aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--boot.php2
-rw-r--r--include/Photo.php18
-rwxr-xr-xinclude/items.php6
-rw-r--r--include/user.php320
-rw-r--r--install/database.sql4
-rw-r--r--install/update.php9
-rw-r--r--mod/intro.php7
-rw-r--r--mod/photos.php11
-rw-r--r--mod/profile_photo.php11
-rw-r--r--mod/wall_upload.php159
-rw-r--r--version.inc2
-rw-r--r--view/tpl/jot-header.tpl14
12 files changed, 138 insertions, 425 deletions
diff --git a/boot.php b/boot.php
index 6d38a21a6..e561ec6c2 100644
--- a/boot.php
+++ b/boot.php
@@ -16,7 +16,7 @@ require_once('include/features.php');
define ( 'FRIENDICA_PLATFORM', 'Friendica Red');
define ( 'FRIENDICA_VERSION', trim(file_get_contents('version.inc')) . 'R');
define ( 'ZOT_REVISION', 1 );
-define ( 'DB_UPDATE_VERSION', 1020 );
+define ( 'DB_UPDATE_VERSION', 1021 );
define ( 'EOL', '<br />' . "\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
diff --git a/include/Photo.php b/include/Photo.php
index c3165cc9f..a60cfc868 100644
--- a/include/Photo.php
+++ b/include/Photo.php
@@ -523,7 +523,7 @@ class Photo {
- public function store($uid, $xchan, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') {
+ public function store($aid, $uid, $xchan, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') {
$x = q("select id from photo where `resource_id` = '%s' and uid = %d and `xchan` = '%s' and `scale` = %d limit 1",
dbesc($rid),
@@ -533,6 +533,7 @@ class Photo {
);
if(count($x)) {
$r = q("UPDATE `photo`
+ set `aid` = %d,
set `uid` = %d,
`xchan` = '%s',
`resource_id` = '%s',
@@ -544,6 +545,7 @@ class Photo {
`height` = %d,
`width` = %d,
`data` = '%s',
+ `size` = %d,
`scale` = %d,
`profile` = %d,
`allow_cid` = '%s',
@@ -552,6 +554,7 @@ class Photo {
`deny_gid` = '%s'
where id = %d limit 1",
+ intval($aid),
intval($uid),
dbesc($xchan),
dbesc($rid),
@@ -563,6 +566,7 @@ class Photo {
intval($this->getHeight()),
intval($this->getWidth()),
dbesc($this->imageString()),
+ intval(strlen($this->imageString())),
intval($scale),
intval($profile),
dbesc($allow_cid),
@@ -574,8 +578,9 @@ class Photo {
}
else {
$r = q("INSERT INTO `photo`
- ( `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
- VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s' )",
+ ( `aid`, `uid`, `xchan`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `size`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
+ VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s' )",
+ intval($aid),
intval($uid),
dbesc($xchan),
dbesc($rid),
@@ -587,6 +592,7 @@ class Photo {
intval($this->getHeight()),
intval($this->getWidth()),
dbesc($this->imageString()),
+ intval(strlen($this->imageString())),
intval($scale),
intval($profile),
dbesc($allow_cid),
@@ -669,21 +675,21 @@ function import_profile_photo($photo,$xchan) {
$img->scaleImageSquare(175);
- $r = $img->store(0, $xchan, $hash, $filename, 'Contact Photos', 4 );
+ $r = $img->store(0, 0, $xchan, $hash, $filename, 'Contact Photos', 4 );
if($r === false)
$photo_failure = true;
$img->scaleImage(80);
- $r = $img->store(0, $xchan, $hash, $filename, 'Contact Photos', 5 );
+ $r = $img->store(0, 0, $xchan, $hash, $filename, 'Contact Photos', 5 );
if($r === false)
$photo_failure = true;
$img->scaleImage(48);
- $r = $img->store(0, $xchan, $hash, $filename, 'Contact Photos', 6 );
+ $r = $img->store(0, 0, $xchan, $hash, $filename, 'Contact Photos', 6 );
if($r === false)
$photo_failure = true;
diff --git a/include/items.php b/include/items.php
index fe8aadcbf..9ab39d7ae 100755
--- a/include/items.php
+++ b/include/items.php
@@ -2080,13 +2080,13 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
$img->scaleImageSquare(175);
$hash = $resource_id;
- $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 4);
+ $r = $img->store(0, $contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 4);
$img->scaleImage(80);
- $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 5);
+ $r = $img->store(0, $contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 5);
$img->scaleImage(48);
- $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 6);
+ $r = $img->store(0, $contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 6);
$a = get_app();
diff --git a/include/user.php b/include/user.php
deleted file mode 100644
index d71f024d1..000000000
--- a/include/user.php
+++ /dev/null
@@ -1,320 +0,0 @@
-<?php
-
-require_once('include/config.php');
-require_once('include/network.php');
-require_once('include/plugin.php');
-require_once('include/text.php');
-require_once('include/language.php');
-require_once('include/datetime.php');
-
-function create_user($arr) {
-
- // Required: { username, nickname, email } or { openid_url }
-
- $a = get_app();
- $result = array('success' => false, 'user' => null, 'password' => '', 'message' => '');
-
- $using_invites = get_config('system','invitation_only');
- $num_invites = get_config('system','number_invites');
-
-
- $invite_id = ((x($arr,'invite_id')) ? notags(trim($arr['invite_id'])) : '');
- $username = ((x($arr,'username')) ? notags(trim($arr['username'])) : '');
- $nickname = ((x($arr,'nickname')) ? notags(trim($arr['nickname'])) : '');
- $email = ((x($arr,'email')) ? notags(trim($arr['email'])) : '');
- $openid_url = ((x($arr,'openid_url')) ? notags(trim($arr['openid_url'])) : '');
- $photo = ((x($arr,'photo')) ? notags(trim($arr['photo'])) : '');
- $password = ((x($arr,'password')) ? trim($arr['password']) : '');
- $blocked = ((x($arr,'blocked')) ? intval($arr['blocked']) : 0);
- $verified = ((x($arr,'verified')) ? intval($arr['verified']) : 0);
-
- $publish = ((x($arr,'profile_publish_reg') && intval($arr['profile_publish_reg'])) ? 1 : 0);
- $netpublish = ((strlen(get_config('system','directory_submit_url'))) ? $publish : 0);
-
- $tmp_str = $openid_url;
-
- if($using_invites) {
- if(! $invite_id) {
- $result['message'] .= t('An invitation is required.') . EOL;
- return $result;
- }
- $r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
- if(! results($r)) {
- $result['message'] .= t('Invitation could not be verified.') . EOL;
- return $result;
- }
- }
-
- if((! x($username)) || (! x($email)) || (! x($nickname))) {
- if($openid_url) {
- if(! validate_url($tmp_str)) {
- $result['message'] .= t('Invalid OpenID url') . EOL;
- return $result;
- }
- $_SESSION['register'] = 1;
- $_SESSION['openid'] = $openid_url;
- require_once('library/openid.php');
- $openid = new LightOpenID;
- $openid->identity = $openid_url;
- $openid->returnUrl = $a->get_baseurl() . '/openid';
- $openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
- $openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
- goaway($openid->authUrl());
- // NOTREACHED
- }
-
- notice( t('Please enter the required information.') . EOL );
- return;
- }
-
- if(! validate_url($tmp_str))
- $openid_url = '';
-
-
- $err = '';
-
- // collapse multiple spaces in name
- $username = preg_replace('/ +/',' ',$username);
-
- if(mb_strlen($username) > 48)
- $result['message'] .= t('Please use a shorter name.') . EOL;
- if(mb_strlen($username) < 3)
- $result['message'] .= t('Name too short.') . EOL;
-
- // I don't really like having this rule, but it cuts down
- // on the number of auto-registrations by Russian spammers
-
- // Using preg_match was completely unreliable, due to mixed UTF-8 regex support
- // $no_utf = get_config('system','no_utf');
- // $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' );
-
- // So now we are just looking for a space in the full name.
-
- $loose_reg = get_config('system','no_regfullname');
- if(! $loose_reg) {
- $username = mb_convert_case($username,MB_CASE_TITLE,'UTF-8');
- if(! strpos($username,' '))
- $result['message'] .= t("That doesn't appear to be your full \x28First Last\x29 name.") . EOL;
- }
-
-
- if(! allowed_email($email))
- $result['message'] .= t('Your email domain is not among those allowed on this site.') . EOL;
-
- if((! valid_email($email)) || (! validate_email($email)))
- $result['message'] .= t('Not a valid email address.') . EOL;
-
- // Disallow somebody creating an account using openid that uses the admin email address,
- // since openid bypasses email verification. We'll allow it if there is not yet an admin account.
-
- if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
- $r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
- dbesc($email)
- );
- if(count($r))
- $result['message'] .= t('Cannot use that email.') . EOL;
- }
-
- $nickname = $arr['nickname'] = strtolower($nickname);
-
- if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname))
- $result['message'] .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
- $r = q("SELECT `uid` FROM `user`
- WHERE `nickname` = '%s' LIMIT 1",
- dbesc($nickname)
- );
- if(count($r))
- $result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
-
- // Check deleted accounts that had this nickname. Doesn't matter to us,
- // but could be a security issue for federated platforms.
-
- $r = q("SELECT * FROM `userd`
- WHERE `username` = '%s' LIMIT 1",
- dbesc($nickname)
- );
- if(count($r))
- $result['message'] .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
-
- if(strlen($result['message'])) {
- return $result;
- }
-
- $new_password = ((strlen($password)) ? $password : autoname(6) . mt_rand(100,9999));
- $new_password_encoded = hash('whirlpool',$new_password);
-
- $result['password'] = $new_password;
-
- require_once('include/crypto.php');
-
- $keys = new_keypair(4096);
-
- if($keys === false) {
- $result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL;
- return $result;
- }
-
- $default_service_class = get_config('system','default_service_class');
- if(! $default_service_class)
- $default_service_class = '';
-
-
- $prvkey = $keys['prvkey'];
- $pubkey = $keys['pubkey'];
-
- $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
- `pubkey`, `prvkey`, `register_date`, `verified`, `blocked`, `timezone`, `service_class` )
- VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC', '%s' )",
- dbesc(generate_user_guid()),
- dbesc($username),
- dbesc($new_password_encoded),
- dbesc($email),
- dbesc($openid_url),
- dbesc($nickname),
- dbesc($pubkey),
- dbesc($prvkey),
- dbesc(datetime_convert()),
- intval($verified),
- intval($blocked),
- dbesc($default_service_class)
- );
-
- if($r) {
- $r = q("SELECT * FROM `user`
- WHERE `username` = '%s' AND `password` = '%s' LIMIT 1",
- dbesc($username),
- dbesc($new_password_encoded)
- );
- if($r !== false && count($r)) {
- $u = $r[0];
- $newuid = intval($r[0]['uid']);
- }
- }
- else {
- $result['message'] .= t('An error occurred during registration. Please try again.') . EOL ;
- return $result;
- }
-
- /**
- * if somebody clicked submit twice very quickly, they could end up with two accounts
- * due to race condition. Remove this one.
- */
-
- $r = q("SELECT `uid` FROM `user`
- WHERE `nickname` = '%s' ",
- dbesc($nickname)
- );
- if((count($r) > 1) && $newuid) {
- $result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
- q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($newuid)
- );
- return $result;
- }
-
- if(x($newuid) !== false) {
- $r = q("INSERT INTO `profile` ( `uid`, `profile_name`, `is_default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )
- VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ",
- intval($newuid),
- t('default'),
- 1,
- dbesc($username),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}"),
- intval($publish),
- intval($netpublish)
-
- );
- if($r === false) {
- $result['message'] .= t('An error occurred creating your default profile. Please try again.') . EOL;
- // Start fresh next time.
- $r = q("DELETE FROM `user` WHERE `uid` = %d",
- intval($newuid));
- return $result;
- }
- $r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,
- `request`, `notify`, `poll`, `confirm`, `poco`, `name_date`, `uri_date`, `avatar_date`, `closeness` )
- VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ",
- intval($newuid),
- datetime_convert(),
- dbesc($username),
- dbesc($nickname),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}"),
- dbesc($a->get_baseurl() . "/photo/micro/{$newuid}"),
- dbesc($a->get_baseurl() . "/channel/$nickname"),
- dbesc(normalise_link($a->get_baseurl() . "/channel/$nickname")),
- dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname"),
- dbesc($a->get_baseurl() . "/poco/$nickname"),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc(datetime_convert())
- );
-
- // Create a group with no members. This allows somebody to use it
- // right away as a default group for new contacts.
-
- require_once('include/group.php');
- group_add($newuid, t('Friends'));
-
- }
-
- // if we have no OpenID photo try to look up an avatar
- if(! strlen($photo))
- $photo = avatar_img($email);
-
- // unless there is no avatar-plugin loaded
- if(strlen($photo)) {
- require_once('include/Photo.php');
- $photo_failure = false;
-
- $filename = basename($photo);
- $img_str = fetch_url($photo,true);
- // guess mimetype from headers or filename
- $type = guess_image_type($photo,true);
-
-
- $img = new Photo($img_str, $type);
- if($img->is_valid()) {
-
- $img->scaleImageSquare(175);
-
- $hash = photo_new_resource();
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(80);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(48);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6 );
-
- if($r === false)
- $photo_failure = true;
-
- if(! $photo_failure) {
- q("UPDATE `photo` SET `profile` = 1 WHERE `resource_id` = '%s' ",
- dbesc($hash)
- );
- }
- }
- }
-
- call_hooks('register_account', $newuid);
-
- $result['success'] = true;
- $result['user'] = $u;
- return $result;
-
-}
diff --git a/install/database.sql b/install/database.sql
index 914add2d8..39c3b81c2 100644
--- a/install/database.sql
+++ b/install/database.sql
@@ -630,8 +630,6 @@ CREATE TABLE IF NOT EXISTS `photo` (
`aid` int(10) unsigned NOT NULL DEFAULT '0',
`uid` int(10) unsigned NOT NULL,
`xchan` char(255) NOT NULL DEFAULT '',
- `contact-id` int(10) unsigned NOT NULL DEFAULT '0',
- `guid` char(64) NOT NULL,
`resource_id` char(255) NOT NULL,
`created` datetime NOT NULL,
`edited` datetime NOT NULL,
@@ -652,7 +650,7 @@ CREATE TABLE IF NOT EXISTS `photo` (
`deny_gid` mediumtext NOT NULL,
PRIMARY KEY (`id`),
KEY `uid` (`uid`),
- KEY `resource-id` (`resource_id`),
+ KEY `resource_id` (`resource_id`),
KEY `album` (`album`),
KEY `scale` (`scale`),
KEY `profile` (`profile`),
diff --git a/install/update.php b/install/update.php
index 0459df817..8decfc133 100644
--- a/install/update.php
+++ b/install/update.php
@@ -1,6 +1,6 @@
<?php
-define( 'UPDATE_VERSION' , 1020 );
+define( 'UPDATE_VERSION' , 1021 );
/**
*
@@ -285,3 +285,10 @@ function update_r1019() {
return UPDATE_SUCCESS;
return UPDATE_FAILED;
}
+
+function update_r1020() {
+ $r = q("alter table photo drop `contact-id`, drop guid, drop index `resource-id`, add index ( `resource_id` )");
+ if($r)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+}
diff --git a/mod/intro.php b/mod/intro.php
index dd98a6c7b..5b660485a 100644
--- a/mod/intro.php
+++ b/mod/intro.php
@@ -6,9 +6,10 @@ function intro_post(&$a) {
if(! intval($_REQUEST['contact_id']))
return;
+ $approved = false;
$flags = 0;
if($_REQUEST['submit'] == t('Approve')) {
- ;
+ $approved = true;
}
elseif($_REQUEST['submit'] == t('Block')) {
$flags = ABOOK_FLAG_BLOCKED;
@@ -29,6 +30,10 @@ function intro_post(&$a) {
else
notice( t('Connection update failed.') . EOL);
+ if($approved)
+ goaway(z_root() . '/connections/' . $_REQUEST['contact_id']);
+
+
}
function intro_aside(&$a) {
diff --git a/mod/photos.php b/mod/photos.php
index 90f436699..eaf35cc20 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -30,7 +30,7 @@ function photos_init(&$a) {
$o .= '<div class="vcard">';
$o .= '<div class="fn">' . $a->data['channel']['channel_name'] . '</div>';
- $o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_cached_avatar_image($a->get_baseurl() . '/photo/profile/l/' . $a->data['channel']['channel_id']) . '" alt="' . $a->data['channel']['channel_name'] . '" /></div>';
+ $o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_baseurl() . '/photo/profile/l/' . $a->data['channel']['channel_id'] . '" alt="' . $a->data['channel']['channel_name'] . '" /></div>';
$o .= '</div>';
@@ -790,7 +790,9 @@ function photos_post(&$a) {
$photo_hash = photo_new_resource();
- $r = $ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
+ $page_owner_aid = $a->data['channel']['channel_account_id'];
+
+ $r = $ph->store($page_owner_aid, $page_owner_uid, $visitor, $photo_hash, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
if(! $r) {
logger('mod/photos.php: photos_post(): image store failed' , LOGGER_DEBUG);
@@ -800,13 +802,13 @@ function photos_post(&$a) {
if($width > 640 || $height > 640) {
$ph->scaleImage(640);
- $ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
+ $ph->store($page_owner_aid, $page_owner_uid, $visitor, $photo_hash, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
$smallest = 1;
}
if($width > 320 || $height > 320) {
$ph->scaleImage(320);
- $ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
+ $ph->store($page_owner_aid, $page_owner_uid, $visitor, $photo_hash, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
$smallest = 2;
}
@@ -928,6 +930,7 @@ function photos_content(&$a) {
$contact_id = 0;
$owner_uid = $a->data['channel']['channel_id'];
+ $owner_aid = $a->data['channel']['channel_account_id'];
$community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false);
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index d1e24269a..1bee046d1 100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -81,8 +81,9 @@ function profile_photo_post(&$a) {
$im = new Photo($base_image['data'], $base_image['type']);
if($im->is_valid()) {
$im->cropImage(175,$srcX,$srcY,$srcW,$srcH);
+ $aid = get_account_id();
- $r = $im->store(local_user(), 0, $base_image['resource_id'],$base_image['filename'],
+ $r = $im->store($aid, local_user(), '', $base_image['resource_id'],$base_image['filename'],
t('Profile Photos'), 4, $is_default_profile);
if($r === false)
@@ -90,7 +91,7 @@ function profile_photo_post(&$a) {
$im->scaleImage(80);
- $r = $im->store(local_user(), 0, $base_image['resource_id'],$base_image['filename'],
+ $r = $im->store($aid, local_user(), '', $base_image['resource_id'],$base_image['filename'],
t('Profile Photos'), 5, $is_default_profile);
if($r === false)
@@ -98,7 +99,7 @@ function profile_photo_post(&$a) {
$im->scaleImage(48);
- $r = $im->store(local_user(), 0, $base_image['resource_id'],$base_image['filename'],
+ $r = $im->store($aid, local_user(), '', $base_image['resource_id'],$base_image['filename'],
t('Profile Photos'), 6, $is_default_profile);
if($r === false)
@@ -308,7 +309,7 @@ function profile_photo_crop_ui_head(&$a, $ph){
$smallest = 0;
- $r = $ph->store(local_user(), 0 , $hash, $filename, t('Profile Photos'), 0 );
+ $r = $ph->store(get_account_id(), local_user(), '', $hash, $filename, t('Profile Photos'), 0 );
if($r)
info( t('Image uploaded successfully.') . EOL );
@@ -317,7 +318,7 @@ function profile_photo_crop_ui_head(&$a, $ph){
if($width > 640 || $height > 640) {
$ph->scaleImage(640);
- $r = $ph->store(local_user(), 0 , $hash, $filename, t('Profile Photos'), 1 );
+ $r = $ph->store(get_account_id(), local_user(), '' , $hash, $filename, t('Profile Photos'), 1 );
if($r === false)
notice( sprintf(t('Image size reduction [%s] failed.'),"640") . EOL );
diff --git a/mod/wall_upload.php b/mod/wall_upload.php
index c695f9b3e..a3dcf9a0b 100644
--- a/mod/wall_upload.php
+++ b/mod/wall_upload.php
@@ -2,72 +2,58 @@
require_once('Photo.php');
+
+
+
function wall_upload_post(&$a) {
- if(argc() > 1) {
- if(! x($_FILES,'media')) {
+ $using_api = ((x($_FILES,'media')) ? true : false);
+
+ if($using_api) {
+ require_once('include/api.php');
+ $user_info = api_get_user($a);
+ $nick = $user_info['screen_name'];
+ }
+ else {
+ if(argc() > 1)
$nick = argv(1);
- }
- else {
- $user_info = api_get_user($a);
- $nick = $user_info['screen_name'];
- }
+ }
+
+ $channel = null;
+
+ if($nick) {
$r = q("SELECT channel.* from channel where channel_address = '%s' limit 1",
dbesc($nick)
);
- if(! ($r && count($r)))
- return;
- $channel = $r[0];
+ if($r)
+ $channel = $r[0];
}
- else
- return;
+ if(! $channel) {
+ if($using_api)
+ return;
+ else {
+ notice( t('Channel not found.') . EOL);
+ killme();
+ }
+ }
$can_post = false;
$visitor = 0;
+
$page_owner_uid = $r[0]['channel_id'];
-// $default_cid = $r[0]['id'];
-
- $page_owner_nick = $r[0]['channel_address'];
-
-// $community_page = (($r[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
-
- if((local_user()) && (local_user() == $page_owner_uid))
- $can_post = true;
-
-// else {
-// if($community_page && remote_user()) {
-// $cid = 0;
-// if(is_array($_SESSION['remote'])) {
-// foreach($_SESSION['remote'] as $v) {
-// if($v['uid'] == $page_owner_uid) {
-// $cid = $v['cid'];
-// break;
-// }
-// }
-// }
-// if($cid) {
-
-// $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
-// intval($cid),
-// intval($page_owner_uid)
-// );
-// if(count($r)) {
-// $can_post = true;
-// $visitor = $cid;
-// }
-// }
-// }
-// }
-
- if(! $can_post) {
- notice( t('Permission denied.') . EOL );
- killme();
- }
-
- if(! x($_FILES,'userfile') && ! x($_FILES,'media'))
- killme();
+
+ $observer = $a->get_observer();
+
+ if(! perm_is_allowed($page_owner_uid,$observer['xchan_hash'],'post_photos')) {
+ if($using_api)
+ return;
+ else {
+ notice( t('Permission denied.') . EOL);
+ killme();
+ }
+ }
if(x($_FILES,'userfile')) {
$src = $_FILES['userfile']['tmp_name'];
@@ -81,36 +67,58 @@ function wall_upload_post(&$a) {
$filesize = intval($_FILES['media']['size']);
$filetype = $_FILES['media']['type'];
}
+ else {
+ if($using_api)
+ return;
+ else {
+ notice( t('Empty upload.') . EOL);
+ killme();
+ }
+ }
+
- if ($filetype=="") $filetype=guess_image_type($filename);
+ if($filetype == "")
+ $filetype=guess_image_type($filename);
$maximagesize = get_config('system','maximagesize');
if(($maximagesize) && ($filesize > $maximagesize)) {
- echo sprintf( t('Image exceeds size limit of %d'), $maximagesize) . EOL;
@unlink($src);
- killme();
+ if($using_api)
+ return;
+ else {
+ echo sprintf( t('Image exceeds size limit of %d'), $maximagesize) . EOL;
+ killme();
+ }
}
- $r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ",
- intval($page_owner_uid)
- );
$limit = service_class_fetch($page_owner_uid,'photo_upload_limit');
-
- if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) {
- echo upgrade_message(true) . EOL ;
- @unlink($src);
- killme();
+ if($limit !== false) {
+ $r = q("select sum(size) as total from photo where uid = %d and scale = 0 ",
+ intval($page_owner_uid)
+ );
+ if(($r) && (($r[0]['total'] + strlen($imagedata)) > $limit)) {
+ @unlink($src);
+ if($using_api)
+ return;
+ else {
+ echo upgrade_message(true) . EOL ;
+ killme();
+ }
+ }
}
-
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata, $filetype);
if(! $ph->is_valid()) {
- echo ( t('Unable to process image.') . EOL);
@unlink($src);
- killme();
+ if($using_api)
+ return;
+ else {
+ echo ( t('Unable to process image.') . EOL);
+ killme();
+ }
}
$ph->orient($src);
@@ -130,31 +138,36 @@ function wall_upload_post(&$a) {
$smallest = 0;
$defperm = '<' . $channel['channel_hash'] . '>';
+ $aid = $channel['channel_account_id'];
+ $visitor = ((remote_user()) ? remote_user() : '');
- $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm);
+ $r = $ph->store($aid, $page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm);
if(! $r) {
- echo ( t('Image upload failed.') . EOL);
- killme();
+ if($using_api)
+ return;
+ else {
+ echo ( t('Image upload failed.') . EOL);
+ killme();
+ }
}
if($width > 640 || $height > 640) {
$ph->scaleImage(640);
- $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm);
+ $r = $ph->store($aid, $page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm);
if($r)
$smallest = 1;
}
if($width > 320 || $height > 320) {
$ph->scaleImage(320);
- $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm);
+ $r = $ph->store($aid, $page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm);
if($r)
$smallest = 2;
}
$basename = basename($filename);
-
if($_REQUEST['silent']) {
$m = '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}.".$ph->getExt()."[/img][/url]";
return($m);
diff --git a/version.inc b/version.inc
index 6c9b95b8c..2e853b2e6 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2013-01-21.207
+2013-01-22.208
diff --git a/view/tpl/jot-header.tpl b/view/tpl/jot-header.tpl
index f777e997f..e4fb00b7a 100644
--- a/view/tpl/jot-header.tpl
+++ b/view/tpl/jot-header.tpl
@@ -134,7 +134,7 @@ function enableOnUser(){
var uploader = new window.AjaxUpload(
'wall-image-upload',
- { action: 'wall_upload/$nickname',
+ { action: '$baseurl/wall_upload/$nickname',
name: 'userfile',
onSubmit: function(file,ext) { $('#profile-rotator').show(); },
onComplete: function(file,response) {
@@ -145,7 +145,7 @@ function enableOnUser(){
);
var file_uploader = new window.AjaxUpload(
'wall-file-upload',
- { action: 'wall_attach/$nickname',
+ { action: '$baseurl/wall_attach/$nickname',
name: 'userfile',
onSubmit: function(file,ext) { $('#profile-rotator').show(); },
onComplete: function(file,response) {
@@ -181,7 +181,7 @@ function enableOnUser(){
if(reply && reply.length) {
reply = bin2hex(reply);
$('#profile-rotator').show();
- $.get('parse_url?binurl=' + reply, function(data) {
+ $.get('$baseurl/parse_url?binurl=' + reply, function(data) {
addeditortext(data);
$('#profile-rotator').hide();
});
@@ -214,7 +214,7 @@ function enableOnUser(){
if ($('#jot-popup').length != 0) $('#jot-popup').show();
$('#like-rotator-' + id).show();
- $.get('share/' + id, function(data) {
+ $.get('$baseurl/share/' + id, function(data) {
if (!editor) $("#profile-jot-text").val("");
initEditor(function(){
addeditortext(data);
@@ -238,7 +238,7 @@ function enableOnUser(){
if(reply && reply.length) {
reply = bin2hex(reply);
$('#profile-rotator').show();
- $.get('parse_url?binurl=' + reply, function(data) {
+ $.get('$baseurl/parse_url?binurl=' + reply, function(data) {
if (!editor) $("#profile-jot-text").val("");
initEditor(function(){
addeditortext(data);
@@ -257,7 +257,7 @@ function enableOnUser(){
commentBusy = true;
$('body').css('cursor', 'wait');
- $.get('tagger/' + id + '?term=' + reply);
+ $.get('$baseurl/tagger/' + id + '?term=' + reply);
if(timer) clearTimeout(timer);
timer = setTimeout(NavUpdate,3000);
liking = 1;
@@ -284,7 +284,7 @@ function enableOnUser(){
if(reply && reply.length) {
commentBusy = true;
$('body').css('cursor', 'wait');
- $.get('filer/' + id + '?term=' + reply, NavUpdate);
+ $.get('$baseurl/filer/' + id + '?term=' + reply, NavUpdate);
// if(timer) clearTimeout(timer);
// timer = setTimeout(NavUpdate,3000);
liking = 1;