diff options
| author | Paolo T <tuscanhobbit@users.noreply.github.com> | 2013-11-12 02:09:32 -0800 |
|---|---|---|
| committer | Paolo T <tuscanhobbit@users.noreply.github.com> | 2013-11-12 02:09:32 -0800 |
| commit | 67a101452b82782114143dc0b5bdba15adc0ba99 (patch) | |
| tree | 9daee3807b370d02ee4c28e6df7db08731fbb9f1 /mod/share.php | |
| parent | b23f3fc03b6bc751aab67fe2258a21f7c65bab8e (diff) | |
| parent | 7cb4c2f8ad813336aafdec05e40f3a8eb1808d00 (diff) | |
| download | volse-hubzilla-67a101452b82782114143dc0b5bdba15adc0ba99.tar.gz volse-hubzilla-67a101452b82782114143dc0b5bdba15adc0ba99.tar.bz2 volse-hubzilla-67a101452b82782114143dc0b5bdba15adc0ba99.zip | |
Merge pull request #4 from friendica/master
Fork aligned to red master
Diffstat (limited to 'mod/share.php')
| -rw-r--r-- | mod/share.php | 54 |
1 files changed, 48 insertions, 6 deletions
diff --git a/mod/share.php b/mod/share.php index 1f767578d..48965ad36 100644 --- a/mod/share.php +++ b/mod/share.php @@ -1,20 +1,45 @@ <?php +require_once('include/security.php'); require_once('bbcode.php'); function share_init(&$a) { $post_id = ((argc() > 1) ? intval(argv(1)) : 0); - if((! $post_id) || (! local_user())) + + if(! $post_id) + killme(); + + if(! (local_user() || remote_user())) killme(); - $r = q("SELECT * from item WHERE id = %d AND uid = %d and item_restrict = 0 LIMIT 1", - intval($post_id), - intval(local_user()) + + $r = q("SELECT * from item WHERE id = %d LIMIT 1", + intval($post_id) ); if((! $r) || $r[0]['item_private']) killme(); + $sql_extra = item_permissions_sql($r[0]['uid']); + + $r = q("select * from item where id = %d $sql_extra", + intval($post_id) + ); + if(! $r) + killme(); + + // FIXME - we only share bbcode + + if($r[0]['mimetype'] !== 'text/bbcode') + killme(); + + // FIXME - eventually we want to post remotely via rpost + // on your home site. + // When that works remove this next bit: + + if(! local_user()) + killme(); + xchan_query($r); if (strpos($r[0]['body'], "[/share]") !== false) { @@ -32,7 +57,24 @@ function share_init(&$a) { $o.= "[/share]"; } - echo $o; - killme(); + if(local_user()) { + echo $o; + killme(); + } + + $observer = $a->get_observer(); + $parsed = $observer['xchan_url']; + if($parsed) { + $post_url = $parsed['scheme'] . ':' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '') + . '/rpost'; + // FIXME - we were probably called from JS + // so we don't know the return page. + // in fact we won't be able to load the remote page. + // we might need an iframe + + $x = z_post_url($post_url, array('f' => '', 'body' => $o )); + killme(); + } + } |