aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/Photo.php78
-rw-r--r--include/Scrape.php15
-rw-r--r--include/conversation.php45
-rw-r--r--include/email.php4
-rw-r--r--include/group.php35
-rwxr-xr-xinclude/items.php40
-rw-r--r--include/message.php2
-rw-r--r--include/security.php12
-rw-r--r--include/text.php4
-rw-r--r--include/user.php2
10 files changed, 164 insertions, 73 deletions
diff --git a/include/Photo.php b/include/Photo.php
index d5e9ac9e6..d5cbb8d24 100644
--- a/include/Photo.php
+++ b/include/Photo.php
@@ -179,19 +179,6 @@ class Photo {
if(!$this->is_valid())
return FALSE;
- if($this->is_imagick()) {
- /**
- * If it is not animated, there will be only one iteration here,
- * so don't bother checking
- */
- // Don't forget to go back to the first frame
- $this->image->setFirstIterator();
- do {
- $this->image->resizeImage($max, $max, imagick::FILTER_LANCZOS, 1, true);
- } while ($this->image->nextImage());
- return;
- }
-
$width = $this->width;
$height = $this->height;
@@ -201,7 +188,18 @@ class Photo {
return FALSE;
if($width > $max && $height > $max) {
- if($width > $height) {
+
+ // very tall image (greater than 16:9)
+ // constrain the width - let the height float.
+
+ if((($height * 9) / 16) > $width) {
+ $dest_width = $max;
+ $dest_height = intval(( $height * $max ) / $width);
+ }
+
+ // else constrain both dimensions
+
+ elseif($width > $height) {
$dest_width = $max;
$dest_height = intval(( $height * $max ) / $width);
}
@@ -217,8 +215,18 @@ class Photo {
}
else {
if( $height > $max ) {
- $dest_width = intval(( $width * $max ) / $height);
- $dest_height = $max;
+
+ // very tall image (greater than 16:9)
+ // but width is OK - don't do anything
+
+ if((($height * 9) / 16) > $width) {
+ $dest_width = $width;
+ $dest_height = $height;
+ }
+ else {
+ $dest_width = intval(( $width * $max ) / $height);
+ $dest_height = $max;
+ }
}
else {
$dest_width = $width;
@@ -228,6 +236,28 @@ class Photo {
}
+ if($this->is_imagick()) {
+ /**
+ * If it is not animated, there will be only one iteration here,
+ * so don't bother checking
+ */
+ // Don't forget to go back to the first frame
+ $this->image->setFirstIterator();
+ do {
+
+ // FIXME - implement horizantal bias for scaling as in followin GD functions
+ // to allow very tall images to be constrained only horizontally.
+
+ $this->image->scaleImage($dest_width, $dest_height);
+ } while ($this->image->nextImage());
+
+ // FIXME - also we need to copy the new dimensions to $this->height, $this->width as other functions
+ // may rely on it.
+
+ return;
+ }
+
+
$dest = imagecreatetruecolor( $dest_width, $dest_height );
imagealphablending($dest, false);
imagesavealpha($dest, true);
@@ -341,8 +371,6 @@ class Photo {
if(!$this->is_valid())
return FALSE;
- if($this->is_imagick())
- return $this->scaleImage($min);
$width = $this->width;
$height = $this->height;
@@ -379,6 +407,8 @@ class Photo {
}
}
+ if($this->is_imagick())
+ return $this->scaleImage($dest_width,$dest_height);
$dest = imagecreatetruecolor( $dest_width, $dest_height );
imagealphablending($dest, false);
@@ -401,7 +431,7 @@ class Photo {
if($this->is_imagick()) {
$this->image->setFirstIterator();
do {
- $this->image->resizeImage($dim, $dim, imagick::FILTER_LANCZOS, 1, false);
+ $this->image->scaleImage($dim, $dim);
} while ($this->image->nextImage());
return;
}
@@ -495,7 +525,7 @@ class Photo {
public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') {
- $x = q("select id from photo where `resource-id` = '%s' and uid = %d and `contact-id` = %d and `scale` = %d limit 1",
+ $x = q("select id from photo where `resource_id` = '%s' and uid = %d and `contact-id` = %d and `scale` = %d limit 1",
dbesc($rid),
intval($uid),
intval($cid),
@@ -505,7 +535,7 @@ class Photo {
$r = q("UPDATE `photo`
set `uid` = %d,
`contact-id` = %d,
- `resource-id` = '%s',
+ `resource_id` = '%s',
`created` = '%s',
`edited` = '%s',
`filename` = '%s',
@@ -544,7 +574,7 @@ class Photo {
}
else {
$r = q("INSERT INTO `photo`
- ( `uid`, `contact-id`, `resource-id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
+ ( `uid`, `contact-id`, `resource_id`, `created`, `edited`, `filename`, type, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s' )",
intval($uid),
intval($cid),
@@ -618,12 +648,12 @@ function import_profile_photo($photo,$uid,$cid) {
$a = get_app();
- $r = q("select `resource-id` from photo where `uid` = %d and `contact-id` = %d and `scale` = 4 and `album` = 'Contact Photos' limit 1",
+ $r = q("select `resource_id` from photo where `uid` = %d and `contact-id` = %d and `scale` = 4 and `album` = 'Contact Photos' limit 1",
intval($uid),
intval($cid)
);
if(count($r)) {
- $hash = $r[0]['resource-id'];
+ $hash = $r[0]['resource_id'];
}
else {
$hash = photo_new_resource();
diff --git a/include/Scrape.php b/include/Scrape.php
index 2e5ed7d32..806106ef1 100644
--- a/include/Scrape.php
+++ b/include/Scrape.php
@@ -438,10 +438,10 @@ function probe_url($url, $mode = PROBE_NORMAL) {
$poll = 'email ' . random_string();
$priority = 0;
$x = email_msg_meta($mbox,$msgs[0]);
- if(stristr($x->from,$orig_url))
- $adr = imap_rfc822_parse_adrlist($x->from,'');
- elseif(stristr($x->to,$orig_url))
- $adr = imap_rfc822_parse_adrlist($x->to,'');
+ if(stristr($x[0]->from,$orig_url))
+ $adr = imap_rfc822_parse_adrlist($x[0]->from,'');
+ elseif(stristr($x[0]->to,$orig_url))
+ $adr = imap_rfc822_parse_adrlist($x[0]->to,'');
if(isset($adr)) {
foreach($adr as $feadr) {
if((strcasecmp($feadr->mailbox,$name) == 0)
@@ -523,6 +523,13 @@ function probe_url($url, $mode = PROBE_NORMAL) {
logger('probe_url: scrape_vcard: ' . print_r($vcard,true), LOGGER_DATA);
}
+ if($diaspora && $addr) {
+ // Diaspora returns the name as the nick. As the nick will never be updated,
+ // let's use the Diaspora nickname (the first part of the handle) as the nick instead
+ $addr_parts = explode('@', $addr);
+ $vcard['nick'] = $addr_parts[0];
+ }
+
if($twitter) {
logger('twitter: setup');
$tid = basename($url);
diff --git a/include/conversation.php b/include/conversation.php
index 621032349..bad511551 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -111,7 +111,7 @@ function localize_item(&$item){
}
break;
default:
- if($obj['resource-id']){
+ if($obj['resource_id']){
$post_type = t('photo');
$m=array(); preg_match("/\[url=([^]]*)\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
@@ -239,7 +239,7 @@ function localize_item(&$item){
}
break;
default:
- if($obj['resource-id']){
+ if($obj['resource_id']){
$post_type = t('photo');
$m=array(); preg_match("/\[url=([^]]*)\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
@@ -329,11 +329,14 @@ function count_descendants($item) {
function visible_activity($item) {
- if(activity_match($child['verb'],ACTIVITY_LIKE) || activity_match($child['verb'],ACTIVITY_DISLIKE))
+ if(activity_match($item['verb'],ACTIVITY_LIKE) || activity_match($item['verb'],ACTIVITY_DISLIKE))
return false;
- if(activity_match($item['verb'],ACTIVITY_FOLLOW) && $item['object-type'] === ACTIVITY_OBJ_NOTE && $item['uid'] != local_user())
- return false;
+ if(activity_match($item['verb'],ACTIVITY_FOLLOW) && $item['object-type'] === ACTIVITY_OBJ_NOTE) {
+ if(! (($item['self']) && ($item['uid'] == local_user()))) {
+ return false;
+ }
+ }
return true;
}
@@ -1372,6 +1375,7 @@ function item_photo_menu($item){
if(! count($a->contacts))
load_contact_links(local_user());
}
+ $sub_link="";
$poke_link="";
$contact_url="";
$pm_url="";
@@ -1379,6 +1383,10 @@ function item_photo_menu($item){
$photos_link="";
$posts_link="";
+ if((local_user()) && local_user() == $item['uid'] && $item['parent'] == $item['id'] && (! $item['self'])) {
+ $sub_link = 'javascript:dosubthread(' . $item['id'] . '); return false;';
+ }
+
$sparkle = false;
$profile_link = best_link_url($item,$sparkle,$ssl_state);
@@ -1417,6 +1425,7 @@ function item_photo_menu($item){
}
$menu = Array(
+ t("Follow Thread") => $sub_link,
t("View Status") => $status_link,
t("View Profile") => $profile_link,
t("View Photos") => $photos_link,
@@ -1435,7 +1444,11 @@ function item_photo_menu($item){
$o = "";
foreach($menu as $k=>$v){
- if ($v!="") $o .= "<li><a href=\"$v\">$k</a></li>\n";
+ if(strpos($v,'javascript:') === 0) {
+ $v = substr($v,11);
+ $o .= "<li><a href=\"#\" onclick=\"$v\">$k</a></li>\n";
+ }
+ elseif ($v!="") $o .= "<li><a href=\"$v\">$k</a></li>\n";
}
return $o;
}}
@@ -1456,16 +1469,16 @@ function like_puller($a,$item,&$arr,$mode) {
else
$url = zrl($url);
- if(! $item['thr-parent'])
- $item['thr-parent'] = $item['parent_uri'];
+ if(! $item['thr_parent'])
+ $item['thr_parent'] = $item['parent_uri'];
- if(! ((isset($arr[$item['thr-parent'] . '-l'])) && (is_array($arr[$item['thr-parent'] . '-l']))))
- $arr[$item['thr-parent'] . '-l'] = array();
- if(! isset($arr[$item['thr-parent']]))
- $arr[$item['thr-parent']] = 1;
+ if(! ((isset($arr[$item['thr_parent'] . '-l'])) && (is_array($arr[$item['thr_parent'] . '-l']))))
+ $arr[$item['thr_parent'] . '-l'] = array();
+ if(! isset($arr[$item['thr_parent']]))
+ $arr[$item['thr_parent']] = 1;
else
- $arr[$item['thr-parent']] ++;
- $arr[$item['thr-parent'] . '-l'][] = '<a href="'. $url . '"'. $sparkle .'>' . $item['author-name'] . '</a>';
+ $arr[$item['thr_parent']] ++;
+ $arr[$item['thr_parent'] . '-l'][] = '<a href="'. $url . '"'. $sparkle .'>' . $item['author-name'] . '</a>';
}
return;
}}
@@ -1603,8 +1616,8 @@ function get_item_children($arr, $parent) {
foreach($arr as $item) {
if($item['id'] != $item['parent']) {
if(get_config('system','thread_allow')) {
- // Fallback to parent_uri if thr-parent is not set
- $thr_parent = $item['thr-parent'];
+ // Fallback to parent_uri if thr_parent is not set
+ $thr_parent = $item['thr_parent'];
if($thr_parent == '')
$thr_parent = $item['parent_uri'];
diff --git a/include/email.php b/include/email.php
index b43ae0dc1..46feb4582 100644
--- a/include/email.php
+++ b/include/email.php
@@ -48,8 +48,8 @@ function construct_mailbox_name($mailacct) {
function email_msg_meta($mbox,$uid) {
- $ret = (($mbox && $uid) ? @imap_fetch_overview($mbox,$uid,FT_UID) : array(array()));
- return ((count($ret)) ? $ret[0] : array());
+ $ret = (($mbox && $uid) ? @imap_fetch_overview($mbox,$uid,FT_UID) : array(array())); // POSSIBLE CLEANUP --> array(array()) is probably redundant now
+ return ((count($ret)) ? $ret : array());
}
function email_msg_headers($mbox,$uid) {
diff --git a/include/group.php b/include/group.php
index 8aaeb513f..0df3a7b15 100644
--- a/include/group.php
+++ b/include/group.php
@@ -40,7 +40,7 @@ function group_add($uid,$name) {
function group_rmv($uid,$name) {
$ret = false;
if(x($uid) && x($name)) {
- $r = q("SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
+ $r = q("SELECT id FROM `group` WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
intval($uid),
dbesc($name)
);
@@ -49,6 +49,37 @@ function group_rmv($uid,$name) {
if(! $group_id)
return false;
+ // remove group from default posting lists
+ $r = q("SELECT def_gid, allow_gid, deny_gid FROM user WHERE uid = %d LIMIT 1",
+ intval($uid)
+ );
+ if($r) {
+ $user_info = $r[0];
+ $change = false;
+
+ if($user_info['def_gid'] == $group_id) {
+ $user_info['def_gid'] = 0;
+ $change = true;
+ }
+ if(strpos($user_info['allow_gid'], '<' . $group_id . '>') !== false) {
+ $user_info['allow_gid'] = str_replace('<' . $group_id . '>', '', $user_info['allow_gid']);
+ $change = true;
+ }
+ if(strpos($user_info['deny_gid'], '<' . $group_id . '>') !== false) {
+ $user_info['deny_gid'] = str_replace('<' . $group_id . '>', '', $user_info['deny_gid']);
+ $change = true;
+ }
+
+ if($change) {
+ q("UPDATE user SET def_gid = %d, allow_gid = '%s', deny_gid = '%s' WHERE uid = %d",
+ intval($user_info['def_gid']),
+ dbesc($user_info['allow_gid']),
+ dbesc($user_info['deny_gid']),
+ intval($uid)
+ );
+ }
+ }
+
// remove all members
$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d ",
intval($uid),
@@ -103,7 +134,7 @@ function group_add_member($uid,$name,$member,$gid = 0) {
if((! $gid) || (! $uid) || (! $member))
return false;
- $r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `id` = %d AND `contact-id` = %d LIMIT 1",
+ $r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1",
intval($uid),
intval($gid),
intval($member)
diff --git a/include/items.php b/include/items.php
index ba7d54c94..07b941074 100755
--- a/include/items.php
+++ b/include/items.php
@@ -1000,7 +1000,7 @@ function item_store($arr,$force_parent = false) {
$arr['origin'] = ((x($arr,'origin')) ? intval($arr['origin']) : 0 );
- $arr['thr-parent'] = $arr['parent_uri'];
+ $arr['thr_parent'] = $arr['parent_uri'];
if($arr['parent_uri'] === $arr['uri']) {
$parent_id = 0;
$parent_deleted = 0;
@@ -1670,12 +1670,12 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
$photo_failure = false;
$have_photo = false;
- $r = q("SELECT `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `resource_id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1",
intval($contact['id']),
intval($contact['uid'])
);
if(count($r)) {
- $resource_id = $r[0]['resource-id'];
+ $resource_id = $r[0]['resource_id'];
$have_photo = true;
}
else {
@@ -1690,7 +1690,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
$img = new Photo($img_str, $type);
if($img->is_valid()) {
if($have_photo) {
- q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `contact-id` = %d AND `uid` = %d",
+ q("DELETE FROM `photo` WHERE `resource_id` = '%s' AND `contact-id` = %d AND `uid` = %d",
dbesc($resource_id),
intval($contact['id']),
intval($contact['uid'])
@@ -1985,7 +1985,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0)
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
// only one like or dislike per person
- $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr-parent` = '%s') limit 1",
+ $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr_parent` = '%s') limit 1",
intval($datarray['uid']),
intval($datarray['contact-id']),
dbesc($datarray['verb']),
@@ -2216,12 +2216,12 @@ function local_delivery($importer,$data) {
$photo_failure = false;
$have_photo = false;
- $r = q("SELECT `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `resource_id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1",
intval($importer['id']),
intval($importer['importer_uid'])
);
if(count($r)) {
- $resource_id = $r[0]['resource-id'];
+ $resource_id = $r[0]['resource_id'];
$have_photo = true;
}
else {
@@ -2236,7 +2236,7 @@ function local_delivery($importer,$data) {
$img = new Photo($img_str, $type);
if($img->is_valid()) {
if($have_photo) {
- q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `contact-id` = %d AND `uid` = %d",
+ q("DELETE FROM `photo` WHERE `resource_id` = '%s' AND `contact-id` = %d AND `uid` = %d",
dbesc($resource_id),
intval($importer['id']),
intval($importer['importer_uid'])
@@ -2536,7 +2536,7 @@ function local_delivery($importer,$data) {
$r = q("select `item`.`id`, `item`.`uri`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,
`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`
LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr-parent` = '%s')
+ WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr_parent` = '%s')
AND `item`.`uid` = %d
$sql_extra
LIMIT 1",
@@ -2678,7 +2678,7 @@ function local_delivery($importer,$data) {
$r = q("select `item`.`id`, `item`.`uri`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,
`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`
LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr-parent` = '%s')
+ WHERE `item`.`uri` = '%s' AND (`item`.`parent_uri` = '%s' or `item`.`thr_parent` = '%s')
AND `item`.`uid` = %d
$sql_extra
LIMIT 1",
@@ -2762,7 +2762,7 @@ function local_delivery($importer,$data) {
$datarray['gravity'] = GRAVITY_LIKE;
// only one like or dislike per person
- $r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`thr-parent` = '%s' or `parent_uri` = '%s') and deleted = 0 limit 1",
+ $r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`thr_parent` = '%s' or `parent_uri` = '%s') and deleted = 0 limit 1",
intval($datarray['uid']),
intval($datarray['contact-id']),
dbesc($datarray['verb']),
@@ -2916,7 +2916,7 @@ function local_delivery($importer,$data) {
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
// only one like or dislike per person
- $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr-parent` = '%s') limit 1",
+ $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent_uri` = '%s' OR `thr_parent` = '%s') limit 1",
intval($datarray['uid']),
intval($datarray['contact-id']),
dbesc($datarray['verb']),
@@ -3316,8 +3316,8 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
if(strlen($item['owner-name']))
$o .= atom_author('dfrn:owner',$item['owner-name'],$item['owner-link'],80,80,$item['owner-avatar']);
- if(($item['parent'] != $item['id']) || ($item['parent_uri'] !== $item['uri']) || (($item['thr-parent'] !== '') && ($item['thr-parent'] !== $item['uri']))) {
- $parent_item = (($item['thr-parent']) ? $item['thr-parent'] : $item['parent_uri']);
+ if(($item['parent'] != $item['id']) || ($item['parent_uri'] !== $item['uri']) || (($item['thr_parent'] !== '') && ($item['thr_parent'] !== $item['uri']))) {
+ $parent_item = (($item['thr_parent']) ? $item['thr_parent'] : $item['parent_uri']);
$o .= '<thr:in-reply-to ref="' . xmlify($parent_item) . '" type="text/html" href="' . xmlify($a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['parent']) . '" />' . "\r\n";
}
@@ -3403,7 +3403,7 @@ function fix_private_photos($s, $uid, $item = null, $cid = 0) {
if($x) {
$res = substr($i,$x+1);
$i = substr($i,0,$x);
- $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d AND `uid` = %d",
+ $r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `scale` = %d AND `uid` = %d",
dbesc($i),
intval($res),
intval($uid)
@@ -3597,7 +3597,7 @@ function item_expire($uid,$days) {
// Only expire posts, not photos and photo comments
- if($expire_photos==0 && strlen($item['resource-id']))
+ if($expire_photos==0 && strlen($item['resource_id']))
continue;
if($expire_starred==0 && intval($item['starred']))
continue;
@@ -3702,11 +3702,11 @@ function drop_item($id,$interactive = true) {
// If item is a link to a photo resource, nuke all the associated photos
// (visitors will not have photo resources)
// This only applies to photos uploaded from the photos page. Photos inserted into a post do not
- // generate a resource-id and therefore aren't intimately linked to the item.
+ // generate a resource_id and therefore aren't intimately linked to the item.
- if(strlen($item['resource-id'])) {
- q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ",
- dbesc($item['resource-id']),
+ if(strlen($item['resource_id'])) {
+ q("DELETE FROM `photo` WHERE `resource_id` = '%s' AND `uid` = %d ",
+ dbesc($item['resource_id']),
intval($item['uid'])
);
// ignore the result
diff --git a/include/message.php b/include/message.php
index 0f31b116a..cf0fe96da 100644
--- a/include/message.php
+++ b/include/message.php
@@ -138,7 +138,7 @@ function send_message($recipient=0, $body='', $subject='', $replyto=''){
$image_uri = substr($image,strrpos($image,'/') + 1);
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
$r = q("UPDATE `photo` SET `allow_cid` = '%s'
- WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ",
+ WHERE `resource_id` = '%s' AND `album` = '%s' AND `uid` = %d ",
dbesc('<' . $recipient . '>'),
dbesc($image_uri),
dbesc( t('Wall Photos')),
diff --git a/include/security.php b/include/security.php
index f5e829e47..e221ad59b 100644
--- a/include/security.php
+++ b/include/security.php
@@ -274,7 +274,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
$gs .= '|<' . intval($g) . '>';
}
- $sql = sprintf(
+ /*$sql = sprintf(
" AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
@@ -284,6 +284,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
intval($remote_user),
dbesc($gs),
dbesc($gs)
+ );*/
+ $sql = sprintf(
+ " AND ( NOT (deny_cid REGEXP '<%d>' OR deny_gid REGEXP '%s')
+ AND ( allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ )
+ ",
+ intval($remote_user),
+ dbesc($gs),
+ intval($remote_user),
+ dbesc($gs)
);
}
}
diff --git a/include/text.php b/include/text.php
index 61c7e6389..d0ad414fa 100644
--- a/include/text.php
+++ b/include/text.php
@@ -378,7 +378,7 @@ function photo_new_resource() {
do {
$found = false;
$resource = hash('md5',uniqid(mt_rand(),true));
- $r = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
+ $r = q("SELECT `id` FROM `photo` WHERE `resource_id` = '%s' LIMIT 1",
dbesc($resource)
);
if(count($r))
@@ -1325,7 +1325,7 @@ function reltoabs($text, $base)
function item_post_type($item) {
if(intval($item['event-id']))
return t('event');
- if(strlen($item['resource-id']))
+ if(strlen($item['resource_id']))
return t('photo');
if(strlen($item['verb']) && $item['verb'] !== ACTIVITY_POST)
return t('activity');
diff --git a/include/user.php b/include/user.php
index b94317dab..99837e357 100644
--- a/include/user.php
+++ b/include/user.php
@@ -304,7 +304,7 @@ function create_user($arr) {
$photo_failure = true;
if(! $photo_failure) {
- q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ",
+ q("UPDATE `photo` SET `profile` = 1 WHERE `resource_id` = '%s' ",
dbesc($hash)
);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 08:12:32 +0000