aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/blocks.php160
-rw-r--r--mod/editblock.php197
-rw-r--r--mod/editlayout.php5
-rw-r--r--mod/editwebpage.php5
4 files changed, 211 insertions, 156 deletions
diff --git a/mod/blocks.php b/mod/blocks.php
index 3f2bef116..6237a645b 100644
--- a/mod/blocks.php
+++ b/mod/blocks.php
@@ -1,108 +1,140 @@
<?php
-function blocks_content(&$a) {
+require_once('include/identity.php');
+require_once('include/conversation.php');
+require_once('include/acl_selectors.php');
+function blocks_init(&$a) {
+ if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $a->is_sys = true;
+ }
+ }
if(argc() > 1)
$which = argv(1);
- else {
+ else
+ return;
+
+ profile_load($a,$which);
+
+}
+
+
+function blocks_content(&$a) {
+
+ if(! $a->profile) {
notice( t('Requested profile is not available.') . EOL );
$a->error = 404;
return;
}
- profile_load($a,$which,0);
+ $which = argv(1);
+ $uid = local_user();
+ $owner = 0;
+ $channel = null;
+ $observer = $a->get_observer();
- // Figure out who the page owner is.
- $r = q("select channel_id from channel where channel_address = '%s'",
- dbesc($which)
- );
- if($r) {
- $owner = intval($r[0]['channel_id']);
- }
+ $channel = $a->get_channel();
- // Block design features from visitors
+ if($a->is_sys && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $uid = $owner = intval($sys['channel_id']);
+ $channel = $sys;
+ $observer = $sys;
+ }
+ }
- if((! local_user()) || (local_user() != $owner)) {
- notice( t('Permission denied.') . EOL);
- return;
+ if(! $owner) {
+ // Figure out who the page owner is.
+ $r = q("select channel_id from channel where channel_address = '%s'",
+ dbesc($which)
+ );
+ if($r) {
+ $owner = intval($r[0]['channel_id']);
+ }
}
+ $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+ $perms = get_all_perms($owner,$ob_hash);
+ if(! $perms['write_pages']) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
-// Get the observer, check their permissions
- $observer = $a->get_observer();
- $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
+ // Block design features from visitors
- $perms = get_all_perms($owner,$ob_hash);
+ if((! $uid) || ($uid != $owner)) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
- if(! $perms['write_pages']) {
- notice( t('Permission denied.') . EOL);
- return;
- }
+ if(feature_enabled($owner,'expert')) {
+ $mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
+ if(! $mimetype)
+ $mimetype = 'choose';
+ }
+ else {
+ $mimetype = 'text/bbcode';
+ }
-// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages
-// Nickname is set to the observers xchan, and profile_uid to the owners.
-// This lets you post pages at other people's channels.
-require_once ('include/conversation.php');
- $x = array(
- 'webpage' => ITEM_BUILDBLOCK,
- 'is_owner' => true,
- 'nickname' => $a->profile['channel_address'],
- 'lockstate' => (($group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
- 'bang' => (($group || $cid) ? '!' : ''),
- 'showacl' => false,
- 'visitor' => true,
- 'mimetype' => 'choose',
- 'ptlabel' => t('Block Name'),
- 'profile_uid' => intval($owner),
- );
- if($_REQUEST['title'])
- $x['title'] = $_REQUEST['title'];
- if($_REQUEST['body'])
- $x['body'] = $_REQUEST['body'];
- if($_REQUEST['pagetitle'])
- $x['pagetitle'] = $_REQUEST['pagetitle'];
+ $x = array(
+ 'webpage' => ITEM_BUILDBLOCK,
+ 'is_owner' => true,
+ 'nickname' => $a->profile['channel_address'],
+ 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
+ 'bang' => '',
+ 'showacl' => false,
+ 'visitor' => true,
+ 'mimetype' => $mimetype,
+ 'ptlabel' => t('Block Name'),
+ 'profile_uid' => intval($owner),
+ );
+ if($_REQUEST['title'])
+ $x['title'] = $_REQUEST['title'];
+ if($_REQUEST['body'])
+ $x['body'] = $_REQUEST['body'];
+ if($_REQUEST['pagetitle'])
+ $x['pagetitle'] = $_REQUEST['pagetitle'];
- $o .= status_editor($a,$x);
- //Get a list of blocks. We can't display all them because endless scroll makes that unusable, so just list titles and an edit link.
-//TODO - this should be replaced with pagelist_widget
+ $o .= status_editor($a,$x);
-$r = q("select * from item_id where uid = %d and service = 'BUILDBLOCK' order by sid asc",
- intval($owner)
-);
+ $r = q("select * from item_id where uid = %d and service = 'BUILDBLOCK' order by sid asc",
+ intval($owner)
+ );
- $pages = null;
+ $pages = null;
- if($r) {
- $pages = array();
- foreach($r as $rr) {
- $pages[$rr['iid']][] = array('url' => $rr['iid'],'title' => $rr['sid']);
- }
- }
+ if($r) {
+ $pages = array();
+ foreach($r as $rr) {
+ $pages[$rr['iid']][] = array('url' => $rr['iid'],'title' => $rr['sid']);
+ }
+ }
+ //Build the base URL for edit links
+ $url = z_root() . '/editblock/' . $which;
-//Build the base URL for edit links
- $url = z_root() . "/editblock/" . $which;
-// This isn't pretty, but it works. Until I figure out what to do with the UI, it's Good Enough(TM).
- return $o . replace_macros(get_markup_template("blocklist.tpl"), array(
+ $o .= replace_macros(get_markup_template('blocklist.tpl'), array(
'$baseurl' => $url,
'$edit' => t('Edit'),
'$pages' => $pages,
'$channel' => $which,
'$view' => t('View'),
'$preview' => '1',
-
- ));
+ ));
-
+ return $o;
}
diff --git a/mod/editblock.php b/mod/editblock.php
index 3b6ce4bbf..c58a93410 100644
--- a/mod/editblock.php
+++ b/mod/editblock.php
@@ -1,50 +1,92 @@
<?php
+require_once('include/identity.php');
+require_once('include/acl_selectors.php');
-function editblock_content(&$a) {
+function editblock_init(&$a) {
+ if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $a->is_sys = true;
+ }
+ }
- if(argc() < 2) {
- notice( t('Item not found') . EOL);
+ if(argc() > 1)
+ $which = argv(1);
+ else
return;
- }
- $channel = get_channel_by_nick(argv(1));
+ profile_load($a,$which);
- if($c) {
- $owner = intval($channel['channel_id']);
- }
+}
- $o = '';
+function editblock_content(&$a) {
+
+ if(! $a->profile) {
+ notice( t('Requested profile is not available.') . EOL );
+ $a->error = 404;
+ return;
+ }
- // Figure out which post we're editing
- $post_id = ((argc() > 2) ? intval(argv(2)) : 0);
+ $which = argv(1);
+ $uid = local_user();
+ $owner = 0;
+ $channel = null;
+ $observer = $a->get_observer();
- if(! ($post_id && $channel)) {
- notice( t('Item not found') . EOL);
- return;
+ $channel = $a->get_channel();
+
+ if($a->is_sys && is_site_admin()) {
+ $sys = get_sys_channel();
+ if($sys && intval($sys['channel_id'])) {
+ $uid = $owner = intval($sys['channel_id']);
+ $channel = $sys;
+ $observer = $sys;
+ }
}
- // Now we've got a post and an owner, let's find out if we're allowed to edit it
+ if(! $owner) {
+ // Figure out who the page owner is.
+ $r = q("select channel_id from channel where channel_address = '%s'",
+ dbesc($which)
+ );
+ if($r) {
+ $owner = intval($r[0]['channel_id']);
+ }
+ }
+
+ $ob_hash = (($observer) ? $observer['xchan_hash'] : '');
- if(! perm_is_allowed($channel['channel_id'],get_observer_hash(),'write_pages')) {
+ if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
notice( t('Permission denied.') . EOL);
return;
}
+ $is_owner = (($uid && $uid == $owner) ? true : false);
+
+ $o = '';
- // We've already figured out which item we want and whose copy we need, so we don't need anything fancy here
+ // Figure out which post we're editing
+ $post_id = ((argc() > 2) ? intval(argv(2)) : 0);
+
+
+ if(! ($post_id && $owner)) {
+ notice( t('Item not found') . EOL);
+ return;
+ }
+
$itm = q("SELECT * FROM `item` WHERE `id` = %d and uid = %s LIMIT 1",
intval($post_id),
- intval($channel['channel_id'])
+ intval($owner)
);
if($itm) {
$item_id = q("select * from item_id where service = 'BUILDBLOCK' and iid = %d limit 1",
- $itm[0]['id']
+ intval($itm[0]['id'])
);
if($item_id)
$block_title = $item_id[0]['sid'];
@@ -57,10 +99,6 @@ function editblock_content(&$a) {
$plaintext = true;
- // You may or may not be a local user.
-// if(local_user() && feature_enabled(local_user(),'richtext'))
-// $plaintext = false;
-
$mimeselect = '';
$mimetype = $itm[0]['mimetype'];
@@ -79,11 +117,11 @@ function editblock_content(&$a) {
$a->page['htmlhead'] .= replace_macros(get_markup_template('jot-header.tpl'), array(
- '$baseurl' => $a->get_baseurl(),
- '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
- '$ispublic' => '&nbsp;', // t('Visible to <strong>everybody</strong>'),
- '$geotag' => '',
- '$nickname' => $channel['channel_address'],
+ '$baseurl' => $a->get_baseurl(),
+ '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
+ '$ispublic' => '&nbsp;', // t('Visible to <strong>everybody</strong>'),
+ '$geotag' => '',
+ '$nickname' => $channel['channel_address'],
'$confirmdelete' => t('Delete block?')
));
@@ -96,79 +134,70 @@ function editblock_content(&$a) {
call_hooks('jot_tool', $jotplugins);
call_hooks('jot_networks', $jotnets);
-
- //$tpl = replace_macros($tpl,array('$jotplugins' => $jotplugins));
-
- // FIXME A return path with $_SESSION doesn't always work for observer - it may WSoD instead of loading a sensible page.
- //So, send folk to the webpage list.
-
$rp = 'blocks/' . $channel['channel_address'];
$o .= replace_macros($tpl,array(
- '$return_path' => $rp,
- '$action' => 'item',
- '$webpage' => ITEM_BUILDBLOCK,
- '$share' => t('Edit'),
- '$upload' => t('Upload photo'),
- '$attach' => t('Attach file'),
- '$weblink' => t('Insert web link'),
- '$youtube' => t('Insert YouTube video'),
- '$video' => t('Insert Vorbis [.ogg] video'),
- '$audio' => t('Insert Vorbis [.ogg] audio'),
- '$setloc' => t('Set your location'),
- '$noloc' => t('Clear browser location'),
- '$wait' => t('Please wait'),
- '$permset' => t('Permission settings'),
- '$ptyp' => $itm[0]['type'],
- '$mimeselect' => $mimeselect,
- '$content' => undo_post_tagging($itm[0]['body']),
- '$post_id' => $post_id,
- '$baseurl' => $a->get_baseurl(),
- '$defloc' => $channel['channel_location'],
- '$visitor' => false,
- '$public' => t('Public post'),
- '$jotnets' => $jotnets,
- '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
- '$placeholdertitle' => t('Set title'),
- '$pagetitle' => $block_title,
- '$category' => '',
+ '$return_path' => $rp,
+ '$action' => 'item',
+ '$webpage' => ITEM_BUILDBLOCK,
+ '$share' => t('Edit'),
+ '$upload' => t('Upload photo'),
+ '$attach' => t('Attach file'),
+ '$weblink' => t('Insert web link'),
+ '$youtube' => t('Insert YouTube video'),
+ '$video' => t('Insert Vorbis [.ogg] video'),
+ '$audio' => t('Insert Vorbis [.ogg] audio'),
+ '$setloc' => t('Set your location'),
+ '$noloc' => t('Clear browser location'),
+ '$wait' => t('Please wait'),
+ '$permset' => t('Permission settings'),
+ '$ptyp' => $itm[0]['type'],
+ '$mimeselect' => $mimeselect,
+ '$content' => undo_post_tagging($itm[0]['body']),
+ '$post_id' => $post_id,
+ '$baseurl' => $a->get_baseurl(),
+ '$defloc' => $channel['channel_location'],
+ '$visitor' => false,
+ '$public' => t('Public post'),
+ '$jotnets' => $jotnets,
+ '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
+ '$placeholdertitle' => t('Set title'),
+ '$pagetitle' => $block_title,
+ '$category' => '',
'$placeholdercategory' => t('Categories (comma-separated list)'),
- '$emtitle' => t('Example: bob@example.com, mary@example.com'),
- '$lockstate' => $lockstate,
- '$acl' => '',
- '$bang' => '',
- '$profile_uid' => (intval($channel['channel_id'])),
- '$preview' => ((feature_enabled(local_user(),'preview')) ? t('Preview') : ''),
- '$jotplugins' => $jotplugins,
- '$sourceapp' => $itm[0]['app'],
- '$defexpire' => '',
- '$feature_expire' => false,
- '$expires' => t('Set expiration date'),
+ '$emtitle' => t('Example: bob@example.com, mary@example.com'),
+ '$lockstate' => $lockstate,
+ '$acl' => '',
+ '$bang' => '',
+ '$profile_uid' => (intval($channel['channel_id'])),
+ '$preview' => ((feature_enabled($uid,'preview')) ? t('Preview') : ''),
+ '$jotplugins' => $jotplugins,
+ '$sourceapp' => $itm[0]['app'],
+ '$defexpire' => '',
+ '$feature_expire' => false,
+ '$expires' => t('Set expiration date'),
));
- $ob = get_observer_hash();
-
- if(($itm[0]['author_xchan'] === $ob) || ($itm[0]['owner_xchan'] === $ob))
+ if(($itm[0]['author_xchan'] === $ob_hash) || ($itm[0]['owner_xchan'] === $ob_hash))
$o .= '<br /><br /><a class="block-delete-link" href="item/drop/' . $itm[0]['id'] . '" >' . t('Delete Block') . '</a><br />';
$x = array(
- 'type' => 'block',
- 'title' => $itm[0]['title'],
- 'body' => $itm[0]['body'],
- 'term' => $itm[0]['term'],
- 'created' => $itm[0]['created'],
- 'edited' => $itm[0]['edited'],
- 'mimetype' => $itm[0]['mimetype'],
+ 'type' => 'block',
+ 'title' => $itm[0]['title'],
+ 'body' => $itm[0]['body'],
+ 'term' => $itm[0]['term'],
+ 'created' => $itm[0]['created'],
+ 'edited' => $itm[0]['edited'],
+ 'mimetype' => $itm[0]['mimetype'],
'pagetitle' => $page_title,
- 'mid' => $itm[0]['mid']
+ 'mid' => $itm[0]['mid']
);
$o .= EOL . EOL . t('Share') . EOL . '<textarea onclick="this.select();" class="shareable_element_text" >[element]' . base64url_encode(json_encode($x)) . '[/element]</textarea>' . EOL . EOL;
-
return $o;
}
diff --git a/mod/editlayout.php b/mod/editlayout.php
index 27e6ef410..94e2e628c 100644
--- a/mod/editlayout.php
+++ b/mod/editlayout.php
@@ -60,14 +60,11 @@ function editlayout_content(&$a) {
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
- $perms = get_all_perms($owner,$ob_hash);
-
- if(! $perms['write_pages']) {
+ if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
notice( t('Permission denied.') . EOL);
return;
}
-
$is_owner = (($uid && $uid == $owner) ? true : false);
$o = '';
diff --git a/mod/editwebpage.php b/mod/editwebpage.php
index 8181415b8..2acb3bd84 100644
--- a/mod/editwebpage.php
+++ b/mod/editwebpage.php
@@ -60,14 +60,11 @@ function editwebpage_content(&$a) {
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
- $perms = get_all_perms($owner,$ob_hash);
-
- if(! $perms['write_pages']) {
+ if(! perm_is_allowed($owner,$ob_hash,'write_pages')) {
notice( t('Permission denied.') . EOL);
return;
}
-
$is_owner = (($uid && $uid == $owner) ? true : false);
$o = '';