,8 @@ function oembed_fetch_url($embedurl){
 				if ($dom){
 					$xpath = new DOMXPath($dom);
 					$attr = "oembed";
-				
 					$xattr = oe_build_xpath("class","oembed");
+
 					$entries = $xpath->query("//link[@type='application/json+oembed']");
 					foreach($entries as $e){
 						$href = $e->getAttributeNode("href")->nodeValue;
@@ -173,6 +172,14 @@ function oembed_format_object($j){
 			$ret.="<br>";
 		}; break;  
 		case "link": {
+			if($j->thumbnail_url) {
+				if(is_matrix_url($embedurl)) {
+					$embedurl = zid($embedurl);
+					$j->thumbnail_url = zid($j->thumbnail_url);
+				}
+				$ret = '<a href="' . $embedurl . '" ><img src="' . $j->thumbnail_url . '" alt="thumbnail" /></a><br /><br />';
+			}
+
 			//$ret = "<a href='".$embedurl."'>".$j->title."</a>";
 		}; break;  
 		case "rich": {
diff --git a/include/security.php b/include/security.php
index 2a9a6e39e..ee94dba82 100644
--- a/include/security.php
+++ b/include/security.php
@@ -181,7 +181,7 @@ function permissions_sql($owner_id, $remote_observer = null) {
 	 */
 
 	else {
-		$observer = (($remote_observer) ? $remote_observer : get_observer_hash());
+		$observer = ((! is_null($remote_observer)) ? $remote_observer : get_observer_hash());
 		if($observer) {
 			$groups = init_groups_visitor($observer);
 
diff --git a/include/widgets.php b/include/widgets.php
index 891e9c018..7e502e4c2 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -817,7 +817,7 @@ function widget_item($arr) {
 		return '';
 
 
-	if(! $arr['mid'])
+	if((! $arr['mid']) && (! $arr['title']))
 		return '';
 
 	if(! perm_is_allowed($channel_id, get_observer_hash(), 'view_pages'))
@@ -826,10 +826,20 @@ function widget_item($arr) {
 	require_once('include/security.php');
 	$sql_extra = item_permissions_sql($channel_id);
 
-	$r = q("select * from item where mid = '%s' and uid = %d and item_type = " . intval(ITEM_TYPE_WEBPAGE) . " $sql_extra limit 1",
-		dbesc($arr['mid']),
-		intval($channel_id)
-	);
+	if($arr['title']) {
+		$r = q("select item.* from item left join item_id on item.id = item_id.iid
+			where item.uid = %d and sid = '%s' and service = 'WEBPAGE' and item_type = %d $sql_options $revision limit 1",
+			intval($channel_id),
+			dbesc($arr['title']),
+			intval(ITEM_TYPE_WEBPAGE)
+		);
+	}
+	else {
+		$r = q("select * from item where mid = '%s' and uid = %d and item_type = " . intval(ITEM_TYPE_WEBPAGE) . " $sql_extra limit 1",
+			dbesc($arr['mid']),
+			intval($channel_id)
+		);
+	}
 
 	if(! $r)
 		return '';