diff options
-rw-r--r-- | Zotlabs/Module/Photos.php | 46 | ||||
-rw-r--r-- | include/attach.php | 12 | ||||
-rw-r--r-- | include/photos.php | 7 |
3 files changed, 33 insertions, 32 deletions
diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index dca58c15a..d993c481e 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -612,8 +612,14 @@ class Photos extends \Zotlabs\Web\Controller { if(! $aclselect) { $aclselect = '<input id="group_allow" type="hidden" name="allow_gid[]" value="" /><input id="contact_allow" type="hidden" name="allow_cid[]" value="" /><input id="group_deny" type="hidden" name="deny_gid[]" value="" /><input id="contact_deny" type="hidden" name="deny_cid[]" value="" />'; } - - $selname = (($datum) ? hex2bin($datum) : ''); + + $selname = ''; + + if($datum) { + $h = attach_by_hash_nodata($datum,get_observer_hash()); + $selname = $h['data']['display_path']; + } + $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); @@ -694,12 +700,12 @@ class Photos extends \Zotlabs\Web\Controller { // edit album name $album_edit = null; - if(($album !== t('Profile Photos')) && ($album !== 'Profile Photos') && ($album !== 'Contact Photos') && ($album !== t('Contact Photos'))) { - if($can_post) { - $album_e = $album; - $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); + + if($can_post) { + $album_e = $album; + $albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer'])); - // @fixme - syncronise actions with DAV + // @fixme - syncronise actions with DAV // $edit_tpl = get_markup_template('album_edit.tpl'); // $album_edit = replace_macros($edit_tpl,array( @@ -713,7 +719,6 @@ class Photos extends \Zotlabs\Web\Controller { // '$dropsubmit' => t('Delete Album') // )); - } } if($_GET['order'] === 'posted') @@ -1244,9 +1249,9 @@ class Photos extends \Zotlabs\Web\Controller { \App::set_pager_itemspage(60); - $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created FROM photo p - INNER JOIN ( SELECT resource_id, attach.folder as folder, max(imgscale) imgscale FROM photo left join attach on - photo.resource_id = attach.hash + $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created, p.display_path + FROM photo p + INNER JOIN ( SELECT resource_id, max(imgscale) imgscale FROM photo WHERE photo.uid = %d AND photo_usage IN ( %d, %d ) AND is_nsfw = %d $sql_extra group by resource_id ) ph ON (p.resource_id = ph.resource_id and p.imgscale = ph.imgscale) @@ -1265,23 +1270,18 @@ class Photos extends \Zotlabs\Web\Controller { if($r) { $twist = 'rotright'; foreach($r as $rr) { + + if(! attach_can_view_folder(\App::$data['channel']['channel_id'],get_observer_hash(),$rr['resource_id'])) + continue; + if($twist == 'rotright') $twist = 'rotleft'; else $twist = 'rotright'; $ext = $phototypes[$rr['mimetype']]; - if(\App::get_template_engine() === 'internal') { - $alt_e = template_escape($rr['filename']); - $name_e = template_escape($rr['album']); - } - else { - $alt_e = $rr['filename']; - $name_e = $rr['album']; - } - - - + $alt_e = $rr['filename']; + $name_e = dirname($rr['display_path']); $photos[] = array( 'id' => $rr['id'], @@ -1291,9 +1291,7 @@ class Photos extends \Zotlabs\Web\Controller { 'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . ((($rr['imgscale']) == 6) ? 4 : $rr['imgscale']) . '.' . $ext, 'alt' => $alt_e, 'album' => array( - 'link' => z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . bin2hex($rr['album']), 'name' => $name_e, - 'alt' => t('View Album'), ), ); diff --git a/include/attach.php b/include/attach.php index c8582f8d3..675dd0da2 100644 --- a/include/attach.php +++ b/include/attach.php @@ -209,7 +209,7 @@ function attach_list_files($channel_id, $observer, $hash = '', $filename = '', $ // Retrieve all columns except 'data' - $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", + $r = q("select id, aid, uid, hash, filename, filetype, filesize, revision, folder, os_path, display_path, os_storage, is_dir, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d $sql_extra ORDER BY $orderby $limit", intval($channel_id) ); @@ -284,6 +284,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) { return $ret; } + function attach_can_view_folder($uid,$ob_hash,$folder_hash) { $sql_extra = permissions_sql($uid,$ob_hash); @@ -348,7 +349,7 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) { // Now we'll see if we can access the attachment - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, os_path, display_path, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_extra limit 1", intval($r[0]['uid']), dbesc($hash) ); @@ -531,7 +532,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($options === 'update' && $arr && array_key_exists('revision',$arr)) $sql_options = " and revision = " . intval($arr['revision']) . " "; - $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", + $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, os_path, display_path, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d $sql_options limit 1", dbesc($arr['hash']), intval($channel_id) ); @@ -929,7 +930,7 @@ function z_readdir($channel_id, $observer_hash, $pathname, $parent_hash = '') { else $paths = array($pathname); - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), + $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_path, display_path, is_photo, is_dir, os_storage, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where id = %d and folder = '%s' and filename = '%s' and is_dir != 0 " . permissions_sql($channel_id), intval($channel_id), dbesc($parent_hash), dbesc($paths[0]) @@ -2342,4 +2343,5 @@ function attach_upgrade() { } } } -}
\ No newline at end of file +} + diff --git a/include/photos.php b/include/photos.php index e73428478..a3869a72e 100644 --- a/include/photos.php +++ b/include/photos.php @@ -459,23 +459,24 @@ function photos_albums_list($channel, $observer, $sort_key = 'display_path', $di $sort_key = dbesc($sort_key); $direction = dbesc($direction); - $r = q("select display_path, hash from attach where is_dir = 1 and uid = %d order by $sort_key $direction", + $r = q("select display_path, hash from attach where is_dir = 1 and uid = %d $sql_extra order by $sort_key $direction", intval($channel_id) ); + array_unshift($r,[ 'display_path' => '/', 'hash' => '' ]); $str = ids_to_querystr($r,'hash',true); $albums = []; if($str) { - $x = q("select count( distinct hash ) as total, folder from attach where is_photo = 1 and uid = %d and folder in ( $str ) group by folder ", + $x = q("select count( distinct hash ) as total, folder from attach where is_photo = 1 and uid = %d and folder in ( $str ) $sql_extra group by folder ", intval($channel_id) ); if($x) { foreach($r as $rv) { foreach($x as $xv) { if($xv['folder'] === $rv['hash']) { - if($xv['total'] != 0) { + if($xv['total'] != 0 && attach_can_view_folder($channel_id,$observer_xchan,$xv['folder'])) { $albums[] = [ 'album' => $rv['display_path'], 'folder' => $xv['folder'], 'total' => $xv['total'] ]; } continue; |