aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/chat.php24
-rwxr-xr-xmod/events.php52
-rw-r--r--mod/item.php1
-rw-r--r--mod/mitem.php1
-rw-r--r--mod/photos.php53
5 files changed, 50 insertions, 81 deletions
diff --git a/mod/chat.php b/mod/chat.php
index c54d29313..c2c11d0ab 100644
--- a/mod/chat.php
+++ b/mod/chat.php
@@ -54,12 +54,11 @@ function chat_post(&$a) {
goaway(z_root() . '/chat/' . $channel['channel_address']);
}
+ $acl = new AccessList($channel);
+ $acl->set_from_array($_REQUEST);
- $arr = array('name' => $room);
- $arr['allow_gid'] = perms2str($_REQUEST['group_allow']);
- $arr['allow_cid'] = perms2str($_REQUEST['contact_allow']);
- $arr['deny_gid'] = perms2str($_REQUEST['group_deny']);
- $arr['deny_cid'] = perms2str($_REQUEST['contact_deny']);
+ $arr = $acl->get();
+ $arr['name'] = $room;
chatroom_create($channel,$arr);
@@ -158,7 +157,10 @@ function chat_content(&$a) {
intval($a->profile['profile_uid'])
);
if($x) {
- $private = ((($x[0]['allow_cid']) || ($x[0]['allow_gid']) || ($x[0]['deny_cid']) || ($x[0]['deny_gid'])) ? true : false);
+ $acl = new AccessList(false);
+ $acl->set($x[0]);
+
+ $private = $acl->is_private();
$room_name = $x[0]['cr_name'];
if($bookmark_link)
$bookmark_link .= '&url=' . z_root() . '/chat/' . argv(1) . '/' . argv(2) . '&title=' . urlencode($x[0]['cr_name']) . (($private) ? '&private=1' : '') . '&ischat=1';
@@ -192,14 +194,8 @@ function chat_content(&$a) {
if(local_channel() && argc() > 2 && argv(2) === 'new') {
-
-
- $channel_acl = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $channel_acl = $acl->get();
require_once('include/acl_selectors.php');
diff --git a/mod/events.php b/mod/events.php
index edb61a6cd..9120f8713 100755
--- a/mod/events.php
+++ b/mod/events.php
@@ -41,16 +41,11 @@ function events_post(&$a) {
$categories = escape_tags(trim($_POST['category']));
-
-
// only allow editing your own events.
if(($xchan) && ($xchan !== get_observer_hash()))
return;
- // The default setting for the `private` field in event_store() is false, so mirror that
- $private_event = false;
-
if($start_text) {
$start = $start_text;
}
@@ -119,6 +114,8 @@ function events_post(&$a) {
$channel = $a->get_channel();
+ $acl = new AccessList(false);
+
if($event_id) {
$x = q("select * from event where id = %d and uid = %d limit 1",
intval($event_id),
@@ -133,6 +130,8 @@ function events_post(&$a) {
return;
}
+ $acl->set($x[0]);
+
$created = $x[0]['created'];
$edited = datetime_convert();
@@ -142,39 +141,21 @@ function events_post(&$a) {
}
else {
$share = true;
- $str_group_allow = $x[0]['allow_gid'];
- $str_contact_allow = $x[0]['allow_cid'];
- $str_group_deny = $x[0]['deny_gid'];
- $str_contact_deny = $x[0]['deny_cid'];
-
- if(strlen($str_group_allow) || strlen($str_contact_allow)
- || strlen($str_group_deny) || strlen($str_contact_deny)) {
- $private_event = true;
- }
}
}
else {
$created = $edited = datetime_convert();
if($share) {
- $str_group_allow = perms2str($_POST['group_allow']);
- $str_contact_allow = perms2str($_POST['contact_allow']);
- $str_group_deny = perms2str($_POST['group_deny']);
- $str_contact_deny = perms2str($_POST['contact_deny']);
-
- if(strlen($str_group_allow) || strlen($str_contact_allow)
- || strlen($str_group_deny) || strlen($str_contact_deny)) {
- $private_event = true;
- }
+ $acl->set_from_array($_POST);
}
else {
- $str_contact_allow = '<' . $channel['channel_hash'] . '>';
- $str_group_allow = $str_contact_deny = $str_group_deny = '';
- $private_event = true;
+ $acl->set(array('allow_cid' => '<' . $channel['channel_hash'] . '>', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
}
}
$post_tags = array();
$channel = $a->get_channel();
+ $ac = $acl->get();
if(strlen($categories)) {
$cats = explode(',',$categories);
@@ -201,11 +182,11 @@ function events_post(&$a) {
$datarray['uid'] = local_channel();
$datarray['account'] = get_account_id();
$datarray['event_xchan'] = $channel['channel_hash'];
- $datarray['allow_cid'] = $str_contact_allow;
- $datarray['allow_gid'] = $str_group_allow;
- $datarray['deny_cid'] = $str_contact_deny;
- $datarray['deny_gid'] = $str_group_deny;
- $datarray['private'] = (($private_event) ? 1 : 0);
+ $datarray['allow_cid'] = $ac['allow_cid'];
+ $datarray['allow_gid'] = $ac['allow_gid'];
+ $datarray['deny_cid'] = $ac['deny_cid'];
+ $datarray['deny_gid'] = $ac['deny_gid'];
+ $datarray['private'] = (($acl->is_private()) ? 1 : 0);
$datarray['id'] = $event_id;
$datarray['created'] = $created;
$datarray['edited'] = $edited;
@@ -660,12 +641,9 @@ function events_content(&$a) {
require_once('include/acl_selectors.php');
- $perm_defaults = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $perm_defaults = $acl->get();
+
$tpl = get_markup_template('event_form.tpl');
diff --git a/mod/item.php b/mod/item.php
index 254904c9f..750512bcf 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -19,7 +19,6 @@ require_once('include/crypto.php');
require_once('include/enotify.php');
require_once('include/items.php');
require_once('include/attach.php');
-require_once('include/AccessList.php');
function item_post(&$a) {
diff --git a/mod/mitem.php b/mod/mitem.php
index 3959da032..0fadd1548 100644
--- a/mod/mitem.php
+++ b/mod/mitem.php
@@ -2,7 +2,6 @@
require_once('include/menu.php');
require_once('include/acl_selectors.php');
-require_once('include/AccessList.php');
function mitem_init(&$a) {
diff --git a/mod/photos.php b/mod/photos.php
index dc70e4f90..d06a8e69c 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -85,6 +85,7 @@ function photos_post(&$a) {
$owner_record = $s[0];
+ $acl = AccessList($a->data['channel']);
if((argc() > 3) && (argv(2) === 'album')) {
@@ -200,6 +201,7 @@ function photos_post(&$a) {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
}
+
if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
@@ -208,10 +210,9 @@ function photos_post(&$a) {
$item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
$albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
$is_nsfw = ((x($_POST,'adult')) ? intval($_POST['adult']) : 0);
- $str_group_allow = perms2str($_POST['group_allow']);
- $str_contact_allow = perms2str($_POST['contact_allow']);
- $str_group_deny = perms2str($_POST['group_deny']);
- $str_contact_deny = perms2str($_POST['contact_deny']);
+
+ $acl->set_from_array($_POST);
+ $perm = $acl->get();
$resource_id = $a->argv[2];
@@ -284,10 +285,10 @@ function photos_post(&$a) {
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d",
dbesc($desc),
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -331,20 +332,20 @@ function photos_post(&$a) {
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d
where id = %d",
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
- intval($item_private),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
+ intval($acl->is_private()),
intval($item_id)
);
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1",
- dbesc($str_contact_allow),
- dbesc($str_group_allow),
- dbesc($str_contact_deny),
- dbesc($str_group_deny),
+ dbesc($perm['allow_cid']),
+ dbesc($perm['allow_gid']),
+ dbesc($perm['deny_cid']),
+ dbesc($perm['deny_gid']),
dbesc($resource_id),
intval($page_owner_uid)
);
@@ -418,11 +419,11 @@ function photos_post(&$a) {
$_REQUEST['source'] = 'photos';
require_once('include/attach.php');
- if(!local_channel()) {
+ if(! local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
- $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
- $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
- $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
+ $_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
+ $_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
+ $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($a->channel,get_observer_hash(), '', $_REQUEST);
@@ -557,14 +558,10 @@ function photos_content(&$a) {
if($_is_owner) {
$channel = $a->get_channel();
- $channel_acl = array(
- 'allow_cid' => $channel['channel_allow_cid'],
- 'allow_gid' => $channel['channel_allow_gid'],
- 'deny_cid' => $channel['channel_deny_cid'],
- 'deny_gid' => $channel['channel_deny_gid']
- );
+ $acl = new AccessList($channel);
+ $channel_acl = $acl->get();
- $lockstate = (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock');
+ $lockstate = (($acl->is_private()) ? 'lock' : 'unlock');
}
$aclselect = (($_is_owner) ? populate_acl($channel_acl,false) : '');