aboutsummaryrefslogtreecommitdiffstats
path: root/mod/editlayout.php
diff options
context:
space:
mode:
authorHabeas Codice <habeascodice@federated.social>2014-11-13 13:06:31 -0800
committerHabeas Codice <habeascodice@federated.social>2014-11-13 13:06:31 -0800
commitac27db22c18ee7a82a52cbadb3efe2760b910499 (patch)
treeaa7002d73dbcd4136033589f1cb135184f4126c1 /mod/editlayout.php
parent1a5a5c7edb8697c93f8bababbafa80245378dd7e (diff)
parent109cb936632c693d3f24afb9e2ce533797ad1a7f (diff)
downloadvolse-hubzilla-ac27db22c18ee7a82a52cbadb3efe2760b910499.tar.gz
volse-hubzilla-ac27db22c18ee7a82a52cbadb3efe2760b910499.tar.bz2
volse-hubzilla-ac27db22c18ee7a82a52cbadb3efe2760b910499.zip
Merge remote-tracking branch 'upstream/master'
Conflicts: boot.php include/dba/dba_driver.php include/diaspora.php include/follow.php include/session.php include/zot.php mod/photos.php mod/ping.php
Diffstat (limited to 'mod/editlayout.php')
-rw-r--r--mod/editlayout.php216
1 files changed, 124 insertions, 92 deletions
diff --git a/mod/editlayout.php b/mod/editlayout.php
index 89cae2b0c..94e2e628c 100644
--- a/mod/editlayout.php
+++ b/mod/editlayout.php
@@ -1,34 +1,76 @@
<?php
-// What is this here for? I think it's cruft, but comment out for now in case it's here for a reason
-// require_once('acl_selectors.php');
+require_once('include/identity.php');
+require_once('include/acl_selectors.php');
+
+function editlayout_init(&$a) {
+
+ if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $a->is_sys = true;
+ }
+ }
+
+ if(argc() > 1)
+ $which = argv(1);
+ else
+ return;
+
+ profile_load($a,$which);
+
+}
function editlayout_content(&$a) {
-// We first need to figure out who owns the webpage, grab it from an argument
- $which = argv(1);
-// $a->get_channel() and stuff don't work here, so we've got to find the owner for ourselves.
- $r = q("select channel_id from channel where channel_address = '%s'",
- dbesc($which)
+ if(! $a->profile) {
+ notice( t('Requested profile is not available.') . EOL );
+ $a->error = 404;
+ return;
+ }
+
+ $which = argv(1);
+
+ $uid = local_user();
+ $owner = 0;
+ $channel = null;
+ $observer = $a->get_observer();
+
+ $channel = $a->get_channel();
+
+ if($a->is_sys && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $uid = $owner = intval($sys['channel_id']);
+ $channel = $sys;
+ $observer = $sys;
+ }
+ }
+
+ if(! $owner) {
+ // Figure out who the page owner is.
+ $r = q("select channel_id from channel where channel_address = '%s'",
+ dbesc($which)
);
- if($r) {
- $owner = intval($r[0]['channel_id']);
- //logger('owner: ' . print_r($owner,true));
- }
+ if($r) {
+ $owner = intval($r[0]['channel_id']);
+ }
+ }
+ $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
-
-
- if((local_user()) && (argc() > 2) && (argv(2) === 'view')) {
- $which = $channel['channel_address'];
- }
+ if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+ $is_owner = (($uid && $uid == $owner) ? true : false);
$o = '';
-// Figure out which post we're editing
+ // Figure out which post we're editing
$post_id = ((argc() > 2) ? intval(argv(2)) : 0);
@@ -37,48 +79,41 @@ function editlayout_content(&$a) {
return;
}
-// Now we've got a post and an owner, let's find out if we're allowed to edit it
+ // Now we've got a post and an owner, let's find out if we're allowed to edit it
- $observer = $a->get_observer();
- $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+ $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
- $perms = get_all_perms($owner,$ob_hash);
-
- if(! $perms['write_pages']) {
- notice( t('Permission denied.') . EOL);
- return;
- }
+ $perms = get_all_perms($owner,$ob_hash);
+ if(! $perms['write_pages']) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
-// We've already figured out which item we want and whose copy we need, so we don't need anything fancy here
- $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
- intval($post_id),
- intval($owner)
- );
+ $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
+ intval($post_id),
+ intval($owner)
+ );
$item_id = q("select * from item_id where service = 'PDL' and iid = %d limit 1",
- $itm[0]['id']
+ intval($itm[0]['id'])
);
if($item_id)
$layout_title = $item_id[0]['sid'];
$plaintext = true;
-// You may or may not be a local user. This won't work,
-// if(feature_enabled(local_user(),'richtext'))
-// $plaintext = false;
$o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
'$title' => t('Edit Layout')
));
-
$a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array(
- '$baseurl' => $a->get_baseurl(),
- '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
- '$ispublic' => '&nbsp;', // t('Visible to <strong>everybody</strong>'),
- '$geotag' => $geotag,
- '$nickname' => $a->user['nickname'],
+ '$baseurl' => $a->get_baseurl(),
+ '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
+ '$ispublic' => '&nbsp;', // t('Visible to <strong>everybody</strong>'),
+ '$geotag' => $geotag,
+ '$nickname' => $channel['channel_address'],
'$confirmdelete' => t('Delete layout?')
));
@@ -91,71 +126,68 @@ function editlayout_content(&$a) {
call_hooks('jot_tool', $jotplugins);
call_hooks('jot_networks', $jotnets);
- $channel = $a->get_channel();
-
- //$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins));
-//FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD instead of loading a sensible page. So, send folk to the webpage list.
+ // FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD
+ // instead of loading a sensible page. So, send folk to the webpage list.
$rp = '/layouts/' . $which;
$o .= replace_macros($tpl,array(
- '$return_path' => $rp,
- '$action' => 'item',
- '$webpage' => ITEM_PDL,
- '$share' => t('Edit'),
- '$upload' => t('Upload photo'),
- '$attach' => t('Attach file'),
- '$weblink' => t('Insert web link'),
- '$youtube' => t('Insert YouTube video'),
- '$video' => t('Insert Vorbis [.ogg] video'),
- '$audio' => t('Insert Vorbis [.ogg] audio'),
- '$setloc' => t('Set your location'),
- '$noloc' => t('Clear browser location'),
- '$wait' => t('Please wait'),
- '$permset' => t('Permission settings'),
- '$ptyp' => $itm[0]['type'],
- '$content' => undo_post_tagging($itm[0]['body']),
- '$post_id' => $post_id,
- '$baseurl' => $a->get_baseurl(),
- '$defloc' => $channel['channel_location'],
- '$visitor' => false,
- '$public' => t('Public post'),
- '$jotnets' => $jotnets,
- '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
- '$placeholdertitle' => t('Set title'),
- '$pagetitle' => $layout_title,
- '$category' => '',
+ '$return_path' => $rp,
+ '$action' => 'item',
+ '$webpage' => ITEM_PDL,
+ '$share' => t('Edit'),
+ '$upload' => t('Upload photo'),
+ '$attach' => t('Attach file'),
+ '$weblink' => t('Insert web link'),
+ '$youtube' => t('Insert YouTube video'),
+ '$video' => t('Insert Vorbis [.ogg] video'),
+ '$audio' => t('Insert Vorbis [.ogg] audio'),
+ '$setloc' => t('Set your location'),
+ '$noloc' => t('Clear browser location'),
+ '$wait' => t('Please wait'),
+ '$permset' => t('Permission settings'),
+ '$ptyp' => $itm[0]['type'],
+ '$content' => undo_post_tagging($itm[0]['body']),
+ '$post_id' => $post_id,
+ '$baseurl' => $a->get_baseurl(),
+ '$defloc' => $channel['channel_location'],
+ '$visitor' => false,
+ '$public' => t('Public post'),
+ '$jotnets' => $jotnets,
+ '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
+ '$placeholdertitle' => t('Set title'),
+ '$pagetitle' => $layout_title,
+ '$category' => '',
'$placeholdercategory' => t('Categories (comma-separated list)'),
- '$emtitle' => t('Example: bob@example.com, mary@example.com'),
- '$lockstate' => $lockstate,
- '$acl' => '',
- '$bang' => '',
- '$profile_uid' => (intval($owner)),
- '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''),
- '$jotplugins' => $jotplugins,
- '$sourceapp' => t($a->sourcename),
- '$defexpire' => '',
- '$feature_expire' => false,
- '$expires' => t('Set expiration date'),
+ '$emtitle' => t('Example: bob@example.com, mary@example.com'),
+ '$lockstate' => $lockstate,
+ '$acl' => '',
+ '$bang' => '',
+ '$profile_uid' => (intval($owner)),
+ '$preview' => ((feature_enabled($uid,'preview')) ? t('Preview') : ''),
+ '$jotplugins' => $jotplugins,
+ '$sourceapp' => t($a->sourcename),
+ '$defexpire' => '',
+ '$feature_expire' => false,
+ '$expires' => t('Set expiration date'),
));
- $ob = get_observer_hash();
- if(($itm[0]['author_xchan'] === $ob) || ($itm[0]['owner_xchan'] === $ob))
+ if(($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash))
$o .= '<br /><br /><a class="layout-delete-link" href="item/drop/' . $itm[0]['id'] . '" >' . t('Delete Layout') . '</a><br />';
$x = array(
- 'type' => 'layout',
- 'title' => $itm[0]['title'],
- 'body' => $itm[0]['body'],
- 'term' => $itm[0]['term'],
- 'created' => $itm[0]['created'],
- 'edited' => $itm[0]['edited'],
- 'mimetype' => $itm[0]['mimetype'],
+ 'type' => 'layout',
+ 'title' => $itm[0]['title'],
+ 'body' => $itm[0]['body'],
+ 'term' => $itm[0]['term'],
+ 'created' => $itm[0]['created'],
+ 'edited' => $itm[0]['edited'],
+ 'mimetype' => $itm[0]['mimetype'],
'pagetitle' => $page_title,
- 'mid' => $itm[0]['mid']
+ 'mid' => $itm[0]['mid']
);
$o .= EOL . EOL . t('Share') . EOL . '<textarea onclick="this.select();" class="shareable_element_text" >[element]' . base64url_encode(json_encode($x)) . '[/element]</textarea>' . EOL . EOL;