aboutsummaryrefslogtreecommitdiffstats
path: root/include/items.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/items.php')
-rwxr-xr-xinclude/items.php294
1 files changed, 138 insertions, 156 deletions
diff --git a/include/items.php b/include/items.php
index 790b91c88..e75a9659d 100755
--- a/include/items.php
+++ b/include/items.php
@@ -178,7 +178,7 @@ function item_normal() {
}
function item_normal_search() {
- return " and item.item_hidden = 0 and item.item_type in (0,3,6) and item.item_deleted = 0
+ return " and item.item_hidden = 0 and item.item_type in (0,3,6,7) and item.item_deleted = 0
and item.item_unpublished = 0 and item.item_delayed = 0 and item.item_pending_remove = 0
and item.item_blocked = 0 and item.obj_type != '" . ACTIVITY_OBJ_FILE . "' ";
}
@@ -261,6 +261,7 @@ function can_comment_on_post($observer_xchan, $item) {
return true;
break;
case 'public':
+ case 'authenticated':
// We don't really allow or support public comments yet, but anonymous
// folks won't ever reach this point (as $observer_xchan will be empty).
// This means the viewer has an xchan and we can identify them.
@@ -268,7 +269,6 @@ function can_comment_on_post($observer_xchan, $item) {
break;
case 'any connections':
case 'contacts':
- case 'authenticated':
case '':
if(array_key_exists('owner',$item) && get_abconfig($item['uid'],$item['owner']['abook_xchan'],'their_perms','post_comments')) {
return true;
@@ -969,6 +969,10 @@ function import_author_unknown($x) {
return false;
}
+function empty_acl($item) {
+ return (($item['allow_cid'] === EMPTY_STR && $item['allow_gid'] === EMPTY_STR && $item['deny_cid'] === EMPTY_STR && $item['deny_gid'] === EMPTY_STR) ? true : false);
+}
+
function encode_item($item,$mirror = false) {
$x = array();
$x['type'] = 'activity';
@@ -1412,6 +1416,13 @@ function get_mail_elements($x) {
}
else {
$arr['body'] = (($x['body']) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8',false) : '');
+
+ $maxlen = get_max_import_size();
+
+ if($maxlen && mb_strlen($arr['body']) > $maxlen) {
+ $arr['body'] = mb_substr($arr['body'],0,$maxlen,'UTF-8');
+ logger('message length exceeds max_import_size: truncated');
+ }
}
$arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : '');
@@ -1966,23 +1977,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
*/
call_hooks('post_remote_end', $arr);
- // update the commented timestamp on the parent - unless this is potentially a clone of an older item
- // which we don't wish to bring to the surface. As the queue only holds deliveries for 3 days, it's
- // suspected of being an older cloned item if the creation time is older than that.
-
- if($arr['created'] > datetime_convert('','','now - 4 days')) {
- $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ",
- dbesc($arr['parent_mid']),
- intval($arr['uid'])
- );
-
- q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d",
- dbesc(($z) ? $z[0]['commented'] : (datetime_convert())),
- dbesc(datetime_convert()),
- intval($parent_id)
- );
- }
-
+ item_update_parent_commented($arr);
// If _creating_ a deleted item, don't propagate it further or send out notifications.
// We need to store the item details just in case the delete came in before the original post,
@@ -2313,6 +2308,36 @@ function item_store_update($arr, $allow_exec = false, $deliver = true) {
return $ret;
}
+function item_update_parent_commented($item) {
+
+
+ $update_parent = true;
+
+ // update the commented timestamp on the parent
+ // - unless this is a moderated comment or a potential clone of an older item
+ // which we don't wish to bring to the surface. As the queue only holds deliveries
+ // for 3 days, it's suspected of being an older cloned item if the creation time
+ //is older than that.
+
+ if(intval($item['item_blocked']) === ITEM_MODERATED)
+ $update_parent = false;
+
+ if($item['created'] < datetime_convert('','','now - 4 days'))
+ $update_parent = false;
+
+ if($update_parent) {
+ $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and item_delayed = 0 ",
+ dbesc($item['parent_mid']),
+ intval($item['uid'])
+ );
+
+ q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d",
+ dbesc(($z) ? $z[0]['commented'] : datetime_convert()),
+ dbesc(datetime_convert()),
+ intval($item['parent'])
+ );
+ }
+}
function send_status_notifications($post_id,$item) {
@@ -2507,43 +2532,7 @@ function tag_deliver($uid, $item_id) {
*/
if($item['obj_type'] === ACTIVITY_OBJ_TAGTERM) {
-
- // We received a community tag activity for a post.
- // See if we are the owner of the parent item and have given permission to tag our posts.
- // If so tag the parent post.
-
- logger('tag_deliver: community tag activity received');
-
- if(($item['owner_xchan'] === $u[0]['channel_hash']) && (! get_pconfig($u[0]['channel_id'],'system','blocktags'))) {
- logger('tag_deliver: community tag recipient: ' . $u[0]['channel_name']);
- $j_tgt = json_decode($item['target'],true);
- if($j_tgt && $j_tgt['id']) {
- $p = q("select * from item where mid = '%s' and uid = %d limit 1",
- dbesc($j_tgt['id']),
- intval($u[0]['channel_id'])
- );
- if($p) {
- $j_obj = json_decode($item['obj'],true);
- logger('tag_deliver: tag object: ' . print_r($j_obj,true), LOGGER_DATA);
- if($j_obj && $j_obj['id'] && $j_obj['title']) {
- if(is_array($j_obj['link']))
- $taglink = get_rel_link($j_obj['link'],'alternate');
-
- store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']);
- $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d",
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc($j_tgt['id']),
- intval($u[0]['channel_id'])
- );
- Zotlabs\Daemon\Master::Summon(array('Notifier','edit_post',$p[0]['id']));
- }
- }
- }
- }
- else
- logger('Tag permission denied for ' . $u[0]['channel_address']);
+ item_community_tag($u[0],$item);
}
/*
@@ -2738,6 +2727,61 @@ function tag_deliver($uid, $item_id) {
}
+
+function item_community_tag($channel,$item) {
+
+
+ // We received a community tag activity for a post.
+ // See if we are the owner of the parent item and have given permission to tag our posts.
+ // If so tag the parent post.
+
+ logger('tag_deliver: community tag activity received: channel: ' . $channel['channel_name']);
+
+ $tag_the_post = false;
+ $p = null;
+
+ $j_obj = json_decode($item['obj'],true);
+ $j_tgt = json_decode($item['target'],true);
+ if($j_tgt && $j_tgt['id']) {
+ $p = q("select * from item where mid = '%s' and uid = %d limit 1",
+ dbesc($j_tgt['id']),
+ intval($channel['channel_id'])
+ );
+ }
+ if($p) {
+ xchan_query($p);
+ $items = fetch_post_tags($p,true);
+ $pitem = $items[0];
+ $auth = get_iconfig($item,'system','communitytagauth');
+ if($auth) {
+ if(rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['owner']['xchan_pubkey']) || rsa_verify('tagauth.' . $item['mid'],base64url_decode($auth),$pitem['author']['xchan_pubkey'])) {
+ logger('tag_deliver: tagging the post: ' . $channel['channel_name']);
+ $tag_the_post = true;
+ }
+ }
+ else {
+ if(($pitem['owner_xchan'] === $channel['channel_hash']) && (! intval(get_pconfig($channel['channel_id'],'system','blocktags')))) {
+ logger('tag_deliver: community tag recipient: ' . $channel['channel_name']);
+ $tag_the_post = true;
+ $sig = rsa_sign('tagauth.' . $item['mid'],$channel['channel_prvkey']);
+ logger('tag_deliver: setting iconfig for ' . $item['id']);
+ set_iconfig($item['id'],'system','communitytagauth',base64url_encode($sig),1);
+ }
+ }
+
+ if($tag_the_post) {
+ store_item_tag($channel['channel_id'],$pitem['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$j_obj['title'],$j_obj['id']);
+ }
+ else {
+ logger('Tag permission denied for ' . $channel['channel_address']);
+ }
+ }
+
+}
+
+
+
+
/**
* @brief This function is called pre-deliver to see if a post matches the criteria to be tag delivered.
*
@@ -2988,62 +3032,56 @@ function start_delivery_chain($channel, $item, $item_id, $parent) {
* @param array $item
*/
function check_item_source($uid, $item) {
+
+ logger('source: uid: ' . $uid, LOGGER_DEBUG);
+ $xchan = (($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan']);
+
$r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' or src_xchan = '*' ) limit 1",
intval($uid),
- dbesc(($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan'])
+ dbesc($xchan)
);
- if(! $r)
+ if(! $r) {
+ logger('source: no source record for this channel and source', LOGGER_DEBUG);
return false;
+ }
- $x = q("select abook_their_perms, abook_feed from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
+ $x = q("select abook_feed from abook where abook_channel = %d and abook_xchan = '%s' limit 1",
intval($uid),
- dbesc($item['owner_xchan'])
+ dbesc($xchan)
);
- if(! $x)
+ if(! $x) {
+ logger('source: not connected to this channel.');
return false;
+ }
- if(! get_abconfig($uid,$item['owner_xchan'],'their_perms','republish'))
+ if(! get_abconfig($uid,$xchan,'their_perms','republish')) {
+ logger('source: no republish permission');
return false;
+ }
- if($item['item_private'] && (! intval($x[0]['abook_feed'])))
+ if($item['item_private'] && (! intval($x[0]['abook_feed']))) {
+ logger('source: item is private');
return false;
+ }
- if($r[0]['src_channel_xchan'] === $item['owner_xchan'])
+ if($r[0]['src_channel_xchan'] === $xchan) {
+ logger('source: cannot source yourself');
return false;
+ }
-
- // since we now have connection filters with more features, the source filter is redundant and can probably go away
-
- if(! $r[0]['src_patt'])
+ if (! $r[0]['src_patt']) {
+ logger('source: success');
return true;
+ }
-
- require_once('include/html2plain.php');
- $text = prepare_text($item['body'],$item['mimetype']);
- $text = html2plain($text);
-
- $tags = ((count($item['term'])) ? $item['term'] : false);
-
- $words = explode("\n",$r[0]['src_patt']);
- if($words) {
- foreach($words as $word) {
- $w = trim($word);
- if(! $w)
- continue;
- if(substr($w,0,1) === '#' && $tags) {
- foreach($tags as $t)
- if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($w,1)) || (substr($w,1) === '*')))
- return true;
- }
- elseif((strpos($w,'/') === 0) && preg_match($w,$text))
- return true;
- elseif(stristr($text,$w) !== false)
- return true;
- }
+ if (\Zotlabs\Lib\MessageFilter::evaluate($item, $r[0]['src_patt'], EMPTY_STR)) {
+ logger('source: text filter success');
+ return true;
}
+ logger('source: filter fail');
return false;
}
@@ -3061,69 +3099,8 @@ function post_is_importable($item,$abook) {
if(! ($abook['abook_incl'] || $abook['abook_excl']))
return true;
- require_once('include/html2plain.php');
-
- unobscure($item);
-
- $text = prepare_text($item['body'],$item['mimetype']);
- $text = html2plain(($item['title']) ? $item['title'] . ' ' . $text : $text);
-
-
- $lang = null;
-
- if((strpos($abook['abook_incl'],'lang=') !== false) || (strpos($abook['abook_excl'],'lang=') !== false)) {
- $lang = detect_language($text);
- }
- $tags = ((count($item['term'])) ? $item['term'] : false);
-
- // exclude always has priority
-
- $exclude = (($abook['abook_excl']) ? explode("\n",$abook['abook_excl']) : null);
-
- if($exclude) {
- foreach($exclude as $word) {
- $word = trim($word);
- if(! $word)
- continue;
- if(substr($word,0,1) === '#' && $tags) {
- foreach($tags as $t)
- if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
- return false;
- }
- elseif((strpos($word,'/') === 0) && preg_match($word,$text))
- return false;
- elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
- return false;
- elseif(stristr($text,$word) !== false)
- return false;
- }
- }
+ return \Zotlabs\Lib\MessageFilter::evaluate($item,$abook['abook_incl'],$abook['abook_excl']);
- $include = (($abook['abook_incl']) ? explode("\n",$abook['abook_incl']) : null);
-
- if($include) {
- foreach($include as $word) {
- $word = trim($word);
- if(! $word)
- continue;
- if(substr($word,0,1) === '#' && $tags) {
- foreach($tags as $t)
- if((($t['ttype'] == TERM_HASHTAG) || ($t['ttype'] == TERM_COMMUNITYTAG)) && (($t['term'] === substr($word,1)) || (substr($word,1) === '*')))
- return true;
- }
- elseif((strpos($word,'/') === 0) && preg_match($word,$text))
- return true;
- elseif((strpos($word,'lang=') === 0) && ($lang) && (strcasecmp($lang,trim(substr($word,5))) == 0))
- return true;
- elseif(stristr($text,$word) !== false)
- return true;
- }
- }
- else {
- return true;
- }
-
- return false;
}
@@ -3460,11 +3437,14 @@ function item_getfeedattach($item) {
}
-function item_expire($uid,$days) {
+function item_expire($uid,$days,$comment_days = 7) {
if((! $uid) || ($days < 1))
return;
+ if(! $comment_days)
+ $comment_days = 7;
+
// $expire_network_only = save your own wall posts
// and just expire conversations started by others
// do not enable this until we can pass bulk delete messages through zot
@@ -3483,6 +3463,7 @@ function item_expire($uid,$days) {
$r = q("SELECT id FROM item
WHERE uid = %d
AND created < %s - INTERVAL %s
+ AND commented < %s - INTERVAL %s
AND item_retained = 0
AND item_thread_top = 1
AND resource_type = ''
@@ -3490,7 +3471,9 @@ function item_expire($uid,$days) {
$sql_extra $item_normal LIMIT $expire_limit ",
intval($uid),
db_utcnow(),
- db_quoteinterval(intval($days).' DAY')
+ db_quoteinterval(intval($days) . ' DAY'),
+ db_utcnow(),
+ db_quoteinterval(intval($comment_days) . ' DAY')
);
if(! $r)
@@ -3511,7 +3494,6 @@ function item_expire($uid,$days) {
drop_item($item['id'],false);
}
-// Zotlabs\Daemon\Master::Summon(array('Notifier','expire',$uid));
}
function retain_item($id) {
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-18 14:09:08 +0000