aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Cdav.php2
-rw-r--r--Zotlabs/Module/Dav.php2
-rw-r--r--Zotlabs/Module/File_upload.php2
-rw-r--r--Zotlabs/Module/Getfile.php43
-rw-r--r--Zotlabs/Module/Item.php2
-rw-r--r--Zotlabs/Module/Like.php202
-rw-r--r--Zotlabs/Module/Owa.php2
-rw-r--r--Zotlabs/Module/Photos.php609
-rw-r--r--Zotlabs/Module/Sse_bs.php2
-rw-r--r--Zotlabs/Module/Zfinger.php8
10 files changed, 438 insertions, 436 deletions
diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php
index f7e43e436..f5c5f4384 100644
--- a/Zotlabs/Module/Cdav.php
+++ b/Zotlabs/Module/Cdav.php
@@ -50,7 +50,7 @@ class Cdav extends Controller {
if($sigblock) {
$keyId = str_replace('acct:','',$sigblock['keyId']);
if($keyId) {
- $r = q("select * from hubloc where hubloc_addr = '%s'",
+ $r = q("select * from hubloc where hubloc_id_url = '%s'",
dbesc($keyId)
);
if($r) {
diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php
index 949b89950..82d773139 100644
--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@@ -51,7 +51,7 @@ class Dav extends \Zotlabs\Web\Controller {
if($sigblock) {
$keyId = str_replace('acct:','',$sigblock['keyId']);
if($keyId) {
- $r = q("select * from hubloc where hubloc_addr = '%s'",
+ $r = q("select * from hubloc where hubloc_id_url = '%s'",
dbesc($keyId)
);
if($r) {
diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php
index 6794dceee..e18067e20 100644
--- a/Zotlabs/Module/File_upload.php
+++ b/Zotlabs/Module/File_upload.php
@@ -64,7 +64,7 @@ class File_upload extends \Zotlabs\Web\Controller {
if($x['partial']) {
header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0));
- json_return_and_die($result);
+ json_return_and_die($x);
}
else {
header('Range: bytes=0-' . (($x['size']) ? $x['size'] - 1 : 0));
diff --git a/Zotlabs/Module/Getfile.php b/Zotlabs/Module/Getfile.php
index 17d1c84b8..a867f5ff7 100644
--- a/Zotlabs/Module/Getfile.php
+++ b/Zotlabs/Module/Getfile.php
@@ -6,20 +6,20 @@ use Zotlabs\Lib\Libzot;
/**
* module: getfile
- *
+ *
* used for synchronising files and photos across clones
- *
+ *
* The site initiating the file operation will send a sync packet to known clones.
* They will respond by building the DB structures they require, then will provide a
* post request to this site to grab the file data. This is sent as a stream direct to
* disk at the other end, avoiding memory issues.
*
* Since magic-auth cannot easily be used by the CURL process at the other end,
- * we will require a signed request which includes a timestamp. This should not be
- * used without SSL and is potentially vulnerable to replay if an attacker decrypts
+ * we will require a signed request which includes a timestamp. This should not be
+ * used without SSL and is potentially vulnerable to replay if an attacker decrypts
* the SSL traffic fast enough. The amount of time slop is configurable but defaults
* to 3 minutes.
- *
+ *
*/
@@ -54,13 +54,14 @@ class Getfile extends \Zotlabs\Web\Controller {
$keyId = $sigblock['keyId'];
if($keyId) {
- $r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash
- where hubloc_addr = '%s'",
- dbesc(str_replace('acct:','',$keyId))
+ $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
+ WHERE hubloc_addr = '%s' OR hubloc_id_url = '%s'",
+ dbesc(str_replace('acct:','',$keyId)),
+ dbesc($keyId)
);
if($r) {
$hubloc = Libzot::zot_record_preferred($r);
- $verified = HTTPSig::verify('',$hubloc['xchan_pubkey']);
+ $verified = HTTPSig::verify('',$hubloc['xchan_pubkey']);
if($verified && $verified['header_signed'] && $verified['header_valid'] && $hash == $hubloc['hubloc_hash']) {
$header_verified = true;
}
@@ -74,15 +75,15 @@ class Getfile extends \Zotlabs\Web\Controller {
logger('post: ' . print_r($_POST,true),LOGGER_DEBUG,LOG_INFO);
if($header_verified) {
logger('HTTPSig verified');
- }
-
+ }
+
$channel = channelx_by_hash($hash);
if((! $channel) || (! $time) || (! $sig)) {
logger('error: missing info');
killme();
}
-
+
if(isset($_POST['resolution']))
$resolution = intval($_POST['resolution']);
elseif(substr($resource,-2,1) == '-') {
@@ -91,21 +92,21 @@ class Getfile extends \Zotlabs\Web\Controller {
}
else {
$resolution = (-1);
- }
+ }
$slop = intval(get_pconfig($channel['channel_id'],'system','getfile_time_slop'));
if($slop < 1)
$slop = 3;
-
+
$d1 = datetime_convert('UTC','UTC',"now + $slop minutes");
- $d2 = datetime_convert('UTC','UTC',"now - $slop minutes");
-
+ $d2 = datetime_convert('UTC','UTC',"now - $slop minutes");
+
if(! $header_verified) {
if(($time > $d1) || ($time < $d2)) {
logger('time outside allowable range');
killme();
}
-
+
if(! rsa_verify($hash . '.' . $time,base64url_decode($sig),$channel['channel_pubkey'])) {
logger('verify failed.');
killme();
@@ -137,20 +138,20 @@ class Getfile extends \Zotlabs\Web\Controller {
else {
echo dbunescbin($r[0]['content']);
}
- }
+ }
killme();
}
$r = attach_by_hash($resource,$channel['channel_hash'],$revision);
-
+
if(! $r['success']) {
logger('attach_by_hash failed: ' . $r['message']);
notice( $r['message'] . EOL);
return;
}
-
+
$unsafe_types = array('text/html','text/css','application/javascript');
-
+
if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($channel['channel_id']))) {
header('Content-type: text/plain');
}
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index f74b1e321..83424a50d 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -976,7 +976,7 @@ class Item extends Controller {
$item_unseen = ((local_channel() != $profile_uid) ? 1 : 0);
- $item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0);
+ $item_wall = (($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment') ? 1 : 0);
$item_origin = (($origin) ? 1 : 0);
$item_consensus = (($consensus) ? 1 : 0);
$item_nocomment = (($nocomment) ? 1 : 0);
diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php
index bb5c6db7a..358611b1b 100644
--- a/Zotlabs/Module/Like.php
+++ b/Zotlabs/Module/Like.php
@@ -21,7 +21,7 @@ class Like extends \Zotlabs\Web\Controller {
'abstain' => ACTIVITY_ABSTAIN ,
'attendyes' => ACTIVITY_ATTEND ,
'attendno' => ACTIVITY_ATTENDNO ,
- 'attendmaybe' => ACTIVITY_ATTENDMAYBE
+ 'attendmaybe' => ACTIVITY_ATTENDMAYBE
];
// unlike (etc.) reactions are an undo of positive reactions, rather than a negative action.
@@ -81,7 +81,7 @@ class Like extends \Zotlabs\Web\Controller {
}
public function get() {
-
+
$o = EMPTY_STR;
$sys_channel = get_sys_channel();
@@ -92,7 +92,7 @@ class Like extends \Zotlabs\Web\Controller {
if((! $observer) || ($interactive)) {
$o .= '<h1>' . t('Like/Dislike') . '</h1>';
$o .= EOL . EOL;
-
+
if(! $observer) {
$_SESSION['return_url'] = \App::$query_string;
$o .= t('This action is restricted to members.') . EOL;
@@ -100,17 +100,17 @@ class Like extends \Zotlabs\Web\Controller {
return $o;
}
}
-
+
$verb = notags(trim($_GET['verb']));
$mode = (($_GET['conv_mode'] === 'channel') ? 'channel' : 'network');
if(! $verb)
$verb = 'like';
-
+
$activity = $this->reaction_to_activity($verb);
if(! $activity) {
- return EMPTY_STR;
+ return EMPTY_STR;
}
$is_rsvp = false;
@@ -123,23 +123,23 @@ class Like extends \Zotlabs\Web\Controller {
$object = $target = null;
$post_type = EMPTY_STR;
$objtype = EMPTY_STR;
-
+
if(argc() == 3) {
-
+
if(! $observer)
killme();
-
+
$extended_like = true;
$obj_type = argv(1);
$obj_id = argv(2);
$public = true;
-
+
if($obj_type == 'profile') {
$r = q("select * from profile where profile_guid = '%s' limit 1",
dbesc(argv(2))
);
if(! $r)
- killme();
+ killme();
$owner_uid = $r[0]['uid'];
if($r[0]['is_default'])
$public = true;
@@ -165,54 +165,54 @@ class Like extends \Zotlabs\Web\Controller {
}
$post_type = t('channel');
$objtype = ACTIVITY_OBJ_PROFILE;
-
+
$profile = $r[0];
}
elseif($obj_type == 'thing') {
-
+
$r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1",
intval(TERM_OBJ_THING),
dbesc(argv(2))
);
-
+
if(! $r) {
if($interactive) {
notice( t('Invalid request.') . EOL);
return $o;
}
- killme();
+ killme();
}
-
+
$owner_uid = $r[0]['obj_channel'];
-
+
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
$deny_cid = $r[0]['deny_cid'];
$deny_gid = $r[0]['deny_gid'];
- if($allow_cid || $allow_gid || $deny_cid || $deny_gid)
+ if($allow_cid || $allow_gid || $deny_cid || $deny_gid)
$public = false;
-
+
$post_type = t('thing');
$objtype = ACTIVITY_OBJ_PROFILE;
$tgttype = ACTIVITY_OBJ_THING;
-
+
$links = array();
$links[] = array('rel' => 'alternate', 'type' => 'text/html',
'href' => z_root() . '/thing/' . $r[0]['obj_obj']);
- if($r[0]['imgurl'])
+ if($r[0]['imgurl'])
$links[] = array('rel' => 'photo', 'href' => $r[0]['obj_imgurl']);
-
+
$target = json_encode(array(
'type' => $tgttype,
'title' => $r[0]['obj_term'],
'id' => z_root() . '/thing/' . $r[0]['obj_obj'],
'link' => $links
));
-
+
$plink = '[zrl=' . z_root() . '/thing/' . $r[0]['obj_obj'] . ']' . $r[0]['obj_term'] . '[/zrl]';
-
+
}
-
+
if(! ($owner_uid && $r)) {
if($interactive) {
notice( t('Invalid request.') . EOL);
@@ -220,11 +220,11 @@ class Like extends \Zotlabs\Web\Controller {
}
killme();
}
-
+
// The resultant activity is going to be a wall-to-wall post, so make sure this is allowed
-
+
$perms = get_all_perms($owner_uid,$observer['xchan_hash']);
-
+
if(! ($perms['post_like'] && $perms['view_profile'])) {
if($interactive) {
notice( t('Permission denied.') . EOL);
@@ -232,7 +232,7 @@ class Like extends \Zotlabs\Web\Controller {
}
killme();
}
-
+
$ch = q("select * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1",
intval($owner_uid)
);
@@ -243,14 +243,14 @@ class Like extends \Zotlabs\Web\Controller {
}
killme();
}
-
+
if(! $plink)
$plink = '[zrl=' . z_root() . '/profile/' . $ch[0]['channel_address'] . ']' . $post_type . '[/zrl]';
-
+
$object = json_encode(Activity::fetch_profile([ 'id' => channel_url($ch[0]) ]));
// second like of the same thing is "undo" for the first like
-
+
$z = q("select * from likes where channel_id = %d and liker = '%s' and verb = '%s' and target_type = '%s' and target_id = '%s' limit 1",
intval($ch[0]['channel_id']),
dbesc($observer['xchan_hash']),
@@ -258,11 +258,11 @@ class Like extends \Zotlabs\Web\Controller {
dbesc(($tgttype)?$tgttype:$objtype),
dbesc($obj_id)
);
-
+
if($z) {
$z[0]['deleted'] = 1;
Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $z));
-
+
q("delete from likes where id = %d",
intval($z[0]['id'])
);
@@ -285,17 +285,17 @@ class Like extends \Zotlabs\Web\Controller {
if(! $observer)
killme();
-
+
// this is used to like an item or comment
-
+
$item_id = ((argc() == 2) ? notags(trim(argv(1))) : 0);
-
+
logger('like: verb ' . $verb . ' item ' . $item_id, LOGGER_DEBUG);
-
+
// get the item. Allow linked photos (which are normally hidden) to be liked
- $r = q("SELECT * FROM item WHERE id = %d
- and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0
+ $r = q("SELECT * FROM item WHERE id = %d
+ and item_type in (0,6,7) and item_deleted = 0 and item_unpublished = 0
and item_delayed = 0 and item_pending_remove = 0 and item_blocked = 0 LIMIT 1",
intval($item_id)
);
@@ -351,12 +351,12 @@ class Like extends \Zotlabs\Web\Controller {
killme();
$verbs = " '".dbesc($activity)."' ";
-
- $multi_undo = false;
-
+
+ $multi_undo = false;
+
// event participation and consensus items are essentially radio toggles. If you make a subsequent choice,
- // we need to eradicate your first choice.
-
+ // we need to eradicate your first choice.
+
if($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) {
$verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' ";
$multi_undo = 1;
@@ -365,16 +365,16 @@ class Like extends \Zotlabs\Web\Controller {
$verbs = " '" . dbesc(ACTIVITY_AGREE) . "','" . dbesc(ACTIVITY_DISAGREE) . "','" . dbesc(ACTIVITY_ABSTAIN) . "' ";
$multi_undo = true;
}
-
+
$item_normal = item_normal();
-
+
$r = q("SELECT id, parent, uid, verb FROM item WHERE verb in ( $verbs ) $item_normal
AND author_xchan = '%s' AND thr_parent = '%s' and uid = %d ",
dbesc($observer['xchan_hash']),
dbesc($item['mid']),
intval($owner_uid)
);
-
+
if($r) {
// already liked it. Drop that item.
require_once('include/items.php');
@@ -386,27 +386,27 @@ class Like extends \Zotlabs\Web\Controller {
intval($rr['parent']),
intval($rr['uid'])
);
- // Prior activity was a duplicate of the one we're submitting, just undo it;
+ // Prior activity was a duplicate of the one we're submitting, just undo it;
// don't fall through and create another
if(activity_match($rr['verb'],$activity))
$multi_undo = false;
-
+
// drop_item was not done interactively, so we need to invoke the notifier
// in order to push the changes to connections
\Zotlabs\Daemon\Master::Summon(array('Notifier','drop',$rr['id']));
-
+
}
-
+
if($interactive)
return;
-
+
if(! $multi_undo) {
$ret = self::like_response([
'item' => $item,
- 'orig_item_id' => $item_id,
+ 'orig_item_id' => $item_id,
'owner_xchan' => $thread_owner,
'conv_mode' => $mode
]);
@@ -416,11 +416,11 @@ class Like extends \Zotlabs\Web\Controller {
}
}
-
+
$uuid = item_message_id();
-
+
$arr = array();
-
+
$arr['uuid'] = $uuid;
$arr['mid'] = z_root() . (($is_rsvp) ? '/activity/' : '/item/') . $uuid;
@@ -433,38 +433,38 @@ class Like extends \Zotlabs\Web\Controller {
$post_type = (($item['resource_type'] === 'photo') ? t('photo') : t('status'));
if($item['obj_type'] === ACTIVITY_OBJ_EVENT)
$post_type = t('event');
-
+
$links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $item['plink']));
- $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
+ $objtype = (($item['resource_type'] === 'photo') ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
if($objtype === ACTIVITY_OBJ_NOTE && (! intval($item['item_thread_top'])))
$objtype = ACTIVITY_OBJ_COMMENT;
-
+
$body = $item['body'];
-
+
$object = json_encode(Activity::fetch_item( [ 'id' => $item['mid'] ]));
if(! intval($item['item_thread_top']))
- $post_type = 'comment';
-
+ $post_type = 'comment';
+
$arr['item_origin'] = 1;
$arr['item_notshown'] = 1;
$arr['item_type'] = $item['item_type'];
-
+
if(intval($item['item_wall']))
$arr['item_wall'] = 1;
-
+
// if this was a linked photo and was hidden, unhide it.
-
+
if(intval($item['item_hidden'])) {
$r = q("update item set item_hidden = 0 where id = %d",
intval($item['id'])
);
- }
-
+ }
+
}
-
+
if($verb === 'like')
$bodyverb = t('%1$s likes %2$s\'s %3$s');
if($verb === 'dislike')
@@ -481,12 +481,12 @@ class Like extends \Zotlabs\Web\Controller {
$bodyverb = t('%1$s is not attending %2$s\'s %3$s');
if($verb === 'attendmaybe')
$bodyverb = t('%1$s may attend %2$s\'s %3$s');
-
+
if(! isset($bodyverb))
- killme();
-
-
-
+ killme();
+
+
+
if($extended_like) {
$ulink = '[zrl=' . $ch[0]['xchan_url'] . '][bdi]' . $ch[0]['xchan_name'] . '[/bdi][/zrl]';
$alink = '[zrl=' . $observer['xchan_url'] . '][bdi]' . $observer['xchan_name'] . '[/bdi][/zrl]';
@@ -503,64 +503,64 @@ class Like extends \Zotlabs\Web\Controller {
$deny_cid = $item['deny_cid'];
$deny_gid = $item['deny_gid'];
$private = $item['private'];
-
+
}
-
-
+
+
$arr['aid'] = (($extended_like) ? $ch[0]['channel_account_id'] : $owner_aid);
$arr['uid'] = $owner_uid;
- $arr['item_flags'] = $item_flags;
- $arr['item_wall'] = $item_wall;
+ $arr['item_flags'] = $item['item_flags'];
+ $arr['item_wall'] = $item['item_wall'];
$arr['parent_mid'] = (($extended_like) ? $arr['mid'] : $item['mid']);
$arr['owner_xchan'] = (($extended_like) ? $ch[0]['xchan_hash'] : $thread_owner['xchan_hash']);
$arr['author_xchan'] = $observer['xchan_hash'];
-
-
+
+
$arr['body'] = sprintf( $bodyverb, $alink, $ulink, $plink );
if($obj_type === 'thing' && $r[0]['imgurl']) {
$arr['body'] .= "\n\n[zmg=80x80]" . $r[0]['imgurl'] . '[/zmg]';
- }
+ }
if($obj_type === 'profile') {
if($public) {
- $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]';
+ $arr['body'] .= "\n\n" . '[embed]' . z_root() . '/profile/' . $ch[0]['channel_address'] . '[/embed]';
}
else
$arr['body'] .= "\n\n[zmg=80x80]" . $profile['thumb'] . '[/zmg]';
- }
-
-
+ }
+
+
$arr['verb'] = $activity;
$arr['obj_type'] = $objtype;
$arr['obj'] = $object;
-
+
if($target) {
$arr['tgt_type'] = $tgttype;
$arr['target'] = $target;
}
-
+
$arr['allow_cid'] = $allow_cid;
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
$arr['item_private'] = $private;
-
+
call_hooks('post_local',$arr);
- $post = item_store($arr);
+ $post = item_store($arr);
$post_id = $post['item_id'];
// save the conversation from expiration
if(local_channel() && array_key_exists('item',$post) && (intval($post['item']['id']) != intval($post['item']['parent'])))
- retain_item($post['item']['parent']);
-
+ retain_item($post['item']['parent']);
+
$arr['id'] = $post_id;
-
+
call_hooks('post_local_end', $arr);
-
-
+
+
if($extended_like) {
$r = q("insert into likes (channel_id,liker,likee,iid,i_mid,verb,target_type,target_id,target) values (%d,'%s','%s',%d,'%s','%s','%s','%s','%s')",
intval($ch[0]['channel_id']),
@@ -582,12 +582,12 @@ class Like extends \Zotlabs\Web\Controller {
dbesc($obj_id)
);
if($r)
- Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $r));
-
+ Libsync::build_sync_packet($ch[0]['channel_id'],array('likes' => $r));
+
}
-
+
\Zotlabs\Daemon\Master::Summon(array('Notifier','like',$post_id));
-
+
if($interactive) {
notice( t('Action completed.') . EOL);
$o .= t('Thank you.');
@@ -596,12 +596,12 @@ class Like extends \Zotlabs\Web\Controller {
$ret = self::like_response([
'item' => $item,
- 'orig_item_id' => $item_id,
+ 'orig_item_id' => $item_id,
'owner_xchan' => $thread_owner,
'conv_mode' => $mode
]);
json_return_and_die($ret);
}
-
+
}
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index d6aeb8af5..9a3513f34 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -39,7 +39,7 @@ class Owa extends Controller {
$found = discover_by_webbie(str_replace('acct:','',$keyId));
if ($found) {
$r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash
- WHERE OR hubloc_id_url = '%s'",
+ WHERE hubloc_id_url = '%s'",
dbesc($keyId)
);
}
diff --git a/Zotlabs/Module/Photos.php b/Zotlabs/Module/Photos.php
index fa9216c97..099289c03 100644
--- a/Zotlabs/Module/Photos.php
+++ b/Zotlabs/Module/Photos.php
@@ -16,66 +16,66 @@ require_once('include/text.php');
class Photos extends \Zotlabs\Web\Controller {
function init() {
-
+
if(observer_prohibited()) {
return;
}
-
+
if(argc() > 1) {
$nick = argv(1);
-
+
profile_load($nick);
-
+
$channelx = channelx_by_nick($nick);
-
+
if(! $channelx)
return;
-
+
\App::$data['channel'] = $channelx;
-
+
$observer = \App::get_observer();
\App::$data['observer'] = $observer;
-
+
$observer_xchan = (($observer) ? $observer['xchan_hash'] : '');
-
+
head_set_icon(\App::$data['channel']['xchan_photo_s']);
-
+
\App::$page['htmlhead'] .= "<script> var profile_uid = " . ((\App::$data['channel']) ? \App::$data['channel']['channel_id'] : 0) . "; </script>" ;
-
+
}
-
+
return;
}
-
-
-
+
+
+
function post() {
-
+
logger('mod-photos: photos_post: begin' , LOGGER_DEBUG);
-
+
logger('mod_photos: REQUEST ' . print_r($_REQUEST,true), LOGGER_DATA);
logger('mod_photos: FILES ' . print_r($_FILES,true), LOGGER_DATA);
-
+
$ph = photo_factory('');
-
+
$phototypes = $ph->supportedTypes();
-
+
$can_post = false;
-
+
$page_owner_uid = \App::$data['channel']['channel_id'];
-
+
if(perm_is_allowed($page_owner_uid,get_observer_hash(),'write_storage'))
$can_post = true;
-
+
if(! $can_post) {
notice( t('Permission denied.') . EOL );
if(is_ajax())
killme();
return;
}
-
+
$s = abook_self($page_owner_uid);
-
+
if(! $s) {
notice( t('Page owner information could not be retrieved.') . EOL);
logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
@@ -83,30 +83,30 @@ class Photos extends \Zotlabs\Web\Controller {
killme();
return;
}
-
- $owner_record = $s[0];
-
+
+ $owner_record = $s[0];
+
$acl = new \Zotlabs\Access\AccessList(\App::$data['channel']);
-
+
if((argc() > 3) && (argv(2) === 'album')) {
-
+
$album = argv(3);
if(! photos_album_exists($page_owner_uid, get_observer_hash(), $album)) {
notice( t('Album not found.') . EOL);
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
-
-
+
+
/*
* DELETE photo album and all its photos
*/
-
+
if($_REQUEST['dropalbum'] == t('Delete Album')) {
-
-
+
+
$folder_hash = '';
-
+
$r = q("select * from attach where is_dir = 1 and uid = %d and hash = '%s'",
intval($page_owner_uid),
dbesc($album)
@@ -116,13 +116,13 @@ class Photos extends \Zotlabs\Web\Controller {
return;
}
$folder_hash = $r[0]['hash'];
-
-
+
+
$res = array();
$admin_delete = false;
// get the list of photos we are about to delete
-
+
if(remote_channel() && (! local_channel())) {
$str = photos_album_get_db_idstr($page_owner_uid,$album,remote_channel());
}
@@ -139,7 +139,7 @@ class Photos extends \Zotlabs\Web\Controller {
if(! $str) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
-
+
$r = q("select id from item where resource_id in ( $str ) and resource_type = 'photo' and uid = %d " . item_normal(),
intval($page_owner_uid)
);
@@ -148,34 +148,34 @@ class Photos extends \Zotlabs\Web\Controller {
attach_delete($page_owner_uid, $i['resource_id'], true );
}
}
-
+
// remove the associated photos in case they weren't attached to an item
-
+
q("delete from photo where resource_id in ( $str ) and uid = %d",
intval($page_owner_uid)
);
-
+
// @FIXME do the same for the linked attach
-
+
if($folder_hash) {
attach_delete($page_owner_uid, $folder_hash, true );
- if(! $admin_delete) {
+ if(! $admin_delete) {
$sync = attach_export_data(\App::$data['channel'],$folder_hash, true);
-
- if($sync)
+
+ if($sync)
Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync)));
}
}
-
+
}
-
+
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']);
}
-
+
if((argc() > 2) && (x($_REQUEST,'delete')) && ($_REQUEST['delete'] === t('Delete Photo'))) {
// same as above but remove single photo
-
+
$ob_hash = get_observer_hash();
if(! $ob_hash)
goaway(z_root() . '/' . $_SESSION['photo_return']);
@@ -185,18 +185,18 @@ class Photos extends \Zotlabs\Web\Controller {
intval(local_channel()),
dbesc(argv(2))
);
-
+
if($r) {
attach_delete($page_owner_uid, $r[0]['resource_id'], true );
$sync = attach_export_data(\App::$data['channel'],$r[0]['resource_id'], true);
-
- if($sync)
+
+ if($sync)
Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync)));
}
elseif(is_site_admin()) {
// If the admin deletes a photo, don't sync
attach_delete($page_owner_uid, argv(2), true);
- }
+ }
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
@@ -208,10 +208,10 @@ class Photos extends \Zotlabs\Web\Controller {
intval($page_owner_uid)
);
if(($m) && ($m[0]['folder'] != $_POST['move_to_album'])) {
- attach_move($page_owner_uid,argv(2),$_POST['move_to_album']);
+ attach_move($page_owner_uid,argv(2),$_POST['move_to_album']);
$sync = attach_export_data(\App::$data['channel'], argv(2), false);
- if($sync)
+ if($sync)
Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync)));
if(! ($_POST['desc'] && $_POST['newtag']))
@@ -220,28 +220,28 @@ class Photos extends \Zotlabs\Web\Controller {
}
if((argc() > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false))) {
-
+
$desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : '');
$rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
$is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
-
+
$acl->set_from_array($_POST);
$perm = $acl->get();
-
+
$resource_id = argv(2);
-
- if((x($_POST,'rotate') !== false) &&
+
+ if((x($_POST,'rotate') !== false) &&
( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) {
logger('rotate');
-
+
$r = q("select * from photo where resource_id = '%s' and uid = %d and imgscale = 0 limit 1",
dbesc($resource_id),
intval($page_owner_uid)
);
if(count($r)) {
-
+
$ph = photo_factory(@file_get_contents(dbunescbin($r[0]['content'])), $r[0]['mimetype']);
if($ph->is_valid()) {
$rotate_deg = ( (intval($_POST['rotate']) == 1) ? 270 : 90 );
@@ -255,12 +255,12 @@ class Photos extends \Zotlabs\Web\Controller {
dbesc($resource_id),
intval($page_owner_uid)
);
-
+
$ph->saveImage(dbunescbin($r[0]['content']));
-
- $arr = [
+
+ $arr = [
'aid' => get_account_id(),
- 'uid' => intval($page_owner_uid),
+ 'uid' => intval($page_owner_uid),
'resource_id' => dbesc($resource_id),
'filename' => $r[0]['filename'],
'imgscale' => 0,
@@ -277,28 +277,31 @@ class Photos extends \Zotlabs\Web\Controller {
unset($arr['os_syspath']);
- if($width > 1024 || $height > 1024)
+ $width = $r[0]['width'];
+ $height = $r[0]['height'];
+
+ if($width > 1024 || $height > 1024)
$ph->scaleImage(1024);
$ph->storeThumbnail($arr, PHOTO_RES_1024);
- if($width > 640 || $height > 640)
+ if($width > 640 || $height > 640)
$ph->scaleImage(640);
$ph->storeThumbnail($arr, PHOTO_RES_640);
- if($width > 320 || $height > 320)
+ if($width > 320 || $height > 320)
$ph->scaleImage(320);
$ph->storeThumbnail($arr, PHOTO_RES_320);
}
}
}
-
+
$p = q("SELECT mimetype, is_nsfw, description, resource_id, imgscale, allow_cid, allow_gid, deny_cid, deny_gid FROM photo WHERE resource_id = '%s' AND uid = %d ORDER BY imgscale DESC",
dbesc($resource_id),
intval($page_owner_uid)
);
if($p) {
$ext = $phototypes[$p[0]['mimetype']];
-
+
$r = q("UPDATE photo SET description = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' WHERE resource_id = '%s' AND uid = %d",
dbesc($desc),
dbesc($perm['allow_cid']),
@@ -309,9 +312,7 @@ class Photos extends \Zotlabs\Web\Controller {
intval($page_owner_uid)
);
}
-
- $item_private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false);
-
+
$old_is_nsfw = $p[0]['is_nsfw'];
if($old_is_nsfw != $is_nsfw) {
$r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d",
@@ -320,31 +321,31 @@ class Photos extends \Zotlabs\Web\Controller {
intval($page_owner_uid)
);
}
-
+
/* Don't make the item visible if the only change was the album name */
-
+
$visibility = 0;
if($p[0]['description'] !== $desc || strlen($rawtags))
$visibility = 1;
-
+
if(! $item_id) {
$item_id = photos_create_item(\App::$data['channel'],get_observer_hash(),$p[0],$visibility);
-
+
}
-
+
if($item_id) {
$r = q("SELECT * FROM item WHERE id = %d AND uid = %d LIMIT 1",
intval($item_id),
intval($page_owner_uid)
);
-
+
if($r) {
$old_tag = $r[0]['tag'];
$old_inform = $r[0]['inform'];
}
}
-
-
+
+
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
where id = %d",
@@ -355,7 +356,7 @@ class Photos extends \Zotlabs\Web\Controller {
intval($acl->is_private()),
intval($item_id)
);
-
+
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
dbesc($perm['allow_cid']),
@@ -365,46 +366,46 @@ class Photos extends \Zotlabs\Web\Controller {
dbesc($resource_id),
intval($page_owner_uid)
);
-
-
-
+
+
+
if(strlen($rawtags)) {
-
+
$str_tags = '';
$inform = '';
-
+
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention
-
+
$x = substr($rawtags,0,1);
if($x !== '@' && $x !== '#')
$rawtags = '@' . $rawtags;
-
+
require_once('include/text.php');
$profile_uid = \App::$profile['profile_uid'];
-
+
$results = linkify_tags($rawtags, (local_channel()) ? local_channel() : $profile_uid);
-
+
$success = $results['success'];
$post_tags = array();
-
+
foreach($results as $result) {
$success = $result['success'];
if($success['replaced']) {
$post_tags[] = array(
- 'uid' => $profile_uid,
+ 'uid' => $profile_uid,
'ttype' => $success['termtype'],
'otype' => TERM_OBJ_POST,
'term' => $success['term'],
'url' => $success['url']
- );
+ );
}
}
-
+
$r = q("select * from item where id = %d and uid = %d limit 1",
intval($item_id),
intval($page_owner_uid)
);
-
+
if($r) {
$r = fetch_post_tags($r,true);
$datarray = $r[0];
@@ -412,42 +413,42 @@ class Photos extends \Zotlabs\Web\Controller {
if((! array_key_exists('term',$datarray)) || (! is_array($datarray['term'])))
$datarray['term'] = $post_tags;
else
- $datarray['term'] = array_merge($datarray['term'],$post_tags);
+ $datarray['term'] = array_merge($datarray['term'],$post_tags);
}
item_store_update($datarray,$execflag);
}
-
+
}
$sync = attach_export_data(\App::$data['channel'],$resource_id);
-
- if($sync)
+
+ if($sync)
Libsync::build_sync_packet($page_owner_uid,array('file' => array($sync)));
-
+
goaway(z_root() . '/' . $_SESSION['photo_return']);
return; // NOTREACHED
-
-
+
+
}
-
-
+
+
/**
* default post action - upload a photo
*/
-
+
$channel = \App::$data['channel'];
$observer = \App::$data['observer'];
-
+
$_REQUEST['source'] = 'photos';
require_once('include/attach.php');
-
+
if(! local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
-
+
$matches = [];
$partial = false;
@@ -467,7 +468,7 @@ class Photos extends \Zotlabs\Web\Controller {
if($x['partial']) {
header('Range: bytes=0-' . (($x['length']) ? $x['length'] - 1 : 0));
- json_return_and_die($result);
+ json_return_and_die($x);
}
else {
header('Range: bytes=0-' . (($x['size']) ? $x['size'] - 1 : 0));
@@ -481,7 +482,7 @@ class Photos extends \Zotlabs\Web\Controller {
];
}
}
- else {
+ else {
if(! array_key_exists('userfile',$_FILES)) {
$_FILES['userfile'] = [
'name' => $_FILES['files']['name'],
@@ -494,53 +495,53 @@ class Photos extends \Zotlabs\Web\Controller {
}
$r = attach_store($channel,get_observer_hash(), '', $_REQUEST);
-
+
if(! $r['success']) {
notice($r['message'] . EOL);
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']);
- }
+ }
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $r['data']['folder']);
-
+
}
-
-
-
+
+
+
function get() {
-
+
// URLs:
// photos/name
// photos/name/album/xxxxx (xxxxx is album name)
// photos/name/image/xxxxx
-
-
+
+
if(observer_prohibited()) {
notice( t('Public access denied.') . EOL);
return;
}
-
+
$unsafe = ((array_key_exists('unsafe',$_REQUEST) && $_REQUEST['unsafe']) ? 1 : 0);
-
+
require_once('include/bbcode.php');
require_once('include/security.php');
require_once('include/conversation.php');
-
+
if(! x(\App::$data,'channel')) {
notice( t('No photos selected') . EOL );
return;
}
-
+
$ph = photo_factory('');
$phototypes = $ph->supportedTypes();
-
+
$_SESSION['photo_return'] = \App::$cmd;
-
+
//
- // Parse arguments
+ // Parse arguments
//
-
+
$can_comment = perm_is_allowed(\App::$profile['profile_uid'],get_observer_hash(),'post_comments');
-
+
if(argc() > 3) {
$datatype = argv(2);
$datum = argv(3);
@@ -552,70 +553,70 @@ class Photos extends \Zotlabs\Web\Controller {
else
$datatype = 'summary';
}
-
+
if(argc() > 4)
$cmd = argv(4);
else
$cmd = 'view';
-
+
//
// Setup permissions structures
//
-
+
$can_post = false;
$visitor = 0;
-
-
+
+
$owner_uid = \App::$data['channel']['channel_id'];
$owner_aid = \App::$data['channel']['channel_account_id'];
-
+
$observer = \App::get_observer();
-
+
$can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'write_storage');
$can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_storage');
-
+
if(! $can_view) {
notice( t('Access to this item is restricted.') . EOL);
return;
}
-
+
$sql_item = item_permissions_sql($owner_uid,get_observer_hash());
$sql_extra = permissions_sql($owner_uid,get_observer_hash(),'photo');
$sql_attach = permissions_sql($owner_uid,get_observer_hash(),'attach');
nav_set_selected('Photos');
-
+
$o = '<script src="vendor/blueimp/jquery-file-upload/js/vendor/jquery.ui.widget.js"></script>
<script src="vendor/blueimp/jquery-file-upload/js/jquery.iframe-transport.js"></script>
<script src="vendor/blueimp/jquery-file-upload/js/jquery.fileupload.js"></script>';
- $o .= "<script> var profile_uid = " . \App::$profile['profile_uid']
+ $o .= "<script> var profile_uid = " . \App::$profile['profile_uid']
. "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n";
-
+
$_is_owner = (local_channel() && (local_channel() == $owner_uid));
-
+
/**
* Display upload form
*/
-
+
if( $can_post) {
-
+
$uploader = '';
-
+
$ret = array('post_url' => z_root() . '/photos/' . \App::$data['channel']['channel_address'],
'addon_text' => $uploader,
'default_upload' => true);
-
+
call_hooks('photo_upload_form',$ret);
-
+
/* Show space usage */
-
+
$r = q("select sum(filesize) as total from photo where aid = %d and imgscale = 0 ",
intval(\App::$data['channel']['channel_account_id'])
);
-
-
+
+
$limit = engr_units_to_bytes(service_class_fetch(\App::$data['channel']['channel_id'],'photo_upload_limit'));
if($limit !== false) {
$usage_message = sprintf( t("%1$.2f MB of %2$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000 );
@@ -623,22 +624,22 @@ class Photos extends \Zotlabs\Web\Controller {
else {
$usage_message = sprintf( t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000 );
}
-
+
if($_is_owner) {
$channel = \App::get_channel();
-
+
$acl = new \Zotlabs\Access\AccessList($channel);
$channel_acl = $acl->get();
-
+
$lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
}
-
+
$aclselect = (($_is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
-
+
// this is wrong but is to work around an issue with js_upload wherein it chokes if these variables
- // don't exist. They really should be set to a parseable representation of the channel's default permissions
- // which can be processed by getSelected()
-
+ // don't exist. They really should be set to a parseable representation of the channel's default permissions
+ // which can be processed by getSelected()
+
if(! $aclselect) {
$aclselect = '<input id="group_allow" type="hidden" name="allow_gid[]" value="" /><input id="contact_allow" type="hidden" name="allow_cid[]" value="" /><input id="group_deny" type="hidden" name="deny_gid[]" value="" /><input id="contact_deny" type="hidden" name="deny_cid[]" value="" />';
}
@@ -648,11 +649,11 @@ class Photos extends \Zotlabs\Web\Controller {
if($datum) {
$h = attach_by_hash_nodata($datum,get_observer_hash());
$selname = $h['data']['display_path'];
- }
+ }
+
-
$albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer']));
-
+
if(! $selname) {
$def_album = get_pconfig(\App::$data['channel']['channel_id'],'system','photo_path');
if($def_album) {
@@ -660,7 +661,7 @@ class Photos extends \Zotlabs\Web\Controller {
$albums['album'][] = array('text' => $selname);
}
}
-
+
$tpl = get_markup_template('photos_upload.tpl');
$upload_form = replace_macros($tpl,array(
'$pagename' => t('Upload Photos'),
@@ -685,22 +686,22 @@ class Photos extends \Zotlabs\Web\Controller {
'$default' => (($ret['default_upload']) ? true : false),
'$uploadurl' => $ret['post_url'],
'$submit' => t('Upload')
-
+
));
-
+
}
-
+
//
// dispatch request
//
-
+
/*
* Display a single photo album
*/
-
+
if($datatype === 'album') {
- head_add_link([
+ head_add_link([
'rel' => 'alternate',
'type' => 'application/json+oembed',
'href' => z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string),
@@ -710,7 +711,7 @@ class Photos extends \Zotlabs\Web\Controller {
if($x = photos_album_exists($owner_uid, get_observer_hash(), $datum)) {
\App::set_pager_itemspage(30);
$album = $x['display_path'];
- }
+ }
else {
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']);
}
@@ -721,7 +722,7 @@ class Photos extends \Zotlabs\Web\Controller {
$order = 'DESC';
$r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.imgscale, p.description, p.created FROM photo p INNER JOIN
- (SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph
+ (SELECT resource_id, max(imgscale) imgscale FROM photo left join attach on folder = '%s' and photo.resource_id = attach.hash WHERE attach.uid = %d AND imgscale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.imgscale = ph.imgscale)
ORDER BY created $order LIMIT %d OFFSET %d",
dbesc($x['hash']),
@@ -739,9 +740,9 @@ class Photos extends \Zotlabs\Web\Controller {
if($can_post) {
$album_e = $album;
$albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer']));
-
+
// @fixme - syncronise actions with DAV
-
+
// $edit_tpl = get_markup_template('album_edit.tpl');
// $album_edit = replace_macros($edit_tpl,array(
// '$nametext' => t('Enter a new album name'),
@@ -753,32 +754,32 @@ class Photos extends \Zotlabs\Web\Controller {
// '$submit' => t('Submit'),
// '$dropsubmit' => t('Delete Album')
// ));
-
+
}
-
+
if($_GET['order'] === 'posted')
$order = array(t('Show Newest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum);
else
$order = array(t('Show Oldest First'), z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $datum . '?f=&order=posted');
-
+
$photos = array();
if(count($r)) {
$twist = 'rotright';
foreach($r as $rr) {
-
+
if($twist == 'rotright')
$twist = 'rotleft';
else
$twist = 'rotright';
-
+
$ext = $phototypes[$rr['mimetype']];
-
+
$imgalt_e = $rr['filename'];
$desc_e = $rr['description'];
-
+
$imagelink = (z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $rr['resource_id']
. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''));
-
+
$photos[] = array(
'id' => $rr['id'],
'twist' => ' ' . $twist . rand(2,4),
@@ -793,7 +794,7 @@ class Photos extends \Zotlabs\Web\Controller {
);
}
}
-
+
if($_REQUEST['aj']) {
if($photos) {
$o = replace_macros(get_markup_template('photosajax.tpl'),array(
@@ -821,71 +822,71 @@ class Photos extends \Zotlabs\Web\Controller {
'$upload_form' => $upload_form,
'$usage' => $usage_message
));
-
+
}
-
+
if((! $photos) && ($_REQUEST['aj'])) {
$o .= '<div id="content-complete"></div>';
echo $o;
killme();
}
-
+
return $o;
-
- }
-
- /**
+
+ }
+
+ /**
* Display one photo
*/
-
+
if($datatype === 'image') {
-
+
\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n";
-
+
$x = q("select folder from attach where hash = '%s' and uid = %d $sql_attach limit 1",
dbesc($datum),
intval($owner_uid)
);
// fetch image, item containing image, then comments
-
- $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s'
+
+ $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,description,album,filename,mimetype,height,width,filesize,imgscale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM photo WHERE uid = %d AND resource_id = '%s'
$sql_extra ORDER BY imgscale ASC ",
intval($owner_uid),
dbesc($datum)
);
-
+
if(! ($ph && $x)) {
-
+
/* Check again - this time without specifying permissions */
-
+
$ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' LIMIT 1",
intval($owner_uid),
dbesc($datum)
);
- if($ph)
+ if($ph)
notice( t('Permission denied. Access to this item may be restricted.') . EOL);
else
notice( t('Photo not available') . EOL );
return;
}
-
-
-
+
+
+
$prevlink = '';
$nextlink = '';
-
+
if($_GET['order'] === 'posted')
$order = 'ASC';
else
$order = 'DESC';
-
+
$prvnxt = q("SELECT hash FROM attach WHERE folder = '%s' AND uid = %d AND is_photo = 1
$sql_attach ORDER BY created $order ",
dbesc($x[0]['folder']),
intval($owner_uid)
- );
+ );
if(count($prvnxt)) {
for($z = 0; $z < count($prvnxt); $z++) {
@@ -899,12 +900,12 @@ class Photos extends \Zotlabs\Web\Controller {
break;
}
}
-
+
$prevlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
$nextlink = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['hash'] . (($_GET['order'] === 'posted') ? '?f=&order=posted' : '');
}
-
-
+
+
if(count($ph) == 1)
$hires = $lores = $ph[0];
if(count($ph) > 1) {
@@ -917,74 +918,74 @@ class Photos extends \Zotlabs\Web\Controller {
$lores = $ph[1];
}
}
-
+
$album_link = z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $x[0]['folder'];
$tools = Null;
$lock = Null;
-
+
if($can_post && ($ph[0]['uid'] == $owner_uid)) {
$tools = array(
'profile'=>array(z_root() . '/profile_photo/use/'.$ph[0]['resource_id'], t('Use as profile photo')),
'cover'=>array(z_root() . '/cover_photo/use/'.$ph[0]['resource_id'], t('Use as cover photo')),
);
}
-
+
// lockstate
$lockstate = ( ( (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid'])
|| strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) )
? array('lock', t('Private Photo'))
: array('unlock', Null));
-
+
\App::$page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n";
if($prevlink)
\App::$page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
if($nextlink)
\App::$page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
\App::$page['htmlhead'] .= '});</script>';
-
+
if($prevlink)
$prevlink = array($prevlink, t('Previous'));
-
+
$photo = array(
'href' => z_root() . '/photo/' . $hires['resource_id'] . '-' . $hires['imgscale'] . '.' . $phototypes[$hires['mimetype']],
'title'=> t('View Full Size'),
'src' => z_root() . '/photo/' . $lores['resource_id'] . '-' . $lores['imgscale'] . '.' . $phototypes[$lores['mimetype']]
);
-
+
if($nextlink)
$nextlink = array($nextlink, t('Next'));
-
-
+
+
// Do we have an item for this photo?
-
- $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo'
+
+ $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo'
$sql_item LIMIT 1",
dbesc($datum)
);
-
+
$map = null;
-
+
if($linked_items) {
-
+
xchan_query($linked_items);
$linked_items = fetch_post_tags($linked_items,true);
-
+
$link_item = $linked_items[0];
$item_normal = item_normal();
-
- $r = q("select * from item where parent_mid = '%s'
+
+ $r = q("select * from item where parent_mid = '%s'
$item_normal and uid = %d $sql_item ",
dbesc($link_item['mid']),
intval($link_item['uid'])
-
+
);
-
+
if($r) {
xchan_query($r);
$r = fetch_post_tags($r,true);
$r = conv_sort($r,'commented');
}
-
+
$tags = array();
if($link_item['term']) {
$cnt = 0;
@@ -997,23 +998,23 @@ class Photos extends \Zotlabs\Web\Controller {
$cnt ++;
}
}
-
+
if((local_channel()) && (local_channel() == $link_item['uid'])) {
q("UPDATE item SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1",
intval($link_item['parent']),
intval(local_channel())
);
}
-
+
if($link_item['coord']) {
$map = generate_map($link_item['coord']);
}
}
-
+
// logger('mod_photo: link_item' . print_r($link_item,true));
-
- // FIXME - remove this when we move to conversation module
-
+
+ // FIXME - remove this when we move to conversation module
+
$r = $r[0]['children'];
$edit = null;
@@ -1023,11 +1024,11 @@ class Photos extends \Zotlabs\Web\Controller {
$caption_e = $ph[0]['description'];
$aclselect_e = (($_is_owner) ? populate_acl($ph[0], true, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_storage')) : '');
$albums = ((array_key_exists('albums', \App::$data)) ? \App::$data['albums'] : photos_albums_list(\App::$data['channel'],\App::$data['observer']));
-
+
$_SESSION['album_return'] = bin2hex($ph[0]['album']);
$folder_list = attach_folder_select_list($ph[0]['uid']);
-
+
$edit = [
'edit' => t('Edit photo'),
'id' => $link_item['id'],
@@ -1058,17 +1059,17 @@ class Photos extends \Zotlabs\Web\Controller {
'delete' => t('Delete Photo')
];
}
-
+
if(count($linked_items)) {
-
+
$cmnt_tpl = get_markup_template('comment_item.tpl');
$tpl = get_markup_template('photo_item.tpl');
$return_url = \App::$cmd;
-
+
$like_tpl = get_markup_template('like_noshare.tpl');
-
+
$likebuttons = '';
-
+
if($observer && ($can_post || $can_comment)) {
$likebuttons = [
'id' => $link_item['id'],
@@ -1078,12 +1079,12 @@ class Photos extends \Zotlabs\Web\Controller {
'wait' => t('Please wait')
];
}
-
+
$comments = '';
if(! $r) {
if($observer && ($can_post || $can_comment)) {
$commentbox = replace_macros($cmnt_tpl,array(
- '$return_path' => '',
+ '$return_path' => '',
'$mode' => 'photos',
'$jsreload' => $return_url,
'$type' => 'wall-comment',
@@ -1101,28 +1102,28 @@ class Photos extends \Zotlabs\Web\Controller {
));
}
}
-
+
$alike = array();
$dlike = array();
-
+
$like = '';
$dislike = '';
-
+
$conv_responses = array(
'like' => array('title' => t('Likes','title')),'dislike' => array('title' => t('Dislikes','title')),
- 'agree' => array('title' => t('Agree','title')),'disagree' => array('title' => t('Disagree','title')), 'abstain' => array('title' => t('Abstain','title')),
+ 'agree' => array('title' => t('Agree','title')),'disagree' => array('title' => t('Disagree','title')), 'abstain' => array('title' => t('Abstain','title')),
'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title'))
);
-
-
-
-
+
+
+
+
if($r) {
-
+
foreach($r as $item) {
builtin_activity_puller($item, $conv_responses);
}
-
+
$like_count = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid']] : '');
$like_list = ((x($alike,$link_item['mid'])) ? $alike[$link_item['mid'] . '-l'] : '');
@@ -1133,7 +1134,7 @@ class Photos extends \Zotlabs\Web\Controller {
$like_list_part = '';
}
$like_button_label = tt('Like','Likes',$like_count,'noun');
-
+
//if (feature_enabled($conv->get_profile_owner(),'dislike')) {
$dislike_count = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid']] : '');
$dislike_list = ((x($dlike,$link_item['mid'])) ? $dlike[$link_item['mid'] . '-l'] : '');
@@ -1145,44 +1146,44 @@ class Photos extends \Zotlabs\Web\Controller {
$dislike_list_part = '';
}
//}
-
-
+
+
$like = ((isset($alike[$link_item['mid']])) ? format_like($alike[$link_item['mid']],$alike[$link_item['mid'] . '-l'],'like',$link_item['mid']) : '');
$dislike = ((isset($dlike[$link_item['mid']])) ? format_like($dlike[$link_item['mid']],$dlike[$link_item['mid'] . '-l'],'dislike',$link_item['mid']) : '');
-
+
// display comments
-
+
foreach($r as $item) {
$comment = '';
$template = $tpl;
$sparkle = '';
-
+
if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent']))
continue;
-
+
$redirect_url = z_root() . '/redir/' . $item['cid'] ;
-
-
+
+
$profile_url = zid($item['author']['xchan_url']);
$sparkle = '';
-
-
+
+
$profile_name = $item['author']['xchan_name'];
$profile_avatar = $item['author']['xchan_photo_m'];
-
+
$profile_link = $profile_url;
-
+
$drop = '';
-
+
if($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan'])
$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
-
-
+
+
$name_e = $profile_name;
$title_e = $item['title'];
unobscure($item);
$body_e = prepare_text($item['body'],$item['mimetype']);
-
+
$comments .= replace_macros($template,array(
'$id' => $item['id'],
'$mode' => 'photos',
@@ -1197,9 +1198,9 @@ class Photos extends \Zotlabs\Web\Controller {
'$drop' => $drop,
'$comment' => $comment
));
-
+
}
-
+
if($observer && ($can_post || $can_comment)) {
$commentbox = replace_macros($cmnt_tpl,array(
'$return_path' => '',
@@ -1216,20 +1217,20 @@ class Photos extends \Zotlabs\Web\Controller {
'$ww' => ''
));
}
-
+
}
$paginate = paginate($a);
}
-
+
$album_e = array($album_link,$ph[0]['album']);
$like_e = $like;
$dislike_e = $dislike;
-
-
+
+
$response_verbs = array('like');
if(feature_enabled($owner_uid,'dislike'))
$response_verbs[] = 'dislike';
-
+
$responses = get_responses($conv_responses,$response_verbs,'',$link_item);
$hookdata = [
@@ -1238,7 +1239,7 @@ class Photos extends \Zotlabs\Web\Controller {
'nickname' => \App::$data['channel']['channel_address']
];
call_hooks('photo_view_filter', $hookdata);
-
+
$photo_tpl = get_markup_template('photo_view.tpl');
$o .= replace_macros($photo_tpl, array(
'$id' => $ph[0]['id'],
@@ -1255,7 +1256,7 @@ class Photos extends \Zotlabs\Web\Controller {
'$tag_hdr' => t('In This Photo:'),
'$tags' => $tags,
'responses' => $responses,
- '$edit' => $edit,
+ '$edit' => $edit,
'$map' => $map,
'$map_text' => t('Map'),
'$likebuttons' => $likebuttons,
@@ -1277,26 +1278,26 @@ class Photos extends \Zotlabs\Web\Controller {
'$paginate' => $paginate,
'$onclick' => $hookdata['onclick']
));
-
+
\App::$data['photo_html'] = $o;
-
+
return $o;
}
-
+
// Default - show recent photos with upload link (if applicable)
//$o = '';
-
+
\App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$cmd) . '" title="oembed" />' . "\r\n";
-
+
\App::set_pager_itemspage(30);
-
- $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created, p.display_path
- FROM photo p
- INNER JOIN ( SELECT resource_id, max(imgscale) imgscale FROM photo
- WHERE photo.uid = %d AND photo_usage IN ( %d, %d )
- AND is_nsfw = %d $sql_extra group by resource_id ) ph
- ON (p.resource_id = ph.resource_id and p.imgscale = ph.imgscale)
+
+ $r = q("SELECT p.resource_id, p.id, p.filename, p.mimetype, p.album, p.imgscale, p.created, p.display_path
+ FROM photo p
+ INNER JOIN ( SELECT resource_id, max(imgscale) imgscale FROM photo
+ WHERE photo.uid = %d AND photo_usage IN ( %d, %d )
+ AND is_nsfw = %d $sql_extra group by resource_id ) ph
+ ON (p.resource_id = ph.resource_id and p.imgscale = ph.imgscale)
ORDER by p.created DESC LIMIT %d OFFSET %d",
intval(\App::$data['channel']['channel_id']),
intval(PHOTO_NORMAL),
@@ -1305,9 +1306,9 @@ class Photos extends \Zotlabs\Web\Controller {
intval(\App::$pager['itemspage']),
intval(\App::$pager['start'])
);
-
-
-
+
+
+
$photos = array();
if($r) {
$twist = 'rotright';
@@ -1321,7 +1322,7 @@ class Photos extends \Zotlabs\Web\Controller {
else
$twist = 'rotright';
$ext = $phototypes[$rr['mimetype']];
-
+
$alt_e = $rr['filename'];
$name_e = dirname($rr['display_path']);
@@ -1335,11 +1336,11 @@ class Photos extends \Zotlabs\Web\Controller {
'album' => array(
'name' => $name_e,
),
-
+
);
}
}
-
+
if($_REQUEST['aj']) {
if($photos) {
$o = replace_macros(get_markup_template('photosajax.tpl'),array(
@@ -1355,7 +1356,7 @@ class Photos extends \Zotlabs\Web\Controller {
}
else {
$o .= "<script> var page_query = '" . escape_tags(urlencode($_GET['q'])) . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
- $tpl = get_markup_template('photos_recent.tpl');
+ $tpl = get_markup_template('photos_recent.tpl');
$o .= replace_macros($tpl, array(
'$title' => t('Recent Photos'),
'$album_id' => bin2hex(t('Recent Photos')),
@@ -1365,18 +1366,18 @@ class Photos extends \Zotlabs\Web\Controller {
'$upload_form' => $upload_form,
'$usage' => $usage_message
));
-
+
}
-
+
if((! $photos) && ($_REQUEST['aj'])) {
$o .= '<div id="content-complete"></div>';
echo $o;
killme();
}
-
+
// paginate($a);
return $o;
}
-
-
+
+
}
diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php
index 534c63d46..396e07001 100644
--- a/Zotlabs/Module/Sse_bs.php
+++ b/Zotlabs/Module/Sse_bs.php
@@ -123,7 +123,7 @@ class Sse_bs extends Controller {
$mids[] = '\'' . dbesc(@base64url_decode(substr($a,4))) . '\'';
}
- $str = implode($mids, ',');
+ $str = implode(',', $mids);
$x = [ 'channel_id' => self::$uid, 'update' => 'unset' ];
call_hooks('update_unseen',$x);
diff --git a/Zotlabs/Module/Zfinger.php b/Zotlabs/Module/Zfinger.php
index 533f0a5db..ce7117ad8 100644
--- a/Zotlabs/Module/Zfinger.php
+++ b/Zotlabs/Module/Zfinger.php
@@ -7,7 +7,7 @@ use Zotlabs\Lib\Libzot;
class Zfinger extends \Zotlabs\Web\Controller {
function init() {
-
+
require_once('include/zot.php');
require_once('include/crypto.php');
@@ -26,7 +26,7 @@ class Zfinger extends \Zotlabs\Web\Controller {
if($chan) {
$headers['Digest'] = HTTPSig::generate_digest_header($ret);
- $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'],'acct:' . channel_reddress($chan));
+ $h = HTTPSig::create_sig($headers,$chan['channel_prvkey'], channel_url($chan));
HTTPSig::set_headers($h);
}
else {
@@ -37,7 +37,7 @@ class Zfinger extends \Zotlabs\Web\Controller {
echo $ret;
killme();
-
+
}
-
+
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-13 15:51:33 +0000