aboutsummaryrefslogtreecommitdiffstats
path: root/mod/photos.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/photos.php')
-rw-r--r--mod/photos.php58
1 files changed, 31 insertions, 27 deletions
diff --git a/mod/photos.php b/mod/photos.php
index 8eee95075..0a3d6c704 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -206,6 +206,7 @@ function photos_post(&$a) {
$rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
$albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
+ $adult = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
@@ -273,13 +274,13 @@ function photos_post(&$a) {
}
}
- $p = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `uid` = %d and ( photo_flags = %d or photo_flags = %d ) ORDER BY `scale` DESC",
+ $p = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `uid` = %d and ((photo_flags = %d) or (photo_flags & %d )) ORDER BY `scale` DESC",
dbesc($resource_id),
intval($page_owner_uid),
intval(PHOTO_NORMAL),
intval(PHOTO_PROFILE)
);
- if(count($p)) {
+ if($p) {
$ext = $phototypes[$p[0]['type']];
$r = q("UPDATE `photo` SET `description` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
@@ -296,6 +297,14 @@ function photos_post(&$a) {
$item_private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false);
+ $old_adult = (($p[0]['photo_flags'] & PHOTO_ADULT) ? 1 : 0);
+ if($old_adult != $adult) {
+ $r = q("update photo set photo_flags = ( photo_flags ^ %d) where resource_id = '%s' and uid = %d",
+ intval(PHOTO_ADULT),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ }
/* Don't make the item visible if the only change was the album name */
@@ -450,8 +459,9 @@ function photos_content(&$a) {
notice( t('Public access denied.') . EOL);
return;
}
-
-
+
+ $unsafe = ((array_key_exists('unsafe',$_REQUEST) && $_REQUEST['unsafe']) ? 1 : 0);
+
require_once('include/bbcode.php');
require_once('include/security.php');
require_once('include/conversation.php');
@@ -598,6 +608,8 @@ function photos_content(&$a) {
if($datatype === 'album') {
+
+
if((strlen($datum) & 1) || (! ctype_xdigit($datum))) {
notice( t('Album name could not be decoded') . EOL);
logger('mod_photos: illegal album encoding: ' . $datum);
@@ -607,11 +619,11 @@ function photos_content(&$a) {
$album = hex2bin($datum);
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
- AND `scale` <= 4 and (photo_flags = %d or photo_flags = %d ) $sql_extra GROUP BY `resource_id`",
+ AND `scale` <= 4 and ((photo_flags = %d) or (photo_flags & %d )) $sql_extra GROUP BY `resource_id`",
intval($owner_uid),
dbesc($album),
intval(PHOTO_NORMAL),
- intval(PHOTO_PROFILE)
+ intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE)
);
if(count($r)) {
$a->set_pager_total(count($r));
@@ -626,11 +638,11 @@ function photos_content(&$a) {
$order = 'DESC';
$r = q("SELECT `resource_id`, `id`, `filename`, type, max(`scale`) AS `scale`, `description` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
- AND `scale` <= 4 and (photo_flags = %d or photo_flags = %d ) $sql_extra GROUP BY `resource_id` ORDER BY `created` $order LIMIT %d , %d",
+ AND `scale` <= 4 and ((photo_flags = %d) or (photo_flags & %d )) $sql_extra GROUP BY `resource_id` ORDER BY `created` $order LIMIT %d , %d",
intval($owner_uid),
dbesc($album),
intvaL(PHOTO_NORMAL),
- intval(PHOTO_PROFILE),
+ intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
@@ -750,25 +762,18 @@ function photos_content(&$a) {
// fetch image, item containing image, then comments
$ph = q("SELECT aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,profile,photo_flags,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s'
- and (photo_flags = %d or photo_flags = %d ) $sql_extra ORDER BY `scale` ASC ",
+ $sql_extra ORDER BY `scale` ASC ",
intval($owner_uid),
- dbesc($datum),
- intval(PHOTO_NORMAL),
- intval(PHOTO_PROFILE)
-
+ dbesc($datum)
);
if(! $ph) {
/* Check again - this time without specifying permissions */
- $ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s'
- and ( photo_flags = %d or photo_flags = %d )
- LIMIT 1",
+ $ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' LIMIT 1",
intval($owner_uid),
- dbesc($datum),
- intval(PHOTO_NORMAL),
- intval(PHOTO_PROFILE)
+ dbesc($datum)
);
if($ph)
notice( t('Permission denied. Access to this item may be restricted.') . EOL);
@@ -789,11 +794,9 @@ function photos_content(&$a) {
$prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0
- and ( photo_flags = %d or photo_flags = %d ) $sql_extra ORDER BY `created` $order ",
+ $sql_extra ORDER BY `created` $order ",
dbesc($ph[0]['album']),
- intval($owner_uid),
- intval(PHOTO_NORMAL),
- intval(PHOTO_PROFILE)
+ intval($owner_uid)
);
if(count($prvnxt)) {
@@ -946,6 +949,7 @@ function photos_content(&$a) {
'aclselect' => $aclselect_e,
'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'),
'item_id' => ((count($linked_items)) ? $link_item['id'] : 0),
+ 'adult' => array('adult',t('Flag as adult in album view'), (($ph[0]['photo_flags'] & PHOTO_ADULT) ? 1 : 0),''),
'submit' => t('Submit'),
'delete' => t('Delete Photo')
);
@@ -1153,12 +1157,12 @@ function photos_content(&$a) {
//$o = '';
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
- and ( photo_flags = %d or photo_flags = %d ) $sql_extra GROUP BY `resource_id`",
+ and ((photo_flags = %d) or (photo_flags & %d)) $sql_extra GROUP BY `resource_id`",
intval($a->data['channel']['channel_id']),
dbesc('Contact Photos'),
dbesc( t('Contact Photos')),
intval(PHOTO_NORMAL),
- intval(PHOTO_PROFILE)
+ intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE)
);
if(count($r)) {
$a->set_pager_total(count($r));
@@ -1167,13 +1171,13 @@ function photos_content(&$a) {
$r = q("SELECT `resource_id`, `id`, `filename`, type, `album`, max(`scale`) AS `scale` FROM `photo`
WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
- and ( photo_flags = %d or photo_flags = %d )
+ and ( (photo_flags = %d) or (photo_flags & %d ))
$sql_extra GROUP BY `resource_id` ORDER BY `created` DESC LIMIT %d , %d",
intval($a->data['channel']['channel_id']),
dbesc('Contact Photos'),
dbesc( t('Contact Photos')),
intval(PHOTO_NORMAL),
- intval(PHOTO_PROFILE),
+ intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);