Ejemplo n.º 1
0
function item_store($arr, $force_parent = false, $notify = false, $dontcache = false)
{
    // If it is a posting where users should get notifications, then define it as wall posting
    if ($notify) {
        $arr['wall'] = 1;
        $arr['type'] = 'wall';
        $arr['origin'] = 1;
        $arr['last-child'] = 1;
        $arr['network'] = NETWORK_DFRN;
    }
    // If a Diaspora signature structure was passed in, pull it out of the
    // item array and set it aside for later storage.
    $dsprsig = null;
    if (x($arr, 'dsprsig')) {
        $dsprsig = json_decode(base64_decode($arr['dsprsig']));
        unset($arr['dsprsig']);
    }
    // Converting the plink
    if ($arr['network'] == NETWORK_OSTATUS) {
        if (isset($arr['plink'])) {
            $arr['plink'] = ostatus_convert_href($arr['plink']);
        } elseif (isset($arr['uri'])) {
            $arr['plink'] = ostatus_convert_href($arr['uri']);
        }
    }
    if (x($arr, 'gravity')) {
        $arr['gravity'] = intval($arr['gravity']);
    } elseif ($arr['parent-uri'] === $arr['uri']) {
        $arr['gravity'] = 0;
    } elseif (activity_match($arr['verb'], ACTIVITY_POST)) {
        $arr['gravity'] = 6;
    } else {
        $arr['gravity'] = 6;
    }
    // extensible catchall
    if (!x($arr, 'type')) {
        $arr['type'] = 'remote';
    }
    /* check for create  date and expire time */
    $uid = intval($arr['uid']);
    $r = q("SELECT expire FROM user WHERE uid = %d", intval($uid));
    if (count($r)) {
        $expire_interval = $r[0]['expire'];
        if ($expire_interval > 0) {
            $expire_date = new DateTime('- ' . $expire_interval . ' days', new DateTimeZone('UTC'));
            $created_date = new DateTime($arr['created'], new DateTimeZone('UTC'));
            if ($created_date < $expire_date) {
                logger('item-store: item created (' . $arr['created'] . ') before expiration time (' . $expire_date->format(DateTime::W3C) . '). ignored. ' . print_r($arr, true), LOGGER_DEBUG);
                return 0;
            }
        }
    }
    // Do we already have this item?
    // We have to check several networks since Friendica posts could be repeated via OStatus (maybe Diasporsa as well)
    if (in_array(trim($arr['network']), array(NETWORK_DIASPORA, NETWORK_DFRN, NETWORK_OSTATUS, ""))) {
        $r = q("SELECT `id`, `network` FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` IN ('%s', '%s', '%s')  LIMIT 1", dbesc(trim($arr['uri'])), intval($uid), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_DFRN), dbesc(NETWORK_OSTATUS));
        if ($r) {
            // We only log the entries with a different user id than 0. Otherwise we would have too many false positives
            if ($uid != 0) {
                logger("Item with uri " . $arr['uri'] . " already existed for user " . $uid . " with id " . $r[0]["id"] . " target network " . $r[0]["network"] . " - new network: " . $arr['network']);
            }
            return $r[0]["id"];
        }
    }
    // If there is no guid then take the same guid that was taken before for the same uri
    if (trim($arr['guid']) == "" and trim($arr['uri']) != "" and trim($arr['network']) != "") {
        logger('item_store: checking for an existing guid for uri ' . $arr['uri'], LOGGER_DEBUG);
        $r = q("SELECT `guid` FROM `guid` WHERE `uri` = '%s' AND `network` = '%s' LIMIT 1", dbesc(trim($arr['uri'])), dbesc(trim($arr['network'])));
        if (count($r)) {
            $arr['guid'] = $r[0]["guid"];
            logger('item_store: found guid ' . $arr['guid'] . ' for uri ' . $arr['uri'], LOGGER_DEBUG);
        }
    }
    // If there is no guid then take the same guid that was taken before for the same plink
    if (trim($arr['guid']) == "" and trim($arr['plink']) != "" and trim($arr['network']) != "") {
        logger('item_store: checking for an existing guid for plink ' . $arr['plink'], LOGGER_DEBUG);
        $r = q("SELECT `guid`, `uri` FROM `guid` WHERE `plink` = '%s' AND `network` = '%s' LIMIT 1", dbesc(trim($arr['plink'])), dbesc(trim($arr['network'])));
        if (count($r)) {
            $arr['guid'] = $r[0]["guid"];
            logger('item_store: found guid ' . $arr['guid'] . ' for plink ' . $arr['plink'], LOGGER_DEBUG);
            if ($r[0]["uri"] != $arr['uri']) {
                logger('Different uri for same guid: ' . $arr['uri'] . ' and ' . $r[0]["uri"] . ' - this shouldnt happen!', LOGGER_DEBUG);
            }
        }
    }
    // Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin.
    // Deactivated, since the bbcode parser can handle with it - and it destroys posts with some smileys that contain "<"
    //if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false))
    //	$arr['body'] = strip_tags($arr['body']);
    item_add_language_opt($arr);
    if ($notify) {
        $guid_prefix = "";
    } else {
        $parsed = parse_url($arr["author-link"]);
        $guid_prefix = hash("crc32", $parsed["host"]);
    }
    $arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0;
    $arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid(32, $guid_prefix);
    $arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : $arr['guid'];
    $arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : '';
    $arr['author-name'] = x($arr, 'author-name') ? trim($arr['author-name']) : '';
    $arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : '';
    $arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : '';
    $arr['owner-name'] = x($arr, 'owner-name') ? trim($arr['owner-name']) : '';
    $arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : '';
    $arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : '';
    $arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert();
    $arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert();
    $arr['commented'] = x($arr, 'commented') !== false ? datetime_convert('UTC', 'UTC', $arr['commented']) : datetime_convert();
    $arr['received'] = x($arr, 'received') !== false ? datetime_convert('UTC', 'UTC', $arr['received']) : datetime_convert();
    $arr['changed'] = x($arr, 'changed') !== false ? datetime_convert('UTC', 'UTC', $arr['changed']) : datetime_convert();
    $arr['title'] = x($arr, 'title') ? trim($arr['title']) : '';
    $arr['location'] = x($arr, 'location') ? trim($arr['location']) : '';
    $arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : '';
    $arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0;
    $arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1;
    $arr['deleted'] = 0;
    $arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : '';
    $arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : '';
    $arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : '';
    $arr['object'] = x($arr, 'object') ? trim($arr['object']) : '';
    $arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : '';
    $arr['target'] = x($arr, 'target') ? trim($arr['target']) : '';
    $arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : '';
    $arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : '';
    $arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : '';
    $arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : '';
    $arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : '';
    $arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0;
    $arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0;
    $arr['body'] = x($arr, 'body') ? trim($arr['body']) : '';
    $arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : '';
    $arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : '';
    $arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : '';
    $arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0;
    $arr['network'] = x($arr, 'network') ? trim($arr['network']) : '';
    $arr['postopts'] = x($arr, 'postopts') ? trim($arr['postopts']) : '';
    $arr['resource-id'] = x($arr, 'resource-id') ? trim($arr['resource-id']) : '';
    $arr['event-id'] = x($arr, 'event-id') ? intval($arr['event-id']) : 0;
    $arr['inform'] = x($arr, 'inform') ? trim($arr['inform']) : '';
    $arr['file'] = x($arr, 'file') ? trim($arr['file']) : '';
    if ($arr['plink'] == "") {
        $a = get_app();
        $arr['plink'] = $a->get_baseurl() . '/display/' . urlencode($arr['guid']);
    }
    if ($arr['network'] == "") {
        $r = q("SELECT `network` FROM `contact` WHERE `network` IN ('%s', '%s', '%s') AND `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS), dbesc(normalise_link($arr['author-link'])), intval($arr['uid']));
        if (!count($r)) {
            $r = q("SELECT `network` FROM `gcontact` WHERE `network` IN ('%s', '%s', '%s') AND `nurl` = '%s' LIMIT 1", dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS), dbesc(normalise_link($arr['author-link'])));
        }
        if (!count($r)) {
            $r = q("SELECT `network` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($arr['contact-id']), intval($arr['uid']));
        }
        if (count($r)) {
            $arr['network'] = $r[0]["network"];
        }
        // Fallback to friendica (why is it empty in some cases?)
        if ($arr['network'] == "") {
            $arr['network'] = NETWORK_DFRN;
        }
        logger("item_store: Set network to " . $arr["network"] . " for " . $arr["uri"], LOGGER_DEBUG);
    }
    if ($arr['guid'] != "") {
        // Checking if there is already an item with the same guid
        logger('checking for an item for user ' . $arr['uid'] . ' on network ' . $arr['network'] . ' with the guid ' . $arr['guid'], LOGGER_DEBUG);
        $r = q("SELECT `guid` FROM `item` WHERE `guid` = '%s' AND `network` = '%s' AND `uid` = '%d' LIMIT 1", dbesc($arr['guid']), dbesc($arr['network']), intval($arr['uid']));
        if (count($r)) {
            logger('found item with guid ' . $arr['guid'] . ' for user ' . $arr['uid'] . ' on network ' . $arr['network'], LOGGER_DEBUG);
            return 0;
        }
    }
    // Check for hashtags in the body and repair or add hashtag links
    item_body_set_hashtags($arr);
    $arr['thr-parent'] = $arr['parent-uri'];
    if ($arr['parent-uri'] === $arr['uri']) {
        $parent_id = 0;
        $parent_deleted = 0;
        $allow_cid = $arr['allow_cid'];
        $allow_gid = $arr['allow_gid'];
        $deny_cid = $arr['deny_cid'];
        $deny_gid = $arr['deny_gid'];
        $notify_type = 'wall-new';
    } else {
        // find the parent and snarf the item id and ACLs
        // and anything else we need to inherit
        $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid']));
        if (count($r)) {
            // is the new message multi-level threaded?
            // even though we don't support it now, preserve the info
            // and re-attach to the conversation parent.
            if ($r[0]['uri'] != $r[0]['parent-uri']) {
                $arr['parent-uri'] = $r[0]['parent-uri'];
                $z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d\n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid']));
                if ($z && count($z)) {
                    $r = $z;
                }
            }
            $parent_id = $r[0]['id'];
            $parent_deleted = $r[0]['deleted'];
            $allow_cid = $r[0]['allow_cid'];
            $allow_gid = $r[0]['allow_gid'];
            $deny_cid = $r[0]['deny_cid'];
            $deny_gid = $r[0]['deny_gid'];
            $arr['wall'] = $r[0]['wall'];
            $notify_type = 'comment-new';
            // if the parent is private, force privacy for the entire conversation
            // This differs from the above settings as it subtly allows comments from
            // email correspondents to be private even if the overall thread is not.
            if ($r[0]['private']) {
                $arr['private'] = $r[0]['private'];
            }
            // Edge case. We host a public forum that was originally posted to privately.
            // The original author commented, but as this is a comment, the permissions
            // weren't fixed up so it will still show the comment as private unless we fix it here.
            if (intval($r[0]['forum_mode']) == 1 && !$r[0]['private']) {
                $arr['private'] = 0;
            }
            // If its a post from myself then tag the thread as "mention"
            logger("item_store: Checking if parent " . $parent_id . " has to be tagged as mention for user " . $arr['uid'], LOGGER_DEBUG);
            $u = q("select * from user where uid = %d limit 1", intval($arr['uid']));
            if (count($u)) {
                $a = get_app();
                $self = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
                logger("item_store: 'myself' is " . $self . " for parent " . $parent_id . " checking against " . $arr['author-link'] . " and " . $arr['owner-link'], LOGGER_DEBUG);
                if (normalise_link($arr['author-link']) == $self or normalise_link($arr['owner-link']) == $self) {
                    q("UPDATE `thread` SET `mention` = 1 WHERE `iid` = %d", intval($parent_id));
                    logger("item_store: tagged thread " . $parent_id . " as mention for user " . $self, LOGGER_DEBUG);
                }
            }
        } else {
            // Allow one to see reply tweets from status.net even when
            // we don't have or can't see the original post.
            if ($force_parent) {
                logger('item_store: $force_parent=true, reply converted to top-level post.');
                $parent_id = 0;
                $arr['parent-uri'] = $arr['uri'];
                $arr['gravity'] = 0;
            } else {
                logger('item_store: item parent ' . $arr['parent-uri'] . ' for ' . $arr['uid'] . ' was not found - ignoring item');
                return 0;
            }
            $parent_deleted = 0;
        }
    }
    $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `network` IN ('%s', '%s') AND `uid` = %d LIMIT 1", dbesc($arr['uri']), dbesc($arr['network']), dbesc(NETWORK_DFRN), intval($arr['uid']));
    if ($r && count($r)) {
        logger('duplicated item with the same uri found. ' . print_r($arr, true));
        return 0;
    }
    // Check for an existing post with the same content. There seems to be a problem with OStatus.
    $r = q("SELECT `id` FROM `item` WHERE `body` = '%s' AND `network` = '%s' AND `created` = '%s' AND `contact-id` = %d AND `uid` = %d LIMIT 1", dbesc($arr['body']), dbesc($arr['network']), dbesc($arr['created']), intval($arr['contact-id']), intval($arr['uid']));
    if ($r && count($r)) {
        logger('duplicated item with the same body found. ' . print_r($arr, true));
        return 0;
    }
    // Is this item available in the global items (with uid=0)?
    if ($arr["uid"] == 0) {
        $arr["global"] = true;
        q("UPDATE `item` SET `global` = 1 WHERE `guid` = '%s'", dbesc($arr["guid"]));
    } else {
        $isglobal = q("SELECT `global` FROM `item` WHERE `uid` = 0 AND `guid` = '%s'", dbesc($arr["guid"]));
        $arr["global"] = count($isglobal) > 0;
    }
    // Fill the cache field
    put_item_in_cache($arr);
    if ($notify) {
        call_hooks('post_local', $arr);
    } else {
        call_hooks('post_remote', $arr);
    }
    if (x($arr, 'cancel')) {
        logger('item_store: post cancelled by plugin.');
        return 0;
    }
    // Store the unescaped version
    $unescaped = $arr;
    dbesc_array($arr);
    logger('item_store: ' . print_r($arr, true), LOGGER_DATA);
    $r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')");
    // And restore it
    $arr = $unescaped;
    // find the item that we just created
    $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` = '%s' ORDER BY `id` ASC", dbesc($arr['uri']), intval($arr['uid']), dbesc($arr['network']));
    if (count($r) > 1) {
        // There are duplicates. Keep the oldest one, delete the others
        logger('item_store: duplicated post occurred. Removing newer duplicates. uri = ' . $arr['uri'] . ' uid = ' . $arr['uid']);
        q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` = '%s' AND `id` > %d", dbesc($arr['uri']), intval($arr['uid']), dbesc($arr['network']), intval($r[0]["id"]));
        return 0;
    } elseif (count($r)) {
        // Store the guid and other relevant data
        add_guid($arr);
        $current_post = $r[0]['id'];
        logger('item_store: created item ' . $current_post);
        // Set "success_update" and "last-item" to the date of the last time we heard from this contact
        // This can be used to filter for inactive contacts.
        // Only do this for public postings to avoid privacy problems, since poco data is public.
        // Don't set this value if it isn't from the owner (could be an author that we don't know)
        $update = (!$arr['private'] and ($arr["author-link"] === $arr["owner-link"] or $arr["parent-uri"] === $arr["uri"]));
        // Is it a forum? Then we don't care about the rules from above
        if (!$update and $arr["network"] == NETWORK_DFRN and $arr["parent-uri"] === $arr["uri"]) {
            $isforum = q("SELECT `forum` FROM `contact` WHERE `id` = %d AND `forum`", intval($arr['contact-id']));
            if ($isforum) {
                $update = true;
            }
        }
        if ($update) {
            q("UPDATE `contact` SET `success_update` = '%s', `last-item` = '%s' WHERE `id` = %d", dbesc($arr['received']), dbesc($arr['received']), intval($arr['contact-id']));
        }
    } else {
        logger('item_store: could not locate created item');
        return 0;
    }
    if (!$parent_id || $arr['parent-uri'] === $arr['uri']) {
        $parent_id = $current_post;
    }
    if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) {
        $private = 1;
    } else {
        $private = $arr['private'];
    }
    // Set parent id - and also make sure to inherit the parent's ACLs.
    $r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post));
    $arr['id'] = $current_post;
    $arr['parent'] = $parent_id;
    $arr['allow_cid'] = $allow_cid;
    $arr['allow_gid'] = $allow_gid;
    $arr['deny_cid'] = $deny_cid;
    $arr['deny_gid'] = $deny_gid;
    $arr['private'] = $private;
    $arr['deleted'] = $parent_deleted;
    // update the commented timestamp on the parent
    // Only update "commented" if it is really a comment
    if ($arr['verb'] == ACTIVITY_POST or !get_config("system", "like_no_comment")) {
        q("UPDATE `item` SET `commented` = '%s', `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id));
    } else {
        q("UPDATE `item` SET `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), intval($parent_id));
    }
    if ($dsprsig) {
        q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer));
    }
    /**
     * If this is now the last-child, force all _other_ children of this parent to *not* be last-child
     */
    if ($arr['last-child']) {
        $r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post));
    }
    $deleted = tag_deliver($arr['uid'], $current_post);
    // current post can be deleted if is for a community page and no mention are
    // in it.
    if (!$deleted and !$dontcache) {
        $r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post));
        if (count($r) == 1) {
            if ($notify) {
                call_hooks('post_local_end', $r[0]);
            } else {
                call_hooks('post_remote_end', $r[0]);
            }
        } else {
            logger('item_store: new item not found in DB, id ' . $current_post);
        }
    }
    // Add every contact of the post to the global contact table
    poco_store($arr);
    create_tags_from_item($current_post);
    create_files_from_item($current_post);
    // Only check for notifications on start posts
    if ($arr['parent-uri'] === $arr['uri']) {
        add_thread($current_post);
        logger('item_store: Check notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
        // Send a notification for every new post?
        $r = q("SELECT `notify_new_posts` FROM `contact` WHERE `id` = %d AND `uid` = %d AND `notify_new_posts` LIMIT 1", intval($arr['contact-id']), intval($arr['uid']));
        $send_notification = count($r);
        if (!$send_notification) {
            $tags = q("SELECT `url` FROM `term` WHERE `otype` = %d AND `oid` = %d AND `type` = %d AND `uid` = %d", intval(TERM_OBJ_POST), intval($current_post), intval(TERM_MENTION), intval($arr['uid']));
            if (count($tags)) {
                foreach ($tags as $tag) {
                    $r = q("SELECT `id` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `notify_new_posts`", normalise_link($tag["url"]), intval($arr['uid']));
                    if (count($r)) {
                        $send_notification = true;
                    }
                }
            }
        }
        if ($send_notification) {
            logger('item_store: Send notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
            $u = q("SELECT * FROM user WHERE uid = %d LIMIT 1", intval($arr['uid']));
            $item = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d", intval($current_post), intval($arr['uid']));
            $a = get_app();
            require_once 'include/enotify.php';
            notification(array('type' => NOTIFY_SHARE, 'notify_flags' => $u[0]['notify-flags'], 'language' => $u[0]['language'], 'to_name' => $u[0]['username'], 'to_email' => $u[0]['email'], 'uid' => $u[0]['uid'], 'item' => $item[0], 'link' => $a->get_baseurl() . '/display/' . urlencode($arr['guid']), 'source_name' => $item[0]['author-name'], 'source_link' => $item[0]['author-link'], 'source_photo' => $item[0]['author-avatar'], 'verb' => ACTIVITY_TAG, 'otype' => 'item', 'parent' => $arr['parent']));
            logger('item_store: Notification sent for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
        }
    } else {
        update_thread($parent_id);
        add_shadow_entry($arr);
    }
    if ($notify) {
        proc_run('php', "include/notifier.php", $notify_type, $current_post);
    }
    return $current_post;
}
Ejemplo n.º 2
0
function item_post(&$a)
{
    if (!local_user() && !remote_user() && !x($_REQUEST, 'commenter')) {
        return;
    }
    require_once 'include/security.php';
    $uid = local_user();
    if (x($_REQUEST, 'dropitems')) {
        $arr_drop = explode(',', $_REQUEST['dropitems']);
        drop_items($arr_drop);
        $json = array('success' => 1);
        echo json_encode($json);
        killme();
    }
    call_hooks('post_local_start', $_REQUEST);
    //	logger('postinput ' . file_get_contents('php://input'));
    logger('postvars ' . print_r($_REQUEST, true), LOGGER_DATA);
    $api_source = x($_REQUEST, 'api_source') && $_REQUEST['api_source'] ? true : false;
    $message_id = x($_REQUEST, 'message_id') && $api_source ? strip_tags($_REQUEST['message_id']) : '';
    $return_path = x($_REQUEST, 'return') ? $_REQUEST['return'] : '';
    $preview = x($_REQUEST, 'preview') ? intval($_REQUEST['preview']) : 0;
    // Check for doubly-submitted posts, and reject duplicates
    // Note that we have to ignore previews, otherwise nothing will post
    // after it's been previewed
    if (!$preview && x($_REQUEST['post_id_random'])) {
        if (x($_SESSION['post-random']) && $_SESSION['post-random'] == $_REQUEST['post_id_random']) {
            logger("item post: duplicate post", LOGGER_DEBUG);
            item_post_return($a->get_baseurl(), $api_source, $return_path);
        } else {
            $_SESSION['post-random'] = $_REQUEST['post_id_random'];
        }
    }
    /**
     * Is this a reply to something?
     */
    $parent = x($_REQUEST, 'parent') ? intval($_REQUEST['parent']) : 0;
    $parent_uri = x($_REQUEST, 'parent_uri') ? trim($_REQUEST['parent_uri']) : '';
    $parent_item = null;
    $parent_contact = null;
    $thr_parent = '';
    $parid = 0;
    $r = false;
    $objecttype = null;
    if ($parent || $parent_uri) {
        $objecttype = ACTIVITY_OBJ_COMMENT;
        if (!x($_REQUEST, 'type')) {
            $_REQUEST['type'] = 'net-comment';
        }
        if ($parent) {
            $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", intval($parent));
        } elseif ($parent_uri && local_user()) {
            // This is coming from an API source, and we are logged in
            $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($parent_uri), intval(local_user()));
        }
        // if this isn't the real parent of the conversation, find it
        if ($r !== false && count($r)) {
            $parid = $r[0]['parent'];
            $parent_uri = $r[0]['uri'];
            if ($r[0]['id'] != $r[0]['parent']) {
                $r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", intval($parid));
            }
        }
        if ($r === false || !count($r)) {
            notice(t('Unable to locate original post.') . EOL);
            if (x($_REQUEST, 'return')) {
                goaway($a->get_baseurl() . "/" . $return_path);
            }
            killme();
        }
        $parent_item = $r[0];
        $parent = $r[0]['id'];
        // multi-level threading - preserve the info but re-parent to our single level threading
        //if(($parid) && ($parid != $parent))
        $thr_parent = $parent_uri;
        if ($parent_item['contact-id'] && $uid) {
            $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($parent_item['contact-id']), intval($uid));
            if (count($r)) {
                $parent_contact = $r[0];
            }
            // If the contact id doesn't fit with the contact, then set the contact to null
            $thrparent = q("SELECT `author-link`, `network` FROM `item` WHERE `uri` = '%s' LIMIT 1", dbesc($thr_parent));
            if (count($thrparent) and $thrparent[0]["network"] === NETWORK_OSTATUS and normalise_link($parent_contact["url"]) != normalise_link($thrparent[0]["author-link"])) {
                $parent_contact = null;
                require_once "include/Scrape.php";
                $probed_contact = probe_url($thrparent[0]["author-link"]);
                if ($probed_contact["network"] != NETWORK_FEED) {
                    $parent_contact = $probed_contact;
                    $parent_contact["nurl"] = normalise_link($probed_contact["url"]);
                    $parent_contact["thumb"] = $probed_contact["photo"];
                    $parent_contact["micro"] = $probed_contact["photo"];
                    $parent_contact["addr"] = $probed_contact["addr"];
                }
                logger('no contact found: ' . print_r($thrparent, true), LOGGER_DEBUG);
            } else {
                logger('parent contact: ' . print_r($parent_contact, true), LOGGER_DEBUG);
            }
        }
    }
    if ($parent) {
        logger('mod_item: item_post parent=' . $parent);
    }
    $profile_uid = x($_REQUEST, 'profile_uid') ? intval($_REQUEST['profile_uid']) : 0;
    $post_id = x($_REQUEST, 'post_id') ? intval($_REQUEST['post_id']) : 0;
    $app = x($_REQUEST, 'source') ? strip_tags($_REQUEST['source']) : '';
    $extid = x($_REQUEST, 'extid') ? strip_tags($_REQUEST['extid']) : '';
    $allow_moderated = false;
    // here is where we are going to check for permission to post a moderated comment.
    // First check that the parent exists and it is a wall item.
    if (x($_REQUEST, 'commenter') && (!$parent || !$parent_item['wall'])) {
        notice(t('Permission denied.') . EOL);
        if (x($_REQUEST, 'return')) {
            goaway($a->get_baseurl() . "/" . $return_path);
        }
        killme();
    }
    // Now check that it is a page_type of PAGE_BLOG, and that valid personal details
    // have been provided, and run any anti-spam plugins
    // TODO
    if (!can_write_wall($a, $profile_uid) && !$allow_moderated) {
        notice(t('Permission denied.') . EOL);
        if (x($_REQUEST, 'return')) {
            goaway($a->get_baseurl() . "/" . $return_path);
        }
        killme();
    }
    // is this an edited post?
    $orig_post = null;
    if ($post_id) {
        $i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($post_id));
        if (!count($i)) {
            killme();
        }
        $orig_post = $i[0];
    }
    $user = null;
    $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($profile_uid));
    if (count($r)) {
        $user = $r[0];
    }
    if ($orig_post) {
        $str_group_allow = $orig_post['allow_gid'];
        $str_contact_allow = $orig_post['allow_cid'];
        $str_group_deny = $orig_post['deny_gid'];
        $str_contact_deny = $orig_post['deny_cid'];
        $location = $orig_post['location'];
        $coord = $orig_post['coord'];
        $verb = $orig_post['verb'];
        $objecttype = $orig_post['object-type'];
        $emailcc = $orig_post['emailcc'];
        $app = $orig_post['app'];
        $categories = $orig_post['file'];
        $title = notags(trim($_REQUEST['title']));
        $body = escape_tags(trim($_REQUEST['body']));
        $private = $orig_post['private'];
        $pubmail_enable = $orig_post['pubmail'];
        $network = $orig_post['network'];
        $guid = $orig_post['guid'];
        $extid = $orig_post['extid'];
    } else {
        // if coming from the API and no privacy settings are set,
        // use the user default permissions - as they won't have
        // been supplied via a form.
        if ($api_source && !array_key_exists('contact_allow', $_REQUEST) && !array_key_exists('group_allow', $_REQUEST) && !array_key_exists('contact_deny', $_REQUEST) && !array_key_exists('group_deny', $_REQUEST)) {
            $str_group_allow = $user['allow_gid'];
            $str_contact_allow = $user['allow_cid'];
            $str_group_deny = $user['deny_gid'];
            $str_contact_deny = $user['deny_cid'];
        } else {
            // use the posted permissions
            $str_group_allow = perms2str($_REQUEST['group_allow']);
            $str_contact_allow = perms2str($_REQUEST['contact_allow']);
            $str_group_deny = perms2str($_REQUEST['group_deny']);
            $str_contact_deny = perms2str($_REQUEST['contact_deny']);
        }
        $title = notags(trim($_REQUEST['title']));
        $location = notags(trim($_REQUEST['location']));
        $coord = notags(trim($_REQUEST['coord']));
        $verb = notags(trim($_REQUEST['verb']));
        $emailcc = notags(trim($_REQUEST['emailcc']));
        $body = escape_tags(trim($_REQUEST['body']));
        $network = notags(trim($_REQUEST['network']));
        $guid = get_guid(32);
        item_add_language_opt($_REQUEST);
        $postopts = $_REQUEST['postopts'] ? $_REQUEST['postopts'] : "";
        $private = strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny) ? 1 : 0;
        if ($user['hidewall']) {
            $private = 2;
        }
        // If this is a comment, set the permissions from the parent.
        if ($parent_item) {
            $private = 0;
            // for non native networks use the network of the original post as network of the item
            if ($parent_item['network'] != NETWORK_DIASPORA and $parent_item['network'] != NETWORK_OSTATUS and $network == "") {
                $network = $parent_item['network'];
            }
            if ($parent_item['private'] || strlen($parent_item['allow_cid']) || strlen($parent_item['allow_gid']) || strlen($parent_item['deny_cid']) || strlen($parent_item['deny_gid'])) {
                $private = $parent_item['private'] ? $parent_item['private'] : 1;
            }
            $str_contact_allow = $parent_item['allow_cid'];
            $str_group_allow = $parent_item['allow_gid'];
            $str_contact_deny = $parent_item['deny_cid'];
            $str_group_deny = $parent_item['deny_gid'];
        }
        $pubmail_enable = x($_REQUEST, 'pubmail_enable') && intval($_REQUEST['pubmail_enable']) && !$private ? 1 : 0;
        // if using the API, we won't see pubmail_enable - figure out if it should be set
        if ($api_source && $profile_uid && $profile_uid == local_user() && !$private) {
            $mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
            if (!$mail_disabled) {
                $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1", intval(local_user()));
                if (count($r) && intval($r[0]['pubmail'])) {
                    $pubmail_enabled = true;
                }
            }
        }
        if (!strlen($body)) {
            if ($preview) {
                killme();
            }
            info(t('Empty post discarded.') . EOL);
            if (x($_REQUEST, 'return')) {
                goaway($a->get_baseurl() . "/" . $return_path);
            }
            killme();
        }
    }
    if (strlen($categories)) {
        // get the "fileas" tags for this post
        $filedas = file_tag_file_to_list($categories, 'file');
    }
    // save old and new categories, so we can determine what needs to be deleted from pconfig
    $categories_old = $categories;
    $categories = file_tag_list_to_file(trim($_REQUEST['category']), 'category');
    $categories_new = $categories;
    if (strlen($filedas)) {
        // append the fileas stuff to the new categories list
        $categories .= file_tag_list_to_file($filedas, 'file');
    }
    // Work around doubled linefeeds in Tinymce 3.5b2
    // First figure out if it's a status post that would've been
    // created using tinymce. Otherwise leave it alone.
    /*	$plaintext = (local_user() ? intval(get_pconfig(local_user(),'system','plaintext')) || !feature_enabled($profile_uid,'richtext') : 0);
    	if((! $parent) && (! $api_source) && (! $plaintext)) {
    		$body = fix_mce_lf($body);
    	}*/
    $plaintext = local_user() ? !feature_enabled($profile_uid, 'richtext') : 0;
    if (!$parent && !$api_source && !$plaintext) {
        $body = fix_mce_lf($body);
    }
    // get contact info for poster
    $author = null;
    $self = false;
    $contact_id = 0;
    if (local_user() && local_user() == $profile_uid) {
        $self = true;
        $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($_SESSION['uid']));
    } elseif (remote_user()) {
        if (is_array($_SESSION['remote'])) {
            foreach ($_SESSION['remote'] as $v) {
                if ($v['uid'] == $profile_uid) {
                    $contact_id = $v['cid'];
                    break;
                }
            }
        }
        if ($contact_id) {
            $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($contact_id));
        }
    }
    if (count($r)) {
        $author = $r[0];
        $contact_id = $author['id'];
    }
    // get contact info for owner
    if ($profile_uid == local_user()) {
        $contact_record = $author;
    } else {
        $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($profile_uid));
        if (count($r)) {
            $contact_record = $r[0];
        }
    }
    $post_type = notags(trim($_REQUEST['type']));
    if ($post_type === 'net-comment') {
        if ($parent_item !== null) {
            if ($parent_item['wall'] == 1) {
                $post_type = 'wall-comment';
            } else {
                $post_type = 'remote-comment';
            }
        }
    }
    /**
     *
     * When a photo was uploaded into the message using the (profile wall) ajax
     * uploader, The permissions are initially set to disallow anybody but the
     * owner from seeing it. This is because the permissions may not yet have been
     * set for the post. If it's private, the photo permissions should be set
     * appropriately. But we didn't know the final permissions on the post until
     * now. So now we'll look for links of uploaded messages that are in the
     * post and set them to the same permissions as the post itself.
     *
     */
    $match = null;
    if (!$preview && preg_match_all("/\\[img([\\=0-9x]*?)\\](.*?)\\[\\/img\\]/", $body, $match)) {
        $images = $match[2];
        if (count($images)) {
            $objecttype = ACTIVITY_OBJ_IMAGE;
            foreach ($images as $image) {
                if (!stristr($image, $a->get_baseurl() . '/photo/')) {
                    continue;
                }
                $image_uri = substr($image, strrpos($image, '/') + 1);
                $image_uri = substr($image_uri, 0, strpos($image_uri, '-'));
                if (!strlen($image_uri)) {
                    continue;
                }
                $srch = '<' . intval($contact_id) . '>';
                $r = q("SELECT `id` FROM `photo` WHERE `allow_cid` = '%s' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = ''\n\t\t\t\t\tAND `resource-id` = '%s' AND `uid` = %d LIMIT 1", dbesc($srch), dbesc($image_uri), intval($profile_uid));
                if (!count($r)) {
                    continue;
                }
                $r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'\n\t\t\t\t\tWHERE `resource-id` = '%s' AND `uid` = %d AND `album` = '%s' ", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), dbesc($image_uri), intval($profile_uid), dbesc(t('Wall Photos')));
            }
        }
    }
    /**
     * Next link in any attachment references we find in the post.
     */
    $match = false;
    if (!$preview && preg_match_all("/\\[attachment\\](.*?)\\[\\/attachment\\]/", $body, $match)) {
        $attaches = $match[1];
        if (count($attaches)) {
            foreach ($attaches as $attach) {
                $r = q("SELECT * FROM `attach` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($attach));
                if (count($r)) {
                    $r = q("UPDATE `attach` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'\n\t\t\t\t\t\tWHERE `uid` = %d AND `id` = %d", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), intval($profile_uid), intval($attach));
                }
            }
        }
    }
    // embedded bookmark in post? set bookmark flag
    $bookmark = 0;
    if (preg_match_all("/\\[bookmark\\=([^\\]]*)\\](.*?)\\[\\/bookmark\\]/ism", $body, $match, PREG_SET_ORDER)) {
        $objecttype = ACTIVITY_OBJ_BOOKMARK;
        $bookmark = 1;
    }
    $body = bb_translate_video($body);
    /**
     * Fold multi-line [code] sequences
     */
    $body = preg_replace('/\\[\\/code\\]\\s*\\[code\\]/ism', "\n", $body);
    $body = scale_external_images($body, false);
    // Setting the object type if not defined before
    if (!$objecttype) {
        $objecttype = ACTIVITY_OBJ_NOTE;
        // Default value
        require_once "include/plaintext.php";
        $objectdata = get_attached_data($body);
        if ($post["type"] == "link") {
            $objecttype = ACTIVITY_OBJ_BOOKMARK;
        } elseif ($post["type"] == "video") {
            $objecttype = ACTIVITY_OBJ_VIDEO;
        } elseif ($post["type"] == "photo") {
            $objecttype = ACTIVITY_OBJ_IMAGE;
        }
    }
    /**
     * Look for any tags and linkify them
     */
    $str_tags = '';
    $inform = '';
    $tags = get_tags($body);
    /**
     * add a statusnet style reply tag if the original post was from there
     * and we are replying, and there isn't one already
     */
    if ($parent and $parent_contact['network'] === NETWORK_OSTATUS) {
        if ($parent_contact['id'] != "") {
            $contact = '@' . $parent_contact['nick'] . '+' . $parent_contact['id'];
        } else {
            $contact = '@[url=' . $parent_contact['url'] . ']' . $parent_contact['nick'] . '[/url]';
        }
        if (!in_array($contact, $tags)) {
            $body = $contact . ' ' . $body;
            $tags[] = $contact;
        }
        $toplevel_contact = "";
        $toplevel_parent = q("SELECT `contact`.* FROM `contact`\n\t\t\t\t\t\tINNER JOIN `item` ON `item`.`contact-id` = `contact`.`id` AND `contact`.`url` = `item`.`author-link`\n\t\t\t\t\t\tWHERE `item`.`id` = `item`.`parent` AND `item`.`parent` = %d", intval($parent));
        if ($toplevel_parent) {
            $toplevel_contact = '@' . $toplevel_parent[0]['nick'] . '+' . $toplevel_parent[0]['id'];
        } else {
            $toplevel_parent = q("SELECT `author-link`, `author-name` FROM `item` WHERE `id` = `parent` AND `parent` = %d", intval($parent));
            $toplevel_contact = '@[url=' . $toplevel_parent[0]['author-link'] . ']' . $toplevel_parent[0]['author-name'] . '[/url]';
        }
        if (!in_array($toplevel_contact, $tags)) {
            $tags[] = $toplevel_contact;
        }
    }
    $tagged = array();
    $private_forum = false;
    if (count($tags)) {
        foreach ($tags as $tag) {
            if (strpos($tag, '#') === 0) {
                continue;
            }
            // If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
            // Robert Johnson should be first in the $tags array
            $fullnametagged = false;
            for ($x = 0; $x < count($tagged); $x++) {
                if (stristr($tagged[$x], $tag . ' ')) {
                    $fullnametagged = true;
                    break;
                }
            }
            if ($fullnametagged) {
                continue;
            }
            $success = handle_tag($a, $body, $inform, $str_tags, local_user() ? local_user() : $profile_uid, $tag, $network);
            if ($success['replaced']) {
                $tagged[] = $tag;
            }
            if (is_array($success['contact']) && intval($success['contact']['prv'])) {
                $private_forum = true;
                $private_id = $success['contact']['id'];
            }
        }
    }
    if ($private_forum && !$parent && !$private) {
        // we tagged a private forum in a top level post and the message was public.
        // Restrict it.
        $private = 1;
        $str_contact_allow = '<' . $private_id . '>';
    }
    $attachments = '';
    $match = false;
    if (preg_match_all('/(\\[attachment\\]([0-9]+)\\[\\/attachment\\])/', $body, $match)) {
        foreach ($match[2] as $mtch) {
            $r = q("SELECT `id`,`filename`,`filesize`,`filetype` FROM `attach` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($mtch));
            if (count($r)) {
                if (strlen($attachments)) {
                    $attachments .= ',';
                }
                $attachments .= '[attach]href="' . $a->get_baseurl() . '/attach/' . $r[0]['id'] . '" length="' . $r[0]['filesize'] . '" type="' . $r[0]['filetype'] . '" title="' . ($r[0]['filename'] ? $r[0]['filename'] : '') . '"[/attach]';
            }
            $body = str_replace($match[1], '', $body);
        }
    }
    $wall = 0;
    if ($post_type === 'wall' || $post_type === 'wall-comment') {
        $wall = 1;
    }
    if (!strlen($verb)) {
        $verb = ACTIVITY_POST;
    }
    if ($network == "") {
        $network = NETWORK_DFRN;
    }
    $gravity = $parent ? 6 : 0;
    // even if the post arrived via API we are considering that it
    // originated on this site by default for determining relayability.
    $origin = x($_REQUEST, 'origin') ? intval($_REQUEST['origin']) : 1;
    $notify_type = $parent ? 'comment-new' : 'wall-new';
    $uri = $message_id ? $message_id : item_new_uri($a->get_hostname(), $profile_uid, $guid);
    // Fallback so that we alway have a thr-parent
    if (!$thr_parent) {
        $thr_parent = $uri;
    }
    $datarray = array();
    $datarray['uid'] = $profile_uid;
    $datarray['type'] = $post_type;
    $datarray['wall'] = $wall;
    $datarray['gravity'] = $gravity;
    $datarray['network'] = $network;
    $datarray['contact-id'] = $contact_id;
    $datarray['owner-name'] = $contact_record['name'];
    $datarray['owner-link'] = $contact_record['url'];
    $datarray['owner-avatar'] = $contact_record['thumb'];
    $datarray['author-name'] = $author['name'];
    $datarray['author-link'] = $author['url'];
    $datarray['author-avatar'] = $author['thumb'];
    $datarray['created'] = datetime_convert();
    $datarray['edited'] = datetime_convert();
    $datarray['commented'] = datetime_convert();
    $datarray['received'] = datetime_convert();
    $datarray['changed'] = datetime_convert();
    $datarray['extid'] = $extid;
    $datarray['guid'] = $guid;
    $datarray['uri'] = $uri;
    $datarray['title'] = $title;
    $datarray['body'] = $body;
    $datarray['app'] = $app;
    $datarray['location'] = $location;
    $datarray['coord'] = $coord;
    $datarray['tag'] = $str_tags;
    $datarray['file'] = $categories;
    $datarray['inform'] = $inform;
    $datarray['verb'] = $verb;
    $datarray['object-type'] = $objecttype;
    $datarray['allow_cid'] = $str_contact_allow;
    $datarray['allow_gid'] = $str_group_allow;
    $datarray['deny_cid'] = $str_contact_deny;
    $datarray['deny_gid'] = $str_group_deny;
    $datarray['private'] = $private;
    $datarray['pubmail'] = $pubmail_enable;
    $datarray['attach'] = $attachments;
    $datarray['bookmark'] = intval($bookmark);
    $datarray['thr-parent'] = $thr_parent;
    $datarray['postopts'] = $postopts;
    $datarray['origin'] = $origin;
    $datarray['moderated'] = $allow_moderated;
    /**
     * These fields are for the convenience of plugins...
     * 'self' if true indicates the owner is posting on their own wall
     * If parent is 0 it is a top-level post.
     */
    $datarray['parent'] = $parent;
    $datarray['self'] = $self;
    //	$datarray['prvnets']       = $user['prvnets'];
    if ($orig_post) {
        $datarray['edit'] = true;
    }
    // Search for hashtags
    item_body_set_hashtags($datarray);
    // preview mode - prepare the body for display and send it via json
    if ($preview) {
        require_once 'include/conversation.php';
        $o = conversation($a, array(array_merge($contact_record, $datarray)), 'search', false, true);
        logger('preview: ' . $o);
        echo json_encode(array('preview' => $o));
        killme();
    }
    call_hooks('post_local', $datarray);
    if (x($datarray, 'cancel')) {
        logger('mod_item: post cancelled by plugin.');
        if ($return_path) {
            goaway($a->get_baseurl() . "/" . $return_path);
        }
        $json = array('cancel' => 1);
        if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) {
            $json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload'];
        }
        echo json_encode($json);
        killme();
    }
    // Fill the cache field
    put_item_in_cache($datarray);
    if ($orig_post) {
        $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `attach` = '%s', `file` = '%s', `rendered-html` = '%s', `rendered-hash` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc($datarray['attach']), dbesc($datarray['file']), dbesc($datarray['rendered-html']), dbesc($datarray['rendered-hash']), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($post_id), intval($profile_uid));
        create_tags_from_item($post_id);
        create_files_from_item($post_id);
        update_thread($post_id);
        // update filetags in pconfig
        file_tag_update_pconfig($uid, $categories_old, $categories_new, 'category');
        proc_run('php', "include/notifier.php", 'edit_post', "{$post_id}");
        if (x($_REQUEST, 'return') && strlen($return_path)) {
            logger('return: ' . $return_path);
            goaway($a->get_baseurl() . "/" . $return_path);
        }
        killme();
    } else {
        $post_id = 0;
    }
    $r = q("INSERT INTO `item` (`guid`, `extid`, `uid`,`type`,`wall`,`gravity`, `network`, `contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `author-name`, `author-link`, `author-avatar`,\n\t\t`created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, `tag`, `inform`, `verb`, `object-type`, `postopts`,\n\t\t`allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark`,`origin`, `moderated`, `file`, `rendered-html`, `rendered-hash`)\n\t\tVALUES( '%s', '%s', %d, '%s', %d, %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s', '%s', '%s')", dbesc($datarray['guid']), dbesc($datarray['extid']), intval($datarray['uid']), dbesc($datarray['type']), intval($datarray['wall']), intval($datarray['gravity']), dbesc($datarray['network']), intval($datarray['contact-id']), dbesc($datarray['owner-name']), dbesc($datarray['owner-link']), dbesc($datarray['owner-avatar']), dbesc($datarray['author-name']), dbesc($datarray['author-link']), dbesc($datarray['author-avatar']), dbesc($datarray['created']), dbesc($datarray['edited']), dbesc($datarray['commented']), dbesc($datarray['received']), dbesc($datarray['changed']), dbesc($datarray['uri']), dbesc($datarray['thr-parent']), dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['app']), dbesc($datarray['location']), dbesc($datarray['coord']), dbesc($datarray['tag']), dbesc($datarray['inform']), dbesc($datarray['verb']), dbesc($datarray['object-type']), dbesc($datarray['postopts']), dbesc($datarray['allow_cid']), dbesc($datarray['allow_gid']), dbesc($datarray['deny_cid']), dbesc($datarray['deny_gid']), intval($datarray['private']), intval($datarray['pubmail']), dbesc($datarray['attach']), intval($datarray['bookmark']), intval($datarray['origin']), intval($datarray['moderated']), dbesc($datarray['file']), dbesc($datarray['rendered-html']), dbesc($datarray['rendered-hash']));
    $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1", dbesc($datarray['uri']));
    if (!count($r)) {
        logger('mod_item: unable to retrieve post that was just stored.');
        notice(t('System error. Post not saved.') . EOL);
        goaway($a->get_baseurl() . "/" . $return_path);
        // NOTREACHED
    }
    // Store the guid and other relevant data
    add_guid($datarray);
    $post_id = $r[0]['id'];
    logger('mod_item: saved item ' . $post_id);
    $datarray["id"] = $post_id;
    $datarray["plink"] = $a->get_baseurl() . '/display/' . urlencode($datarray["guid"]);
    // update filetags in pconfig
    file_tag_update_pconfig($uid, $categories_old, $categories_new, 'category');
    if ($parent) {
        // This item is the last leaf and gets the comment box, clear any ancestors
        $r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent` = %d ", dbesc(datetime_convert()), intval($parent));
        update_thread($parent, true);
        // Inherit ACLs from the parent item.
        $r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d\n\t\t\tWHERE `id` = %d", dbesc($parent_item['allow_cid']), dbesc($parent_item['allow_gid']), dbesc($parent_item['deny_cid']), dbesc($parent_item['deny_gid']), intval($parent_item['private']), intval($post_id));
        if ($contact_record != $author) {
            notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $user['notify-flags'], 'language' => $user['language'], 'to_name' => $user['username'], 'to_email' => $user['email'], 'uid' => $user['uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode($datarray['guid']), 'source_name' => $datarray['author-name'], 'source_link' => $datarray['author-link'], 'source_photo' => $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $parent, 'parent_uri' => $parent_item['uri']));
        }
        // Store the comment signature information in case we need to relay to Diaspora
        store_diaspora_comment_sig($datarray, $author, $self ? $user['prvkey'] : false, $parent_item, $post_id);
    } else {
        $parent = $post_id;
        if ($contact_record != $author) {
            notification(array('type' => NOTIFY_WALL, 'notify_flags' => $user['notify-flags'], 'language' => $user['language'], 'to_name' => $user['username'], 'to_email' => $user['email'], 'uid' => $user['uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode($datarray['guid']), 'source_name' => $datarray['author-name'], 'source_link' => $datarray['author-link'], 'source_photo' => $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item'));
        }
    }
    // fallback so that parent always gets set to non-zero.
    if (!$parent) {
        $parent = $post_id;
    }
    $r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `plink` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1\n\t\tWHERE `id` = %d", intval($parent), dbesc($parent == $post_id ? $uri : $parent_item['uri']), dbesc($a->get_baseurl() . '/display/' . urlencode($datarray['guid'])), dbesc(datetime_convert()), intval($post_id));
    // photo comments turn the corresponding item visible to the profile wall
    // This way we don't see every picture in your new photo album posted to your wall at once.
    // They will show up as people comment on them.
    if (!$parent_item['visible']) {
        $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d", intval($parent_item['id']));
        update_thread($parent_item['id']);
    }
    // update the commented timestamp on the parent
    q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent));
    if ($post_id != $parent) {
        update_thread($parent);
    }
    call_hooks('post_local_end', $datarray);
    if (strlen($emailcc) && $profile_uid == local_user()) {
        $erecips = explode(',', $emailcc);
        if (count($erecips)) {
            foreach ($erecips as $recip) {
                $addr = trim($recip);
                if (!strlen($addr)) {
                    continue;
                }
                $disclaimer = '<hr />' . sprintf(t('This message was sent to you by %s, a member of the Friendica social network.'), $a->user['username']) . '<br />';
                $disclaimer .= sprintf(t('You may visit them online at %s'), $a->get_baseurl() . '/profile/' . $a->user['nickname']) . EOL;
                $disclaimer .= t('Please contact the sender by replying to this post if you do not wish to receive these messages.') . EOL;
                if (!$datarray['title'] == '') {
                    $subject = email_header_encode($datarray['title'], 'UTF-8');
                } else {
                    $subject = email_header_encode('[Friendica]' . ' ' . sprintf(t('%s posted an update.'), $a->user['username']), 'UTF-8');
                }
                $link = '<a href="' . $a->get_baseurl() . '/profile/' . $a->user['nickname'] . '"><img src="' . $author['thumb'] . '" alt="' . $a->user['username'] . '" /></a><br /><br />';
                $html = prepare_body($datarray);
                $message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';
                include_once 'include/html2plain.php';
                $params = array('fromName' => $a->user['username'], 'fromEmail' => $a->user['email'], 'toEmail' => $addr, 'replyTo' => $a->user['email'], 'messageSubject' => $subject, 'htmlVersion' => $message, 'textVersion' => html2plain($html . $disclaimer));
                Emailer::send($params);
            }
        }
    }
    create_tags_from_item($post_id);
    create_files_from_item($post_id);
    if ($post_id == $parent) {
        add_thread($post_id);
    }
    // This is a real juggling act on shared hosting services which kill your processes
    // e.g. dreamhost. We used to start delivery to our native delivery agents in the background
    // and then run our plugin delivery from the foreground. We're now doing plugin delivery first,
    // because as soon as you start loading up a bunch of remote delivey processes, *this* page is
    // likely to get killed off. If you end up looking at an /item URL and a blank page,
    // it's very likely the delivery got killed before all your friends could be notified.
    // Currently the only realistic fixes are to use a reliable server - which precludes shared hosting,
    // or cut back on plugins which do remote deliveries.
    proc_run('php', "include/notifier.php", $notify_type, "{$post_id}");
    logger('post_complete');
    item_post_return($a->get_baseurl(), $api_source, $return_path);
    // NOTREACHED
}