aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--mod/item.php21
-rw-r--r--mod/webpages.php52
2 files changed, 40 insertions, 33 deletions
diff --git a/mod/item.php b/mod/item.php
index 9688dbfe1..fdfc43bf2 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -33,14 +33,15 @@ function item_post(&$a) {
$uid = local_user();
$channel = null;
+ $observer = null;
- if(array_key_exists('sys',$_REQUEST) && $_REQUEST['sys'] == 1 && is_site_admin()) {
- require_once('include/identity.php');
- $sys = get_sys_channel();
- if($sys && intval($sys['channel_id'])) {
- $uid = intval($sys['channel_id']);
- $channel = $sys;
- }
+ $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0);
+ require_once('include/identity.php');
+ $sys = get_sys_channel();
+ if($sys && $profile_uid && ($sys['channel_id'] == $profile_uid) && is_site_admin()) {
+ $uid = intval($sys['channel_id']);
+ $channel = $sys;
+ $observer = $sys;
}
if(x($_REQUEST,'dropitems')) {
@@ -78,7 +79,6 @@ function item_post(&$a) {
$message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
$created = ((x($_REQUEST,'created')) ? datetime_convert('UTC','UTC',$_REQUEST['created']) : datetime_convert());
- $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0);
$post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0);
$app = ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : '');
$return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
@@ -176,9 +176,8 @@ function item_post(&$a) {
}
-
- $observer = $a->get_observer();
-
+ if(! $observer)
+ $observer = $a->get_observer();
if($parent) {
logger('mod_item: item_post parent=' . $parent);
diff --git a/mod/webpages.php b/mod/webpages.php
index a5cfd00e6..e7aef5fb0 100644
--- a/mod/webpages.php
+++ b/mod/webpages.php
@@ -10,28 +10,37 @@ function webpages_content(&$a) {
return;
}
+
+ $uid = 0;
+ $owner = 0;
+ $channel = null;
+ $observer = $a->get_observer();
+
$profile = 0;
$channel = $a->get_channel();
- if((local_user()) && (argc() > 2) && (argv(2) === 'view')) {
- $which = $channel['channel_address'];
- $profile = argv(1);
+ if($which === 'sys' && is_site_admin()) {
+ require_once('include/identity.php');
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $uid = $owner = intval($sys['channel_id']);
+ $channel = $sys;
+ $observer = $sys;
+ }
}
profile_load($a,$which,$profile);
-
- // Figure out who the page owner is.
- $r = q("select channel_id from channel where channel_address = '%s'",
- dbesc($which)
- );
- if($r) {
- $owner = intval($r[0]['channel_id']);
+ if(! $owner) {
+ // Figure out who the page owner is.
+ $r = q("select channel_id from channel where channel_address = '%s'",
+ dbesc($which)
+ );
+ if($r) {
+ $owner = intval($r[0]['channel_id']);
+ }
}
- // Get the observer, check their permissions
-
- $observer = $a->get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
$perms = get_all_perms($owner,$ob_hash);
@@ -41,11 +50,6 @@ function webpages_content(&$a) {
return;
}
-// if(local_user() && local_user() == $owner) {
-// $a->set_widget('design',design_tools());
-// }
-
-
if(feature_enabled($owner,'expert')) {
$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
if(! $mimetype)
@@ -60,14 +64,18 @@ function webpages_content(&$a) {
$layout = 'choose';
-// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages
-// Nickname is set to the observers xchan, and profile_uid to the owners. This lets you post pages at other people's channels.
+ // Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages
+ // Nickname is set to the observers xchan, and profile_uid to the owner's.
+ // This lets you post pages at other people's channels.
+
require_once ('include/conversation.php');
require_once('include/acl_selectors.php');
- if(local_user() && local_user() == $a->profile_uid) {
+ if((! $channel) && ($uid) && ($uid == $a->profile_uid)) {
$channel = $a->get_channel();
+ }
+ if($channel) {
$channel_acl = array(
'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'],
@@ -88,7 +96,7 @@ function webpages_content(&$a) {
'nickname' => $a->profile['channel_address'],
'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'bang' => (($group || $cid) ? '!' : ''),
- 'acl' => ((local_user() && local_user() == $owner) ? populate_acl($channel_acl,false) : ''),
+ 'acl' => (($uid && $uid == $owner) ? populate_acl($channel_acl,false) : ''),
'visitor' => true,
'profile_uid' => intval($owner),
'mimetype' => $mimetype,