function p_init($a)
{
if ($a->argc != 2) {
header($_SERVER["SERVER_PROTOCOL"] . ' 510 ' . t('Not Extended'));
killme();
}
$guid = $a->argv[1];
if (strtolower(substr($guid, -4)) != ".xml") {
header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
killme();
}
$guid = strtolower(substr($guid, 0, -4));
$item = q("SELECT `body`, `guid`, `contact-id`, `private`, `created`, `app` FROM `item` WHERE `uid` = 0 AND `guid` = '%s' AND `network` IN ('%s', '%s') LIMIT 1", dbesc($guid), NETWORK_DFRN, NETWORK_DIASPORA);
if (!$item) {
header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
killme();
}
$post = array();
$reshared = diaspora_is_reshare($item[0]["body"]);
if ($reshared) {
$nodename = "reshare";
$post["root_diaspora_id"] = $reshared["root_handle"];
$post["root_guid"] = $reshared["root_guid"];
$post["guid"] = $item[0]["guid"];
$post["diaspora_handle"] = diaspora_handle_from_contact($item[0]["contact-id"]);
$post["public"] = !$item[0]["private"] ? 'true' : 'false';
$post["created_at"] = datetime_convert('UTC', 'UTC', $item[0]["created"]);
} else {
$nodename = "status_message";
$post["raw_message"] = str_replace("&", "&", bb2diaspora($item[0]["body"]));
$post["guid"] = $item[0]["guid"];
$post["diaspora_handle"] = diaspora_handle_from_contact($item[0]["contact-id"]);
$post["public"] = !$item[0]["private"] ? 'true' : 'false';
$post["created_at"] = datetime_convert('UTC', 'UTC', $item[0]["created"]);
$post["provider_display_name"] = $item[0]["app"];
}
$dom = new DOMDocument("1.0");
$root = $dom->createElement("XML");
$dom->appendChild($root);
$postelement = $dom->createElement("post");
$root->appendChild($postelement);
$statuselement = $dom->createElement($nodename);
$postelement->appendChild($statuselement);
foreach ($post as $index => $value) {
$postnode = $dom->createElement($index, $value);
$statuselement->appendChild($postnode);
}
header("Content-Type: application/xml; charset=utf-8");
$xml = $dom->saveXML();
// Diaspora doesn't send the XML header, so we remove them as well.
// So we avoid possible compatibility problems.
if (substr($xml, 0, 21) == '<?xml version="1.0"?>') {
$xml = trim(substr($xml, 21));
}
echo $xml;
killme();
}
function babel_content(&$a)
{
$o .= '<h1>Babel Diagnostic</h1>';
$o .= '<form action="babel" method="post">';
$o .= t('Source (bbcode) text:') . EOL . '<textarea name="text" >' . htmlspecialchars($_REQUEST['text']) . '</textarea>' . EOL;
$o .= '<input type="submit" name="submit" value="Submit" /></form>';
$o .= '<br /><br />';
$o .= '<form action="babel" method="post">';
$o .= t('Source (Diaspora) text to convert to BBcode:') . EOL . '<textarea name="d2bbtext" >' . htmlspecialchars($_REQUEST['d2bbtext']) . '</textarea>' . EOL;
$o .= '<input type="submit" name="submit" value="Submit" /></form>';
$o .= '<br /><br />';
if (x($_REQUEST, 'text')) {
$text = trim($_REQUEST['text']);
$o .= "<h2>" . t("Source input: ") . "</h2>" . EOL . EOL;
$o .= visible_lf($text) . EOL . EOL;
$html = bbcode($text);
$o .= "<h2>" . t("bb2html (raw HTML): ") . "</h2>" . EOL . EOL;
$o .= htmlspecialchars($html) . EOL . EOL;
//$html = bbcode($text);
$o .= "<h2>" . t("bb2html: ") . "</h2>" . EOL . EOL;
$o .= $html . EOL . EOL;
$bbcode = html2bbcode($html);
$o .= "<h2>" . t("bb2html2bb: ") . "</h2>" . EOL . EOL;
$o .= visible_lf($bbcode) . EOL . EOL;
$diaspora = bb2diaspora($text);
$o .= "<h2>" . t("bb2md: ") . "</h2>" . EOL . EOL;
$o .= visible_lf($diaspora) . EOL . EOL;
$html = Markdown($diaspora);
$o .= "<h2>" . t("bb2md2html: ") . "</h2>" . EOL . EOL;
$o .= $html . EOL . EOL;
$bbcode = diaspora2bb($diaspora);
$o .= "<h2>" . t("bb2dia2bb: ") . "</h2>" . EOL . EOL;
$o .= visible_lf($bbcode) . EOL . EOL;
$bbcode = html2bbcode($html);
$o .= "<h2>" . t("bb2md2html2bb: ") . "</h2>" . EOL . EOL;
$o .= visible_lf($bbcode) . EOL . EOL;
}
if (x($_REQUEST, 'd2bbtext')) {
$d2bbtext = trim($_REQUEST['d2bbtext']);
$o .= "<h2>" . t("Source input (Diaspora format): ") . "</h2>" . EOL . EOL;
$o .= visible_lf($d2bbtext) . EOL . EOL;
$bb = diaspora2bb($d2bbtext);
$o .= "<h2>" . t("diaspora2bb: ") . "</h2>" . EOL . EOL;
$o .= visible_lf($bb) . EOL . EOL;
}
return $o;
}
function diaspora_send_mail($item, $owner, $contact)
{
$a = get_app();
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(), '://') + 3);
$r = q("select * from conv where id = %d and uid = %d limit 1", intval($item['convid']), intval($item['uid']));
if (!count($r)) {
logger('diaspora_send_mail: conversation not found.');
return;
}
$cnv = $r[0];
$conv = array('guid' => xmlify($cnv['guid']), 'subject' => xmlify($cnv['subject']), 'created_at' => xmlify(datetime_convert('UTC', 'UTC', $cnv['created'], 'Y-m-d H:i:s \\U\\T\\C')), 'diaspora_handle' => xmlify($cnv['creator']), 'participant_handles' => xmlify($cnv['recips']));
$body = bb2diaspora($item['body']);
$created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C');
$signed_text = $item['guid'] . ';' . $cnv['guid'] . ';' . $body . ';' . $created . ';' . $myaddr . ';' . $cnv['guid'];
$sig = base64_encode(rsa_sign($signed_text, $owner['uprvkey'], 'sha256'));
$msg = array('guid' => xmlify($item['guid']), 'parent_guid' => xmlify($cnv['guid']), 'parent_author_signature' => xmlify($sig), 'author_signature' => xmlify($sig), 'text' => xmlify($body), 'created_at' => xmlify($created), 'diaspora_handle' => xmlify($myaddr), 'conversation_guid' => xmlify($cnv['guid']));
if ($item['reply']) {
$tpl = get_markup_template('diaspora_message.tpl');
$xmsg = replace_macros($tpl, array('$msg' => $msg));
} else {
$conv['messages'] = array($msg);
$tpl = get_markup_template('diaspora_conversation.tpl');
$xmsg = replace_macros($tpl, array('$conv' => $conv));
}
logger('diaspora_conversation: ' . print_r($xmsg, true), LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg, $owner, $contact, $owner['uprvkey'], $contact['pubkey'], false)));
//$slap = 'xml=' . urlencode(diaspora_msg_build($xmsg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],false));
return diaspora_transmit($owner, $contact, $slap, false);
}
function format_event_diaspora($ev)
{
$a = get_app();
if (!(is_array($ev) && count($ev))) {
return '';
}
$bd_format = t('l F d, Y \\@ g:i A');
// Friday January 18, 2011 @ 8 AM
$o = 'Friendica event notification:' . "\n";
$o .= '**' . ($ev['summary'] ? bb2diaspora($ev['summary']) : bb2diaspora($ev['desc'])) . '**' . "\n";
$o .= t('Starts:') . ' ' . '[' . ($ev['adjust'] ? day_translate(datetime_convert('UTC', 'UTC', $ev['start'], $bd_format)) : day_translate(datetime_convert('UTC', 'UTC', $ev['start'], $bd_format))) . '](' . $a->get_baseurl() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC', 'UTC', $ev['start'])) . ")\n";
if (!$ev['nofinish']) {
$o .= t('Finishes:') . ' ' . '[' . ($ev['adjust'] ? day_translate(datetime_convert('UTC', 'UTC', $ev['finish'], $bd_format)) : day_translate(datetime_convert('UTC', 'UTC', $ev['finish'], $bd_format))) . '](' . $a->get_baseurl() . '/localtime/?f=&time=' . urlencode(datetime_convert('UTC', 'UTC', $ev['finish'])) . ")\n";
}
if (strlen($ev['location'])) {
$o .= t('Location:') . bb2diaspora($ev['location']) . "\n";
}
$o .= "\n";
return $o;
}
function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id)
{
// We won't be able to sign Diaspora comments for authenticated visitors
// - we don't have their private key
// since Diaspora doesn't handle edits we can only do this for the original text and not update it.
$enabled = intval(get_config('system', 'diaspora_enabled'));
if (!$enabled) {
logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG);
return;
}
$body = $datarray['body'];
if (array_key_exists('item_flags', $datarray) && $datarray['item_flags'] & ITEM_OBSCURED) {
$key = get_config('system', 'prvkey');
if ($datarray['body']) {
$body = crypto_unencapsulate(json_decode($datarray['body'], true), $key);
}
}
logger('mod_item: storing diaspora comment signature', LOGGER_DEBUG);
require_once 'include/bb2diaspora.php';
$signed_body = html_entity_decode(bb2diaspora($body));
$diaspora_handle = $channel['channel_address'] . '@' . get_app()->get_hostname();
$signed_text = $datarray['mid'] . ';' . $parent_item['mid'] . ';' . $signed_body . ';' . $diaspora_handle;
if ($uprvkey !== false) {
$authorsig = base64_encode(rsa_sign($signed_text, $channel['channel_prvkey'], 'sha256'));
} else {
$authorsig = '';
}
$x = array('signer' => $diaspora_handle, 'body' => $signed_body, 'signed_text' => $signed_text, 'signature' => base64_encode($authorsig));
$r = q("update item set diaspora_meta = '%s' where id = %d limit 1", dbesc(json_encode($x)), intval($post_id));
$r = q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($post_id), dbesc($signed_text), dbesc(base64_encode($authorsig)), dbesc($diaspora_handle));
if (!$r) {
logger('store_diaspora_comment_sig: DB write failed');
}
return;
}
function store_diaspora_comment_sig($datarray, $author, $uprvkey, $parent_item, $post_id)
{
// We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key
$enabled = intval(get_config('system', 'diaspora_enabled'));
if (!$enabled) {
logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG);
return;
}
logger('mod_item: storing diaspora comment signature');
require_once 'include/bb2diaspora.php';
$signed_body = html_entity_decode(bb2diaspora($datarray['body']));
// Only works for NETWORK_DFRN
$contact_baseurl_start = strpos($author['url'], '://') + 3;
$contact_baseurl_length = strpos($author['url'], '/profile') - $contact_baseurl_start;
$contact_baseurl = substr($author['url'], $contact_baseurl_start, $contact_baseurl_length);
$diaspora_handle = $author['nick'] . '@' . $contact_baseurl;
$signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $diaspora_handle;
if ($uprvkey !== false) {
$authorsig = base64_encode(rsa_sign($signed_text, $uprvkey, 'sha256'));
} else {
$authorsig = '';
}
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($post_id), dbesc($signed_text), dbesc(base64_encode($authorsig)), dbesc($diaspora_handle));
return;
}
function diaspost_send(&$a, &$b)
{
$hostname = 'hubzilla ' . '(' . $a->get_hostname() . ')';
logger('diaspost_send: invoked', LOGGER_DEBUG);
if ($b['mid'] != $b['parent_mid']) {
return;
}
if (!is_item_normal($b) || $b['item_private'] || $b['created'] !== $b['edited']) {
return;
}
if (!perm_is_allowed($b['uid'], '', 'view_stream')) {
return;
}
if (!strstr($b['postopts'], 'diaspost')) {
return;
}
logger('diaspost_send: prepare posting', LOGGER_DEBUG);
$diaspost_username = get_pconfig($b['uid'], 'diaspost', 'diaspost_username');
$diaspost_password = z_unobscure(get_pconfig($b['uid'], 'diaspost', 'diaspost_password'));
$diaspost_url = get_pconfig($b['uid'], 'diaspost', 'diaspost_url');
if ($diaspost_url && $diaspost_username && $diaspost_password) {
logger('diaspost_send: all values seem to be okay', LOGGER_DEBUG);
require_once 'include/bb2diaspora.php';
$tag_arr = array();
$tags = '';
$x = preg_match_all('/\\#\\[(.*?)\\](.*?)\\[/', $b['tag'], $matches, PREG_SET_ORDER);
if ($x) {
foreach ($matches as $mtch) {
$tag_arr[] = $mtch[2];
}
}
if (count($tag_arr)) {
$tags = implode(',', $tag_arr);
}
$title = $b['title'];
$body = $b['body'];
// Insert a newline before and after a quote
$body = str_ireplace("[quote", "\n\n[quote", $body);
$body = str_ireplace("[/quote]", "[/quote]\n\n", $body);
// strip bookmark indicators
$body = preg_replace('/\\#\\^\\[([zu])rl/i', '[$1rl', $body);
$body = preg_replace('/\\#\\^http/i', 'http', $body);
if (intval(get_pconfig($item['uid'], 'system', 'prevent_tag_hijacking'))) {
$new_tag = html_entity_decode('⋕', ENT_COMPAT, 'UTF-8');
$new_mention = html_entity_decode('@', ENT_COMPAT, 'UTF-8');
// #-tags
$body = preg_replace('/\\#\\[url/i', $new_tag . '[url', $body);
$body = preg_replace('/\\#\\[zrl/i', $new_tag . '[zrl', $body);
// @-mentions
$body = preg_replace('/\\@\\!?\\[url/i', $new_mention . '[url', $body);
$body = preg_replace('/\\@\\!?\\[zrl/i', $new_mention . '[zrl', $body);
}
// remove multiple newlines
do {
$oldbody = $body;
$body = str_replace("\n\n\n", "\n\n", $body);
} while ($oldbody != $body);
// convert to markdown
$body = bb2diaspora($body, false, true);
// Adding the title
if (strlen($title)) {
$body = "## " . html_entity_decode($title) . "\n\n" . $body;
}
require_once "addon/diaspost/diasphp.php";
try {
logger('diaspost_send: prepare', LOGGER_DEBUG);
$conn = new Diasphp($diaspost_url);
logger('diaspost_send: try to log in ' . $diaspost_username, LOGGER_DEBUG);
$conn->login($diaspost_username, $diaspost_password);
logger('diaspost_send: try to send ' . $body, LOGGER_DEBUG);
//throw new Exception('Test');
$conn->post($body, $hostname);
logger('diaspost_send: success');
} catch (Exception $e) {
logger("diaspost_send: Error submitting the post: " . $e->getMessage());
// logger('diaspost_send: requeueing '.$b['uid'], LOGGER_DEBUG);
// $r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self`", $b['uid']);
// if (count($r))
// $a->contact = $r[0]["id"];
// $s = serialize(array('url' => $url, 'item' => $b['id'], 'post' => $body));
// require_once('include/queue_fn.php');
// add_to_queue($a->contact,NETWORK_DIASPORA2,$s);
// notice(t('Diaspost post failed. Queued for retry.').EOL);
}
}
}
function diaspora_send_mail($item, $owner, $contact)
{
$a = get_app();
$myaddr = $owner['channel_address'] . '@' . get_app()->get_hostname();
$r = q("select * from conv where id = %d and uid = %d limit 1", intval($item['convid']), intval($item['channel_id']));
if (!count($r)) {
logger('diaspora_send_mail: conversation not found.');
return;
}
$cnv = $r[0];
$conv = array('guid' => xmlify($cnv['guid']), 'subject' => xmlify($cnv['subject']), 'created_at' => xmlify(datetime_convert('UTC', 'UTC', $cnv['created'], 'Y-m-d H:i:s \\U\\T\\C')), 'diaspora_handle' => xmlify($cnv['creator']), 'participant_handles' => xmlify($cnv['recips']));
if (array_key_exists('mail_flags', $item) && $item['mail_flags'] & MAIL_OBSCURED) {
$key = get_config('system', 'prvkey');
// if($item['title'])
// $item['title'] = crypto_unencapsulate(json_decode_plus($item['title']),$key);
if ($item['body']) {
$item['body'] = crypto_unencapsulate(json_decode_plus($item['body']), $key);
}
}
$body = bb2diaspora($item['body']);
$created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C');
$signed_text = $item['mid'] . ';' . $cnv['guid'] . ';' . $body . ';' . $created . ';' . $myaddr . ';' . $cnv['guid'];
$sig = base64_encode(rsa_sign($signed_text, $owner['channel_prvkey'], 'sha256'));
$msg = array('guid' => xmlify($item['mid']), 'parent_guid' => xmlify($cnv['guid']), 'parent_author_signature' => $item['reply'] ? null : xmlify($sig), 'author_signature' => xmlify($sig), 'text' => xmlify($body), 'created_at' => xmlify($created), 'diaspora_handle' => xmlify($myaddr), 'conversation_guid' => xmlify($cnv['guid']));
if ($item['reply']) {
$tpl = get_markup_template('diaspora_message.tpl');
$xmsg = replace_macros($tpl, array('$msg' => $msg));
} else {
$conv['messages'] = array($msg);
$tpl = get_markup_template('diaspora_conversation.tpl');
$xmsg = replace_macros($tpl, array('$conv' => $conv));
}
logger('diaspora_conversation: ' . print_r($xmsg, true), LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg, $owner, $contact, $owner['channel_prvkey'], $contact['xchan_pubkey'], false)));
return diaspora_transmit($owner, $contact, $slap, false);
}
function diaspora_send_mail($item, $owner, $contact)
{
$a = get_app();
$myaddr = $owner['channel_address'] . '@' . App::get_hostname();
$r = q("select * from conv where guid = '%s' and uid = %d limit 1", dbesc($item['conv_guid']), intval($item['channel_id']));
if (!count($r)) {
logger('diaspora_send_mail: conversation not found.');
return;
}
$z = q("select from_xchan from mail where conv_guid = '%s' and channel_id = %d and mid = parent_mid limit 1", dbesc($item['conv_guid']), intval($item['channel_id']));
$conv_owner = $z && $z[0]['from_xchan'] === $owner['channel_hash'] ? true : false;
$cnv = $r[0];
$cnv['subject'] = base64url_decode(str_rot47($cnv['subject']));
$conv = array('guid' => xmlify($cnv['guid']), 'subject' => xmlify($cnv['subject']), 'created_at' => xmlify(datetime_convert('UTC', 'UTC', $cnv['created'], 'Y-m-d H:i:s \\U\\T\\C')), 'diaspora_handle' => xmlify($cnv['creator']), 'participant_handles' => xmlify($cnv['recips']));
if (array_key_exists('mail_obscured', $item) && intval($item['mail_obscured'])) {
if ($item['title']) {
$item['title'] = base64url_decode(str_rot47($item['title']));
}
if ($item['body']) {
$item['body'] = base64url_decode(str_rot47($item['body']));
}
}
// the parent_guid needs to be the conversation guid
$parent_ptr = $cnv['guid'];
$body = bb2diaspora($item['body']);
$created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C');
$signed_text = $item['mid'] . ';' . $parent_ptr . ';' . $body . ';' . $created . ';' . $myaddr . ';' . $cnv['guid'];
$sig = base64_encode(rsa_sign($signed_text, $owner['channel_prvkey'], 'sha256'));
$msg = array('guid' => xmlify($item['mid']), 'parent_guid' => xmlify($parent_ptr), 'parent_author_signature' => $conv_owner ? xmlify($sig) : null, 'author_signature' => xmlify($sig), 'text' => xmlify($body), 'created_at' => xmlify($created), 'diaspora_handle' => xmlify($myaddr), 'conversation_guid' => xmlify($cnv['guid']));
if ($item['mail_isreply']) {
$tpl = get_markup_template('diaspora_message.tpl', 'addon/diaspora');
$xmsg = replace_macros($tpl, array('$msg' => $msg));
} else {
$conv['messages'] = array($msg);
$tpl = get_markup_template('diaspora_conversation.tpl', 'addon/diaspora');
$xmsg = replace_macros($tpl, array('$conv' => $conv));
}
logger('diaspora_conversation: ' . print_r($xmsg, true), LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg, $owner, $contact, $owner['channel_prvkey'], $contact['xchan_pubkey'], false)));
return diaspora_queue($owner, $contact, $slap, false, $item['mid']);
}
function libertree_send(&$a, &$b)
{
logger('libertree_send: invoked');
if ($b['deleted'] || $b['private'] || $b['created'] !== $b['edited']) {
return;
}
if (!strstr($b['postopts'], 'libertree')) {
return;
}
if ($b['parent'] != $b['id']) {
return;
}
$ltree_api_token = get_pconfig($b['uid'], 'libertree', 'libertree_api_token');
$ltree_url = get_pconfig($b['uid'], 'libertree', 'libertree_url');
$ltree_blog = "{$ltree_url}/api/v1/posts/create/?token={$ltree_api_token}";
if ($ltree_url && $ltree_api_token && $ltree_blog) {
require_once 'include/bb2diaspora.php';
$tag_arr = array();
$tags = '';
$x = preg_match_all('/\\#\\[(.*?)\\](.*?)\\[/', $b['tag'], $matches, PREG_SET_ORDER);
if ($x) {
foreach ($matches as $mtch) {
$tag_arr[] = $mtch[2];
}
}
if (count($tag_arr)) {
$tags = implode(',', $tag_arr);
}
$params = array('text' => bb2diaspora($b['body']));
$result = post_url($ltree_blog, $params);
logger('libertree: ' . $result);
}
}
function libertree_send(&$a, &$b)
{
if (!is_item_normal($b) || $b['item_private'] || $b['created'] !== $b['edited']) {
return;
}
if (!perm_is_allowed($b['uid'], '', 'view_stream')) {
return;
}
if (!strstr($b['postopts'], 'libertree')) {
return;
}
if ($b['parent'] != $b['id']) {
return;
}
logger('libertree xpost invoked');
$ltree_api_token = get_pconfig($b['uid'], 'libertree', 'libertree_api_token');
$ltree_url = get_pconfig($b['uid'], 'libertree', 'libertree_url');
$ltree_blog = "{$ltree_url}/api/v1/posts/create/?token={$ltree_api_token}";
$ltree_source = "[" . $a->config['system']['sitename'] . "](" . $a->get_baseurl() . ")";
// $ltree_source = "RedMatrix";
logger('sitename: ' . print_r($ltree_source, true));
if ($ltree_url && $ltree_api_token && $ltree_blog && $ltree_source) {
require_once 'include/bb2diaspora.php';
$tag_arr = array();
$tags = '';
$x = preg_match_all('/\\#\\[(.*?)\\](.*?)\\[/', $b['tag'], $matches, PREG_SET_ORDER);
if ($x) {
foreach ($matches as $mtch) {
$tag_arr[] = $mtch[2];
}
}
if (count($tag_arr)) {
$tags = implode(',', $tag_arr);
}
$title = $b['title'];
$body = $b['body'];
// Insert a newline before and after a quote
$body = str_ireplace("[quote", "\n\n[quote", $body);
$body = str_ireplace("[/quote]", "[/quote]\n\n", $body);
// Removal of tags and mentions
// #-tags
$body = preg_replace('/#\\[url\\=(\\w+.*?)\\](\\w+.*?)\\[\\/url\\]/i', '#$2', $body);
// @-mentions
$body = preg_replace('/@\\[url\\=(\\w+.*?)\\](\\w+.*?)\\[\\/url\\]/i', '@$2', $body);
// remove multiple newlines
do {
$oldbody = $body;
$body = str_replace("\n\n\n", "\n\n", $body);
} while ($oldbody != $body);
// convert to markdown
$body = bb2diaspora($body, false, false);
// Adding the title
if (strlen($title)) {
$body = "## " . html_entity_decode($title) . "\n\n" . $body;
}
$params = array('text' => $body, 'source' => $ltree_source);
$level = 0;
$result = z_post_url($ltree_blog, $params, $level, array('novalidate' => true));
logger('libertree: ' . print_r($result, true));
}
}
function item_post(&$a)
{
if (!local_user() && !remote_user() && !x($_REQUEST, 'commenter')) {
return;
}
require_once 'include/security.php';
$uid = local_user();
if (x($_REQUEST, 'dropitems')) {
require_once 'include/items.php';
$arr_drop = explode(',', $_REQUEST['dropitems']);
drop_items($arr_drop);
$json = array('success' => 1);
echo json_encode($json);
killme();
}
call_hooks('post_local_start', $_REQUEST);
// logger('postinput ' . file_get_contents('php://input'));
logger('postvars ' . print_r($_REQUEST, true), LOGGER_DATA);
$api_source = x($_REQUEST, 'api_source') && $_REQUEST['api_source'] ? true : false;
$return_path = x($_REQUEST, 'return') ? $_REQUEST['return'] : '';
$preview = x($_REQUEST, 'preview') ? intval($_REQUEST['preview']) : 0;
/**
* Is this a reply to something?
*/
$parent = x($_REQUEST, 'parent') ? intval($_REQUEST['parent']) : 0;
$parent_uri = x($_REQUEST, 'parent_uri') ? trim($_REQUEST['parent_uri']) : '';
$parent_item = null;
$parent_contact = null;
$thr_parent = '';
$parid = 0;
$r = false;
if ($parent || $parent_uri) {
if (!x($_REQUEST, 'type')) {
$_REQUEST['type'] = 'net-comment';
}
if ($parent) {
$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", intval($parent));
} elseif ($parent_uri && local_user()) {
// This is coming from an API source, and we are logged in
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($parent_uri), intval(local_user()));
}
// if this isn't the real parent of the conversation, find it
if ($r !== false && count($r)) {
$parid = $r[0]['parent'];
if ($r[0]['id'] != $r[0]['parent']) {
$r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", intval($parid));
}
}
if ($r === false || !count($r)) {
notice(t('Unable to locate original post.') . EOL);
if (x($_REQUEST, 'return')) {
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
}
$parent_item = $r[0];
$parent = $r[0]['id'];
// multi-level threading - preserve the info but re-parent to our single level threading
if ($parid && $parid != $parent) {
$thr_parent = $parent_uri;
}
if ($parent_item['contact-id'] && $uid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($parent_item['contact-id']), intval($uid));
if (count($r)) {
$parent_contact = $r[0];
}
}
}
if ($parent) {
logger('mod_post: parent=' . $parent);
}
$profile_uid = x($_REQUEST, 'profile_uid') ? intval($_REQUEST['profile_uid']) : 0;
$post_id = x($_REQUEST, 'post_id') ? intval($_REQUEST['post_id']) : 0;
$app = x($_REQUEST, 'source') ? strip_tags($_REQUEST['source']) : '';
$allow_moderated = false;
// here is where we are going to check for permission to post a moderated comment.
// First check that the parent exists and it is a wall item.
if (x($_REQUEST, 'commenter') && (!$parent || !$parent_item['wall'])) {
notice(t('Permission denied.') . EOL);
if (x($_REQUEST, 'return')) {
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
}
// Now check that it is a page_type of PAGE_BLOG, and that valid personal details
// have been provided, and run any anti-spam plugins
// TODO
if (!can_write_wall($a, $profile_uid) && !$allow_moderated) {
notice(t('Permission denied.') . EOL);
if (x($_REQUEST, 'return')) {
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
}
// is this an edited post?
$orig_post = null;
if ($post_id) {
$i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($post_id));
if (!count($i)) {
killme();
}
$orig_post = $i[0];
}
$user = null;
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($profile_uid));
if (count($r)) {
$user = $r[0];
}
if ($orig_post) {
$str_group_allow = $orig_post['allow_gid'];
$str_contact_allow = $orig_post['allow_cid'];
$str_group_deny = $orig_post['deny_gid'];
$str_contact_deny = $orig_post['deny_cid'];
$location = $orig_post['location'];
$coord = $orig_post['coord'];
$verb = $orig_post['verb'];
$emailcc = $orig_post['emailcc'];
$app = $orig_post['app'];
$categories = $orig_post['file'];
$title = notags(trim($_REQUEST['title']));
$body = escape_tags(trim($_REQUEST['body']));
$private = $orig_post['private'];
$pubmail_enable = $orig_post['pubmail'];
} else {
// if coming from the API and no privacy settings are set,
// use the user default permissions - as they won't have
// been supplied via a form.
if ($api_source && !array_key_exists('contact_allow', $_REQUEST) && !array_key_exists('group_allow', $_REQUEST) && !array_key_exists('contact_deny', $_REQUEST) && !array_key_exists('group_deny', $_REQUEST)) {
$str_group_allow = $user['allow_gid'];
$str_contact_allow = $user['allow_cid'];
$str_group_deny = $user['deny_gid'];
$str_contact_deny = $user['deny_cid'];
} else {
// use the posted permissions
$str_group_allow = perms2str($_REQUEST['group_allow']);
$str_contact_allow = perms2str($_REQUEST['contact_allow']);
$str_group_deny = perms2str($_REQUEST['group_deny']);
$str_contact_deny = perms2str($_REQUEST['contact_deny']);
}
$title = notags(trim($_REQUEST['title']));
$location = notags(trim($_REQUEST['location']));
$coord = notags(trim($_REQUEST['coord']));
$verb = notags(trim($_REQUEST['verb']));
$emailcc = notags(trim($_REQUEST['emailcc']));
$body = escape_tags(trim($_REQUEST['body']));
$private = strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny) ? 1 : 0;
// If this is a comment, set the permissions from the parent.
if ($parent_item) {
$private = 0;
if ($parent_item['private'] || strlen($parent_item['allow_cid']) || strlen($parent_item['allow_gid']) || strlen($parent_item['deny_cid']) || strlen($parent_item['deny_gid'])) {
$private = 1;
}
$str_contact_allow = $parent_item['allow_cid'];
$str_group_allow = $parent_item['allow_gid'];
$str_contact_deny = $parent_item['deny_cid'];
$str_group_deny = $parent_item['deny_gid'];
}
$pubmail_enable = x($_REQUEST, 'pubmail_enable') && intval($_REQUEST['pubmail_enable']) && !$private ? 1 : 0;
// if using the API, we won't see pubmail_enable - figure out if it should be set
if ($api_source && $profile_uid && $profile_uid == local_user() && !$private) {
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (!$mail_disabled) {
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1", intval(local_user()));
if (count($r) && intval($r[0]['pubmail'])) {
$pubmail_enabled = true;
}
}
}
if (!strlen($body)) {
if ($preview) {
killme();
}
info(t('Empty post discarded.') . EOL);
if (x($_REQUEST, 'return')) {
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
}
}
if (strlen($categories)) {
// get the "fileas" tags for this post
$filedas = file_tag_file_to_list($categories, 'file');
}
// save old and new categories, so we can determine what needs to be deleted from pconfig
$categories_old = $categories;
$categories = file_tag_list_to_file(trim($_REQUEST['category']), 'category');
$categories_new = $categories;
if (strlen($filedas)) {
// append the fileas stuff to the new categories list
$categories .= file_tag_list_to_file($filedas, 'file');
}
// Work around doubled linefeeds in Tinymce 3.5b2
// First figure out if it's a status post that would've been
// created using tinymce. Otherwise leave it alone.
$plaintext = local_user() ? intval(get_pconfig(local_user(), 'system', 'plaintext')) : 0;
if (!$parent && !$api_source && !$plaintext) {
$body = fix_mce_lf($body);
}
// get contact info for poster
$author = null;
$self = false;
if (local_user() && local_user() == $profile_uid) {
$self = true;
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($_SESSION['uid']));
} elseif (remote_user()) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval(remote_user()));
}
if (count($r)) {
$author = $r[0];
$contact_id = $author['id'];
}
// get contact info for owner
if ($profile_uid == local_user()) {
$contact_record = $author;
} else {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($profile_uid));
if (count($r)) {
$contact_record = $r[0];
}
}
$post_type = notags(trim($_REQUEST['type']));
if ($post_type === 'net-comment') {
if ($parent_item !== null) {
if ($parent_item['wall'] == 1) {
$post_type = 'wall-comment';
} else {
$post_type = 'remote-comment';
}
}
}
/**
*
* When a photo was uploaded into the message using the (profile wall) ajax
* uploader, The permissions are initially set to disallow anybody but the
* owner from seeing it. This is because the permissions may not yet have been
* set for the post. If it's private, the photo permissions should be set
* appropriately. But we didn't know the final permissions on the post until
* now. So now we'll look for links of uploaded messages that are in the
* post and set them to the same permissions as the post itself.
*
*/
$match = null;
if (!$preview && preg_match_all("/\\[img\\](.*?)\\[\\/img\\]/", $body, $match)) {
$images = $match[1];
if (count($images)) {
foreach ($images as $image) {
if (!stristr($image, $a->get_baseurl() . '/photo/')) {
continue;
}
$image_uri = substr($image, strrpos($image, '/') + 1);
$image_uri = substr($image_uri, 0, strpos($image_uri, '-'));
if (!strlen($image_uri)) {
continue;
}
$srch = '<' . intval($contact_id) . '>';
$r = q("SELECT `id` FROM `photo` WHERE `allow_cid` = '%s' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = ''\n\t\t\t\t\tAND `resource-id` = '%s' AND `uid` = %d LIMIT 1", dbesc($srch), dbesc($image_uri), intval($profile_uid));
if (!count($r)) {
continue;
}
$r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'\n\t\t\t\t\tWHERE `resource-id` = '%s' AND `uid` = %d AND `album` = '%s' ", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), dbesc($image_uri), intval($profile_uid), dbesc(t('Wall Photos')));
}
}
}
/**
* Next link in any attachment references we find in the post.
*/
$match = false;
if (!$preview && preg_match_all("/\\[attachment\\](.*?)\\[\\/attachment\\]/", $body, $match)) {
$attaches = $match[1];
if (count($attaches)) {
foreach ($attaches as $attach) {
$r = q("SELECT * FROM `attach` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($attach));
if (count($r)) {
$r = q("UPDATE `attach` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'\n\t\t\t\t\t\tWHERE `uid` = %d AND `id` = %d LIMIT 1", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), intval($profile_uid), intval($attach));
}
}
}
}
// embedded bookmark in post? set bookmark flag
$bookmark = 0;
if (preg_match_all("/\\[bookmark\\=([^\\]]*)\\](.*?)\\[\\/bookmark\\]/ism", $body, $match, PREG_SET_ORDER)) {
$bookmark = 1;
}
$body = bb_translate_video($body);
/**
* Fold multi-line [code] sequences
*/
$body = preg_replace('/\\[\\/code\\]\\s*\\[code\\]/ism', "\n", $body);
$body = scale_external_images($body, false);
/**
* Look for any tags and linkify them
*/
$str_tags = '';
$inform = '';
$tags = get_tags($body);
/**
* add a statusnet style reply tag if the original post was from there
* and we are replying, and there isn't one already
*/
if ($parent_contact && $parent_contact['network'] === NETWORK_OSTATUS && $parent_contact['nick'] && !in_array('@' . $parent_contact['nick'], $tags)) {
$body = '@' . $parent_contact['nick'] . ' ' . $body;
$tags[] = '@' . $parent_contact['nick'];
}
$tagged = array();
$private_forum = false;
if (count($tags)) {
foreach ($tags as $tag) {
// If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
// Robert Johnson should be first in the $tags array
$fullnametagged = false;
for ($x = 0; $x < count($tagged); $x++) {
if (stristr($tagged[$x], $tag . ' ')) {
$fullnametagged = true;
break;
}
}
if ($fullnametagged) {
continue;
}
$success = handle_tag($a, $body, $inform, $str_tags, local_user() ? local_user() : $profile_uid, $tag);
if ($success['replaced']) {
$tagged[] = $tag;
}
if (is_array($success['contact']) && intval($success['contact']['prv'])) {
$private_forum = true;
$private_id = $success['contact']['id'];
}
}
}
if ($private_forum && !$parent && !$private) {
// we tagged a private forum in a top level post and the message was public.
// Restrict it.
$private = 1;
$str_contact_allow = '<' . $private_id . '>';
}
$attachments = '';
$match = false;
if (preg_match_all('/(\\[attachment\\]([0-9]+)\\[\\/attachment\\])/', $body, $match)) {
foreach ($match[2] as $mtch) {
$r = q("SELECT `id`,`filename`,`filesize`,`filetype` FROM `attach` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($mtch));
if (count($r)) {
if (strlen($attachments)) {
$attachments .= ',';
}
$attachments .= '[attach]href="' . $a->get_baseurl() . '/attach/' . $r[0]['id'] . '" length="' . $r[0]['filesize'] . '" type="' . $r[0]['filetype'] . '" title="' . ($r[0]['filename'] ? $r[0]['filename'] : '') . '"[/attach]';
}
$body = str_replace($match[1], '', $body);
}
}
$wall = 0;
if ($post_type === 'wall' || $post_type === 'wall-comment') {
$wall = 1;
}
if (!strlen($verb)) {
$verb = ACTIVITY_POST;
}
$gravity = $parent ? 6 : 0;
// even if the post arrived via API we are considering that it
// originated on this site by default for determining relayability.
$origin = x($_REQUEST, 'origin') ? intval($_REQUEST['origin']) : 1;
$notify_type = $parent ? 'comment-new' : 'wall-new';
$uri = item_new_uri($a->get_hostname(), $profile_uid);
$datarray = array();
$datarray['uid'] = $profile_uid;
$datarray['type'] = $post_type;
$datarray['wall'] = $wall;
$datarray['gravity'] = $gravity;
$datarray['contact-id'] = $contact_id;
$datarray['owner-name'] = $contact_record['name'];
$datarray['owner-link'] = $contact_record['url'];
$datarray['owner-avatar'] = $contact_record['thumb'];
$datarray['author-name'] = $author['name'];
$datarray['author-link'] = $author['url'];
$datarray['author-avatar'] = $author['thumb'];
$datarray['created'] = datetime_convert();
$datarray['edited'] = datetime_convert();
$datarray['commented'] = datetime_convert();
$datarray['received'] = datetime_convert();
$datarray['changed'] = datetime_convert();
$datarray['uri'] = $uri;
$datarray['title'] = $title;
$datarray['body'] = $body;
$datarray['app'] = $app;
$datarray['location'] = $location;
$datarray['coord'] = $coord;
$datarray['tag'] = $str_tags;
$datarray['file'] = $categories;
$datarray['inform'] = $inform;
$datarray['verb'] = $verb;
$datarray['allow_cid'] = $str_contact_allow;
$datarray['allow_gid'] = $str_group_allow;
$datarray['deny_cid'] = $str_contact_deny;
$datarray['deny_gid'] = $str_group_deny;
$datarray['private'] = $private;
$datarray['pubmail'] = $pubmail_enable;
$datarray['attach'] = $attachments;
$datarray['bookmark'] = intval($bookmark);
$datarray['thr-parent'] = $thr_parent;
$datarray['postopts'] = '';
$datarray['origin'] = $origin;
$datarray['moderated'] = $allow_moderated;
/**
* These fields are for the convenience of plugins...
* 'self' if true indicates the owner is posting on their own wall
* If parent is 0 it is a top-level post.
*/
$datarray['parent'] = $parent;
$datarray['self'] = $self;
// $datarray['prvnets'] = $user['prvnets'];
if ($orig_post) {
$datarray['edit'] = true;
} else {
$datarray['guid'] = get_guid();
}
// preview mode - prepare the body for display and send it via json
if ($preview) {
require_once 'include/conversation.php';
$o = conversation($a, array(array_merge($contact_record, $datarray)), 'search', false, true);
logger('preview: ' . $o);
echo json_encode(array('preview' => $o));
killme();
}
call_hooks('post_local', $datarray);
if (x($datarray, 'cancel')) {
logger('mod_item: post cancelled by plugin.');
if ($return_path) {
goaway($a->get_baseurl() . "/" . $return_path);
}
$json = array('cancel' => 1);
if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) {
$json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload'];
}
echo json_encode($json);
killme();
}
if ($orig_post) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `attach` = '%s', `file` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc($datarray['attach']), dbesc($datarray['file']), dbesc(datetime_convert()), intval($post_id), intval($profile_uid));
// update filetags in pconfig
file_tag_update_pconfig($uid, $categories_old, $categories_new, 'category');
proc_run('php', "include/notifier.php", 'edit_post', "{$post_id}");
if (x($_REQUEST, 'return') && strlen($return_path)) {
logger('return: ' . $return_path);
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
} else {
$post_id = 0;
}
$r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, \n\t\t`author-name`, `author-link`, `author-avatar`, `created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, \n\t\t`tag`, `inform`, `verb`, `postopts`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark`,`origin`, `moderated`, `file` )\n\t\tVALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, %d, '%s' )", dbesc($datarray['guid']), intval($datarray['uid']), dbesc($datarray['type']), intval($datarray['wall']), intval($datarray['gravity']), intval($datarray['contact-id']), dbesc($datarray['owner-name']), dbesc($datarray['owner-link']), dbesc($datarray['owner-avatar']), dbesc($datarray['author-name']), dbesc($datarray['author-link']), dbesc($datarray['author-avatar']), dbesc($datarray['created']), dbesc($datarray['edited']), dbesc($datarray['commented']), dbesc($datarray['received']), dbesc($datarray['changed']), dbesc($datarray['uri']), dbesc($datarray['thr-parent']), dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['app']), dbesc($datarray['location']), dbesc($datarray['coord']), dbesc($datarray['tag']), dbesc($datarray['inform']), dbesc($datarray['verb']), dbesc($datarray['postopts']), dbesc($datarray['allow_cid']), dbesc($datarray['allow_gid']), dbesc($datarray['deny_cid']), dbesc($datarray['deny_gid']), intval($datarray['private']), intval($datarray['pubmail']), dbesc($datarray['attach']), intval($datarray['bookmark']), intval($datarray['origin']), intval($datarray['moderated']), dbesc($datarray['file']));
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1", dbesc($datarray['uri']));
if (count($r)) {
$post_id = $r[0]['id'];
logger('mod_item: saved item ' . $post_id);
// update filetags in pconfig
file_tag_update_pconfig($uid, $categories_old, $categories_new, 'category');
if ($parent) {
// This item is the last leaf and gets the comment box, clear any ancestors
$r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent` = %d ", dbesc(datetime_convert()), intval($parent));
// Inherit ACL's from the parent item.
$r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d\n\t\t\t\tWHERE `id` = %d LIMIT 1", dbesc($parent_item['allow_cid']), dbesc($parent_item['allow_gid']), dbesc($parent_item['deny_cid']), dbesc($parent_item['deny_gid']), intval($parent_item['private']), intval($post_id));
if ($contact_record != $author) {
notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $user['notify-flags'], 'language' => $user['language'], 'to_name' => $user['username'], 'to_email' => $user['email'], 'uid' => $user['uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id, 'source_name' => $datarray['author-name'], 'source_link' => $datarray['author-link'], 'source_photo' => $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $parent));
}
// We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key
if ($self) {
require_once 'include/bb2diaspora.php';
$signed_body = html_entity_decode(bb2diaspora($datarray['body']));
$myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(), '://') + 3);
if ($datarray['verb'] === ACTIVITY_LIKE) {
$signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr;
} else {
$signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr;
}
$authorsig = base64_encode(rsa_sign($signed_text, $a->user['prvkey'], 'sha256'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($post_id), dbesc($signed_text), dbesc(base64_encode($authorsig)), dbesc($myaddr));
}
} else {
$parent = $post_id;
if ($contact_record != $author) {
notification(array('type' => NOTIFY_WALL, 'notify_flags' => $user['notify-flags'], 'language' => $user['language'], 'to_name' => $user['username'], 'to_email' => $user['email'], 'uid' => $user['uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id, 'source_name' => $datarray['author-name'], 'source_link' => $datarray['author-link'], 'source_photo' => $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item'));
}
}
// fallback so that parent always gets set to non-zero.
if (!$parent) {
$parent = $post_id;
}
$r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `plink` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1\n\t\t\tWHERE `id` = %d LIMIT 1", intval($parent), dbesc($parent == $post_id ? $uri : $parent_item['uri']), dbesc($a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id), dbesc(datetime_convert()), intval($post_id));
// photo comments turn the corresponding item visible to the profile wall
// This way we don't see every picture in your new photo album posted to your wall at once.
// They will show up as people comment on them.
if (!$parent_item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d LIMIT 1", intval($parent_item['id']));
}
} else {
logger('mod_item: unable to retrieve post that was just stored.');
notice(t('System error. Post not saved.') . EOL);
goaway($a->get_baseurl() . "/" . $return_path);
// NOTREACHED
}
// update the commented timestamp on the parent
q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent));
$datarray['id'] = $post_id;
$datarray['plink'] = $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id;
call_hooks('post_local_end', $datarray);
if (strlen($emailcc) && $profile_uid == local_user()) {
$erecips = explode(',', $emailcc);
if (count($erecips)) {
foreach ($erecips as $recip) {
$addr = trim($recip);
if (!strlen($addr)) {
continue;
}
$disclaimer = '<hr />' . sprintf(t('This message was sent to you by %s, a member of the Friendica social network.'), $a->user['username']) . '<br />';
$disclaimer .= sprintf(t('You may visit them online at %s'), $a->get_baseurl() . '/profile/' . $a->user['nickname']) . EOL;
$disclaimer .= t('Please contact the sender by replying to this post if you do not wish to receive these messages.') . EOL;
$subject = email_header_encode('[Friendica]' . ' ' . sprintf(t('%s posted an update.'), $a->user['username']), 'UTF-8');
$headers = 'From: ' . email_header_encode($a->user['username'], 'UTF-8') . ' <' . $a->user['email'] . '>' . "\n";
$headers .= 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n";
$headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n";
$link = '<a href="' . $a->get_baseurl() . '/profile/' . $a->user['nickname'] . '"><img src="' . $author['thumb'] . '" alt="' . $a->user['username'] . '" /></a><br /><br />';
$html = prepare_body($datarray);
$message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';
@mail($addr, $subject, $message, $headers);
}
}
}
// This is a real juggling act on shared hosting services which kill your processes
// e.g. dreamhost. We used to start delivery to our native delivery agents in the background
// and then run our plugin delivery from the foreground. We're now doing plugin delivery first,
// because as soon as you start loading up a bunch of remote delivey processes, *this* page is
// likely to get killed off. If you end up looking at an /item URL and a blank page,
// it's very likely the delivery got killed before all your friends could be notified.
// Currently the only realistic fixes are to use a reliable server - which precludes shared hosting,
// or cut back on plugins which do remote deliveries.
proc_run('php', "include/notifier.php", $notify_type, "{$post_id}");
logger('post_complete');
// figure out how to return, depending on from whence we came
if ($api_source) {
return;
}
if ($return_path) {
goaway($a->get_baseurl() . "/" . $return_path);
}
$json = array('success' => 1);
if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) {
$json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload'];
}
logger('post_json: ' . print_r($json, true), LOGGER_DEBUG);
echo json_encode($json);
killme();
// NOTREACHED
}
function diaspora_send(&$a, &$b)
{
$hostname = $a->get_hostname();
logger('diaspora_send: invoked');
if ($b['deleted'] || $b['private'] || $b['created'] !== $b['edited']) {
return;
}
if (!strstr($b['postopts'], 'diaspora')) {
return;
}
if ($b['parent'] != $b['id']) {
return;
}
logger('diaspora_send: prepare posting', LOGGER_DEBUG);
$diaspora_username = get_pconfig($b['uid'], 'diaspora', 'diaspora_username');
$diaspora_password = get_pconfig($b['uid'], 'diaspora', 'diaspora_password');
$diaspora_url = get_pconfig($b['uid'], 'diaspora', 'diaspora_url');
if ($diaspora_url && $diaspora_username && $diaspora_password) {
logger('diaspora_send: all values seem to be okay', LOGGER_DEBUG);
require_once 'include/bb2diaspora.php';
$tag_arr = array();
$tags = '';
$x = preg_match_all('/\\#\\[(.*?)\\](.*?)\\[/', $b['tag'], $matches, PREG_SET_ORDER);
if ($x) {
foreach ($matches as $mtch) {
$tag_arr[] = $mtch[2];
}
}
if (count($tag_arr)) {
$tags = implode(',', $tag_arr);
}
$title = $b['title'];
$body = $b['body'];
// Insert a newline before and after a quote
$body = str_ireplace("[quote", "\n\n[quote", $body);
$body = str_ireplace("[/quote]", "[/quote]\n\n", $body);
// Removal of tags and mentions
// #-tags
$body = preg_replace('/#\\[url\\=(\\w+.*?)\\](\\w+.*?)\\[\\/url\\]/i', '#$2', $body);
// @-mentions
$body = preg_replace('/@\\[url\\=(\\w+.*?)\\](\\w+.*?)\\[\\/url\\]/i', '@$2', $body);
// remove multiple newlines
do {
$oldbody = $body;
$body = str_replace("\n\n\n", "\n\n", $body);
} while ($oldbody != $body);
// convert to markdown
$body = bb2diaspora($body, false, true);
// Adding the title
if (strlen($title)) {
$body = "## " . html_entity_decode($title) . "\n\n" . $body;
}
require_once "addon/diaspora/diasphp.php";
try {
logger('diaspora_send: prepare', LOGGER_DEBUG);
$conn = new Diasphp($diaspora_url);
logger('diaspora_send: try to log in ' . $diaspora_username, LOGGER_DEBUG);
$conn->login($diaspora_username, $diaspora_password);
logger('diaspora_send: try to send ' . $body, LOGGER_DEBUG);
//throw new Exception('Test');
$conn->post($body, $hostname);
logger('diaspora_send: success');
} catch (Exception $e) {
logger("diaspora_send: Error submitting the post: " . $e->getMessage());
logger('diaspora_send: requeueing ' . $b['uid'], LOGGER_DEBUG);
$r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self`", $b['uid']);
if (count($r)) {
$a->contact = $r[0]["id"];
}
$s = serialize(array('url' => $url, 'item' => $b['id'], 'post' => $body));
require_once 'include/queue_fn.php';
add_to_queue($a->contact, NETWORK_DIASPORA2, $s);
notice(t('Diaspora post failed. Queued for retry.') . EOL);
}
}
}
function item_post(&$a)
{
if (!local_user() && !remote_user()) {
return;
}
require_once 'include/security.php';
$uid = local_user();
if (x($_POST, 'dropitems')) {
require_once 'include/items.php';
$arr_drop = explode(',', $_POST['dropitems']);
drop_items($arr_drop);
$json = array('success' => 1);
echo json_encode($json);
killme();
}
call_hooks('post_local_start', $_POST);
$api_source = x($_POST, 'api_source') && $_POST['api_source'] ? true : false;
$return_path = x($_POST, 'return') ? $_POST['return'] : '';
/**
* Is this a reply to something?
*/
$parent = x($_POST, 'parent') ? intval($_POST['parent']) : 0;
$parent_uri = x($_POST, 'parent_uri') ? trim($_POST['parent_uri']) : '';
$parent_item = null;
$parent_contact = null;
$thr_parent = '';
$parid = 0;
$r = false;
if ($parent || $parent_uri) {
if (!x($_POST, 'type')) {
$_POST['type'] = 'net-comment';
}
if ($parent) {
$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", intval($parent));
} elseif ($parent_uri && local_user()) {
// This is coming from an API source, and we are logged in
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($parent_uri), intval(local_user()));
}
// if this isn't the real parent of the conversation, find it
if ($r !== false && count($r)) {
$parid = $r[0]['parent'];
if ($r[0]['id'] != $r[0]['parent']) {
$r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", intval($parid));
}
}
if ($r === false || !count($r)) {
notice(t('Unable to locate original post.') . EOL);
if (x($_POST, 'return')) {
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
}
$parent_item = $r[0];
$parent = $r[0]['id'];
// multi-level threading - preserve the info but re-parent to our single level threading
if ($parid && $parid != $parent) {
$thr_parent = $parent_uri;
}
if ($parent_item['contact-id'] && $uid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($parent_item['contact-id']), intval($uid));
if (count($r)) {
$parent_contact = $r[0];
}
}
}
if ($parent) {
logger('mod_post: parent=' . $parent);
}
$profile_uid = x($_POST, 'profile_uid') ? intval($_POST['profile_uid']) : 0;
$post_id = x($_POST['post_id']) ? intval($_POST['post_id']) : 0;
$app = x($_POST['source']) ? strip_tags($_POST['source']) : '';
if (!can_write_wall($a, $profile_uid)) {
notice(t('Permission denied.') . EOL);
if (x($_POST, 'return')) {
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
}
// is this an edited post?
$orig_post = null;
if ($post_id) {
$i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($post_id));
if (!count($i)) {
killme();
}
$orig_post = $i[0];
}
$user = null;
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($profile_uid));
if (count($r)) {
$user = $r[0];
}
if ($orig_post) {
$str_group_allow = $orig_post['allow_gid'];
$str_contact_allow = $orig_post['allow_cid'];
$str_group_deny = $orig_post['deny_gid'];
$str_contact_deny = $orig_post['deny_cid'];
$title = $orig_post['title'];
$location = $orig_post['location'];
$coord = $orig_post['coord'];
$verb = $orig_post['verb'];
$emailcc = $orig_post['emailcc'];
$app = $orig_post['app'];
$body = escape_tags(trim($_POST['body']));
$private = $orig_post['private'];
$pubmail_enable = $orig_post['pubmail'];
} else {
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
$str_contact_deny = perms2str($_POST['contact_deny']);
$title = notags(trim($_POST['title']));
$location = notags(trim($_POST['location']));
$coord = notags(trim($_POST['coord']));
$verb = notags(trim($_POST['verb']));
$emailcc = notags(trim($_POST['emailcc']));
$body = escape_tags(trim($_POST['body']));
$private = strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny) ? 1 : 0;
if ($parent_item && ($parent_item['private'] || strlen($parent_item['allow_cid']) || strlen($parent_item['allow_gid']) || strlen($parent_item['deny_cid']) || strlen($parent_item['deny_gid']))) {
$private = 1;
}
$pubmail_enable = x($_POST, 'pubmail_enable') && intval($_POST['pubmail_enable']) && !$private ? 1 : 0;
// if using the API, we won't see pubmail_enable - figure out if it should be set
if ($api_source && $profile_uid && $profile_uid == local_user() && !$private) {
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (!$mail_disabled) {
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1", intval(local_user()));
if (count($r) && intval($r[0]['pubmail'])) {
$pubmail_enabled = true;
}
}
}
if (!strlen($body)) {
info(t('Empty post discarded.') . EOL);
if (x($_POST, 'return')) {
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
}
}
if ($api_source && !array_key_exists('allow_cid', $_REQUEST) && !array_key_exists('allow_gid', $_REQUEST) && !array_key_exists('deny_cid', $_REQUEST) && !array_key_exists('deny_gid', $_REQUEST)) {
$str_group_allow = $user['allow_gid'];
$str_contact_allow = $user['allow_cid'];
$str_group_deny = $user['deny_gid'];
$str_contact_deny = $user['deny_cid'];
}
// get contact info for poster
$author = null;
$self = false;
if ($_SESSION['uid'] && $_SESSION['uid'] == $profile_uid) {
$self = true;
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($_SESSION['uid']));
} else {
if (x($_SESSION, 'visitor_id') && intval($_SESSION['visitor_id'])) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($_SESSION['visitor_id']));
}
}
if (count($r)) {
$author = $r[0];
$contact_id = $author['id'];
}
// get contact info for owner
if ($profile_uid == $_SESSION['uid']) {
$contact_record = $author;
} else {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($profile_uid));
if (count($r)) {
$contact_record = $r[0];
}
}
$post_type = notags(trim($_POST['type']));
if ($post_type === 'net-comment') {
if ($parent_item !== null) {
if ($parent_item['wall'] == 1) {
$post_type = 'wall-comment';
} else {
$post_type = 'remote-comment';
}
}
}
/**
*
* When a photo was uploaded into the message using the (profile wall) ajax
* uploader, The permissions are initially set to disallow anybody but the
* owner from seeing it. This is because the permissions may not yet have been
* set for the post. If it's private, the photo permissions should be set
* appropriately. But we didn't know the final permissions on the post until
* now. So now we'll look for links of uploaded messages that are in the
* post and set them to the same permissions as the post itself.
*
*/
$match = null;
if (preg_match_all("/\\[img\\](.*?)\\[\\/img\\]/", $body, $match)) {
$images = $match[1];
if (count($images)) {
foreach ($images as $image) {
if (!stristr($image, $a->get_baseurl() . '/photo/')) {
continue;
}
$image_uri = substr($image, strrpos($image, '/') + 1);
$image_uri = substr($image_uri, 0, strpos($image_uri, '-'));
if (!strlen($image_uri)) {
continue;
}
$srch = '<' . intval($profile_uid) . '>';
$r = q("SELECT `id` FROM `photo` WHERE `allow_cid` = '%s' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = ''\n\t\t\t\t\tAND `resource-id` = '%s' AND `uid` = %d LIMIT 1", dbesc($srch), dbesc($image_uri), intval($profile_uid));
if (!count($r)) {
continue;
}
$r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'\n\t\t\t\t\tWHERE `resource-id` = '%s' AND `uid` = %d AND `album` = '%s' ", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), dbesc($image_uri), intval($profile_uid), dbesc(t('Wall Photos')));
}
}
}
/**
* Next link in any attachment references we find in the post.
*/
$match = false;
if (preg_match_all("/\\[attachment\\](.*?)\\[\\/attachment\\]/", $body, $match)) {
$attaches = $match[1];
if (count($attaches)) {
foreach ($attaches as $attach) {
$r = q("SELECT * FROM `attach` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($attach));
if (count($r)) {
$r = q("UPDATE `attach` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'\n\t\t\t\t\t\tWHERE `uid` = %d AND `id` = %d LIMIT 1", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), intval($profile_uid), intval($attach));
}
}
}
}
// embedded bookmark in post? set bookmark flag
$bookmark = 0;
if (preg_match_all("/\\[bookmark\\=([^\\]]*)\\](.*?)\\[\\/bookmark\\]/ism", $body, $match, PREG_SET_ORDER)) {
$bookmark = 1;
// foreach($match as $mtch) {
// $body = str_replace(
// '[bookmark=' . $mtch[1] . ']' . $mtch[2] . '[/bookmark]',
// '[url=' . $mtch[1] . ']' . $mtch[2] . '[/url]',
// $body
// );
// }
}
$body = bb_translate_video($body);
/**
* Fold multi-line [code] sequences
*/
$body = preg_replace('/\\[\\/code\\]\\s*\\[code\\]/ism', "\n", $body);
/**
* Look for any tags and linkify them
*/
$str_tags = '';
$inform = '';
$tags = get_tags($body);
/**
* add a statusnet style reply tag if the original post was from there
* and we are replying, and there isn't one already
*/
if ($parent_contact && $parent_contact['network'] === NETWORK_OSTATUS && $parent_contact['nick'] && !in_array('@' . $parent_contact['nick'], $tags)) {
$body = '@' . $parent_contact['nick'] . ' ' . $body;
$tags[] = '@' . $parent_contact['nick'];
}
if (count($tags)) {
foreach ($tags as $tag) {
if (isset($profile)) {
unset($profile);
}
if (strpos($tag, '#') === 0) {
if (strpos($tag, '[url=')) {
continue;
}
$basetag = str_replace('_', ' ', substr($tag, 1));
$body = str_replace($tag, '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]', $body);
if (strlen($str_tags)) {
$str_tags .= ',';
}
$str_tags .= '#[url=' . $a->get_baseurl() . '/search?search=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
continue;
}
if (strpos($tag, '@') === 0) {
if (strpos($tag, '[url=')) {
continue;
}
$stat = false;
$name = substr($tag, 1);
if (strpos($name, '@') || strpos($name, 'http://')) {
$newname = $name;
$links = @lrdd($name);
if (count($links)) {
foreach ($links as $link) {
if ($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
$profile = $link['@attributes']['href'];
}
if ($link['@attributes']['rel'] === 'salmon') {
if (strlen($inform)) {
$inform .= ',';
}
$inform .= 'url:' . str_replace(',', '%2c', $link['@attributes']['href']);
}
}
}
} else {
$newname = $name;
$alias = '';
$tagcid = 0;
if (strrpos($newname, '+')) {
$tagcid = intval(substr($newname, strrpos($newname, '+') + 1));
if (strpos($name, ' ')) {
$name = substr($name, 0, strpos($name, ' '));
}
}
if ($tagcid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($tagcid), intval($profile_uid));
} elseif (strstr($name, '_') || strstr($name, ' ')) {
$newname = str_replace('_', ' ', $name);
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", dbesc($newname), intval($profile_uid));
} else {
$r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", dbesc($name), dbesc($name), intval($profile_uid));
}
if (count($r)) {
$profile = $r[0]['url'];
if ($r[0]['network'] === 'stat') {
$newname = $r[0]['nick'];
$stat = true;
if ($r[0]['alias']) {
$alias = $r[0]['alias'];
}
} else {
$newname = $r[0]['name'];
}
if (strlen($inform)) {
$inform .= ',';
}
$inform .= 'cid:' . $r[0]['id'];
}
}
if ($profile) {
$body = str_replace('@' . $name, '@' . '[url=' . $profile . ']' . $newname . '[/url]', $body);
$profile = str_replace(',', '%2c', $profile);
$newtag = '@[url=' . $profile . ']' . $newname . '[/url]';
if (!stristr($str_tags, $newtag)) {
if (strlen($str_tags)) {
$str_tags .= ',';
}
$str_tags .= $newtag;
}
// Status.Net seems to require the numeric ID URL in a mention if the person isn't
// subscribed to you. But the nickname URL is OK if they are. Grrr. We'll tag both.
if (strlen($alias)) {
$newtag = '@[url=' . $alias . ']' . $newname . '[/url]';
if (!stristr($str_tags, $newtag)) {
if (strlen($str_tags)) {
$str_tags .= ',';
}
$str_tags .= $newtag;
}
}
}
}
}
}
$attachments = '';
$match = false;
if (preg_match_all('/(\\[attachment\\]([0-9]+)\\[\\/attachment\\])/', $body, $match)) {
foreach ($match[2] as $mtch) {
$r = q("SELECT `id`,`filename`,`filesize`,`filetype` FROM `attach` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($mtch));
if (count($r)) {
if (strlen($attachments)) {
$attachments .= ',';
}
$attachments .= '[attach]href="' . $a->get_baseurl() . '/attach/' . $r[0]['id'] . '" length="' . $r[0]['filesize'] . '" type="' . $r[0]['filetype'] . '" title="' . ($r[0]['filename'] ? $r[0]['filename'] : '') . '"[/attach]';
}
$body = str_replace($match[1], '', $body);
}
}
$wall = 0;
if ($post_type === 'wall' || $post_type === 'wall-comment') {
$wall = 1;
}
if (!strlen($verb)) {
$verb = ACTIVITY_POST;
}
$gravity = $parent ? 6 : 0;
// even if the post arrived via API we are considering that it
// originated on this site by default for determining relayability.
$origin = x($_REQUEST, 'origin') ? intval($_REQUEST['origin']) : 1;
$notify_type = $parent ? 'comment-new' : 'wall-new';
$uri = item_new_uri($a->get_hostname(), $profile_uid);
$datarray = array();
$datarray['uid'] = $profile_uid;
$datarray['type'] = $post_type;
$datarray['wall'] = $wall;
$datarray['gravity'] = $gravity;
$datarray['contact-id'] = $contact_id;
$datarray['owner-name'] = $contact_record['name'];
$datarray['owner-link'] = $contact_record['url'];
$datarray['owner-avatar'] = $contact_record['thumb'];
$datarray['author-name'] = $author['name'];
$datarray['author-link'] = $author['url'];
$datarray['author-avatar'] = $author['thumb'];
$datarray['created'] = datetime_convert();
$datarray['edited'] = datetime_convert();
$datarray['commented'] = datetime_convert();
$datarray['received'] = datetime_convert();
$datarray['changed'] = datetime_convert();
$datarray['uri'] = $uri;
$datarray['title'] = $title;
$datarray['body'] = $body;
$datarray['app'] = $app;
$datarray['location'] = $location;
$datarray['coord'] = $coord;
$datarray['tag'] = $str_tags;
$datarray['inform'] = $inform;
$datarray['verb'] = $verb;
$datarray['allow_cid'] = $str_contact_allow;
$datarray['allow_gid'] = $str_group_allow;
$datarray['deny_cid'] = $str_contact_deny;
$datarray['deny_gid'] = $str_group_deny;
$datarray['private'] = $private;
$datarray['pubmail'] = $pubmail_enable;
$datarray['attach'] = $attachments;
$datarray['bookmark'] = intval($bookmark);
$datarray['thr-parent'] = $thr_parent;
$datarray['postopts'] = '';
$datarray['origin'] = $origin;
/**
* These fields are for the convenience of plugins...
* 'self' if true indicates the owner is posting on their own wall
* If parent is 0 it is a top-level post.
*/
$datarray['parent'] = $parent;
$datarray['self'] = $self;
// $datarray['prvnets'] = $user['prvnets'];
if ($orig_post) {
$datarray['edit'] = true;
} else {
$datarray['guid'] = get_guid();
}
call_hooks('post_local', $datarray);
if ($orig_post) {
$r = q("UPDATE `item` SET `body` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($body), dbesc(datetime_convert()), intval($post_id), intval($profile_uid));
proc_run('php', "include/notifier.php", 'edit_post', "{$post_id}");
if (x($_POST, 'return') && strlen($return_path)) {
logger('return: ' . $return_path);
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
} else {
$post_id = 0;
}
$r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, \n\t\t`author-name`, `author-link`, `author-avatar`, `created`, `edited`, `commented`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, \n\t\t`tag`, `inform`, `verb`, `postopts`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach`, `bookmark`,`origin` )\n\t\tVALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d )", dbesc($datarray['guid']), intval($datarray['uid']), dbesc($datarray['type']), intval($datarray['wall']), intval($datarray['gravity']), intval($datarray['contact-id']), dbesc($datarray['owner-name']), dbesc($datarray['owner-link']), dbesc($datarray['owner-avatar']), dbesc($datarray['author-name']), dbesc($datarray['author-link']), dbesc($datarray['author-avatar']), dbesc($datarray['created']), dbesc($datarray['edited']), dbesc($datarray['commented']), dbesc($datarray['received']), dbesc($datarray['changed']), dbesc($datarray['uri']), dbesc($datarray['thr-parent']), dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['app']), dbesc($datarray['location']), dbesc($datarray['coord']), dbesc($datarray['tag']), dbesc($datarray['inform']), dbesc($datarray['verb']), dbesc($datarray['postopts']), dbesc($datarray['allow_cid']), dbesc($datarray['allow_gid']), dbesc($datarray['deny_cid']), dbesc($datarray['deny_gid']), intval($datarray['private']), intval($datarray['pubmail']), dbesc($datarray['attach']), intval($datarray['bookmark']), intval($datarray['origin']));
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1", dbesc($datarray['uri']));
if (count($r)) {
$post_id = $r[0]['id'];
logger('mod_item: saved item ' . $post_id);
if ($parent) {
// This item is the last leaf and gets the comment box, clear any ancestors
$r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent` = %d ", dbesc(datetime_convert()), intval($parent));
// Inherit ACL's from the parent item.
$r = q("UPDATE `item` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d\n\t\t\t\tWHERE `id` = %d LIMIT 1", dbesc($parent_item['allow_cid']), dbesc($parent_item['allow_gid']), dbesc($parent_item['deny_cid']), dbesc($parent_item['deny_gid']), intval($parent_item['private']), intval($post_id));
// Send a notification email to the conversation owner, unless the owner is me and I wrote this item
if ($user['notify-flags'] & NOTIFY_COMMENT && $contact_record != $author) {
push_lang($user['language']);
require_once 'bbcode.php';
$from = $author['name'];
// name of the automated email sender
$msg['notificationfromname'] = stripslashes($datarray['author-name']);
// noreply address to send from
$msg['notificationfromemail'] = t('noreply') . '@' . $a->get_hostname();
// text version
// process the message body to display properly in text mode
$msg['textversion'] = html_entity_decode(strip_tags(bbcode(stripslashes($datarray['body']))), ENT_QUOTES, 'UTF-8');
// html version
// process the message body to display properly in text mode
$msg['htmlversion'] = html_entity_decode(bbcode(stripslashes(str_replace(array("\\r\\n", "\\r", "\\n\\n", "\\n"), "<br />\n", $datarray['body']))));
// load the template for private message notifications
$tpl = get_intltext_template('cmnt_received_html_body_eml.tpl');
$email_html_body_tpl = replace_macros($tpl, array('$username' => $user['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $author['thumb'], '$email' => $importer['email'], '$url' => $author['url'], '$from' => $from, '$body' => $msg['htmlversion'], '$display' => $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id));
// load the template for private message notifications
$tpl = get_intltext_template('cmnt_received_text_body_eml.tpl');
$email_text_body_tpl = replace_macros($tpl, array('$username' => $user['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $author['thumb'], '$email' => $importer['email'], '$url' => $author['url'], '$from' => $from, '$body' => $msg['textversion'], '$display' => $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id));
// use the EmailNotification library to send the message
require_once "include/EmailNotification.php";
EmailNotification::sendTextHtmlEmail($msg['notificationfromname'], t("Administrator@") . $a->get_hostname(), t("noreply") . '@' . $a->get_hostname(), $user['email'], sprintf(t('%s commented on an item at %s'), $from, $a->config['sitename']), $email_html_body_tpl, $email_text_body_tpl);
pop_lang();
}
// We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key
if ($self) {
require_once 'include/bb2diaspora.php';
$signed_body = html_entity_decode(bb2diaspora($datarray['body']));
$myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(), '://') + 3);
if ($datarray['verb'] === ACTIVITY_LIKE) {
$signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr;
} else {
$signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr;
}
$authorsig = base64_encode(rsa_sign($signed_text, $a->user['prvkey'], 'sha256'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($post_id), dbesc($signed_text), dbesc(base64_encode($authorsig)), dbesc($myaddr));
}
} else {
$parent = $post_id;
// let me know if somebody did a wall-to-wall post on my profile
if ($user['notify-flags'] & NOTIFY_WALL && $contact_record != $author) {
push_lang($user['language']);
require_once 'bbcode.php';
$from = $author['name'];
// name of the automated email sender
$msg['notificationfromname'] = $from;
// noreply address to send from
$msg['notificationfromemail'] = t('noreply') . '@' . $a->get_hostname();
// text version
// process the message body to display properly in text mode
$msg['textversion'] = html_entity_decode(strip_tags(bbcode(stripslashes($datarray['body']))), ENT_QUOTES, 'UTF-8');
// html version
// process the message body to display properly in text mode
$msg['htmlversion'] = html_entity_decode(bbcode(stripslashes(str_replace(array("\\r\\n", "\\r", "\\n\\n", "\\n"), "<br />\n", $datarray['body']))));
// load the template for private message notifications
$tpl = load_view_file('view/wall_received_html_body_eml.tpl');
$email_html_body_tpl = replace_macros($tpl, array('$username' => $user['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $author['thumb'], '$url' => $author['url'], '$from' => $from, '$body' => $msg['htmlversion'], '$display' => $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id));
// load the template for private message notifications
$tpl = load_view_file('view/wall_received_text_body_eml.tpl');
$email_text_body_tpl = replace_macros($tpl, array('$username' => $user['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $author['thumb'], '$url' => $author['url'], '$from' => $from, '$body' => $msg['textversion'], '$display' => $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id));
// use the EmailNotification library to send the message
require_once "include/EmailNotification.php";
EmailNotification::sendTextHtmlEmail($msg['notificationfromname'], t("Administrator@") . $a->get_hostname(), t("noreply") . '@' . $a->get_hostname(), $user['email'], sprintf(t('%s posted to your profile wall at %s'), $from, $a->config['sitename']), $email_html_body_tpl, $email_text_body_tpl);
pop_lang();
}
}
// fallback so that parent always gets set to non-zero.
if (!$parent) {
$parent = $post_id;
}
$r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `plink` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1\n\t\t\tWHERE `id` = %d LIMIT 1", intval($parent), dbesc($parent == $post_id ? $uri : $parent_item['uri']), dbesc($a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id), dbesc(datetime_convert()), intval($post_id));
// photo comments turn the corresponding item visible to the profile wall
// This way we don't see every picture in your new photo album posted to your wall at once.
// They will show up as people comment on them.
if (!$parent_item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d LIMIT 1", intval($parent_item['id']));
}
} else {
logger('mod_item: unable to retrieve post that was just stored.');
notify(t('System error. Post not saved.'));
goaway($a->get_baseurl() . "/" . $return_path);
// NOTREACHED
}
// update the commented timestamp on the parent
q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent));
$datarray['id'] = $post_id;
$datarray['plink'] = $a->get_baseurl() . '/display/' . $user['nickname'] . '/' . $post_id;
call_hooks('post_local_end', $datarray);
if (strlen($emailcc) && $profile_uid == local_user()) {
$erecips = explode(',', $emailcc);
if (count($erecips)) {
foreach ($erecips as $recip) {
$addr = trim($recip);
if (!strlen($addr)) {
continue;
}
$disclaimer = '<hr />' . sprintf(t('This message was sent to you by %s, a member of the Friendica social network.'), $a->user['username']) . '<br />';
$disclaimer .= sprintf(t('You may visit them online at %s'), $a->get_baseurl() . '/profile/' . $a->user['nickname']) . EOL;
$disclaimer .= t('Please contact the sender by replying to this post if you do not wish to receive these messages.') . EOL;
$subject = '[Friendica]' . ' ' . sprintf(t('%s posted an update.'), $a->user['username']);
$headers = 'From: ' . $a->user['username'] . ' <' . $a->user['email'] . '>' . "\n";
$headers .= 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n";
$headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n";
$link = '<a href="' . $a->get_baseurl() . '/profile/' . $a->user['nickname'] . '"><img src="' . $author['thumb'] . '" alt="' . $a->user['username'] . '" /></a><br /><br />';
$html = prepare_body($datarray);
$message = '<html><body>' . $link . $html . $disclaimer . '</body></html>';
@mail($addr, $subject, $message, $headers);
}
}
}
// This is a real juggling act on shared hosting services which kill your processes
// e.g. dreamhost. We used to start delivery to our native delivery agents in the background
// and then run our plugin delivery from the foreground. We're now doing plugin delivery first,
// because as soon as you start loading up a bunch of remote delivey processes, *this* page is
// likely to get killed off. If you end up looking at an /item URL and a blank page,
// it's very likely the delivery got killed before all your friends could be notified.
// Currently the only realistic fixes are to use a reliable server - which precludes shared hosting,
// or cut back on plugins which do remote deliveries.
proc_run('php', "include/notifier.php", $notify_type, "{$post_id}");
logger('post_complete');
// figure out how to return, depending on from whence we came
if ($api_source) {
return;
}
if ($return_path) {
goaway($a->get_baseurl() . "/" . $return_path);
}
$json = array('success' => 1);
if (x($_POST, 'jsreload') && strlen($_POST['jsreload'])) {
$json['reload'] = $a->get_baseurl() . '/' . $_POST['jsreload'];
}
logger('post_json: ' . print_r($json, true), LOGGER_DEBUG);
echo json_encode($json);
killme();
// NOTREACHED
}
function libertree_send(&$a, &$b)
{
logger('libertree_send: invoked');
if ($b['deleted'] || $b['private'] || $b['created'] !== $b['edited']) {
return;
}
if (!strstr($b['postopts'], 'libertree')) {
return;
}
if ($b['parent'] != $b['id']) {
return;
}
$ltree_api_token = get_pconfig($b['uid'], 'libertree', 'libertree_api_token');
$ltree_url = get_pconfig($b['uid'], 'libertree', 'libertree_url');
$ltree_blog = "{$ltree_url}/api/v1/posts/create/?token={$ltree_api_token}";
$ltree_source = $a->get_hostname();
if ($b['app'] != "") {
$ltree_source .= " (" . $b['app'] . ")";
}
if ($ltree_url && $ltree_api_token && $ltree_blog && $ltree_source) {
require_once 'include/bb2diaspora.php';
$tag_arr = array();
$tags = '';
$x = preg_match_all('/\\#\\[(.*?)\\](.*?)\\[/', $b['tag'], $matches, PREG_SET_ORDER);
if ($x) {
foreach ($matches as $mtch) {
$tag_arr[] = $mtch[2];
}
}
if (count($tag_arr)) {
$tags = implode(',', $tag_arr);
}
$title = $b['title'];
$body = $b['body'];
// Insert a newline before and after a quote
$body = str_ireplace("[quote", "\n\n[quote", $body);
$body = str_ireplace("[/quote]", "[/quote]\n\n", $body);
// Removal of tags and mentions
// #-tags
$body = preg_replace('/#\\[url\\=(\\w+.*?)\\](\\w+.*?)\\[\\/url\\]/i', '#$2', $body);
// @-mentions
$body = preg_replace('/@\\[url\\=(\\w+.*?)\\](\\w+.*?)\\[\\/url\\]/i', '@$2', $body);
// remove multiple newlines
do {
$oldbody = $body;
$body = str_replace("\n\n\n", "\n\n", $body);
} while ($oldbody != $body);
// convert to markdown
$body = bb2diaspora($body, false, false);
// Adding the title
if (strlen($title)) {
$body = "## " . html_entity_decode($title) . "\n\n" . $body;
}
$params = array('text' => $body, 'source' => $ltree_source);
$result = post_url($ltree_blog, $params);
logger('libertree: ' . $result);
}
}
