aboutsummaryrefslogtreecommitdiffstats
path: root/mod/page.php
blob: 125c0141f1eb584c2a230839162ec1384d2ef1b2 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php

require_once('include/items.php');
require_once('include/conversation.php');
require_once('include/page_widgets.php');

function page_init(&$a) {
	// We need this to make sure the channel theme is always loaded.

	$which = argv(1);
	$profile = 0;
	profile_load($a,$which,$profile);

	if($a->profile['profile_uid'])
		head_set_icon($a->profile['thumb']);

}




function page_content(&$a) {

	$observer = $a->get_observer();
	$ob_hash = (($observer) ? $observer['xchan_hash'] : '');

	$perms = get_all_perms($a->profile['profile_uid'],$ob_hash);

	if(! $perms['view_pages']) {
		notice( t('Permission denied.') . EOL);
		return;
	}

	if(argc() < 3) {
		notice( t('Invalid item.') . EOL);
		return;
	}

	$channel_address = argv(1);
	$page_id = argv(2);

	$u = q("select channel_id from channel where channel_address = '%s' limit 1",
		dbesc($channel_address)
	);

	if(! $u) {
		notice( t('Channel not found.') . EOL);
		return;
	}

	if($_REQUEST['rev'])
		$revision = " and revision = " . intval($_REQUEST['rev']) . " ";
	else
		$revision = " order by revision desc ";

	require_once('include/security.php');
	$sql_options = item_permissions_sql($u[0]['channel_id']);

	$r = q("select item.* from item left join item_id on item.id = item_id.iid
		where item.uid = %d and sid = '%s' and service = 'WEBPAGE' and 
		(item_restrict & %d) $sql_options $revision limit 1",
		intval($u[0]['channel_id']),
		dbesc($page_id),
		intval(ITEM_WEBPAGE)
	);

	if(! $r) {

		// Check again with no permissions clause to see if it is a permissions issue

		$x = q("select item.* from item left join item_id on item.id = item_id.iid
		where item.uid = %d and sid = '%s' and service = 'WEBPAGE' and 
		item_restrict = %d $revision limit 1",
			intval($u[0]['channel_id']),
			dbesc($page_id),
			intval(ITEM_WEBPAGE)
		);
		if($x) {
			// Yes, it's there. You just aren't allowed to see it.
			notice( t('Permission denied.') . EOL);
		}
		else {
			notice( t('Page not found.') . EOL);
		}
		return;
	}

	if($r[0]['layout_mid']) {
		$l = q("select body from item where mid = '%s' and uid = %d limit 1",
			dbesc($r[0]['layout_mid']),
			intval($u[0]['channel_id'])
		);

		if($l) {
			require_once('include/comanche.php');
			comanche_parser(get_app(),$l[0]['body']);
		}
	}


	// logger('layout: ' . print_r($a->layout,true));

	// Use of widgets should be determined by Comanche, but we don't have it on system pages yet, so...

	if ($perms['write_pages']) {
		$chan = $a->channel['channel_id'];
		$who = $channel_address;
		$which = $r[0]['id'];
		$o .= writepages_widget($who,$which);
	}

	xchan_query($r);
	$r = fetch_post_tags($r,true);

	$o .= prepare_page($r[0]);
	return $o;

}