diff options
Diffstat (limited to 'mod/photos.php')
-rw-r--r-- | mod/photos.php | 163 |
1 files changed, 98 insertions, 65 deletions
diff --git a/mod/photos.php b/mod/photos.php index 2af90610e..dc70e4f90 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -6,6 +6,7 @@ require_once('include/acl_selectors.php'); require_once('include/bbcode.php'); require_once('include/security.php'); require_once('include/Contact.php'); +require_once('include/attach.php'); require_once('include/text.php'); @@ -62,7 +63,7 @@ function photos_post(&$a) { $page_owner_uid = $a->data['channel']['channel_id']; - if(perm_is_allowed($page_owner_uid,get_observer_hash(),'post_photos')) + if(perm_is_allowed($page_owner_uid,get_observer_hash(),'write_storage')) $can_post = true; if(! $can_post) { @@ -106,11 +107,16 @@ function photos_post(&$a) { $newalbum = notags(trim($_REQUEST['albumname'])); if($newalbum != $album) { - $x = photos_album_rename($page_owner_uid,$album,$newalbum); - if($x) { - $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']); - goaway($a->get_baseurl() . '/' . $newurl); - } + + // @fixme - syncronise with DAV or disallow completely + + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + +// $x = photos_album_rename($page_owner_uid,$album,$newalbum); +// if($x) { +// $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']); +// goaway($a->get_baseurl() . '/' . $newurl); +// } } /* @@ -136,14 +142,14 @@ function photos_post(&$a) { goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); } - $r = q("select id, item_restrict from item where resource_id in ( $str ) and resource_type = 'photo' and uid = %d", + $r = q("select id from item where resource_id in ( $str ) and resource_type = 'photo' and uid = %d " . item_normal(), intval($page_owner_uid) ); if($r) { foreach($r as $i) { + attach_delete($page_owner_uid, $i['resource_id'], 1 ); drop_item($i['id'],false,DROPITEM_PHASE1,true /* force removal of linked items */); - if(! $item_restrict) - proc_run('php','include/notifier.php','drop',$i['id']); + proc_run('php','include/notifier.php','drop',$i['id']); } } @@ -152,6 +158,9 @@ function photos_post(&$a) { q("delete from photo where resource_id in ( $str ) and uid = %d", intval($page_owner_uid) ); + + // @FIXME do the same for the linked attach + } goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address']); @@ -176,24 +185,15 @@ function photos_post(&$a) { intval($page_owner_uid), dbesc($r[0]['resource_id']) ); + attach_delete($page_owner_uid, $r[0]['resource_id'], 1 ); + $i = q("SELECT * FROM `item` WHERE `resource_id` = '%s' AND resource_type = 'photo' and `uid` = %d LIMIT 1", dbesc($r[0]['resource_id']), intval($page_owner_uid) ); if(count($i)) { - q("UPDATE `item` SET item_restrict = (item_restrict | %d), `edited` = '%s', `changed` = '%s' WHERE `parent_mid` = '%s' AND `uid` = %d", - intval(ITEM_DELETED), - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc($i[0]['mid']), - intval($page_owner_uid) - ); - + drop_item($i[0]['id'],true,DROPITEM_PHASE1); $url = $a->get_baseurl(); - $drop_id = intval($i[0]['id']); - - if($i[0]['visible']) - proc_run('php',"include/notifier.php","drop","$drop_id"); } } @@ -207,7 +207,7 @@ function photos_post(&$a) { $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : ''); $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0); $albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : ''); - $adult = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0); + $is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0); $str_group_allow = perms2str($_POST['group_allow']); $str_contact_allow = perms2str($_POST['contact_allow']); $str_group_deny = perms2str($_POST['group_deny']); @@ -282,9 +282,8 @@ function photos_post(&$a) { if($p) { $ext = $phototypes[$p[0]['type']]; - $r = q("UPDATE `photo` SET `description` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", + $r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), - dbesc($albname), dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), @@ -296,10 +295,10 @@ function photos_post(&$a) { $item_private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false); - $old_adult = (($p[0]['photo_flags'] & PHOTO_ADULT) ? 1 : 0); - if($old_adult != $adult) { - $r = q("update photo set photo_flags = ( photo_flags ^ %d) where resource_id = '%s' and uid = %d", - intval(PHOTO_ADULT), + $old_is_nsfw = $p[0]['is_nsfw']; + if($old_is_nsfw != $is_nsfw) { + $r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d", + intval($is_nsfw), dbesc($resource_id), intval($page_owner_uid) ); @@ -340,6 +339,17 @@ function photos_post(&$a) { intval($item_id) ); + // make sure the attach has the same permissions as the photo regardless of any other changes + $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + dbesc($resource_id), + intval($page_owner_uid) + ); + + if(strlen($rawtags)) { @@ -406,6 +416,7 @@ function photos_post(&$a) { $observer = $a->data['observer']; $_REQUEST['source'] = 'photos'; + require_once('include/attach.php'); if(!local_channel()) { $_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']); @@ -414,7 +425,7 @@ function photos_post(&$a) { $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); } - $r = photo_upload($channel, $observer, $_REQUEST); + $r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST); if(! $r['success']) { notice($r['message'] . EOL); @@ -468,7 +479,12 @@ function photos_content(&$a) { $datatype = argv(2); $datum = argv(3); } else { - $datatype = 'summary'; + if(argc() > 2) { + $datatype = argv(2); + $datum = ''; + } + else + $datatype = 'summary'; } if(argc() > 4) @@ -489,8 +505,8 @@ function photos_content(&$a) { $observer = $a->get_observer(); - $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_photos'); - $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_photos'); + $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'write_storage'); + $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_storage'); if(! $can_view) { notice( t('Access to this item is restricted.') . EOL); @@ -557,14 +573,22 @@ function photos_content(&$a) { $albums = ((array_key_exists('albums', $a->data)) ? $a->data['albums'] : photos_albums_list($a->data['channel'],$a->data['observer'])); + if(! $selname) { + $def_album = get_pconfig($a->data['channel']['channel_id'],'system','photo_path'); + if($def_album) { + $selname = filepath_macro($def_album); + $albums['album'][] = array('text' => $selname); + } + } + $tpl = get_markup_template('photos_upload.tpl'); $upload_form = replace_macros($tpl,array( '$pagename' => t('Upload Photos'), '$sessid' => session_id(), '$usage' => $usage_message, '$nickname' => $a->data['channel']['channel_address'], - '$newalbum_label' => t('Enter a new album name'), - '$newalbum_placeholder' => t('or select an existing one (doubleclick)'), + '$newalbum_label' => t('Enter an album name'), + '$newalbum_placeholder' => t('or select an existing album (doubleclick)'), '$visible' => array('visible', t('Create a status post for this upload'), 0, '', array(t('No'), t('Yes'))), '$albums' => $albums['albums'], '$selname' => $selname, @@ -590,22 +614,23 @@ function photos_content(&$a) { if($datatype === 'album') { - - - if((strlen($datum) & 1) || (! ctype_xdigit($datum))) { - notice( t('Album name could not be decoded') . EOL); - logger('mod_photos: illegal album encoding: ' . $datum); - $datum = ''; + if(strlen($datum)) { + if((strlen($datum) & 1) || (! ctype_xdigit($datum))) { + notice( t('Album name could not be decoded') . EOL); + logger('mod_photos: illegal album encoding: ' . $datum); + $datum = ''; + } } - $album = hex2bin($datum); + $album = (($datum) ? hex2bin($datum) : ''); $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` <= 4 and ((photo_flags = %d) or (photo_flags & %d ) > 0) $sql_extra GROUP BY `resource_id`", + AND `scale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), - intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE) + intval(PHOTO_PROFILE), + intval($unsafe) ); if(count($r)) { $a->set_pager_total(count($r)); @@ -621,13 +646,14 @@ function photos_content(&$a) { $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN - (SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND (photo_flags = %d or photo_flags = %d ) $sql_extra GROUP BY resource_id) ph + (SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph ON (p.resource_id = ph.resource_id AND p.scale = ph.scale) ORDER BY created $order LIMIT %d OFFSET %d", intval($owner_uid), dbesc($album), - intvaL(PHOTO_NORMAL), - intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE), + intval(PHOTO_NORMAL), + intval(PHOTO_PROFILE), + intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start']) ); @@ -643,17 +669,21 @@ function photos_content(&$a) { $album_e = $album; } $albums = ((array_key_exists('albums', $a->data)) ? $a->data['albums'] : photos_albums_list($a->data['channel'],$a->data['observer'])); - $edit_tpl = get_markup_template('album_edit.tpl'); - $album_edit = replace_macros($edit_tpl,array( - '$nametext' => t('Enter a new album name'), - '$name_placeholder' => t('or select an existing one (doubleclick)'), - '$nickname' => $a->data['channel']['channel_address'], - '$album' => $album_e, - '$albums' => $albums['albums'], - '$hexalbum' => bin2hex($album), - '$submit' => t('Submit'), - '$dropsubmit' => t('Delete Album') - )); + + // @fixme - syncronise actions with DAV + +// $edit_tpl = get_markup_template('album_edit.tpl'); +// $album_edit = replace_macros($edit_tpl,array( +// '$nametext' => t('Enter a new album name'), +// '$name_placeholder' => t('or select an existing one (doubleclick)'), +// '$nickname' => $a->data['channel']['channel_address'], +// '$album' => $album_e, +// '$albums' => $albums['albums'], +// '$hexalbum' => bin2hex($album), +// '$submit' => t('Submit'), +// '$dropsubmit' => t('Delete Album') +// )); + } } @@ -743,7 +773,7 @@ function photos_content(&$a) { // fetch image, item containing image, then comments - $ph = q("SELECT aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,profile,photo_flags,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' + $ph = q("SELECT aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' $sql_extra ORDER BY `scale` ASC ", intval($owner_uid), dbesc($datum) @@ -863,9 +893,10 @@ function photos_content(&$a) { $linked_items = fetch_post_tags($linked_items,true); $link_item = $linked_items[0]; + $item_normal = item_normal(); $r = q("select * from item where parent_mid = '%s' - and item_restrict = 0 and uid = %d $sql_extra ", + $item_normal and uid = %d $sql_extra ", dbesc($link_item['mid']), intval($link_item['uid']) @@ -891,7 +922,7 @@ function photos_content(&$a) { } if((local_channel()) && (local_channel() == $link_item['uid'])) { - q("UPDATE `item` SET item_unseen = 0 WHERE item_unseen = 1 AND parent = %d AND uid = %d ", + q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", intval($link_item['parent']), intval(local_channel()) ); @@ -937,7 +968,7 @@ function photos_content(&$a) { 'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'), 'item_id' => ((count($linked_items)) ? $link_item['id'] : 0), 'adult_enabled' => feature_enabled($owner_uid,'adult_photo_flagging'), - 'adult' => array('adult',t('Flag as adult in album view'), (($ph[0]['photo_flags'] & PHOTO_ADULT) ? 1 : 0),''), + 'adult' => array('adult',t('Flag as adult in album view'), intval($ph[0]['is_nsfw']),''), 'submit' => t('Submit'), 'delete' => t('Delete Photo') ); @@ -1163,12 +1194,13 @@ function photos_content(&$a) { //$o = ''; $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' - and ((photo_flags = %d) or (photo_flags & %d) > 0) $sql_extra GROUP BY `resource_id`", + and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc( t('Contact Photos')), intval(PHOTO_NORMAL), - intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE) + intval(PHOTO_PROFILE), + intval($unsafe) ); if(count($r)) { $a->set_pager_total(count($r)); @@ -1178,13 +1210,14 @@ function photos_content(&$a) { $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.album, p.scale, p.created FROM photo p INNER JOIN (SELECT resource_id, max(scale) scale FROM photo WHERE uid=%d AND album != '%s' AND album != '%s' - AND (photo_flags = %d or ( photo_flags & %d ) > 0 ) $sql_extra group by resource_id) ph + AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra group by resource_id) ph ON (p.resource_id = ph.resource_id and p.scale = ph.scale) ORDER by p.created DESC LIMIT %d OFFSET %d", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc( t('Contact Photos')), intval(PHOTO_NORMAL), - intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE), + intval(PHOTO_PROFILE), + intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start']) ); |