1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
<?php
require_once('include/items.php');
require_once('include/conversation.php');
require_once('include/page_widgets.php');
function page_init(&$a) {
// We need this to make sure the channel theme is always loaded.
$which = argv(1);
$profile = 0;
profile_load($a,$which,$profile);
if($a->profile['profile_uid'])
head_set_icon($a->profile['thumb']);
}
function page_content(&$a) {
$observer = $a->get_observer();
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
$perms = get_all_perms($a->profile['profile_uid'],$ob_hash);
if(! $perms['view_pages']) {
notice( t('Permission denied.') . EOL);
return;
}
if(argc() < 3) {
notice( t('Invalid item.') . EOL);
return;
}
$channel_address = argv(1);
$page_id = argv(2);
$u = q("select channel_id from channel where channel_address = '%s' limit 1",
dbesc($channel_address)
);
if(! $u) {
notice( t('Channel not found.') . EOL);
return;
}
if($_REQUEST['rev'])
$revision = " and revision = " . intval($_REQUEST['rev']) . " ";
else
$revision = " order by revision desc ";
require_once('include/security.php');
$sql_options = item_permissions_sql($u[0]['channel_id']);
$r = q("select item.* from item left join item_id on item.id = item_id.iid
where item.uid = %d and sid = '%s' and service = 'WEBPAGE' and
item_restrict = %d $sql_options $revision limit 1",
intval($u[0]['channel_id']),
dbesc($page_id),
intval(ITEM_WEBPAGE)
);
if(! $r) {
// Check again with no permissions clause to see if it is a permissions issue
$x = q("select item.* from item left join item_id on item.id = item_id.iid
where item.uid = %d and sid = '%s' and service = 'WEBPAGE' and
item_restrict = %d $revision limit 1",
intval($u[0]['channel_id']),
dbesc($page_id),
intval(ITEM_WEBPAGE)
);
if($x) {
// Yes, it's there. You just aren't allowed to see it.
notice( t('Permission denied.') . EOL);
}
else {
notice( t('Page not found.') . EOL);
}
return;
}
if($r[0]['layout_mid']) {
$l = q("select body from item where mid = '%s' and uid = %d limit 1",
dbesc($r[0]['layout_mid']),
intval($u[0]['channel_id'])
);
if($l) {
require_once('include/comanche.php');
comanche_parser(get_app(),$l[0]['body']);
}
}
// logger('layout: ' . print_r($a->layout,true));
// Use of widgets should be determined by Comanche, but we don't have it on system pages yet, so...
if ($perms['write_pages']) {
$chan = $a->channel['channel_id'];
$who = $channel_address;
$which = $r[0]['id'];
$o .= writepages_widget($who,$which);
}
xchan_query($r);
$r = fetch_post_tags($r,true);
$body = prepare_body($r[0],true);
return $o . replace_macros(get_markup_template('page_display.tpl'),array(
'$author' => (($naked) ? '' : $item['author']['xchan_name']),
'$auth_url' => (($naked) ? '' : $item['author']['xchan_url']),
'$date' => (($naked) ? '' : datetime_convert('UTC',date_default_timezone_get(),$item['created'],'Y-m-d H:i')),
'$title' => smilies(bbcode($item['title'])),
'$body' => $body
));
}
|