aboutsummaryrefslogtreecommitdiffstats
path: root/mod/photos.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/photos.php')
-rw-r--r--mod/photos.php210
1 files changed, 120 insertions, 90 deletions
diff --git a/mod/photos.php b/mod/photos.php
index 2af90610e..cd293b39d 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -6,6 +6,7 @@ require_once('include/acl_selectors.php');
require_once('include/bbcode.php');
require_once('include/security.php');
require_once('include/Contact.php');
+require_once('include/attach.php');
require_once('include/text.php');
@@ -62,7 +63,7 @@ function photos_post(&$a) {
$page_owner_uid = $a->data['channel']['channel_id'];
- if(perm_is_allowed($page_owner_uid,get_observer_hash(),'post_photos'))
+ if(perm_is_allowed($page_owner_uid,get_observer_hash(),'write_storage'))
$can_post = true;
if(! $can_post) {
@@ -84,6 +85,7 @@ function photos_post(&$a) {
$owner_record = $s[0];
+ $acl = new AccessList($a->data['channel']);
if((argc() > 3) && (argv(2) === 'album')) {
@@ -106,11 +108,16 @@ function photos_post(&$a) {
$newalbum = notags(trim($_REQUEST['albumname']));
if($newalbum != $album) {
- $x = photos_album_rename($page_owner_uid,$album,$newalbum);
- if($x) {
- $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
- goaway($a->get_baseurl() . '/' . $newurl);
- }
+
+ // @fixme - syncronise with DAV or disallow completely
+
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+
+// $x = photos_album_rename($page_owner_uid,$album,$newalbum);
+// if($x) {
+// $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
+// goaway($a->get_baseurl() . '/' . $newurl);
+// }
}
/*
@@ -136,14 +143,14 @@ function photos_post(&$a) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
- $r = q("select id, item_restrict from item where resource_id in ( $str ) and resource_type = 'photo' and uid = %d",
+ $r = q("select id from item where resource_id in ( $str ) and resource_type = 'photo' and uid = %d " . item_normal(),
intval($page_owner_uid)
);
if($r) {
foreach($r as $i) {
+ attach_delete($page_owner_uid, $i['resource_id'], 1 );
drop_item($i['id'],false,DROPITEM_PHASE1,true /* force removal of linked items */);
- if(! $item_restrict)
- proc_run('php','include/notifier.php','drop',$i['id']);
+ proc_run('php','include/notifier.php','drop',$i['id']);
}
}
@@ -152,6 +159,9 @@ function photos_post(&$a) {
q("delete from photo where resource_id in ( $str ) and uid = %d",
intval($page_owner_uid)
);
+
+ // @FIXME do the same for the linked attach
+
}
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address']);
@@ -176,30 +186,22 @@ function photos_post(&$a) {
intval($page_owner_uid),
dbesc($r[0]['resource_id'])
);
+ attach_delete($page_owner_uid, $r[0]['resource_id'], 1 );
+
$i = q("SELECT * FROM `item` WHERE `resource_id` = '%s' AND resource_type = 'photo' and `uid` = %d LIMIT 1",
dbesc($r[0]['resource_id']),
intval($page_owner_uid)
);
if(count($i)) {
- q("UPDATE `item` SET item_restrict = (item_restrict | %d), `edited` = '%s', `changed` = '%s' WHERE `parent_mid` = '%s' AND `uid` = %d",
- intval(ITEM_DELETED),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc($i[0]['mid']),
- intval($page_owner_uid)
- );
-
+ drop_item($i[0]['id'],true,DROPITEM_PHASE1);
$url = $a->get_baseurl();
- $drop_id = intval($i[0]['id']);
-
- if($i[0]['visible'])
- proc_run('php',"include/notifier.php","drop","$drop_id");
}
}
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
}
+
if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
@@ -207,11 +209,10 @@ function photos_post(&$a) {
$rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
$albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
- $adult = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
- $str_group_allow = perms2str($_POST['group_allow']);
- $str_contact_allow = perms2str($_POST['contact_allow']);
- $str_group_deny = perms2str($_POST['group_deny']);
- $str_contact_deny = perms2str($_POST['contact_deny']);
+ $is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
+
+ $acl->set_from_array($_POST);
+ $perm = $acl->get();
$resource_id = $a->argv[2];
@@ -282,13 +283,12 @@ function photos_post(&$a) {
if($p) {
$ext = $phototypes[$p[0]['type']];
- $r = q("UPDATE `photo` SET `description` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
+ $r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
dbesc($desc),
- dbesc($albname),
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -296,10 +296,10 @@ function photos_post(&$a) {
$item_private = (($str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny) ? true : false);
- $old_adult = (($p[0]['photo_flags'] & PHOTO_ADULT) ? 1 : 0);
- if($old_adult != $adult) {
- $r = q("update photo set photo_flags = ( photo_flags ^ %d) where resource_id = '%s' and uid = %d",
- intval(PHOTO_ADULT),
+ $old_is_nsfw = $p[0]['is_nsfw'];
+ if($old_is_nsfw != $is_nsfw) {
+ $r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d",
+ intval($is_nsfw),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -332,14 +332,25 @@ function photos_post(&$a) {
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
where id = %d",
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
- intval($item_private),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
+ intval($acl->is_private()),
intval($item_id)
);
+ // make sure the attach has the same permissions as the photo regardless of any other changes
+ $x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+
+
if(strlen($rawtags)) {
@@ -406,15 +417,16 @@ function photos_post(&$a) {
$observer = $a->data['observer'];
$_REQUEST['source'] = 'photos';
+ require_once('include/attach.php');
- if(!local_channel()) {
+ if(! local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
- $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
- $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
- $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
+ $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
+ $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
+ $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
- $r = photo_upload($channel, $observer, $_REQUEST);
+ $r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST);
if(! $r['success']) {
notice($r['message'] . EOL);
@@ -468,7 +480,12 @@ function photos_content(&$a) {
$datatype = argv(2);
$datum = argv(3);
} else {
- $datatype = 'summary';
+ if(argc() > 2) {
+ $datatype = argv(2);
+ $datum = '';
+ }
+ else
+ $datatype = 'summary';
}
if(argc() > 4)
@@ -489,8 +506,8 @@ function photos_content(&$a) {
$observer = $a->get_observer();
- $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'post_photos');
- $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_photos');
+ $can_post = perm_is_allowed($owner_uid,$observer['xchan_hash'],'write_storage');
+ $can_view = perm_is_allowed($owner_uid,$observer['xchan_hash'],'view_storage');
if(! $can_view) {
notice( t('Access to this item is restricted.') . EOL);
@@ -541,14 +558,10 @@ function photos_content(&$a) {
if($_is_owner) {
$channel = $a->get_channel();
- $channel_acl = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $channel_acl = $acl->get();
- $lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock');
+ $lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
}
$aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : '');
@@ -557,14 +570,22 @@ function photos_content(&$a) {
$albums = ((array_key_exists('albums', $a->data)) ? $a->data['albums'] : photos_albums_list($a->data['channel'],$a->data['observer']));
+ if(! $selname) {
+ $def_album = get_pconfig($a->data['channel']['channel_id'],'system','photo_path');
+ if($def_album) {
+ $selname = filepath_macro($def_album);
+ $albums['album'][] = array('text' => $selname);
+ }
+ }
+
$tpl = get_markup_template('photos_upload.tpl');
$upload_form = replace_macros($tpl,array(
'$pagename' => t('Upload Photos'),
'$sessid' => session_id(),
'$usage' => $usage_message,
'$nickname' => $a->data['channel']['channel_address'],
- '$newalbum_label' => t('Enter a new album name'),
- '$newalbum_placeholder' => t('or select an existing one (doubleclick)'),
+ '$newalbum_label' => t('Enter an album name'),
+ '$newalbum_placeholder' => t('or select an existing album (doubleclick)'),
'$visible' => array('visible', t('Create a status post for this upload'), 0, '', array(t('No'), t('Yes'))),
'$albums' => $albums['albums'],
'$selname' => $selname,
@@ -590,22 +611,23 @@ function photos_content(&$a) {
if($datatype === 'album') {
-
-
- if((strlen($datum) & 1) || (! ctype_xdigit($datum))) {
- notice( t('Album name could not be decoded') . EOL);
- logger('mod_photos: illegal album encoding: ' . $datum);
- $datum = '';
+ if(strlen($datum)) {
+ if((strlen($datum) & 1) || (! ctype_xdigit($datum))) {
+ notice( t('Album name could not be decoded') . EOL);
+ logger('mod_photos: illegal album encoding: ' . $datum);
+ $datum = '';
+ }
}
- $album = hex2bin($datum);
+ $album = (($datum) ? hex2bin($datum) : '');
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
- AND `scale` <= 4 and ((photo_flags = %d) or (photo_flags & %d ) > 0) $sql_extra GROUP BY `resource_id`",
+ AND `scale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`",
intval($owner_uid),
dbesc($album),
intval(PHOTO_NORMAL),
- intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE)
+ intval(PHOTO_PROFILE),
+ intval($unsafe)
);
if(count($r)) {
$a->set_pager_total(count($r));
@@ -621,13 +643,14 @@ function photos_content(&$a) {
$r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN
- (SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND (photo_flags = %d or photo_flags = %d ) $sql_extra GROUP BY resource_id) ph
+ (SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY resource_id) ph
ON (p.resource_id = ph.resource_id AND p.scale = ph.scale)
ORDER BY created $order LIMIT %d OFFSET %d",
intval($owner_uid),
dbesc($album),
- intvaL(PHOTO_NORMAL),
- intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE),
+ intval(PHOTO_NORMAL),
+ intval(PHOTO_PROFILE),
+ intval($unsafe),
intval($a->pager['itemspage']),
intval($a->pager['start'])
);
@@ -643,17 +666,21 @@ function photos_content(&$a) {
$album_e = $album;
}
$albums = ((array_key_exists('albums', $a->data)) ? $a->data['albums'] : photos_albums_list($a->data['channel'],$a->data['observer']));
- $edit_tpl = get_markup_template('album_edit.tpl');
- $album_edit = replace_macros($edit_tpl,array(
- '$nametext' => t('Enter a new album name'),
- '$name_placeholder' => t('or select an existing one (doubleclick)'),
- '$nickname' => $a->data['channel']['channel_address'],
- '$album' => $album_e,
- '$albums' => $albums['albums'],
- '$hexalbum' => bin2hex($album),
- '$submit' => t('Submit'),
- '$dropsubmit' => t('Delete Album')
- ));
+
+ // @fixme - syncronise actions with DAV
+
+// $edit_tpl = get_markup_template('album_edit.tpl');
+// $album_edit = replace_macros($edit_tpl,array(
+// '$nametext' => t('Enter a new album name'),
+// '$name_placeholder' => t('or select an existing one (doubleclick)'),
+// '$nickname' => $a->data['channel']['channel_address'],
+// '$album' => $album_e,
+// '$albums' => $albums['albums'],
+// '$hexalbum' => bin2hex($album),
+// '$submit' => t('Submit'),
+// '$dropsubmit' => t('Delete Album')
+// ));
+
}
}
@@ -743,7 +770,7 @@ function photos_content(&$a) {
// fetch image, item containing image, then comments
- $ph = q("SELECT aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,profile,photo_flags,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s'
+ $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s'
$sql_extra ORDER BY `scale` ASC ",
intval($owner_uid),
dbesc($datum)
@@ -863,9 +890,10 @@ function photos_content(&$a) {
$linked_items = fetch_post_tags($linked_items,true);
$link_item = $linked_items[0];
+ $item_normal = item_normal();
$r = q("select * from item where parent_mid = '%s'
- and item_restrict = 0 and uid = %d $sql_extra ",
+ $item_normal and uid = %d $sql_extra ",
dbesc($link_item['mid']),
intval($link_item['uid'])
@@ -891,7 +919,7 @@ function photos_content(&$a) {
}
if((local_channel()) && (local_channel() == $link_item['uid'])) {
- q("UPDATE `item` SET item_unseen = 0 WHERE item_unseen = 1 AND parent = %d AND uid = %d ",
+ q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1",
intval($link_item['parent']),
intval(local_channel())
);
@@ -937,7 +965,7 @@ function photos_content(&$a) {
'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'),
'item_id' => ((count($linked_items)) ? $link_item['id'] : 0),
'adult_enabled' => feature_enabled($owner_uid,'adult_photo_flagging'),
- 'adult' => array('adult',t('Flag as adult in album view'), (($ph[0]['photo_flags'] & PHOTO_ADULT) ? 1 : 0),''),
+ 'adult' => array('adult',t('Flag as adult in album view'), intval($ph[0]['is_nsfw']),''),
'submit' => t('Submit'),
'delete' => t('Delete Photo')
);
@@ -1119,7 +1147,7 @@ function photos_content(&$a) {
$photo_tpl = get_markup_template('photo_view.tpl');
$o .= replace_macros($photo_tpl, array(
- '$id' => $link_item['id'], //$ph[0]['id'],
+ '$id' => $ph[0]['id'],
'$album' => $album_e,
'$tools' => $tools,
'$lock' => $lockstate[1],
@@ -1163,12 +1191,13 @@ function photos_content(&$a) {
//$o = '';
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
- and ((photo_flags = %d) or (photo_flags & %d) > 0) $sql_extra GROUP BY `resource_id`",
+ and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`",
intval($a->data['channel']['channel_id']),
dbesc('Contact Photos'),
dbesc( t('Contact Photos')),
intval(PHOTO_NORMAL),
- intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE)
+ intval(PHOTO_PROFILE),
+ intval($unsafe)
);
if(count($r)) {
$a->set_pager_total(count($r));
@@ -1178,13 +1207,14 @@ function photos_content(&$a) {
$r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.album, p.scale, p.created FROM photo p INNER JOIN
(SELECT resource_id, max(scale) scale FROM photo
WHERE uid=%d AND album != '%s' AND album != '%s'
- AND (photo_flags = %d or ( photo_flags & %d ) > 0 ) $sql_extra group by resource_id) ph
+ AND photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra group by resource_id) ph
ON (p.resource_id = ph.resource_id and p.scale = ph.scale) ORDER by p.created DESC LIMIT %d OFFSET %d",
intval($a->data['channel']['channel_id']),
dbesc('Contact Photos'),
dbesc( t('Contact Photos')),
intval(PHOTO_NORMAL),
- intval(($unsafe) ? (PHOTO_PROFILE|PHOTO_ADULT) : PHOTO_PROFILE),
+ intval(PHOTO_PROFILE),
+ intval($unsafe),
intval($a->pager['itemspage']),
intval($a->pager['start'])
);