aboutsummaryrefslogtreecommitdiffstats
path: root/mod/photos.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/photos.php')
-rw-r--r--mod/photos.php53
1 files changed, 25 insertions, 28 deletions
diff --git a/mod/photos.php b/mod/photos.php
index dc70e4f90..d06a8e69c 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -85,6 +85,7 @@ function photos_post(&$a) {
$owner_record = $s[0];
+ $acl = AccessList($a->data['channel']);
if((argc() > 3) && (argv(2) === 'album')) {
@@ -200,6 +201,7 @@ function photos_post(&$a) {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
}
+
if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
@@ -208,10 +210,9 @@ function photos_post(&$a) {
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
$albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
$is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
- $str_group_allow = perms2str($_POST['group_allow']);
- $str_contact_allow = perms2str($_POST['contact_allow']);
- $str_group_deny = perms2str($_POST['group_deny']);
- $str_contact_deny = perms2str($_POST['contact_deny']);
+
+ $acl->set_from_array($_POST);
+ $perm = $acl->get();
$resource_id = $a->argv[2];
@@ -284,10 +285,10 @@ function photos_post(&$a) {
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
dbesc($desc),
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -331,20 +332,20 @@ function photos_post(&$a) {
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
where id = %d",
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
- intval($item_private),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
+ intval($acl->is_private()),
intval($item_id)
);
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -418,11 +419,11 @@ function photos_post(&$a) {
$_REQUEST['source'] = 'photos';
require_once('include/attach.php');
- if(!local_channel()) {
+ if(! local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
- $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
- $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
- $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
+ $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
+ $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
+ $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST);
@@ -557,14 +558,10 @@ function photos_content(&$a) {
if($_is_owner) {
$channel = $a->get_channel();
- $channel_acl = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $channel_acl = $acl->get();
- $lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock');
+ $lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
}
$aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : '');