function photos_content(&$a) { // URLs: // photos/name // photos/name/album/xxxxx (xxxxx is album name) // photos/name/image/xxxxx if (get_config('system', 'block_public') && !local_channel() && !remote_channel()) { notice(t('Public access denied.') . EOL); return; } $unsafe = array_key_exists('unsafe', $_REQUEST) && $_REQUEST['unsafe'] ? 1 : 0; require_once 'include/bbcode.php'; require_once 'include/security.php'; require_once 'include/conversation.php'; if (!x($a->data, 'channel')) { notice(t('No photos selected') . EOL); return; } $ph = photo_factory(''); $phototypes = $ph->supportedTypes(); $_SESSION['photo_return'] = $a->cmd; // // Parse arguments // $can_comment = perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'post_comments'); if (argc() > 3) { $datatype = argv(2); $datum = argv(3); } else { if (argc() > 2) { $datatype = argv(2); $datum = ''; } else { $datatype = 'summary'; } } if (argc() > 4) { $cmd = argv(4); } else { $cmd = 'view'; } // // Setup permissions structures // $can_post = false; $visitor = 0; $owner_uid = $a->data['channel']['channel_id']; $owner_aid = $a->data['channel']['channel_account_id']; $observer = $a->get_observer(); $can_post = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'write_storage'); $can_view = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'view_storage'); if (!$can_view) { notice(t('Access to this item is restricted.') . EOL); return; } $sql_extra = permissions_sql($owner_uid); $o = ""; $o .= "<script> var profile_uid = " . $a->profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; // tabs $_is_owner = local_channel() && local_channel() == $owner_uid; $o .= profile_tabs($a, $_is_owner, $a->data['channel']['channel_address']); /** * Display upload form */ if ($can_post) { $uploader = ''; $ret = array('post_url' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'], 'addon_text' => $uploader, 'default_upload' => true); call_hooks('photo_upload_form', $ret); /* Show space usage */ $r = q("select sum(size) as total from photo where aid = %d and scale = 0 ", intval($a->data['channel']['channel_account_id'])); $limit = service_class_fetch($a->data['channel']['channel_id'], 'photo_upload_limit'); if ($limit !== false) { $usage_message = sprintf(t("%1\$.2f MB of %2\$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000); } else { $usage_message = sprintf(t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000); } if ($_is_owner) { $channel = $a->get_channel(); $acl = new AccessList($channel); $channel_acl = $acl->get(); $lockstate = $acl->is_private() ? 'lock' : 'unlock'; } $aclselect = $_is_owner ? populate_acl($channel_acl, false) : ''; $selname = $datum ? hex2bin($datum) : ''; $albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']); if (!$selname) { $def_album = get_pconfig($a->data['channel']['channel_id'], 'system', 'photo_path'); if ($def_album) { $selname = filepath_macro($def_album); $albums['album'][] = array('text' => $selname); } } $tpl = get_markup_template('photos_upload.tpl'); $upload_form = replace_macros($tpl, array('$pagename' => t('Upload Photos'), '$sessid' => session_id(), '$usage' => $usage_message, '$nickname' => $a->data['channel']['channel_address'], '$newalbum_label' => t('Enter an album name'), '$newalbum_placeholder' => t('or select an existing album (doubleclick)'), '$visible' => array('visible', t('Create a status post for this upload'), 0, '', array(t('No'), t('Yes'))), '$albums' => $albums['albums'], '$selname' => $selname, '$permissions' => t('Permissions'), '$aclselect' => $aclselect, '$lockstate' => $lockstate, '$uploader' => $ret['addon_text'], '$default' => $ret['default_upload'] ? true : false, '$uploadurl' => $ret['post_url'], '$submit' => t('Submit'))); } // // dispatch request // /* * Display a single photo album */ if ($datatype === 'album') { if (strlen($datum)) { if (strlen($datum) & 1 || !ctype_xdigit($datum)) { notice(t('Album name could not be decoded') . EOL); logger('mod_photos: illegal album encoding: ' . $datum); $datum = ''; } } $album = $datum ? hex2bin($datum) : ''; $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' \n\t\t\tAND `scale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY `resource_id`", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe)); if (count($r)) { $a->set_pager_total(count($r)); $a->set_pager_itemspage(60); } else { goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address']); } if ($_GET['order'] === 'posted') { $order = 'ASC'; } else { $order = 'DESC'; } $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN\n\t\t\t\t(SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY resource_id) ph \n\t\t\t\tON (p.resource_id = ph.resource_id AND p.scale = ph.scale)\n\t\t\tORDER BY created {$order} LIMIT %d OFFSET %d", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start'])); //edit album name $album_edit = null; if ($album !== t('Profile Photos') && $album !== 'Profile Photos' && $album !== 'Contact Photos' && $album !== t('Contact Photos')) { if ($can_post) { if ($a->get_template_engine() === 'internal') { $album_e = template_escape($album); } else { $album_e = $album; } $albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']); // @fixme - syncronise actions with DAV // $edit_tpl = get_markup_template('album_edit.tpl'); // $album_edit = replace_macros($edit_tpl,array( // '$nametext' => t('Enter a new album name'), // '$name_placeholder' => t('or select an existing one (doubleclick)'), // '$nickname' => $a->data['channel']['channel_address'], // '$album' => $album_e, // '$albums' => $albums['albums'], // '$hexalbum' => bin2hex($album), // '$submit' => t('Submit'), // '$dropsubmit' => t('Delete Album') // )); } } if ($_GET['order'] === 'posted') { $order = array(t('Show Newest First'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album)); } else { $order = array(t('Show Oldest First'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album) . '?f=&order=posted'); } $photos = array(); if (count($r)) { $twist = 'rotright'; foreach ($r as $rr) { if ($twist == 'rotright') { $twist = 'rotleft'; } else { $twist = 'rotright'; } $ext = $phototypes[$rr['type']]; $imgalt_e = $rr['filename']; $desc_e = $rr['description']; $imagelink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : ''); $photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $imagelink, 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['scale'] . '.' . $ext, 'alt' => $imgalt_e, 'desc' => $desc_e, 'ext' => $ext, 'hash' => $rr['resource_id'], 'unknown' => t('Unknown')); } } if ($_REQUEST['aj']) { if ($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'), array('$photos' => $photos)); } else { $o = '<div id="content-complete"></div>'; } echo $o; killme(); } else { $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array('$photos' => $photos, '$album' => $album, '$album_edit' => array(t('Edit Album'), $album_edit), '$can_post' => $can_post, '$upload' => array(t('Upload'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload/' . bin2hex($album)), '$order' => $order, '$upload_form' => $upload_form, '$usage' => $usage_message)); } if (!$photos && $_REQUEST['aj']) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } // $o .= paginate($a); return $o; } /** * Display one photo */ if ($datatype === 'image') { // fetch image, item containing image, then comments $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' \n\t\t\t{$sql_extra} ORDER BY `scale` ASC ", intval($owner_uid), dbesc($datum)); if (!$ph) { /* Check again - this time without specifying permissions */ $ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' LIMIT 1", intval($owner_uid), dbesc($datum)); if ($ph) { notice(t('Permission denied. Access to this item may be restricted.') . EOL); } else { notice(t('Photo not available') . EOL); } return; } $prevlink = ''; $nextlink = ''; if ($_GET['order'] === 'posted') { $order = 'ASC'; } else { $order = 'DESC'; } $prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 \n\t\t\t{$sql_extra} ORDER BY `created` {$order} ", dbesc($ph[0]['album']), intval($owner_uid)); if (count($prvnxt)) { for ($z = 0; $z < count($prvnxt); $z++) { if ($prvnxt[$z]['resource_id'] == $ph[0]['resource_id']) { $prv = $z - 1; $nxt = $z + 1; if ($prv < 0) { $prv = count($prvnxt) - 1; } if ($nxt >= count($prvnxt)) { $nxt = 0; } break; } } $prevlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : ''); $nextlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : ''); } if (count($ph) == 1) { $hires = $lores = $ph[0]; } if (count($ph) > 1) { if ($ph[1]['scale'] == 2) { // original is 640 or less, we can display it directly $hires = $lores = $ph[0]; } else { $hires = $ph[0]; $lores = $ph[1]; } } $album_link = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($ph[0]['album']); $tools = Null; $lock = Null; if ($can_post && $ph[0]['uid'] == $owner_uid) { $tools = array('profile' => array($a->get_baseurl() . '/profile_photo/use/' . $ph[0]['resource_id'], t('Use as profile photo'))); } // lockstate $lockstate = strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid']) ? array('lock', t('Private Photo')) : array('unlock', Null); $a->page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n"; if ($prevlink) { $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n"; } if ($nextlink) { $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n"; } $a->page['htmlhead'] .= '});</script>'; if ($prevlink) { $prevlink = array($prevlink, t('Previous')); } $photo = array('href' => $a->get_baseurl() . '/photo/' . $hires['resource_id'] . '-' . $hires['scale'] . '.' . $phototypes[$hires['type']], 'title' => t('View Full Size'), 'src' => $a->get_baseurl() . '/photo/' . $lores['resource_id'] . '-' . $lores['scale'] . '.' . $phototypes[$lores['type']] . '?f=&_u=' . datetime_convert('', '', '', 'ymdhis')); if ($nextlink) { $nextlink = array($nextlink, t('Next')); } // Do we have an item for this photo? $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' \n\t\t\t{$sql_extra} LIMIT 1", dbesc($datum)); $map = null; if ($linked_items) { xchan_query($linked_items); $linked_items = fetch_post_tags($linked_items, true); $link_item = $linked_items[0]; $item_normal = item_normal(); $r = q("select * from item where parent_mid = '%s' \n\t\t\t\t{$item_normal} and uid = %d {$sql_extra} ", dbesc($link_item['mid']), intval($link_item['uid'])); if ($r) { xchan_query($r); $r = fetch_post_tags($r, true); $r = conv_sort($r, 'commented'); } $tags = array(); if ($link_item['term']) { $cnt = 0; foreach ($link_item['term'] as $t) { $tags[$cnt] = array(0 => format_term_for_display($t)); if ($can_post && $ph[0]['uid'] == $owner_uid) { $tags[$cnt][1] = 'tagrm/drop/' . $link_item['id'] . '/' . bin2hex($t['term']); //?f=&item=' . $link_item['id']; $tags[$cnt][2] = t('Remove'); } $cnt++; } } if (local_channel() && local_channel() == $link_item['uid']) { q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", intval($link_item['parent']), intval(local_channel())); } if ($link_item['coord']) { $map = generate_map($link_item['coord']); } } // logger('mod_photo: link_item' . print_r($link_item,true)); // FIXME - remove this when we move to conversation module $r = $r[0]['children']; $edit = null; if ($can_post) { $album_e = $ph[0]['album']; $caption_e = $ph[0]['description']; $aclselect_e = $_is_owner ? populate_acl($ph[0]) : ''; $albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']); $_SESSION['album_return'] = bin2hex($ph[0]['album']); $edit = array('edit' => t('Edit photo'), 'id' => $link_item['id'], 'rotatecw' => t('Rotate CW (right)'), 'rotateccw' => t('Rotate CCW (left)'), 'albums' => $albums['albums'], 'album' => $album_e, 'newalbum_label' => t('Enter a new album name'), 'newalbum_placeholder' => t('or select an existing one (doubleclick)'), 'nickname' => $a->data['channel']['channel_address'], 'resource_id' => $ph[0]['resource_id'], 'capt_label' => t('Caption'), 'caption' => $caption_e, 'tag_label' => t('Add a Tag'), 'permissions' => t('Permissions'), 'aclselect' => $aclselect_e, 'lockstate' => $lockstate[0], 'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'), 'item_id' => count($linked_items) ? $link_item['id'] : 0, 'adult_enabled' => feature_enabled($owner_uid, 'adult_photo_flagging'), 'adult' => array('adult', t('Flag as adult in album view'), intval($ph[0]['is_nsfw']), ''), 'submit' => t('Submit'), 'delete' => t('Delete Photo')); } if (count($linked_items)) { $cmnt_tpl = get_markup_template('comment_item.tpl'); $tpl = get_markup_template('photo_item.tpl'); $return_url = $a->cmd; $like_tpl = get_markup_template('like_noshare.tpl'); $likebuttons = ''; if ($can_post || $can_comment) { $likebuttons = array('id' => $link_item['id'], 'likethis' => t("I like this (toggle)"), 'nolike' => t("I don't like this (toggle)"), 'share' => t('Share'), 'wait' => t('Please wait')); } $comments = ''; if (!count($r)) { if ($can_post || $can_comment) { $commentbox = replace_macros($cmnt_tpl, array('$return_path' => '', '$mode' => 'photos', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$preview' => t('Preview'), '$ww' => '', '$feature_encrypt' => false)); } } $alike = array(); $dlike = array(); $like = ''; $dislike = ''; $conv_responses = array('like' => array('title' => t('Likes', 'title')), 'dislike' => array('title' => t('Dislikes', 'title')), 'agree' => array('title' => t('Agree', 'title')), 'disagree' => array('title' => t('Disagree', 'title')), 'abstain' => array('title' => t('Abstain', 'title')), 'attendyes' => array('title' => t('Attending', 'title')), 'attendno' => array('title' => t('Not attending', 'title')), 'attendmaybe' => array('title' => t('Might attend', 'title'))); if ($r) { foreach ($r as $item) { builtin_activity_puller($item, $conv_responses); } $like_count = x($alike, $link_item['mid']) ? $alike[$link_item['mid']] : ''; $like_list = x($alike, $link_item['mid']) ? $alike[$link_item['mid'] . '-l'] : ''; if (count($like_list) > MAX_LIKERS) { $like_list_part = array_slice($like_list, 0, MAX_LIKERS); array_push($like_list_part, '<a href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>'); } else { $like_list_part = ''; } $like_button_label = tt('Like', 'Likes', $like_count, 'noun'); //if (feature_enabled($conv->get_profile_owner(),'dislike')) { $dislike_count = x($dlike, $link_item['mid']) ? $dlike[$link_item['mid']] : ''; $dislike_list = x($dlike, $link_item['mid']) ? $dlike[$link_item['mid'] . '-l'] : ''; $dislike_button_label = tt('Dislike', 'Dislikes', $dislike_count, 'noun'); if (count($dislike_list) > MAX_LIKERS) { $dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS); array_push($dislike_list_part, '<a href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>'); } else { $dislike_list_part = ''; } //} $like = isset($alike[$link_item['mid']]) ? format_like($alike[$link_item['mid']], $alike[$link_item['mid'] . '-l'], 'like', $link_item['mid']) : ''; $dislike = isset($dlike[$link_item['mid']]) ? format_like($dlike[$link_item['mid']], $dlike[$link_item['mid'] . '-l'], 'dislike', $link_item['mid']) : ''; // display comments foreach ($r as $item) { $comment = ''; $template = $tpl; $sparkle = ''; if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) { continue; } $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid']; $profile_url = zid($item['author']['xchan_url']); $sparkle = ''; $profile_name = $item['author']['xchan_name']; $profile_avatar = $item['author']['xchan_photo_m']; $profile_link = $profile_url; $drop = ''; if ($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan']) { $drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete'))); } $name_e = $profile_name; $title_e = $item['title']; unobscure($item); $body_e = prepare_text($item['body'], $item['mimetype']); $comments .= replace_macros($template, array('$id' => $item['id'], '$mode' => 'photos', '$profile_url' => $profile_link, '$name' => $name_e, '$thumb' => $profile_avatar, '$sparkle' => $sparkle, '$title' => $title_e, '$body' => $body_e, '$ago' => relative_date($item['created']), '$indent' => $item['parent'] != $item['id'] ? ' comment' : '', '$drop' => $drop, '$comment' => $comment)); } if ($can_post || $can_comment) { $commentbox = replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$ww' => '')); } } $paginate = paginate($a); } $album_e = array($album_link, $ph[0]['album']); $like_e = $like; $dislike_e = $dislike; $response_verbs = array('like'); if (feature_enabled($owner_uid, 'dislike')) { $response_verbs[] = 'dislike'; } $responses = get_responses($conv_responses, $response_verbs, '', $link_item); $photo_tpl = get_markup_template('photo_view.tpl'); $o .= replace_macros($photo_tpl, array('$id' => $ph[0]['id'], '$album' => $album_e, '$tools' => $tools, '$lock' => $lockstate[1], '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, '$desc' => $ph[0]['description'], '$filename' => $ph[0]['filename'], '$unknown' => t('Unknown'), '$tag_hdr' => t('In This Photo:'), '$tags' => $tags, 'responses' => $responses, '$edit' => $edit, '$map' => $map, '$map_text' => t('Map'), '$likebuttons' => $likebuttons, '$like' => $like_e, '$dislike' => $dislike_e, '$like_count' => $like_count, '$like_list' => $like_list, '$like_list_part' => $like_list_part, '$like_button_label' => $like_button_label, '$like_modal_title' => t('Likes', 'noun'), '$dislike_modal_title' => t('Dislikes', 'noun'), '$dislike_count' => $dislike_count, '$dislike_list' => $dislike_list, '$dislike_list_part' => $dislike_list_part, '$dislike_button_label' => $dislike_button_label, '$modal_dismiss' => t('Close'), '$comments' => $comments, '$commentbox' => $commentbox, '$paginate' => $paginate)); $a->data['photo_html'] = $o; return $o; } // Default - show recent photos with upload link (if applicable) //$o = ''; $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' \n\t\tand photo_usage in ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY `resource_id`", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe)); if (count($r)) { $a->set_pager_total(count($r)); $a->set_pager_itemspage(60); } $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.album, p.scale, p.created FROM photo p INNER JOIN \n\t\t(SELECT resource_id, max(scale) scale FROM photo \n\t\t\tWHERE uid=%d AND album != '%s' AND album != '%s' \n\t\t\tAND photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} group by resource_id) ph \n\t\tON (p.resource_id = ph.resource_id and p.scale = ph.scale) ORDER by p.created DESC LIMIT %d OFFSET %d", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start'])); $photos = array(); if (count($r)) { $twist = 'rotright'; foreach ($r as $rr) { if ($twist == 'rotright') { $twist = 'rotleft'; } else { $twist = 'rotright'; } $ext = $phototypes[$rr['type']]; if ($a->get_template_engine() === 'internal') { $alt_e = template_escape($rr['filename']); $name_e = template_escape($rr['album']); } else { $alt_e = $rr['filename']; $name_e = $rr['album']; } $photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'], 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . ($rr['scale'] == 6 ? 4 : $rr['scale']) . '.' . $ext, 'alt' => $alt_e, 'album' => array('link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($rr['album']), 'name' => $name_e, 'alt' => t('View Album'))); } } if ($_REQUEST['aj']) { if ($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'), array('$photos' => $photos)); } else { $o = '<div id="content-complete"></div>'; } echo $o; killme(); } else { $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array('$title' => t('Recent Photos'), '$can_post' => $can_post, '$upload' => array(t('Upload'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload'), '$photos' => $photos, '$upload_form' => $upload_form, '$usage' => $usage_message)); } if (!$photos && $_REQUEST['aj']) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } // paginate($a); return $o; }
/** * A lot going on in this function, and some of it is old cruft and some is new cruft * and the entire thing probably needs to be refactored. It started out just storing * files, before we had DAV. It was made extensible to do extra stuff like edit an * existing file or optionally store a separate revision using $options to choose between different * storage models. Along the way we moved from * DB data storage to file system storage. * Then DAV came along and used different upload methods depending on whether the * file was stored as a DAV directory object or updated as a file object. One of these * is essentially an update and the other is basically an upload, but doesn't use the traditional PHP * upload workflow. * Then came hubzilla and we tried to merge photo functionality with the file storage. Most of * that integration occurs within this function. * This required overlap with the old photo_upload stuff and photo albums were * completely different concepts from directories which needed to be reconciled somehow. * The old revision stuff is kind of orphaned currently. There's new revision stuff for photos * which attaches (2) etc. onto the name, but doesn't integrate with the attach table revisioning. * That's where it sits currently. I repeat it needs to be refactored, and this note is here * for future explorers and those who may be doing that work to understand where it came * from and got to be the monstrosity of tangled unrelated code that it currently is. */ function attach_store($channel, $observer_hash, $options = '', $arr = null) { require_once 'include/photos.php'; call_hooks('photo_upload_begin', $arr); $ret = array('success' => false); $channel_id = $channel['channel_id']; $sql_options = ''; $source = $arr ? $arr['source'] : ''; $album = $arr ? $arr['album'] : ''; $newalbum = $arr ? $arr['newalbum'] : ''; $hash = $arr && $arr['hash'] ? $arr['hash'] : null; $upload_path = $arr && $arr['directory'] ? $arr['directory'] : ''; $visible = $arr && $arr['visible'] ? $arr['visible'] : ''; $observer = array(); if ($observer_hash) { $x = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($observer_hash)); if ($x) { $observer = $x[0]; } } logger('arr: ' . print_r($arr, true)); if (!perm_is_allowed($channel_id, $observer_hash, 'write_storage')) { $ret['message'] = t('Permission denied.'); return $ret; } $str_group_allow = perms2str($arr['group_allow']); $str_contact_allow = perms2str($arr['contact_allow']); $str_group_deny = perms2str($arr['group_deny']); $str_contact_deny = perms2str($arr['contact_deny']); // The 'update' option sets db values without uploading a new attachment // 'replace' replaces the existing uploaded data // 'revision' creates a new revision with new upload data // Default is to upload a new file // revise or update must provide $arr['hash'] of the thing to revise/update // By default remove $src when finished $remove_when_processed = true; if ($options === 'import') { $src = $arr['src']; $filename = $arr['filename']; $filesize = @filesize($src); $hash = $arr['resource_id']; if (array_key_exists('hash', $arr)) { $hash = $arr['hash']; } if (array_key_exists('type', $arr)) { $type = $arr['type']; } if ($arr['preserve_original']) { $remove_when_processed = false; } // if importing a directory, just do it now and go home - we're done. if (array_key_exists('is_dir', $arr) && intval($arr['is_dir'])) { $x = attach_mkdir($channel, $observer_hash, $arr); if ($x['message']) { logger('import_directory: ' . $x['message']); } return; } } elseif ($options !== 'update') { $f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => ''); call_hooks('photo_upload_file', $f); call_hooks('attach_upload_file', $f); if (x($f, 'src') && x($f, 'filesize')) { $src = $f['src']; $filename = $f['filename']; $filesize = $f['filesize']; $type = $f['type']; } else { if (!x($_FILES, 'userfile')) { $ret['message'] = t('No source file.'); return $ret; } $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); } } $existing_size = 0; if ($options === 'replace') { $x = q("select id, hash, filesize from attach where id = %d and uid = %d limit 1", intval($arr['id']), intval($channel_id)); if (!$x) { $ret['message'] = t('Cannot locate file to replace'); return $ret; } $existing_id = $x[0]['id']; $existing_size = intval($x[0]['filesize']); $hash = $x[0]['hash']; } if ($options === 'revise' || $options === 'update') { $sql_options = " order by revision desc "; if ($options === 'update' && $arr && array_key_exists('revision', $arr)) { $sql_options = " and revision = " . intval($arr['revision']) . " "; } $x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d {$sql_options} limit 1", dbesc($arr['hash']), intval($channel_id)); if (!$x) { $ret['message'] = t('Cannot locate file to revise/update'); return $ret; } $hash = $x[0]['hash']; } $def_extension = ''; $is_photo = 0; $gis = @getimagesize($src); logger('getimagesize: ' . print_r($gis, true), LOGGER_DATA); if ($gis && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) { $is_photo = 1; if ($gis[2] === IMAGETYPE_GIF) { $def_extension = '.gif'; } if ($gis[2] === IMAGETYPE_JPEG) { $def_extension = '.jpg'; } if ($gis[2] === IMAGETYPE_PNG) { $def_extension = '.png'; } } $pathname = ''; if ($is_photo) { if ($newalbum) { $pathname = filepath_macro($newalbum); } elseif (array_key_exists('folder', $arr)) { $x = q("select filename from attach where hash = '%s' and uid = %d limit 1", dbesc($arr['folder']), intval($channel['channel_id'])); if ($x) { $pathname = $x[0]['filename']; } } else { $pathname = filepath_macro($album); } } else { $pathname = filepath_macro($upload_path); } $darr = array('pathname' => $pathname); // if we need to create a directory, use the channel default permissions. $darr['allow_cid'] = $channel['allow_cid']; $darr['allow_gid'] = $channel['allow_gid']; $darr['deny_cid'] = $channel['deny_cid']; $darr['deny_gid'] = $channel['deny_gid']; $direct = null; if ($pathname) { $x = attach_mkdirp($channel, $observer_hash, $darr); $folder_hash = $x['success'] ? $x['data']['hash'] : ''; $direct = $x['success'] ? $x['data'] : null; if (!$str_contact_allow && !$str_group_allow && !$str_contact_deny && !$str_group_deny) { $str_contact_allow = $x['data']['allow_cid']; $str_group_allow = $x['data']['allow_gid']; $str_contact_deny = $x['data']['deny_cid']; $str_group_deny = $x['data']['deny_gid']; } } else { $folder_hash = $arr && array_key_exists('folder', $arr) ? $arr['folder'] : ''; } if (!$options || $options === 'import') { // A freshly uploaded file. Check for duplicate and resolve with the channel's overwrite settings. $r = q("select filename, id, hash, filesize from attach where filename = '%s' and folder = '%s' ", dbesc($filename), dbesc($folder_hash)); if ($r) { $overwrite = get_pconfig($channel_id, 'system', 'overwrite_dup_files'); if ($overwrite) { $options = 'replace'; $existing_id = $x[0]['id']; $existing_size = intval($x[0]['filesize']); $hash = $x[0]['hash']; } else { if (strpos($filename, '.') !== false) { $basename = substr($filename, 0, strrpos($filename, '.')); $ext = substr($filename, strrpos($filename, '.')); } else { $basename = $filename; $ext = $def_extension; } $r = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' ", dbesc($basename . $ext), dbesc($basename . '(%)' . $ext), dbesc($folder_hash)); if ($r) { $x = 1; do { $found = false; foreach ($r as $rr) { if ($rr['filename'] === $basename . '(' . $x . ')' . $ext) { $found = true; break; } } if ($found) { $x++; } } while ($found); $filename = $basename . '(' . $x . ')' . $ext; } else { $filename = $basename . $ext; } } } } if (!$hash) { $hash = random_string(); } // Check storage limits if ($options !== 'update') { $maxfilesize = get_config('system', 'maxfilesize'); if ($maxfilesize && $filesize > $maxfilesize) { $ret['message'] = sprintf(t('File exceeds size limit of %d'), $maxfilesize); if ($remove_when_processed) { @unlink($src); } call_hooks('photo_upload_end', $ret); return $ret; } $limit = service_class_fetch($channel_id, 'attach_upload_limit'); if ($limit !== false) { $r = q("select sum(filesize) as total from attach where aid = %d ", intval($channel['channel_account_id'])); if ($r && $r[0]['total'] + $filesize > $limit - $existing_size) { $ret['message'] = upgrade_message(true) . sprintf(t("You have reached your limit of %1\$.0f Mbytes attachment storage."), $limit / 1024000); if ($remove_when_processed) { @unlink($src); } call_hooks('photo_upload_end', $ret); return $ret; } } $mimetype = isset($type) && $type ? $type : z_mime_content_type($filename); } $os_basepath = 'store/' . $channel['channel_address'] . '/'; $os_relpath = ''; if ($folder_hash) { $curr = find_folder_hash_by_attach_hash($channel_id, $folder_hash, true); if ($curr) { $os_relpath .= $curr . '/'; } $os_relpath .= $folder_hash . '/'; } $os_relpath .= $hash; if ($src) { @file_put_contents($os_basepath . $os_relpath, @file_get_contents($src)); } if (array_key_exists('created', $arr)) { $created = $arr['created']; } else { $created = datetime_convert(); } if (array_key_exists('edited', $arr)) { $edited = $arr['edited']; } else { $edited = $created; } if ($options === 'replace') { $r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', filesize = %d, os_storage = %d, is_photo = %d, data = '%s', edited = '%s' where id = %d and uid = %d", dbesc($filename), dbesc($mimetype), dbesc($folder_hash), intval($filesize), intval(1), intval($is_photo), dbesc($os_relpath), dbesc($created), intval($existing_id), intval($channel_id)); } elseif ($options === 'revise') { $r = q("insert into attach ( aid, uid, hash, creator, filename, filetype, folder, filesize, revision, os_storage, is_photo, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )\n\t\t\tVALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($x[0]['aid']), intval($channel_id), dbesc($x[0]['hash']), dbesc($observer_hash), dbesc($filename), dbesc($mimetype), dbesc($folder_hash), intval($filesize), intval($x[0]['revision'] + 1), intval(1), intval($is_photo), dbesc($os_relpath), dbesc($created), dbesc($created), dbesc($x[0]['allow_cid']), dbesc($x[0]['allow_gid']), dbesc($x[0]['deny_cid']), dbesc($x[0]['deny_gid'])); } elseif ($options === 'update') { $r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', edited = '%s', os_storage = %d, is_photo = %d, \n\t\t\tallow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d", dbesc(array_key_exists('filename', $arr) ? $arr['filename'] : $x[0]['filename']), dbesc(array_key_exists('filetype', $arr) ? $arr['filetype'] : $x[0]['filetype']), dbesc($folder_hash ? $folder_hash : $x[0]['folder']), dbesc($created), dbesc(array_key_exists('os_storage', $arr) ? $arr['os_storage'] : $x[0]['os_storage']), dbesc(array_key_exists('is_photo', $arr) ? $arr['is_photo'] : $x[0]['is_photo']), dbesc(array_key_exists('allow_cid', $arr) ? $arr['allow_cid'] : $x[0]['allow_cid']), dbesc(array_key_exists('allow_gid', $arr) ? $arr['allow_gid'] : $x[0]['allow_gid']), dbesc(array_key_exists('deny_cid', $arr) ? $arr['deny_cid'] : $x[0]['deny_cid']), dbesc(array_key_exists('deny_gid', $arr) ? $arr['deny_gid'] : $x[0]['deny_gid']), intval($x[0]['id']), intval($x[0]['uid'])); } else { $r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, folder, filesize, revision, os_storage, is_photo, data, created, edited, allow_cid, allow_gid,deny_cid, deny_gid )\n\t\t\tVALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($channel['channel_account_id']), intval($channel_id), dbesc($hash), dbesc(get_observer_hash()), dbesc($filename), dbesc($mimetype), dbesc($folder_hash), intval($filesize), intval(0), intval(1), intval($is_photo), dbesc($os_relpath), dbesc($created), dbesc($created), dbesc($arr && array_key_exists('allow_cid', $arr) ? $arr['allow_cid'] : $str_contact_allow), dbesc($arr && array_key_exists('allow_gid', $arr) ? $arr['allow_gid'] : $str_group_allow), dbesc($arr && array_key_exists('deny_cid', $arr) ? $arr['deny_cid'] : $str_contact_deny), dbesc($arr && array_key_exists('deny_gid', $arr) ? $arr['deny_gid'] : $str_group_deny)); } if ($is_photo) { $args = array('source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => basename($pathname), 'os_path' => $os_basepath . $os_relpath, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct); if ($arr['contact_allow']) { $args['contact_allow'] = $arr['contact_allow']; } if ($arr['group_allow']) { $args['group_allow'] = $arr['group_allow']; } if ($arr['contact_deny']) { $args['contact_deny'] = $arr['contact_deny']; } if ($arr['group_deny']) { $args['group_deny'] = $arr['group_deny']; } if (array_key_exists('allow_cid', $arr)) { $args['allow_cid'] = $arr['allow_cid']; } if (array_key_exists('allow_gid', $arr)) { $args['allow_gid'] = $arr['allow_gid']; } if (array_key_exists('deny_cid', $arr)) { $args['deny_cid'] = $arr['deny_cid']; } if (array_key_exists('deny_gid', $arr)) { $args['deny_gid'] = $arr['deny_gid']; } $args['created'] = $created; $args['edited'] = $edited; if ($arr['item']) { $args['item'] = $arr['item']; } $p = photo_upload($channel, $observer, $args); if ($p['success']) { $ret['body'] = $p['body']; } } if ($options !== 'update' && $remove_when_processed) { @unlink($src); } if (!$r) { $ret['message'] = t('File upload failed. Possible system limit or action terminated.'); call_hooks('photo_upload_end', $ret); return $ret; } // Caution: This re-uses $sql_options set further above $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' {$sql_options} limit 1", intval($channel_id), dbesc($hash)); if (!$r) { $ret['message'] = t('Stored file could not be verified. Upload failed.'); call_hooks('photo_upload_end', $ret); return $ret; } $ret['success'] = true; $ret['data'] = $r[0]; if (!$is_photo) { // This would've been called already with a success result in photos_upload() if it was a photo. call_hooks('photo_upload_end', $ret); } return $ret; }