diff options
-rw-r--r-- | include/api.php | 31 | ||||
-rw-r--r-- | include/event.php | 62 | ||||
-rw-r--r-- | include/html2plain.php | 2 | ||||
-rw-r--r-- | include/zot.php | 10 | ||||
-rw-r--r-- | version.inc | 2 |
5 files changed, 65 insertions, 42 deletions
diff --git a/include/api.php b/include/api.php index 9ed025564..140e75f29 100644 --- a/include/api.php +++ b/include/api.php @@ -802,6 +802,14 @@ require_once('include/security.php'); if ($exclude_replies > 0) $sql_extra .= ' AND `item`.`parent` = `item`.`id`'; + if (api_user() != $user_info['uid']) { + $observer = get_app()->get_observer(); + require_once('include/permissions.php'); + if(! perm_is_allowed($user_info['uid'],(($observer) ? $observer['xchan_hash'] : ''),'view_stream')) + return ''; + $sql_extra .= " and item_private = 0 "; + } + $r = q("SELECT * from item WHERE uid = %d and item_restrict = 0 $sql_extra AND id > %d @@ -820,12 +828,14 @@ require_once('include/security.php'); // level which items you've seen and which you haven't. If you're looking // at the network timeline just mark everything seen. - $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d ) - WHERE item_flags & %d and uid = %d", - intval(ITEM_UNSEEN), - intval(ITEM_UNSEEN), - intval($user_info['uid']) - ); + if (api_user() == $user_info['uid']) { + $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d ) + WHERE item_flags & %d and uid = %d", + intval(ITEM_UNSEEN), + intval(ITEM_UNSEEN), + intval($user_info['uid']) + ); + } $data = array('$statuses' => $ret); @@ -966,7 +976,7 @@ require_once('include/security.php'); logger('API: api_statuses_repeat: '.$id); //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false); - +// FIXME $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`nick` as `reply_author`, `contact`.`name`, `contact`.`photo`, `contact`.`url` as `reply_url`, `contact`.`rel`, `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn_id`, `contact`.`self`, @@ -1008,7 +1018,7 @@ require_once('include/security.php'); $user_info = api_get_user($a); // params - $id = intval($a->argv[3]); + $id = intval(argv(3)); logger('API: api_statuses_destroy: '.$id); @@ -1029,6 +1039,8 @@ require_once('include/security.php'); * http://developer.twitter.com/doc/get/statuses/mentions * */ + +// FIXME function api_statuses_mentions(&$a, $type){ if (api_user()===false) return false; @@ -1106,6 +1118,7 @@ require_once('include/security.php'); return api_apply_template("timeline", $type, $data); } api_register_func('api/statuses/mentions','api_statuses_mentions', true); + // FIXME?? I don't think mentions and replies are congruent in this case api_register_func('api/statuses/replies','api_statuses_mentions', true); @@ -1113,7 +1126,7 @@ require_once('include/security.php'); if (api_user()===false) return false; $user_info = api_get_user($a); - // get last newtork messages + // get last network messages logger("api_statuses_user_timeline: api_user: ". api_user() . diff --git a/include/event.php b/include/event.php index 73a050cec..8bf65016f 100644 --- a/include/event.php +++ b/include/event.php @@ -205,30 +205,36 @@ function event_store($arr) { $a = get_app(); - $arr['created'] = (($arr['created']) ? $arr['created'] : datetime_convert()); - $arr['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert()); - $arr['type'] = (($arr['type']) ? $arr['type'] : 'event' ); + $arr['created'] = (($arr['created']) ? $arr['created'] : datetime_convert()); + $arr['edited'] = (($arr['edited']) ? $arr['edited'] : datetime_convert()); + $arr['type'] = (($arr['type']) ? $arr['type'] : 'event' ); $arr['event_xchan'] = (($arr['event_xchan']) ? $arr['event_xchan'] : ''); // Existing event being modified - if($arr['id']) { + if($arr['id'] || $arr['event_hash']) { // has the event actually changed? - $r = q("SELECT * FROM `event` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($arr['id']), - intval($arr['uid']) - ); - if((! $r) || ($r[0]['edited'] === $arr['edited'])) { - - // Nothing has changed. Grab the item id to return. - - $r = q("SELECT id FROM item WHERE resource_type = 'event' and resource_id = '%s' AND uid = %d LIMIT 1", - intval($arr['event_hash']), + if($arr['event_hash']) { + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", + dbesc($arr['event_hash']), intval($arr['uid']) ); - return(($r) ? $r[0]['id'] : 0); + } + else { + $r = q("SELECT * FROM event WHERE id = %d AND uid = %d LIMIT 1", + intval($arr['id']), + intval($arr['uid']) + ); + } + + if(! $r) + return 0; + + if($r[0]['edited'] === $arr['edited']) { + // Nothing has changed. Return the ID. + return $r[0]['id']; } // The event changed. Update it. @@ -262,12 +268,12 @@ function event_store($arr) { dbesc($arr['allow_gid']), dbesc($arr['deny_cid']), dbesc($arr['deny_gid']), - intval($arr['id']), + intval($r[0]['id']), intval($arr['uid']) ); $r = q("SELECT * FROM item left join xchan on author_xchan = xchan_hash WHERE resource_id = '%s' AND resource_type = 'event' and uid = %d LIMIT 1", - intval($arr['event_hash']), + intval($r[0]['event_hash']), intval($arr['uid']) ); @@ -291,6 +297,7 @@ function event_store($arr) { $private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0); + q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d WHERE id = %d AND uid = %d LIMIT 1", dbesc($arr['summary']), dbesc(format_event_bbcode($arr)), @@ -321,8 +328,12 @@ function event_store($arr) { $hash = random_string(); - $r = q("INSERT INTO `event` ( `uid`,`aid`,`event_xchan`,`event_hash`,`created`,`edited`,`start`,`finish`,`summary`, `desc`,`location`,`type`, - `adjust`,`nofinish`,`allow_cid`,`allow_gid`,`deny_cid`,`deny_gid`) + if(! $arr['uri']) + $arr['uri'] = item_message_id(); + + + $r = q("INSERT INTO event ( uid,aid,event_xchan,event_hash,created,edited,start,finish,summary, desc,location,type, + adjust,nofinish,allow_cid,allow_gid,deny_cid,deny_gid) VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s', '%s', '%s' ) ", intval($arr['uid']), intval($arr['account']), @@ -345,7 +356,7 @@ function event_store($arr) { ); - $r = q("SELECT * FROM `event` WHERE `event_hash` = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM event WHERE event_hash = '%s' AND uid = %d LIMIT 1", dbesc($hash), intval($arr['uid']) ); @@ -365,17 +376,14 @@ function event_store($arr) { $item_flags |= ITEM_ORIGIN; } - - $uri = item_message_id(); - $private = (($arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid']) ? 1 : 0); $item_arr = array(); $item_arr['uid'] = $arr['uid']; $item_arr['author_xchan'] = $arr['event_xchan']; - $item_arr['uri'] = $uri; - $item_arr['parent_uri'] = $uri; + $item_arr['uri'] = $arr['uri']; + $item_arr['parent_uri'] = $arr['uri']; $item_arr['item_flags'] = $item_flags; @@ -386,13 +394,13 @@ function event_store($arr) { $item_arr['allow_gid'] = $arr['allow_gid']; $item_arr['deny_cid'] = $arr['deny_cid']; $item_arr['deny_gid'] = $arr['deny_gid']; - $item_arr['private'] = (($arr['private'] || $private) ? 1 : 0); + $item_arr['item_private'] = $private; $item_arr['verb'] = ACTIVITY_POST; $item_arr['resource_type'] = 'event'; $item_arr['resource_id'] = $hash; - $item_arr['obj_type'] = ACTIVITY_OBJ_EVENT; + $item_arr['obj_type'] = ACTIVITY_OBJ_EVENT; $item_arr['body'] = format_event_bbcode($arr); $x = q("select * from xchan where xchan_hash = '%s' limit 1", diff --git a/include/html2plain.php b/include/html2plain.php index e5615f8ba..b8c9c440d 100644 --- a/include/html2plain.php +++ b/include/html2plain.php @@ -205,7 +205,7 @@ function html2plain($html, $wraplength = 75, $compact = false) if (!$compact) { $counter = 1; foreach ($urls as $id=>$url) - if (strpos($message, $url) == false) + if ($url && strpos($message, $url) === false) $message .= "\n".$url." "; //$message .= "\n[".($counter++)."] ".$url; } diff --git a/include/zot.php b/include/zot.php index 28ecdc4dc..0290d1d46 100644 --- a/include/zot.php +++ b/include/zot.php @@ -901,16 +901,18 @@ function process_delivery($sender,$arr,$deliveries,$relay) { $ev['uid'] = $channel['channel_id']; $ev['account'] = $channel['channel_account_id']; $ev['edited'] = $arr['edited']; + $ev['uri'] = $arr['uri']; + $ev['private'] = $arr['item_private']; // is this an edit? - $r = q("SELECT * FROM event left join item on resource_id = event_hash WHERE resource_type = 'event' and - `uri` = '%s' AND event.uid = %d LIMIT 1", + $r = q("SELECT resource_id FROM item where uri = '%s' and uid = %d and resource_type = 'event' limit 1", dbesc($arr['uri']), intval($channel['channel_id']) ); - if($r) - $ev['event_hash'] = $r[0]['event_hash']; + if($r) { + $ev['event_hash'] = $r[0]['resource_id']; + } dbg(1); $xyz = event_store($ev); dbg(0); diff --git a/version.inc b/version.inc index cf9145384..8d6a973e0 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2013-01-19.205 +2013-01-20.206 |