aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorsirius <sirius83@gmx.de>2014-04-20 00:31:18 +0200
committersirius <sirius83@gmx.de>2014-04-20 00:31:18 +0200
commit3845e1de7d73664c818360c12ae2b7b3b1882c90 (patch)
tree3431a2358e13f1f386ce7d800194af321783a5f8 /mod
parentb0dc9f13edcbb705e1aa7d0af33bf0351f4d81f4 (diff)
downloadvolse-hubzilla-3845e1de7d73664c818360c12ae2b7b3b1882c90.tar.gz
volse-hubzilla-3845e1de7d73664c818360c12ae2b7b3b1882c90.tar.bz2
volse-hubzilla-3845e1de7d73664c818360c12ae2b7b3b1882c90.zip
Added permission handling of profile-photos
Now we automatically set the appropiate viewing-permissions on profile edit and revert photos chosen as default profile picture bacl to public access.
Diffstat (limited to 'mod')
-rw-r--r--mod/profile_photo.php44
-rw-r--r--mod/profperm.php1
2 files changed, 29 insertions, 16 deletions
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index ef0a31673..ab7c3b12f 100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -13,30 +13,43 @@ require_once('include/photo/photo_driver.php');
* @return void
*/
-function profile_photo_set_profile_perms($profileid) {
+function profile_photo_set_profile_perms($profileid = '') {
$allowcid = '';
if (x($profileid)) {
- $r = q("SELECT photo, profile_guid, id, is_default FROM profile WHERE profile.id = %d LIMIT 1", intval($profileid));
- $profile = $r[0];
- if(x($profile['id']) && x($profile['photo']) && intval($profile['is_default']) != 1) { //Only set perms when query suceeded and when we are not on the default profile
- preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
- $resource_id = $resource_id[0];
+ $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.id = %d LIMIT 1", intval($profileid));
+ } else {
+
+ logger('Resetting permissions on default-profile-photo for user'.local_user());
+ $r = q("SELECT photo, profile_guid, id, is_default, uid FROM profile WHERE profile.uid = %d AND is_default = 1 LIMIT 1", intval(local_user()) ); //If no profile is given, we update the default profile
+ }
+
+ $profile = $r[0];
+ if(x($profile['id']) && x($profile['photo'])) {
+ preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
+ $resource_id = $resource_id[0];
+
+ if (intval($profile['is_default']) != 1) {
+ $r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", intval(local_user()) );
$r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = %d ", intval($profile['id'])); //Should not be needed in future. Catches old int-profile-ids.
$r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", dbesc($profile['profile_guid']));
+ $allowcid = "<" . $r0[0]['channel_hash'] . ">";
foreach ($r1 as $entry) {
$allowcid .= "<" . $entry['abook_xchan'] . ">";
}
foreach ($r2 as $entry) {
- $allowcid .= "<" . $entry['abook_xchan'] . ">";
- }
- if(x($allowcid)) {
- q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['id']));
- }
+ $allowcid .= "<" . $entry['abook_xchan'] . ">";
+ }
+
+ q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['uid']));
+
+ } else {
+ q("UPDATE `photo` SET allow_cid = '' WHERE profile = 1 AND uid = %d",intval($profile['uid'])); //Reset permissions on default profile picture to public
}
}
+
return;
}
@@ -273,7 +286,7 @@ function profile_photo_content(&$a) {
intval(PHOTO_PROFILE),
intval(PHOTO_PROFILE),
intval(local_user()));
-
+
// set all sizes of this one as profile photos
$r = q("UPDATE photo SET profile = 1 WHERE uid = %d AND resource_id = '%s'",
intval(local_user()),
@@ -292,7 +305,8 @@ function profile_photo_content(&$a) {
dbesc($channel['xchan_hash'])
);
- proc_run('php','include/directory.php',local_user());
+ profile_photo_set_profile_perms(); //Reset default photo permissions to public
+ proc_run('php','include/directory.php',local_user());
goaway($a->get_baseurl() . '/profiles');
}
@@ -316,7 +330,7 @@ function profile_photo_content(&$a) {
);
if(! x($a->data,'imagecrop')) {
-
+
$tpl = get_markup_template('profile_photo.tpl');
$o .= replace_macros($tpl,array(
@@ -389,7 +403,7 @@ function profile_photo_crop_ui_head(&$a, $ph){
$p['scale'] = 1;
$r = $ph->save($p);
-
+
if($r === false)
notice( sprintf(t('Image size reduction [%s] failed.'),"640") . EOL );
else
diff --git a/mod/profperm.php b/mod/profperm.php
index a91523805..197062936 100644
--- a/mod/profperm.php
+++ b/mod/profperm.php
@@ -95,7 +95,6 @@ function profperm_content(&$a) {
profile_photo_set_profile_perms($profile['id']);
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
-
intval(local_user()),
dbesc($profile['profile_guid'])
);