diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/achievements.php | 84 | ||||
| -rw-r--r-- | mod/acl.php | 14 | ||||
| -rw-r--r-- | mod/contactgroup.php | 2 | ||||
| -rwxr-xr-x | mod/events.php | 2 | ||||
| -rw-r--r-- | mod/fbrowser.php | 2 | ||||
| -rw-r--r-- | mod/group.php | 8 | ||||
| -rw-r--r-- | mod/help.php | 1 | ||||
| -rw-r--r-- | mod/import.php | 2 | ||||
| -rw-r--r-- | mod/item.php | 7 | ||||
| -rw-r--r-- | mod/lockview.php | 4 | ||||
| -rw-r--r-- | mod/mail.php | 349 | ||||
| -rw-r--r-- | mod/network.php | 2 | ||||
| -rw-r--r-- | mod/photos.php | 48 | ||||
| -rw-r--r-- | mod/register.php | 4 | ||||
| -rw-r--r-- | mod/xref.php | 20 |
15 files changed, 499 insertions, 50 deletions
diff --git a/mod/achievements.php b/mod/achievements.php new file mode 100644 index 000000000..1910def73 --- /dev/null +++ b/mod/achievements.php @@ -0,0 +1,84 @@ +<?php + +function achievements_content(&$a) { + + if(argc() > 1) + $which = argv(1); + else { + notice( t('Requested profile is not available.') . EOL ); + return; +} + + $profile = 0; + $profile = argv(1); + profile_load($a,$which,$profile); + + $r = q("select channel_id from channel where channel_address = '%s'", + dbesc($which) + ); + if($r) { + $owner = intval($r[0]['channel_id']); + } + + $observer = $a->get_observer(); + $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); + $perms = get_all_perms($owner,$ob_hash); + if(! $perms['view_profile']) { + notice( t('Permission denied.') . EOL); + return; + } + +// By default, all badges are false + $contactbadge = false; + $profilebadge = false; + $keywordsbadge = false; + +// Check number of contacts. Award a badge if over 10 +// We'll figure these out on each page load instead of +// writing them to the DB because that will mean one needs +// to retain their achievements - eg, you can't add +// a bunch of channels just to get your badge, and then +// delete them all again. If these become popular or +// used in profiles or something, we may need to reconsider +// and add a table for this - because this won't scale. + + $r = q("select * from abook where abook_channel = %d", + intval($owner) + ); + + if (count($r)) + $contacts = count($r); + // We're checking for 11 to adjust for the abook record for self + if ($contacts >= 11) + $contactbadge = true; + +// Check if an about field in the profile has been created. + + $r = q("select * from profile where uid = %d and about <> ''", + intval($owner) + ); + + if ($r) + $profilebadge = 1; + +// Check if keywords have been set + + $r = q("select * from profile where uid = %d and keywords <> ''", + intval($owner) + ); + + if($r) + $keywordsbadge = 1; + +// FIXME - stick ths in a template, and make it look pretty. + $o .= "Template not implemented"; + $o .= "If this is one, you get the profile badge" . $profilebadge . "<br>"; + $o .= "If this is one, you get the contact badge" . $contactbadge . "<br>"; + $o .= "If this is one you get the keywords badge" . $keywordsbadge . "<br>"; + $o .= "I haven't done the top level posts badge yet" . $toplevelpostsbadge . "<br>"; + $o .= "I haven't done the number of channels badge yet" . $channelsbadge; + + +return $o; + +} diff --git a/mod/acl.php b/mod/acl.php index bd19c4bb7..c9a4d417f 100644 --- a/mod/acl.php +++ b/mod/acl.php @@ -39,7 +39,7 @@ function acl_init(&$a){ // count groups and contacts if ($type=='' || $type=='g'){ - $r = q("SELECT COUNT(`id`) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra", + $r = q("SELECT COUNT(`id`) AS g FROM `groups` WHERE `deleted` = 0 AND `uid` = %d $sql_extra", intval(local_user()) ); $group_count = (int)$r[0]['g']; @@ -94,14 +94,14 @@ function acl_init(&$a){ if ($type=='' || $type=='g'){ - $r = q("SELECT `group`.`id`, `group`.`hash`, `group`.`name`, + $r = q("SELECT `groups`.`id`, `groups`.`hash`, `groups`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`xchan` SEPARATOR ',') as uids - FROM `group`,`group_member` - WHERE `group`.`deleted` = 0 AND `group`.`uid` = %d - AND `group_member`.`gid`=`group`.`id` + FROM `groups`,`group_member` + WHERE `groups`.`deleted` = 0 AND `groups`.`uid` = %d + AND `group_member`.`gid`=`groups`.`id` $sql_extra - GROUP BY `group`.`id` - ORDER BY `group`.`name` + GROUP BY `groups`.`id` + ORDER BY `groups`.`name` LIMIT %d,%d", intval(local_user()), intval($start), diff --git a/mod/contactgroup.php b/mod/contactgroup.php index 4b46605a6..8b23f9f10 100644 --- a/mod/contactgroup.php +++ b/mod/contactgroup.php @@ -20,7 +20,7 @@ function contactgroup_content(&$a) { if((argc() > 1) && (intval(argv(1)))) { - $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", + $r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", intval(argv(1)), intval(local_user()) ); diff --git a/mod/events.php b/mod/events.php index 265c74fce..5cf0e425b 100755 --- a/mod/events.php +++ b/mod/events.php @@ -108,7 +108,7 @@ function events_post(&$a) { $datarray['start'] = $start; $datarray['finish'] = $finish; $datarray['summary'] = $summary; - $datarray['desc'] = $desc; + $datarray['description'] = $desc; $datarray['location'] = $location; $datarray['type'] = $type; $datarray['adjust'] = $adjust; diff --git a/mod/fbrowser.php b/mod/fbrowser.php index baacfe56b..19bd77914 100644 --- a/mod/fbrowser.php +++ b/mod/fbrowser.php @@ -45,7 +45,7 @@ function fbrowser_content($a){ $path[]=array($a->get_baseurl()."/fbrowser/image/".$a->argv[2]."/", $album); } - $r = q("SELECT `resource_id`, `id`, `filename`, type, min(`scale`) AS `hiq`,max(`scale`) AS `loq`, `desc` + $r = q("SELECT `resource_id`, `id`, `filename`, type, min(`scale`) AS `hiq`,max(`scale`) AS `loq`, `description` FROM `photo` WHERE `uid` = %d $sql_extra GROUP BY `resource_id` $sql_extra2", intval(local_user()) diff --git a/mod/group.php b/mod/group.php index 352484e25..66e5fbf8e 100644 --- a/mod/group.php +++ b/mod/group.php @@ -30,7 +30,7 @@ function group_post(&$a) { if((argc() == 2) && (intval(argv(1)))) { check_form_security_token_redirectOnErr('/group', 'group_edit'); - $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval(argv(1)), intval(local_user()) ); @@ -44,7 +44,7 @@ function group_post(&$a) { $public = intval($_POST['public']); if((strlen($groupname)) && (($groupname != $group['name']) || ($public != $group['visible']))) { - $r = q("UPDATE `group` SET `name` = '%s', visible = %d WHERE `uid` = %d AND `id` = %d LIMIT 1", + $r = q("UPDATE `groups` SET `name` = '%s', visible = %d WHERE `uid` = %d AND `id` = %d LIMIT 1", dbesc($groupname), intval($public), intval(local_user()), @@ -97,7 +97,7 @@ function group_content(&$a) { check_form_security_token_redirectOnErr('/group', 'group_drop', 't'); if(intval(argv(2))) { - $r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT `name` FROM `groups` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval(argv(2)), intval(local_user()) ); @@ -132,7 +132,7 @@ function group_content(&$a) { if((argc() > 1) && (intval(argv(1)))) { require_once('include/acl_selectors.php'); - $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", + $r = q("SELECT * FROM `groups` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", intval(argv(1)), intval(local_user()) ); diff --git a/mod/help.php b/mod/help.php index cd2dfd87e..a4ccd1cfe 100644 --- a/mod/help.php +++ b/mod/help.php @@ -87,7 +87,6 @@ function help_content(&$a) { function preg_callback_help_include($matches) { - print_r($matches); if($matches[1]) return str_replace($matches[0],load_doc_file($matches[1]),$matches[0]); diff --git a/mod/import.php b/mod/import.php index 94d41455d..5b3b53156 100644 --- a/mod/import.php +++ b/mod/import.php @@ -314,7 +314,7 @@ function import_post(&$a) { . implode("', '", array_values($group)) . "')" ); } - $r = q("select * from `group` where uid = %d", + $r = q("select * from `groups` where uid = %d", intval($channel['channel_id']) ); if($r) { diff --git a/mod/item.php b/mod/item.php index 7f881d28d..b7ad6b97c 100644 --- a/mod/item.php +++ b/mod/item.php @@ -66,8 +66,8 @@ function item_post(&$a) { $owner_hash = null; - $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : ''); - + $message_id = ((x($_REQUEST,'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : ''); + $created = ((x($_REQUEST,'created')) ? datetime_convert('UTC','UTC',$_REQUEST['created']) : datetime_convert()); $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0); $post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0); $app = ((x($_REQUEST,'source')) ? strip_tags($_REQUEST['source']) : ''); @@ -274,6 +274,7 @@ function item_post(&$a) { $item_flags = $orig_post['item_flags']; $item_restrict = $orig_post['item_restrict']; $postopts = $orig_post['postopts']; + $created = $orig_post['created']; } else { @@ -602,7 +603,7 @@ function item_post(&$a) { $datarray['owner_xchan'] = (($owner_hash) ? $owner_hash : $owner_xchan['xchan_hash']); $datarray['author_xchan'] = $observer['xchan_hash']; - $datarray['created'] = datetime_convert(); + $datarray['created'] = $created; $datarray['edited'] = datetime_convert(); $datarray['expires'] = $expires; $datarray['commented'] = datetime_convert(); diff --git a/mod/lockview.php b/mod/lockview.php index 7dda85623..32e7a3afb 100644 --- a/mod/lockview.php +++ b/mod/lockview.php @@ -49,7 +49,7 @@ function lockview_content(&$a) { stringify_array_elms($deny_users,true); if(count($allowed_groups)) { - $r = q("SELECT name FROM `group` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); + $r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); if($r) foreach($r as $rr) $l[] = '<b>' . $rr['name'] . '</b>'; @@ -61,7 +61,7 @@ function lockview_content(&$a) { $l[] = $rr['xchan_name']; } if(count($deny_groups)) { - $r = q("SELECT name FROM `group` WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); + $r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if($r) foreach($r as $rr) $l[] = '<b><strike>' . $rr['name'] . '</strike></b>'; diff --git a/mod/mail.php b/mod/mail.php new file mode 100644 index 000000000..eb1b0ddc0 --- /dev/null +++ b/mod/mail.php @@ -0,0 +1,349 @@ +<?php + +require_once('include/acl_selectors.php'); +require_once('include/message.php'); +require_once('include/zot.php'); +require_once("include/bbcode.php"); +require_once('include/Contact.php'); + + +function mail_post(&$a) { + + if(! local_user()) + return; + + $replyto = ((x($_REQUEST,'replyto')) ? notags(trim($_REQUEST['replyto'])) : ''); + $subject = ((x($_REQUEST,'subject')) ? notags(trim($_REQUEST['subject'])) : ''); + $body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : ''); + $recipient = ((x($_REQUEST,'messageto')) ? notags(trim($_REQUEST['messageto'])) : ''); + $rstr = ((x($_REQUEST,'messagerecip')) ? notags(trim($_REQUEST['messagerecip'])) : ''); + $expires = ((x($_REQUEST,'expires')) ? datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expires']) : '0000-00-00 00:00:00'); + + // If we have a raw string for a recipient which hasn't been auto-filled, + // it means they probably aren't in our address book, hence we don't know + // if we have permission to send them private messages. + // finger them and find out before we try and send it. + + if(! $recipient) { + $channel = $a->get_channel(); + + $ret = zot_finger($rstr,$channel); + + if(! $ret['success']) { + notice( t('Unable to lookup recipient.') . EOL); + return; + } + $j = json_decode($ret['body'],true); + + logger('message_post: lookup: ' . $url . ' ' . print_r($j,true)); + + if(! ($j['success'] && $j['guid'])) { + notice( t('Unable to communicate with requested channel.')); + return; + } + + $x = import_xchan($j); + + if(! $x['success']) { + notice( t('Cannot verify requested channel.')); + return; + } + + $recipient = $x['hash']; + + $their_perms = 0; + + $global_perms = get_perms(); + + if($j['permissions']['data']) { + $permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']); + if($permissions) + $permissions = json_decode($permissions); + logger('decrypted permissions: ' . print_r($permissions,true), LOGGER_DATA); + } + else + $permissions = $j['permissions']; + + foreach($permissions as $k => $v) { + if($v) { + $their_perms = $their_perms | intval($global_perms[$k][1]); + } + } + + if(! ($their_perms & PERMS_W_MAIL)) { + notice( t('Selected channel has private message restrictions. Send failed.')); + return; + } + } + + if(feature_enabled(local_user(),'richtext')) { + $body = fix_mce_lf($body); + } + + if(! $recipient) { + notice('No recipient found.'); + $a->argc = 2; + $a->argv[1] = 'new'; + return; + } + + // We have a local_user, let send_message use the session channel and save a lookup + + $ret = send_message(0, $recipient, $body, $subject, $replyto, $expires); + + if(! $ret['success']) { + notice($ret['message']); + } + + goaway(z_root() . '/message'); + +} + +function mail_content(&$a) { + + $o = ''; + nav_set_selected('messages'); + + if(! local_user()) { + notice( t('Permission denied.') . EOL); + return login(); + } + + $channel = $a->get_channel(); + head_set_icon($channel['xchan_photo_s']); + + $cipher = get_pconfig(local_user(),'system','default_cipher'); + if(! $cipher) + $cipher = 'aes256'; + + $tpl = get_markup_template('mail_head.tpl'); + $header = replace_macros($tpl, array( + '$messages' => t('Messages'), + '$tab_content' => $tab_content + )); + + if((argc() == 3) && (argv(1) === 'drop')) { + if(! intval(argv(2))) + return; + $cmd = argv(1); + + $r = private_messages_drop(local_user(), argv(2)); + if($r) { + info( t('Message deleted.') . EOL ); + } + goaway($a->get_baseurl(true) . '/message' ); + } + + if((argc() == 3) && (argv(1) === 'recall')) { + if(! intval(argv(2))) + return; + $cmd = argv(1); + $r = q("update mail set mail_flags = mail_flags | %d where id = %d and channel_id = %d limit 1", + intval(MAIL_RECALLED), + intval(argv(2)), + intval(local_user()) + ); + proc_run('php','include/notifier.php','mail',intval(argv(2))); + + if($r) { + info( t('Message recalled.') . EOL ); + } + goaway($a->get_baseurl(true) . '/message' ); + + } + + if((argc() > 1) && (argv(1) === 'new')) { + + $o .= $header; + + $plaintext = false; + if(intval(get_pconfig(local_user(),'system','plaintext'))) + $plaintext = true; + if(! feature_enabled(local_user(),'richtext')) + $plaintext = true; + + $tpl = get_markup_template('msg-header.tpl'); + + $a->page['htmlhead'] .= replace_macros($tpl, array( + '$baseurl' => $a->get_baseurl(true), + '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), + '$nickname' => $channel['channel_address'], + '$linkurl' => t('Please enter a link URL:'), + '$expireswhen' => t('Expires YYYY-MM-DD HH:MM') + )); + + $preselect = (isset($a->argv[2])?array($a->argv[2]):false); + + + $prename = $preurl = $preid = ''; + + if($preselect) { + $r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash + where abook_channel = %d and abook_id = %d limit 1", + intval(local_user()), + intval(argv(2)) + ); + if($r) { + $prename = $r[0]['xchan_name']; + $preurl = $r[0]['xchan_url']; + $preid = $r[0]['abook_id']; + } + } + + $prefill = (($preselect) ? $prename : ''); + + if(! $prefill) { + if(array_key_exists('to',$_REQUEST)) + $prefill = $_REQUEST['to']; + } + + // the ugly select box + + $select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10); + + $tpl = get_markup_template('prv_message.tpl'); + $o .= replace_macros($tpl,array( + '$header' => t('Send Private Message'), + '$to' => t('To:'), + '$showinputs' => 'true', + '$prefill' => $prefill, + '$autocomp' => $autocomp, + '$preid' => $preid, + '$subject' => t('Subject:'), + '$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''), + '$text' => ((x($_REQUEST,'body')) ? htmlspecialchars($_REQUEST['body'], ENT_COMPAT, 'UTF-8') : ''), + '$readonly' => '', + '$yourmessage' => t('Your message:'), + '$select' => $select, + '$parent' => '', + '$upload' => t('Upload photo'), + '$attach' => t('Attach file'), + '$insert' => t('Insert web link'), + '$wait' => t('Please wait'), + '$submit' => t('Submit'), + '$defexpire' => '', + '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'), + '$expires' => t('Set expiration date'), + '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'), + '$encrypt' => t('Encrypt text'), + '$cipher' => $cipher, + + + )); + + return $o; + } + + + if((argc() > 1) && (intval(argv(1)))) { + + $o .= $header; + + $plaintext = true; + if( local_user() && feature_enabled(local_user(),'richtext') ) + $plaintext = false; + + $messages = private_messages_fetch_conversation(local_user(), argv(1), true); + + if(! $messages) { + info( t('Message not found.') . EOL); + return $o; + } + + if($messages[0]['to_xchan'] === $channel['channel_hash']) + $a->poi = $messages[0]['from']; + else + $a->poi = $messages[0]['to']; + +// require_once('include/Contact.php'); + +// $a->set_widget('mail_conversant',vcard_from_xchan($a->poi,$get_observer_hash,'mail')); + + + $tpl = get_markup_template('msg-header.tpl'); + + $a->page['htmlhead'] .= replace_macros($tpl, array( + '$nickname' => $channel['channel_addr'], + '$baseurl' => $a->get_baseurl(true), + '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'), + '$linkurl' => t('Please enter a link URL:'), + '$expireswhen' => t('Expires YYYY-MM-DD HH:MM') + )); + + + $mails = array(); + $seen = 0; + $unknown = false; + + foreach($messages as $message) { + + $s = theme_attachments($message); + + $mails[] = array( + 'id' => $message['id'], + 'from_name' => $message['from']['xchan_name'], + 'from_url' => chanlink_hash($message['from_xchan']), + 'from_photo' => $message['from']['xchan_photo_m'], + 'to_name' => $message['to']['xchan_name'], + 'to_url' => chanlink_hash($message['to_xchan']), + 'to_photo' => $message['to']['xchan_photo_m'], + 'subject' => $message['title'], + 'body' => smilies(bbcode($message['body']) . $s), + 'delete' => t('Delete message'), + 'recall' => t('Recall message'), + 'can_recall' => (($channel['channel_hash'] == $message['from_xchan']) ? true : false), + 'is_recalled' => (($message['mail_flags'] & MAIL_RECALLED) ? t('Message has been recalled.') : ''), + 'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A'), + ); + + $seen = $message['seen']; + + } + + $recp = (($message['from_xchan'] === $channel['channel_hash']) ? 'to' : 'from'); + +// FIXME - move this HTML to template + + $select = $message[$recp]['xchan_name'] . '<input type="hidden" name="messageto" value="' . $message[$recp]['xchan_hash'] . '" />'; + $parent = '<input type="hidden" name="replyto" value="' . $message['parent_mid'] . '" />'; + + $tpl = get_markup_template('mail_display.tpl'); + $o = replace_macros($tpl, array( + '$prvmsg_header' => t('Private Conversation'), + '$thread_id' => $a->argv[1], + '$thread_subject' => $message['title'], + '$thread_seen' => $seen, + '$delete' => t('Delete conversation'), + '$canreply' => (($unknown) ? false : '1'), + '$unknown_text' => t("No secure communications available. You <strong>may</strong> be able to respond from the sender's profile page."), + '$mails' => $mails, + + // reply + '$header' => t('Send Reply'), + '$to' => t('To:'), + '$showinputs' => '', + '$subject' => t('Subject:'), + '$subjtxt' => $message['title'], + '$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ', + '$yourmessage' => t('Your message:'), + '$text' => '', + '$select' => $select, + '$parent' => $parent, + '$upload' => t('Upload photo'), + '$attach' => t('Attach file'), + '$insert' => t('Insert web link'), + '$submit' => t('Submit'), + '$wait' => t('Please wait'), + '$defexpire' => '', + '$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'), + '$expires' => t('Set expiration date'), + '$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'), + '$encrypt' => t('Encrypt text'), + '$cipher' => $cipher, + + )); + + return $o; + } + +} diff --git a/mod/network.php b/mod/network.php index 072f718ec..7f67f62d0 100644 --- a/mod/network.php +++ b/mod/network.php @@ -69,7 +69,7 @@ function network_content(&$a, $update = 0, $load = false) { $_GET['order'] = 'post'; if($gid) { - $r = q("SELECT * FROM `group` WHERE id = %d AND uid = %d LIMIT 1", + $r = q("SELECT * FROM `groups` WHERE id = %d AND uid = %d LIMIT 1", intval($gid), intval(local_user()) ); diff --git a/mod/photos.php b/mod/photos.php index 63806896b..3c724ddc2 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -157,23 +157,20 @@ function photos_post(&$a) { } if((argc() > 2) && (x($_REQUEST,'delete')) && ($_REQUEST['delete'] === t('Delete Photo'))) { -// FIXME + // same as above but remove single photo - if($visitor) { - $r = q("SELECT `id`, `resource_id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource_id` = '%s' LIMIT 1", - intval($visitor), - intval($page_owner_uid), - dbesc($a->argv[2]) - ); - } - else { - $r = q("SELECT `id`, `resource_id` FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' LIMIT 1", - intval(local_user()), - dbesc($a->argv[2]) - ); - } - if(count($r)) { + $ob_hash = get_observer_hash(); + if(! $ob_hash) + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + + $r = q("SELECT `id`, `resource_id` FROM `photo` WHERE ( xchan = '%s' or `uid` = %d ) AND `resource_id` = '%s' LIMIT 1", + dbesc($ob_hash), + intval(local_user()), + dbesc($a->argv[2]) + ); + + if($r) { q("DELETE FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s'", intval($page_owner_uid), dbesc($r[0]['resource_id']) @@ -183,7 +180,7 @@ function photos_post(&$a) { intval($page_owner_uid) ); if(count($i)) { - q("UPDATE `item` SET item_restrict = (item_restrict & %d), `edited` = '%s', `changed` = '%s' WHERE `parent_mid` = '%s' AND `uid` = %d", + q("UPDATE `item` SET item_restrict = (item_restrict | %d), `edited` = '%s', `changed` = '%s' WHERE `parent_mid` = '%s' AND `uid` = %d", intval(ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), @@ -200,7 +197,6 @@ function photos_post(&$a) { } goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); - return; // NOTREACHED } if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) { @@ -285,7 +281,7 @@ function photos_post(&$a) { ); if(count($p)) { $ext = $phototypes[$p[0]['type']]; - $r = q("UPDATE `photo` SET `desc` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", + $r = q("UPDATE `photo` SET `description` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), dbesc($albname), dbesc($str_contact_allow), @@ -303,7 +299,7 @@ function photos_post(&$a) { /* Don't make the item visible if the only change was the album name */ $visibility = 0; - if($p[0]['desc'] !== $desc || strlen($rawtags)) + if($p[0]['description'] !== $desc || strlen($rawtags)) $visibility = 1; if(! $item_id) { @@ -511,7 +507,7 @@ function photos_post(&$a) { $arr['object'] .= xmlify('<link rel="photo" type="'.$p[0]['type'].'" href="' . $tagged[3]['photo'] . '" />' . "\n"); $arr['object'] .= '</link></object>' . "\n"; - $arr['target'] = '<target><type>' . ACTIVITY_OBJ_PHOTO . '</type><title>' . $p[0]['desc'] . '</title><id>' + $arr['target'] = '<target><type>' . ACTIVITY_OBJ_PHOTO . '</type><title>' . $p[0]['description'] . '</title><id>' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource_id'] . '</id>'; $arr['target'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource_id'] . '" />' . "\n" . '<link rel="preview" type="'.$p[0]['type'].'" href="' . $a->get_baseurl() . "/photo/" . $p[0]['resource_id'] . '-' . $best . '.' . $ext . '" />') . '</link></target>'; @@ -755,7 +751,7 @@ function photos_content(&$a) { else $order = 'DESC'; - $r = q("SELECT `resource_id`, `id`, `filename`, type, max(`scale`) AS `scale`, `desc` FROM `photo` WHERE `uid` = %d AND `album` = '%s' + $r = q("SELECT `resource_id`, `id`, `filename`, type, max(`scale`) AS `scale`, `description` FROM `photo` WHERE `uid` = %d AND `album` = '%s' AND `scale` <= 4 and (photo_flags = %d or photo_flags = %d ) $sql_extra GROUP BY `resource_id` ORDER BY `created` $order LIMIT %d , %d", intval($owner_uid), dbesc($album), @@ -823,11 +819,11 @@ function photos_content(&$a) { if($a->get_template_engine() === 'internal') { $imgalt_e = template_escape($rr['filename']); - $desc_e = template_escape($rr['desc']); + $desc_e = template_escape($rr['description']); } else { $imgalt_e = $rr['filename']; - $desc_e = $rr['desc']; + $desc_e = $rr['description']; } @@ -868,7 +864,7 @@ function photos_content(&$a) { // fetch image, item containing image, then comments - $ph = q("SELECT aid,uid,xchan,resource_id,created,edited,title,`desc`,album,filename,`type`,height,width,`size`,scale,profile,photo_flags,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' + $ph = q("SELECT aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,profile,photo_flags,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' and (photo_flags = %d or photo_flags = %d ) $sql_extra ORDER BY `scale` ASC ", intval($owner_uid), dbesc($datum), @@ -1024,7 +1020,7 @@ function photos_content(&$a) { if($can_post) { $album_e = $ph[0]['album']; - $caption_e = $ph[0]['desc']; + $caption_e = $ph[0]['description']; $aclselect_e = populate_acl($ph[0]); $edit = array( @@ -1194,7 +1190,7 @@ function photos_content(&$a) { '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, - '$desc' => $ph[0]['desc'], + '$desc' => $ph[0]['description'], '$tags' => $tags_e, '$edit' => $edit, '$likebuttons' => $likebuttons, diff --git a/mod/register.php b/mod/register.php index 2040732ff..3f1fc5400 100644 --- a/mod/register.php +++ b/mod/register.php @@ -137,8 +137,8 @@ function register_content(&$a) { if(get_config('system','register_policy') == REGISTER_CLOSED) { - notice("Permission denied." . EOL); - return; + require_once('mod/pubsites.php'); + return pubsites_content($a); } $max_dailies = intval(get_config('system','max_daily_registrations')); diff --git a/mod/xref.php b/mod/xref.php new file mode 100644 index 000000000..95cc22aa7 --- /dev/null +++ b/mod/xref.php @@ -0,0 +1,20 @@ +<?php + +function xref_init(&$a) { + // Sets a referral URL using an xchan directly + // Link format: example.com/xref/[xchan]/[TargetURL] + // Target URL is optional. + // Cookie lasts 24 hours to survive a browser restart. Contains no personal + // information at all - just somebody else's xchan. + $referrer = argv(1); + $expire=time()+60*60*2; + $path = 'xref'; + setcookie($path, $referrer, $expire, "/"); + $url = ''; + + if (argc() > 2) + $url = argv(2); + + goaway (z_root() . '/' . $url); + +} |