aboutsummaryrefslogtreecommitdiffstats
path: root/mod/item.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/item.php')
-rw-r--r--mod/item.php68
1 files changed, 68 insertions, 0 deletions
diff --git a/mod/item.php b/mod/item.php
new file mode 100644
index 000000000..588dd9a9d
--- /dev/null
+++ b/mod/item.php
@@ -0,0 +1,68 @@
+<?php
+
+
+function item_post(&$a) {
+
+ if((! local_user()) && (! remote_user()))
+ return;
+
+ require_once('include/security.php');
+
+ $uid = $_SESSION['uid'];
+ $parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0);
+ $profile_uid = ((x($_POST,'profile_uid')) ? intval($_POST['profile_uid']) : 0);
+ if(! can_write_wall($a,$profile_uid)) {
+ $_SESSION['sysmsg'] .= "Permission denied." . EOL;
+ return;
+ }
+
+ if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id'])))
+ $contact_id = $_SESSION['visitor_id'];
+ else {
+ $r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+ intval($_SESSION['uid']));
+ if(count($r))
+ $contact_id = $r[0]['id'];
+
+ if($_POST['type'] == 'jot') {
+
+ do {
+ $dups = false;
+ $hash = random_string();
+ $r = q("SELECT `id` FROM `item` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($hash));
+ if(count($r))
+ $dups = true;
+ } while($dups == true);
+
+ $r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`created`,`edited`,`hash`,`body`)
+ VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s' )",
+ intval($profile_uid),
+ "jot",
+ intval($contact_id),
+ datetime_convert(),
+ datetime_convert(),
+ dbesc($hash),
+ dbesc(escape_tags(trim($_POST['body'])))
+ );
+ $r = q("SELECT `id` FROM `item` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($hash));
+ if(count($r)) {
+ $post_id = $r[0]['id'];
+ if(! $parent)
+ $parent = $post_id;
+ $r = q("UPDATE `item` SET `parent` = %d, `visible` = 1
+ WHERE `id` = %d LIMIT 1",
+ intval($parent),
+ intval($post_id));
+ }
+ }
+ goaway($a->get_baseurl() . "/profile/$uid");
+
+
+
+
+
+
+
+} \ No newline at end of file