diff options
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r-- | Zotlabs/Module/Card_edit.php | 136 | ||||
-rw-r--r-- | Zotlabs/Module/Cards.php | 185 | ||||
-rw-r--r-- | Zotlabs/Module/Channel.php | 7 | ||||
-rw-r--r-- | Zotlabs/Module/Display.php | 19 | ||||
-rw-r--r-- | Zotlabs/Module/Item.php | 4 | ||||
-rw-r--r-- | Zotlabs/Module/Linkinfo.php | 2 | ||||
-rw-r--r-- | Zotlabs/Module/Oep.php | 114 | ||||
-rw-r--r-- | Zotlabs/Module/Photos.php | 9 | ||||
-rw-r--r-- | Zotlabs/Module/Profile.php | 14 | ||||
-rw-r--r-- | Zotlabs/Module/Tasks.php | 3 | ||||
-rw-r--r-- | Zotlabs/Module/Update_cards.php | 39 |
11 files changed, 508 insertions, 24 deletions
diff --git a/Zotlabs/Module/Card_edit.php b/Zotlabs/Module/Card_edit.php new file mode 100644 index 000000000..b5b44c567 --- /dev/null +++ b/Zotlabs/Module/Card_edit.php @@ -0,0 +1,136 @@ +<?php +namespace Zotlabs\Module; + +require_once('include/channel.php'); +require_once('include/acl_selectors.php'); +require_once('include/conversation.php'); + +class Card_edit extends \Zotlabs\Web\Controller { + + + function get() { + + // Figure out which post we're editing + $post_id = ((argc() > 1) ? intval(argv(1)) : 0); + + if(! $post_id) { + notice( t('Item not found') . EOL); + return; + } + + $itm = q("SELECT * FROM item WHERE id = %d and item_type = %d LIMIT 1", + intval($post_id), + intval(ITEM_TYPE_CARD) + ); + if($itm) { + $item_id = q("select * from iconfig where cat = 'system' and k = 'CARD' and iid = %d limit 1", + intval($itm[0]['id']) + ); + if($item_id) + $card_title = $item_id[0]['v']; + } + else { + notice( t('Item not found') . EOL); + return; + } + + $owner = $itm[0]['uid']; + $uid = local_channel(); + + $observer = \App::get_observer(); + + $channel = channelx_by_n($owner); + if(! $channel) { + notice( t('Channel not found.') . EOL); + return; + } + + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + if(! perm_is_allowed($owner,$ob_hash,'write_pages')) { + notice( t('Permission denied.') . EOL); + return; + } + + $is_owner = (($uid && $uid == $owner) ? true : false); + + $o = ''; + + + + $category = ''; + $catsenabled = ((feature_enabled($owner,'categories')) ? 'categories' : ''); + + if ($catsenabled){ + $itm = fetch_post_tags($itm); + + $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); + + foreach ($cats as $cat) { + if (strlen($category)) + $category .= ', '; + $category .= $cat['term']; + } + } + + if($itm[0]['attach']) { + $j = json_decode($itm[0]['attach'],true); + if($j) { + foreach($j as $jj) { + $itm[0]['body'] .= "\n" . '[attachment]' . basename($jj['href']) . ',' . $jj['revision'] . '[/attachment]' . "\n"; + } + } + } + + + $mimetype = $itm[0]['mimetype']; + + $content = $itm[0]['body']; + + + + $rp = 'cards/' . $channel['channel_address']; + + $x = array( + 'nickname' => $channel['channel_address'], + 'bbco_autocomplete'=> 'bbcode', + 'return_path' => $rp, + 'webpage' => ITEM_TYPE_CARD, + 'button' => t('Edit'), + 'writefiles' => perm_is_allowed($owner, get_observer_hash(), 'write_pages'), + 'weblink' => t('Insert web link'), + 'hide_voting' => false, + 'hide_future' => false, + 'hide_location' => false, + 'hide_expire' => false, + 'showacl' => true, + 'acl' => populate_acl($itm[0],false,\Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')), + 'ptyp' => $itm[0]['type'], + 'mimeselect' => false, + 'mimetype' => $itm[0]['mimetype'], + 'body' => undo_post_tagging($content), + 'post_id' => $post_id, + 'visitor' => true, + 'title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), + 'placeholdertitle' => t('Title (optional)'), + 'pagetitle' => $card_title, + 'profile_uid' => (intval($channel['channel_id'])), + 'catsenabled' => $catsenabled, + 'category' => $category, + 'bbcode' => (($mimetype == 'text/bbcode') ? true : false) + ); + + $editor = status_editor($a, $x); + + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( + '$title' => t('Edit Block'), + '$delete' => ((($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash)) ? t('Delete') : false), + '$id' => $itm[0]['id'], + '$editor' => $editor + )); + + return $o; + + } + +} diff --git a/Zotlabs/Module/Cards.php b/Zotlabs/Module/Cards.php new file mode 100644 index 000000000..9114e3b89 --- /dev/null +++ b/Zotlabs/Module/Cards.php @@ -0,0 +1,185 @@ +<?php +namespace Zotlabs\Module; + +require_once('include/channel.php'); +require_once('include/conversation.php'); +require_once('include/acl_selectors.php'); + + +class Cards extends \Zotlabs\Web\Controller { + + function init() { + + if(argc() > 1) + $which = argv(1); + else + return; + + profile_load($which); + + } + + function get($update = 0, $load = false) { + + if(observer_prohibited(true)) { + return login(); + } + + if(! \App::$profile) { + notice( t('Requested profile is not available.') . EOL ); + \App::$error = 404; + return; + } + + if(! feature_enabled(\App::$profile_uid,'cards')) { + return; + } + + nav_set_selected(t('Cards')); + + head_add_link([ + 'rel' => 'alternate', + 'type' => 'application/json+oembed', + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'title' => 'oembed' + ]); + + + $category = (($_REQUEST['cat']) ? escape_tags(trim($_REQUEST['cat'])) : ''); + + if($category) { + $sql_extra2 .= protect_sprintf(term_item_parent_query(\App::$profile['profile_uid'],'item', $category, TERM_CATEGORY)); + } + + + $which = argv(1); + + $selected_card = ((argc() > 2) ? argv(2) : ''); + + $_SESSION['return_url'] = \App::$query_string; + + $uid = local_channel(); + $owner = \App::$profile_uid; + $observer = \App::get_observer(); + + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + + if(! perm_is_allowed($owner,$ob_hash,'view_pages')) { + notice( t('Permission denied.') . EOL); + return; + } + + $is_owner = ($uid && $uid == $owner); + + $channel = channelx_by_n($owner); + + if($channel) { + $channel_acl = array( + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], + 'deny_gid' => $channel['channel_deny_gid'] + ); + } + else { + $channel_acl = [ 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '' ]; + } + + + + if(perm_is_allowed($owner,$ob_hash,'write_pages')) { + + $x = [ + 'webpage' => ITEM_TYPE_CARD, + 'is_owner' => true, + 'nickname' => $channel['channel_address'], + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] + || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'acl' => (($is_owner) ? populate_acl($channel_acl, false, + \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''), + 'permissions' => $channel_acl, + 'showacl' => (($is_owner) ? true : false), + 'visitor' => true, + 'hide_location' => false, + 'hide_voting' => false, + 'profile_uid' => intval($owner), + 'mimetype' => 'text/bbcode', + 'mimeselect' => false, + 'layoutselect' => false, + 'expanded' => false, + 'novoting' => false, + 'catsenabled' => feature_enabled($owner,'categories'), + 'bbco_autocomplete' => 'bbcode', + 'bbcode' => true + ]; + + if($_REQUEST['title']) + $x['title'] = $_REQUEST['title']; + if($_REQUEST['body']) + $x['body'] = $_REQUEST['body']; + $editor = status_editor($a,$x); + + } + else { + $editor = ''; + } + + + $sql_extra = item_permissions_sql($owner); + + if($selected_card) { + $r = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = 'CARD' and iconfig.v = '%s' limit 1", + dbesc($selected_card) + ); + if($r) { + $sql_extra .= "and item.id = " . intval($r[0]['iid']) . " "; + } + } + + $r = q("select * from item + where item.uid = %d and item_type = %d + $sql_extra order by item.created desc", + intval($owner), + intval(ITEM_TYPE_CARD) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type in (0,6) and item.item_deleted = 0 + and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 + and item.item_blocked = 0 "; + + if($r) { + + $parents_str = ids_to_querystr($r,'id'); + + $items = q("SELECT item.*, item.id AS item_id + FROM item + WHERE item.uid = %d $item_normal + AND item.parent IN ( %s ) + $sql_extra $sql_extra2 ", + intval(\App::$profile['profile_uid']), + dbesc($parents_str) + ); + if($items) { + xchan_query($items); + $items = fetch_post_tags($items, true); + $items = conv_sort($items,'updated'); + } + else + $items = []; + } + + $mode = 'cards'; + + $content = conversation($items,$mode,false,'traditional'); + + $o = replace_macros(get_markup_template('cards.tpl'), [ + '$title' => t('Cards'), + '$editor' => $editor, + '$content' => $content, + '$pager' => alt_pager($a,count($items)) + ]); + + return $o; + } + +} diff --git a/Zotlabs/Module/Channel.php b/Zotlabs/Module/Channel.php index c006d65d4..5e7db79d9 100644 --- a/Zotlabs/Module/Channel.php +++ b/Zotlabs/Module/Channel.php @@ -180,7 +180,12 @@ class Channel extends \Zotlabs\Web\Controller { $simple_update = (($update) ? " AND item_unseen = 1 " : ''); - \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n"; + head_add_link([ + 'rel' => 'alternate', + 'type' => 'application/json+oembed', + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'title' => 'oembed' + ]); if($update && $_SESSION['loadtime']) $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) "; diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index d82ff2a55..b698513ba 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -39,7 +39,7 @@ class Display extends \Zotlabs\Web\Controller { $observer_is_owner = false; $updateable = false; - + if(local_channel() && (! $update)) { $channel = \App::get_channel(); @@ -174,8 +174,13 @@ class Display extends \Zotlabs\Web\Controller { '$verb' => '', '$mid' => $item_hash )); - - + + head_add_link([ + 'rel' => 'alternate', + 'type' => 'application/json+oembed', + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'title' => 'oembed' + ]); } $observer_hash = get_observer_hash(); @@ -214,17 +219,17 @@ class Display extends \Zotlabs\Web\Controller { if($r === null) { // in case somebody turned off public access to sys channel content using permissions - // make that content unsearchable by ensuring the owner_xchan can't match + // make that content unsearchable by ensuring the owner uid can't match if(! perm_is_allowed($sysid,$observer_hash,'view_stream')) $sysid = 0; - + $r = q("SELECT item.id as item_id from item WHERE mid = '%s' AND (((( item.allow_cid = '' AND item.allow_gid = '' AND item.deny_cid = '' AND item.deny_gid = '' AND item_private = 0 ) - and owner_xchan in ( " . stream_perms_xchans(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) + and uid in ( " . stream_perms_api_uids(($observer_hash) ? (PERMS_NETWORK|PERMS_PUBLIC) : PERMS_PUBLIC) . " )) OR uid = %d ) $sql_extra ) $item_normal @@ -232,7 +237,7 @@ class Display extends \Zotlabs\Web\Controller { dbesc($target_item['parent_mid']), intval($sysid) ); - + } } } diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 5e7a3fbc0..797b46f93 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -735,6 +735,10 @@ class Item extends \Zotlabs\Web\Controller { if($parent_item) $parent_mid = $parent_item['mid']; + if($webpage == ITEM_TYPE_CARD && $pagetitle) { + $plink = z_root() . '/cards/' . $channel['channel_address'] . '/' . $pagetitle; + } + // Fallback so that we alway have a thr_parent if(!$thr_parent) diff --git a/Zotlabs/Module/Linkinfo.php b/Zotlabs/Module/Linkinfo.php index 8f8231c49..78c34583e 100644 --- a/Zotlabs/Module/Linkinfo.php +++ b/Zotlabs/Module/Linkinfo.php @@ -95,7 +95,7 @@ class Linkinfo extends \Zotlabs\Web\Controller { echo $arr['text']; killme(); } - + if($process_oembed) { $x = oembed_process($url); if($x) { diff --git a/Zotlabs/Module/Oep.php b/Zotlabs/Module/Oep.php index a3453ff31..02aa4aba9 100644 --- a/Zotlabs/Module/Oep.php +++ b/Zotlabs/Module/Oep.php @@ -41,6 +41,8 @@ class Oep extends \Zotlabs\Web\Controller { $arr = $this->oep_profile_reply($_REQUEST); elseif(fnmatch('*/profile/*',$url)) $arr = $this->oep_profile_reply($_REQUEST); + elseif(fnmatch('*/cards/*',$url)) + $arr = $this->oep_cards_reply($_REQUEST); if($arr) { if($html) { @@ -66,9 +68,9 @@ class Oep extends \Zotlabs\Web\Controller { $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); - - if(preg_match('#//display/(.*?)(&|\?|$)#',$url,$matches)) { - $res = $matches[1]; + logger('processing display'); + if(preg_match('#//(.*?)/display/(.*?)(&|\?|$)#',$url,$matches)) { + $res = $matches[2]; } if(strpos($res,'b64.') === 0) { @@ -78,7 +80,7 @@ class Oep extends \Zotlabs\Web\Controller { $item_normal = item_normal(); $p = q("select * from item where mid like '%s' limit 1", - dbesc($res . '%'), + dbesc($res . '%') ); if(! $p) @@ -89,7 +91,10 @@ class Oep extends \Zotlabs\Web\Controller { if(! ($c && $res)) return; - + + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream')) + return; + $sql_extra = item_permissions_sql($c['channel_id']); $p = q("select * from item where mid like '%s' and uid = %d $sql_extra $item_normal limit 1", @@ -140,6 +145,91 @@ class Oep extends \Zotlabs\Web\Controller { return $ret; } + + + function oep_cards_reply($args) { + + $ret = []; + $url = $args['url']; + $maxwidth = intval($args['maxwidth']); + $maxheight = intval($args['maxheight']); + + if(preg_match('#//(.*?)/cards/(.*?)/(.*?)(&|\?|$)#',$url,$matches)) { + $nick = $matches[2]; + $res = $matches[3]; + } + if(! ($nick && $res)) + return $ret; + + $channel = channelx_by_nick($nick); + + if(! $channel) + return $ret; + + + if(! perm_is_allowed($channel['channel_id'],get_observer_hash(),'view_pages')) + return $ret; + + $sql_extra = items_permissions_sql($channel['channel_id'],get_observer_hash()); + + $r = q("select * from iconfig where iconfig.cat = 'system' and iconfig.k = 'CARD' and iconfig.v = '%s' limit 1", + dbesc($res) + ); + if($r) { + $sql_extra = "and item.id = " . intval($r[0]['iid']) . " "; + } + else { + return $ret; + } + + $r = q("select * from item + where item.uid = %d and item_type = %d + $sql_extra order by item.created desc", + intval($channel['channel_id']), + intval(ITEM_TYPE_CARD) + ); + + $item_normal = " and item.item_hidden = 0 and item.item_type in (0,6) and item.item_deleted = 0 + and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0 + and item.item_blocked = 0 "; + + if($r) { + xchan_query($r); + $p = fetch_post_tags($r, true); + } + + $x = '2eGriplW^*Jmf4'; + + + $o = "[share author='".urlencode($p[0]['author']['xchan_name']). + "' profile='".$p[0]['author']['xchan_url'] . + "' avatar='".$p[0]['author']['xchan_photo_s']. + "' link='".$p[0]['plink']. + "' posted='".$p[0]['created']. + "' message_id='".$p[0]['mid']."']"; + if($p[0]['title']) + $o .= '[b]'.$p[0]['title'].'[/b]'."\r\n"; + + $o .= $x; + $o .= "[/share]"; + $o = bbcode($o); + + $o = str_replace($x,bbcode($p[0]['body']),$o); + + $ret['type'] = 'rich'; + + $w = (($maxwidth) ? $maxwidth : 640); + $h = (($maxheight) ? $maxheight : intval($w * 2 / 3)); + + $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; + + $ret['width'] = $w; + $ret['height'] = $h; + + return $ret; + + } + function oep_mid_reply($args) { @@ -161,6 +251,9 @@ class Oep extends \Zotlabs\Web\Controller { if(! $c) return; + + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_stream')) + return; $sql_extra = item_permissions_sql($c[0]['channel_id']); @@ -279,6 +372,9 @@ class Oep extends \Zotlabs\Web\Controller { if(! $c) return; + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files')) + return; + $sql_extra = permissions_sql($c[0]['channel_id']); $p = q("select resource_id from photo where album = '%s' and uid = %d and imgscale = 0 $sql_extra order by created desc limit 1", @@ -340,6 +436,9 @@ class Oep extends \Zotlabs\Web\Controller { if(! $c) return; + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files')) + return; + $sql_extra = permissions_sql($c[0]['channel_id']); $p = q("select resource_id from photo where uid = %d and imgscale = 0 $sql_extra order by created desc limit 1", @@ -400,7 +499,10 @@ class Oep extends \Zotlabs\Web\Controller { if(! $c) return; - + + if(! perm_is_allowed($c[0]['channel_id'],get_observer_hash(),'view_files')) + return; + $sql_extra = permissions_sql($c[0]['channel_id']); diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php index 0f80f46a5..bb7079a6a 100644 --- a/Zotlabs/Module/Photos.php +++ b/Zotlabs/Module/Photos.php @@ -671,8 +671,13 @@ class Photos extends \Zotlabs\Web\Controller { */ if($datatype === 'album') { - - \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n"; + + head_add_link([ + 'rel' => 'alternate', + 'type' => 'application/json+oembed', + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'title' => 'oembed' + ]); if($x = photos_album_exists($owner_uid, get_observer_hash(), $datum)) { \App::set_pager_itemspage(60); diff --git a/Zotlabs/Module/Profile.php b/Zotlabs/Module/Profile.php index 6930d50ca..43106e3af 100644 --- a/Zotlabs/Module/Profile.php +++ b/Zotlabs/Module/Profile.php @@ -94,7 +94,6 @@ class Profile extends \Zotlabs\Web\Controller { echo \App::$profile['profile_vcard']; killme(); } - $is_owner = ((local_channel()) && (local_channel() == \App::$profile['profile_uid']) ? true : false); @@ -102,11 +101,14 @@ class Profile extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL); return; } - - //$o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']); - - \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n"; - + + head_add_link([ + 'rel' => 'alternate', + 'type' => 'application/json+oembed', + 'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string), + 'title' => 'oembed' + ]); + $o .= advanced_profile($a); call_hooks('profile_advanced',$o); return $o; diff --git a/Zotlabs/Module/Tasks.php b/Zotlabs/Module/Tasks.php index c8deb11bf..0709f31f6 100644 --- a/Zotlabs/Module/Tasks.php +++ b/Zotlabs/Module/Tasks.php @@ -19,8 +19,8 @@ class Tasks extends \Zotlabs\Web\Controller { $arr['all'] = 1; $x = tasks_fetch($arr); + $x['html'] = ''; if($x['tasks']) { - $x['html'] = ''; foreach($x['tasks'] as $y) { $x['html'] .= '<div class="tasklist-item"><input type="checkbox" onchange="taskComplete(' . $y['id'] . '); return false;" /> ' . $y['summary'] . '</div>'; } @@ -69,6 +69,7 @@ class Tasks extends \Zotlabs\Web\Controller { if($x) $ret['success'] = true; } + json_return_and_die($ret); } diff --git a/Zotlabs/Module/Update_cards.php b/Zotlabs/Module/Update_cards.php new file mode 100644 index 000000000..bb87357e8 --- /dev/null +++ b/Zotlabs/Module/Update_cards.php @@ -0,0 +1,39 @@ +<?php + +namespace Zotlabs\Module; + +/** + * Module: update_profile + * Purpose: AJAX synchronisation of profile page + * + */ + + +class Update_cards extends \Zotlabs\Web\Controller { + +function get() { + + $profile_uid = intval($_GET['p']); + $load = (((argc() > 1) && (argv(1) == 'load')) ? 1 : 0); + + header("Content-type: text/html"); + echo "<!DOCTYPE html><html><body><section></section></body></html>\r\n"; + + killme(); + + + $mod = new Cards(); + + $text = $mod->get($profile_uid,$load); + + /** + * reportedly some versions of MSIE don't handle tabs in XMLHttpRequest documents very well + */ + + echo str_replace("\t",' ',$text); + echo (($_GET['msie'] == 1) ? '</div>' : '</section>'); + echo "</body></html>\r\n"; + killme(); + +} +} |