diff options
Diffstat (limited to 'mod/rpost.php')
| -rw-r--r-- | mod/rpost.php | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/mod/rpost.php b/mod/rpost.php new file mode 100644 index 000000000..309208870 --- /dev/null +++ b/mod/rpost.php @@ -0,0 +1,136 @@ +<?php /** @file */ + +require_once('acl_selectors.php'); +require_once('include/crypto.php'); +require_once('include/items.php'); +require_once('include/taxonomy.php'); +require_once('include/conversation.php'); +require_once('include/zot.php'); + +/** + * remote post + * + * https://yoursite/rpost?f=&title=&body=&remote_return= + * + * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length + * + * f= placeholder, often required + * title= Title of post + * body= Body of post + * source= Source application + * remote_return= absolute URL to return after posting is finished + * type= choices are 'html' or 'bbcode', default is 'bbcode' + * + */ + + + +function rpost_content(&$a) { + + $o = ''; + + if(! local_user()) { + if(remote_user()) { + // redirect to your own site. + // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated + // by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin + // blocks them. + + $url = get_rpost_path($a->get_observer()); + // make sure we're not looping to our own hub + if(($url) && (! stristr($url, $a->get_hostname()))) { + foreach($_REQUEST as $key => $arg) { + $url .= '&' . $key . '=' . $arg; + } + goaway($url); + } + } + + // The login procedure is going to bugger our $_REQUEST variables + // so save them in the session. + + if(array_key_exists('body',$_REQUEST)) { + $_SESSION['rpost'] = $_REQUEST; + } + return login(); + } + + // If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables + + if((! array_key_exists('body',$_REQUEST)) && (array_key_exists('rpost',$_SESSION))) { + $_REQUEST = $_SESSION['rpost']; + unset($_SESSION['rpost']); + } + + if(array_key_exists('channel',$_REQUEST)) { + $r = q("select channel_id from channel where channel_account_id = %d and channel_address = '%s' limit 1", + intval(get_account_id()), + dbesc($_REQUEST['channel']) + ); + if($r) { + require_once('include/security.php'); + $change = change_channel($r[0]['channel_id']); + } + } + + if($_REQUEST['remote_return']) { + $_SESSION['remote_return'] = $_REQUEST['remote_return']; + } + if(argc() > 1 && argv(1) === 'return') { + if($_SESSION['remote_return']) + goaway($_SESSION['remote_return']); + goaway(z_root() . '/network'); + } + + $plaintext = true; + if(feature_enabled(local_user(),'richtext')) + $plaintext = false; + + if(array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') { + require_once('include/html2bbcode.php'); + $_REQUEST['body'] = html2bbcode($_REQUEST['body']); + } + + $channel = $a->get_channel(); + + $o .= replace_macros(get_markup_template('edpost_head.tpl'), array( + '$title' => t('Edit post') + )); + + +// $a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array( +// '$baseurl' => $a->get_baseurl(), +// '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), +// '$ispublic' => ' ', // t('Visible to <strong>everybody</strong>'), +// '$geotag' => $geotag, +// '$nickname' => $channel['channel_address'] +// )); + + + + $x = array( + 'is_owner' => true, + 'allow_location' => ((intval(get_pconfig($channel['channel_id'],'system','use_browser_location'))) ? '1' : ''), + 'default_location' => $channel['channel_location'], + 'nickname' => $channel['channel_address'], + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] + || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'acl' => populate_acl($channel, $false), + 'bang' => '', +// 'channel_select' => true, + 'visitor' => true, + 'profile_uid' => local_user(), + 'title' => $_REQUEST['title'], + 'body' => $_REQUEST['body'], + 'source' => ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''), + 'return_path' => 'rpost/return' + ); + + + $o .= status_editor($a,$x); + + return $o; + +} + + |