diff options
Diffstat (limited to 'mod/item.php')
| -rw-r--r-- | mod/item.php | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/mod/item.php b/mod/item.php index 2cc2b9eb2..cbdd11eb9 100644 --- a/mod/item.php +++ b/mod/item.php @@ -35,7 +35,9 @@ function item_post(&$a) { ); if(! count($r)) { notice( t('Unable to locate original post.') . EOL); - goaway($a->get_baseurl() . "/" . $_POST['return'] ); + if(x($_POST,'return')) + goaway($a->get_baseurl() . "/" . $_POST['return'] ); + killme(); } $parent_item = $r[0]; if($parent_item['contact-id'] && $uid) { @@ -53,7 +55,9 @@ function item_post(&$a) { if(! can_write_wall($a,$profile_uid)) { notice( t('Permission denied.') . EOL) ; - return; + if(x($_POST,'return')) + goaway($a->get_baseurl() . "/" . $_POST['return'] ); + killme(); } $user = null; @@ -92,8 +96,9 @@ function item_post(&$a) { if(! strlen($body)) { notice( t('Empty post discarded.') . EOL ); - goaway($a->get_baseurl() . "/" . $_POST['return'] ); - + if(x($_POST,'return')) + goaway($a->get_baseurl() . "/" . $_POST['return'] ); + killme(); } // get contact info for poster @@ -429,10 +434,11 @@ function item_post(&$a) { } } - $r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1 + $r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `plink` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1 WHERE `id` = %d LIMIT 1", intval($parent), dbesc(($parent == $post_id) ? $uri : $parent_item['uri']), + dbesc($a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id), dbesc(datetime_convert()), intval($post_id) ); @@ -544,7 +550,7 @@ function item_content(&$a) { // generate a resource-id and therefore aren't intimately linked to the item. if(strlen($item['resource-id'])) { - $q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ", + q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ", dbesc($item['resource-id']), intval($item['uid']) ); |