diff options
Diffstat (limited to 'mod/item.php')
-rw-r--r-- | mod/item.php | 122 |
1 files changed, 87 insertions, 35 deletions
diff --git a/mod/item.php b/mod/item.php index da317a8c0..5cefb3be3 100644 --- a/mod/item.php +++ b/mod/item.php @@ -51,7 +51,7 @@ function item_post(&$a) { } $profile_uid = ((x($_POST,'profile_uid')) ? intval($_POST['profile_uid']) : 0); - + $post_id = ((x($_POST['post_id'])) ? intval($_POST['post_id']) : 0); if(! can_write_wall($a,$profile_uid)) { notice( t('Permission denied.') . EOL) ; @@ -60,6 +60,21 @@ function item_post(&$a) { killme(); } + + // is this an edited post? + + $orig_post = null; + + if($post_id) { + $i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", + intval($profile_uid), + intval($post_id) + ); + if(! count($i)) + killme(); + $orig_post = $i[0]; + } + $user = null; $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", @@ -68,37 +83,51 @@ function item_post(&$a) { if(count($r)) $user = $r[0]; - - $str_group_allow = perms2str($_POST['group_allow']); - $str_contact_allow = perms2str($_POST['contact_allow']); - $str_group_deny = perms2str($_POST['group_deny']); - $str_contact_deny = perms2str($_POST['contact_deny']); - - $private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0); - - if(($parent_item) && - (($parent_item['private']) - || strlen($parent_item['allow_cid']) - || strlen($parent_item['allow_gid']) - || strlen($parent_item['deny_cid']) - || strlen($parent_item['deny_gid']) - ) - ) { - $private = 1; + if($orig_post) { + $str_group_allow = $orig_post['allow_gid']; + $str_contact_allow = $orig_post['allow_cid']; + $str_group_deny = $orig_post['deny_gid']; + $str_contact_deny = $orig_post['deny_cid']; + $title = $orig_post['title']; + $location = $orig_post['location']; + $coord = $orig_post['coord']; + $verb = $orig_post['verb']; + $emailcc = $orig_post['emailcc']; + + $body = escape_tags(trim($_POST['body'])); + $private = $orig_post['private']; } + else { + $str_group_allow = perms2str($_POST['group_allow']); + $str_contact_allow = perms2str($_POST['contact_allow']); + $str_group_deny = perms2str($_POST['group_deny']); + $str_contact_deny = perms2str($_POST['contact_deny']); + $title = notags(trim($_POST['title'])); + $location = notags(trim($_POST['location'])); + $coord = notags(trim($_POST['coord'])); + $verb = notags(trim($_POST['verb'])); + $emailcc = notags(trim($_POST['emailcc'])); + + $body = escape_tags(trim($_POST['body'])); + $private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0); + + if(($parent_item) && + (($parent_item['private']) + || strlen($parent_item['allow_cid']) + || strlen($parent_item['allow_gid']) + || strlen($parent_item['deny_cid']) + || strlen($parent_item['deny_gid']) + )) { + $private = 1; + } + - $title = notags(trim($_POST['title'])); - $body = escape_tags(trim($_POST['body'])); - $location = notags(trim($_POST['location'])); - $coord = notags(trim($_POST['coord'])); - $verb = notags(trim($_POST['verb'])); - $emailcc = notags(trim($_POST['emailcc'])); - - if(! strlen($body)) { - notice( t('Empty post discarded.') . EOL ); - if(x($_POST,'return')) - goaway($a->get_baseurl() . "/" . $_POST['return'] ); - killme(); + if(! strlen($body)) { + notice( t('Empty post discarded.') . EOL ); + if(x($_POST,'return')) + goaway($a->get_baseurl() . "/" . $_POST['return'] ); + killme(); + } } // get contact info for poster @@ -151,7 +180,6 @@ function item_post(&$a) { } } - /** * * When a photo was uploaded into the message using the (profile wall) ajax @@ -212,6 +240,8 @@ function item_post(&$a) { if(count($tags)) { foreach($tags as $tag) { if(strpos($tag,'#') === 0) { + if(strpos($tag,'[url=')) + continue; $basetag = str_replace('_',' ',substr($tag,1)); $body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body); if(strlen($str_tags)) @@ -220,6 +250,8 @@ function item_post(&$a) { continue; } if(strpos($tag,'@') === 0) { + if(strpos($tag,'[url=')) + continue; $stat = false; $name = substr($tag,1); if((strpos($name,'@')) || (strpos($name,'http://'))) { @@ -283,15 +315,13 @@ function item_post(&$a) { $str_tags .= ','; $str_tags .= '@[url=' . $alias . ']' . $newname . '[/url]'; } - } } } } - - $wall = 0; + if($post_type === 'wall' || $post_type === 'wall-comment') $wall = 1; @@ -342,9 +372,31 @@ function item_post(&$a) { $datarray['parent'] = $parent; $datarray['self'] = $self; + if($orig_post) + $datarray['edit'] = true; call_hooks('post_local',$datarray); + + if($orig_post) { + $r = q("UPDATE `item` SET `body` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", + dbesc($body), + dbesc(datetime_convert()), + intval($post_id), + intval($profile_uid) + ); + + proc_run('php', "include/notifier.php", 'edit_post', "$post_id"); + if((x($_POST,'return')) && strlen($_POST['return'])) { + logger('return: ' . $_POST['return']); + goaway($a->get_baseurl() . "/" . $_POST['return'] ); + } + killme(); + } + else + $post_id = 0; + + $r = q("INSERT INTO `item` (`uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `changed`, `uri`, `title`, `body`, `location`, `coord`, `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private` ) @@ -532,7 +584,7 @@ function item_content(&$a) { require_once('include/security.php'); - $uid = $_SESSION['uid']; + $uid = local_user(); if(($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) { |