diff options
author | Thomas Willingham <founder@kakste.com> | 2013-07-10 19:36:53 +0100 |
---|---|---|
committer | Thomas Willingham <founder@kakste.com> | 2013-07-10 19:36:53 +0100 |
commit | 3f2829a062c9a6bedf7ebdc59db15e064b5a7446 (patch) | |
tree | d3d78477bd89789c6992d33b407a025afba5b9a9 /mod | |
parent | 085be3a16f704a3f89bbe4d795c9ca915cc26e8a (diff) | |
download | volse-hubzilla-3f2829a062c9a6bedf7ebdc59db15e064b5a7446.tar.gz volse-hubzilla-3f2829a062c9a6bedf7ebdc59db15e064b5a7446.tar.bz2 volse-hubzilla-3f2829a062c9a6bedf7ebdc59db15e064b5a7446.zip |
Minimum value webpages
Diffstat (limited to 'mod')
-rw-r--r-- | mod/editwebpage.php | 106 | ||||
-rw-r--r-- | mod/webpage.php | 281 |
2 files changed, 387 insertions, 0 deletions
diff --git a/mod/editwebpage.php b/mod/editwebpage.php new file mode 100644 index 000000000..d15d9f364 --- /dev/null +++ b/mod/editwebpage.php @@ -0,0 +1,106 @@ + +<?php + +require_once('acl_selectors.php'); + +function editwebpage_content(&$a) { + + $o = ''; + + // We can do better, but for now, editing only works for your own pages, so... + if(! local_user()) { + notice( t('Permission denied.') . EOL); + return; + } + + $post_id = ((argc() > 1) ? intval(argv(1)) : 0); + + if(! $post_id) { + notice( t('Item not found') . EOL); + return; + } + + // uid and author_xchan alone should be enough - but it doesn't seem to be any more expensive to use both, so keep it in case of edge cases + $itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s and author_xchan = '%s' LIMIT 1", + intval($post_id), + intval(local_user()), + dbesc(get_observer_hash()) + ); + + + + // All of the following is straight from editpost - but we'll need richer editing options for webpages eventually, so we may as well have it's own mod now. + + $plaintext = true; + if(feature_enabled(local_user(),'richtext')) + $plaintext = false; + + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( + '$title' => t('Edit post') + )); + + + $a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array( + '$baseurl' => $a->get_baseurl(), + '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), + '$ispublic' => ' ', // t('Visible to <strong>everybody</strong>'), + '$geotag' => $geotag, + '$nickname' => $a->user['nickname'] + )); + + + $tpl = get_markup_template("jot.tpl"); + + $jotplugins = ''; + $jotnets = ''; + + call_hooks('jot_tool', $jotplugins); + call_hooks('jot_networks', $jotnets); + + $channel = $a->get_channel(); + + //$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins)); + + + $o .= replace_macros($tpl,array( + '$return_path' => $_SESSION['return_url'], + '$action' => 'item', + '$share' => t('Edit'), + '$upload' => t('Upload photo'), + '$attach' => t('Attach file'), + '$weblink' => t('Insert web link'), + '$youtube' => t('Insert YouTube video'), + '$video' => t('Insert Vorbis [.ogg] video'), + '$audio' => t('Insert Vorbis [.ogg] audio'), + '$setloc' => t('Set your location'), + '$noloc' => t('Clear browser location'), + '$wait' => t('Please wait'), + '$permset' => t('Permission settings'), + '$ptyp' => $itm[0]['type'], + '$content' => undo_post_tagging($itm[0]['body']), + '$post_id' => $post_id, + '$baseurl' => $a->get_baseurl(), + '$defloc' => $channel['channel_location'], + '$visitor' => 'none', + '$pvisit' => 'none', + '$public' => t('Public post'), + '$jotnets' => $jotnets, + '$title' => htmlspecialchars($itm[0]['title']), + '$placeholdertitle' => t('Set title'), + '$category' => '', + '$placeholdercategory' => t('Categories (comma-separated list)'), + '$emtitle' => t('Example: bob@example.com, mary@example.com'), + '$lockstate' => $lockstate, + '$acl' => '', + '$bang' => '', + '$profile_uid' => local_user(), + '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''), + '$jotplugins' => $jotplugins, + '$sourceapp' => t($a->sourcename), + )); + + return $o; + +} + + diff --git a/mod/webpage.php b/mod/webpage.php new file mode 100644 index 000000000..ebb6b2bf3 --- /dev/null +++ b/mod/webpage.php @@ -0,0 +1,281 @@ +<?php + +function webpage_init(&$a) { + + if(argc() > 1) + $which = argv(1); + else { + notice( t('Requested profile is not available.') . EOL ); + $a->error = 404; + return; + } + + $profile = 0; + $channel = $a->get_channel(); + + if((local_user()) && (argc() > 2) && (argv(2) === 'view')) { + $which = $channel['channel_address']; + $profile = argv(1); + } + + $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which .'" />' . "\r\n" ; + + // Run profile_load() here to make sure the theme is set before + // we start loading content + + profile_load($a,$which,$profile); + +} + + +function webpage_aside(&$a) { + + require_once('include/contact_widgets.php'); + require_once('include/items.php'); + + if(! $a->profile['profile_uid']) + return; + + $channel_display = get_pconfig($a->profile['profile_uid'],'system','channel_format'); + if(! $channel_display) + profile_create_sidebar($a); + + if($channel_display === 'full') + $a->page['template'] = 'full'; + else { + $cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat']) : ''); + $a->set_widget('archive',posted_date_widget($a->get_baseurl(true) . '/channel/' . $a->profile['channel_address'],$a->profile['profile_uid'],true)); + $a->set_widget('categories',categories_widget($a->get_baseurl(true) . '/channel/' . $a->profile['channel_address'],$cat)); + } +} + + +function webpage_content(&$a, $update = 0, $load = false) { + + $category = $datequery = $datequery2 = ''; + + if(argc() > 2) { + for($x = 2; $x < argc(); $x ++) { + if(is_a_date_arg(argv($x))) { + if($datequery) + $datequery2 = escape_tags(argv($x)); + else + $datequery = escape_tags(argv($x)); + } + } + } + + + if(get_config('system','block_public') && (! get_account_id()) && (! remote_user())) { + return login(); + } + + + + require_once("include/bbcode.php"); + require_once('include/security.php'); + require_once('include/conversation.php'); + require_once('include/acl_selectors.php'); + require_once('include/items.php'); + require_once('include/permissions.php'); + + + $groups = array(); + + $o = ''; + + if($update) { + // Ensure we've got a profile owner if updating. + $a->profile['profile_uid'] = $update; + } + else { + if($a->profile['profile_uid'] == local_user()) { + nav_set_selected('home'); + } + } + + $is_owner = (((local_user()) && ($a->profile['profile_uid'] == local_user())) ? true : false); + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + $perms = get_all_perms($a->profile['profile_uid'],$ob_hash); + + if(! $perms['view_stream']) { + notice( t('Permission denied.') . EOL); + return; + } + + + if(! $update) { + + $o .= profile_tabs($a, $is_owner, $a->profile['channel_address']); + + $o .= common_friends_visitor_widget($a->profile['profile_uid']); + + + if($perms['post_wall']) { + + $x = array( + 'is_owner' => $is_owner, + 'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig($a->profile['profile_uid'],'system','use_browser_location')))) ? true : false), + 'default_location' => (($is_owner) ? $a->profile['channel_location'] : ''), + 'nickname' => $a->profile['channel_address'], + 'lockstate' => (((strlen($a->profile['channel_allow_cid'])) || (strlen($a->profile['channel_allow_gid'])) || (strlen($a->profile['channel_deny_cid'])) || (strlen($a->profile['channel_deny_gid']))) ? 'lock' : 'unlock'), + 'acl' => (($is_owner) ? populate_acl($channel, false) : ''), + 'showacl' => (($is_owner) ? 'yes' : ''), + 'bang' => '', + 'visitor' => (($is_owner || $observer) ? 'block' : 'none'), + 'profile_uid' => $a->profile['profile_uid'] + ); + + $o .= status_editor($a,$x); + } + + } + + + /** + * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups + */ + + + $sql_extra = item_permissions_sql($a->profile['profile_uid'],$remote_contact,$groups); + + + if(($update) && (! $load)) { + + $r = q("SELECT distinct parent AS `item_id` from item + left join abook on item.author_xchan = abook.abook_xchan + WHERE uid = %d AND item_restrict = 0 + AND (item_flags & %d) AND ( item_flags & %d ) + AND ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) + $sql_extra + ORDER BY created DESC", + intval($a->profile['profile_uid']), + intval(ITEM_WEBPAGE), + intval(ITEM_UNSEEN), + intval(ABOOK_FLAG_BLOCKED) + ); + + } + else { + + if(x($category)) { + $sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category')); + } + + if($datequery) { + $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery)))); + } + if($datequery2) { + $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2)))); + } + + + $a->set_pager_itemspage(40); + + $pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage'])); + + if($load) { + $r = q("SELECT distinct id AS item_id FROM item + left join abook on item.author_xchan = abook.abook_xchan + WHERE uid = %d AND item_restrict = 0 + AND (item_flags & %d) and (item_flags & %d) + AND ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) + $sql_extra $sql_extra2 + ORDER BY created DESC $pager_sql ", + intval($a->profile['profile_uid']), + intval(ITEM_WEBPAGE), + intval(ITEM_THREAD_TOP), + intval(ABOOK_FLAG_BLOCKED) + + ); + } + else { + $r = array(); + } + } + + if($r) { + + $parents_str = ids_to_querystr($r,'item_id'); + + $items = q("SELECT `item`.*, `item`.`id` AS `item_id` + FROM `item` + WHERE `item`.`uid` = %d AND `item`.`item_restrict` = 0 + AND `item`.`parent` IN ( %s ) + AND (item_flags $ %d) + $sql_extra ", + intval($a->profile['profile_uid']), + intval(ITEM_WEBPAGE), + dbesc($parents_str) + ); + + xchan_query($items); + $items = fetch_post_tags($items, true); + $items = conv_sort($items,'created'); + + } else { + $items = array(); + } + + + if((! $update) && (! $load)) { + + // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, + // because browser prefetching might change it on us. We have to deliver it with the page. + + $o .= '<div id="live-channel"></div>' . "\r\n"; + $o .= "<script> var profile_uid = " . $a->profile['profile_uid'] + . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; + + $a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array( + '$baseurl' => z_root(), + '$pgtype' => 'page', + '$uid' => (($a->profile['profile_uid']) ? $a->profile['profile_uid'] : '0'), + '$gid' => '0', + '$cid' => '0', + '$cmin' => '0', + '$cmax' => '0', + '$star' => '0', + '$liked' => '0', + '$conv' => '0', + '$spam' => '0', + '$nouveau' => '0', + '$wall' => '0', + '$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1), + '$search' => '', + '$order' => '', + '$file' => '', + '$cats' => (($category) ? $category : ''), + '$mid' => '', + '$dend' => $datequery, + '$dbegin' => $datequery2 + )); + + + } + + + + if($is_owner) { + + $r = q("UPDATE item SET item_flags = (item_flags ^ %d) + WHERE (item_flags & %d) AND (item_flags & %d) AND uid = %d ", + intval(ITEM_UNSEEN), + intval(ITEM_UNSEEN), + intval(ITEM_WEBPAGE), + intval(local_user()) + ); + } + + + $o .= conversation($a,$items,'channel',$update,'client'); + + if(! $update) + $o .= alt_pager($a,count($items)); + + return $o; +} + |