aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/api.php53
-rw-r--r--include/conversation.php2
-rw-r--r--include/features.php2
-rwxr-xr-xinclude/items.php22
-rw-r--r--include/security.php87
5 files changed, 55 insertions, 111 deletions
diff --git a/include/api.php b/include/api.php
index e854012e5..dc270167b 100644
--- a/include/api.php
+++ b/include/api.php
@@ -7,6 +7,7 @@ require_once("oauth.php");
require_once("html2plain.php");
require_once('include/security.php');
require_once('include/photos.php');
+require_once('include/items.php');
/*
*
@@ -1242,27 +1243,43 @@ require_once('include/photos.php');
$sql_extra = '';
if ($user_info['self']==1) $sql_extra .= " AND `item`.`wall` = 1 ";
+
+//FIXME - this isn't yet implemented
if ($exclude_replies > 0) $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn_id`, `contact`.`self`,
- `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item`, `contact`
- WHERE `item`.`uid` = %d
- AND `item`.`contact-id` = %d
- AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
- AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $sql_extra
- AND `item`.`id`>%d
- ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
- intval(api_user()),
- intval($user_info['id']),
- intval($since_id),
- intval($start), intval($count)
- );
+// $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+// `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+// `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn_id`, `contact`.`self`,
+// `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
+// FROM `item`, `contact`
+// WHERE `item`.`uid` = %d
+// AND `item`.`contact-id` = %d
+// AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
+// AND `contact`.`id` = `item`.`contact-id`
+// AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+// $sql_extra
+// AND `item`.`id`>%d
+// ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
+// intval(api_user()),
+// intval($user_info['id']),
+// intval($since_id),
+// intval($start), intval($count)
+// );
+
+ $arr = array(
+ 'uid' => api_user(),
+ 'since_id' => $since_id,
+ 'start' => $start,
+ 'records' => $count);
+
+ if ($user_info['self']==1)
+ $arr['wall'] = 1;
+ else
+ $arr['cid'] = $user_info['id'];
+
+ $r = items_fetch($arr,get_app()->get_channel(),get_observer_hash());
+
$ret = api_format_items($r,$user_info);
diff --git a/include/conversation.php b/include/conversation.php
index cec5993b6..34d661004 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -1481,7 +1481,7 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){
if($p['view_storage']) {
$tabs[] = array(
'label' => t('Files'),
- 'url' => $a->get_baseurl() . '/cloud/' . $nickname,
+ 'url' => $a->get_baseurl() . '/cloud/' . $nickname . ((get_observer_hash()) ? '' : '?f=&davguest=1'),
'sel' => ((argv(0) == 'cloud') ? 'active' : ''),
'title' => t('Files and Storage'),
'id' => 'files-tab',
diff --git a/include/features.php b/include/features.php
index 1f83eb319..cc8d457bc 100644
--- a/include/features.php
+++ b/include/features.php
@@ -7,6 +7,8 @@
function feature_enabled($uid,$feature) {
$x = get_pconfig($uid,'feature',$feature);
+ if($x === false)
+ $x = get_config('feature',$feature);
$arr = array('uid' => $uid, 'feature' => $feature, 'enabled' => $x);
call_hooks('feature_enabled',$arr);
return($arr['enabled']);
diff --git a/include/items.php b/include/items.php
index 12823c6f9..2fe923303 100755
--- a/include/items.php
+++ b/include/items.php
@@ -3719,21 +3719,26 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
$def_acl = '';
$item_uids = ' true ';
-
+
+ if ($arr['uid']) $uid= $arr['uid'];
+
if($channel) {
$uid = $channel['channel_id'];
$uidhash = $channel['channel_hash'];
$item_uids = " item.uid = " . intval($uid) . " ";
}
-
+
if($arr['star'])
$sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ") ";
if($arr['wall'])
$sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ") ";
-
+
$sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) ";
-
+
+ if($arr['since_id'])
+ $sql_extra .= " and item.id > " . $since_id . " ";
+
if($arr['gid'] && $uid) {
$r = q("SELECT * FROM `groups` WHERE id = %d AND uid = %d LIMIT 1",
intval($arr['group']),
@@ -3813,6 +3818,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
);
}
+
if(($client_mode & CLIENT_MODE_UPDATE) && (! ($client_mode & CLIENT_MODE_LOAD))) {
// only setup pagination on initial page view
@@ -3825,6 +3831,8 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
$pager_sql = sprintf(" LIMIT %d, %d ",intval(get_app()->pager['start']), intval(get_app()->pager['itemspage']));
}
+ if(isset($arr['start']) && isset($arr['records']))
+ $pager_sql = sprintf(" LIMIT %d, %d ",intval($arr['start']), intval($arr['records']));
if(($arr['cmin'] != 0) || ($arr['cmax'] != 99)) {
@@ -3859,7 +3867,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
$item_restrict = " AND item_restrict = 0 ";
- if($arr['nouveau'] && ($client_mode & CLIENT_MODELOAD) && $channel) {
+ if($arr['nouveau'] && ($client_mode & CLIENT_MODE_LOAD) && $channel) {
// "New Item View" - show all items unthreaded in reverse created date order
$items = q("SELECT item.*, item.id AS item_id FROM item
@@ -3884,7 +3892,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
else
$ordering = "commented";
- if(($client_mode & CLIENT_MODE_LOAD) || ($client_mode & CLIENT_MODE_NORMAL)) {
+ if(($client_mode & CLIENT_MODE_LOAD) || ($client_mode == CLIENT_MODE_NORMAL)) {
// Fetch a page full of parent items for this page
@@ -3897,7 +3905,7 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C
ORDER BY item.$ordering DESC $pager_sql ",
intval(ABOOK_FLAG_BLOCKED)
);
-
+
}
else {
// update
diff --git a/include/security.php b/include/security.php
index 9943cf88d..5e86cf790 100644
--- a/include/security.php
+++ b/include/security.php
@@ -31,90 +31,6 @@ function authenticate_success($user_record, $login_initial = false, $interactive
}
}
- else {
- $_SESSION['uid'] = $user_record['uid'];
- $_SESSION['theme'] = $user_record['theme'];
- $_SESSION['mobile_theme'] = get_pconfig($user_record['uid'], 'system', 'mobile_theme');
- $_SESSION['authenticated'] = 1;
- $_SESSION['page_flags'] = $user_record['page-flags'];
- $_SESSION['my_url'] = $a->get_baseurl() . '/channel/' . $user_record['nickname'];
- $_SESSION['my_address'] = $user_record['nickname'] . '@' . substr($a->get_baseurl(),strpos($a->get_baseurl(),'://')+3);
-
- $a->user = $user_record;
-
- if($interactive) {
- if($a->user['login_date'] === '0000-00-00 00:00:00') {
- $_SESSION['return_url'] = 'profile_photo/new';
- $a->module = 'profile_photo';
- info( t("Welcome ") . $a->user['username'] . EOL);
- info( t('Please upload a profile photo.') . EOL);
- }
- else
- info( t("Welcome back ") . $a->user['username'] . EOL);
- }
-
- $member_since = strtotime($a->user['register_date']);
- if(time() < ($member_since + ( 60 * 60 * 24 * 14)))
- $_SESSION['new_member'] = true;
- else
- $_SESSION['new_member'] = false;
- if(strlen($a->user['timezone'])) {
- date_default_timezone_set($a->user['timezone']);
- $a->timezone = $a->user['timezone'];
- }
-
- $master_record = $a->user;
-
- if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
- $r = q("select * from user where uid = %d limit 1",
- intval($_SESSION['submanage'])
- );
- if(count($r))
- $master_record = $r[0];
- }
-
- $r = q("SELECT `uid`,`username`,`nickname` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
- dbesc($master_record['password']),
- dbesc($master_record['email'])
- );
- if($r && count($r))
- $a->identities = $r;
- else
- $a->identities = array();
-
- $r = q("select `user`.`uid`, `user`.`username`, `user`.`nickname`
- from manage left join user on manage.mid = user.uid
- where `manage`.`uid` = %d",
- intval($master_record['uid'])
- );
- if($r && count($r))
- $a->identities = array_merge($a->identities,$r);
-
- if($login_initial)
- logger('auth_identities: ' . print_r($a->identities,true), LOGGER_DEBUG);
-
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
- intval($_SESSION['uid']));
- if(count($r)) {
- $a->contact = $r[0];
- $a->cid = $r[0]['id'];
- $_SESSION['cid'] = $a->cid;
- }
-
- header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
-
- if($login_initial) {
- $l = get_browser_language();
-
- q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1",
- dbesc(datetime_convert()),
- dbesc($l),
- intval($_SESSION['uid'])
- );
-
-
- }
- }
if($login_initial)
call_hooks('logged_in', $user_record);
@@ -144,6 +60,7 @@ function change_channel($change_channel) {
intval(get_account_id()),
intval(PAGE_REMOVED)
);
+
if($r) {
$hash = $r[0]['channel_hash'];
$_SESSION['uid'] = intval($r[0]['channel_id']);
@@ -158,7 +75,7 @@ function change_channel($change_channel) {
);
if($x) {
$_SESSION['my_url'] = $x[0]['xchan_url'];
- $_SESSION['my_address'] = $x[0]['xchan_addr'];
+ $_SESSION['my_address'] = $r[0]['channel_address'] . '@' . substr(get_app()->get_baseurl(),strpos(get_app()->get_baseurl(),'://')+3);
get_app()->set_observer($x[0]);
get_app()->set_perms(get_all_perms(local_user(),$hash));