diff options
Diffstat (limited to 'mod/thing.php')
-rw-r--r-- | mod/thing.php | 118 |
1 files changed, 65 insertions, 53 deletions
diff --git a/mod/thing.php b/mod/thing.php index c6b70fbb4..78fbf396c 100644 --- a/mod/thing.php +++ b/mod/thing.php @@ -5,8 +5,9 @@ */ require_once('include/items.php'); +require_once('include/security.php'); require_once('include/contact_selectors.php'); - +require_once('include/acl_selectors.php'); function thing_init(&$a) { @@ -65,28 +66,44 @@ function thing_init(&$a) { if((! $name) || (! $translated_verb)) return; + $acl = new AccessList($channel); + + if(array_key_exists('contact_allow',$_REQUEST) + || array_key_exists('group_allow',$_REQUEST) + || array_key_exists('contact_deny',$_REQUEST) + || array_key_exists('group_deny',$_REQUEST)) { + $acl->set_from_array($_REQUEST); + } + + $x = $acl->get(); + if($term_hash) { - $t = q("select * from obj left join term on obj_obj = term_hash where term_hash != '' and obj_type = %d and term_hash = '%s' limit 1", - intval(TERM_OBJ_THING), - dbesc($term_hash) + $t = q("select * from obj where obj_obj = '%s' and obj_channel = %d limit 1", + dbesc($term_hash), + intval(local_channel()) ); if(! $t) { notice( t('Item not found.') . EOL); return; } $orig_record = $t[0]; - if($photo != $orig_record['imgurl']) { + if($photo != $orig_record['obj_imgurl']) { $arr = import_profile_photo($photo,get_observer_hash(),true); $local_photo = $arr[0]; $local_photo_type = $arr[3]; } else - $local_photo = $orig_record['imgurl']; + $local_photo = $orig_record['obj_imgurl']; - $r = q("update term set term = '%s', url = '%s', imgurl = '%s' where term_hash = '%s' and uid = %d", + $r = q("update obj set obj_term = '%s', obj_url = '%s', obj_imgurl = '%s', obj_edited = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where obj_obj = '%s' and obj_channel = %d ", dbesc($name), dbesc(($url) ? $url : z_root() . '/thing/' . $term_hash), dbesc($local_photo), + dbesc(datetime_convert()), + dbesc($x['allow_cid']), + dbesc($x['allow_gid']), + dbesc($x['deny_cid']), + dbesc($x['deny_gid']), dbesc($term_hash), intval(local_channel()) ); @@ -113,40 +130,24 @@ function thing_init(&$a) { $local_photo_type = $arr[3]; } - $r = q("select * from term where uid = %d and otype = %d and type = %d and term = '%s' limit 1", - intval(local_channel()), - intval(TERM_OBJ_THING), - intval(TERM_THING), - dbesc($name) - ); - if(! $r) { - $r = q("insert into term ( aid, uid, oid, otype, type, term, url, imgurl, term_hash ) - values( %d, %d, %d, %d, %d, '%s', '%s', '%s', '%s' ) ", - intval($account_id), - intval(local_channel()), - 0, - intval(TERM_OBJ_THING), - intval(TERM_THING), - dbesc($name), - dbesc(($url) ? $url : z_root() . '/thing/' . $hash), - dbesc(($photo) ? $local_photo : ''), - dbesc($hash) - ); - $r = q("select * from term where uid = %d and otype = %d and type = %d and term = '%s' limit 1", - intval(local_channel()), - intval(TERM_OBJ_THING), - intval(TERM_THING), - dbesc($name) - ); - } - $term = $r[0]; + $created = datetime_convert(); + $url = (($url) ? $url : z_root() . '/thing/' . $hash); - $r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj) values ('%s','%s', %d, %d, '%s') ", + $r = q("insert into obj ( obj_page, obj_verb, obj_type, obj_channel, obj_obj, obj_term, obj_url, obj_imgurl, obj_created, obj_edited, allow_cid, allow_gid, deny_cid, deny_gid ) values ('%s','%s', %d, %d, '%s','%s','%s','%s','%s','%s','%s','%s','%s','%s') ", dbesc($profile['profile_guid']), dbesc($verb), intval(TERM_OBJ_THING), intval(local_channel()), - dbesc($term['term_hash']) + dbesc($hash), + dbesc($name), + dbesc($url), + dbesc(($photo) ? $local_photo : ''), + dbesc($created), + dbesc($created), + dbesc($x['allow_cid']), + dbesc($x['allow_gid']), + dbesc($x['deny_cid']), + dbesc($x['deny_gid']) ); if(! $r) { @@ -155,10 +156,10 @@ function thing_init(&$a) { } info( t('Thing added')); - + if($activity) { $arr = array(); - $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $term['url'])); + $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $url)); if($local_photo) $links[] = array('rel' => 'photo', 'type' => $local_photo_type, 'href' => $local_photo); @@ -166,10 +167,10 @@ function thing_init(&$a) { $obj = json_encode(array( 'type' => $objtype, - 'id' => $term['url'], + 'id' => $url, 'link' => $links, - 'title' => $term['term'], - 'content' => $term['term'] + 'title' => $name, + 'content' => $name )); $bodyverb = str_replace('OBJ: ', '',t('OBJ: %1$s %2$s %3$s')); @@ -177,10 +178,12 @@ function thing_init(&$a) { $arr['owner_xchan'] = $channel['channel_hash']; $arr['author_xchan'] = $channel['channel_hash']; - $arr['item_flags'] = ITEM_ORIGIN|ITEM_WALL|ITEM_THREAD_TOP; + $arr['item_origin'] = 1; + $arr['item_wall'] = 1; + $arr['item_thread_top'] = 1; $ulink = '[zrl=' . $channel['xchan_url'] . ']' . $channel['channel_name'] . '[/zrl]'; - $plink = '[zrl=' . $term['url'] . ']' . $term['term'] . '[/zrl]'; + $plink = '[zrl=' . $url . ']' . $name . '[/zrl]'; $arr['body'] = sprintf( $bodyverb, $ulink, $translated_verb, $plink ); @@ -216,7 +219,9 @@ function thing_content(&$a) { if(argc() == 2) { - $r = q("select * from obj left join term on obj_obj = term_hash where term_hash != '' and obj_type = %d and term_hash = '%s' limit 1", + $sql_extra = permissions_sql(); + + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' $sql_extra limit 1", intval(TERM_OBJ_THING), dbesc(argv(1)) ); @@ -242,12 +247,17 @@ function thing_content(&$a) { return; } + $acl = new AccessList($channel); + $channel_acl = $acl->get(); + + $lockstate = (($acl->is_private()) ? 'lock' : 'unlock'); + $thing_hash = ''; if(argc() == 3 && argv(1) === 'edit') { $thing_hash = argv(2); - $r = q("select * from obj left join term on obj_obj = term_hash where term_hash != '' and obj_type = %d and term_hash = '%s' limit 1", + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc($thing_hash) ); @@ -267,11 +277,14 @@ function thing_content(&$a) { '$activity' => array('activity',t('Post an activity'),true,t('Only sends to viewers of the applicable profile')), '$thing_hash' => $thing_hash, '$thing_lbl' => t('Name of thing e.g. something'), - '$thething' => $r[0]['term'], + '$thething' => $r[0]['obj_term'], '$url_lbl' => t('URL of thing (optional)'), - '$theurl' => $r[0]['url'], + '$theurl' => $r[0]['obj_url'], '$img_lbl' => t('URL for photo of thing (optional)'), - '$imgurl' => $r[0]['imgurl'], + '$imgurl' => $r[0]['obj_imgurl'], + '$permissions' => t('Permissions'), + '$aclselect' => populate_acl($channel_acl,false), + '$lockstate' => $lockstate, '$submit' => t('Submit') )); @@ -281,7 +294,7 @@ function thing_content(&$a) { if(argc() == 3 && argv(1) === 'drop') { $thing_hash = argv(2); - $r = q("select * from obj left join term on obj_obj = term_hash where term_hash != '' and obj_type = %d and term_hash = '%s' limit 1", + $r = q("select * from obj where obj_type = %d and obj_obj = '%s' limit 1", intval(TERM_OBJ_THING), dbesc($thing_hash) ); @@ -296,10 +309,6 @@ function thing_content(&$a) { intval(TERM_OBJ_THING), intval(local_channel()) ); - $x = q("delete from term where term_hash = '%s' and uid = %d", - dbesc($thing_hash), - intval(local_channel()) - ); return $o; } @@ -315,6 +324,9 @@ function thing_content(&$a) { '$thing_lbl' => t('Name of thing e.g. something'), '$url_lbl' => t('URL of thing (optional)'), '$img_lbl' => t('URL for photo of thing (optional)'), + '$permissions' => t('Permissions'), + '$aclselect' => populate_acl($channel_acl,false), + '$lockstate' => $lockstate, '$submit' => t('Submit') )); |