aboutsummaryrefslogtreecommitdiffstats
path: root/mod/item.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/item.php')
-rw-r--r--mod/item.php292
1 files changed, 164 insertions, 128 deletions
diff --git a/mod/item.php b/mod/item.php
index 7f881d28d..dc005bb20 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -44,7 +44,7 @@ function item_post(&$a) {
call_hooks('post_local_start', $_REQUEST);
-// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
+// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
$api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false);
@@ -66,8 +66,8 @@ function item_post(&$a) {
$owner_hash = null;
- $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
-
+ $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
+ $created = ((x($_REQUEST,'created')) ? datetime_convert('UTC','UTC',$_REQUEST['created']) : datetime_convert());
$profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0);
$post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0);
$app = ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : '');
@@ -79,6 +79,7 @@ function item_post(&$a) {
$layout_mid = ((x($_REQUEST,'layout_mid')) ? escape_tags($_REQUEST['layout_mid']): '');
$plink = ((x($_REQUEST,'permalink')) ? escape_tags($_REQUEST['permalink']) : '');
+
/*
Check service class limits
*/
@@ -274,6 +275,10 @@ function item_post(&$a) {
$item_flags = $orig_post['item_flags'];
$item_restrict = $orig_post['item_restrict'];
$postopts = $orig_post['postopts'];
+ $created = $orig_post['created'];
+ $mid = $orig_post['mid'];
+ $parent_mid = $orig_post['parent_mid'];
+ $plink = $orig_post['plink'];
}
else {
@@ -417,10 +422,20 @@ function item_post(&$a) {
/**
* fix naked links by passing through a callback to see if this is a red site
- * (already known to us) which will get a zrl, otherwise link with url
+ * (already known to us) which will get a zrl, otherwise link with url, add bookmark tag to both.
+ * First protect any url inside certain bbcode tags so we don't double link it.
*/
- $body = preg_replace_callback("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $body);
+ $body = preg_replace_callback('/\[code(.*?)\[\/(code)\]/ism','red_escape_codeblock',$body);
+ $body = preg_replace_callback('/\[url(.*?)\[\/(url)\]/ism','red_escape_codeblock',$body);
+ $body = preg_replace_callback('/\[zrl(.*?)\[\/(zrl)\]/ism','red_escape_codeblock',$body);
+
+ $body = preg_replace_callback("/([^\]\='".'"'."]|^|\#\^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\@\_\~\#\%\$\!\+\,]+)/ism", 'red_zrl_callback', $body);
+
+ $body = preg_replace_callback('/\[\$b64zrl(.*?)\[\/(zrl)\]/ism','red_unescape_codeblock',$body);
+ $body = preg_replace_callback('/\[\$b64url(.*?)\[\/(url)\]/ism','red_unescape_codeblock',$body);
+ $body = preg_replace_callback('/\[\$b64code(.*?)\[\/(code)\]/ism','red_unescape_codeblock',$body);
+
/**
*
@@ -438,6 +453,16 @@ function item_post(&$a) {
* the post and we should keep it private. If it's encrypted we have no way of knowing
* so we'll set the permissions regardless and realise that the media may not be
* referenced in the post.
+ *
+ * What is preventing us from being able to upload photos into comments is dealing with
+ * the photo and attachment permissions, since we don't always know who was in the
+ * distribution for the top level post.
+ *
+ * We might be able to provide this functionality with a lot of fiddling:
+ * - if the top level post is public (make the photo public)
+ * - if the top level post was written by us or a wall post that belongs to us (match the top level post)
+ * - if the top level post has privacy mentions, add those to the permissions.
+ * - otherwise disallow the photo *or* make the photo public. This is the part that gets messy.
*/
if(! $preview) {
@@ -474,6 +499,7 @@ function item_post(&$a) {
$private_forum = false;
if(count($tags)) {
+ $first_access_tag = true;
foreach($tags as $tag) {
// If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
@@ -489,8 +515,24 @@ function item_post(&$a) {
if($fullnametagged)
continue;
- $success = handle_tag($a, $body, $inform, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag);
- logger('handle_tag: ' . print_r($success,tue));
+ $success = handle_tag($a, $body, $access_tag, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag);
+ logger('handle_tag: ' . print_r($success,tue), LOGGER_DEBUG);
+ if(($access_tag) && (! $parent_item)) {
+ logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DEBUG);
+ if ($first_access_tag) {
+ $str_contact_allow = '';
+ $str_group_allow = '';
+ $first_access_tag = false;
+ }
+ if(strpos($access_tag,'cid:') === 0) {
+ $str_contact_allow .= '<' . substr($access_tag,4) . '>';
+ $access_tag = '';
+ }
+ elseif(strpos($access_tag,'gid:') === 0) {
+ $str_group_allow .= '<' . substr($access_tag,4) . '>';
+ $access_tag = '';
+ }
+ }
if($success['replaced']) {
$tagged[] = $tag;
@@ -502,10 +544,10 @@ function item_post(&$a) {
'url' => $success['url']
);
}
- if(is_array($success['contact']) && intval($success['contact']['prv'])) {
- $private_forum = true;
- $private_id = $success['contact']['id'];
- }
+// if(is_array($success['contact']) && intval($success['contact']['prv'])) {
+// $private_forum = true;
+// $private_id = $success['contact']['id'];
+// }
}
}
@@ -559,7 +601,7 @@ function item_post(&$a) {
}
$item_flags |= ITEM_UNSEEN;
- $item_restrict |= ITEM_VISIBLE;
+// $item_restrict |= ITEM_VISIBLE;
if($post_type === 'wall' || $post_type === 'wall-comment')
$item_flags = $item_flags | ITEM_WALL;
@@ -579,9 +621,13 @@ function item_post(&$a) {
$notify_type = (($parent) ? 'comment-new' : 'wall-new' );
- $mid = (($message_id) ? $message_id : item_message_id());
+ if(! $mid) {
+ $mid = (($message_id) ? $message_id : item_message_id());
+ }
+ if(! $parent_mid) {
+ $parent_mid = $mid;
+ }
- $parent_mid = $mid;
if($parent_item)
$parent_mid = $parent_item['mid'];
@@ -593,16 +639,19 @@ function item_post(&$a) {
$datarray = array();
if(! $parent) {
- $datarray['parent_mid'] = $mid;
$item_flags = $item_flags | ITEM_THREAD_TOP;
}
+
+ if ((! $plink) && ($item_flags & ITEM_THREAD_TOP)) {
+ $plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $mid;
+ }
$datarray['aid'] = $channel['channel_account_id'];
$datarray['uid'] = $profile_uid;
$datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']);
$datarray['author_xchan'] = $observer['xchan_hash'];
- $datarray['created'] = datetime_convert();
+ $datarray['created'] = $created;
$datarray['edited'] = datetime_convert();
$datarray['expires'] = $expires;
$datarray['commented'] = datetime_convert();
@@ -639,6 +688,7 @@ function item_post(&$a) {
$datarray['owner'] = $owner_xchan;
$datarray['author'] = $observer;
+ $datarray['attach'] = json_encode($datarray['attach']);
$o = conversation($a,array($datarray),'search',false,'preview');
logger('preview: ' . $o, LOGGER_DEBUG);
echo json_encode(array('preview' => $o));
@@ -692,6 +742,8 @@ function item_post(&$a) {
item_store_update($datarray,$execflag);
+ update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remote_id,$mid);
+
proc_run('php', "include/notifier.php", 'edit_post', $post_id);
if((x($_REQUEST,'return')) && strlen($return_path)) {
logger('return: ' . $return_path);
@@ -795,34 +847,8 @@ function item_post(&$a) {
// NOTREACHED
}
- $page_type = '';
-
- if($webpage & ITEM_WEBPAGE)
- $page_type = 'WEBPAGE';
- elseif($webpage & ITEM_BUILDBLOCK)
- $page_type = 'BUILDBLOCK';
- elseif($webpage & ITEM_PDL)
- $page_type = 'PDL';
- elseif($namespace && $remote_id) {
- $page_type = $namespace;
- $pagetitle = $remote_id;
- }
-
- if($page_type) {
- // store page info as an alternate message_id so we can access it via
- // https://sitename/page/$channelname/$pagetitle
- // if no pagetitle was given or it couldn't be transliterated into a url, use the first
- // sixteen bytes of the mid - which makes the link portable and not quite as daunting
- // as the entire mid. If it were the post_id the link would be less portable.
-
- q("insert into item_id ( iid, uid, sid, service ) values ( %d, %d, '%s','%s' )",
- intval($post_id),
- intval($channel['channel_id']),
- dbesc(($pagetitle) ? $pagetitle : substr($mid,0,16)),
- dbesc($page_type)
- );
- }
+ update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remote_id,$mid);
$datarray['id'] = $post_id;
$datarray['llink'] = $a->get_baseurl() . '/display/' . $channel['channel_address'] . '/' . $post_id;
@@ -875,35 +901,47 @@ function item_content(&$a) {
* the appropiate link.
*
* @param unknown_type $body the text to replace the tag in
- * @param unknown_type $inform a comma-seperated string containing everybody to inform
+ * @param unknown_type $access_tag - used to return tag ACL exclusions e.g. @!foo
* @param unknown_type $str_tags string to add the tag to
* @param unknown_type $profile_uid
* @param unknown_type $tag the tag to replace
*
* @return boolean true if replaced, false if not replaced
*/
-function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
+function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
$replaced = false;
$r = null;
- $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN);
- $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype);
+
+ $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN);
+ $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype);
+ $termtype = ((strpos($tag,'#^[') === 0) ? TERM_BOOKMARK : $termtype);
+
//is it a hash tag?
if(strpos($tag,'#') === 0) {
- //if the tag is replaced...
- if(strpos($tag,'[zrl='))
+ if(strpos($tag,'#^[') === 0) {
+ if(preg_match('/#\^\[(url|zrl)(.*?)\](.*?)\[\/(url|zrl)\]/',$tag,$match)) {
+ $basetag = $match[3];
+ $url = ((substr($match[2],0,1) === '=') ? substr($match[2],1) : $match[3]);
+ $replaced = true;
+
+ }
+ }
+ // if the tag is already replaced...
+ elseif(strpos($tag,'[zrl=')) {
//...do nothing
return $replaced;
+ }
if($tag == '#getzot') {
- $basetag = 'getzot';
- $url = 'http://getzot.com';
+ $basetag = 'getzot';
+ $url = 'https://redmatrix.me';
$newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]';
$body = str_replace($tag,$newtag,$body);
$replaced = true;
}
- else {
+ if(! $replaced) {
//base tag has the tags name only
$basetag = str_replace('_',' ',substr($tag,1));
//create text for link
@@ -922,107 +960,105 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
}
return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $basetag, 'url' => $url, 'contact' => $r[0]);
}
+
//is it a person tag?
if(strpos($tag,'@') === 0) {
+ $exclusive = ((strpos($tag,'!') === 1) ? true : false);
//is it already replaced?
if(strpos($tag,'[zrl='))
return $replaced;
$stat = false;
//get the person's name
- $name = substr($tag,1);
- //is it a link or a full dfrn address?
- if((strpos($name,'@')) || (strpos($name,'http://'))) {
- $newname = $name;
- //get the profile links
- $links = @lrdd($name);
- if(count($links)) {
- //for all links, collect how is to inform and how's profile is to link
- foreach($links as $link) {
- if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
- $profile = $link['@attributes']['href'];
- if($link['@attributes']['rel'] === 'salmon') {
- if(strlen($inform))
- $inform .= ',';
- $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);
- }
- }
- }
- } else { //if it is a name rather than an address
- $newname = $name;
- $alias = '';
- $tagcid = 0;
- //is it some generated name?
- if(strrpos($newname,'+')) {
- //get the id
- $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
- //remove the next word from tag's name
- if(strpos($name,' ')) {
- $name = substr($name,0,strpos($name,' '));
- }
+ $name = substr($tag,(($exclusive) ? 2 : 1));
+ $newname = $name;
+ $alias = '';
+ $tagcid = 0;
+
+ // is it some generated name?
+
+ if(strrpos($newname,'+')) {
+ //get the id
+ $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
+ //remove the next word from tag's name
+ if(strpos($name,' ')) {
+ $name = substr($name,0,strpos($name,' '));
}
- if($tagcid) { //if there was an id
- //select contact with that id from the logged in user's contact list
+ if($tagcid) { // if there was an id
+ // select channel with that id from the logged in user's address book
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
intval($tagcid),
intval($profile_uid)
);
-
}
- else {
- $newname = str_replace('_',' ',$name);
+ }
- //select someone from this user's contacts by name
- $r = q("SELECT * FROM abook left join xchan on abook_xchan - xchan_hash
- WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
- dbesc($newname),
- intval($profile_uid)
- );
+ else {
+ $newname = str_replace('_',' ',$name);
- if(! $r) {
- //select someone by attag or nick and the name passed in
-/* $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
- dbesc($name),
- dbesc($name),
- intval($profile_uid)
- );
-*/ }
- }
-/* } elseif(strstr($name,'_') || strstr($name,' ')) { //no id
- //get the real name
- $newname = str_replace('_',' ',$name);
- //select someone from this user's contacts by name
- $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($newname),
- intval($profile_uid)
- );
- } else {
+ //select someone from this user's contacts by name
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1",
+ dbesc($newname),
+ intval($profile_uid)
+ );
+
+ if(! $r) {
//select someone by attag or nick and the name passed in
- $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
- dbesc($name),
- dbesc($name),
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash
+ WHERE xchan_addr like ('%s') AND abook_channel = %d LIMIT 1",
+ dbesc($newname . '@%'),
intval($profile_uid)
);
- }*/
- //$r is set, if someone could be selected
- if($r) {
- $profile = $r[0]['xchan_url'];
- $newname = $r[0]['xchan_name'];
- //add person's id to $inform
- if(strlen($inform))
- $inform .= ',';
- $inform .= 'cid:' . $r[0]['id'];
}
}
+
+ // $r is set, if someone could be selected
+
+ if($r) {
+ $profile = $r[0]['xchan_url'];
+ $newname = $r[0]['xchan_name'];
+ //add person's id to $access_tag if exclusive
+ if($exclusive) {
+ $access_tag .= 'cid:' . $r[0]['xchan_hash'];
+ }
+ }
+ else {
+ // check for a group/collection exclusion tag
+
+ // note that we aren't setting $replaced even though we're replacing text.
+ // This tag isn't going to get a term attached to it. It's only used for
+ // access control. The link points to out own channel just so it doesn't look
+ // weird - as all the other tags are linked to something.
+
+ if(local_user() && local_user() == $profile_uid) {
+ require_once('include/group.php');
+ $grp = group_byname($profile_uid,$name);
+ if($grp) {
+ $g = q("select hash from groups where id = %d and visible = 1 limit 1",
+ intval($grp[0]['id'])
+ );
+ if($g && $exclusive) {
+ $access_tag .= 'gid:' . $g[0]['hash'];
+ }
+ $channel = get_app()->get_channel();
+ if($channel) {
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . z_root() . '/channel/' . $channel['channel_address'] . ']' . $newname . '[/zrl]';
+ $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
+ }
+ }
+ }
+ }
+
//if there is an url for this persons profile
if(isset($profile)) {
$replaced = true;
//create profile link
$profile = str_replace(',','%2c',$profile);
$url = $profile;
- $newtag = '@[zrl=' . $profile . ']' . $newname . '[/zrl]';
- $body = str_replace('@' . $name, $newtag, $body);
+ $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]';
+ $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body);
//append tag to str_tags
if(! stristr($str_tags,$newtag)) {
if(strlen($str_tags))
@@ -1031,8 +1067,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) {
}
}
}
-
- return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]);
+ return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]);
}
@@ -1135,8 +1170,9 @@ function item_check_service_class($channel_id,$iswebpage) {
if ($iswebpage) {
$r = q("select count(i.id) as total from item i
right join channel c on (i.author_xchan=c.channel_hash and i.uid=c.channel_id )
- and i.parent=i.id and (i.item_restrict & %d) and i.uid= %d ",
+ and i.parent=i.id and (i.item_restrict & %d) and not (i.item_restrict & %d) and i.uid= %d ",
intval(ITEM_WEBPAGE),
+ intval(ITEM_DELETED),
intval($channel_id)
);
}