diff options
Diffstat (limited to 'mod/item.php')
| -rw-r--r-- | mod/item.php | 184 |
1 files changed, 98 insertions, 86 deletions
diff --git a/mod/item.php b/mod/item.php index 7f881d28d..2c0a36d52 100644 --- a/mod/item.php +++ b/mod/item.php @@ -66,8 +66,8 @@ function item_post(&$a) { $owner_hash = null; - $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : ''); - + $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : ''); + $created = ((x($_REQUEST,'created')) ? datetime_convert('UTC','UTC',$_REQUEST['created']) : datetime_convert()); $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0); $post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0); $app = ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''); @@ -274,6 +274,7 @@ function item_post(&$a) { $item_flags = $orig_post['item_flags']; $item_restrict = $orig_post['item_restrict']; $postopts = $orig_post['postopts']; + $created = $orig_post['created']; } else { @@ -489,8 +490,19 @@ function item_post(&$a) { if($fullnametagged) continue; - $success = handle_tag($a, $body, $inform, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag); - logger('handle_tag: ' . print_r($success,tue)); + $success = handle_tag($a, $body, $access_tag, $str_tags, (local_user()) ? local_user() : $profile_uid , $tag); + logger('handle_tag: ' . print_r($success,tue), LOGGER_DEBUG); + if(($access_tag) && (! $parent_item)) { + logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DEBUG); + if(strpos($access_tag,'cid:') === 0) { + $str_contact_allow .= '<' . substr($access_tag,4) . '>'; + $access_tag = ''; + } + elseif(strpos($access_tag,'gid:') === 0) { + $str_group_allow .= '<' . substr($access_tag,4) . '>'; + $access_tag = ''; + } + } if($success['replaced']) { $tagged[] = $tag; @@ -602,7 +614,7 @@ function item_post(&$a) { $datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']); $datarray['author_xchan'] = $observer['xchan_hash']; - $datarray['created'] = datetime_convert(); + $datarray['created'] = $created; $datarray['edited'] = datetime_convert(); $datarray['expires'] = $expires; $datarray['commented'] = datetime_convert(); @@ -639,6 +651,7 @@ function item_post(&$a) { $datarray['owner'] = $owner_xchan; $datarray['author'] = $observer; + $datarray['attach'] = json_encode($datarray['attach']); $o = conversation($a,array($datarray),'search',false,'preview'); logger('preview: ' . $o, LOGGER_DEBUG); echo json_encode(array('preview' => $o)); @@ -875,14 +888,14 @@ function item_content(&$a) { * the appropiate link. * * @param unknown_type $body the text to replace the tag in - * @param unknown_type $inform a comma-seperated string containing everybody to inform + * @param unknown_type $access_tag - used to return tag ACL exclusions e.g. @!foo * @param unknown_type $str_tags string to add the tag to * @param unknown_type $profile_uid * @param unknown_type $tag the tag to replace * * @return boolean true if replaced, false if not replaced */ -function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { +function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { $replaced = false; $r = null; @@ -892,13 +905,14 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { //is it a hash tag? if(strpos($tag,'#') === 0) { - //if the tag is replaced... - if(strpos($tag,'[zrl=')) + // if the tag is replaced... + if(strpos($tag,'[zrl=')) { //...do nothing return $replaced; + } if($tag == '#getzot') { - $basetag = 'getzot'; - $url = 'http://getzot.com'; + $basetag = 'getzot'; + $url = 'https://redmatrix.me'; $newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]'; $body = str_replace($tag,$newtag,$body); $replaced = true; @@ -922,107 +936,105 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { } return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $basetag, 'url' => $url, 'contact' => $r[0]); } + //is it a person tag? if(strpos($tag,'@') === 0) { + $exclusive = ((strpos($tag,'!') === 1) ? true : false); //is it already replaced? if(strpos($tag,'[zrl=')) return $replaced; $stat = false; //get the person's name - $name = substr($tag,1); - //is it a link or a full dfrn address? - if((strpos($name,'@')) || (strpos($name,'http://'))) { - $newname = $name; - //get the profile links - $links = @lrdd($name); - if(count($links)) { - //for all links, collect how is to inform and how's profile is to link - foreach($links as $link) { - if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') - $profile = $link['@attributes']['href']; - if($link['@attributes']['rel'] === 'salmon') { - if(strlen($inform)) - $inform .= ','; - $inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']); - } - } + $name = substr($tag,(($exclusive) ? 2 : 1)); + $newname = $name; + $alias = ''; + $tagcid = 0; + + // is it some generated name? + + if(strrpos($newname,'+')) { + //get the id + $tagcid = intval(substr($newname,strrpos($newname,'+') + 1)); + //remove the next word from tag's name + if(strpos($name,' ')) { + $name = substr($name,0,strpos($name,' ')); } - } else { //if it is a name rather than an address - $newname = $name; - $alias = ''; - $tagcid = 0; - //is it some generated name? - if(strrpos($newname,'+')) { - //get the id - $tagcid = intval(substr($newname,strrpos($newname,'+') + 1)); - //remove the next word from tag's name - if(strpos($name,' ')) { - $name = substr($name,0,strpos($name,' ')); - } - } - if($tagcid) { //if there was an id - //select contact with that id from the logged in user's contact list + if($tagcid) { // if there was an id + // select channel with that id from the logged in user's address book $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($tagcid), intval($profile_uid) ); - } - else { - $newname = str_replace('_',' ',$name); + } + + else { + $newname = str_replace('_',' ',$name); + + //select someone from this user's contacts by name + $r = q("SELECT * FROM abook left join xchan on abook_xchan - xchan_hash + WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", + dbesc($newname), + intval($profile_uid) + ); - //select someone from this user's contacts by name + if(! $r) { + //select someone by attag or nick and the name passed in $r = q("SELECT * FROM abook left join xchan on abook_xchan - xchan_hash - WHERE xchan_name = '%s' AND abook_channel = %d LIMIT 1", - dbesc($newname), + WHERE xchan_addr like ('%s') AND abook_channel = %d LIMIT 1", + dbesc($newname . '@%'), intval($profile_uid) ); + } + } - if(! $r) { - //select someone by attag or nick and the name passed in -/* $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", - dbesc($name), - dbesc($name), - intval($profile_uid) - ); -*/ } + // $r is set, if someone could be selected + + if($r) { + $profile = $r[0]['xchan_url']; + $newname = $r[0]['xchan_name']; + //add person's id to $access_tag if exclusive + if($exclusive) { + $access_tag .= 'cid:' . $r[0]['xchan_hash']; } -/* } elseif(strstr($name,'_') || strstr($name,' ')) { //no id - //get the real name - $newname = str_replace('_',' ',$name); - //select someone from this user's contacts by name - $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", - dbesc($newname), - intval($profile_uid) - ); - } else { - //select someone by attag or nick and the name passed in - $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", - dbesc($name), - dbesc($name), - intval($profile_uid) - ); - }*/ - //$r is set, if someone could be selected - if($r) { - $profile = $r[0]['xchan_url']; - $newname = $r[0]['xchan_name']; - //add person's id to $inform - if(strlen($inform)) - $inform .= ','; - $inform .= 'cid:' . $r[0]['id']; + } + else { + // check for a group/collection exclusion tag + + // note that we aren't setting $replaced even though we're replacing text. + // This tag isn't going to get a term attached to it. It's only used for + // access control. The link points to out own channel just so it doesn't look + // weird - as all the other tags are linked to something. + + if(local_user() && local_user() == $profile_uid) { + require_once('include/group.php'); + $grp = group_byname($profile_uid,$name); + if($grp) { + $g = q("select hash from groups where id = %d and visible = 1 limit 1", + intval($grp[0]['id']) + ); + if($g && $exclusive) { + $access_tag .= 'gid:' . $g[0]['hash']; + } + $channel = get_app()->get_channel(); + if($channel) { + $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . z_root() . '/channel/' . $channel['channel_address'] . ']' . $newname . '[/zrl]'; + $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); + } + } } } + //if there is an url for this persons profile if(isset($profile)) { $replaced = true; //create profile link $profile = str_replace(',','%2c',$profile); $url = $profile; - $newtag = '@[zrl=' . $profile . ']' . $newname . '[/zrl]'; - $body = str_replace('@' . $name, $newtag, $body); + $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; + $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); //append tag to str_tags if(! stristr($str_tags,$newtag)) { if(strlen($str_tags)) @@ -1031,8 +1043,7 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { } } } - - return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]); + return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]); } @@ -1135,8 +1146,9 @@ function item_check_service_class($channel_id,$iswebpage) { if ($iswebpage) { $r = q("select count(i.id) as total from item i right join channel c on (i.author_xchan=c.channel_hash and i.uid=c.channel_id ) - and i.parent=i.id and (i.item_restrict & %d) and i.uid= %d ", + and i.parent=i.id and (i.item_restrict & %d) and not (i.item_restrict & %d) and i.uid= %d ", intval(ITEM_WEBPAGE), + intval(ITEM_DELETED), intval($channel_id) ); } |