aboutsummaryrefslogtreecommitdiffstats
path: root/mod/item.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/item.php')
-rw-r--r--mod/item.php44
1 files changed, 44 insertions, 0 deletions
diff --git a/mod/item.php b/mod/item.php
index 0a97cdc47..36b51a537 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -128,6 +128,50 @@ function item_post(&$a) {
}
}
+
+ /**
+ *
+ * If a photo was uploaded into the message using the ajax uploader,
+ * it can be seen by anybody. Set the permissions to match the message.
+ * Ideally this should be done when the photo was uploaded, but the permissions
+ * may not have been set at that time, and passing the permission arrays via
+ * javascript to the ajax upload is going to be a challenge.
+ * This is a compromise. Granted there is a window of time when the photo
+ * is public. You are welcome to suggest other ways to fix this.
+ *
+ */
+
+ $match = null;
+
+ if($private) {
+ if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
+ $images = $match[1];
+ if(count($images)) {
+ foreach($images as $image) {
+ if(! stristr($image,$a->get_baseurl() . '/photo/'))
+ continue;
+ $image_uri = substr($image,strrpos($image,'/') + 1);
+ $image_uri = substr($image_uri,0, strpos($image_uri,'-'));
+ $r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'
+ WHERE `resource-id` = '%s' AND `album` = '%s' ",
+ dbesc($str_contact_allow),
+ dbesc($str_group_allow),
+ dbesc($str_contact_deny),
+ dbesc($str_group_deny),
+ dbesc($image_uri),
+ dbesc( t('Wall Photos'))
+ );
+
+ }
+ }
+ }
+ }
+
+
+ /**
+ * Look for any tags and linkify them
+ */
+
$str_tags = '';
$inform = '';