1) ? argv(1) : 0); if (is_numeric($type)) { $item_id = intval($type); $type = 'item'; } else { $item_id = ((argc() > 2) ? intval(argv(2)) : 0); } if(! $item_id) killme(); if (! in_array($type, array('item', 'photo', 'attach', 'event', 'menu_item', 'chatroom'))) killme(); // we have different naming in in menu_item table and chatroom table switch($type) { case 'menu_item': $id = 'mitem_id'; break; case 'chatroom': $id = 'cr_id'; break; default: $id = 'id'; break; } $r = q("SELECT * FROM %s WHERE $id = %d LIMIT 1", dbesc($type), intval($item_id) ); if(! $r) killme(); $item = $r[0]; $uid = null; $url = ''; switch($type) { case 'menu_item': $uid = $item['mitem_channel_id']; break; case 'chatroom': $uid = $item['cr_uid']; $channel = channelx_by_n($uid); $url = z_root() . '/chat/' . $channel['channel_address'] . '/' . $item['cr_id']; break; case 'item': $uid = $item['uid']; $url = $item['plink']; break; case 'attach': $uid = $item['uid']; $channel = channelx_by_n($uid); $url = z_root() . '/cloud/' . $channel['channel_address'] . '/' . $item['display_path']; break; default: break; } if($uid != local_channel()) { echo ''; killme(); } if(intval($item['item_private']) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any // specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it // as unknown specific recipients. The sender will have the visibility list and will fall through to the // next section. echo ''; killme(); } $allowed_users = expand_acl($item['allow_cid']); $allowed_groups = expand_acl($item['allow_gid']); $deny_users = expand_acl($item['deny_cid']); $deny_groups = expand_acl($item['deny_gid']); $o = ''; $l = array(); stringify_array_elms($allowed_groups,true); stringify_array_elms($allowed_users,true); stringify_array_elms($deny_groups,true); stringify_array_elms($deny_users,true); $allowed_xchans = []; $profile_groups = []; if($allowed_groups) { foreach($allowed_groups as $g) { if(substr($g,0,4) === '\'vp.') { $profile_groups[] = '\'' . substr($g,4); } } } if(count($profile_groups)) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); if($r) { foreach($r as $rr) { $l[] = ''; } } } if(count($allowed_groups)) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); if($r) { foreach($r as $rr) { $gid = AccessList::by_name($uid, $rr['gname']); $pgrp_members = AccessList::members_xchan($uid, $gid); $allowed_xchans = array_merge($allowed_xchans, $pgrp_members); $l[] = ''; } } } if(count($allowed_users)) { $r = q("SELECT xchan_name, xchan_hash FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); if($r) { foreach($r as $rr) { $allowed_xchans[] = $rr['xchan_hash']; $l[] = ''; } } } $profile_groups = []; if($deny_groups) { foreach($deny_groups as $g) { if(substr($g,0,4) === '\'vp.') { $profile_groups[] = '\'' . substr($g,4); } } } if(count($profile_groups)) { $r = q("SELECT profile_name FROM profile WHERE profile_guid IN ( " . implode(', ', $profile_groups) . " )"); if($r) foreach($r as $rr) $l[] = ''; } if(count($deny_groups)) { $r = q("SELECT gname FROM pgrp WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); if($r) foreach($r as $rr) $l[] = ''; } if(count($deny_users)) { $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); if($r) foreach($r as $rr) $l[] = ''; } if ($atokens && $allowed_xchans && $url) { $l[] = ''; $l[] = ''; $allowed_xchans = array_unique($allowed_xchans); foreach($atokens as $atoken) { if(in_array($atoken['xchan_hash'], $allowed_xchans)) { $l[] = ''; } } } echo $o . implode($l); killme(); } }