function zotfeed_init(&$a)
{
$result = array('success' => false);
$mindate = $_REQUEST['mindate'] ? datetime_convert('UTC', 'UTC', $_REQUEST['mindate']) : '';
if (!$mindate) {
$mindate = datetime_convert('UTC', 'UTC', 'now - 1 month');
}
if (get_config('system', 'block_public') && !get_account_id() && !remote_user()) {
$result['message'] = 'Public access denied';
json_return_and_die($result);
}
$observer = $a->get_observer();
$channel_address = argc() > 1 ? argv(1) : '';
if ($channel_address) {
$r = q("select channel_id, channel_name from channel where channel_address = '%s' and not (channel_pageflags & %d) limit 1", dbesc(argv(1)), intval(PAGE_REMOVED));
} else {
$x = get_sys_channel();
if ($x) {
$r = array($x);
}
}
if (!$r) {
$result['message'] = 'Channel not found.';
json_return_and_die($result);
}
logger('zotfeed request: ' . $r[0]['channel_name'], LOGGER_DEBUG);
$result['messages'] = zot_feed($r[0]['channel_id'], $observer['xchan_hash'], $mindate);
$result['success'] = true;
json_return_and_die($result);
}
function share_init(&$a)
{
$post_id = argc() > 1 ? intval(argv(1)) : 0;
if (!$post_id) {
killme();
}
if (!(local_user() || remote_user())) {
killme();
}
$r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d LIMIT 1", intval($post_id));
if (!$r) {
killme();
}
if ($r[0]['item_private'] && $r[0]['xchan_network'] !== 'rss') {
killme();
}
$sql_extra = item_permissions_sql($r[0]['uid']);
$r = q("select * from item where id = %d {$sql_extra}", intval($post_id));
if (!$r) {
killme();
}
// FIXME - we only share bbcode
if ($r[0]['mimetype'] !== 'text/bbcode') {
killme();
}
// FIXME - eventually we want to post remotely via rpost
// on your home site.
// When that works remove this next bit:
if (!local_user()) {
killme();
}
xchan_query($r);
if (strpos($r[0]['body'], "[/share]") !== false) {
$pos = strpos($r[0]['body'], "[share");
$o = substr($r[0]['body'], $pos);
} else {
$o = "[share author='" . urlencode($r[0]['author']['xchan_name']) . "' profile='" . $r[0]['author']['xchan_url'] . "' avatar='" . $r[0]['author']['xchan_photo_s'] . "' link='" . $r[0]['plink'] . "' posted='" . $r[0]['created'] . "' message_id='" . $r[0]['mid'] . "']\n";
if ($r[0]['title']) {
$o .= '[b]' . $r[0]['title'] . '[/b]' . "\n";
}
$o .= $r[0]['body'];
$o .= "[/share]";
}
if (local_user()) {
echo $o;
killme();
}
$observer = $a->get_observer();
$parsed = $observer['xchan_url'];
if ($parsed) {
$post_url = $parsed['scheme'] . ':' . $parsed['host'] . ($parsed['port'] ? ':' . $parsed['port'] : '') . '/rpost';
// FIXME - we were probably called from JS
// so we don't know the return page.
// in fact we won't be able to load the remote page.
// we might need an iframe
$x = z_post_url($post_url, array('f' => '', 'body' => $o));
killme();
}
}
function auto_redir(&$a, $contact_nick)
{
// prevent looping
if (x($_REQUEST, 'redir') && intval($_REQUEST['redir'])) {
return;
}
if (!$contact_nick || $contact_nick === $a->user['nickname']) {
return;
}
if (local_user()) {
// We need to find out if $contact_nick is a user on this hub, and if so, if I
// am a contact of that user. However, that user may have other contacts with the
// same nickname as me on other hubs or other networks. Exclude these by requiring
// that the contact have a local URL. I will be the only person with my nickname at
// this URL, so if a result is found, then I am a contact of the $contact_nick user.
//
// We also have to make sure that I'm a legitimate contact--I'm not blocked or pending.
$baseurl = $a->get_baseurl();
$domain_st = strpos($baseurl, "://");
if ($domain_st === false) {
return;
}
$baseurl = substr($baseurl, $domain_st + 3);
$nurl = normalise_link($baseurl);
$r = q("SELECT id FROM contact WHERE uid = ( SELECT uid FROM user WHERE nickname = '%s' LIMIT 1 )\n\t\t AND nick = '%s' AND self = 0 AND ( url LIKE '%%%s%%' or nurl LIKE '%%%s%%' ) AND blocked = 0 AND pending = 0 LIMIT 1", dbesc($contact_nick), dbesc($a->user['nickname']), dbesc($baseurl), dbesc($nurl));
if (!$r || !count($r) || $r[0]['id'] == remote_user()) {
return;
}
$r = q("SELECT * FROM contact WHERE nick = '%s'\n\t\t AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1", dbesc($contact_nick), dbesc(NETWORK_DFRN), intval(local_user()), dbesc($baseurl));
if (!($r && count($r))) {
return;
}
$cid = $r[0]['id'];
$dfrn_id = $orig_id = $r[0]['issued-id'] ? $r[0]['issued-id'] : $r[0]['dfrn-id'];
if ($r[0]['duplex'] && $r[0]['issued-id']) {
$orig_id = $r[0]['issued-id'];
$dfrn_id = '1:' . $orig_id;
}
if ($r[0]['duplex'] && $r[0]['dfrn-id']) {
$orig_id = $r[0]['dfrn-id'];
$dfrn_id = '0:' . $orig_id;
}
// ensure that we've got a valid ID. There may be some edge cases with forums and non-duplex mode
// that may have triggered some of the "went to {profile/intro} and got an RSS feed" issues
if (strlen($dfrn_id) < 3) {
return;
}
$sec = random_string();
q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)\n\t\t\tVALUES( %d, %s, '%s', '%s', %d )", intval(local_user()), intval($cid), dbesc($dfrn_id), dbesc($sec), intval(time() + 45));
$url = curPageURL();
logger('auto_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG);
$dest = $url ? '&destination_url=' . $url : '';
goaway($r[0]['poll'] . '?dfrn_id=' . $dfrn_id . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest);
}
return;
}
function community_content(&$a, $update = 0)
{
$o = '';
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (get_config('system', 'no_community_page')) {
notice(t('Not available.') . EOL);
return;
}
require_once "include/bbcode.php";
require_once 'include/security.php';
require_once 'include/conversation.php';
$o .= '<h3>' . t('Community') . '</h3>';
if (!$update) {
nav_set_selected('community');
}
if (x($a->data, 'search')) {
$search = notags(trim($a->data['search']));
} else {
$search = x($_GET, 'search') ? notags(trim(rawurldecode($_GET['search']))) : '';
}
// Here is the way permissions work in this module...
// Only public posts can be shown
// OR your own posts if you are a logged in member
if (!get_config('alt_pager', 'global') && !get_pconfig(local_user(), 'system', 'alt_pager')) {
$r = q("SELECT COUNT(distinct(`item`.`uri`)) AS `total`\n\t\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`\n\t\t\tWHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\t\tAND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' \n\t\t\tAND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''\n\t\t\tAND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0 \n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0");
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
if (!$r[0]['total']) {
info(t('No results.') . EOL);
return $o;
}
}
//$r = q("SELECT distinct(`item`.`uri`)
$r = q("SELECT `item`.`uri`, `item`.*, `item`.`id` AS `item_id`, \n\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,\n\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, \n\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,\n\t\t`user`.`nickname`, `user`.`hidewall`\n\t\tFROM `item` FORCE INDEX (`received`) LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\tLEFT JOIN `user` ON `user`.`uid` = `item`.`uid`\n\t\tWHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\tAND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''\n\t\tAND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' \n\t\tAND `item`.`private` = 0 AND `item`.`wall` = 1 AND `item`.`id` = `item`.`parent`\n\t\tAND `user`.`hidewall` = 0\n\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`self`\n\t\tORDER BY `received` DESC LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
// group by `item`.`uri`
if (!count($r)) {
info(t('No results.') . EOL);
return $o;
}
// we behave the same in message lists as the search module
$o .= conversation($a, $r, 'community', $update);
if (get_config('alt_pager', 'global') || get_pconfig(local_user(), 'system', 'alt_pager')) {
$o .= alt_pager($a, count($r));
} else {
$o .= paginate($a);
}
return $o;
}
function can_write_wall(&$a, $owner)
{
if (!local_user() && !remote_user()) {
return false;
}
if (local_user() && $_SESSION['uid'] == $owner) {
return true;
}
$sql_extra = $a->config['rockstar'] ? '' : sprintf(" AND `readonly` = 0 AND `rel` IN ( %d , %d ) ", intval(DIRECTION_OUT), intval(DIRECTION_BOTH));
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `blocked` = 0 AND `pending` = 0 {$sql_extra} LIMIT 1", intval($_SESSION['visitor_id']));
if (count($r)) {
return true;
}
return false;
}
function redir_init(&$a)
{
$url = x($_GET, 'url') ? $_GET['url'] : '';
$quiet = x($_GET, 'quiet') ? '&quiet=1' : '';
$con_url = x($_GET, 'conurl') ? $_GET['conurl'] : '';
// traditional DFRN
if ($con_url || local_user() && $a->argc > 1 && intval($a->argv[1])) {
if ($con_url) {
$con_url = str_replace('https', 'http', $con_url);
$r = q("SELECT * FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc($con_url), intval(local_user()));
if (!count($r) || $r[0]['network'] !== NETWORK_DFRN) {
goaway(z_root());
}
$cid = $r[0]['id'];
} else {
$cid = $a->argv[1];
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval(local_user()));
if (!count($r) || $r[0]['network'] !== NETWORK_DFRN) {
goaway(z_root());
}
}
$dfrn_id = $orig_id = $r[0]['issued-id'] ? $r[0]['issued-id'] : $r[0]['dfrn-id'];
if ($r[0]['duplex'] && $r[0]['issued-id']) {
$orig_id = $r[0]['issued-id'];
$dfrn_id = '1:' . $orig_id;
}
if ($r[0]['duplex'] && $r[0]['dfrn-id']) {
$orig_id = $r[0]['dfrn-id'];
$dfrn_id = '0:' . $orig_id;
}
$sec = random_string();
q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)\n\t\t\tVALUES( %d, %s, '%s', '%s', %d )", intval(local_user()), intval($cid), dbesc($dfrn_id), dbesc($sec), intval(time() + 45));
logger('mod_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG);
$dest = $url ? '&destination_url=' . $url : '';
goaway($r[0]['poll'] . '?dfrn_id=' . $dfrn_id . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest . $quiet);
}
if (local_user()) {
$handle = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(), '://') + 3);
}
if (remote_user()) {
$handle = $_SESSION['handle'];
}
if ($url) {
$url = str_replace('{zid}', '&zid=' . $handle, $url);
goaway($url);
}
goaway(z_root());
}
function viewcontacts_content(&$a)
{
require_once "mod/proxy.php";
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (!count($a->profile) || $a->profile['hide-friends']) {
notice(t('Permission denied.') . EOL);
return;
}
$o = "";
// tabs
$o .= profile_tabs($a, $is_owner, $a->data['user']['nickname']);
$r = q("SELECT COUNT(*) AS `total` FROM `contact`\n\t\tWHERE `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `hidden` = 0 AND `archive` = 0\n\t\t\tAND `network` IN ('%s', '%s', '%s')", intval($a->profile['uid']), dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
$r = q("SELECT * FROM `contact`\n\t\tWHERE `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `hidden` = 0 AND `archive` = 0\n\t\t\tAND `network` IN ('%s', '%s', '%s')\n\t\tORDER BY `name` ASC LIMIT %d, %d", intval($a->profile['uid']), dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS), intval($a->pager['start']), intval($a->pager['itemspage']));
if (!count($r)) {
info(t('No contacts.') . EOL);
return $o;
}
$contacts = array();
foreach ($r as $rr) {
if ($rr['self']) {
continue;
}
$url = $rr['url'];
// route DFRN profiles through the redirect
$is_owner = local_user() && $a->profile['profile_uid'] == local_user() ? true : false;
if ($is_owner && $rr['network'] === NETWORK_DFRN && $rr['rel']) {
$url = 'redir/' . $rr['id'];
} else {
$url = zrl($url);
}
$contact_details = get_contact_details_by_url($rr['url'], $a->profile['uid']);
$contacts[] = array('id' => $rr['id'], 'img_hover' => sprintf(t('Visit %s\'s profile [%s]'), $rr['name'], $rr['url']), 'photo_menu' => contact_photo_menu($rr), 'thumb' => proxy_url($rr['thumb'], false, PROXY_SIZE_THUMB), 'name' => htmlentities(substr($rr['name'], 0, 20)), 'username' => htmlentities($rr['name']), 'details' => $contact_details['location'], 'tags' => $contact_details['keywords'], 'about' => $contact_details['about'], 'account_type' => $contact_details['community'] ? t('Forum') : '', 'url' => $url, 'sparkle' => '', 'itemurl' => $contact_details['addr'] != "" ? $contact_details['addr'] : $rr['url'], 'network' => network_to_name($rr['network'], $rr['url']));
}
$tpl = get_markup_template("viewcontact_template.tpl");
$o .= replace_macros($tpl, array('$title' => t('Contacts'), '$contacts' => $contacts, '$paginate' => paginate($a)));
return $o;
}
function oexchange_content(&$a)
{
if (!local_user()) {
if (remote_user()) {
$observer = $a->get_observer();
if ($observer && $observer['xchan_url']) {
$parsed = @parse_url($observer['xchan_url']);
if (!$parsed) {
notice(t('Unable to find your hub.') . EOL);
return;
}
$url = $parsed['scheme'] . '://' . $parsed['host'] . ($parsed['port'] ? ':' . $parsed['port'] : '');
$url .= '/oexchange';
$result = z_post_url($url, $_REQUEST);
json_return_and_die($result);
}
}
return login(false);
}
if (argc() > 1 && argv(1) === 'done') {
info(t('Post successful.') . EOL);
return;
}
$url = x($_REQUEST, 'url') && strlen($_REQUEST['url']) ? urlencode(notags(trim($_REQUEST['url']))) : '';
$title = x($_REQUEST, 'title') && strlen($_REQUEST['title']) ? '&title=' . urlencode(notags(trim($_REQUEST['title']))) : '';
$description = x($_REQUEST, 'description') && strlen($_REQUEST['description']) ? '&description=' . urlencode(notags(trim($_REQUEST['description']))) : '';
$tags = x($_REQUEST, 'tags') && strlen($_REQUEST['tags']) ? '&tags=' . urlencode(notags(trim($_REQUEST['tags']))) : '';
$ret = z_fetch_url($a->get_baseurl() . '/parse_url?f=&url=' . $url . $title . $description . $tags);
if ($ret['success']) {
$s = $ret['body'];
}
if (!strlen($s)) {
return;
}
$post = array();
$post['profile_uid'] = local_user();
$post['return'] = '/oexchange/done';
$post['body'] = $s;
$post['type'] = 'wall';
$_REQUEST = $post;
require_once 'mod/item.php';
item_post($a);
}
function community_content(&$a, $update = 0)
{
$o = '';
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (get_config('system', 'no_community_page')) {
notice(t('Not available.') . EOL);
return;
}
require_once "include/bbcode.php";
require_once 'include/security.php';
require_once 'include/conversation.php';
$o .= '<h3>' . t('Community') . '</h3>';
if (!$update) {
nav_set_selected('community');
$o .= '<div id="live-community"></div>' . "\r\n";
$o .= "<script> var profile_uid = -1; var netargs = '/?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
}
if (x($a->data, 'search')) {
$search = notags(trim($a->data['search']));
} else {
$search = x($_GET, 'search') ? notags(trim(rawurldecode($_GET['search']))) : '';
}
// Here is the way permissions work in this module...
// Only public wall posts can be shown
// OR your own posts if you are a logged in member
$r = q("SELECT COUNT(*) AS `total`\n\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`\n\t\tWHERE `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\tAND `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' \n\t\tAND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0 \n\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 ");
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
if (!$r[0]['total']) {
info(t('No results.') . EOL);
return $o;
}
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, \n\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,\n\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, \n\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,\n\t\t`user`.`nickname`, `user`.`hidewall`\n\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\tLEFT JOIN `user` ON `user`.`uid` = `item`.`uid`\n\t\tWHERE `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\tAND `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' \n\t\tAND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0 \n\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\tORDER BY `received` DESC LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
// we behave the same in message lists as the search module
$o .= conversation($a, $r, 'community', false);
$o .= paginate($a);
$o .= '<div class="cc-license">' . t('Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.') . '</div>';
return $o;
}
function hcard_init(&$a)
{
$blocked = get_config('system', 'block_public') && !local_user() && !remote_user() ? true : false;
if ($a->argc > 1) {
$which = $a->argv[1];
} else {
notice(t('No profile') . EOL);
$a->error = 404;
return;
}
$profile = 0;
if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') {
$which = $a->user['nickname'];
$profile = $a->argv[1];
}
profile_load($a, $which, $profile);
if (x($a->profile, 'page-flags') && $a->profile['page-flags'] == PAGE_COMMUNITY) {
$a->page['htmlhead'] .= '<meta name="friendika.community" content="true" />';
}
if (x($a->profile, 'openidserver')) {
$a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
}
if (x($a->profile, 'openid')) {
$delegate = strstr($a->profile['openid'], '://') ? $a->profile['openid'] : 'http://' . $a->profile['openid'];
$a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\r\n";
}
if (!$blocked) {
$keywords = x($a->profile, 'pub_keywords') ? $a->profile['pub_keywords'] : '';
$keywords = str_replace(array(',', ' ', ',,'), array(' ', ',', ','), $keywords);
if (strlen($keywords)) {
$a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n";
}
}
$a->page['htmlhead'] .= '<meta name="dfrn-global-visibility" content="' . ($a->profile['net-publish'] ? 'true' : 'false') . '" />' . "\r\n";
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/dfrn_poll/' . $which . '" />' . "\r\n";
$uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->get_hostname() . ($a->path ? '/' . $a->path : ''));
$a->page['htmlhead'] .= '<link rel="lrdd" type="application/xrd+xml" href="' . $a->get_baseurl() . '/xrd/?uri=' . $uri . '" />' . "\r\n";
header('Link: <' . $a->get_baseurl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false);
$dfrn_pages = array('request', 'confirm', 'notify', 'poll');
foreach ($dfrn_pages as $dfrn) {
$a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"" . $a->get_baseurl() . "/dfrn_{$dfrn}/{$which}\" />\r\n";
}
}
function viewconnections_content(&$a)
{
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (!count($a->profile) || $a->profile['hide_friends']) {
notice(t('Permission denied.') . EOL);
return;
}
if (!perm_is_allowed($a->profile['uid'], get_observer_hash(), 'view_contacts')) {
notice(t('Permission denied.') . EOL);
return;
}
$is_owner = local_user() && local_user() == $a->profile['uid'] ? true : false;
$abook_flags = ABOOK_FLAG_PENDING | ABOOK_FLAG_SELF;
$xchan_flags = XCHAN_FLAGS_ORPHAN | XCHAN_FLAGS_DELETED;
if (!$is_owner) {
$abook_flags = $abook_flags | ABOOK_FLAG_HIDDEN;
$xchan_flags = $xchan_flags | XCHAN_FLAGS_HIDDEN;
}
$r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d ) and not ( xchan_flags & %d ) ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags));
if ($r) {
$a->set_pager_total($r[0]['total']);
}
$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ", intval($a->profile['uid']), intval($abook_flags), intval($xchan_flags), intval($a->pager['start']), intval($a->pager['itemspage']));
if (!$r) {
info(t('No connections.') . EOL);
return $o;
}
$contacts = array();
foreach ($r as $rr) {
$url = chanlink_url($rr['xchan_url']);
if ($url) {
$contacts[] = array('id' => $rr['abook_id'], 'archived' => $rr['abook_flags'] & ABOOK_FLAG_ARCHIVED ? true : false, 'img_hover' => sprintf(t('Visit %s\'s profile [%s]'), $rr['xchan_name'], $rr['xchan_url']), 'thumb' => $rr['xchan_photo_m'], 'name' => substr($rr['xchan_name'], 0, 20), 'username' => $rr['xchan_addr'], 'link' => $url, 'sparkle' => '', 'itemurl' => $rr['url'], 'network' => '');
}
}
$tpl = get_markup_template("viewcontact_template.tpl");
$o .= replace_macros($tpl, array('$title' => t('View Connnections'), '$contacts' => $contacts, '$paginate' => paginate($a)));
return $o;
}
function search_content(&$a)
{
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
nav_set_selected('search');
require_once "include/bbcode.php";
require_once 'include/security.php';
require_once 'include/conversation.php';
$o = '<div id="live-search"></div>' . "\r\n";
$o .= '<h3>' . t('Search This Site') . '</h3>';
if (x($a->data, 'search')) {
$search = notags(trim($a->data['search']));
} else {
$search = x($_GET, 'search') ? notags(trim(rawurldecode($_GET['search']))) : '';
}
$o .= search($search, 'search-box', '/search', local_user() ? true : false);
if (!$search) {
return $o;
}
// Here is the way permissions work in the search module...
// Only public wall posts can be shown
// OR your own posts if you are a logged in member
$s_regx = sprintf("AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' )", dbesc(preg_quote($search)), dbesc('\\]' . preg_quote($search) . '\\['));
$search_alg = $s_regx;
$r = q("SELECT COUNT(*) AS `total`\n\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`\n\t\tWHERE `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\tAND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0) \n\t\t\tOR `item`.`uid` = %d )\n\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t{$search_alg} ", intval(local_user()));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
if (!$r[0]['total']) {
info(t('No results.') . EOL);
return $o;
}
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, \n\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,\n\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, \n\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,\n\t\t`user`.`nickname`\n\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\tLEFT JOIN `user` ON `user`.`uid` = `item`.`uid`\n\t\tWHERE `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\tAND (( `wall` = 1 AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `user`.`hidewall` = 0 ) \n\t\t\tOR `item`.`uid` = %d )\n\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t{$search_alg}\n\t\tORDER BY `received` DESC LIMIT %d , %d ", intval(local_user()), intval($a->pager['start']), intval($a->pager['itemspage']));
$o .= '<h2>Search results for: ' . $search . '</h2>';
$o .= conversation($a, $r, 'search', false);
$o .= paginate($a);
return $o;
}
function viewcontacts_content(&$a)
{
require_once "mod/proxy.php";
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (!count($a->profile) || $a->profile['hide-friends']) {
notice(t('Permission denied.') . EOL);
return;
}
$r = q("SELECT COUNT(*) as `total` FROM `contact` WHERE `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `hidden` = 0 AND `archive` = 0 ", intval($a->profile['uid']));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `hidden` = 0 AND `archive` = 0 ORDER BY `name` ASC LIMIT %d , %d ", intval($a->profile['uid']), intval($a->pager['start']), intval($a->pager['itemspage']));
if (!count($r)) {
info(t('No contacts.') . EOL);
return $o;
}
$contacts = array();
foreach ($r as $rr) {
if ($rr['self']) {
continue;
}
$url = $rr['url'];
// route DFRN profiles through the redirect
$is_owner = local_user() && $a->profile['profile_uid'] == local_user() ? true : false;
if ($is_owner && $rr['network'] === NETWORK_DFRN && $rr['rel']) {
$url = 'redir/' . $rr['id'];
} else {
$url = zrl($url);
}
$contacts[] = array('id' => $rr['id'], 'img_hover' => sprintf(t('Visit %s\'s profile [%s]'), $rr['name'], $rr['url']), 'thumb' => proxy_url($rr['thumb']), 'name' => substr($rr['name'], 0, 20), 'username' => $rr['name'], 'url' => $url, 'sparkle' => '', 'itemurl' => $rr['url'], 'network' => network_to_name($rr['network'], $rr['url']));
}
$tpl = get_markup_template("viewcontact_template.tpl");
$o .= replace_macros($tpl, array('$title' => t('View Contacts'), '$contacts' => $contacts, '$paginate' => paginate($a)));
return $o;
}
function profile_content(&$a, $update = 0)
{
if (get_config('system', 'block_public') && !get_account_id() && !remote_user()) {
return login();
}
$groups = array();
$tab = 'profile';
$o = '';
if (!perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_profile')) {
notice(t('Permission denied.') . EOL);
return;
}
$is_owner = local_user() && local_user() == $a->profile['profile_uid'] ? true : false;
if ($a->profile['hidewall'] && !$is_owner && !remote_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
$o .= advanced_profile($a);
call_hooks('profile_advanced', $o);
return $o;
}
function viewcontacts_content(&$a)
{
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (!count($a->profile) || $a->profile['hide-friends']) {
notice(t('Permission denied.') . EOL);
return;
}
$o .= '<h3>' . t('View Contacts') . '</h3>';
$r = q("SELECT COUNT(*) as `total` FROM `contact` WHERE `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `hidden` = 0 ", intval($a->profile['uid']));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `hidden` = 0 ORDER BY `name` ASC LIMIT %d , %d ", intval($a->profile['uid']), intval($a->pager['start']), intval($a->pager['itemspage']));
if (!count($r)) {
info(t('No contacts.') . EOL);
return $o;
}
$tpl = get_markup_template("viewcontact_template.tpl");
foreach ($r as $rr) {
if ($rr['self']) {
continue;
}
$url = $rr['url'];
// route DFRN profiles through the redirect
$is_owner = local_user() && $a->profile['profile_uid'] == local_user() ? true : false;
if ($is_owner && $rr['network'] === NETWORK_DFRN && $rr['rel']) {
$url = 'redir/' . $rr['id'];
}
$o .= replace_macros($tpl, array('$id' => $rr['id'], '$alt_text' => sprintf(t('Visit %s\'s profile [%s]'), $rr['name'], $rr['url']), '$thumb' => $rr['thumb'], '$name' => substr($rr['name'], 0, 20), '$username' => $rr['name'], '$url' => $url));
}
$o .= '<div id="view-contact-end"></div>';
$o .= paginate($a);
return $o;
}
function permissions_sql($owner_id, $remote_verified = false, $groups = null)
{
$local_user = local_user();
$remote_user = remote_user();
/**
* Construct permissions
*
* default permissions - anonymous user
*/
$sql = " AND allow_cid = '' \n\t\t\t AND allow_gid = '' \n\t\t\t AND deny_cid = '' \n\t\t\t AND deny_gid = '' \n\t";
/**
* Profile owner - everything is visible
*/
if ($local_user && $local_user == $owner_id) {
$sql = '';
} elseif ($remote_user) {
if (!$remote_verified) {
$r = q("SELECT id FROM contact WHERE id = %d AND uid = %d AND blocked = 0 LIMIT 1", intval($remote_user), intval($owner_id));
if (count($r)) {
$remote_verified = true;
$groups = init_groups_visitor($remote_user);
}
}
if ($remote_verified) {
$gs = '<<>>';
// should be impossible to match
if (is_array($groups) && count($groups)) {
foreach ($groups as $g) {
$gs .= '|<' . intval($g) . '>';
}
}
$sql = sprintf(" AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) \n\t\t\t\t AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) \n\t\t\t\t AND ( allow_gid = '' OR allow_gid REGEXP '%s' )\n\t\t\t\t AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s') \n\t\t\t\t", intval($remote_user), intval($remote_user), dbesc($gs), dbesc($gs));
}
}
return $sql;
}
function dfrn_poll_init(&$a)
{
$dfrn_id = x($_GET, 'dfrn_id') ? $_GET['dfrn_id'] : '';
$type = x($_GET, 'type') ? $_GET['type'] : 'data';
$last_update = x($_GET, 'last_update') ? $_GET['last_update'] : '';
$destination_url = x($_GET, 'destination_url') ? $_GET['destination_url'] : '';
$challenge = x($_GET, 'challenge') ? $_GET['challenge'] : '';
$sec = x($_GET, 'sec') ? $_GET['sec'] : '';
$dfrn_version = x($_GET, 'dfrn_version') ? (double) $_GET['dfrn_version'] : 2.0;
$perm = x($_GET, 'perm') ? $_GET['perm'] : 'r';
$direction = -1;
if (strpos($dfrn_id, ':') == 1) {
$direction = intval(substr($dfrn_id, 0, 1));
$dfrn_id = substr($dfrn_id, 2);
}
if ($dfrn_id === '' && !x($_POST, 'dfrn_id') && $a->argc > 1) {
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
killme();
}
$r = q("SELECT `hidewall` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1", dbesc($a->argv[1]));
if (count($r) && $r[0]['hidewall']) {
killme();
}
logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR']);
header("Content-type: application/atom+xml");
$o = get_feed_for($a, '', $a->argv[1], $last_update);
echo $o;
killme();
}
if ($type === 'profile' && !strlen($sec)) {
$sql_extra = '';
switch ($direction) {
case -1:
$sql_extra = sprintf(" AND ( `dfrn-id` = '%s' OR `issued-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '1:' . $dfrn_id;
break;
case 1:
$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '0:' . $dfrn_id;
break;
default:
goaway(z_root());
break;
// NOTREACHED
}
$r = q("SELECT `contact`.*, `user`.`username`, `user`.`nickname` \n\t\t\tFROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\t\tWHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 \n\t\t\tAND `user`.`nickname` = '%s' {$sql_extra} LIMIT 1", dbesc($a->argv[1]));
if (count($r)) {
$s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check');
logger("dfrn_poll: old profile returns " . $s, LOGGER_DATA);
if (strlen($s)) {
$xml = parse_xml_string($s);
if ((int) $xml->status == 1) {
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['id'];
$_SESSION['visitor_home'] = $r[0]['url'];
$_SESSION['visitor_visiting'] = $r[0]['uid'];
info(sprintf(t('%s welcomes %s'), $r[0]['username'], $r[0]['name']) . EOL);
// Visitors get 1 day session.
$session_id = session_id();
$expire = time() + 86400;
q("UPDATE `session` SET `expire` = '%s' WHERE `sid` = '%s' LIMIT 1", dbesc($expire), dbesc($session_id));
}
}
$profile = $r[0]['nickname'];
goaway(strlen($destination_url) ? $destination_url : $a->get_baseurl() . '/profile/' . $profile);
}
goaway(z_root());
}
if ($type === 'profile-check' && $dfrn_version < 2.2) {
if (strlen($challenge) && strlen($sec)) {
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1", dbesc($sec));
if (!count($r)) {
xml_status(3, 'No ticket');
// NOTREACHED
}
$orig_id = $r[0]['dfrn_id'];
if (strpos($orig_id, ':')) {
$orig_id = substr($orig_id, 2);
}
$c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($r[0]['cid']));
if (!count($c)) {
xml_status(3, 'No profile');
}
$contact = $c[0];
$sent_dfrn_id = hex2bin($dfrn_id);
$challenge = hex2bin($challenge);
$final_dfrn_id = '';
if ($contact['duplex'] && strlen($contact['prvkey'])) {
openssl_private_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['prvkey']);
openssl_private_decrypt($challenge, $decoded_challenge, $contact['prvkey']);
} else {
openssl_public_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['pubkey']);
openssl_public_decrypt($challenge, $decoded_challenge, $contact['pubkey']);
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if (strpos($final_dfrn_id, ':') == 1) {
$final_dfrn_id = substr($final_dfrn_id, 2);
}
if ($final_dfrn_id != $orig_id) {
logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG);
// did not decode properly - cannot trust this site
xml_status(3, 'Bad decryption');
}
header("Content-type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?><dfrn_poll><status>0</status><challenge>{$decoded_challenge}</challenge><sec>{$sec}</sec></dfrn_poll>";
killme();
// NOTREACHED
} else {
// old protocol
switch ($direction) {
case 1:
$dfrn_id = '0:' . $dfrn_id;
break;
case 0:
$dfrn_id = '1:' . $dfrn_id;
break;
default:
break;
}
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `dfrn_id` = '%s' ORDER BY `expire` DESC", dbesc($dfrn_id));
if (count($r)) {
xml_status(1);
return;
// NOTREACHED
}
xml_status(0);
return;
// NOTREACHED
}
}
}
function profile_content(&$a, $update = 0)
{
$category = $datequery = $datequery2 = '';
if ($a->argc > 2) {
for ($x = 2; $x < $a->argc; $x++) {
if (is_a_date_arg($a->argv[$x])) {
if ($datequery) {
$datequery2 = escape_tags($a->argv[$x]);
} else {
$datequery = escape_tags($a->argv[$x]);
}
} else {
$category = $a->argv[$x];
}
}
}
if (!x($category)) {
$category = x($_GET, 'category') ? $_GET['category'] : '';
}
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
return login();
}
require_once "include/bbcode.php";
require_once 'include/security.php';
require_once 'include/conversation.php';
require_once 'include/acl_selectors.php';
require_once 'include/items.php';
$groups = array();
$tab = 'posts';
$o = '';
if ($update) {
// Ensure we've got a profile owner if updating.
$a->profile['profile_uid'] = $update;
} else {
if ($a->profile['profile_uid'] == local_user()) {
nav_set_selected('home');
}
}
$contact = null;
$remote_contact = false;
$contact_id = 0;
if (is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $a->profile['profile_uid']) {
$contact_id = $v['cid'];
break;
}
}
}
if ($contact_id) {
$groups = init_groups_visitor($contact_id);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval($a->profile['profile_uid']));
if (count($r)) {
$contact = $r[0];
$remote_contact = true;
}
}
if (!$remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
}
}
$is_owner = local_user() && local_user() == $a->profile['profile_uid'] ? true : false;
if ($a->profile['hidewall'] && !$is_owner && !$remote_contact) {
notice(t('Access to this profile has been restricted.') . EOL);
return;
}
if (!$update) {
if (x($_GET, 'tab')) {
$tab = notags(trim($_GET['tab']));
}
$o .= profile_tabs($a, $is_owner, $a->profile['nickname']);
if ($tab === 'profile') {
$o .= advanced_profile($a);
call_hooks('profile_advanced', $o);
return $o;
}
$o .= common_friends_visitor_widget($a->profile['profile_uid']);
if (x($_SESSION, 'new_member') && $_SESSION['new_member'] && $is_owner) {
$o .= '<a href="newmember" id="newmember-tips" style="font-size: 1.2em;"><b>' . t('Tips for New Members') . '</b></a>' . EOL;
}
$commpage = $a->profile['page-flags'] == PAGE_COMMUNITY ? true : false;
$commvisitor = $commpage && $remote_contact == true ? true : false;
$a->page['aside'] .= posted_date_widget($a->get_baseurl(true) . '/profile/' . $a->profile['nickname'], $a->profile['profile_uid'], true);
$a->page['aside'] .= categories_widget($a->get_baseurl(true) . '/profile/' . $a->profile['nickname'], x($category) ? xmlify($category) : '');
if (can_write_wall($a, $a->profile['profile_uid'])) {
$x = array('is_owner' => $is_owner, 'allow_location' => ($is_owner || $commvisitor) && $a->profile['allow_location'] ? true : false, 'default_location' => $is_owner ? $a->user['default-location'] : '', 'nickname' => $a->profile['nickname'], 'lockstate' => is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock', 'acl' => $is_owner ? populate_acl($a->user, true) : '', 'bang' => '', 'visitor' => $is_owner || $commvisitor ? 'block' : 'none', 'profile_uid' => $a->profile['profile_uid'], 'acl_data' => $is_owner ? construct_acl_data($a, $a->user) : '');
$o .= status_editor($a, $x);
}
}
/**
* Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
*/
$sql_extra = item_permissions_sql($a->profile['profile_uid'], $remote_contact, $groups);
if ($update) {
$r = q("SELECT distinct(parent) AS `item_id`, `item`.`network` AS `item_network`,\n\t\t\t`contact`.`uid` AS `contact-uid`\n\t\t\tFROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND\n\t\t\t(`item`.`deleted` = 0 OR item.verb = '" . ACTIVITY_LIKE . "' OR item.verb = '" . ACTIVITY_DISLIKE . "')\n\t\t\tand `item`.`moderated` = 0 and `item`.`unseen` = 1\n\t\t\tAND `item`.`wall` = 1\n\t\t\t{$sql_extra}\n\t\t\tORDER BY `item`.`created` DESC", intval($a->profile['profile_uid']));
} else {
$sql_post_table = "";
if (x($category)) {
$sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ", dbesc(protect_sprintf($category)), intval(TERM_OBJ_POST), intval(TERM_CATEGORY), intval($a->profile['profile_uid']));
//$sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category'));
}
if ($datequery) {
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
}
if ($datequery2) {
$sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
}
if (get_config('system', 'old_pager')) {
$r = q("SELECT COUNT(*) AS `total`\n\t\t\t FROM `thread` INNER JOIN `item` ON `item`.`id` = `thread`.`iid`\n\t\t\t {$sql_post_table} INNER JOIN `contact` ON `contact`.`id` = `thread`.`contact-id`\n\t\t\t AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t WHERE `thread`.`uid` = %d AND `thread`.`visible` = 1 AND `thread`.`deleted` = 0\n\t\t\t and `thread`.`moderated` = 0\n\t\t\t AND `thread`.`wall` = 1\n\t\t\t {$sql_extra} {$sql_extra2} ", intval($a->profile['profile_uid']));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
}
// check if we serve a mobile device and get the user settings
// accordingly
if ($a->is_mobile) {
$itemspage_network = get_pconfig(local_user(), 'system', 'itemspage_mobile_network');
$itemspage_network = intval($itemspage_network) ? $itemspage_network : 20;
} else {
$itemspage_network = get_pconfig(local_user(), 'system', 'itemspage_network');
$itemspage_network = intval($itemspage_network) ? $itemspage_network : 40;
}
// now that we have the user settings, see if the theme forces
// a maximum item number which is lower then the user choice
if ($a->force_max_items > 0 && $a->force_max_items < $itemspage_network) {
$itemspage_network = $a->force_max_items;
}
$a->set_pager_itemspage($itemspage_network);
$pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
$r = q("SELECT `thread`.`iid` AS `item_id`, `thread`.`network` AS `item_network`,\n\t\t\t`thread`.`uid` AS `contact-uid`\n\t\t\tFROM `thread` INNER JOIN `item` ON `item`.`id` = `thread`.`iid`\n\t\t\t{$sql_post_table} INNER JOIN `contact` ON `contact`.`id` = `thread`.`contact-id`\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\tWHERE `thread`.`uid` = %d AND `thread`.`visible` = 1 AND `thread`.`deleted` = 0\n\t\t\tand `thread`.`moderated` = 0\n\t\t\tAND `thread`.`wall` = 1\n\t\t\t{$sql_extra} {$sql_extra2}\n\t\t\tORDER BY `thread`.`created` DESC {$pager_sql} ", intval($a->profile['profile_uid']));
}
$parents_arr = array();
$parents_str = '';
if (count($r)) {
foreach ($r as $rr) {
$parents_arr[] = $rr['item_id'];
}
$parents_str = implode(', ', $parents_arr);
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,\n\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`network`, `contact`.`rel`,\n\t\t\t`contact`.`thumb`, `contact`.`self`, `contact`.`writable`,\n\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\tFROM `item`, `contact`\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\tand `item`.`moderated` = 0\n\t\t\tAND `contact`.`id` = `item`.`contact-id`\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t{$sql_extra} ", intval($a->profile['profile_uid']), dbesc($parents_str));
$items = conv_sort($items, 'created');
} else {
$items = array();
}
if ($is_owner && !$update && !get_config('theme', 'hide_eventlist')) {
$o .= get_birthdays();
$o .= get_events();
}
if ($is_owner) {
$r = q("UPDATE `item` SET `unseen` = 0\n\t\t\tWHERE `wall` = 1 AND `unseen` = 1 AND `uid` = %d", intval(local_user()));
}
$o .= conversation($a, $items, 'profile', $update);
if (!$update) {
if (!get_config('system', 'old_pager')) {
$o .= alt_pager($a, count($items));
} else {
$o .= paginate($a);
}
}
return $o;
}
function item_permissions_sql($owner_id, $remote_verified = false, $groups = null)
{
if (defined('STATUSNET_PRIVACY_COMPATIBILITY')) {
return '';
}
$local_user = local_user();
$remote_user = remote_user();
/**
* Construct permissions
*
* default permissions - anonymous user
*/
$sql = " AND not item_private ";
/**
* Profile owner - everything is visible
*/
if ($local_user && $local_user == $owner_id) {
$sql = '';
} else {
$observer = get_observer_hash();
if ($observer) {
$groups = init_groups_visitor($observer);
$gs = '<<>>';
// should be impossible to match
if (is_array($groups) && count($groups)) {
foreach ($groups as $g) {
$gs .= '|<' . $g . '>';
}
}
$sql = sprintf(" AND ( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')\n\t\t\t\t AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )\n\t\t\t\t )\n\t\t\t\t", dbesc(protect_sprintf('%<' . $observer . '>%')), dbesc($gs), dbesc(protect_sprintf('%<' . $observer . '>%')), dbesc($gs));
}
}
return $sql;
}
function tagger_content(&$a)
{
if (!local_user() && !remote_user()) {
return;
}
$term = notags(trim($_GET['term']));
// no commas allowed
$term = str_replace(array(',', ' '), array('', '_'), $term);
if (!$term) {
return;
}
$item_id = $a->argc > 1 ? notags(trim($a->argv[1])) : 0;
logger('tagger: tag ' . $term . ' item ' . $item_id);
$r = q("SELECT * FROM `item` WHERE `id` = '%s' LIMIT 1", dbesc($item_id));
if (!$item_id || !count($r)) {
logger('tagger: no item ' . $item_id);
return;
}
$item = $r[0];
$owner_uid = $item['uid'];
$r = q("select `nickname`,`blocktags` from user where uid = %d limit 1", intval($owner_uid));
if (count($r)) {
$owner_nick = $r[0]['nickname'];
$blocktags = $r[0]['blocktags'];
}
if (local_user() != $owner_uid) {
return;
}
if (remote_user()) {
$r = q("select * from contact where id = %d AND `uid` = %d limit 1", intval(remote_user()), intval($item['uid']));
} else {
$r = q("select * from contact where self = 1 and uid = %d limit 1", intval(local_user()));
}
if (count($r)) {
$contact = $r[0];
} else {
logger('tagger: no contact_id');
return;
}
$uri = item_new_uri($a->get_hostname(), $owner_uid);
$post_type = $item['resource-id'] ? t('photo') : t('status');
$targettype = $item['resource-id'] ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE;
$link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n");
$body = $item['body'];
$target = <<<EOT
\t<target>
\t\t<type>{$targettype}</type>
\t\t<local>1</local>
\t\t<id>{$item['uri']}</id>
\t\t<link>{$link}</link>
\t\t<title></title>
\t\t<content>{$body}</content>
\t</target>
EOT;
$tagid = $a->get_baseurl() . '/search?search=' . $term;
$objtype = ACTIVITY_OBJ_TAGTERM;
$obj = <<<EOT
\t<object>
\t\t<type>{$objtype}</type>
\t\t<local>1</local>
\t\t<id>{$tagid}</id>
\t\t<link>{$tagid}</link>
\t\t<title>{$term}</title>
\t\t<content>{$term}</content>
\t</object>
EOT;
$bodyverb = t('%1$s tagged %2$s\'s %3$s with %4$s');
if (!isset($bodyverb)) {
return;
}
$termlink = html_entity_decode('⌗') . '[url=' . $a->get_baseurl() . '/search?search=' . urlencode($term) . ']' . $term . '[/url]';
$arr = array();
$arr['uri'] = $uri;
$arr['uid'] = $owner_uid;
$arr['contact-id'] = $contact['id'];
$arr['type'] = 'activity';
$arr['wall'] = $item['wall'];
$arr['gravity'] = GRAVITY_COMMENT;
$arr['parent'] = $item['id'];
$arr['parent-uri'] = $item['uri'];
$arr['owner-name'] = $item['author-name'];
$arr['owner-link'] = $item['author-link'];
$arr['owner-avatar'] = $item['author-avatar'];
$arr['author-name'] = $contact['name'];
$arr['author-link'] = $contact['url'];
$arr['author-avatar'] = $contact['thumb'];
$ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
$alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
$plink = '[url=' . $item['plink'] . ']' . $post_type . '[/url]';
$arr['body'] = sprintf($bodyverb, $ulink, $alink, $plink, $termlink);
$arr['verb'] = ACTIVITY_TAG;
$arr['target-type'] = $targettype;
$arr['target'] = $target;
$arr['object-type'] = $objtype;
$arr['object'] = $obj;
$arr['allow_cid'] = $item['allow_cid'];
$arr['allow_gid'] = $item['allow_gid'];
$arr['deny_cid'] = $item['deny_cid'];
$arr['deny_gid'] = $item['deny_gid'];
$arr['visible'] = 1;
$arr['unseen'] = 1;
$arr['last-child'] = 1;
$arr['origin'] = 1;
$post_id = item_store($arr);
q("UPDATE `item` set plink = '%s' where id = %d limit 1", dbesc($a->get_baseurl() . '/display/' . $owner_nick . '/' . $post_id), intval($post_id));
if (!$item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item['id']), intval($owner_uid));
}
if (!$blocktags && !stristr($item['tag'], ']' . $term . '[')) {
q("update item set tag = '%s' where id = %d limit 1", dbesc($item['tag'] . (strlen($item['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?search=' . $term . ']' . $term . '[/url]'), intval($item['id']));
}
// if the original post is on this site, update it.
$r = q("select `tag`,`id`,`uid` from item where `origin` = 1 AND `uri` = '%s' LIMIT 1", dbesc($item['uri']));
if (count($r)) {
$x = q("SELECT `blocktags` FROM `user` WHERE `uid` = %d limit 1", intval($r[0]['uid']));
if (count($x) && !$x[0]['blocktags'] && !stristr($r[0]['tag'], ']' . $term . '[')) {
q("update item set tag = '%s' where id = %d limit 1", dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $a->get_baseurl() . '/search?search=' . $term . ']' . $term . '[/url]'), intval($r[0]['id']));
}
}
$arr['id'] = $post_id;
call_hooks('post_local_end', $arr);
proc_run('php', "include/notifier.php", "tag", "{$post_id}");
killme();
return;
// NOTREACHED
}
function wall_upload_post(&$a, $desktopmode = true)
{
logger("wall upload: starting new upload", LOGGER_DEBUG);
$r_json = x($_GET, 'response') && $_GET['response'] == 'json';
if ($a->argc > 1) {
if (!x($_FILES, 'media')) {
$nick = $a->argv[1];
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($nick));
if (!count($r)) {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
return;
}
} else {
$user_info = api_get_user($a);
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($user_info['screen_name']));
}
} else {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
return;
}
$can_post = false;
$visitor = 0;
$page_owner_uid = $r[0]['uid'];
$default_cid = $r[0]['id'];
$page_owner_nick = $r[0]['nickname'];
$community_page = $r[0]['page-flags'] == PAGE_COMMUNITY ? true : false;
if (local_user() && local_user() == $page_owner_uid) {
$can_post = true;
} else {
if ($community_page && remote_user()) {
$cid = 0;
if (is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $page_owner_uid) {
$cid = $v['cid'];
break;
}
}
}
if ($cid) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval($page_owner_uid));
if (count($r)) {
$can_post = true;
$visitor = $cid;
}
}
}
}
if (!$can_post) {
if ($r_json) {
echo json_encode(['error' => t('Permission denied.')]);
killme();
}
notice(t('Permission denied.') . EOL);
killme();
}
if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
killme();
}
$src = "";
if (x($_FILES, 'userfile')) {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type'];
} elseif (x($_FILES, 'media')) {
if (is_array($_FILES['media']['tmp_name'])) {
$src = $_FILES['media']['tmp_name'][0];
} else {
$src = $_FILES['media']['tmp_name'];
}
if (is_array($_FILES['media']['name'])) {
$filename = basename($_FILES['media']['name'][0]);
} else {
$filename = basename($_FILES['media']['name']);
}
if (is_array($_FILES['media']['size'])) {
$filesize = intval($_FILES['media']['size'][0]);
} else {
$filesize = intval($_FILES['media']['size']);
}
if (is_array($_FILES['media']['type'])) {
$filetype = $_FILES['media']['type'][0];
} else {
$filetype = $_FILES['media']['type'];
}
}
if ($src == "") {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
notice(t('Invalid request.') . EOL);
killme();
}
// This is a special treatment for picture upload from Twidere
if ($filename == "octet-stream" and $filetype != "") {
$filename = $filetype;
$filetype = "";
}
if ($filetype == "") {
$filetype = guess_image_type($filename);
}
// If there is a temp name, then do a manual check
// This is more reliable than the provided value
$imagedata = getimagesize($src);
if ($imagedata) {
$filetype = $imagedata['mime'];
}
logger("File upload src: " . $src . " - filename: " . $filename . " - size: " . $filesize . " - type: " . $filetype, LOGGER_DEBUG);
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
$msg = sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize));
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
@unlink($src);
killme();
}
$r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ", intval($page_owner_uid));
$limit = service_class_fetch($page_owner_uid, 'photo_upload_limit');
if ($limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) {
$msg = upgrade_message(true);
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
@unlink($src);
killme();
}
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata, $filetype);
if (!$ph->is_valid()) {
$msg = t('Unable to process image.');
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
@unlink($src);
killme();
}
$ph->orient($src);
@unlink($src);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
logger("File upload: Scaling picture to new size " . $max_length, LOGGER_DEBUG);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$hash = photo_new_resource();
$smallest = 0;
$defperm = '<' . $default_cid . '>';
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm);
if (!$r) {
$msg = t('Image upload failed.');
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
killme();
}
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm);
if ($r) {
$smallest = 1;
}
}
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm);
if ($r and $smallest == 0) {
$smallest = 2;
}
}
$basename = basename($filename);
if (!$desktopmode) {
$r = q("SELECT `id`, `datasize`, `width`, `height`, `type` FROM `photo` WHERE `resource-id` = '%s' ORDER BY `width` DESC LIMIT 1", $hash);
if (!$r) {
if ($r_json) {
echo json_encode(['error' => '']);
killme();
}
return false;
}
$picture = array();
$picture["id"] = $r[0]["id"];
$picture["size"] = $r[0]["datasize"];
$picture["width"] = $r[0]["width"];
$picture["height"] = $r[0]["height"];
$picture["type"] = $r[0]["type"];
$picture["albumpage"] = $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash;
$picture["picture"] = $a->get_baseurl() . "/photo/{$hash}-0." . $ph->getExt();
$picture["preview"] = $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt();
if ($r_json) {
echo json_encode(['picture' => $picture]);
killme();
}
return $picture;
}
if ($r_json) {
echo json_encode(['ok' => true]);
killme();
}
/* mod Waitman Gobble NO WARRANTY */
//if we get the signal then return the image url info in BBCODE, otherwise this outputs the info and bails (for the ajax image uploader on wall post)
if ($_REQUEST['hush'] != 'yeah') {
if (local_user() && (!feature_enabled(local_user(), 'richtext') || x($_REQUEST['nomce']))) {
echo "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]\n\n";
} else {
echo '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "\" alt=\"{$basename}\" /></a><br /><br />";
}
} else {
$m = '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]";
return $m;
}
/* mod Waitman Gobble NO WARRANTY */
killme();
// NOTREACHED
}
function conversation(&$a, $items, $mode, $update, $preview = false)
{
require_once 'bbcode.php';
$ssl_state = local_user() ? true : false;
$profile_owner = 0;
$page_writeable = false;
$previewing = $preview ? ' preview ' : '';
if ($mode === 'network') {
$profile_owner = local_user();
$page_writeable = true;
}
if ($mode === 'profile') {
$profile_owner = $a->profile['profile_uid'];
$page_writeable = can_write_wall($a, $profile_owner);
}
if ($mode === 'notes') {
$profile_owner = local_user();
$page_writeable = true;
}
if ($mode === 'display') {
$profile_owner = $a->profile['uid'];
$page_writeable = can_write_wall($a, $profile_owner);
}
if ($mode === 'community') {
$profile_owner = 0;
$page_writeable = false;
}
if ($update) {
$return_url = $_SESSION['return_url'];
} else {
$return_url = $_SESSION['return_url'] = $a->query_string;
}
load_contact_links(local_user());
$cb = array('items' => $items, 'mode' => $mode, 'update' => $update, 'preview' => $preview);
call_hooks('conversation_start', $cb);
$items = $cb['items'];
$cmnt_tpl = get_markup_template('comment_item.tpl');
$tpl = 'wall_item.tpl';
$wallwall = 'wallwall_item.tpl';
$hide_comments_tpl = get_markup_template('hide_comments.tpl');
$alike = array();
$dlike = array();
// array with html for each thread (parent+comments)
$threads = array();
$threadsid = -1;
if ($items && count($items)) {
if ($mode === 'network-new' || $mode === 'search' || $mode === 'community') {
// "New Item View" on network page or search page results
// - just loop through the items and format them minimally for display
//$tpl = get_markup_template('search_item.tpl');
$tpl = 'search_item.tpl';
foreach ($items as $item) {
$threadsid++;
$comment = '';
$owner_url = '';
$owner_photo = '';
$owner_name = '';
$sparkle = '';
if ($mode === 'search' || $mode === 'community') {
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) {
continue;
}
$nickname = $item['nickname'];
} else {
$nickname = $a->user['nickname'];
}
// prevent private email from leaking.
if ($item['network'] === NETWORK_MAIL && local_user() != $item['uid']) {
continue;
}
$profile_name = strlen($item['author-name']) ? $item['author-name'] : $item['name'];
if ($item['author-link'] && !$item['author-name']) {
$profile_name = $item['author-link'];
}
$sp = false;
$profile_link = best_link_url($item, $sp);
if ($profile_link === 'mailbox') {
$profile_link = '';
}
if ($sp) {
$sparkle = ' sparkle';
} else {
$profile_link = zrl($profile_link);
}
$normalised = normalise_link(strlen($item['author-link']) ? $item['author-link'] : $item['url']);
if ($normalised != 'mailbox' && x($a->contacts[$normalised])) {
$profile_avatar = $a->contacts[$normalised]['thumb'];
} else {
$profile_avatar = strlen($item['author-avatar']) ? $item['author-avatar'] : $item['thumb'];
}
$locate = array('location' => $item['location'], 'coord' => $item['coord'], 'html' => '');
call_hooks('render_location', $locate);
$location = strlen($locate['html']) ? $locate['html'] : render_location_google($locate);
localize_item($item);
if ($mode === 'network-new') {
$dropping = true;
} else {
$dropping = false;
}
$drop = array('dropping' => $dropping, 'select' => t('Select'), 'delete' => t('Delete'));
$star = false;
$isstarred = "unstarred";
$lock = false;
$likebuttons = false;
$shareable = false;
$body = prepare_body($item, true);
//$tmp_item = replace_macros($tpl,array(
$tmp_item = array('template' => $tpl, 'id' => $preview ? 'P0' : $item['item_id'], 'linktitle' => sprintf(t('View %s\'s profile @ %s'), $profile_name, strlen($item['author-link']) ? $item['author-link'] : $item['url']), 'profile_url' => $profile_link, 'item_photo_menu' => item_photo_menu($item), 'name' => template_escape($profile_name), 'sparkle' => $sparkle, 'lock' => $lock, 'thumb' => $profile_avatar, 'title' => template_escape($item['title']), 'body' => template_escape($body), 'text' => strip_tags(template_escape($body)), 'ago' => $item['app'] ? sprintf(t('%s from %s'), relative_date($item['created']), $item['app']) : relative_date($item['created']), 'location' => template_escape($location), 'indent' => '', 'owner_name' => template_escape($owner_name), 'owner_url' => $owner_url, 'owner_photo' => $owner_photo, 'plink' => get_plink($item), 'edpost' => false, 'isstarred' => $isstarred, 'star' => $star, 'drop' => $drop, 'vote' => $likebuttons, 'like' => '', 'dislike' => '', 'comment' => '', 'conv' => $preview ? '' : array('href' => $a->get_baseurl($ssl_state) . '/display/' . $nickname . '/' . $item['id'], 'title' => t('View in context')), 'previewing' => $previewing, 'wait' => t('Please wait'));
$arr = array('item' => $item, 'output' => $tmp_item);
call_hooks('display_item', $arr);
$threads[$threadsid]['id'] = $item['item_id'];
$threads[$threadsid]['items'] = array($arr['output']);
}
} else {
// Normal View
// Figure out how many comments each parent has
// (Comments all have gravity of 6)
// Store the result in the $comments array
$comments = array();
foreach ($items as $item) {
if (intval($item['gravity']) == 6 && $item['id'] != $item['parent']) {
if (!x($comments, $item['parent'])) {
$comments[$item['parent']] = 1;
} else {
$comments[$item['parent']] += 1;
}
} elseif (!x($comments, $item['parent'])) {
$comments[$item['parent']] = 0;
}
// avoid notices later on
}
// map all the like/dislike activities for each parent item
// Store these in the $alike and $dlike arrays
foreach ($items as $item) {
like_puller($a, $item, $alike, 'like');
like_puller($a, $item, $dlike, 'dislike');
}
$comments_collapsed = false;
$comments_seen = 0;
$comment_lastcollapsed = false;
$comment_firstcollapsed = false;
$blowhard = 0;
$blowhard_count = 0;
foreach ($items as $item) {
$comment = '';
$template = $tpl;
$commentww = '';
$sparkle = '';
$owner_url = $owner_photo = $owner_name = '';
// We've already parsed out like/dislike for special treatment. We can ignore them now
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) {
continue;
}
$toplevelpost = $item['id'] == $item['parent'] ? true : false;
$toplevelprivate = false;
// Take care of author collapsing and comment collapsing
// (author collapsing is currently disabled)
// If a single author has more than 3 consecutive top-level posts, squash the remaining ones.
// If there are more than two comments, squash all but the last 2.
if ($toplevelpost) {
$toplevelprivate = $toplevelpost && $item['private'] ? true : false;
$item_writeable = $item['writable'] || $item['self'] ? true : false;
$comments_seen = 0;
$comments_collapsed = false;
$comment_lastcollapsed = false;
$comment_firstcollapsed = false;
$threadsid++;
$threads[$threadsid]['id'] = $item['item_id'];
$threads[$threadsid]['private'] = $item['private'];
$threads[$threadsid]['items'] = array();
} else {
// prevent private email reply to public conversation from leaking.
if ($item['network'] === NETWORK_MAIL && local_user() != $item['uid']) {
continue;
}
$comments_seen++;
$comment_lastcollapsed = false;
$comment_firstcollapsed = false;
}
$override_comment_box = $page_writeable && $item_writeable ? true : false;
$show_comment_box = $page_writeable && $item_writeable && $comments_seen == $comments[$item['parent']] ? true : false;
if ($comments[$item['parent']] > 2 && $comments_seen <= $comments[$item['parent']] - 2 && $item['gravity'] == 6) {
if (!$comments_collapsed) {
$threads[$threadsid]['num_comments'] = sprintf(tt('%d comment', '%d comments', $comments[$item['parent']]), $comments[$item['parent']]);
$threads[$threadsid]['hide_text'] = t('show more');
$comments_collapsed = true;
$comment_firstcollapsed = true;
}
}
if ($comments[$item['parent']] > 2 && $comments_seen == $comments[$item['parent']] - 1) {
$comment_lastcollapsed = true;
}
$redirect_url = $a->get_baseurl($ssl_state) . '/redir/' . $item['cid'];
$lock = $item['private'] || $item['uid'] == local_user() && (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) ? t('Private Message') : false;
// Top-level wall post not written by the wall owner (wall-to-wall)
// First figure out who owns it.
$osparkle = '';
if ($toplevelpost && !$item['self'] && $mode !== 'profile') {
if ($item['wall']) {
// On the network page, I am the owner. On the display page it will be the profile owner.
// This will have been stored in $a->page_contact by our calling page.
// Put this person as the wall owner of the wall-to-wall notice.
$owner_url = zrl($a->page_contact['url']);
$owner_photo = $a->page_contact['thumb'];
$owner_name = $a->page_contact['name'];
$template = $wallwall;
$commentww = 'ww';
}
if (!$item['wall'] && $item['owner-link']) {
$owner_linkmatch = $item['owner-link'] && link_compare($item['owner-link'], $item['author-link']);
$alias_linkmatch = $item['alias'] && link_compare($item['alias'], $item['author-link']);
$owner_namematch = $item['owner-name'] && $item['owner-name'] == $item['author-name'];
if (!$owner_linkmatch && !$alias_linkmatch && !$owner_namematch) {
// The author url doesn't match the owner (typically the contact)
// and also doesn't match the contact alias.
// The name match is a hack to catch several weird cases where URLs are
// all over the park. It can be tricked, but this prevents you from
// seeing "Bob Smith to Bob Smith via Wall-to-wall" and you know darn
// well that it's the same Bob Smith.
// But it could be somebody else with the same name. It just isn't highly likely.
$owner_url = $item['owner-link'];
$owner_photo = $item['owner-avatar'];
$owner_name = $item['owner-name'];
$template = $wallwall;
$commentww = 'ww';
// If it is our contact, use a friendly redirect link
if (link_compare($item['owner-link'], $item['url']) && $item['network'] === NETWORK_DFRN) {
$owner_url = $redirect_url;
$osparkle = ' sparkle';
} else {
$owner_url = zrl($owner_url);
}
}
}
}
$likebuttons = '';
$shareable = $profile_owner == local_user() && !$item['private'] ? true : false;
//($mode != 'display') &&
if ($page_writeable) {
if ($toplevelpost) {
$likebuttons = array('like' => array(t("I like this (toggle)"), t("like")), 'dislike' => array(t("I don't like this (toggle)"), t("dislike")));
if ($shareable) {
$likebuttons['share'] = array(t('Share this'), t('share'));
}
}
$qc = $qcomment = null;
if (in_array('qcomment', $a->plugins)) {
$qc = local_user() ? get_pconfig(local_user(), 'qcomment', 'words') : null;
$qcomment = $qc ? explode("\n", $qc) : null;
}
if ($show_comment_box || $show_comment_box == false && $override_comment_box == false && $item['last-child']) {
$comment = replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $mode === 'display' ? $_SESSION['return_url'] : '', '$type' => $mode === 'profile' ? 'wall-comment' : 'net-comment', '$id' => $item['item_id'], '$parent' => $item['parent'], '$qcomment' => $qcomment, '$profile_uid' => $profile_owner, '$mylink' => $a->contact['url'], '$mytitle' => t('This is you'), '$myphoto' => $a->contact['thumb'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$edbold' => t('Bold'), '$editalic' => t('Italic'), '$eduline' => t('Underline'), '$edquote' => t('Quote'), '$edcode' => t('Code'), '$edimg' => t('Image'), '$edurl' => t('Link'), '$edvideo' => t('Video'), '$preview' => t('Preview'), '$ww' => $mode === 'network' ? $commentww : ''));
}
}
if (local_user() && link_compare($a->contact['url'], $item['author-link'])) {
$edpost = array($a->get_baseurl($ssl_state) . "/editpost/" . $item['id'], t("Edit"));
} else {
$edpost = false;
}
$drop = '';
$dropping = false;
if (intval($item['contact-id']) && $item['contact-id'] == remote_user() || $item['uid'] == local_user()) {
$dropping = true;
}
$drop = array('dropping' => $dropping, 'select' => t('Select'), 'delete' => t('Delete'));
$star = false;
$filer = false;
$isstarred = "unstarred";
if ($profile_owner == local_user()) {
if ($toplevelpost) {
$isstarred = $item['starred'] ? "starred" : "unstarred";
$star = array('do' => t("add star"), 'undo' => t("remove star"), 'toggle' => t("toggle star status"), 'classdo' => $item['starred'] ? "hidden" : "", 'classundo' => $item['starred'] ? "" : "hidden", 'starred' => t('starred'), 'tagger' => t("add tag"), 'classtagger' => "");
}
$filer = t("save to folder");
}
$photo = $item['photo'];
$thumb = $item['thumb'];
// Post was remotely authored.
$diff_author = link_compare($item['url'], $item['author-link']) ? false : true;
$profile_name = strlen($item['author-name']) && $diff_author ? $item['author-name'] : $item['name'];
if ($item['author-link'] && !$item['author-name']) {
$profile_name = $item['author-link'];
}
$sp = false;
$profile_link = best_link_url($item, $sp);
if ($profile_link === 'mailbox') {
$profile_link = '';
}
if ($sp) {
$sparkle = ' sparkle';
} else {
$profile_link = zrl($profile_link);
}
$normalised = normalise_link(strlen($item['author-link']) ? $item['author-link'] : $item['url']);
if ($normalised != 'mailbox' && x($a->contacts, $normalised)) {
$profile_avatar = $a->contacts[$normalised]['thumb'];
} else {
$profile_avatar = strlen($item['author-avatar']) && $diff_author ? $item['author-avatar'] : $thumb;
}
$like = x($alike, $item['id']) ? format_like($alike[$item['id']], $alike[$item['id'] . '-l'], 'like', $item['id']) : '';
$dislike = x($dlike, $item['id']) ? format_like($dlike[$item['id']], $dlike[$item['id'] . '-l'], 'dislike', $item['id']) : '';
$locate = array('location' => $item['location'], 'coord' => $item['coord'], 'html' => '');
call_hooks('render_location', $locate);
$location = strlen($locate['html']) ? $locate['html'] : render_location_google($locate);
$indent = $toplevelpost ? '' : ' comment';
if (strcmp(datetime_convert('UTC', 'UTC', $item['created']), datetime_convert('UTC', 'UTC', 'now - 12 hours')) > 0) {
$indent .= ' shiny';
}
//
localize_item($item);
$tags = array();
foreach (explode(',', $item['tag']) as $tag) {
$tag = trim($tag);
if ($tag != "") {
$tags[] = bbcode($tag);
}
}
// Build the HTML
$body = prepare_body($item, true);
//$tmp_item = replace_macros($template,
$tmp_item = array('comment_firstcollapsed' => $comment_firstcollapsed, 'comment_lastcollapsed' => $comment_lastcollapsed, 'template' => $template, 'type' => implode("", array_slice(explode("/", $item['verb']), -1)), 'tags' => $tags, 'body' => template_escape($body), 'text' => strip_tags(template_escape($body)), 'id' => $item['item_id'], 'linktitle' => sprintf(t('View %s\'s profile @ %s'), $profile_name, strlen($item['author-link']) ? $item['author-link'] : $item['url']), 'olinktitle' => sprintf(t('View %s\'s profile @ %s'), $profile_name, strlen($item['owner-link']) ? $item['owner-link'] : $item['url']), 'to' => t('to'), 'wall' => t('Wall-to-Wall'), 'vwall' => t('via Wall-To-Wall:'), 'profile_url' => $profile_link, 'item_photo_menu' => item_photo_menu($item), 'name' => template_escape($profile_name), 'thumb' => $profile_avatar, 'osparkle' => $osparkle, 'sparkle' => $sparkle, 'title' => template_escape($item['title']), 'ago' => $item['app'] ? sprintf(t('%s from %s'), relative_date($item['created']), $item['app']) : relative_date($item['created']), 'lock' => $lock, 'location' => template_escape($location), 'indent' => $indent, 'owner_url' => $owner_url, 'owner_photo' => $owner_photo, 'owner_name' => template_escape($owner_name), 'plink' => get_plink($item), 'edpost' => $edpost, 'isstarred' => $isstarred, 'star' => $star, 'filer' => $filer, 'drop' => $drop, 'vote' => $likebuttons, 'like' => $like, 'dislike' => $dislike, 'comment' => $comment, 'previewing' => $previewing, 'wait' => t('Please wait'));
$arr = array('item' => $item, 'output' => $tmp_item);
call_hooks('display_item', $arr);
$threads[$threadsid]['items'][] = $arr['output'];
}
}
}
$page_template = get_markup_template("conversation.tpl");
$o = replace_macros($page_template, array('$baseurl' => $a->get_baseurl($ssl_state), '$mode' => $mode, '$user' => $a->user, '$threads' => $threads, '$dropping' => $dropping ? t('Delete Selected Items') : False));
return $o;
}
function like_content(&$a)
{
if (!local_user() && !remote_user()) {
return;
}
$verb = notags(trim($_GET['verb']));
if (!$verb) {
$verb = 'like';
}
switch ($verb) {
case 'like':
case 'unlike':
$activity = ACTIVITY_LIKE;
break;
case 'dislike':
case 'undislike':
$activity = ACTIVITY_DISLIKE;
break;
case 'attendyes':
case 'unattendyes':
$activity = ACTIVITY_ATTEND;
break;
case 'attendno':
case 'unattendno':
$activity = ACTIVITY_ATTENDNO;
break;
case 'attendmaybe':
case 'unattendmaybe':
$activity = ACTIVITY_ATTENDMAYBE;
break;
default:
return;
break;
}
$item_id = $a->argc > 1 ? notags(trim($a->argv[1])) : 0;
logger('like: verb ' . $verb . ' item ' . $item_id);
$r = q("SELECT * FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1", dbesc($item_id), dbesc($item_id));
if (!$item_id || !count($r)) {
logger('like: no item ' . $item_id);
return;
}
$item = $r[0];
$owner_uid = $item['uid'];
if (!can_write_wall($a, $owner_uid)) {
return;
}
$remote_owner = null;
if (!$item['wall']) {
// The top level post may have been written by somebody on another system
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item['contact-id']), intval($item['uid']));
if (!count($r)) {
return;
}
if (!$r[0]['self']) {
$remote_owner = $r[0];
}
}
// this represents the post owner on this system.
$r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\tWHERE `contact`.`self` = 1 AND `contact`.`uid` = %d LIMIT 1", intval($owner_uid));
if (count($r)) {
$owner = $r[0];
}
if (!$owner) {
logger('like: no owner');
return;
}
if (!$remote_owner) {
$remote_owner = $owner;
}
// This represents the person posting
if (local_user() && local_user() == $owner_uid) {
$contact = $owner;
} else {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($_SESSION['visitor_id']), intval($owner_uid));
if (count($r)) {
$contact = $r[0];
}
}
if (!$contact) {
return;
}
// See if we've been passed a return path to redirect to
$return_path = x($_REQUEST, 'return') ? $_REQUEST['return'] : '';
$verbs = " '" . dbesc($activity) . "' ";
// event participation are essentially radio toggles. If you make a subsequent choice,
// we need to eradicate your first choice.
if ($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) {
$verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' ";
}
$r = q("SELECT `id`, `guid` FROM `item` WHERE `verb` IN ( {$verbs} ) AND `deleted` = 0\n\t\tAND `contact-id` = %d AND `uid` = %d\n\t\tAND (`parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1", intval($contact['id']), intval($owner_uid), dbesc($item_id), dbesc($item_id), dbesc($item['uri']));
if (count($r)) {
$like_item = $r[0];
// Already voted, undo it
$r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), intval($like_item['id']));
// Clean up the Diaspora signatures for this like
// Go ahead and do it even if Diaspora support is disabled. We still want to clean up
// if it had been enabled in the past
$r = q("DELETE FROM `sign` WHERE `iid` = %d", intval($like_item['id']));
// Save the author information for the unlike in case we need to relay to Diaspora
store_diaspora_like_retract_sig($activity, $item, $like_item, $contact);
// proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here!
$like_item_id = $like_item['id'];
proc_run('php', "include/notifier.php", "like", "{$like_item_id}");
like_content_return($a->get_baseurl(), $return_path);
return;
// NOTREACHED
}
$uri = item_new_uri($a->get_hostname(), $owner_uid);
$post_type = $item['resource-id'] ? t('photo') : t('status');
if ($item['obj_type'] === ACTIVITY_OBJ_EVENT) {
$post_type = t('event');
}
$objtype = $item['resource-id'] ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE;
$link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n");
$body = $item['body'];
$obj = <<<EOT
\t<object>
\t\t<type>{$objtype}</type>
\t\t<local>1</local>
\t\t<id>{$item['uri']}</id>
\t\t<link>{$link}</link>
\t\t<title></title>
\t\t<content>{$body}</content>
\t</object>
EOT;
if ($verb === 'like') {
$bodyverb = t('%1$s likes %2$s\'s %3$s');
}
if ($verb === 'dislike') {
$bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
}
if ($verb === 'attendyes') {
$bodyverb = t('%1$s is attending %2$s\'s %3$s');
}
if ($verb === 'attendno') {
$bodyverb = t('%1$s is not attending %2$s\'s %3$s');
}
if ($verb === 'attendmaybe') {
$bodyverb = t('%1$s may attend %2$s\'s %3$s');
}
if (!isset($bodyverb)) {
return;
}
$arr = array();
$arr['uri'] = $uri;
$arr['uid'] = $owner_uid;
$arr['contact-id'] = $contact['id'];
$arr['type'] = 'activity';
$arr['wall'] = $item['wall'];
$arr['origin'] = 1;
$arr['gravity'] = GRAVITY_LIKE;
$arr['parent'] = $item['id'];
$arr['parent-uri'] = $item['uri'];
$arr['thr-parent'] = $item['uri'];
$arr['owner-name'] = $remote_owner['name'];
$arr['owner-link'] = $remote_owner['url'];
$arr['owner-avatar'] = $remote_owner['thumb'];
$arr['author-name'] = $contact['name'];
$arr['author-link'] = $contact['url'];
$arr['author-avatar'] = $contact['thumb'];
$ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
$alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
$plink = '[url=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]';
$arr['body'] = sprintf($bodyverb, $ulink, $alink, $plink);
$arr['verb'] = $activity;
$arr['object-type'] = $objtype;
$arr['object'] = $obj;
$arr['allow_cid'] = $item['allow_cid'];
$arr['allow_gid'] = $item['allow_gid'];
$arr['deny_cid'] = $item['deny_cid'];
$arr['deny_gid'] = $item['deny_gid'];
$arr['visible'] = 1;
$arr['unseen'] = 1;
$arr['last-child'] = 0;
$post_id = item_store($arr);
if (!$item['visible']) {
$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d", intval($item['id']), intval($owner_uid));
}
// Save the author information for the like in case we need to relay to Diaspora
store_diaspora_like_sig($activity, $post_type, $contact, $post_id);
$arr['id'] = $post_id;
call_hooks('post_local_end', $arr);
proc_run('php', "include/notifier.php", "like", "{$post_id}");
like_content_return($a->get_baseurl(), $return_path);
killme();
// NOTREACHED
// return; // NOTREACHED
}
/**
* "Render" a conversation or list of items for HTML display.
* There are two major forms of display:
* - Sequential or unthreaded ("New Item View" or search results)
* - conversation view
* The $mode parameter decides between the various renderings and also
* figures out how to determine page owner and other contextual items
* that are based on unique features of the calling module.
*
*/
function conversation(&$a, $items, $mode, $update, $preview = false)
{
require_once 'bbcode.php';
$profile_owner = 0;
$page_writeable = false;
if ($mode === 'network') {
$profile_owner = local_user();
$page_writeable = true;
}
if ($mode === 'profile') {
$profile_owner = $a->profile['profile_uid'];
$page_writeable = can_write_wall($a, $profile_owner);
}
if ($mode === 'notes') {
$profile_owner = local_user();
$page_writeable = true;
}
if ($mode === 'display') {
$profile_owner = $a->profile['uid'];
$page_writeable = can_write_wall($a, $profile_owner);
}
if ($mode === 'community') {
$profile_owner = 0;
$page_writeable = false;
}
if ($update) {
$return_url = $_SESSION['return_url'];
} else {
$return_url = $_SESSION['return_url'] = $a->cmd;
}
load_contact_links(local_user());
$cmnt_tpl = get_markup_template('comment_item.tpl');
$tpl = get_markup_template('wall_item.tpl');
$wallwall = get_markup_template('wallwall_item.tpl');
$hide_comments_tpl = get_markup_template('hide_comments.tpl');
$alike = array();
$dlike = array();
// array with html for each thread (parent+comments)
$threads = array();
$threadsid = -1;
if (count($items)) {
if ($mode === 'network-new' || $mode === 'search' || $mode === 'community') {
// "New Item View" on network page or search page results
// - just loop through the items and format them minimally for display
$tpl = get_markup_template('search_item.tpl');
foreach ($items as $item) {
$threadsid++;
$comment = '';
$owner_url = '';
$owner_photo = '';
$owner_name = '';
$sparkle = '';
if ($mode === 'search' || $mode === 'community') {
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) {
continue;
}
$nickname = $item['nickname'];
} else {
$nickname = $a->user['nickname'];
}
$profile_name = strlen($item['author-name']) ? $item['author-name'] : $item['name'];
if ($item['author-link'] && !$item['author-name']) {
$profile_name = $item['author-link'];
}
$sp = false;
$profile_link = best_link_url($item, $sp);
if ($sp) {
$sparkle = ' sparkle';
}
if ($profile_link === 'mailbox') {
$profile_link = '';
}
$normalised = normalise_link(strlen($item['author-link']) ? $item['author-link'] : $item['url']);
if ($normalised != 'mailbox' && x($a->contacts[$normalised])) {
$profile_avatar = $a->contacts[$normalised]['thumb'];
} else {
$profile_avatar = strlen($item['author-avatar']) ? $item['author-avatar'] : $item['thumb'];
}
$location = $item['location'] ? '<a target="map" title="' . $item['location'] . '" href="http://maps.google.com/?q=' . urlencode($item['location']) . '">' . $item['location'] . '</a>' : '';
$coord = $item['coord'] ? '<a target="map" title="' . $item['coord'] . '" href="http://maps.google.com/?q=' . urlencode($item['coord']) . '">' . $item['coord'] . '</a>' : '';
if ($coord) {
if ($location) {
$location .= '<br /><span class="smalltext">(' . $coord . ')</span>';
} else {
$location = '<span class="smalltext">' . $coord . '</span>';
}
}
localize_item($item);
if ($mode === 'network-new') {
$dropping = true;
} else {
$dropping = false;
}
$drop = array('dropping' => $dropping, 'select' => t('Select'), 'delete' => t('Delete'));
$star = false;
$isstarred = "unstarred";
$lock = false;
$likebuttons = false;
$shareable = false;
$body = prepare_body($item, true);
$tmp_item = replace_macros($tpl, array('$id' => $item['item_id'], '$linktitle' => sprintf(t('View %s\'s profile @ %s'), $profile_name, strlen($item['author-link']) ? $item['author-link'] : $item['url']), '$profile_url' => $profile_link, '$item_photo_menu' => item_photo_menu($item), '$name' => template_escape($profile_name), '$sparkle' => $sparkle, '$lock' => $lock, '$thumb' => $profile_avatar, '$title' => template_escape($item['title']), '$body' => template_escape($body), '$ago' => $item['app'] ? sprintf(t('%s from %s'), relative_date($item['created']), $item['app']) : relative_date($item['created']), '$lock' => $lock, '$location' => template_escape($location), '$indent' => '', '$owner_name' => template_escape($owner_name), '$owner_url' => $owner_url, '$owner_photo' => $owner_photo, '$plink' => get_plink($item), '$edpost' => false, '$isstarred' => $isstarred, '$star' => $star, '$drop' => $drop, '$vote' => $likebuttons, '$like' => '', '$dislike' => '', '$comment' => '', '$conv' => $preview ? '' : array('href' => $a->get_baseurl() . '/display/' . $nickname . '/' . $item['id'], 'title' => t('View in context')), '$wait' => t('Please wait')));
$arr = array('item' => $item, 'output' => $tmp_item);
call_hooks('display_item', $arr);
$threads[$threadsid]['id'] = $item['item_id'];
$threads[$threadsid]['html'] .= $arr['output'];
}
} else {
// Normal View
// Figure out how many comments each parent has
// (Comments all have gravity of 6)
// Store the result in the $comments array
$comments = array();
foreach ($items as $item) {
if (intval($item['gravity']) == 6 && $item['id'] != $item['parent']) {
if (!x($comments, $item['parent'])) {
$comments[$item['parent']] = 1;
} else {
$comments[$item['parent']] += 1;
}
}
}
// map all the like/dislike activities for each parent item
// Store these in the $alike and $dlike arrays
foreach ($items as $item) {
like_puller($a, $item, $alike, 'like');
like_puller($a, $item, $dlike, 'dislike');
}
$comments_collapsed = false;
$blowhard = 0;
$blowhard_count = 0;
foreach ($items as $item) {
$comment = '';
$template = $tpl;
$commentww = '';
$sparkle = '';
$owner_url = $owner_photo = $owner_name = '';
// We've already parsed out like/dislike for special treatment. We can ignore them now
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) {
continue;
}
$toplevelpost = $item['id'] == $item['parent'] ? true : false;
$toplevelprivate = false;
// Take care of author collapsing and comment collapsing
// If a single author has more than 3 consecutive top-level posts, squash the remaining ones.
// If there are more than two comments, squash all but the last 2.
if ($toplevelpost) {
$toplevelprivate = $toplevelpost && $item['private'] ? true : false;
$item_writeable = $item['writable'] || $item['self'] ? true : false;
/*if($blowhard == $item['cid'] && (! $item['self']) && ($mode != 'profile') && ($mode != 'notes')) {
$blowhard_count ++;
if($blowhard_count == 3) {
$o .= '<div class="icollapse-wrapper fakelink" id="icollapse-wrapper-' . $item['parent']
. '" onclick="openClose(' . '\'icollapse-' . $item['parent'] . '\'); $(\'#icollapse-wrapper-' . $item['parent'] . '\').hide();" >'
. t('See more posts like this') . '</div>' . '<div class="icollapse" id="icollapse-'
. $item['parent'] . '" style="display: none;" >';
}
}
else {
$blowhard = $item['cid'];
if($blowhard_count >= 3)
$o .= '</div>';
$blowhard_count = 0;
}*/
$comments_seen = 0;
$comments_collapsed = false;
$threadsid++;
$threads[$threadsid]['id'] = $item['item_id'];
$threads[$threadsid]['html'] = "";
} else {
// prevent private email from leaking into public conversation
if (!$toplevelpost && !toplevelprivate && $item['private'] && $profile_owner != local_user()) {
continue;
}
$comments_seen++;
}
$override_comment_box = $page_writeable && $item_writeable ? true : false;
$show_comment_box = $page_writeable && $item_writeable && $comments_seen == $comments[$item['parent']] ? true : false;
if ($comments[$item['parent']] > 2 && $comments_seen <= $comments[$item['parent']] - 2 && $item['gravity'] == 6) {
if (!$comments_collapsed) {
// IMPORTANT: the closing </div> in the hide_comments template
// is supplied below in code.
$threads[$threadsid]['html'] .= replace_macros($hide_comments_tpl, array('$id' => $item['parent'], '$num_comments' => sprintf(tt('%d comment', '%d comments', $comments[$item['parent']]), $comments[$item['parent']]), '$display' => 'none', '$hide_text' => t('show more')));
$comments_collapsed = true;
}
}
if ($comments[$item['parent']] > 2 && $comments_seen == $comments[$item['parent']] - 1) {
$threads[$threadsid]['html'] .= '</div>';
}
$redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'];
$lock = $item['private'] || $item['uid'] == local_user() && (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) ? t('Private Message') : false;
// Top-level wall post not written by the wall owner (wall-to-wall)
// First figure out who owns it.
$osparkle = '';
if ($toplevelpost && !$item['self'] && $mode !== 'profile') {
if ($item['wall']) {
// On the network page, I am the owner. On the display page it will be the profile owner.
// This will have been stored in $a->page_contact by our calling page.
// Put this person on the left of the wall-to-wall notice.
$owner_url = $a->page_contact['url'];
$owner_photo = $a->page_contact['thumb'];
$owner_name = $a->page_contact['name'];
$template = $wallwall;
$commentww = 'ww';
}
if (!$item['wall'] && strlen($item['owner-link']) && $item['owner-link'] != $item['author-link']) {
// Could be anybody.
$owner_url = $item['owner-link'];
$owner_photo = $item['owner-avatar'];
$owner_name = $item['owner-name'];
$template = $wallwall;
$commentww = 'ww';
// If it is our contact, use a friendly redirect link
if (link_compare($item['owner-link'], $item['url']) && $item['network'] === 'dfrn') {
$owner_url = $redirect_url;
$osparkle = ' sparkle';
}
}
}
$likebuttons = '';
$shareable = $profile_owner == local_user() && $mode != 'display' && !$item['private'] ? true : false;
if ($page_writeable) {
if ($toplevelpost) {
$likebuttons = array('like' => array(t("I like this (toggle)"), t("like")), 'dislike' => array(t("I don't like this (toggle)"), t("dislike")));
if ($shareable) {
$likebuttons['share'] = array(t('Share this'), t('share'));
}
}
if ($show_comment_box || $show_comment_box == false && $override_comment_box == false && $item['last-child']) {
$comment = replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $mode === 'display' ? $_SESSION['return_url'] : '', '$type' => $mode === 'profile' ? 'wall-comment' : 'net-comment', '$id' => $item['item_id'], '$parent' => $item['parent'], '$profile_uid' => $profile_owner, '$mylink' => $a->contact['url'], '$mytitle' => t('This is you'), '$myphoto' => $a->contact['thumb'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$preview' => t('Preview'), '$ww' => $mode === 'network' ? $commentww : ''));
}
}
$edpost = $profile_owner == local_user() && $toplevelpost && intval($item['wall']) == 1 || $mode === 'notes' ? array($a->get_baseurl() . "/editpost/" . $item['id'], t("Edit")) : False;
$drop = '';
$dropping = false;
if (intval($item['contact-id']) && $item['contact-id'] == remote_user() || $item['uid'] == local_user()) {
$dropping = true;
}
$drop = array('dropping' => $dropping, 'select' => t('Select'), 'delete' => t('Delete'));
$star = false;
$isstarred = "unstarred";
if ($profile_owner == local_user() && $toplevelpost) {
$isstarred = $item['starred'] ? "starred" : "unstarred";
$star = array('do' => t("add star"), 'undo' => t("remove star"), 'toggle' => t("toggle star status"), 'classdo' => $item['starred'] ? "hidden" : "", 'classundo' => $item['starred'] ? "" : "hidden", 'starred' => t('starred'), 'tagger' => t("add tag"), 'classtagger' => "");
}
$photo = $item['photo'];
$thumb = $item['thumb'];
// Post was remotely authored.
$diff_author = link_compare($item['url'], $item['author-link']) ? false : true;
$profile_name = strlen($item['author-name']) && $diff_author ? $item['author-name'] : $item['name'];
if ($item['author-link'] && !$item['author-name']) {
$profile_name = $item['author-link'];
}
$sp = false;
$profile_link = best_link_url($item, $sp);
if ($sp) {
$sparkle = ' sparkle';
}
if ($profile_link === 'mailbox') {
$profile_link = '';
}
$normalised = normalise_link(strlen($item['author-link']) ? $item['author-link'] : $item['url']);
if ($normalised != 'mailbox' && x($a->contacts, $normalised)) {
$profile_avatar = $a->contacts[$normalised]['thumb'];
} else {
$profile_avatar = strlen($item['author-avatar']) && $diff_author ? $item['author-avatar'] : $thumb;
}
$like = x($alike, $item['id']) ? format_like($alike[$item['id']], $alike[$item['id'] . '-l'], 'like', $item['id']) : '';
$dislike = x($dlike, $item['id']) ? format_like($dlike[$item['id']], $dlike[$item['id'] . '-l'], 'dislike', $item['id']) : '';
$location = $item['location'] ? '<a target="map" title="' . $item['location'] . '" href="http://maps.google.com/?q=' . urlencode($item['location']) . '">' . $item['location'] . '</a>' : '';
$coord = $item['coord'] ? '<a target="map" title="' . $item['coord'] . '" href="http://maps.google.com/?q=' . urlencode($item['coord']) . '">' . $item['coord'] . '</a>' : '';
if ($coord) {
if ($location) {
$location .= '<br /><span class="smalltext">(' . $coord . ')</span>';
} else {
$location = '<span class="smalltext">' . $coord . '</span>';
}
}
$indent = $toplevelpost ? '' : ' comment';
if (strcmp(datetime_convert('UTC', 'UTC', $item['created']), datetime_convert('UTC', 'UTC', 'now - 12 hours')) > 0) {
$indent .= ' shiny';
}
//
localize_item($item);
$tags = array();
foreach (explode(',', $item['tag']) as $tag) {
$tag = trim($tag);
if ($tag != "") {
$tags[] = bbcode($tag);
}
}
// Build the HTML
$body = prepare_body($item, true);
$tmp_item = replace_macros($template, array('$type' => implode("", array_slice(split("/", $item['verb']), -1)), '$tags' => $tags, '$body' => template_escape($body), '$id' => $item['item_id'], '$linktitle' => sprintf(t('View %s\'s profile @ %s'), $profile_name, strlen($item['author-link']) ? $item['author-link'] : $item['url']), '$olinktitle' => sprintf(t('View %s\'s profile @ %s'), $profile_name, strlen($item['owner-link']) ? $item['owner-link'] : $item['url']), '$to' => t('to'), '$wall' => t('Wall-to-Wall'), '$vwall' => t('via Wall-To-Wall:'), '$profile_url' => $profile_link, '$item_photo_menu' => item_photo_menu($item), '$name' => template_escape($profile_name), '$thumb' => $profile_avatar, '$osparkle' => $osparkle, '$sparkle' => $sparkle, '$title' => template_escape($item['title']), '$ago' => $item['app'] ? sprintf(t('%s from %s'), relative_date($item['created']), $item['app']) : relative_date($item['created']), '$lock' => $lock, '$location' => template_escape($location), '$indent' => $indent, '$owner_url' => $owner_url, '$owner_photo' => $owner_photo, '$owner_name' => template_escape($owner_name), '$plink' => get_plink($item), '$edpost' => $edpost, '$isstarred' => $isstarred, '$star' => $star, '$drop' => $drop, '$vote' => $likebuttons, '$like' => $like, '$dislike' => $dislike, '$comment' => $comment, '$wait' => t('Please wait')));
$arr = array('item' => $item, 'output' => $tmp_item);
call_hooks('display_item', $arr);
$threads[$threadsid]['html'] .= $arr['output'];
}
}
}
$page_template = get_markup_template("conversation.tpl");
$o .= replace_macros($page_template, array('$threads' => $threads, '$dropping' => $dropping ? t('Delete Selected Items') : False));
return $o;
}
function photos_content(&$a)
{
// URLs:
// photos/name
// photos/name/upload
// photos/name/upload/xxxxx (xxxxx is album name)
// photos/name/album/xxxxx
// photos/name/album/xxxxx/edit
// photos/name/image/xxxxx
// photos/name/image/xxxxx/edit
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
require_once 'include/bbcode.php';
require_once 'include/security.php';
require_once 'include/conversation.php';
if (!x($a->data, 'user')) {
notice(t('No photos selected') . EOL);
return;
}
$_SESSION['photo_return'] = $a->cmd;
//
// Parse arguments
//
if ($a->argc > 3) {
$datatype = $a->argv[2];
$datum = $a->argv[3];
} elseif ($a->argc > 2 && $a->argv[2] === 'upload') {
$datatype = 'upload';
} else {
$datatype = 'summary';
}
if ($a->argc > 4) {
$cmd = $a->argv[4];
} else {
$cmd = 'view';
}
//
// Setup permissions structures
//
$can_post = false;
$visitor = 0;
$contact = null;
$remote_contact = false;
$owner_uid = $a->data['user']['uid'];
$community_page = $a->data['user']['page-flags'] == PAGE_COMMUNITY ? true : false;
if (local_user() && local_user() == $owner_uid) {
$can_post = true;
} else {
if ($community_page && remote_user()) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval(remote_user()), intval($owner_uid));
if (count($r)) {
$can_post = true;
$contact = $r[0];
$remote_contact = true;
$visitor = remote_user();
}
}
}
// perhaps they're visiting - but not a community page, so they wouldn't have write access
if (remote_user() && !$visitor) {
$contact_id = $_SESSION['visitor_id'];
$groups = init_groups_visitor($contact_id);
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval(remote_user()), intval($owner_uid));
if (count($r)) {
$contact = $r[0];
$remote_contact = true;
}
}
if (!$remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid'];
$contact = $a->contact;
}
}
if ($a->data['user']['hidewall'] && local_user() != $owner_uid && !$remote_contact) {
notice(t('Access to this item is restricted.') . EOL);
return;
}
$sql_extra = permissions_sql($owner_uid, $remote_contact, $groups);
$o = "";
// tabs
$_is_owner = local_user() && local_user() == $owner_uid;
$o .= profile_tabs($a, $_is_owner, $a->data['user']['nickname']);
//
// dispatch request
//
if ($datatype === 'upload') {
if (!$can_post) {
notice(t('Permission denied.'));
return;
}
$selname = $datum ? hex2bin($datum) : '';
$albumselect = '<select id="photos-upload-album-select" name="album" size="4">';
$albumselect .= '<option value="" ' . (!$selname ? ' selected="selected" ' : '') . '> </option>';
if (count($a->data['albums'])) {
foreach ($a->data['albums'] as $album) {
if ($album['album'] === '' || $album['album'] === 'Contact Photos' || $album['album'] === t('Contact Photos')) {
continue;
}
$selected = $selname === $album['album'] ? ' selected="selected" ' : '';
$albumselect .= '<option value="' . $album['album'] . '"' . $selected . '>' . $album['album'] . '</option>';
}
}
$celeb = $a->user['page-flags'] == PAGE_SOAPBOX || $a->user['page-flags'] == PAGE_COMMUNITY ? true : false;
$albumselect .= '</select>';
$uploader = '';
$ret = array('post_url' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'], 'addon_text' => $uploader, 'default_upload' => true);
call_hooks('photo_upload_form', $ret);
$default_upload = '<input type="file" name="userfile" /> <div class="photos-upload-submit-wrapper" >
<input type="submit" name="submit" value="' . t('Submit') . '" id="photos-upload-submit" /> </div>';
$tpl = get_markup_template('photos_upload.tpl');
$o .= replace_macros($tpl, array('$pagename' => t('Upload Photos'), '$sessid' => session_id(), '$nickname' => $a->data['user']['nickname'], '$newalbum' => t('New album name: '), '$existalbumtext' => t('or existing album name: '), '$nosharetext' => t('Do not show a status post for this upload'), '$albumselect' => template_escape($albumselect), '$permissions' => t('Permissions'), '$aclselect' => $visitor ? '' : template_escape(populate_acl($a->user, $celeb)), '$uploader' => $ret['addon_text'], '$default' => $ret['default_upload'] ? $default_upload : '', '$uploadurl' => $ret['post_url']));
return $o;
}
if ($datatype === 'album') {
$album = hex2bin($datum);
$r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' \n\t\t\tAND `scale` <= 4 {$sql_extra} GROUP BY `resource-id`", intval($owner_uid), dbesc($album));
if (count($r)) {
$a->set_pager_total(count($r));
$a->set_pager_itemspage(20);
}
$r = q("SELECT `resource-id`, `id`, `filename`, max(`scale`) AS `scale`, `desc` FROM `photo` WHERE `uid` = %d AND `album` = '%s' \n\t\t\tAND `scale` <= 4 {$sql_extra} GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", intval($owner_uid), dbesc($album), intval($a->pager['start']), intval($a->pager['itemspage']));
$o .= '<h3>' . $album . '</h3>';
if ($cmd === 'edit') {
if ($album !== t('Profile Photos') && $album !== 'Contact Photos' && $album !== t('Contact Photos')) {
if ($can_post) {
$edit_tpl = get_markup_template('album_edit.tpl');
$o .= replace_macros($edit_tpl, array('$nametext' => t('New album name: '), '$nickname' => $a->data['user']['nickname'], '$album' => template_escape($album), '$hexalbum' => bin2hex($album), '$submit' => t('Submit'), '$dropsubmit' => t('Delete Album')));
}
}
} else {
if ($album !== t('Profile Photos') && $album !== 'Contact Photos' && $album !== t('Contact Photos')) {
if ($can_post) {
$o .= '<div id="album-edit-link"><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '/edit' . '">' . t('Edit Album') . '</a></div>';
}
}
}
if ($can_post) {
$o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/upload/' . bin2hex($album) . '" >' . t('Upload New Photos') . '</a></div>';
}
$tpl = get_markup_template('photo_album.tpl');
if (count($r)) {
$twist = 'rotright';
}
foreach ($r as $rr) {
if ($twist == 'rotright') {
$twist = 'rotleft';
} else {
$twist = 'rotright';
}
$o .= replace_macros($tpl, array('$id' => $rr['id'], '$twist' => ' ' . $twist . rand(2, 4), '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg', '$imgalt' => template_escape($rr['filename']), '$desc' => template_escape($rr['desc'])));
}
$o .= '<div id="photo-album-end"></div>';
$o .= paginate($a);
return $o;
}
if ($datatype === 'image') {
//$o = '';
// fetch image, item containing image, then comments
$ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' \n\t\t\t{$sql_extra} ORDER BY `scale` ASC ", intval($owner_uid), dbesc($datum));
if (!count($ph)) {
$ph = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' \n\t\t\t\tLIMIT 1", intval($owner_uid), dbesc($datum));
if (count($ph)) {
notice(t('Permission denied. Access to this item may be restricted.'));
} else {
notice(t('Photo not available') . EOL);
}
return;
}
$prevlink = '';
$nextlink = '';
$prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 \n\t\t\t{$sql_extra} ORDER BY `created` DESC ", dbesc($ph[0]['album']), intval($owner_uid));
if (count($prvnxt)) {
for ($z = 0; $z < count($prvnxt); $z++) {
if ($prvnxt[$z]['resource-id'] == $ph[0]['resource-id']) {
$prv = $z - 1;
$nxt = $z + 1;
if ($prv < 0) {
$prv = count($prvnxt) - 1;
}
if ($nxt >= count($prvnxt)) {
$nxt = 0;
}
break;
}
}
$edit_suffix = $cmd === 'edit' && $can_post ? '/edit' : '';
$prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix;
$nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix;
}
if (count($ph) == 1) {
$hires = $lores = $ph[0];
}
if (count($ph) > 1) {
if ($ph[1]['scale'] == 2) {
// original is 640 or less, we can display it directly
$hires = $lores = $ph[0];
} else {
$hires = $ph[0];
$lores = $ph[1];
}
}
$album_link = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($ph[0]['album']);
$tools = Null;
$lock = Null;
if ($can_post && $ph[0]['uid'] == $owner_uid) {
$tools = array('edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . ($cmd === 'edit' ? '' : '/edit'), $cmd === 'edit' ? t('View photo') : t('Edit photo')), 'profile' => array($a->get_baseurl() . '/profile_photo/use/' . $ph[0]['resource-id'], t('Use as profile photo')));
// lock
$lock = $ph[0]['uid'] == local_user() && (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) ? t('Private Message') : Null;
}
if (!$cmd !== 'edit') {
$a->page['htmlhead'] .= '<script>
$(document).keydown(function(event) {' . "\n";
if ($prevlink) {
$a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
}
if ($nextlink) {
$a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
}
$a->page['htmlhead'] .= '});</script>';
}
if ($prevlink) {
$prevlink = array($prevlink, '<div class="icon prev"></div>');
}
$photo = array('href' => $a->get_baseurl() . '/photo/' . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg', 'title' => t('View Full Size'), 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg' . '?f=&_u=' . datetime_convert('', '', '', 'ymdhis'));
if ($nextlink) {
$nextlink = array($nextlink, '<div class="icon next"></div>');
}
// Do we have an item for this photo?
$linked_items = q("SELECT * FROM `item` WHERE `resource-id` = '%s' {$sql_extra} LIMIT 1", dbesc($datum));
if (count($linked_items)) {
$link_item = $linked_items[0];
$r = q("SELECT COUNT(*) AS `total`\n\t\t\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\tAND `item`.`uid` = %d \n\t\t\t\t{$sql_extra} ", dbesc($link_item['uri']), dbesc($link_item['uri']), intval($link_item['uid']));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, \n\t\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`, \n\t\t\t\t`contact`.`rel`, `contact`.`thumb`, `contact`.`self`, \n\t\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\tAND `item`.`uid` = %d\n\t\t\t\t{$sql_extra}\n\t\t\t\tORDER BY `parent` DESC, `id` ASC LIMIT %d ,%d ", dbesc($link_item['uri']), dbesc($link_item['uri']), intval($link_item['uid']), intval($a->pager['start']), intval($a->pager['itemspage']));
if (local_user() && local_user() == $link_item['uid']) {
q("UPDATE `item` SET `unseen` = 0 WHERE `parent` = %d and `uid` = %d", intval($link_item['parent']), intval(local_user()));
}
}
$tags = Null;
if (count($linked_items) && strlen($link_item['tag'])) {
$arr = explode(',', $link_item['tag']);
// parse tags and add links
$tag_str = '';
foreach ($arr as $t) {
if (strlen($tag_str)) {
$tag_str .= ', ';
}
$tag_str .= bbcode($t);
}
$tags = array(t('Tags: '), $tag_str);
if ($cmd === 'edit') {
$tags[] = $a->get_baseurl() . '/tagrm/' . $link_item['id'];
$tags[] = t('[Remove any tag]');
}
}
$edit = Null;
if ($cmd === 'edit' && $can_post) {
$edit_tpl = get_markup_template('photo_edit.tpl');
$edit = replace_macros($edit_tpl, array('$id' => $ph[0]['id'], '$rotate' => t('Rotate CW'), '$album' => template_escape($ph[0]['album']), '$newalbum' => t('New album name'), '$nickname' => $a->data['user']['nickname'], '$resource_id' => $ph[0]['resource-id'], '$capt_label' => t('Caption'), '$caption' => template_escape($ph[0]['desc']), '$tag_label' => t('Add a Tag'), '$tags' => $link_item['tag'], '$permissions' => t('Permissions'), '$aclselect' => template_escape(populate_acl($ph[0])), '$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'), '$item_id' => count($linked_items) ? $link_item['id'] : 0, '$submit' => t('Submit'), '$delete' => t('Delete Photo')));
}
if (count($linked_items)) {
$cmnt_tpl = get_markup_template('comment_item.tpl');
$tpl = get_markup_template('photo_item.tpl');
$return_url = $a->cmd;
$like_tpl = get_markup_template('like_noshare.tpl');
$likebuttons = '';
if ($can_post || can_write_wall($a, $owner_uid)) {
$likebuttons = replace_macros($like_tpl, array('$id' => $link_item['id'], '$likethis' => t("I like this (toggle)"), '$nolike' => t("I don't like this (toggle)"), '$share' => t('Share'), '$wait' => t('Please wait')));
}
$comments = '';
if (!count($r)) {
if ($can_post || can_write_wall($a, $owner_uid)) {
if ($link_item['last-child']) {
$comments .= replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $contact['url'], '$mytitle' => t('This is you'), '$myphoto' => $contact['thumb'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$preview' => t('Preview'), '$ww' => ''));
}
}
}
$alike = array();
$dlike = array();
$like = '';
$dislike = '';
// display comments
if (count($r)) {
foreach ($r as $item) {
like_puller($a, $item, $alike, 'like');
like_puller($a, $item, $dlike, 'dislike');
}
$like = isset($alike[$link_item['id']]) ? format_like($alike[$link_item['id']], $alike[$link_item['id'] . '-l'], 'like', $link_item['id']) : '';
$dislike = isset($dlike[$link_item['id']]) ? format_like($dlike[$link_item['id']], $dlike[$link_item['id'] . '-l'], 'dislike', $link_item['id']) : '';
if ($can_post || can_write_wall($a, $owner_uid)) {
if ($link_item['last-child']) {
$comments .= replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $contact['url'], '$mytitle' => t('This is you'), '$myphoto' => $contact['thumb'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$ww' => ''));
}
}
foreach ($r as $item) {
$comment = '';
$template = $tpl;
$sparkle = '';
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) {
continue;
}
$redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'];
if ($can_post || can_write_wall($a, $owner_uid)) {
if ($item['last-child']) {
$comments .= replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $item['item_id'], '$parent' => $item['parent'], '$profile_uid' => $owner_uid, '$mylink' => $contact['url'], '$mytitle' => t('This is you'), '$myphoto' => $contact['thumb'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$ww' => ''));
}
}
if (local_user() && $item['contact-uid'] == local_user() && $item['network'] == 'dfrn' && !$item['self']) {
$profile_url = $redirect_url;
$sparkle = ' sparkle';
} else {
$profile_url = $item['url'];
$sparkle = '';
}
$diff_author = $item['url'] !== $item['author-link'] ? true : false;
$profile_name = strlen($item['author-name']) && $diff_author ? $item['author-name'] : $item['name'];
$profile_avatar = strlen($item['author-avatar']) && $diff_author ? $item['author-avatar'] : $item['thumb'];
$profile_link = $profile_url;
$drop = '';
if ($item['contact-id'] == remote_user() || $item['uid'] == local_user()) {
$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
}
$comments .= replace_macros($template, array('$id' => $item['item_id'], '$profile_url' => $profile_link, '$name' => template_escape($profile_name), '$thumb' => $profile_avatar, '$sparkle' => $sparkle, '$title' => template_escape($item['title']), '$body' => template_escape(bbcode($item['body'])), '$ago' => relative_date($item['created']), '$indent' => $item['parent'] != $item['item_id'] ? ' comment' : '', '$drop' => $drop, '$comment' => $comment));
}
}
$paginate = paginate($a);
}
$photo_tpl = get_markup_template('photo_view.tpl');
$o .= replace_macros($photo_tpl, array('$id' => $ph[0]['id'], '$album' => array($album_link, template_escape($ph[0]['album'])), '$tools' => $tools, '$lock' => $lock, '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, '$desc' => $ph[0]['desc'], '$tags' => template_escape($tags), '$edit' => $edit, '$likebuttons' => $likebuttons, '$like' => template_escape($like), '$dislike' => template_escape($dislike), '$comments' => $comments, '$paginate' => $paginate));
return $o;
}
// Default - show recent photos with upload link (if applicable)
//$o = '';
$r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' \n\t\t{$sql_extra} GROUP BY `resource-id`", intval($a->data['user']['uid']), dbesc('Contact Photos'), dbesc(t('Contact Photos')));
if (count($r)) {
$a->set_pager_total(count($r));
$a->set_pager_itemspage(20);
}
$r = q("SELECT `resource-id`, `id`, `filename`, `album`, max(`scale`) AS `scale` FROM `photo`\n\t\tWHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' \n\t\t{$sql_extra} GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", intval($a->data['user']['uid']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval($a->pager['start']), intval($a->pager['itemspage']));
$photos = array();
if (count($r)) {
$twist = 'rotright';
foreach ($r as $rr) {
if ($twist == 'rotright') {
$twist = 'rotleft';
} else {
$twist = 'rotright';
}
$photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ($rr['scale'] == 6 ? 4 : $rr['scale']) . '.jpg', 'alt' => template_escape($rr['filename']), 'album' => array('link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']), 'name' => template_escape($rr['album']), 'alt' => t('View Album')));
}
}
$tpl = get_markup_template('photos_recent.tpl');
$o .= replace_macros($tpl, array('$title' => t('Recent Photos'), '$can_post' => $can_post, '$upload' => array(t('Upload New Photos'), $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/upload'), '$photos' => $photos));
$o .= paginate($a);
return $o;
}
function search_content(&$a)
{
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (get_config('system', 'local_search') and !local_user()) {
notice(t('Public access denied.') . EOL);
return;
//http_status_exit(403);
//killme();
}
nav_set_selected('search');
$o = '<h3>' . t('Search') . '</h3>';
if (x($a->data, 'search')) {
$search = notags(trim($a->data['search']));
} else {
$search = x($_GET, 'search') ? notags(trim(rawurldecode($_GET['search']))) : '';
}
$tag = false;
if (x($_GET, 'tag')) {
$tag = true;
$search = x($_GET, 'tag') ? notags(trim(rawurldecode($_GET['tag']))) : '';
}
$o .= search($search, 'search-box', '/search', local_user() ? true : false, false);
if (strpos($search, '#') === 0) {
$tag = true;
$search = substr($search, 1);
}
if (strpos($search, '@') === 0) {
return dirfind_content($a);
}
if (strpos($search, '!') === 0) {
return dirfind_content($a);
}
if (x($_GET, 'search-option')) {
switch ($_GET['search-option']) {
case 'fulltext':
break;
case 'tags':
$tag = true;
break;
case 'contacts':
return dirfind_content($a, "@");
break;
case 'forums':
return dirfind_content($a, "!");
break;
}
}
if (!$search) {
return $o;
}
if (get_config('system', 'only_tag_search')) {
$tag = true;
}
// Here is the way permissions work in the search module...
// Only public posts can be shown
// OR your own posts if you are a logged in member
// No items will be shown if the member has a blocked profile wall.
if ($tag) {
logger("Start tag search for '" . $search . "'", LOGGER_DEBUG);
$r = q("SELECT STRAIGHT_JOIN `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,\n\t\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,\n\t\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,\n\t\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\tFROM `term`\n\t\t\t\tINNER JOIN `item` ON `item`.`id`=`term`.`oid`\n\t\t\t\tINNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND NOT `contact`.`blocked` AND NOT `contact`.`pending`\n\t\t\tWHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`\n\t\t\t\tAND (`term`.`uid` = 0 OR (`term`.`uid` = %d AND NOT `term`.`global`)) AND `term`.`otype` = %d AND `term`.`type` = %d AND `term`.`term` = '%s'\n\t\t\tORDER BY term.created DESC LIMIT %d , %d ", intval(local_user()), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), dbesc(protect_sprintf($search)), intval($a->pager['start']), intval($a->pager['itemspage']));
} else {
logger("Start fulltext search for '" . $search . "'", LOGGER_DEBUG);
if (get_config('system', 'use_fulltext_engine')) {
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));
} else {
$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
}
$r = q("SELECT STRAIGHT_JOIN `item`.`uri`, `item`.*, `item`.`id` AS `item_id`,\n\t\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`,\n\t\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,\n\t\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\tFROM `item`\n\t\t\t\tINNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND NOT `contact`.`blocked` AND NOT `contact`.`pending`\n\t\t\tWHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`\n\t\t\t\tAND (`item`.`uid` = 0 OR (`item`.`uid` = %s AND (`item`.`private` OR NOT `item`.`network` IN ('%s', '%s', '%s'))))\n\t\t\t\t{$sql_extra}\n\t\t\tGROUP BY `item`.`uri` ORDER BY `item`.`id` DESC LIMIT %d , %d ", intval(local_user()), dbesc(NETWORK_DFRN), dbesc(NETWORK_OSTATUS), dbesc(NETWORK_DIASPORA), intval($a->pager['start']), intval($a->pager['itemspage']));
}
if (!count($r)) {
info(t('No results.') . EOL);
return $o;
}
if ($tag) {
$title = sprintf(t('Items tagged with: %s'), $search);
} else {
$title = sprintf(t('Search results for: %s'), $search);
}
$o .= replace_macros(get_markup_template("section_title.tpl"), array('$title' => $title));
logger("Start Conversation for '" . $search . "'", LOGGER_DEBUG);
$o .= conversation($a, $r, 'search', false);
$o .= alt_pager($a, count($r));
logger("Done '" . $search . "'", LOGGER_DEBUG);
return $o;
}
function app_render($papp, $mode = 'view')
{
/**
* modes:
* view: normal mode for viewing an app via bbcode from a conversation or page
* provides install/update button if you're logged in locally
* list: normal mode for viewing an app on the app page
* no buttons are shown
* edit: viewing the app page in editing mode provides a delete button
*/
$installed = false;
if (!$papp['photo']) {
$papp['photo'] = z_root() . '/' . get_default_profile_photo(80);
}
if (!$papp) {
return;
}
$papp['papp'] = papp_encode($papp);
foreach ($papp as $k => $v) {
if (strpos($v, 'http') === 0 && $k != 'papp') {
$papp[$k] = zid($v);
}
if ($k === 'desc') {
$papp['desc'] = str_replace(array('\'', '"'), array(''', '&dquot;'), $papp['desc']);
}
if ($k === 'requires') {
$require = trim(strtolower($v));
switch ($require) {
case 'nologin':
if (local_user()) {
return '';
}
break;
case 'admin':
if (!is_site_admin()) {
return '';
}
break;
case 'local_user':
if (!local_user()) {
return '';
}
break;
case 'public_profile':
if (!is_public_profile()) {
return '';
}
break;
case 'observer':
$observer = get_app()->get_observer();
if (!$observer) {
return '';
}
break;
default:
if (!local_user() && feature_enabled(local_user(), $require)) {
return '';
}
break;
}
}
}
$hosturl = '';
if (local_user()) {
$installed = app_installed(local_user(), $papp);
$hosturl = z_root() . '/';
} elseif (remote_user()) {
$observer = get_app()->get_observer();
if ($observer && $observer['xchan_network'] === 'zot') {
// some folks might have xchan_url redirected offsite, use the connurl
$x = parse_url($observer['xchan_connurl']);
if ($x) {
$hosturl = $x['scheme'] . '://' . $x['host'] . '/';
}
}
}
$install_action = $installed ? t('Update') : t('Install');
return replace_macros(get_markup_template('app.tpl'), array('$app' => $papp, '$hosturl' => $hosturl, '$purchase' => $papp['page'] && !$installed ? t('Purchase') : '', '$install' => $hosturl && $mode == 'view' ? $install_action : '', '$edit' => local_user() && $installed && $mode == 'edit' ? t('Edit') : '', '$delete' => local_user() && $installed && $mode == 'edit' ? t('Delete') : ''));
}
function community_content(&$a, $update = 0)
{
$o = '';
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
if (get_config('system', 'community_page_style') == CP_NO_COMMUNITY_PAGE) {
notice(t('Not available.') . EOL);
return;
}
require_once "include/bbcode.php";
require_once 'include/security.php';
require_once 'include/conversation.php';
$o .= '<h3>' . t('Community') . '</h3>';
if (!$update) {
nav_set_selected('community');
}
if (x($a->data, 'search')) {
$search = notags(trim($a->data['search']));
} else {
$search = x($_GET, 'search') ? notags(trim(rawurldecode($_GET['search']))) : '';
}
// Here is the way permissions work in this module...
// Only public posts can be shown
// OR your own posts if you are a logged in member
if (get_config('system', 'old_pager')) {
$r = q("SELECT COUNT(distinct(`item`.`uri`)) AS `total`\n\t\t\tFROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\tINNER JOIN `user` ON `user`.`uid` = `item`.`uid` AND `user`.`hidewall` = 0\n\t\t\tWHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\t\tAND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''\n\t\t\tAND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''\n\t\t\tAND `item`.`private` = 0 AND `item`.`wall` = 1");
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
if (!$r[0]['total']) {
info(t('No results.') . EOL);
return $o;
}
}
$r = community_getitems($a->pager['start'], $a->pager['itemspage']);
if (!count($r)) {
info(t('No results.') . EOL);
return $o;
}
$maxpostperauthor = get_config('system', 'max_author_posts_community_page');
if ($maxpostperauthor != 0) {
$count = 1;
$previousauthor = "";
$numposts = 0;
$s = array();
do {
foreach ($r as $row => $item) {
if ($previousauthor == $item["author-link"]) {
++$numposts;
} else {
$numposts = 0;
}
$previousauthor = $item["author-link"];
if ($numposts < $maxpostperauthor and sizeof($s) < $a->pager['itemspage']) {
$s[] = $item;
}
}
if (sizeof($s) < $a->pager['itemspage']) {
$r = community_getitems($a->pager['start'] + $count * $a->pager['itemspage'], $a->pager['itemspage']);
}
} while (sizeof($s) < $a->pager['itemspage'] and ++$count < 50 and sizeof($r) > 0);
} else {
$s = $r;
}
// we behave the same in message lists as the search module
$o .= conversation($a, $s, 'community', $update);
if (!get_config('system', 'old_pager')) {
$o .= alt_pager($a, count($r));
} else {
$o .= paginate($a);
}
return $o;
}
function widget_fullprofile($arr)
{
$a = get_app();
if (!$a->profile['profile_uid']) {
return;
}
$block = get_config('system', 'block_public') && !local_user() && !remote_user() ? true : false;
return profile_sidebar($a->profile, $block);
}
function drop_items($items)
{
$uid = 0;
if (!local_user() && !remote_user()) {
return;
}
if (count($items)) {
foreach ($items as $item) {
$owner = drop_item($item, false);
if ($owner && !$uid) {
$uid = $owner;
}
}
}
// multiple threads may have been deleted, send an expire notification
if ($uid) {
proc_run('php', "include/notifier.php", "expire", "{$uid}");
}
}
