diff options
Diffstat (limited to 'include/items.php')
| -rwxr-xr-x | include/items.php | 1386 |
1 files changed, 883 insertions, 503 deletions
diff --git a/include/items.php b/include/items.php index 10daa85f2..c488e1953 100755 --- a/include/items.php +++ b/include/items.php @@ -7,23 +7,21 @@ require_once('include/photo/photo_driver.php'); require_once('include/permissions.php'); -function collect_recipients($item,&$private) { +function collect_recipients($item,&$private_envelope) { require_once('include/group.php'); - $private = ((intval($item['item_private'])) ? true : false); + $private_envelope = ((intval($item['item_private'])) ? true : false); $recipients = array(); - // if the post is marked private but there are no recipients, only add the author and owner - // as recipients. The ACL for the post may live on the hub of a different clone. We need to - // get the post to that hub. - if($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) { // it is private $allow_people = expand_acl($item['allow_cid']); + $allow_groups = expand_groups(expand_acl($item['allow_gid'])); + $allow_groups = filter_insecure($item['uid'],$allow_groups); $recipients = array_unique(array_merge($allow_people,$allow_groups)); @@ -32,7 +30,7 @@ function collect_recipients($item,&$private) { // as that would allow the denied person to see the post by logging out. if((! $item['allow_cid']) && (! $item['allow_gid'])) { - $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d) ", + $r = q("select * from abook where abook_channel = %d and not (abook_flags & %d)>0 ", intval($item['uid']), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED) ); @@ -48,23 +46,64 @@ function collect_recipients($item,&$private) { $deny_groups = expand_groups(expand_acl($item['deny_gid'])); $deny = array_unique(array_merge($deny_people,$deny_groups)); - $recipients = array_diff($recipients,$deny); - $private = true; + + // Don't deny anybody if nobody was allowed (e.g. they were all filtered out) + // That would lead to array_diff doing the wrong thing. + // This will result in a private post that won't be delivered to anybody. + + if($recipients && $deny) + $recipients = array_diff($recipients,$deny); + $private_envelope = true; } else { - if(! $private) { - $r = q("select abook_xchan from abook where abook_channel = %d and not (abook_flags & %d) ", + + // if the post is marked private but there are no recipients and public_policy/scope = self, + // only add the author and owner as recipients. The ACL for the post may live on the hub of + // a different clone. We need to get the post to that hub. + + // The post may be private by virtue of not being visible to anybody on the internet, + // but there are no envelope recipients, so set this to false. Delivery is controlled + // by the directives in $item['public_policy']. + + $private_envelope = false; + require_once('include/identity.php'); + $sys = get_sys_channel(); + + if(array_key_exists('public_policy',$item) && $item['public_policy'] !== 'self') { + $r = q("select abook_xchan, xchan_network from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d)>0 ", intval($item['uid']), intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_ARCHIVED) ); if($r) { + + // filter out restrictive public_policy settings from remote networks + // which don't have this concept and will treat them as public. + + $policy = substr($item['public_policy'],0,3); foreach($r as $rr) { - $recipients[] = $rr['abook_xchan']; + switch($policy) { + case 'net': + case 'aut': + case 'sit': + case 'any': + case 'con': + if($rr['xchan_network'] != 'zot') + break; + case 'pub': + case '': + default: + $recipients[] = $rr['abook_xchan']; + break; + } } } +// we probably want to check that discovery channel delivery is allowed before uncommenting this. +// if($policy === 'pub') +// $recipients[] = $sys['xchan_hash']; } } + // This is a somewhat expensive operation but important. // Don't send this item to anybody who isn't allowed to see it @@ -88,11 +127,57 @@ function collect_recipients($item,&$private) { $recipients[] = $item['author_xchan']; if($item['owner_xchan'] != $item['author_xchan']) $recipients[] = $item['owner_xchan']; + return $recipients; } /** + * If channel is configured to filter insecure members of privacy groups + * (those whose networks leak privacy via email notifications or other criteria) + * remove them from any privacy groups (collections) that were included in a post. + * They can still be addressed individually. + * Networks may need to be added or removed from this list as circumstances change. + * + * Update: this may need to be the default, which will force people to opt-in to sending stuff + * privately to insecure platforms. + */ + +function filter_insecure($channel_id,$arr) { + $insecure_nets = " and not xchan_network in ('diaspora', 'friendica-over-diaspora') "; + + $ret = array(); + + if((! intval(get_config($channel_id,'system','filter_insecure_collections'))) || (! $arr)) + return $arr; + + $str = ''; + foreach($arr as $rr) { + if(strlen($str)) + $str .= ','; + $str .= "'" . dbesc($rr) . "'"; + } + $r = q("select xchan_hash from xchan where xchan_hash in ($str) $insecure_nets "); + if($r) { + foreach($r as $rr) { + $ret[] = $rr['xchan_hash']; + } + } + return $ret; +} + + +function comments_are_now_closed($item) { + if($item['comments_closed'] !== NULL_DATE) { + $d = datetime_convert(); + if($d > $item['comments_closed']) + return true; + } + return false; +} + + +/** * @function can_comment_on_post($observer_xchan,$item); * * This function examines the comment_policy attached to an item and decides if the current observer has @@ -101,6 +186,7 @@ function collect_recipients($item,&$private) { * Generally we should look at the item - in particular the author['book_flags'] and see if ABOOK_FLAG_SELF is set. * If it is, you should be able to use perm_is_allowed( ... 'post_comments'), and if it isn't you need to call * can_comment_on_post() + * We also check the comments_closed date/time on the item if this is set. */ function can_comment_on_post($observer_xchan,$item) { @@ -109,8 +195,14 @@ function can_comment_on_post($observer_xchan,$item) { if(! $observer_xchan) return false; + + if($item['comment_policy'] === 'none') return false; + + if(comments_are_now_closed($item)) + return false; + if($observer_xchan === $item['author_xchan'] || $observer_xchan === $item['owner_xchan']) return true; switch($item['comment_policy']) { @@ -125,7 +217,9 @@ function can_comment_on_post($observer_xchan,$item) { // false. return false; break; + case 'any connections': case 'contacts': + case 'authenticated': case '': if(array_key_exists('owner',$item)) { if(($item['owner']['abook_xchan']) && ($item['owner']['abook_their_perms'] & PERMS_W_COMMENT)) @@ -169,7 +263,7 @@ function add_source_route($iid,$hash) { ); if($r) { $new_route = (($r[0]['route']) ? $r[0]['route'] . ',' : '') . $hash; - q("update item set route = '%s' where id = %d limit 1", + q("update item set route = '%s' where id = %d", (dbesc($new_route)), intval($iid) ); @@ -289,6 +383,9 @@ function post_activity_item($arr) { return $ret; } + $arr['public_policy'] = ((x($_REQUEST,'public_policy')) ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'],true)); + if($arr['public_policy']) + $arr['item_private'] = 1; if(! array_key_exists('mimetype',$arr)) $arr['mimetype'] = 'text/bbcode'; @@ -308,9 +405,9 @@ function post_activity_item($arr) { $key = get_config('system','pubkey'); $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED; if($arr['title']) - $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key)); + $arr['title'] = json_encode(crypto_encapsulate($arr['title'],$key)); if($arr['body']) - $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key)); + $arr['body'] = json_encode(crypto_encapsulate($arr['body'],$key)); } $arr['mid'] = ((x($arr,'mid')) ? $arr['mid'] : item_message_id()); @@ -376,7 +473,7 @@ function post_activity_item($arr) { function get_public_feed($channel,$params) { $type = 'xml'; - $begin = '0000-00-00 00:00:00'; + $begin = NULL_DATE; $end = ''; $start = 0; $records = 40; @@ -387,12 +484,13 @@ function get_public_feed($channel,$params) { $params = array(); $params['type'] = ((x($params,'type')) ? $params['type'] : 'xml'); - $params['begin'] = ((x($params,'begin')) ? $params['begin'] : '0000-00-00 00:00:00'); + $params['begin'] = ((x($params,'begin')) ? $params['begin'] : NULL_DATE); $params['end'] = ((x($params,'end')) ? $params['end'] : datetime_convert('UTC','UTC','now')); $params['start'] = ((x($params,'start')) ? $params['start'] : 0); $params['records'] = ((x($params,'records')) ? $params['records'] : 40); $params['direction'] = ((x($params,'direction')) ? $params['direction'] : 'desc'); $params['pages'] = ((x($params,'pages')) ? intval($params['pages']) : 0); + $params['top'] = ((x($params,'top')) ? intval($params['top']) : 0); switch($params['type']) { case 'json': @@ -433,7 +531,8 @@ function get_feed_for($channel, $observer_hash, $params) { 'records' => $params['records'], // FIXME 'direction' => $params['direction'], // FIXME 'pages' => $params['pages'], - 'order' => 'post' + 'order' => 'post', + 'top' => $params['top'] ), $channel, $observer_hash, CLIENT_MODE_NORMAL, get_app()->module); @@ -444,13 +543,13 @@ function get_feed_for($channel, $observer_hash, $params) { $atom .= replace_macros($feed_template, array( '$version' => xmlify(RED_VERSION), '$red' => xmlify(RED_PLATFORM), - '$feed_id' => xmlify($channel['channel_url']), + '$feed_id' => xmlify($channel['xchan_url']), '$feed_title' => xmlify($channel['channel_name']), '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now' , ATOM_TIME)) , '$hub' => '', // feed_hublinks(), '$salmon' => '', // feed_salmonlinks($channel['channel_address']), '$name' => xmlify($channel['channel_name']), - '$profile_page' => xmlify($channel['channel_url']), + '$profile_page' => xmlify($channel['xchan_url']), '$mimephoto' => xmlify($channel['xchan_photo_mimetype']), '$photo' => xmlify($channel['xchan_photo_l']), '$thumb' => xmlify($channel['xchan_photo_m']), @@ -664,10 +763,18 @@ function title_is_body($title, $body) { function get_item_elements($x) { - $arr = array(); $arr['body'] = (($x['body']) ? htmlspecialchars($x['body'],ENT_COMPAT,'UTF-8',false) : ''); + $key = get_config('system','pubkey'); + + $maxlen = get_max_import_size(); + + if($maxlen && mb_strlen($arr['body']) > $maxlen) { + $arr['body'] = mb_substr($arr['body'],0,$maxlen,'UTF-8'); + logger('get_item_elements: message length exceeds max_import_size: truncated'); + } + $arr['created'] = datetime_convert('UTC','UTC',$x['created']); $arr['edited'] = datetime_convert('UTC','UTC',$x['edited']); @@ -678,11 +785,14 @@ function get_item_elements($x) { $arr['expires'] = ((x($x,'expires') && $x['expires']) ? datetime_convert('UTC','UTC',$x['expires']) - : '0000-00-00 00:00:00'); + : NULL_DATE); $arr['commented'] = ((x($x,'commented') && $x['commented']) ? datetime_convert('UTC','UTC',$x['commented']) : $arr['created']); + $arr['comments_closed'] = ((x($x,'comments_closed') && $x['comments_closed']) + ? datetime_convert('UTC','UTC',$x['comments_closed']) + : NULL_DATE); $arr['title'] = (($x['title']) ? htmlspecialchars($x['title'], ENT_COMPAT,'UTF-8',false) : ''); @@ -703,11 +813,16 @@ function get_item_elements($x) { $arr['mimetype'] = (($x['mimetype']) ? htmlspecialchars($x['mimetype'], ENT_COMPAT,'UTF-8',false) : ''); $arr['obj_type'] = (($x['object_type']) ? htmlspecialchars($x['object_type'], ENT_COMPAT,'UTF-8',false) : ''); $arr['tgt_type'] = (($x['target_type']) ? htmlspecialchars($x['target_type'], ENT_COMPAT,'UTF-8',false) : ''); + + $arr['public_policy'] = (($x['public_scope']) ? htmlspecialchars($x['public_scope'], ENT_COMPAT,'UTF-8',false) : ''); + if($arr['public_policy'] === 'public') + $arr['public_policy'] = ''; + $arr['comment_policy'] = (($x['comment_scope']) ? htmlspecialchars($x['comment_scope'], ENT_COMPAT,'UTF-8',false) : 'contacts'); $arr['sig'] = (($x['signature']) ? htmlspecialchars($x['signature'], ENT_COMPAT,'UTF-8',false) : ''); - + $arr['diaspora_meta'] = (($x['diaspora_signature']) ? json_encode(crypto_encapsulate($x['diaspora_signature'],$key)) : ''); $arr['object'] = activity_sanitise($x['object']); $arr['target'] = activity_sanitise($x['target']); @@ -759,15 +874,35 @@ function get_item_elements($x) { // We have to do that here because we need to cleanse the input and prevent bad stuff from getting in, // and we need plaintext to do that. + + if(intval($arr['item_private'])) { $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED; - $key = get_config('system','pubkey'); if($arr['title']) $arr['title'] = json_encode(crypto_encapsulate($arr['title'],$key)); if($arr['body']) $arr['body'] = json_encode(crypto_encapsulate($arr['body'],$key)); } + + if(array_key_exists('revision',$x)) { + // extended export encoding + + $arr['revision'] = $x['revision']; + $arr['allow_cid'] = $x['allow_cid']; + $arr['allow_gid'] = $x['allow_gid']; + $arr['deny_cid'] = $x['deny_cid']; + $arr['deny_gid'] = $x['deny_gid']; + $arr['layout_mid'] = $x['layout_mid']; + $arr['postopts'] = $x['postopts']; + $arr['resource_id'] = $x['resource_id']; + $arr['resource_type'] = $x['resource_type']; + $arr['item_restrict'] = $x['item_restrict']; + $arr['item_flags'] = $x['item_flags']; + $arr['attach'] = $x['attach']; + + } + return $arr; } @@ -783,14 +918,35 @@ function import_author_xchan($x) { if((! array_key_exists('network', $x)) || ($x['network'] === 'zot')) { $y = import_author_zot($x); } + if(! $y) + $y = import_author_diaspora($x); if($x['network'] === 'rss') { $y = import_author_rss($x); } + if($x['network'] === 'unknown') { + $y = import_author_unknown($x); + } + return(($y) ? $y : false); } + +function import_author_diaspora($x) { + if(! $x['address']) + return false; + if(discover_by_webbie($x['address'])) { + $r = q("select xchan_hash from xchan where xchan_addr = '%s' limit 1", + dbesc($x['address']) + ); + if($r) + return $r[0]['xchan_hash']; + } + return false; +} + + function import_author_rss($x) { if(! $x['url']) @@ -805,19 +961,20 @@ function import_author_rss($x) { } $name = trim($x['name']); - $r = q("insert into xchan ( xchan_hash, xchan_url, xchan_name, xchan_network ) - values ( '%s', '%s', '%s', '%s' )", - dbesc($x['url']), + $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_url, xchan_name, xchan_network ) + values ( '%s', '%s', '%s', '%s', '%s' )", + dbesc($x['guid']), + dbesc($x['guid']), dbesc($x['url']), dbesc(($name) ? $name : t('(Unknown)')), dbesc('rss') ); - if($r) { + if($r && $x['photo']) { - $photos = import_profile_photo($x['photo'],$x['url']); + $photos = import_profile_photo($x['photo']['src'],$x['url']); if($photos) { - $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss' limit 1", + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'rss'", dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])), dbesc($photos[0]), dbesc($photos[1]), @@ -834,10 +991,55 @@ function import_author_rss($x) { } +function import_author_unknown($x) { + + if(! $x['url']) + return false; + + $r = q("select xchan_hash from xchan where xchan_network = 'unknown' and xchan_url = '%s' limit 1", + dbesc($x['url']) + ); + if($r) { + logger('import_author_unknown: in cache' , LOGGER_DEBUG); + return $r[0]['xchan_hash']; + } + + $name = trim($x['name']); + + $r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_url, xchan_name, xchan_network ) + values ( '%s', '%s', '%s', '%s', '%s' )", + dbesc($x['url']), + dbesc($x['url']), + dbesc($x['url']), + dbesc(($name) ? $name : t('(Unknown)')), + dbesc('unknown') + ); + if($r && $x['photo']) { + + $photos = import_profile_photo($x['photo']['src'],$x['url']); -function encode_item($item) { + if($photos) { + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_url = '%s' and xchan_network = 'unknown'", + dbesc(datetime_convert('UTC','UTC',$arr['photo_updated'])), + dbesc($photos[0]), + dbesc($photos[1]), + dbesc($photos[2]), + dbesc($photos[3]), + dbesc($x['url']) + ); + if($r) + return $x['url']; + } + } + + return false; + +} + +function encode_item($item,$mirror = false) { $x = array(); $x['type'] = 'activity'; + $x['encoding'] = 'zot'; // logger('encode_item: ' . print_r($item,true)); @@ -845,60 +1047,84 @@ function encode_item($item) { intval($item['uid']) ); - if($r) { - $public_scope = $r[0]['channel_r_stream']; + if($r) $comment_scope = $r[0]['channel_w_comment']; - } - else { - $public_scope = 0; + else $comment_scope = 0; - } - $scope = map_scope($public_scope); + $scope = $item['public_policy']; + if(! $scope) + $scope = 'public'; + $c_scope = map_scope($comment_scope); + $key = get_config('system','prvkey'); + if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED)) { - $key = get_config('system','prvkey'); if($item['title']) $item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key); if($item['body']) $item['body'] = crypto_unencapsulate(json_decode_plus($item['body']),$key); } - - $x['message_id'] = $item['mid']; - $x['message_top'] = $item['parent_mid']; - $x['message_parent'] = $item['thr_parent']; - $x['created'] = $item['created']; - $x['edited'] = $item['edited']; - $x['expires'] = $item['expires']; - $x['commented'] = $item['commented']; - $x['mimetype'] = $item['mimetype']; - $x['title'] = $item['title']; - $x['body'] = $item['body']; - $x['app'] = $item['app']; - $x['verb'] = $item['verb']; - $x['object_type'] = $item['obj_type']; - $x['target_type'] = $item['tgt_type']; - $x['permalink'] = $item['plink']; - $x['location'] = $item['location']; - $x['longlat'] = $item['coord']; - $x['signature'] = $item['sig']; - $x['route'] = $item['route']; - - $x['owner'] = encode_item_xchan($item['owner']); - $x['author'] = encode_item_xchan($item['author']); + // If we're trying to backup an item so that it's recoverable or for export/imprt, + // add all the attributes we need to recover it + + if($mirror) { + $x['id'] = $item['id']; + $x['parent'] = $item['parent']; + $x['uid'] = $item['uid']; + $x['allow_cid'] = $item['allow_cid']; + $x['allow_gid'] = $item['allow_gid']; + $x['deny_cid'] = $item['deny_cid']; + $x['deny_gid'] = $item['deny_gid']; + $x['revision'] = $item['revision']; + $x['layout_mid'] = $item['layout_mid']; + $x['postopts'] = $item['postopts']; + $x['resource_id'] = $item['resource_id']; + $x['resource_type'] = $item['resource_type']; + $x['item_restrict'] = $item['item_restrict']; + $x['item_flags'] = $item['item_flags']; + $x['attach'] = $item['attach']; + } + + + $x['message_id'] = $item['mid']; + $x['message_top'] = $item['parent_mid']; + $x['message_parent'] = $item['thr_parent']; + $x['created'] = $item['created']; + $x['edited'] = $item['edited']; + // always send 0's over the wire + $x['expires'] = (($item['expires'] == '0001-01-01 00:00:00') ? '0000-00-00 00:00:00' : $item['expires']); + $x['commented'] = $item['commented']; + $x['mimetype'] = $item['mimetype']; + $x['title'] = $item['title']; + $x['body'] = $item['body']; + $x['app'] = $item['app']; + $x['verb'] = $item['verb']; + $x['object_type'] = $item['obj_type']; + $x['target_type'] = $item['tgt_type']; + $x['permalink'] = $item['plink']; + $x['location'] = $item['location']; + $x['longlat'] = $item['coord']; + $x['signature'] = $item['sig']; + $x['route'] = $item['route']; + + $x['owner'] = encode_item_xchan($item['owner']); + $x['author'] = encode_item_xchan($item['author']); if($item['object']) - $x['object'] = json_decode_plus($item['object']); + $x['object'] = json_decode_plus($item['object']); if($item['target']) - $x['target'] = json_decode_plus($item['target']); + $x['target'] = json_decode_plus($item['target']); if($item['attach']) - $x['attach'] = json_decode_plus($item['attach']); + $x['attach'] = json_decode_plus($item['attach']); if($y = encode_item_flags($item)) - $x['flags'] = $y; + $x['flags'] = $y; - if(! in_array('private',$y)) - $x['public_scope'] = $scope; + if($item['comments_closed'] !== NULL_DATE) + $x['comments_closed'] = $item['comments_closed']; + + $x['public_scope'] = $scope; if($item['item_flags'] & ITEM_NOCOMMENT) $x['comment_scope'] = 'none'; @@ -906,7 +1132,10 @@ function encode_item($item) { $x['comment_scope'] = $c_scope; if($item['term']) - $x['tags'] = encode_item_terms($item['term']); + $x['tags'] = encode_item_terms($item['term']); + + if($item['diaspora_meta']) + $x['diaspora_signature'] = crypto_unencapsulate(json_decode($item['diaspora_meta'],true),$key); logger('encode_item: ' . print_r($x,true), LOGGER_DATA); @@ -915,14 +1144,18 @@ function encode_item($item) { } -function map_scope($scope) { +function map_scope($scope,$strip = false) { switch($scope) { case 0: return 'self'; case PERMS_PUBLIC: + if($strip) + return ''; return 'public'; case PERMS_NETWORK: return 'network: red'; + case PERMS_AUTHED: + return 'authenticated'; case PERMS_SITE: return 'site: ' . get_app()->get_hostname(); case PERMS_PENDING: @@ -933,14 +1166,31 @@ function map_scope($scope) { } } - +function translate_scope($scope) { + if(! $scope || $scope === 'public') + return t('Visible to anybody on the internet.'); + if(strpos($scope,'self') === 0) + return t('Visible to you only.'); + if(strpos($scope,'network:') === 0) + return t('Visible to anybody in this network.'); + if(strpos($scope,'authenticated') === 0) + return t('Visible to anybody authenticated.'); + if(strpos($scope,'site:') === 0) + return sprintf( t('Visible to anybody on %s.'), strip_tags(substr($scope,6))); + if(strpos($scope,'any connections') === 0) + return t('Visible to all connections.'); + if(strpos($scope,'contacts') === 0) + return t('Visible to approved connections.'); + if(strpos($scope,'specific') === 0) + return t('Visible to specific connections.'); +} function encode_item_xchan($xchan) { $ret = array(); $ret['name'] = $xchan['xchan_name']; $ret['address'] = $xchan['xchan_addr']; - $ret['url'] = $xchan['hubloc_url']; + $ret['url'] = (($xchan['hubloc_url']) ? $xchan['hubloc_url'] : $xchan['xchan_url']); $ret['network'] = $xchan['xchan_network']; $ret['photo'] = array('mimetype' => $xchan['xchan_photo_mimetype'], 'src' => $xchan['xchan_photo_m']); $ret['guid'] = $xchan['xchan_guid']; @@ -1069,6 +1319,7 @@ function encode_item_flags($item) { function encode_mail($item) { $x = array(); $x['type'] = 'mail'; + $x['encoding'] = 'zot'; if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) { $key = get_config('system','prvkey'); @@ -1082,6 +1333,7 @@ function encode_mail($item) { $x['message_parent'] = $item['parent_mid']; $x['created'] = $item['created']; $x['expires'] = $item['expires']; + $x['diaspora_meta'] = $item['diaspora_meta']; $x['title'] = $item['title']; $x['body'] = $item['body']; $x['from'] = encode_item_xchan($item['from']); @@ -1111,8 +1363,8 @@ function get_mail_elements($x) { $arr['title'] = (($x['title'])? htmlspecialchars($x['title'],ENT_COMPAT,'UTF-8',false) : ''); $arr['created'] = datetime_convert('UTC','UTC',$x['created']); - if((! array_key_exists('expires',$x)) || ($x['expires'] === '0000-00-00 00:00:00')) - $arr['expires'] = '0000-00-00 00:00:00'; + if((! array_key_exists('expires',$x)) || ($x['expires'] === NULL_DATE)) + $arr['expires'] = NULL_DATE; else $arr['expires'] = datetime_convert('UTC','UTC',$x['expires']); @@ -1187,26 +1439,34 @@ function get_profile_elements($x) { -function get_atom_elements($feed,$item) { +function get_atom_elements($feed,$item,&$author) { $best_photo = array(); $res = array(); - $author = $item->get_author(); - if($author) { - $res['author-name'] = unxmlify($author->get_name()); - $res['author-link'] = unxmlify($author->get_link()); + $found_author = $item->get_author(); + if($found_author) { + $author['author_name'] = unxmlify($found_author->get_name()); + $author['author_link'] = unxmlify($found_author->get_link()); + $author['author_is_feed'] = false; } else { - $res['author-name'] = unxmlify($feed->get_title()); - $res['author-link'] = unxmlify($feed->get_permalink()); + $author['author_name'] = unxmlify($feed->get_title()); + $author['author_link'] = unxmlify($feed->get_permalink()); + $author['author_is_feed'] = true; } - $res['mid'] = unxmlify($item->get_id()); + + if(substr($author['author_link'],-1,1) == '/') + $author['author_link'] = substr($author['author_link'],0,-1); + + $res['mid'] = base64url_encode(unxmlify($item->get_id())); $res['title'] = unxmlify($item->get_title()); $res['body'] = unxmlify($item->get_content()); $res['plink'] = unxmlify($item->get_link(0)); + $res['item_flags'] = ITEM_RSS; + // removing the content of the title if its identically to the body // This helps with auto generated titles e.g. from tumblr @@ -1227,9 +1487,9 @@ function get_atom_elements($feed,$item) { if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; foreach($base as $link) { - if(!x($res, 'author-avatar') || !$res['author-avatar']) { + if(!x($author, 'author_photo') || ! $author['author_photo']) { if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') - $res['author-avatar'] = unxmlify($link['attribs']['']['href']); + $author['author_photo'] = unxmlify($link['attribs']['']['href']); } } } @@ -1240,28 +1500,40 @@ function get_atom_elements($feed,$item) { $base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; if($base && count($base)) { foreach($base as $link) { - if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link'])) - $res['author-link'] = unxmlify($link['attribs']['']['href']); - if(!x($res, 'author-avatar') || !$res['author-avatar']) { + if($link['attribs']['']['rel'] === 'alternate' && (! $res['author_link'])) + $author['author_link'] = unxmlify($link['attribs']['']['href']); + if(!x($author, 'author_photo') || ! $author['author_photo']) { if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo') - $res['author-avatar'] = unxmlify($link['attribs']['']['href']); + $author['author_photo'] = unxmlify($link['attribs']['']['href']); } } } } + // check for a yahoo media element (github etc.) + + if(! $author['author_photo']) { + $rawmedia = $item->get_item_tags(NAMESPACE_YMEDIA,'thumbnail'); + if($rawmedia && $rawmedia[0]['attribs']['']['url']) { + $author['author_photo'] = strip_tags(unxmlify($rawmedia[0]['attribs']['']['url'])); + } + } + + // No photo/profile-link on the item - look at the feed level - if((! (x($res,'author-link'))) || (! (x($res,'author-avatar')))) { + if((! (x($author,'author_link'))) || (! (x($author,'author_photo')))) { $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author'); if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; foreach($base as $link) { - if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link'])) - $res['author-link'] = unxmlify($link['attribs']['']['href']); - if(! $res['author-avatar']) { + if($link['attribs']['']['rel'] === 'alternate' && (! $author['author_link'])) { + $author['author_link'] = unxmlify($link['attribs']['']['href']); + $author['author_is_feed'] = true; + } + if(! $author['author_photo']) { if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') - $res['author-avatar'] = unxmlify($link['attribs']['']['href']); + $author['author_photo'] = unxmlify($link['attribs']['']['href']); } } } @@ -1273,11 +1545,11 @@ function get_atom_elements($feed,$item) { if($base && count($base)) { foreach($base as $link) { - if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link'])) - $res['author-link'] = unxmlify($link['attribs']['']['href']); - if(! (x($res,'author-avatar'))) { + if($link['attribs']['']['rel'] === 'alternate' && (! $res['author_link'])) + $author['author_link'] = unxmlify($link['attribs']['']['href']); + if(! (x($author,'author_photo'))) { if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo') - $res['author-avatar'] = unxmlify($link['attribs']['']['href']); + $author['author_photo'] = unxmlify($link['attribs']['']['href']); } } } @@ -1302,6 +1574,12 @@ function get_atom_elements($feed,$item) { $res['body'] = str_replace(array(' ',"\t","\r","\n"), array('','','',''),$res['body']); // make sure nobody is trying to sneak some html tags by us $res['body'] = notags(base64url_decode($res['body'])); + + // We could probably turn these old Friendica bbcode bookmarks into bookmark tags but we'd have to + // create a term table item for them. For now just make sure they stay as links. + + $res['body'] = preg_replace('/\[bookmark(.*?)\](.*?)\[\/bookmark\]/','[url$1]$2[/url]',$res['body']); + } @@ -1339,11 +1617,33 @@ function get_atom_elements($feed,$item) { $res['body'] = escape_tags($res['body']); } + if($res['plink'] && $res['title']) { + $res['body'] = '#^[url=' . $res['plink'] . ']' . $res['title'] . '[/url]' . "\n\n" . $res['body']; + $terms = array(); + $terms[] = array( + 'otype' => TERM_OBJ_POST, + 'type' => TERM_BOOKMARK, + 'url' => $res['plink'], + 'term' => $res['title'], + ); + } + elseif($res['plink']) { + $res['body'] = '#^[url]' . $res['plink'] . '[/url]' . "\n\n" . $res['body']; + $terms = array(); + $terms[] = array( + 'otype' => TERM_OBJ_POST, + 'type' => TERM_BOOKMARK, + 'url' => $res['plink'], + 'term' => $res['plink'], + ); + } + + $private = $item->get_item_tags(NAMESPACE_DFRN,'private'); if($private && intval($private[0]['data']) > 0) - $res['private'] = intval($private[0]['data']); + $res['item_private'] = ((intval($private[0]['data'])) ? 1 : 0); else - $res['private'] = 0; + $res['item_private'] = 0; $rawlocation = $item->get_item_tags(NAMESPACE_DFRN, 'location'); if($rawlocation) @@ -1380,23 +1680,29 @@ function get_atom_elements($feed,$item) { if($d2 > $d3) $res['edited'] = datetime_convert(); + $res['created'] = datetime_convert('UTC','UTC',$res['created']); + $res['edited'] = datetime_convert('UTC','UTC',$res['edited']); + $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner'); + if(! $rawowner) + $rawowner = $item->get_item_tags(NAMESPACE_ZOT,'owner'); + if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']) - $res['owner-name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']); + $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']); elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']) - $res['owner-name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']); + $author['owner_name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']); if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) - $res['owner-link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); + $author['owner_link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']) - $res['owner-link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']); + $author['owner_link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']); if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { $base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; foreach($base as $link) { - if(!x($res, 'owner-avatar') || !$res['owner-avatar']) { + if(!x($author, 'owner_photo') || ! $author['owner_photo']) { if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') - $res['owner-avatar'] = unxmlify($link['attribs']['']['href']); + $author['owner_photo'] = unxmlify($link['attribs']['']['href']); } } } @@ -1421,7 +1727,8 @@ function get_atom_elements($feed,$item) { $cats = $item->get_categories(); if($cats) { - $terms = array(); + if(is_null($terms)) + $terms = array(); foreach($cats as $cat) { $term = $cat->get_term(); if(! $term) @@ -1433,12 +1740,12 @@ function get_atom_elements($feed,$item) { $termurl = unxmlify(substr($scheme,9)); } else { - $termtype = TERM_UNKNOWN; + $termtype = TERM_CATEGORY; } $termterm = notags(trim(unxmlify($term))); if($termterm) { - $terms = array( + $terms[] = array( 'otype' => TERM_OBJ_POST, 'type' => $termtype, 'url' => $termurl, @@ -1446,11 +1753,14 @@ function get_atom_elements($feed,$item) { ); } } - $res['term'] = implode(',', $tag_arr); } + if(! is_null($terms)) + $res['term'] = $terms; + $attach = $item->get_enclosures(); if($attach) { + $res['attach'] = array(); $att_arr = array(); foreach($attach as $att) { $len = intval($att->get_length()); @@ -1466,33 +1776,32 @@ function get_atom_elements($feed,$item) { $title = ' '; if(! $type) $type = 'application/octet-stream'; - - $att_arr[] = '[attach]href="' . $link . '" length="' . $len . '" type="' . $type . '" title="' . $title . '"[/attach]'; + $res['attach'][] = array('href' => $link, 'length' => $len, 'type' => $type, 'title' => $title ); } - $res['attach'] = implode(',', $att_arr); } $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object'); if($rawobj) { - $res['object'] = '<object>' . "\n"; + $obj = array(); + $child = $rawobj[0]['child']; if($child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']) { $res['obj_type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']; - $res['object'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'] . '</type>' . "\n"; + $obj['type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']; } if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']) - $res['object'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n"; + $obj['id'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']; if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) - $res['object'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n"; + $obj['link'] = encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']); if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data']) - $res['object'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n"; + $obj['title'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data']; if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) { $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']; if(! $body) $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data']; // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events - $res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n"; + $obj['orig'] = xmlify($body); if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) { $body = purify_html($body); @@ -1500,74 +1809,56 @@ function get_atom_elements($feed,$item) { } - $res['object'] .= '<content>' . $body . '</content>' . "\n"; + $obj['content'] = $body; } - $res['object'] .= '</object>' . "\n"; + $res['object'] = $obj; } $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'target'); if($rawobj) { - $res['target'] = '<target>' . "\n"; + $obj = array(); + $child = $rawobj[0]['child']; if($child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']) { - $res['target'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'] . '</type>' . "\n"; + $res['tgt_type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']; + $obj['type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']; } if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']) - $res['target'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n"; + $obj['id'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']; if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) - $res['target'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n"; - if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data']) - $res['target'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n"; - if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) { + $obj['link'] = encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']); + if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data']) + $obj['title'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data']; + if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) { $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']; if(! $body) $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data']; // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events - $res['target'] .= '<orig>' . xmlify($body) . '</orig>' . "\n"; + $obj['orig'] = xmlify($body); if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) { $body = purify_html($body); $body = html2bbcode($body); + } - $res['target'] .= '<content>' . $body . '</content>' . "\n"; + $obj['content'] = $body; } - $res['target'] .= '</target>' . "\n"; + $res['target'] = $obj; } - // This is some experimental stuff. By now retweets are shown with "RT:" - // But: There is data so that the message could be shown similar to native retweets - // There is some better way to parse this array - but it didn't worked for me. - - $child = $item->feed->data["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["feed"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["entry"][0]["child"]["http://activitystrea.ms/spec/1.0/"][object][0]["child"]; - if (is_array($child)) { - $message = $child["http://activitystrea.ms/spec/1.0/"]["object"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["content"][0]["data"]; - $author = $child[SIMPLEPIE_NAMESPACE_ATOM_10]["author"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]; - $uri = $author["uri"][0]["data"]; - $name = $author["name"][0]["data"]; - $avatar = @array_shift($author["link"][2]["attribs"]); - $avatar = $avatar["href"]; - - if (($name != "") and ($uri != "") and ($avatar != "") and ($message != "")) { - $res["owner-name"] = $res["author-name"]; - $res["owner-link"] = $res["author-link"]; - $res["owner-avatar"] = $res["author-avatar"]; - - $res["author-name"] = $name; - $res["author-link"] = $uri; - $res["author-avatar"] = $avatar; - - $res["body"] = html2bbcode($message); - } - } + $res['public_policy'] = 'specific'; + $res['comment_policy'] = 'none'; $arr = array('feed' => $feed, 'item' => $item, 'result' => $res); call_hooks('parse_atom', $arr); - logger('get_atom_elements: ' . print_r($res,true)); + logger('get_atom_elements: author: ' . print_r($author,true),LOGGER_DATA); + + logger('get_atom_elements: ' . print_r($res,true),LOGGER_DATA); return $res; } @@ -1576,6 +1867,7 @@ function encode_rel_links($links) { $o = ''; if(! ((is_array($links)) && (count($links)))) return $o; + foreach($links as $link) { $o .= '<link '; if($link['attribs']['']['rel']) @@ -1606,7 +1898,7 @@ function item_store($arr,$allow_exec = false) { if(! $arr['uid']) { logger('item_store: no uid'); $ret['message'] = 'No uid.'; - return ret; + return $ret; } $uplinked_comment = false; @@ -1638,9 +1930,10 @@ function item_store($arr,$allow_exec = false) { } - $arr['title'] = ((x($arr,'title')) ? trim($arr['title']) : ''); - $arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : ''); + $arr['title'] = ((array_key_exists('title',$arr) && strlen($arr['title'])) ? trim($arr['title']) : ''); + $arr['body'] = ((array_key_exists('body',$arr) && strlen($arr['body'])) ? trim($arr['body']) : ''); + $arr['diaspora_meta'] = ((x($arr,'diaspora_meta')) ? $arr['diaspora_meta'] : ''); $arr['allow_cid'] = ((x($arr,'allow_cid')) ? trim($arr['allow_cid']) : ''); $arr['allow_gid'] = ((x($arr,'allow_gid')) ? trim($arr['allow_gid']) : ''); $arr['deny_cid'] = ((x($arr,'deny_cid')) ? trim($arr['deny_cid']) : ''); @@ -1712,8 +2005,10 @@ function item_store($arr,$allow_exec = false) { $arr['owner_xchan'] = ((x($arr,'owner_xchan')) ? notags(trim($arr['owner_xchan'])) : ''); $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert()); $arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert()); - $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : '0000-00-00 00:00:00'); + $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : NULL_DATE); $arr['commented'] = ((x($arr,'commented') !== false) ? datetime_convert('UTC','UTC',$arr['commented']) : datetime_convert()); + $arr['comments_closed'] = ((x($arr,'comments_closed') !== false) ? datetime_convert('UTC','UTC',$arr['comments_closed']) : NULL_DATE); + $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : ''); @@ -1730,8 +2025,9 @@ function item_store($arr,$allow_exec = false) { $arr['app'] = ((x($arr,'app')) ? notags(trim($arr['app'])) : ''); $arr['item_restrict'] = ((x($arr,'item_restrict')) ? intval($arr['item_restrict']) : 0 ); - $arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : 'contacts' ); + $arr['public_policy'] = ((x($arr,'public_policy')) ? notags(trim($arr['public_policy'])) : '' ); + $arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : 'contacts' ); $arr['item_flags'] = $arr['item_flags'] | ITEM_UNSEEN; @@ -1762,6 +2058,8 @@ function item_store($arr,$allow_exec = false) { $allow_gid = $arr['allow_gid']; $deny_cid = $arr['deny_cid']; $deny_gid = $arr['deny_gid']; + $public_policy = $arr['public_policy']; + $comments_closed = $arr['comments_closed']; $arr['item_flags'] = $arr['item_flags'] | ITEM_THREAD_TOP; } else { @@ -1776,6 +2074,13 @@ function item_store($arr,$allow_exec = false) { if($r) { + if(comments_are_now_closed($r[0])) { + logger('item_store: comments closed'); + $ret['message'] = 'Comments closed.'; + return $ret; + } + + // is the new message multi-level threaded? // even though we don't support it now, preserve the info // and re-attach to the conversation parent. @@ -1792,12 +2097,14 @@ function item_store($arr,$allow_exec = false) { $r = $z; } - $parent_id = $r[0]['id']; - $parent_deleted = $r[0]['item_restrict'] & ITEM_DELETED; - $allow_cid = $r[0]['allow_cid']; - $allow_gid = $r[0]['allow_gid']; - $deny_cid = $r[0]['deny_cid']; - $deny_gid = $r[0]['deny_gid']; + $parent_id = $r[0]['id']; + $parent_deleted = $r[0]['item_restrict'] & ITEM_DELETED; + $allow_cid = $r[0]['allow_cid']; + $allow_gid = $r[0]['allow_gid']; + $deny_cid = $r[0]['deny_cid']; + $deny_gid = $r[0]['deny_gid']; + $public_policy = $r[0]['public_policy']; + $comments_closed = $r[0]['comments_closed']; if($r[0]['item_flags'] & ITEM_WALL) $arr['item_flags'] = $arr['item_flags'] | ITEM_WALL; @@ -1811,10 +2118,7 @@ function item_store($arr,$allow_exec = false) { $uplinked_comment = true; } - // if the parent is private, force privacy for the entire conversation - // This differs from the above settings as it subtly allows comments from - // email correspondents to be private even if the overall thread is not. if($r[0]['item_private']) $arr['item_private'] = $r[0]['item_private']; @@ -1906,7 +2210,7 @@ function item_store($arr,$allow_exec = false) { if((! $parent_id) || ($arr['parent_mid'] === $arr['mid'])) $parent_id = $current_post; - if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) + if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid) || strlen($public_policy)) $private = 1; else $private = $arr['item_private']; @@ -1914,13 +2218,16 @@ function item_store($arr,$allow_exec = false) { // Set parent id - and also make sure to inherit the parent's ACL's. $r = q("UPDATE item SET parent = %d, allow_cid = '%s', allow_gid = '%s', - deny_cid = '%s', deny_gid = '%s', item_private = %d WHERE id = %d LIMIT 1", + deny_cid = '%s', deny_gid = '%s', public_policy = '%s', item_private = %d, comments_closed = '%s' + WHERE id = %d", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), + dbesc($public_policy), intval($private), + dbesc($comments_closed), intval($current_post) ); @@ -1931,8 +2238,10 @@ function item_store($arr,$allow_exec = false) { $arr['allow_gid'] = $allow_gid; $arr['deny_cid'] = $deny_cid; $arr['deny_gid'] = $deny_gid; + $arr['public_policy'] = $public_policy; $arr['item_private'] = $private; - + $arr['comments_closed'] = $comments_closed; + // Store taxonomy if(($terms) && (is_array($terms))) { @@ -1955,12 +2264,13 @@ function item_store($arr,$allow_exec = false) { // update the commented timestamp on the parent - $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d ", + $z = q("select max(created) as commented from item where parent_mid = '%s' and uid = %d and not ( item_restrict & %d )>0 ", dbesc($arr['parent_mid']), - intval($arr['uid']) + intval($arr['uid']), + intval(ITEM_DELAYED_PUBLISH) ); - q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d LIMIT 1", + q("UPDATE item set commented = '%s', changed = '%s' WHERE id = %d", dbesc(($z) ? $z[0]['commented'] : (datetime_convert())), dbesc(datetime_convert()), intval($parent_id) @@ -2104,10 +2414,17 @@ function item_store_update($arr,$allow_exec = false) { $arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert()); $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : $orig[0]['expires']); + + if(array_key_exists('comments_closed',$arr) && $arr['comments_closed'] != NULL_DATE) + $arr['comments_closed'] = datetime_convert('UTC','UTC',$arr['comments_closed']); + else + $arr['comments_closed'] = $orig[0]['comments_closed']; + $arr['commented'] = $orig[0]['commented']; $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); - $arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : ''); + $arr['route'] = ((array_key_exists('route',$arr)) ? trim($arr['route']) : $orig[0]['route']); + $arr['diaspora_meta'] = ((x($arr,'diaspora_meta')) ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta']); $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : $orig[0]['location']); $arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : $orig[0]['coord']); $arr['verb'] = ((x($arr,'verb')) ? notags(trim($arr['verb'])) : $orig[0]['verb']); @@ -2123,7 +2440,8 @@ function item_store_update($arr,$allow_exec = false) { $arr['deny_gid'] = ((array_key_exists('deny_gid',$arr)) ? trim($arr['deny_gid']) : $orig[0]['deny_gid']); $arr['item_private'] = ((array_key_exists('item_private',$arr)) ? intval($arr['item_private']) : $orig[0]['item_private']); - $arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : ''); + $arr['title'] = ((array_key_exists('title',$arr) && strlen($arr['title'])) ? trim($arr['title']) : ''); + $arr['body'] = ((array_key_exists('body',$arr) && strlen($arr['body'])) ? trim($arr['body']) : ''); $arr['attach'] = ((x($arr,'attach')) ? notags(trim($arr['attach'])) : $orig[0]['attach']); $arr['app'] = ((x($arr,'app')) ? notags(trim($arr['app'])) : $orig[0]['app']); // $arr['item_restrict'] = ((x($arr,'item_restrict')) ? intval($arr['item_restrict']) : $orig[0]['item_restrict'] ); @@ -2132,6 +2450,11 @@ function item_store_update($arr,$allow_exec = false) { $arr['sig'] = ((x($arr,'sig')) ? $arr['sig'] : ''); $arr['layout_mid'] = ((array_key_exists('layout_mid',$arr)) ? dbesc($arr['layout_mid']) : $orig[0]['layout_mid'] ); + $arr['public_policy'] = ((x($arr,'public_policy')) ? notags(trim($arr['public_policy'])) : $orig[0]['public_policy'] ); + $arr['comment_policy'] = ((x($arr,'comment_policy')) ? notags(trim($arr['comment_policy'])) : $orig[0]['comment_policy'] ); + + + call_hooks('post_remote_update',$arr); if(x($arr,'cancel')) { @@ -2159,7 +2482,7 @@ function item_store_update($arr,$allow_exec = false) { $str .= " `" . $k . "` = '" . $v . "' "; } - $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id . " limit 1"); + $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id ); if($r) logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG); @@ -2201,6 +2524,51 @@ function item_store_update($arr,$allow_exec = false) { return $ret; } +function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id, $walltowall = false) { + + // We won't be able to sign Diaspora comments for authenticated visitors + // - we don't have their private key + + // since Diaspora doesn't handle edits we can only do this for the original text and not update it. + + require_once('include/bb2diaspora.php'); + $signed_body = bb2diaspora_itembody($datarray,$walltowall); + + if($walltowall) { + logger('wall to wall comment',LOGGER_DEBUG); + // post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author. + $signed_body = "\n\n" + . '![' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_photo_m'] . ')' + . '[' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_url'] . ')' . "\n\n" + . $signed_body; + } + + logger('storing diaspora comment signature',LOGGER_DEBUG); + + $diaspora_handle = $channel['channel_address'] . '@' . get_app()->get_hostname(); + + $signed_text = $datarray['mid'] . ';' . $parent_item['mid'] . ';' . $signed_body . ';' . $diaspora_handle; + + if( $uprvkey !== false ) + $authorsig = base64_encode(rsa_sign($signed_text,$channel['channel_prvkey'],'sha256')); + else + $authorsig = ''; + + $x = array('signer' => $diaspora_handle, 'body' => $signed_body, 'signed_text' => $signed_text, 'signature' => base64_encode($authorsig)); + + $key = get_config('system','pubkey'); + $y = crypto_encapsulate(json_encode($x),$key); + + $r = q("update item set diaspora_meta = '%s' where id = %d", + dbesc(json_encode($y)), + intval($post_id) + ); + + if(! $r) + logger('store_diaspora_comment_sig: DB write failed'); + + return; +} @@ -2297,6 +2665,10 @@ function tag_deliver($uid,$item_id) { $mention = false; + /** + * Fetch stuff we need - a channel and an item + */ + $u = q("select * from channel where channel_id = %d limit 1", intval($uid) ); @@ -2314,14 +2686,19 @@ function tag_deliver($uid,$item_id) { $item = $i[0]; - if(($item['source_xchan']) && ($item['item_flags'] & ITEM_UPLINK) && ($item['item_flags'] & ITEM_THREAD_TOP) && ($item['edited'] != $item['created'])) { - // this is an update to a post which was already processed by us and has a second delivery chain + if(($item['source_xchan']) && ($item['item_flags'] & ITEM_UPLINK) + && ($item['item_flags'] & ITEM_THREAD_TOP) && ($item['edited'] != $item['created'])) { + // this is an update (edit) to a post which was already processed by us and has a second delivery chain // Just start the second delivery chain to deliver the updated post proc_run('php','include/notifier.php','tgroup',$item['id']); return; } + /** + * Seems like a good place to plug in a poke notification. + */ + if (stristr($item['verb'],ACTIVITY_POKE)) { $poke_notify = true; @@ -2350,6 +2727,10 @@ function tag_deliver($uid,$item_id) { } } + /** + * Do community tagging + */ + if($item['obj_type'] === ACTIVITY_OBJ_TAGTERM) { // We received a community tag activity for a post. @@ -2374,7 +2755,7 @@ function tag_deliver($uid,$item_id) { $taglink = get_rel_link($j_obj['link'],'alternate'); store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_HASHTAG,$j_obj['title'],$j_obj['id']); - $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d limit 1", + $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -2390,6 +2771,11 @@ function tag_deliver($uid,$item_id) { logger('tag_deliver: tag permission denied for ' . $u[0]['channel_address']); } + /** + * A "union" is a message which our channel has sourced from another channel. + * This sets up a second delivery chain just like forum tags do. + * Find out if this is a source-able post. + */ $union = check_item_source($uid,$item); if($union) @@ -2399,51 +2785,22 @@ function tag_deliver($uid,$item_id) { // This might be a followup (e.g. comment) by the original post author to a tagged forum // If so setup a second delivery chain - $r = null; - if( ! ($item['item_flags'] & ITEM_THREAD_TOP)) { $x = q("select * from item where id = parent and parent = %d and uid = %d limit 1", intval($item['parent']), intval($uid) ); - if(($x) && ($x[0]['item_flags'] & ITEM_UPLINK)) { + start_delivery_chain($u[0],$item,$item_id,$x[0]); + } + } - logger('tag_deliver: creating second delivery chain for comment to tagged post.'); - - // now change this copy of the post to a forum head message and deliver to all the tgroup members - // also reset all the privacy bits to the forum default permissions - - $private = (($u[0]['channel_allow_cid'] || $u[0]['channel_allow_gid'] || $u[0]['channel_deny_cid'] || $u[0]['channel_deny_gid']) ? 1 : 0); - - $flag_bits = ITEM_WALL|ITEM_ORIGIN; - - // maintain the original source, which will be the original item owner and was stored in source_xchan - // when we created the delivery fork - $r = q("update item set source_xchan = '%s' where id = %d limit 1", - dbesc($x[0]['source_xchan']), - intval($item_id) - ); + /** + * Now we've got those out of the way. Let's see if this is a post that's tagged for re-delivery + */ - $r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', - deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1", - intval($flag_bits), - dbesc($u[0]['channel_hash']), - dbesc($u[0]['channel_allow_cid']), - dbesc($u[0]['channel_allow_gid']), - dbesc($u[0]['channel_deny_cid']), - dbesc($u[0]['channel_deny_gid']), - intval($private), - intval($item_id) - ); - if($r) - proc_run('php','include/notifier.php','tgroup',$item_id); - else - logger('tag_deliver: failed to update item'); - } - } $terms = get_terms_oftype($item['term'],TERM_MENTION); @@ -2464,13 +2821,11 @@ function tag_deliver($uid,$item_id) { if($mention) { logger('tag_deliver: mention found for ' . $u[0]['channel_name']); - $r = q("update item set item_flags = ( item_flags | %d ) where id = %d limit 1", + $r = q("update item set item_flags = ( item_flags | %d ) where id = %d", intval(ITEM_MENTIONSME), intval($item_id) ); - - // At this point we've determined that the person receiving this post was mentioned in it or it is a union. // Now let's check if this mention was inside a reshare so we don't spam a forum // If it's private we may have to unobscure it momentarily so that we can parse it. @@ -2506,7 +2861,9 @@ function tag_deliver($uid,$item_id) { $arr = array('channel_id' => $uid, 'item' => $item, 'body' => $body); call_hooks('tagged',$arr); - // Valid tag. Send a notification + /** + * Kill two birds with one stone. As long as we're here, send a mention notification. + */ require_once('include/enotify.php'); notification(array( @@ -2540,49 +2897,33 @@ function tag_deliver($uid,$item_id) { return; } - // tgroup delivery - setup a second delivery chain // prevent delivery looping - only proceed // if the message originated elsewhere and is a top-level post - if(($item['item_flags'] & ITEM_WALL) || ($item['item_flags'] & ITEM_ORIGIN) || (!($item['item_flags'] & ITEM_THREAD_TOP)) || ($item['id'] != $item['parent'])) { + if(($item['item_flags'] & ITEM_WALL) + || ($item['item_flags'] & ITEM_ORIGIN) + || (!($item['item_flags'] & ITEM_THREAD_TOP)) + || ($item['id'] != $item['parent'])) { logger('tag_deliver: item was local or a comment. rejected.'); return; } logger('tag_deliver: creating second delivery chain.'); - - // now change this copy of the post to a forum head message and deliver to all the tgroup members - // also reset all the privacy bits to the forum default permissions - - $private = (($u[0]['channel_allow_cid'] || $u[0]['channel_allow_gid'] || $u[0]['channel_deny_cid'] || $u[0]['channel_deny_gid']) ? 1 : 0); - - $flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK; - - // preserve the source - - $r = q("update item set source_xchan = owner_xchan where id = %d limit 1", - intval($item_id) - ); - - $r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', - deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1", - intval($flag_bits), - dbesc($u[0]['channel_hash']), - dbesc($u[0]['channel_allow_cid']), - dbesc($u[0]['channel_allow_gid']), - dbesc($u[0]['channel_deny_cid']), - dbesc($u[0]['channel_deny_gid']), - intval($private), - intval($item_id) - ); - if($r) - proc_run('php','include/notifier.php','tgroup',$item_id); - else - logger('tag_deliver: failed to update item'); + start_delivery_chain($u[0],$item,$item_id,null); } +/** + * @function tgroup_check($uid,$item) + * + * This function is called pre-deliver to see if a post matches the criteria to be tag delivered. + * We don't actually do anything except check that it matches the criteria. + * This is so that the channel with tag_delivery enabled can receive the post even if they turn off + * permissions for the sender to send their stream. tag_deliver() can't be called until the post is actually stored. + * By then it would be too late to reject it. + */ + function tgroup_check($uid,$item) { @@ -2595,7 +2936,7 @@ function tgroup_check($uid,$item) { // or is a followup and we have already accepted the top level post as an uplink if($item['mid'] != $item['parent_mid']) { - $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d ) limit 1", + $r = q("select id from item where mid = '%s' and uid = %d and ( item_flags & %d )>0 limit 1", dbesc($item['parent_mid']), intval($uid), intval(ITEM_UPLINK) @@ -2639,7 +2980,15 @@ function tgroup_check($uid,$item) { // At this point we've determined that the person receiving this post was mentioned in it. // Now let's check if this mention was inside a reshare so we don't spam a forum - $body = preg_replace('/\[share(.*?)\[\/share\]/','',$item['body']); + + $body = $item['body']; + + if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED) && $body) { + $key = get_config('system','prvkey'); + $body = crypto_unencapsulate(json_decode($body,true),$key); + } + + $body = preg_replace('/\[share(.*?)\[\/share\]/','',$body); $pattern = '/@\!?\[zrl\=' . preg_quote($term['url'],'/') . '\]' . preg_quote($term['term'] . '+','/') . '\[\/zrl\]/'; @@ -2653,6 +3002,99 @@ function tgroup_check($uid,$item) { } +/** + * Sourced and tag-delivered posts are re-targetted for delivery to the connections of the channel + * receiving the post. This starts the second delivery chain, by resetting permissions and ensuring + * that ITEM_UPLINK is set on the parent post, and storing the current owner_xchan as the source_xchan. + * We'll become the new owner. If called without $parent, this *is* the parent post. + */ + +function start_delivery_chain($channel,$item,$item_id,$parent) { + + + // Change this copy of the post to a forum head message and deliver to all the tgroup members + // also reset all the privacy bits to the forum default permissions + + $private = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] + || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 1 : 0); + + $new_public_policy = map_scope($channel['channel_r_stream'],true); + + if((! $private) && $new_public_policy) + $private = 1; + + $flag_bits = $item['item_flags'] | ITEM_WALL|ITEM_ORIGIN; + + // unset the nocomment bit if it's there. + + if($flag_bits & ITEM_NOCOMMENT) + $flag_bits = $flag_bits ^ ITEM_NOCOMMENT; + + // maintain the original source, which will be the original item owner and was stored in source_xchan + // when we created the delivery fork + + if($parent) { + $r = q("update item set source_xchan = '%s' where id = %d", + dbesc($parent['source_xchan']), + intval($item_id) + ); + } + else { + $flag_bits = $flag_bits | ITEM_UPLINK; + $r = q("update item set source_xchan = owner_xchan where id = %d", + intval($item_id) + ); + } + + $title = $item['title']; + $body = $item['body']; + + if($private) { + if(!($flag_bits & ITEM_OBSCURED)) { + $key = get_config('system','pubkey'); + $flag_bits = $flag_bits|ITEM_OBSCURED; + if($title) + $title = json_encode(crypto_encapsulate($title,$key)); + if($body) + $body = json_encode(crypto_encapsulate($body,$key)); + } + } + else { + if($flag_bits & ITEM_OBSCURED) { + $key = get_config('system','prvkey'); + $flag_bits = $flag_bits ^ ITEM_OBSCURED; + if($title) + $title = crypto_unencapsulate(json_decode($title,true),$key); + if($body) + $body = crypto_unencapsulate(json_decode($body,true),$key); + } + } + + $r = q("update item set item_flags = %d, owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', + deny_cid = '%s', deny_gid = '%s', item_private = %d, public_policy = '%s', comment_policy = '%s', title = '%s', body = '%s' where id = %d", + intval($flag_bits), + dbesc($channel['channel_hash']), + dbesc($channel['channel_allow_cid']), + dbesc($channel['channel_allow_gid']), + dbesc($channel['channel_deny_cid']), + dbesc($channel['channel_deny_gid']), + intval($private), + dbesc($new_public_policy), + dbesc(map_scope($channel['channel_w_comment'])), + dbesc($title), + dbesc($body), + intval($item_id) + ); + + if($r) + proc_run('php','include/notifier.php','tgroup',$item_id); + else + logger('start_delivery_chain: failed to update item'); + + return; +} + + /** * @function check_item_source($uid,$item) @@ -2668,29 +3110,33 @@ function tgroup_check($uid,$item) { function check_item_source($uid,$item) { - if($item['item_private']) - return false; - - $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' || src_xchan = '*' ) limit 1", + $r = q("select * from source where src_channel_id = %d and ( src_xchan = '%s' or src_xchan = '*' ) limit 1", intval($uid), dbesc(($item['source_xchan']) ? $item['source_xchan'] : $item['owner_xchan']) ); + if(! $r) return false; - $x = q("select abook_their_perms from abook where abook_channel = %d and abook_xchan = '%s' limit 1", + $x = q("select abook_their_perms, abook_flags from abook where abook_channel = %d and abook_xchan = '%s' limit 1", intval($uid), dbesc($item['owner_xchan']) ); + if(! $x) return false; + if(! ($x[0]['abook_their_perms'] & PERMS_A_REPUBLISH)) return false; + if($item['item_private'] && (! ($x[0]['abook_flags'] & ABOOK_FLAG_FEED))) + return false; + + if($r[0]['src_channel_xchan'] === $item['owner_xchan']) return false; @@ -2739,7 +3185,7 @@ function mail_store($arr) { $arr['from_xchan'] = ((x($arr,'from_xchan')) ? notags(trim($arr['from_xchan'])) : ''); $arr['to_xchan'] = ((x($arr,'to_xchan')) ? notags(trim($arr['to_xchan'])) : ''); $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert()); - $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : '0000-00-00 00:00:00'); + $arr['expires'] = ((x($arr,'expires') !== false) ? datetime_convert('UTC','UTC',$arr['expires']) : NULL_DATE); $arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : ''); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? notags(trim($arr['parent_mid'])) : ''); $arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : ''); @@ -2822,7 +3268,6 @@ function mail_store($arr) { } - /** * * consume_feed - process atom feed and update anything/everything we might need to update @@ -2850,7 +3295,7 @@ function mail_store($arr) { * recursion. */ -function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) { +function consume_feed($xml,$importer,&$contact,$pass = 0) { require_once('library/simplepie/simplepie.inc'); @@ -2859,15 +3304,8 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) return; } - // Want to see this work as a content source for the matrix? - // Read this: https://github.com/friendica/red/wiki/Service_Federation - $feed = new SimplePie(); $feed->set_raw_data($xml); - if($datedir) - $feed->enable_order_by_date(true); - else - $feed->enable_order_by_date(false); $feed->init(); if($feed->error()) @@ -2877,7 +3315,6 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) // Check at the feed level for updated contact name and/or photo - // process any deleted entries $del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry'); @@ -2894,41 +3331,21 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) else $when = datetime_convert('UTC','UTC','now','Y-m-d H:i:s'); } + + if($deleted && is_array($contact)) { -/* $r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join `contact` on `item`.`contact-id` = `contact`.`id` - WHERE `mid` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1", - dbesc($mid), - intval($importer['channel_id']), - intval($contact['id']) + $r = q("SELECT * from item where mid = '%s' and author_xchan = '%s' and uid = %d limit 1", + dbesc(base64url_encode($mid)), + dbesc($contact['xchan_hash']), + intval($importer['channel_id']) ); -*/ - if(count($r)) { - $item = $r[0]; - if(! $item['deleted']) - logger('consume_feed: deleting item ' . $item['id'] . ' mid=' . $item['mid'], LOGGER_DEBUG); + if($r) { + $item = $r[0]; - if($item['mid'] == $item['parent_mid']) { - $r = q("UPDATE `item` SET item_restrict = (item_restrict | %d), `edited` = '%s', `changed` = '%s', - `body` = '', `title` = '' - WHERE `parent_mid` = '%s' AND `uid` = %d", - intval(ITEM_DELETED), - dbesc($when), - dbesc(datetime_convert()), - dbesc($item['mid']), - intval($importer['channel_id']) - ); - } - else { - $r = q("UPDATE `item` SET item_restrict = ( item_restrict | %d ), `edited` = '%s', `changed` = '%s', - `body` = '', `title` = '' - WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", - intval(ITEM_DELETED), - dbesc($when), - dbesc(datetime_convert()), - dbesc($mid), - intval($importer['channel_id']) - ); + if(! ($item['item_restrict'] & ITEM_DELETED)) { + logger('consume_feed: deleting item ' . $item['id'] . ' mid=' . base64url_decode($item['mid']), LOGGER_DEBUG); + drop_item($item['id'],false); } } } @@ -2939,26 +3356,21 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) if($feed->get_item_quantity()) { - logger('consume_feed: feed item count = ' . $feed->get_item_quantity()); - - // in inverse date order - if ($datedir) - $items = array_reverse($feed->get_items()); - else - $items = $feed->get_items(); + logger('consume_feed: feed item count = ' . $feed->get_item_quantity(), LOGGER_DEBUG); + $items = $feed->get_items(); foreach($items as $item) { $is_reply = false; - $item_id = $item->get_id(); + $item_id = base64url_encode($item->get_id()); -logger('consume_feed: processing ' . $item_id); + logger('consume_feed: processing ' . $item_id, LOGGER_DEBUG); $rawthread = $item->get_item_tags( NAMESPACE_THREAD,'in-reply-to'); if(isset($rawthread[0]['attribs']['']['ref'])) { $is_reply = true; - $parent_mid = $rawthread[0]['attribs']['']['ref']; + $parent_mid = base64url_encode($rawthread[0]['attribs']['']['ref']); } if($is_reply) { @@ -2969,23 +3381,33 @@ logger('consume_feed: processing ' . $item_id); // Have we seen it? If not, import it. - $item_id = $item->get_id(); - $datarray = get_atom_elements($feed,$item); + $item_id = base64url_encode($item->get_id()); + $author = array(); + $datarray = get_atom_elements($feed,$item,$author); - if((! x($datarray,'author-name')) && ($contact['network'] != NETWORK_DFRN)) - $datarray['author-name'] = $contact['name']; - if((! x($datarray,'author-link')) && ($contact['network'] != NETWORK_DFRN)) - $datarray['author-link'] = $contact['url']; - if((! x($datarray,'author-avatar')) && ($contact['network'] != NETWORK_DFRN)) - $datarray['author-avatar'] = $contact['thumb']; + if((! x($author,'author_name')) || ($author['author_is_feed'])) + $author['author_name'] = $contact['xchan_name']; + if((! x($author,'author_link')) || ($author['author_is_feed'])) + $author['author_link'] = $contact['xchan_url']; + if((! x($author,'author_photo'))|| ($author['author_is_feed'])) + $author['author_photo'] = $contact['xchan_photo_m']; - if((! x($datarray,'author-name')) || (! x($datarray,'author-link'))) { - logger('consume_feed: no author information! ' . print_r($datarray,true)); - continue; + $datarray['author_xchan'] = ''; + + if($author['author_link'] != $contact['xchan_url']) { + $x = import_author_unknown(array('name' => $author['author_name'],'url' => $author['author_link'],'photo' => array('src' => $author['author_photo']))); + if($x) + $datarray['author_xchan'] = $x; + } + if(! $datarray['author_xchan']) + $datarray['author_xchan'] = $contact['xchan_hash']; + + + $datarray['owner_xchan'] = $contact['xchan_hash']; - $r = q("SELECT `uid`, `edited`, `body` FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", + $r = q("SELECT edited FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", dbesc($item_id), intval($importer['channel_id']) ); @@ -2993,71 +3415,26 @@ logger('consume_feed: processing ' . $item_id); // Update content if 'updated' changes if($r) { - if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) { + if((x($datarray,'edited') !== false) + && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) { // do not accept (ignore) an earlier edit than one we currently have. if(datetime_convert('UTC','UTC',$datarray['edited']) < $r[0]['edited']) continue; - $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", - dbesc($datarray['title']), - dbesc($datarray['body']), - dbesc(datetime_convert('UTC','UTC',$datarray['edited'])), - dbesc($item_id), - intval($importer['channel_id']) - ); + update_feed_item($importer['channel_id'],$datarray); } - continue; } - $datarray['parent_mid'] = $parent_mid; $datarray['uid'] = $importer['channel_id']; - $datarray['contact-id'] = $contact['id']; - if((activity_match($datarray['verb'],ACTIVITY_LIKE)) || (activity_match($datarray['verb'],ACTIVITY_DISLIKE))) { - $datarray['type'] = 'activity'; - $datarray['gravity'] = GRAVITY_LIKE; - // only one like or dislike per person - $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_mid` = '%s' OR `thr_parent` = '%s') limit 1", - intval($datarray['uid']), - intval($datarray['contact-id']), - dbesc($datarray['verb']), - dbesc($parent_mid), - dbesc($parent_mid) - ); - if($r && count($r)) - continue; - } - if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['obj_type'] === ACTIVITY_OBJ_TAGTERM)) { - $xo = parse_xml_string($datarray['object'],false); - $xt = parse_xml_string($datarray['target'],false); - if($xt->type == ACTIVITY_OBJ_NOTE) { - $r = q("select * from item where `mid` = '%s' AND `uid` = %d limit 1", - dbesc($xt->id), - intval($importer['channel_id']) - ); - if(! count($r)) - continue; - // extract tag, if not duplicate, add to parent item - if($xo->id && $xo->content) { - $newtag = '#[zrl=' . $xo->id . ']'. $xo->content . '[/zrl]'; - if(! (stristr($r[0]['tag'],$newtag))) { - q("UPDATE item SET tag = '%s' WHERE id = %d LIMIT 1", - dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . $newtag), - intval($r[0]['id']) - ); - } - } - } - } - -logger('consume_feed: ' . print_r($datarray,true)); + logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA); -// $xx = item_store($datarray); + $xx = item_store($datarray); $r = $xx['item_id']; continue; } @@ -3066,48 +3443,40 @@ logger('consume_feed: ' . print_r($datarray,true)); // Head post of a conversation. Have we seen it? If not, import it. - $item_id = $item->get_id(); - - $datarray = get_atom_elements($feed,$item); + $item_id = base64url_encode($item->get_id()); + $author = array(); + $datarray = get_atom_elements($feed,$item,$author); if(is_array($contact)) { - if((! x($datarray,'author-name')) && ($contact['network'] != NETWORK_DFRN)) - $datarray['author-name'] = $contact['name']; - if((! x($datarray,'author-link')) && ($contact['network'] != NETWORK_DFRN)) - $datarray['author-link'] = $contact['url']; - if((! x($datarray,'author-avatar')) && ($contact['network'] != NETWORK_DFRN)) - $datarray['author-avatar'] = $contact['thumb']; + if((! x($author,'author_name')) || ($author['author_is_feed'])) + $author['author_name'] = $contact['xchan_name']; + if((! x($author,'author_link')) || ($author['author_is_feed'])) + $author['author_link'] = $contact['xchan_url']; + if((! x($author,'author_photo'))|| ($author['author_is_feed'])) + $author['author_photo'] = $contact['xchan_photo_m']; } - if((! x($datarray,'author-name')) || (! x($datarray,'author-link'))) { - logger('consume_feed: no author information! ' . print_r($datarray,true)); + if((! x($author,'author_name')) || (! x($author,'author_link'))) { + logger('consume_feed: no author information! ' . print_r($author,true)); continue; } - // special handling for events - - if((x($datarray,'obj_type')) && ($datarray['obj_type'] === ACTIVITY_OBJ_EVENT)) { - $ev = bbtoevent($datarray['body']); - if(x($ev,'desc') && x($ev,'start')) { - $ev['uid'] = $importer['channel_id']; - $ev['mid'] = $item_id; - $ev['edited'] = $datarray['edited']; - $ev['private'] = $datarray['private']; - - if(is_array($contact)) - $ev['cid'] = $contact['id']; - $r = q("SELECT * FROM `event` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", - dbesc($item_id), - intval($importer['channel_id']) - ); - if(count($r)) - $ev['id'] = $r[0]['id']; -// $xyz = event_store($ev); - continue; - } + $datarray['author_xchan'] = ''; + + if($author['author_link'] != $contact['xchan_url']) { + $x = import_author_unknown(array('name' => $author['author_name'],'url' => $author['author_link'],'photo' => array('src' => $author['author_photo']))); + if($x) + $datarray['author_xchan'] = $x; + } + if(! $datarray['author_xchan']) + $datarray['author_xchan'] = $contact['xchan_hash']; - $r = q("SELECT `uid`, `edited`, `body` FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", + + $datarray['owner_xchan'] = $contact['xchan_hash']; + + + $r = q("SELECT edited FROM item WHERE mid = '%s' AND uid = %d LIMIT 1", dbesc($item_id), intval($importer['channel_id']) ); @@ -3115,81 +3484,36 @@ logger('consume_feed: ' . print_r($datarray,true)); // Update content if 'updated' changes if($r) { - if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) { + if((x($datarray,'edited') !== false) + && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) { // do not accept (ignore) an earlier edit than one we currently have. if(datetime_convert('UTC','UTC',$datarray['edited']) < $r[0]['edited']) continue; - $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `edited` = '%s' WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", - dbesc($datarray['title']), - dbesc($datarray['body']), - dbesc(datetime_convert('UTC','UTC',$datarray['edited'])), - dbesc($item_id), - intval($importer['channel_id']) - ); + update_feed_item($importer['channel_id'],$datarray); } continue; } - if(activity_match($datarray['verb'],ACTIVITY_FOLLOW)) { - logger('consume-feed: New follower'); - new_follower($importer,$contact,$datarray,$item); - return; - } - if(activity_match($datarray['verb'],ACTIVITY_UNFOLLOW)) { - lose_follower($importer,$contact,$datarray,$item); - return; - } - - if(activity_match($datarray['verb'],ACTIVITY_REQ_FRIEND)) { - logger('consume-feed: New friend request'); - new_follower($importer,$contact,$datarray,$item,true); - return; - } - if(activity_match($datarray['verb'],ACTIVITY_UNFRIEND)) { - lose_sharer($importer,$contact,$datarray,$item); - return; - } - - -// if(! is_array($contact)) -// return; - - - // This is my contact on another system, but it's really me. - // Turn this into a wall post. - - if($contact['remote_self']) { - $datarray['wall'] = 1; - } $datarray['parent_mid'] = $item_id; $datarray['uid'] = $importer['channel_id']; - $datarray['contact-id'] = $contact['id']; - if(! link_compare($datarray['owner-link'],$contact['url'])) { - // The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery, - // but otherwise there's a possible data mixup on the sender's system. - // the tgroup delivery code called from item_store will correct it if it's a forum, - // but we're going to unconditionally correct it here so that the post will always be owned by our contact. + if(! link_compare($author['owner_link'],$contact['xchan_url'])) { logger('consume_feed: Correcting item owner.', LOGGER_DEBUG); - $datarray['owner-name'] = $contact['name']; - $datarray['owner-link'] = $contact['url']; - $datarray['owner-avatar'] = $contact['thumb']; + $author['owner_name'] = $contact['name']; + $author['owner_link'] = $contact['url']; + $author['owner_avatar'] = $contact['thumb']; } - // We've allowed "followers" to reach this point so we can decide if they are - // posting an @-tag delivery, which followers are allowed to do for certain - // page types. Now that we've parsed the post, let's check if it is legit. Otherwise ignore it. + logger('consume_feed: author ' . print_r($author,true),LOGGER_DEBUG); - if(($contact['rel'] == CONTACT_IS_FOLLOWER) && (! tgroup_check($importer['channel_id'],$datarray))) - continue; -logger('consume_feed: ' . print_r($datarray,true)); + logger('consume_feed: ' . print_r($datarray,true),LOGGER_DATA); -// $xx = item_store($datarray); + $xx = item_store($datarray); $r = $xx['item_id']; continue; @@ -3200,6 +3524,34 @@ logger('consume_feed: ' . print_r($datarray,true)); } +function update_feed_item($uid,$datarray) { + + logger('update_feed_item: not implemented! ' . $uid . ' ' . print_r($datarray,true), LOGGER_DATA); + +} + + +function handle_feed($uid,$abook_id,$url) { + + require_once('include/Contact.php'); + $channel = channelx_by_n($uid); + if(! $channel) + return; + $x = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d limit 1", + dbesc($abook_id), + intval($uid) + ); + + $recurse = 0; + $z = z_fetch_url($url,false,$recurse,array('novalidate' => true)); + +//logger('handle_feed:' . print_r($z,true)); + + if($z['success']) { + consume_feed($z['body'],$channel,$x[0],0); + consume_feed($z['body'],$channel,$x[0],1); + } +} function atom_author($tag,$name,$uri,$h,$w,$type,$photo) { @@ -3499,17 +3851,17 @@ function item_expire($uid,$days) { $expire_network_only = 1; - $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ") " : ""); + $sql_extra = ((intval($expire_network_only)) ? " AND not (item_flags & " . intval(ITEM_WALL) . ")>0 " : ""); $r = q("SELECT * FROM `item` WHERE `uid` = %d - AND `created` < UTC_TIMESTAMP() - INTERVAL %d DAY + AND `created` < %s - INTERVAL %s AND `id` = `parent` $sql_extra - AND NOT ( item_flags & %d ) + AND NOT ( item_flags & %d )>0 AND (item_restrict = 0 ) ", intval($uid), - intval($days), + db_utcnow(), db_quoteinterval(intval($days).' DAY'), intval(ITEM_RETAINED) ); @@ -3547,7 +3899,7 @@ function item_expire($uid,$days) { } function retain_item($id) { - $r = q("update item set item_flags = (item_flags | %d ) where id = %d limit 1", + $r = q("update item set item_flags = (item_flags | %d ) where id = %d", intval(ITEM_RETAINED), intval($id) ); @@ -3623,7 +3975,7 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { // set the deleted flag immediately on this item just in case the // hook calls a remote process which loops. We'll delete it properly in a second. - $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d LIMIT 1", + $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ) WHERE id = %d", intval(ITEM_DELETED), intval($item['id']) ); @@ -3650,7 +4002,12 @@ function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL) { // send the notification upstream/downstream as the case may be // only send notifications to others if this is the owner's wall item. - if(($item['item_flags'] & ITEM_WALL) && ($stage != DROPITEM_PHASE2)) + // This isn't optimal. We somehow need to pass to this function whether or not + // to call the notifier, or we need to call the notifier from the calling function. + // We'll rely on the undocumented behaviour that DROPITEM_PHASE1 is (hopefully) only + // set if we know we're going to send delete notifications out to others. + + if((($item['item_flags'] & ITEM_WALL) && ($stage != DROPITEM_PHASE2)) || ($stage == DROPITEM_PHASE1)) proc_run('php','include/notifier.php','drop',$notify_id); goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); @@ -3675,7 +4032,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { switch($stage) { case DROPITEM_PHASE2: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '', - changed = '%s', edited = '%s' WHERE id = %d LIMIT 1", + changed = '%s', edited = '%s' WHERE id = %d", intval(ITEM_PENDING_REMOVE), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -3685,7 +4042,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { case DROPITEM_PHASE1: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), - changed = '%s', edited = '%s' WHERE id = %d LIMIT 1", + changed = '%s', edited = '%s' WHERE id = %d", intval(ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -3696,7 +4053,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { case DROPITEM_NORMAL: default: $r = q("UPDATE item SET item_restrict = ( item_restrict | %d ), body = '', title = '', - changed = '%s', edited = '%s' WHERE id = %d LIMIT 1", + changed = '%s', edited = '%s' WHERE id = %d", intval(ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -3708,7 +4065,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { // immediately remove any undesired profile likes. - q("delete from likes where iid = %d and channel_id = %d limit 1", + q("delete from likes where iid = %d and channel_id = %d", intval($item['id']), intval($item['uid']) ); @@ -3719,7 +4076,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { if(strlen($item['resource_id'])) { if($item['resource_type'] === 'event') { - q("delete from event where event_hash = '%s' and uid = %d limit 1", + q("delete from event where event_hash = '%s' and uid = %d", dbesc($item['resource_id']), intval($item['uid']) ); @@ -3739,12 +4096,12 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { if($stage == DROPITEM_PHASE1) return true; - $r = q("delete from term where otype = %d and oid = %d limit 1", + $r = q("delete from term where otype = %d and oid = %d", intval(TERM_OBJ_POST), intval($item['id']) ); - q("delete from item_id where iid = %d and uid = %d limit 1", + q("delete from item_id where iid = %d and uid = %d", intval($item['id']), intval($item['uid']) ); @@ -3763,7 +4120,7 @@ function delete_item_lowlevel($item,$stage = DROPITEM_NORMAL) { function first_post_date($uid,$wall = false) { - $wall_sql = (($wall) ? sprintf(" and item_flags & %d ", ITEM_WALL) : "" ); + $wall_sql = (($wall) ? sprintf(" and (item_flags & %d)>0 ", ITEM_WALL) : "" ); $r = q("select id, created from item where item_restrict = %d and uid = %d and id = parent $wall_sql @@ -3785,10 +4142,13 @@ function first_post_date($uid,$wall = false) { * current flat list of all representative dates. */ -function list_post_dates($uid,$wall) { +function list_post_dates($uid,$wall,$mindate) { $dnow = datetime_convert('',date_default_timezone_get(),'now','Y-m-d'); - $dthen = first_post_date($uid,$wall); + if($mindate) + $dthen = datetime_convert('',date_default_timezone_get(),$mindate); + else + $dthen = first_post_date($uid,$wall); if(! $dthen) return array(); @@ -3798,7 +4158,7 @@ function list_post_dates($uid,$wall) { if(intval(substr($dnow,8)) > 28) $dnow = substr($dnow,0,8) . '28'; if(intval(substr($dthen,8)) > 28) - $dnow = substr($dthen,0,8) . '28'; + $dthen = substr($dthen,0,8) . '28'; $ret = array(); // Starting with the current month, get the first and last days of every @@ -3832,7 +4192,7 @@ function posted_dates($uid,$wall) { if(intval(substr($dnow,8)) > 28) $dnow = substr($dnow,0,8) . '28'; if(intval(substr($dthen,8)) > 28) - $dnow = substr($dthen,0,8) . '28'; + $dthen = substr($dthen,0,8) . '28'; $ret = array(); // Starting with the current month, get the first and last days of every @@ -3906,17 +4266,29 @@ function fetch_post_tags($items,$link = false) { -function zot_feed($uid,$observer_xchan,$mindate) { +function zot_feed($uid,$observer_xchan,$arr) { $result = array(); - $mindate = datetime_convert('UTC','UTC',$mindate); - if(! $mindate) - $mindate = '0000-00-00 00:00:00'; + $mindate = null; + $message_id = null; + + if(array_key_exists('mindate',$arr)) { + $mindate = datetime_convert('UTC','UTC',$arr['mindate']); + } + + if(array_key_exists('message_id',$arr)) { + $message_id = $arr['message_id']; + } + + if(! $mindate) + $mindate = NULL_DATE; $mindate = dbesc($mindate); - logger('zot_feed: ' . $uid); + logger('zot_feed: requested for uid ' . $uid . ' from observer ' . $observer_xchan, LOGGER_DEBUG); + if($message_id) + logger('message_id: ' . $message_id,LOGGER_DEBUG); if(! perm_is_allowed($uid,$observer_xchan,'view_stream')) { logger('zot_feed: permission denied.'); @@ -3928,30 +4300,35 @@ function zot_feed($uid,$observer_xchan,$mindate) { $sql_extra = item_permissions_sql($uid); } - if($mindate != '0000-00-00 00:00:00') { - $sql_extra .= " and created > '$mindate' "; + if($mindate != NULL_DATE) { + $sql_extra .= " and ( created > '$mindate' or edited > '$mindate' ) "; $limit = ""; } else $limit = " limit 0, 50 "; + if($message_id) { + $sql_extra .= " and mid = '" . dbesc($message_id) . "' "; + $limit = ''; + } + $items = array(); if(is_sys_channel($uid)) { require_once('include/security.php'); - $r = q("SELECT distinct parent from item + $r = q("SELECT distinct parent, created from item WHERE uid != %d and uid in (" . stream_perms_api_uids(PERMS_PUBLIC) . ") AND item_restrict = 0 - AND (item_flags & %d) + AND (item_flags & %d)>0 and item_private = 0 $sql_extra ORDER BY created ASC $limit", intval($uid), intval(ITEM_WALL) ); } else { - $r = q("SELECT distinct parent from item + $r = q("SELECT distinct parent, created from item WHERE uid = %d AND item_restrict = 0 - AND (item_flags & %d) + AND (item_flags & %d)>0 $sql_extra ORDER BY created ASC $limit", intval($uid), intval(ITEM_WALL) @@ -4014,12 +4391,12 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } if($arr['star']) - $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ") "; + $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ")>0 "; if($arr['wall']) - $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ") "; + $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ")>0 "; - $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) "; + $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ")>0 $sql_options ) "; if($arr['since_id']) $sql_extra .= " and item.id > " . $since_id . " "; @@ -4057,7 +4434,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } elseif($arr['cid'] && $uid) { - $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ") limit 1", + $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ")>0 limit 1", intval($arr['cid']), intval(local_user()) ); @@ -4097,7 +4474,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } if($arr['conv'] && $channel) { - $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d ))) ", + $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d )>0)) ", dbesc(protect_sprintf($uidhash)), intval(ITEM_MENTIONSME) ); @@ -4113,11 +4490,11 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C else { $itemspage = (($channel) ? get_pconfig($uid,'system','itemspage') : 20); $a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20)); - $pager_sql = sprintf(" LIMIT %d, %d ",intval(get_app()->pager['start']), intval(get_app()->pager['itemspage'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(get_app()->pager['itemspage']), intval(get_app()->pager['start'])); } if(isset($arr['start']) && isset($arr['records'])) - $pager_sql = sprintf(" LIMIT %d, %d ",intval($arr['start']), intval($arr['records'])); + $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($arr['records']), intval($arr['start'])); if(array_key_exists('cmin',$arr) || array_key_exists('cmax',$arr)) { if(($arr['cmin'] != 0) || ($arr['cmax'] != 99)) { @@ -4139,7 +4516,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C } } - $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : ''); + $simple_update = (($client_mode & CLIENT_MODE_UPDATE) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " )>0 " : ''); if($client_mode & CLIENT_MODE_LOAD) $simple_update = ''; @@ -4183,7 +4560,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C // Fetch a page full of parent items for this page - $r = q("SELECT distinct item.id AS item_id FROM item + $r = q("SELECT distinct item.id AS item_id, item.$ordering FROM item left join abook on item.author_xchan = abook.abook_xchan WHERE $item_uids $item_restrict AND item.parent = item.id @@ -4213,6 +4590,9 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C $parents_str = ids_to_querystr($r,'item_id'); + if($arr['top']) + $sql_extra = ' and id = parent ' . $sql_extra; + $items = q("SELECT item.*, item.id AS item_id FROM item WHERE $item_uids $item_restrict AND item.parent IN ( %s ) @@ -4278,7 +4658,7 @@ function update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remo dbesc($page_type) ); if($r) { - q("update item_id set sid = '%s' where id = %d limit 1", + q("update item_id set sid = '%s' where id = %d", dbesc(($pagetitle) ? $pagetitle : substr($mid,0,16)), intval($r[0]['id']) ); @@ -4309,7 +4689,7 @@ function item_add_cid($xchan_hash,$mid,$uid) { dbesc('<' . $xchan_hash . '>') ); if(! $r) { - $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d limit 1", + $r = q("update item set allow_cid = concat(allow_cid,'%s') where mid = '%s' and uid = %d", dbesc('<' . $xchan_hash . '>'), dbesc($mid), intval($uid) @@ -4324,7 +4704,7 @@ function item_remove_cid($xchan_hash,$mid,$uid) { dbesc('<' . $xchan_hash . '>') ); if($r) { - $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d limit 1", + $x = q("update item set allow_cid = '%s' where mid = '%s' and uid = %d", dbesc(str_replace('<' . $xchan_hash . '>','',$r[0]['allow_cid'])), dbesc($mid), intval($uid) |