aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--done4
-rw-r--r--mod/display.php112
2 files changed, 71 insertions, 45 deletions
diff --git a/done b/done
index 1fd62bfa8..e2eb825bc 100644
--- a/done
+++ b/done
@@ -137,7 +137,7 @@ mod/
+ oexchange.php
+ opensearch.php
= parse_url.php
-? photo.php
++ photo.php
photos.php
+ ping.php (needs more work)
poco.php
@@ -151,7 +151,7 @@ mod/
profperm.php
qsearch.php
+ randprof.php
- redir.php
+- redir.php
- register.php
regmod.php
removeme.php
diff --git a/mod/display.php b/mod/display.php
index 80813e69e..6a9f2a996 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -3,7 +3,7 @@
function display_content(&$a) {
- if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+ if(intval(get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
notice( t('Public access denied.') . EOL);
return;
}
@@ -19,59 +19,85 @@ function display_content(&$a) {
$a->page['htmlhead'] .= get_markup_template('display-head.tpl');
- $nick = (($a->argc > 1) ? $a->argv[1] : '');
- profile_load($a,$nick);
+ if(argc() > 1)
+ $item_hash = argv(2);
- $item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0);
-
- if(! $item_id) {
+ if(! $item_hash) {
$a->error = 404;
notice( t('Item not found.') . EOL);
return;
}
- $groups = array();
-
- $contact = null;
- $remote_contact = false;
-
- $contact_id = 0;
-
- if(is_array($_SESSION['remote'])) {
- foreach($_SESSION['remote'] as $v) {
- if($v['uid'] == $a->profile['uid']) {
- $contact_id = $v['cid'];
- break;
- }
- }
- }
+ $observer_is_owner = false;
- if($contact_id) {
- $groups = init_groups_visitor($contact_id);
- $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($contact_id),
- intval($a->profile['uid'])
+ if(local_user()) {
+ $r = q("select * from item where uri = '%s' and uid = %d limit 1",
+ dbesc($item_hash),
+ intval(local_user())
);
- if(count($r)) {
- $contact = $r[0];
- $remote_contact = true;
- }
- }
-
- if(! $remote_contact) {
- if(local_user()) {
- $contact_id = $_SESSION['cid'];
- $contact = $a->contact;
- }
+ if($r && $count($r))
+ $observer_is_owner = true;
}
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
- intval($a->profile['uid'])
- );
- if(count($r))
- $a->page_contact = $r[0];
- $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
+ // Checking for visitors is a bit harder, we'll look for this item from any of their friends that they've auth'd
+ // against and see if any of them are writeable.
+ // This will be messy.
+
+// $nick = (($a->argc > 1) ? $a->argv[1] : '');
+// profile_load($a,$nick);
+
+// $item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0);
+
+// if(! $item_id) {
+// $a->error = 404;
+// notice( t('Item not found.') . EOL);
+// return;
+// }
+
+// $groups = array();
+
+// $contact = null;
+// $remote_contact = false;
+
+// $contact_id = 0;
+
+// if(is_array($_SESSION['remote'])) {
+// foreach($_SESSION['remote'] as $v) {
+// if($v['uid'] == $a->profile['uid']) {
+// $contact_id = $v['cid'];
+// break;
+// }
+// }
+// }
+
+// if($contact_id) {
+// $groups = init_groups_visitor($contact_id);
+// $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+// intval($contact_id),
+// intval($a->profile['uid'])
+// );
+// if(count($r)) {
+// $contact = $r[0];
+// $remote_contact = true;
+// }
+// }
+
+// if(! $remote_contact) {
+
+// if(local_user()) {
+// $contact_id = $_SESSION['cid'];
+// $contact = $a->contact;
+// }
+// }
+
+// $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+// intval($a->profile['uid'])
+// );
+// if(count($r))
+// $a->page_contact = $r[0];
+
+// $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
if($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) {
notice( t('Access to this profile has been restricted.') . EOL);