From 3ebb4a3dc7a369e7a716ab93d02b44b20522080f Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Sun, 9 Sep 2012 21:17:06 -0700
Subject: updates

---
 include/Contact.php         | 54 +++++++++++++++++++++++++++++++++++++++++++++
 include/Scrape.php          |  5 +++--
 include/auth.php            |  3 +--
 include/contact_widgets.php | 13 ++++++++---
 include/conversation.php    | 21 ++++++++++++++++--
 include/delivery.php        |  5 +++--
 include/items.php           | 14 +++++++++++-
 include/notifier.php        |  8 +++----
 include/oauth.php           |  1 +
 include/security.php        | 16 +++++++++++++-
 10 files changed, 123 insertions(+), 17 deletions(-)

(limited to 'include')

diff --git a/include/Contact.php b/include/Contact.php
index c141fa188..5e0964d03 100644
--- a/include/Contact.php
+++ b/include/Contact.php
@@ -1,5 +1,59 @@
 <?php
 
+
+function map_perms($entity,$zguid) {
+
+	$is_contact = false;
+	$is_site    = false;
+	$is_network = false;
+	$is_anybody = true;
+
+	if(strlen($zguid)) {
+
+		$is_network = true;
+
+		$r = q("select * from contact where guid = '%s' and uid = %d limit 1",
+			dbesc($zguid),
+			intval($entity['entity_id'])
+		);
+		if($r && count($r)) {
+			$is_contact = true;
+			$contact = $r[0];
+		}
+		$r = q("select * from entity where entity_global_id = '%s' limit 1",
+			dbesc($zguid)
+		);
+		if($r && count($r)) {
+			$is_site = true;
+		}
+	}
+
+
+
+
+
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 
 // Included here for completeness, but this is a very dangerous operation.
 // It is the caller's responsibility to confirm the requestor's intent and
diff --git a/include/Scrape.php b/include/Scrape.php
index 5dbab23af..2e5ed7d32 100644
--- a/include/Scrape.php
+++ b/include/Scrape.php
@@ -532,9 +532,10 @@ function probe_url($url, $mode = PROBE_NORMAL) {
 			else
 				$poll = $tapi . '?screen_name=' . $tid;
 			$profile = 'http://twitter.com/#!/' . $tid;
-			$vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid;
+			//$vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid;
+			$vcard['photo'] = 'https://api.twitter.com/1/users/profile_image?screen_name=' . $tid . '&size=bigger';
 			$vcard['nick'] = $tid;
-			$vcard['fn'] = $tid . '@twitter';
+			$vcard['fn'] = $tid;
 		}
 
 		if($lastfm) {
diff --git a/include/auth.php b/include/auth.php
index 1e1df1808..d184b5ff7 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -11,14 +11,13 @@ function nuke_session() {
 	unset($_SESSION['administrator']);
 	unset($_SESSION['cid']);
 	unset($_SESSION['theme']);
+	unset($_SESSION['mobile-theme']);
 	unset($_SESSION['page_flags']);
 	unset($_SESSION['submanage']);
 	unset($_SESSION['my_url']);
 	unset($_SESSION['my_address']);
 	unset($_SESSION['addr']);
 	unset($_SESSION['return_url']);
-	unset($_SESSION['theme']);
-	unset($_SESSION['page_flags']);
 }
 
 /**
diff --git a/include/contact_widgets.php b/include/contact_widgets.php
index ae88eefb4..a8eb893a5 100644
--- a/include/contact_widgets.php
+++ b/include/contact_widgets.php
@@ -136,9 +136,16 @@ function common_friends_visitor_widget($profile_uid) {
 
 	$cid = $zcid = 0;
 
-	if(can_write_wall($a,$profile_uid))
-		$cid = remote_user();
-	else {
+	if(is_array($_SESSION['remote'])) {
+		foreach($_SESSION['remote'] as $visitor) {
+			if($visitor['uid'] == $profile_uid) {
+				$cid = $visitor['cid'];
+				break;
+			}
+		}
+	}
+
+	if(! $cid) {
 		if(get_my_url()) {
 			$r = q("select id from contact where nurl = '%s' and uid = %d limit 1",
 				dbesc(normalise_link(get_my_url())),
diff --git a/include/conversation.php b/include/conversation.php
index 7f0edc5de..7fb341ef3 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -365,12 +365,31 @@ function prepare_threads_body($a, $items, $cmnt_tpl, $page_writeable, $mode, $pr
 		$thumb = $item['thumb'];
 		$indent = '';
 		$osparkle = '';
+		$visiting = false;
 		$lastcollapsed = false;
 		$firstcollapsed = false;
 		$total_children += count_descendants($item);
 
 		$toplevelpost = (($item['id'] == $item['parent']) ? true : false);
+
+
+		if($item['uid'] == local_user())
+			$dropping = true;
+		elseif(is_array($_SESSION['remote'])) {
+			foreach($_SESSION['remote'] as $visitor) {
+				if($visitor['cid'] == $item['contact-id']) {
+					$dropping = true;
+					$visiting = true;
+					break;
+				}
+			}
+		}
+
 		$item_writeable = (($item['writable'] || $item['self']) ? true : false);
+
+		if($visiting && $mode == 'profile')
+			$item_writeable = true;
+
 		$show_comment_box = ((($page_writeable) && ($item_writeable)) ? true : false);
 		$lock = ((($item['private'] == 1) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) 
 			|| strlen($item['deny_cid']) || strlen($item['deny_gid']))))
@@ -382,8 +401,6 @@ function prepare_threads_body($a, $items, $cmnt_tpl, $page_writeable, $mode, $pr
 			$edpost = array($a->get_baseurl($ssl_state)."/editpost/".$item['id'], t("Edit"));
 		else
 			$edpost = false;
-		if((intval($item['contact-id']) && $item['contact-id'] == remote_user()) || ($item['uid'] == local_user()))
-			$dropping = true;
 
 		$drop = array(
 			'dropping' => $dropping,
diff --git a/include/delivery.php b/include/delivery.php
index 09448fcae..0d99f48a2 100644
--- a/include/delivery.php
+++ b/include/delivery.php
@@ -322,8 +322,9 @@ function delivery_run($argv, $argc){
 						dbesc($nickname)
 					);
 
-					if(count($x)) {
-						if($owner['page-flags'] == PAGE_COMMUNITY && ! $x[0]['writable']) {
+					if($x && count($x)) {
+						$write_flag = (($x[0]['rel'] == CONTACT_IS_FOLLOWER || $x[0]['rel'] == CONTACT_IS_FRIEND) ? true : false);
+						if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) {
 							q("update contact set writable = 1 where id = %d limit 1",
 								intval($x[0]['id'])
 							);
diff --git a/include/items.php b/include/items.php
index 63e9a646d..4acf72d77 100755
--- a/include/items.php
+++ b/include/items.php
@@ -3557,9 +3557,21 @@ function drop_item($id,$interactive = true) {
 
 	$owner = $item['uid'];
 
+	$cid = 0;
+
 	// check if logged in user is either the author or owner of this item
 
-	if((local_user() == $item['uid']) || (remote_user() == $item['contact-id']) || (! $interactive)) {
+	if(is_array($_SESSION['remote'])) {
+		foreach($_SESSION['remote'] as $visitor) {
+			if($visitor['uid'] == $item['uid'] && $visitor['cid'] == $item['contact-id']) {
+				$cid = $visitor['cid'];
+				break;
+			}
+		}
+	}
+
+
+	if((local_user() == $item['uid']) || ($cid) || (! $interactive)) {
 
 		// delete the item
 
diff --git a/include/notifier.php b/include/notifier.php
index 6e3cede56..15ab67b7b 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -279,7 +279,7 @@ function notifier_run($argv, $argc){
 			// a delivery fork. private groups (forum_mode == 2) do not uplink
 
 			if((intval($parent['forum_mode']) == 1) && (! $top_level) && ($cmd !== 'uplink')) {
-				proc_run('php','include/notifier','uplink',$item_id);
+				proc_run('php','include/notifier.php','uplink',$item_id);
 			}
 
 			$conversants = array();
@@ -543,9 +543,9 @@ function notifier_run($argv, $argc){
 							dbesc($nickname)
 						);
 
-						if(count($x)) {
-
-							if($owner['page-flags'] == PAGE_COMMUNITY && ! $x[0]['writable']) {
+						if($x && count($x)) {
+							$write_flag = (($x[0]['rel'] == CONTACT_IS_FOLLOWER || $x[0]['rel'] == CONTACT_IS_FRIEND) ? true : false);
+							if((($owner['page-flags'] == PAGE_COMMUNITY) || ($write_flag)) && (! $x[0]['writable'])) {
 								q("update contact set writable = 1 where id = %d limit 1",
 									intval($x[0]['id'])
 								);
diff --git a/include/oauth.php b/include/oauth.php
index 2724dcf7c..103d4c2fa 100644
--- a/include/oauth.php
+++ b/include/oauth.php
@@ -145,6 +145,7 @@ class FKOAuth1 extends OAuthServer {
 		}
 		$_SESSION['uid'] = $record['uid'];
 		$_SESSION['theme'] = $record['theme'];
+		$_SESSION['mobile-theme'] = get_pconfig($record['uid'], 'system', 'mobile_theme');
 		$_SESSION['authenticated'] = 1;
 		$_SESSION['page_flags'] = $record['page-flags'];
 		$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $record['nickname'];
diff --git a/include/security.php b/include/security.php
index 497166ec4..bc1e97059 100644
--- a/include/security.php
+++ b/include/security.php
@@ -181,12 +181,26 @@ function can_write_wall(&$a,$owner) {
 		elseif($verified === 1)
 			return false;
 		else {
+			$cid = 0;
+
+			if(is_array($_SESSION['remote'])) {
+				foreach($_SESSION['remote'] as $visitor) {
+					if($visitor['uid'] == $owner) {
+						$cid = $visitor['cid'];
+						break;
+					}
+				}
+			}
+
+			if(! $cid)
+				return false;
+
 
 			$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid` 
 				WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
 				AND `user`.`blockwall` = 0 AND `readonly` = 0  AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
 				intval($owner),
-				intval(remote_user()),
+				intval($cid),
 				intval(CONTACT_IS_SHARING),
 				intval(CONTACT_IS_FRIEND),
 				intval(PAGE_COMMUNITY)
-- 
cgit v1.2.3