aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Rpost.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Rpost.php')
-rw-r--r--Zotlabs/Module/Rpost.php248
1 files changed, 129 insertions, 119 deletions
diff --git a/Zotlabs/Module/Rpost.php b/Zotlabs/Module/Rpost.php
index 23324ee3a..45f19d7e7 100644
--- a/Zotlabs/Module/Rpost.php
+++ b/Zotlabs/Module/Rpost.php
@@ -28,119 +28,31 @@ require_once('include/conversation.php');
* type= choices are 'html' or 'bbcode', default is 'bbcode'
*
*/
-
-
-
-
class Rpost extends \Zotlabs\Web\Controller {
- function get() {
-
- $o = '';
-
- if(! local_channel()) {
- if(remote_channel()) {
- // redirect to your own site.
- // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated
- // by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin
- // blocks them.
-
- $url = Libzot::get_rpost_path(App::get_observer());
- // make sure we're not looping to our own hub
- if(($url) && (! stristr($url, App::get_hostname()))) {
- foreach($_GET as $key => $arg) {
- if($key === 'q')
- continue;
- $url .= '&' . $key . '=' . $arg;
- }
- goaway($url);
- }
- }
+ /**
+ * Handle requests.
+ *
+ * Despite it's name, this method handles both POST and GET requests
+ * to the module.
+ */
+ public function get(): string {
- // The login procedure is going to bugger our $_REQUEST variables
- // so save them in the session.
+ $channel_id = local_channel();
- if(array_key_exists('body',$_REQUEST)) {
- $_SESSION['rpost'] = $_REQUEST;
- }
- return login();
+ if(! $channel_id) {
+ return $this->redirect_or_login();
}
nav_set_selected('Post');
- if (local_channel() && array_key_exists('userfile',$_FILES)) {
-
- $channel = App::get_channel();
- $observer = App::get_observer();
-
- $def_album = get_pconfig($channel['channel_id'],'system','photo_path');
- $def_attach = get_pconfig($channel['channel_id'],'system','attach_path');
-
- $r = attach_store($channel, (($observer) ? $observer['xchan_hash'] : ''), '', [
- 'source' => 'editor',
- 'visible' => 0,
- 'album' => $def_album,
- 'directory' => $def_attach,
- 'flags' => 1, // indicates temporary permissions are created
- 'allow_cid' => '<' . $channel['channel_hash'] . '>',
- 'allow_gid' => '',
- 'deny_cid' => '',
- 'deny_gid' => ''
- ]);
-
- if (! $r['success']) {
- notice( $r['message'] . EOL);
- }
-
- $s = EMPTY_STR;
-
- if (intval($r['data']['is_photo'])) {
- $s .= "\n\n" . $r['body'] . "\n\n";
- }
-
- $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path'];
-
- if (strpos($r['data']['filetype'],'video') === 0) {
- $s .= "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n";
- }
-
- if (strpos($r['data']['filetype'],'audio') === 0) {
- $s .= "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n";
- }
-
- if ($r['data']['filetype'] === 'image/svg+xml') {
- $x = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
- if ($x) {
- $bb = svg2bb($x);
- if ($bb) {
- $s .= "\n\n" . $bb;
- }
- else {
- logger('empty return from svgbb');
- }
- }
- else {
- logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
- }
- }
-
- if ($r['data']['filetype'] === 'text/calendar') {
- $content = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
- if ($content) {
- $ev = ical_to_ev($content);
- if ($ev) {
- $s .= "\n\n" . format_event_bbcode($ev[0]) . "\n\n";
- }
- }
- }
-
- $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
- $_REQUEST['body'] = ((array_key_exists('body',$_REQUEST)) ? $_REQUEST['body'] . $s : $s);
+ if (! empty($_FILES['userfile'])) {
+ $this->handle_attachments();
}
// If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables
- if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) {
+ if((! array_key_exists('body',$_REQUEST)) && isset($_SESSION['rpost'])) {
$_REQUEST = $_SESSION['rpost'];
unset($_SESSION['rpost']);
}
@@ -152,21 +64,10 @@ class Rpost extends \Zotlabs\Web\Controller {
);
if($r) {
require_once('include/security.php');
- $change = change_channel($r[0]['channel_id']);
+ change_channel($r[0]['channel_id']);
}
}
- if(isset($_REQUEST['remote_return']) && $_REQUEST['remote_return']) {
- $_SESSION['remote_return'] = $_REQUEST['remote_return'];
- }
- if(argc() > 1 && argv(1) === 'return') {
- if($_SESSION['remote_return'])
- goaway($_SESSION['remote_return']);
- goaway(z_root() . '/network');
- }
-
- $plaintext = true;
-
if(isset($_REQUEST['type']) && $_REQUEST['type'] === 'html') {
require_once('include/html2bbcode.php');
$_REQUEST['body'] = html2bbcode($_REQUEST['body']);
@@ -197,12 +98,12 @@ class Rpost extends \Zotlabs\Web\Controller {
'permissions' => $channel_acl,
'bang' => '',
'visitor' => true,
- 'profile_uid' => local_channel(),
+ 'profile_uid' => $channel_id,
'title' => $_REQUEST['title'] ?? '',
'body' => $_REQUEST['body'] ?? '',
'attachment' => $_REQUEST['attachment'] ?? '',
'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''),
- 'return_path' => 'rpost/return',
+ 'return_path' => 'hq',
'bbco_autocomplete' => 'bbcode',
'editor_autocomplete' => true,
'bbcode' => true,
@@ -210,19 +111,128 @@ class Rpost extends \Zotlabs\Web\Controller {
'reset' => t('Reset form')
);
- $a = '';
$editor = status_editor($x, false, 'Rpost');
- $o .= replace_macros(get_markup_template('edpost_head.tpl'), array(
+ return replace_macros(get_markup_template('edpost_head.tpl'), array(
'$title' => t('Edit post'),
'$cancel' => '',
- '$editor' => $editor
+ '$editor' => $editor,
+ '$delete' => null,
));
+ }
+
+ /**
+ * Redirect to the observer's instance if not local, or return login form.
+ *
+ * The request is saved in the session if there's a `body` request
+ * param present. (Otherwise not.)
+ *
+ * @return string A login form if not redirected. If the session was
+ * determned to belong to a remote channel, the function does not
+ * return.
+ */
+ private function redirect_or_login(): string {
+ if(remote_channel()) {
+ // redirect to your own site.
+ // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated
+ // by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin
+ // blocks them.
+
+ $url = Libzot::get_rpost_path(App::get_observer());
+ // make sure we're not looping to our own hub
+ if(($url) && (! stristr($url, App::get_hostname()))) {
+ foreach($_GET as $key => $arg) {
+ if($key === 'q')
+ continue;
+ $url .= '&' . $key . '=' . $arg;
+ }
+ goaway($url);
+ }
+ }
- return $o;
+ // The login procedure is going to bugger our $_REQUEST variables
+ // so save them in the session.
+ if(array_key_exists('body',$_REQUEST)) {
+ $_SESSION['rpost'] = $_REQUEST;
+ }
+ return login();
}
+ /**
+ * Handle uplads of attachments in the rpost call.
+ *
+ * This is only relevant for POST requests.
+ *
+ * The function will modify the `$_REQUEST['body']` superglobal
+ * (or add it if it does not exist).
+ */
+ private function handle_attachments(): void {
+ $channel = App::get_channel();
+ $observer = App::get_observer();
+
+ $def_album = get_pconfig($channel['channel_id'],'system','photo_path');
+ $def_attach = get_pconfig($channel['channel_id'],'system','attach_path');
+
+ $r = attach_store($channel, (($observer) ? $observer['xchan_hash'] : ''), '', [
+ 'source' => 'editor',
+ 'visible' => 0,
+ 'album' => $def_album,
+ 'directory' => $def_attach,
+ 'flags' => 1, // indicates temporary permissions are created
+ 'allow_cid' => '<' . $channel['channel_hash'] . '>',
+ 'allow_gid' => '',
+ 'deny_cid' => '',
+ 'deny_gid' => ''
+ ]);
+
+ if (! $r['success']) {
+ notice( $r['message'] . EOL);
+ }
+
+ $s = EMPTY_STR;
+
+ if (intval($r['data']['is_photo'])) {
+ $s .= "\n\n" . $r['body'] . "\n\n";
+ }
+
+ $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $r['data']['display_path'];
+ if (strpos($r['data']['filetype'],'video') === 0) {
+ $s .= "\n\n" . '[zvideo]' . $url . '[/zvideo]' . "\n\n";
+ }
+
+ if (strpos($r['data']['filetype'],'audio') === 0) {
+ $s .= "\n\n" . '[zaudio]' . $url . '[/zaudio]' . "\n\n";
+ }
+ if ($r['data']['filetype'] === 'image/svg+xml') {
+ $x = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
+ if ($x) {
+ $bb = svg2bb($x);
+ if ($bb) {
+ $s .= "\n\n" . $bb;
+ }
+ else {
+ logger('empty return from svgbb');
+ }
+ }
+ else {
+ logger('unable to read svg data file: ' . 'store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
+ }
+ }
+
+ if ($r['data']['filetype'] === 'text/calendar') {
+ $content = @file_get_contents('store/' . $channel['channel_address'] . '/' . $r['data']['os_path']);
+ if ($content) {
+ $ev = ical_to_ev($content);
+ if ($ev) {
+ $s .= "\n\n" . format_event_bbcode($ev[0]) . "\n\n";
+ }
+ }
+ }
+
+ $s .= "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
+ $_REQUEST['body'] = ((array_key_exists('body',$_REQUEST)) ? $_REQUEST['body'] . $s : $s);
+ }
}