private static function files1($rr)
{
$ph = photo_factory('');
$types = $ph->supportedTypes();
$ext = $types[$rr['type']];
$filename_e = $rr['filename'];
return array(z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['hiq'] . '.' . $ext, $filename_e, z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['loq'] . '.' . $ext);
}
function files1($rr)
{
global $a;
$ph = photo_factory('');
$types = $ph->supportedTypes();
$ext = $types[$rr['type']];
$filename_e = $rr['filename'];
return array($a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['hiq'] . '.' . $ext, $filename_e, $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['loq'] . '.' . $ext);
}
function files1($rr)
{
global $a;
$ph = photo_factory('');
$types = $ph->supportedTypes();
$ext = $types[$rr['type']];
if ($a->get_template_engine() === 'internal') {
$filename_e = template_escape($rr['filename']);
} else {
$filename_e = $rr['filename'];
}
return array($a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['hiq'] . '.' . $ext, $filename_e, $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['loq'] . '.' . $ext);
}
function scale_external_images($s, $include_link = true, $scale_replace = false)
{
$a = get_app();
// Picture addresses can contain special characters
$s = htmlspecialchars_decode($s, ENT_COMPAT);
$matches = null;
$c = preg_match_all('/\\[([zi])mg(.*?)\\](.*?)\\[\\/[zi]mg\\]/ism', $s, $matches, PREG_SET_ORDER);
if ($c) {
require_once 'include/photo/photo_driver.php';
foreach ($matches as $mtch) {
logger('scale_external_image: ' . $mtch[2] . ' ' . $mtch[3]);
if (substr($mtch[1], 0, 1) == '=') {
$owidth = intval(substr($mtch[2], 1));
if (intval($owidth) > 0 && intval($owidth) < 1024) {
continue;
}
}
$hostname = str_replace('www.', '', substr($a->get_baseurl(), strpos($a->get_baseurl(), '://') + 3));
if (stristr($mtch[3], $hostname)) {
continue;
}
// $scale_replace, if passed, is an array of two elements. The
// first is the name of the full-size image. The second is the
// name of a remote, scaled-down version of the full size image.
// This allows Friendica to display the smaller remote image if
// one exists, while still linking to the full-size image
if ($scale_replace) {
$scaled = str_replace($scale_replace[0], $scale_replace[1], $mtch[3]);
} else {
$scaled = $mtch[3];
}
$i = z_fetch_url($scaled, true);
$cache = get_config('system', 'itemcache');
if ($cache != '' and is_dir($cache)) {
$cachefile = $cache . "/" . hash("md5", $scaled);
file_put_contents($cachefile, $i['body']);
}
// guess mimetype from headers or filename
$type = guess_image_type($mtch[3], $i['header']);
if (strpos($type, 'image') === false) {
continue;
}
if ($i['success']) {
$ph = photo_factory($i['body'], $type);
if ($ph->is_valid()) {
$orig_width = $ph->getWidth();
$orig_height = $ph->getHeight();
if ($orig_width > 1024 || $orig_height > 1024) {
$tag = $match[1] == 'z' ? 'zmg' : 'img';
$ph->scaleImage(1024);
$new_width = $ph->getWidth();
$new_height = $ph->getHeight();
logger('scale_external_images: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG);
$s = str_replace($mtch[0], '[' . $tag . '=' . $new_width . 'x' . $new_height . ']' . $scaled . '[/' . $tag . ']' . "\n" . ($include_link ? '[zrl=' . $mtch[2] . ']' . t('view full size') . '[/zrl]' . "\n" : ''), $s);
logger('scale_external_images: new string: ' . $s, LOGGER_DEBUG);
}
}
}
}
}
// replace the special char encoding
$s = htmlspecialchars($s, ENT_COMPAT, 'UTF-8');
return $s;
}
function init()
{
$prvcachecontrol = false;
$streaming = null;
$channel = null;
switch (argc()) {
case 4:
$person = argv(3);
$res = argv(2);
$type = argv(1);
break;
case 2:
$photo = argv(1);
break;
case 1:
default:
killme();
// NOTREACHED
}
$observer_xchan = get_observer_hash();
$default = get_default_profile_photo();
if (isset($type)) {
/**
* Profile photos - Access controls on default profile photos are not honoured since they need to be exchanged with remote sites.
*
*/
if ($type === 'profile') {
switch ($res) {
case 'm':
$resolution = 5;
$default = get_default_profile_photo(80);
break;
case 's':
$resolution = 6;
$default = get_default_profile_photo(48);
break;
case 'l':
default:
$resolution = 4;
break;
}
}
$uid = $person;
$d = ['imgscale' => $resolution, 'channel_id' => $uid, 'default' => $default, 'data' => '', 'mimetype' => ''];
call_hooks('get_profile_photo', $d);
$resolution = $d['imgscale'];
$uid = $d['channel_id'];
$default = $d['default'];
$data = $d['data'];
$mimetype = $d['mimetype'];
if (!$data) {
$r = q("SELECT * FROM photo WHERE imgscale = %d AND uid = %d AND photo_usage = %d LIMIT 1", intval($resolution), intval($uid), intval(PHOTO_PROFILE));
if ($r) {
$data = dbunescbin($r[0]['content']);
$mimetype = $r[0]['mimetype'];
}
if (intval($r[0]['os_storage'])) {
$data = file_get_contents($data);
}
}
if (!$data) {
$data = file_get_contents($default);
}
if (!$mimetype) {
$mimetype = 'image/png';
}
} else {
/**
* Other photos
*/
/* Check for a cookie to indicate display pixel density, in order to detect high-resolution
displays. This procedure was derived from the "Retina Images" by Jeremey Worboys,
used in accordance with the Creative Commons Attribution 3.0 Unported License.
Project link: https://github.com/Retina-Images/Retina-Images
License link: http://creativecommons.org/licenses/by/3.0/
*/
$cookie_value = false;
if (isset($_COOKIE['devicePixelRatio'])) {
$cookie_value = intval($_COOKIE['devicePixelRatio']);
} else {
// Force revalidation of cache on next request
$cache_directive = 'no-cache';
$status = 'no cookie';
}
$resolution = 0;
if (strpos($photo, '.') !== false) {
$photo = substr($photo, 0, strpos($photo, '.'));
}
if (substr($photo, -2, 1) == '-') {
$resolution = intval(substr($photo, -1, 1));
$photo = substr($photo, 0, -2);
// If viewing on a high-res screen, attempt to serve a higher resolution image:
if ($resolution == 2 && $cookie_value > 1) {
$resolution = 1;
}
}
// If using resolution 1, make sure it exists before proceeding:
if ($resolution == 1) {
$r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution));
if (!$r) {
$resolution = 2;
}
}
$r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND imgscale = %d LIMIT 1", dbesc($photo), intval($resolution));
if ($r) {
$allowed = $r[0]['uid'] ? perm_is_allowed($r[0]['uid'], $observer_xchan, 'view_storage') : true;
$sql_extra = permissions_sql($r[0]['uid']);
if (!$sql_extra) {
$sql_extra = ' and true ';
}
// Only check permissions on normal photos. Those photos we don't check includes
// profile photos, xchan photos (which are also profile photos), 'thing' photos,
// and cover photos
$sql_extra = " and (( photo_usage = 0 {$sql_extra} ) or photo_usage != 0 )";
$channel = channelx_by_n($r[0]['uid']);
// Now we'll see if we can access the photo
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND imgscale = %d {$sql_extra} LIMIT 1", dbesc($photo), intval($resolution));
if ($r && $allowed) {
$data = dbunescbin($r[0]['content']);
$mimetype = $r[0]['mimetype'];
if (intval($r[0]['os_storage'])) {
$streaming = $data;
}
} else {
// Does the picture exist? It may be a remote person with no credentials,
// but who should otherwise be able to view it. Show a default image to let
// them know permissions was denied. It may be possible to view the image
// through an authenticated profile visit.
// There won't be many completely unauthorised people seeing this because
// they won't have the photo link, so there's a reasonable chance that the person
// might be able to obtain permission to view it.
$r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `imgscale` = %d LIMIT 1", dbesc($photo), intval($resolution));
if ($r) {
logger('mod_photo: forbidden. ' . \App::$query_string);
$observer = \App::get_observer();
logger('mod_photo: observer = ' . ($observer ? $observer['xchan_addr'] : '(not authenticated)'));
$data = file_get_contents('images/nosign.png');
$mimetype = 'image/png';
$prvcachecontrol = true;
}
}
}
}
if (!isset($data)) {
if (isset($resolution)) {
switch ($resolution) {
case 4:
$data = file_get_contents(get_default_profile_photo());
$mimetype = 'image/png';
break;
case 5:
$data = file_get_contents(get_default_profile_photo(80));
$mimetype = 'image/png';
break;
case 6:
$data = file_get_contents(get_default_profile_photo(48));
$mimetype = 'image/png';
break;
default:
killme();
// NOTREACHED
break;
}
}
}
if (isset($res) && intval($res) && $res < 500) {
$ph = photo_factory($data, $mimetype);
if ($ph->is_valid()) {
$ph->scaleImageSquare($res);
$data = $ph->imageString();
$mimetype = $ph->getType();
}
}
// Writing in cachefile
if (isset($cachefile) && $cachefile != '') {
file_put_contents($cachefile, $data);
}
if (function_exists('header_remove')) {
header_remove('Pragma');
header_remove('pragma');
}
header("Content-type: " . $mimetype);
if ($prvcachecontrol) {
// it is a private photo that they have no permission to view.
// tell the browser not to cache it, in case they authenticate
// and subsequently have permission to see it
header("Cache-Control: no-store, no-cache, must-revalidate");
} else {
// The photo cache default is 1 day to provide a privacy trade-off,
// as somebody reducing photo permissions on a photo that is already
// "in the wild" won't be able to stop the photo from being viewed
// for this amount amount of time once it is in the browser cache.
// The privacy expectations of your site members and their perception
// of privacy where it affects the entire project may be affected.
// This has performance considerations but we highly recommend you
// leave it alone.
$cache = get_config('system', 'photo_cache_time');
if (!$cache) {
$cache = 3600 * 24;
}
// 1 day
header("Expires: " . gmdate("D, d M Y H:i:s", time() + $cache) . " GMT");
header("Cache-Control: max-age=" . $cache);
}
// If it's a file resource, stream it.
if ($streaming && $channel) {
if (strpos($streaming, 'store') !== false) {
$istream = fopen($streaming, 'rb');
} else {
$istream = fopen('store/' . $channel['channel_address'] . '/' . $streaming, 'rb');
}
$ostream = fopen('php://output', 'wb');
if ($istream && $ostream) {
pipe_streams($istream, $ostream);
fclose($istream);
fclose($ostream);
}
} else {
echo $data;
}
killme();
// NOTREACHED
}
function openclipatar_content(&$a)
{
if (!local_channel()) {
return;
}
$o = '';
if (argc() == 3 && argv(1) == 'use') {
$id = argv(2);
$chan = $a->get_channel();
$x = z_fetch_url('https://openclipart.org/image/250px/svg_to_png/' . $id . '/' . $id . '.png', true);
if ($x['success']) {
$imagedata = $x['body'];
}
$ph = photo_factory($imagedata, 'image/png');
if (!$ph->is_valid()) {
return t('Unknown error. Please try again later.');
}
// create a unique resource_id
$hash = photo_new_resource();
// save an original or "scale 0" image
$p = array('aid' => get_account_id(), 'uid' => local_channel(), 'resource_id' => $hash, 'filename' => $id . '.png', 'album' => t('Profile Photos'), 'scale' => 0);
$r = $ph->save($p);
if ($r) {
// scale 0 success, continue 4, 5, 6
// we'll skip scales 1,2 (640, 320 rectangular formats as these images are all less than this)
// ensure squareness at first, subsequent scales keep ratio
$ph->scaleImageSquare(175);
$p['scale'] = 4;
$r = $ph->save($p);
if ($r === false) {
$photo_failure = true;
}
$ph->scaleImage(80);
$p['scale'] = 5;
$r = $ph->save($p);
if ($r === false) {
$photo_failure = true;
}
$ph->scaleImage(48);
$p['scale'] = 6;
$r = $ph->save($p);
if ($r === false) {
$photo_failure = true;
}
}
$is_default_profile = 1;
if ($_REQUEST['profile']) {
$r = q("select id, is_default from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_channel()));
if ($r && !intval($r[0]['is_default'])) {
$is_default_profile = 0;
}
}
if ($is_default_profile) {
// unset any existing profile photos
$r = q("UPDATE photo SET profile = 0 WHERE profile = 1 AND uid = %d", intval(local_channel()));
$r = q("UPDATE photo SET photo_flags = (photo_flags & ~%d ) WHERE (photo_flags & %d )>0 AND uid = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), intval(local_channel()));
// set all sizes of this one as profile photos
$r = q("UPDATE photo SET profile = 1 WHERE uid = %d AND resource_id = '%s'", intval(local_channel()), dbesc($hash));
$r = q("UPDATE photo SET photo_flags = ( photo_flags | %d ) WHERE uid = %d AND resource_id = '%s'", intval(PHOTO_PROFILE), intval(local_channel()), dbesc($hash));
require_once 'mod/profile_photo.php';
profile_photo_set_profile_perms();
//Reset default profile photo permissions to public
// only the default needs reload since it uses canonical url -- despite the slightly ambiguous message, left it so as to re-use translations
info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
} else {
// not the default profile, set the path in the correct entry in the profile DB
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc(get_app()->get_baseurl() . '/photo/' . $hash . '-4'), dbesc(get_app()->get_baseurl() . '/photo/' . $hash . '-5'), intval($_REQUEST['profile']), intval(local_channel()));
info(t('Profile photo updated successfully.') . EOL);
}
// set a new photo_date on our xchan so that we can tell everybody to update their cached copy
$r = q("UPDATE xchan set xchan_photo_date = '%s' where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($chan['xchan_hash']));
// tell everybody
proc_run('php', 'include/directory.php', local_channel());
$returnafter = get_config('openclipatar', 'returnafter');
$returnafter_urls = array(0 => $a->get_baseurl() . '/profile/' . ($_REQUEST['profile'] ? $_REQUEST['profile'] . '/view' : $chan['channel_address']), 1 => $a->get_baseurl() . '/profiles/' . ($_REQUEST['profile'] ? $_REQUEST['profile'] : $a->profile_uid), 2 => $a->get_baseurl() . '/profiles');
goaway($returnafter_urls[$returnafter]);
} else {
//invoked as module, we place in content pane the same as we would for the end of the profile photo page. Also handles json for endless scroll for either invokation.
openclipatar_profile_photo_content_end($a, $o);
}
return $o;
}
function openclipatar_content(&$a)
{
if (!local_channel()) {
return;
}
$o = '';
if (argc() == 3 && argv(1) == 'use') {
$id = argv(2);
$chan = App::get_channel();
$x = z_fetch_url('https://openclipart.org/image/250px/svg_to_png/' . $id . '/' . $id . '.png', true);
if ($x['success']) {
$imagedata = $x['body'];
}
$ph = photo_factory($imagedata, 'image/png');
if (!$ph->is_valid()) {
return t('Unknown error. Please try again later.');
}
// create a unique resource_id
$hash = photo_new_resource();
$width = $ph->getWidth();
$height = $ph->getHeight();
// save an original or "scale 0" image
$p = array('aid' => get_account_id(), 'uid' => local_channel(), 'resource_id' => $hash, 'filename' => $id . '.png', 'album' => t('Profile Photos'), 'imgscale' => 0);
$r = $ph->save($p);
if ($r) {
if (($width > 1024 || $height > 1024) && !$errors) {
$ph->scaleImage(1024);
}
$p['imgscale'] = 1;
$r1 = $ph->save($p);
if (($width > 640 || $height > 640) && !$errors) {
$ph->scaleImage(640);
}
$p['imgscale'] = 2;
$r2 = $ph->save($p);
if (($width > 320 || $height > 320) && !$errors) {
$ph->scaleImage(320);
}
$p['imgscale'] = 3;
$r3 = $ph->save($p);
// ensure squareness at first, subsequent scales keep ratio
$ph->scaleImageSquare(175);
$p['imgscale'] = 4;
$r = $ph->save($p);
if ($r === false) {
$photo_failure = true;
}
$ph->scaleImage(80);
$p['imgscale'] = 5;
$r = $ph->save($p);
if ($r === false) {
$photo_failure = true;
}
$ph->scaleImage(48);
$p['imgscale'] = 6;
$r = $ph->save($p);
if ($r === false) {
$photo_failure = true;
}
}
$is_default_profile = 1;
if ($_REQUEST['profile']) {
$r = q("select id, is_default from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_channel()));
if ($r && !intval($r[0]['is_default'])) {
$is_default_profile = 0;
}
}
if ($is_default_profile) {
// unset any existing profile photos
$r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval(local_channel()));
// set all sizes of this one as profile photos
$r = q("UPDATE photo SET photo_usage = %d WHERE uid = %d AND resource_id = '%s'", intval(PHOTO_PROFILE), intval(local_channel()), dbesc($hash));
require_once 'include/photos.php';
profile_photo_set_profile_perms(local_channel());
//Reset default profile photo permissions to public
// only the default needs reload since it uses canonical url -- despite the slightly ambiguous message, left it so as to re-use translations
info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
} else {
// not the default profile, set the path in the correct entry in the profile DB
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc(z_root() . '/photo/' . $hash . '-4'), dbesc(z_root() . '/photo/' . $hash . '-5'), intval($_REQUEST['profile']), intval(local_channel()));
info(t('Profile photo updated successfully.') . EOL);
}
// set a new photo_date on our xchan so that we can tell everybody to update their cached copy
$r = q("UPDATE xchan set xchan_photo_date = '%s' where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($chan['xchan_hash']));
// Similarly, tell the nav bar to bypass the cache and update the avater image.
$_SESSION['reload_avatar'] = true;
// tell everybody
Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
$returnafter = get_config('openclipatar', 'returnafter');
$returnafter_urls = array(0 => z_root() . '/profile/' . ($_REQUEST['profile'] ? $_REQUEST['profile'] . '/view' : $chan['channel_address']), 1 => z_root() . '/profiles/' . ($_REQUEST['profile'] ? $_REQUEST['profile'] : App::$profile_uid), 2 => z_root() . '/profiles');
goaway($returnafter_urls[$returnafter]);
} else {
//invoked as module, we place in content pane the same as we would for the end of the profile photo page. Also handles json for endless scroll for either invokation.
openclipatar_profile_photo_content_end($a, $o);
}
return $o;
}
function cover_photo_content(&$a)
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
$channel = App::get_channel();
$newuser = false;
if (argc() == 2 && argv(1) === 'new') {
$newuser = true;
}
if (argv(1) === 'use') {
if (argc() < 3) {
notice(t('Permission denied.') . EOL);
return;
}
// check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
$resource_id = argv(2);
$r = q("SELECT id, album, scale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY scale ASC", intval(local_channel()), dbesc($resource_id));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
$havescale = false;
foreach ($r as $rr) {
if ($rr['scale'] == 7) {
$havescale = true;
}
}
$r = q("SELECT `data`, `type`, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1", intval($r[0]['id']), intval(local_channel()));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
if (intval($r[0]['os_storage'])) {
$data = @file_get_contents($r[0]['data']);
} else {
$data = dbunescbin($r[0]['data']);
}
$ph = photo_factory($data, $r[0]['type']);
$smallest = 0;
if ($ph->is_valid()) {
// go ahead as if we have just uploaded a new photo to crop
$i = q("select resource_id, scale from photo where resource_id = '%s' and uid = %d and scale = 0", dbesc($r[0]['resource_id']), intval(local_channel()));
if ($i) {
$hash = $i[0]['resource_id'];
foreach ($i as $ii) {
$smallest = intval($ii['scale']);
}
}
}
cover_photo_crop_ui_head($a, $ph, $hash, $smallest);
}
if (!x(App::$data, 'imagecrop')) {
$tpl = get_markup_template('cover_photo.tpl');
$o .= replace_macros($tpl, array('$user' => App::$channel['channel_address'], '$lbl_upfile' => t('Upload File:'), '$lbl_profiles' => t('Select a profile:'), '$title' => t('Upload Cover Photo'), '$submit' => t('Upload'), '$profiles' => $profiles, '$form_security_token' => get_form_security_token("cover_photo"), '$select' => sprintf('%s %s', t('or'), $newuser ? '<a href="' . z_root() . '">' . t('skip this step') . '</a>' : '<a href="' . z_root() . '/photos/' . App::$channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')));
call_hooks('cover_photo_content_end', $o);
return $o;
} else {
$filename = App::$data['imagecrop'] . '-3';
$resolution = 3;
$tpl = get_markup_template("cropcover.tpl");
$o .= replace_macros($tpl, array('$filename' => $filename, '$profile' => intval($_REQUEST['profile']), '$resource' => App::$data['imagecrop'] . '-3', '$image_url' => z_root() . '/photo/' . $filename, '$title' => t('Crop Image'), '$desc' => t('Please adjust the image cropping for optimum viewing.'), '$form_security_token' => get_form_security_token("cover_photo"), '$done' => t('Done Editing')));
return $o;
}
return;
// NOTREACHED
}
function photo_init(&$a)
{
$prvcachecontrol = false;
switch (argc()) {
case 4:
$person = argv(3);
$res = argv(2);
$type = argv(1);
break;
case 2:
$photo = argv(1);
break;
case 1:
default:
killme();
// NOTREACHED
}
if ($photo === 'qr') {
$t = $_GET['qr'];
require_once 'library/phpqrcode/phpqrcode.php';
header("Content-type: image/png");
QRcode::png($t ? $t : '.');
killme();
}
$observer_xchan = get_observer_hash();
$default = get_default_profile_photo();
if (isset($type)) {
/**
* Profile photos - Access controls on default profile photos are not honoured since they need to be exchanged with remote sites.
*
*/
if ($type === 'profile') {
switch ($res) {
case 'm':
$resolution = 5;
$default = get_default_profile_photo(80);
break;
case 's':
$resolution = 6;
$default = get_default_profile_photo(48);
break;
case 'l':
default:
$resolution = 4;
break;
}
}
$uid = $person;
$r = q("SELECT * FROM photo WHERE scale = %d AND uid = %d AND profile = 1 LIMIT 1", intval($resolution), intval($uid));
if (count($r)) {
$data = $r[0]['data'];
$mimetype = $r[0]['type'];
}
if (!isset($data)) {
$data = file_get_contents($default);
$mimetype = 'image/jpeg';
}
} else {
/**
* Other photos
*/
/* Check for a cookie to indicate display pixel density, in order to detect high-resolution
displays. This procedure was derived from the "Retina Images" by Jeremey Worboys,
used in accordance with the Creative Commons Attribution 3.0 Unported License.
Project link: https://github.com/Retina-Images/Retina-Images
License link: http://creativecommons.org/licenses/by/3.0/
*/
$cookie_value = false;
if (isset($_COOKIE['devicePixelRatio'])) {
$cookie_value = intval($_COOKIE['devicePixelRatio']);
} else {
// Force revalidation of cache on next request
$cache_directive = 'no-cache';
$status = 'no cookie';
}
$resolution = 0;
if (strpos($photo, '.') !== false) {
$photo = substr($photo, 0, strpos($photo, '.'));
}
if (substr($photo, -2, 1) == '-') {
$resolution = intval(substr($photo, -1, 1));
$photo = substr($photo, 0, -2);
// If viewing on a high-res screen, attempt to serve a higher resolution image:
if ($resolution == 2 && $cookie_value > 1) {
$resolution = 1;
}
}
// If using resolution 1, make sure it exists before proceeding:
if ($resolution == 1) {
$r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND scale = %d LIMIT 1", dbesc($photo), intval($resolution));
if (!$r) {
$resolution = 2;
}
}
$r = q("SELECT uid FROM photo WHERE resource_id = '%s' AND scale = %d LIMIT 1", dbesc($photo), intval($resolution));
if ($r) {
$allowed = $r[0]['uid'] ? perm_is_allowed($r[0]['uid'], $observer_xchan, 'view_photos') : true;
$sql_extra = permissions_sql($r[0]['uid']);
// Now we'll see if we can access the photo
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND scale = %d {$sql_extra} LIMIT 1", dbesc($photo), intval($resolution));
if ($r && $allowed) {
$data = $r[0]['data'];
$mimetype = $r[0]['type'];
} else {
// Does the picture exist? It may be a remote person with no credentials,
// but who should otherwise be able to view it. Show a default image to let
// them know permissions was denied. It may be possible to view the image
// through an authenticated profile visit.
// There won't be many completely unauthorised people seeing this because
// they won't have the photo link, so there's a reasonable chance that the person
// might be able to obtain permission to view it.
$r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `scale` = %d LIMIT 1", dbesc($photo), intval($resolution));
if ($r) {
logger('mod_photo: forbidden. ' . $a->query_string);
$observer = $a->get_observer();
logger('mod_photo: observer = ' . ($observer ? $observer['xchan_addr'] : '(not authenticated)'));
$data = file_get_contents('images/nosign.png');
$mimetype = 'image/png';
$prvcachecontrol = true;
}
}
}
}
if (!isset($data)) {
if (isset($resolution)) {
switch ($resolution) {
case 4:
$data = file_get_contents(get_default_profile_photo());
$mimetype = 'image/jpeg';
break;
case 5:
$data = file_get_contents(get_default_profile_photo(80));
$mimetype = 'image/jpeg';
break;
case 6:
$data = file_get_contents(get_default_profile_photo(48));
$mimetype = 'image/jpeg';
break;
default:
killme();
// NOTREACHED
break;
}
}
}
if (isset($res) && intval($res) && $res < 500) {
$ph = photo_factory($data, $mimetype);
if ($ph->is_valid()) {
$ph->scaleImageSquare($res);
$data = $ph->imageString();
$mimetype = $ph->getType();
}
}
// Writing in cachefile
if (isset($cachefile) && $cachefile != '') {
file_put_contents($cachefile, $data);
}
if (function_exists('header_remove')) {
header_remove('Pragma');
header_remove('pragma');
}
header("Content-type: " . $mimetype);
if ($prvcachecontrol) {
// it is a private photo that they have no permission to view.
// tell the browser not to cache it, in case they authenticate
// and subsequently have permission to see it
header("Cache-Control: no-store, no-cache, must-revalidate");
} else {
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 3600 * 24) . " GMT");
header("Cache-Control: max-age=" . 3600 * 24);
}
echo $data;
killme();
// NOTREACHED
}
function fix_private_photos($s, $uid, $item = null, $cid = 0)
{
$a = get_app();
logger('fix_private_photos', LOGGER_DEBUG);
$site = substr($a->get_baseurl(), strpos($a->get_baseurl(), '://'));
$orig_body = $s;
$new_body = '';
$img_start = strpos($orig_body, '[zmg');
$img_st_close = $img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false;
$img_len = $img_start !== false ? strpos(substr($orig_body, $img_start + $img_st_close + 1), '[/zmg]') : false;
while ($img_st_close !== false && $img_len !== false) {
$img_st_close++;
// make it point to AFTER the closing bracket
$image = substr($orig_body, $img_start + $img_st_close, $img_len);
logger('fix_private_photos: found photo ' . $image, LOGGER_DEBUG);
if (stristr($image, $site . '/photo/')) {
// Only embed locally hosted photos
$replace = false;
$i = basename($image);
$x = strpos($i, '-');
if ($x) {
$res = substr($i, $x + 1);
$i = substr($i, 0, $x);
$r = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `scale` = %d AND `uid` = %d", dbesc($i), intval($res), intval($uid));
if (count($r)) {
// Check to see if we should replace this photo link with an embedded image
// 1. No need to do so if the photo is public
// 2. If there's a contact-id provided, see if they're in the access list
// for the photo. If so, embed it.
// 3. Otherwise, if we have an item, see if the item permissions match the photo
// permissions, regardless of order but first check to see if they're an exact
// match to save some processing overhead.
if (has_permissions($r[0])) {
if ($cid) {
$recips = enumerate_permissions($r[0]);
if (in_array($cid, $recips)) {
$replace = true;
}
} elseif ($item) {
if (compare_permissions($item, $r[0])) {
$replace = true;
}
}
}
if ($replace) {
$data = $r[0]['data'];
$type = $r[0]['type'];
// If a custom width and height were specified, apply before embedding
if (preg_match("/\\[zmg\\=([0-9]*)x([0-9]*)\\]/is", substr($orig_body, $img_start, $img_st_close), $match)) {
logger('fix_private_photos: scaling photo', LOGGER_DEBUG);
$width = intval($match[1]);
$height = intval($match[2]);
$ph = photo_factory($data, $type);
if ($ph->is_valid()) {
$ph->scaleImage(max($width, $height));
$data = $ph->imageString();
$type = $ph->getType();
}
}
logger('fix_private_photos: replacing photo', LOGGER_DEBUG);
$image = 'data:' . $type . ';base64,' . base64_encode($data);
logger('fix_private_photos: replaced: ' . $image, LOGGER_DATA);
}
}
}
}
$new_body = $new_body . substr($orig_body, 0, $img_start + $img_st_close) . $image . '[/zmg]';
$orig_body = substr($orig_body, $img_start + $img_st_close + $img_len + strlen('[/zmg]'));
if ($orig_body === false) {
$orig_body = '';
}
$img_start = strpos($orig_body, '[zmg');
$img_st_close = $img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false;
$img_len = $img_start !== false ? strpos(substr($orig_body, $img_start + $img_st_close + 1), '[/zmg]') : false;
}
$new_body = $new_body . $orig_body;
return $new_body;
}
function photos_content(&$a)
{
// URLs:
// photos/name
// photos/name/upload
// photos/name/upload/xxxxx (xxxxx is album name)
// photos/name/album/xxxxx
// photos/name/album/xxxxx/edit
// photos/name/image/xxxxx
// photos/name/image/xxxxx/edit
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
require_once 'include/bbcode.php';
require_once 'include/security.php';
require_once 'include/conversation.php';
if (!x($a->data, 'channel')) {
notice(t('No photos selected') . EOL);
return;
}
$ph = photo_factory('');
$phototypes = $ph->supportedTypes();
$_SESSION['photo_return'] = $a->cmd;
//
// Parse arguments
//
$can_comment = perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'post_comments');
if (argc() > 3) {
$datatype = argv(2);
$datum = argv(3);
} elseif (argc() > 2 && argv(2) === 'upload') {
$datatype = 'upload';
} else {
$datatype = 'summary';
}
if (argc() > 4) {
$cmd = argv(4);
} else {
$cmd = 'view';
}
//
// Setup permissions structures
//
$can_post = false;
$visitor = 0;
$owner_uid = $a->data['channel']['channel_id'];
$owner_aid = $a->data['channel']['channel_account_id'];
$observer = $a->get_observer();
$can_post = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'post_photos');
$can_view = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'view_photos');
if (!$can_view) {
notice(t('Access to this item is restricted.') . EOL);
return;
}
$sql_extra = permissions_sql($owner_uid);
$o = "";
$o .= "<script> var profile_uid = " . $a->profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
// tabs
$_is_owner = local_user() && local_user() == $owner_uid;
$o .= profile_tabs($a, $_is_owner, $a->data['channel']['channel_address']);
//
// dispatch request
//
/**
* Display upload form
*/
if ($datatype === 'upload') {
if (!$can_post) {
notice(t('Permission denied.'));
return;
}
if (array_key_exists('albums', $a->data)) {
$albums = get_app()->data['albums'];
} else {
$albums = photos_albums_list($a->data['channel'], $a->data['observer']);
}
$selname = $datum ? hex2bin($datum) : '';
$albumselect = '<select id="photos-upload-album-select" name="album" size="4">';
$albumselect .= '<option value="" ' . (!$selname ? ' selected="selected" ' : '') . '> </option>';
if (count($albums['albums'])) {
foreach ($albums['albums'] as $album) {
if (!$album['text']) {
continue;
}
$selected = $selname === $album['text'] ? ' selected="selected" ' : '';
$albumselect .= '<option value="' . $album['text'] . '"' . $selected . '>' . $album['text'] . '</option>';
}
}
$albumselect .= '</select>';
$uploader = '';
$ret = array('post_url' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'], 'addon_text' => $uploader, 'default_upload' => true);
call_hooks('photo_upload_form', $ret);
$default_upload = '<input id="photos-upload-choose" type="file" name="userfile" /> <div class="photos-upload-submit-wrapper" >
<input type="submit" name="submit" value="' . t('Submit') . '" id="photos-upload-submit" /> </div>';
/* Show space usage */
$r = q("select sum(size) as total from photo where aid = %d and scale = 0 ", intval($a->data['channel']['channel_account_id']));
$limit = service_class_fetch($a->data['channel']['channel_id'], 'photo_upload_limit');
if ($limit !== false) {
$usage_message = sprintf(t("You have used %1\$.2f Mbytes of %2\$.2f Mbytes photo storage."), $r[0]['total'] / 1024000, $limit / 1024000);
} else {
$usage_message = sprintf(t('You have used %1$.2f Mbytes of photo storage.'), $r[0]['total'] / 1024000);
}
if ($_is_owner) {
$channel = $a->get_channel();
$channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
}
$albumselect_e = $albumselect;
$aclselect_e = $_is_owner ? populate_acl($channel_acl, false) : '';
$tpl = get_markup_template('photos_upload.tpl');
$o .= replace_macros($tpl, array('$pagename' => t('Upload Photos'), '$sessid' => session_id(), '$usage' => $usage_message, '$nickname' => $a->data['channel']['channel_address'], '$newalbum' => t('New album name: '), '$existalbumtext' => t('or existing album name: '), '$nosharetext' => t('Do not show a status post for this upload'), '$albumselect' => $albumselect_e, '$permissions' => t('Permissions'), '$aclselect' => $aclselect_e, '$uploader' => $ret['addon_text'], '$default' => $ret['default_upload'] ? $default_upload : '', '$uploadurl' => $ret['post_url']));
return $o;
}
/*
* Display a single photo album
*/
if ($datatype === 'album') {
if (strlen($datum) & 1 || !ctype_xdigit($datum)) {
notice(t('Album name could not be decoded') . EOL);
logger('mod_photos: illegal album encoding: ' . $datum);
$datum = '';
}
$album = hex2bin($datum);
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' \n\t\t\tAND `scale` <= 4 and (photo_flags = %d or photo_flags = %d ) {$sql_extra} GROUP BY `resource_id`", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
if (count($r)) {
$a->set_pager_total(count($r));
$a->set_pager_itemspage(60);
}
if ($_GET['order'] === 'posted') {
$order = 'ASC';
} else {
$order = 'DESC';
}
$r = q("SELECT `resource_id`, `id`, `filename`, type, max(`scale`) AS `scale`, `description` FROM `photo` WHERE `uid` = %d AND `album` = '%s' \n\t\t\tAND `scale` <= 4 and (photo_flags = %d or photo_flags = %d ) {$sql_extra} GROUP BY `resource_id` ORDER BY `created` {$order} LIMIT %d , %d", intval($owner_uid), dbesc($album), intvaL(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($a->pager['start']), intval($a->pager['itemspage']));
$o .= '<h3>' . $album . '</h3>';
if ($cmd === 'edit') {
if ($album !== t('Profile Photos') && $album !== 'Contact Photos' && $album !== t('Contact Photos')) {
if ($can_post) {
if ($a->get_template_engine() === 'internal') {
$album_e = template_escape($album);
} else {
$album_e = $album;
}
$edit_tpl = get_markup_template('album_edit.tpl');
$o .= replace_macros($edit_tpl, array('$nametext' => t('New album name: '), '$nickname' => $a->data['channel']['channel_address'], '$album' => $album_e, '$hexalbum' => bin2hex($album), '$submit' => t('Submit'), '$dropsubmit' => t('Delete Album')));
}
}
} else {
if ($album !== t('Profile Photos') && $album !== 'Contact Photos' && $album !== t('Contact Photos')) {
if ($can_post) {
$o .= '<div id="album-edit-link"><a href="' . $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album) . '/edit' . '">' . t('Edit Album') . '</a></div>';
}
}
}
if ($_GET['order'] === 'posted') {
$o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album) . '" >' . t('Show Newest First') . '</a></div>';
} else {
$o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album) . '?f=&order=posted" >' . t('Show Oldest First') . '</a></div>';
}
if ($can_post) {
$o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload/' . bin2hex($album) . '" >' . t('Upload New Photos') . '</a></div>';
}
$ajaxout = '';
$tpl = get_markup_template('photo_album.tpl');
if (count($r)) {
$twist = 'rotright';
$o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$o .= '<div id="photo-album-contents">';
foreach ($r as $rr) {
if ($twist == 'rotright') {
$twist = 'rotleft';
} else {
$twist = 'rotright';
}
$ext = $phototypes[$rr['type']];
$imgalt_e = $rr['filename'];
$desc_e = $rr['description'];
// prettyphoto has potential license issues, so we can no longer include it in core
// The following lines would need to be modified so that they are provided in theme specific files
// instead of core modules for themes that wish to make use of prettyphoto. I would suggest
// the feature as a per-theme display option and putting the rel line inside a template.
// if(feature_enabled($a->data['channel']['channel_id'],'prettyphoto')){
// $imagelink = ($a->get_baseurl() . '/photo/' . $rr['resource_id'] . '.' . $ext );
// $rel=("prettyPhoto[pp_gal]");
// }
// else {
$imagelink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : '');
$rel = "photo";
// }
$tmp = replace_macros($tpl, array('$id' => $rr['id'], '$twist' => ' ' . $twist . rand(2, 4), '$photolink' => $imagelink, '$rel' => $rel, '$phototitle' => t('View Photo'), '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['scale'] . '.' . $ext, '$imgalt' => $imgalt_e, '$desc' => $desc_e, '$ext' => $ext, '$hash' => $rr['resource_id']));
if ($_REQUEST['aj']) {
$ajaxout .= $tmp;
} else {
$o .= $tmp;
}
}
}
if ($_REQUEST['aj']) {
if (!$r) {
$ajaxout .= '<div id="content-complete"></div>';
}
echo $ajaxout;
killme();
}
$o .= '<div id="page-end"></div>';
$o .= '</div>';
// photo-album-contents
$o .= '<div id="photo-album-end"></div>';
$o .= '<script>$(document).ready(function() { loadingPage = false;});</script>';
$o .= '<div id="page-spinner"></div>';
// $o .= paginate($a);
return $o;
}
/**
* Display one photo
*/
if ($datatype === 'image') {
// fetch image, item containing image, then comments
$ph = q("SELECT aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,profile,photo_flags,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' \n\t\t\tand (photo_flags = %d or photo_flags = %d ) {$sql_extra} ORDER BY `scale` ASC ", intval($owner_uid), dbesc($datum), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
if (!$ph) {
/* Check again - this time without specifying permissions */
$ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' \n\t\t\t\tand ( photo_flags = %d or photo_flags = %d )\n\t\t\t\tLIMIT 1", intval($owner_uid), dbesc($datum), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
if ($ph) {
notice(t('Permission denied. Access to this item may be restricted.') . EOL);
} else {
notice(t('Photo not available') . EOL);
}
return;
}
$prevlink = '';
$nextlink = '';
if ($_GET['order'] === 'posted') {
$order = 'ASC';
} else {
$order = 'DESC';
}
$prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 \n\t\t\tand ( photo_flags = %d or photo_flags = %d ) {$sql_extra} ORDER BY `created` {$order} ", dbesc($ph[0]['album']), intval($owner_uid), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
if (count($prvnxt)) {
for ($z = 0; $z < count($prvnxt); $z++) {
if ($prvnxt[$z]['resource_id'] == $ph[0]['resource_id']) {
$prv = $z - 1;
$nxt = $z + 1;
if ($prv < 0) {
$prv = count($prvnxt) - 1;
}
if ($nxt >= count($prvnxt)) {
$nxt = 0;
}
break;
}
}
$prevlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : '');
$nextlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : '');
}
if (count($ph) == 1) {
$hires = $lores = $ph[0];
}
if (count($ph) > 1) {
if ($ph[1]['scale'] == 2) {
// original is 640 or less, we can display it directly
$hires = $lores = $ph[0];
} else {
$hires = $ph[0];
$lores = $ph[1];
}
}
$album_link = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($ph[0]['album']);
$tools = Null;
$lock = Null;
if ($can_post && $ph[0]['uid'] == $owner_uid) {
$tools = array('profile' => array($a->get_baseurl() . '/profile_photo/use/' . $ph[0]['resource_id'], t('Use as profile photo')));
// lock
$lock = $ph[0]['uid'] == local_user() && (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) ? t('Private Message') : Null;
}
$a->page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n";
if ($prevlink) {
$a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
}
if ($nextlink) {
$a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
}
$a->page['htmlhead'] .= '});</script>';
if ($prevlink) {
$prevlink = array($prevlink, '<i class="icon-backward photo-icons""></i>');
}
$photo = array('href' => $a->get_baseurl() . '/photo/' . $hires['resource_id'] . '-' . $hires['scale'] . '.' . $phototypes[$hires['type']], 'title' => t('View Full Size'), 'src' => $a->get_baseurl() . '/photo/' . $lores['resource_id'] . '-' . $lores['scale'] . '.' . $phototypes[$lores['type']] . '?f=&_u=' . datetime_convert('', '', '', 'ymdhis'));
if ($nextlink) {
$nextlink = array($nextlink, '<i class="icon-forward photo-icons"></i>');
}
// Do we have an item for this photo?
$linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' \n\t\t\t{$sql_extra} LIMIT 1", dbesc($datum));
if ($linked_items) {
xchan_query($linked_items);
$linked_items = fetch_post_tags($linked_items, true);
$link_item = $linked_items[0];
$r = q("select * from item where parent_mid = '%s' \n\t\t\t\tand item_restrict = 0 and uid = %d {$sql_extra} ", dbesc($link_item['mid']), intval($link_item['uid']));
if ($r) {
xchan_query($r);
$r = fetch_post_tags($r, true);
$r = conv_sort($r, 'commented');
}
$tags = array();
if ($link_item['term']) {
$cnt = 0;
foreach ($link_item['term'] as $t) {
$tags[$cnt] = array(0 => format_term_for_display($t));
}
if ($can_post && $ph[0]['uid'] == $owner_uid) {
$tags[$cnt][1] = 'tagrm?f=&item=' . $link_item['id'];
$tags[$cnt][2] = t('Remove');
}
$cnt++;
}
if (local_user() && local_user() == $link_item['uid']) {
q("UPDATE `item` SET item_flags = (item_flags ^ %d) WHERE parent = %d and uid = %d and (item_flags & %d)", intval(ITEM_UNSEEN), intval($link_item['parent']), intval(local_user()), intval(ITEM_UNSEEN));
}
}
// logger('mod_photo: link_item' . print_r($link_item,true));
// FIXME - remove this when we move to conversation module
$r = $r[0]['children'];
$edit = null;
if ($can_post) {
if (array_key_exists('albums', $a->data)) {
$albums = get_app()->data['albums'];
} else {
$albums = photos_albums_list($a->data['channel'], $a->data['observer']);
}
$album_e = $ph[0]['album'];
$caption_e = $ph[0]['description'];
$aclselect_e = populate_acl($ph[0]);
$edit = array('edit' => t('Edit photo'), 'id' => $ph[0]['id'], 'rotatecw' => t('Rotate CW (right)'), 'rotateccw' => t('Rotate CCW (left)'), 'albums' => $albums['albums'], 'album' => $album_e, 'newalbum' => t('New album name'), 'nickname' => $a->data['channel']['channel_address'], 'resource_id' => $ph[0]['resource_id'], 'capt_label' => t('Caption'), 'caption' => $caption_e, 'tag_label' => t('Add a Tag'), 'permissions' => t('Permissions'), 'aclselect' => $aclselect_e, 'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'), 'item_id' => count($linked_items) ? $link_item['id'] : 0, 'submit' => t('Submit'), 'delete' => t('Delete Photo'));
}
if (count($linked_items)) {
$cmnt_tpl = get_markup_template('comment_item.tpl');
$tpl = get_markup_template('photo_item.tpl');
$return_url = $a->cmd;
$like_tpl = get_markup_template('like_noshare.tpl');
$likebuttons = '';
if ($can_post || $can_comment) {
$likebuttons = replace_macros($like_tpl, array('$id' => $link_item['id'], '$likethis' => t("I like this (toggle)"), '$nolike' => t("I don't like this (toggle)"), '$share' => t('Share'), '$wait' => t('Please wait')));
}
$comments = '';
if (!count($r)) {
if ($can_post || $can_comment) {
$comments .= replace_macros($cmnt_tpl, array('$return_path' => '', '$mode' => 'photos', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$preview' => t('Preview'), '$ww' => '', '$feature_encrypt' => false));
}
}
$alike = array();
$dlike = array();
$like = '';
$dislike = '';
// display comments
if ($r) {
foreach ($r as $item) {
like_puller($a, $item, $alike, 'like');
like_puller($a, $item, $dlike, 'dislike');
}
$like = isset($alike[$link_item['id']]) ? format_like($alike[$link_item['id']], $alike[$link_item['id'] . '-l'], 'like', $link_item['id']) : '';
$dislike = isset($dlike[$link_item['id']]) ? format_like($dlike[$link_item['id']], $dlike[$link_item['id'] . '-l'], 'dislike', $link_item['id']) : '';
foreach ($r as $item) {
$comment = '';
$template = $tpl;
$sparkle = '';
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) {
continue;
}
$redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'];
$profile_url = zid($item['author']['xchan_url']);
$sparkle = '';
$profile_name = $item['author']['xchan_name'];
$profile_avatar = $item['author']['xchan_photo_m'];
$profile_link = $profile_url;
$drop = '';
if ($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan']) {
$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
}
$name_e = $profile_name;
$title_e = $item['title'];
unobscure($item);
$body_e = prepare_text($item['body'], $item['mimetype']);
$comments .= replace_macros($template, array('$id' => $item['item_id'], '$mode' => 'photos', '$profile_url' => $profile_link, '$name' => $name_e, '$thumb' => $profile_avatar, '$sparkle' => $sparkle, '$title' => $title_e, '$body' => $body_e, '$ago' => relative_date($item['created']), '$indent' => $item['parent'] != $item['item_id'] ? ' comment' : '', '$drop' => $drop, '$comment' => $comment));
}
if ($can_post || $can_comment) {
$comments .= replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$ww' => ''));
}
}
$paginate = paginate($a);
}
$album_e = array($album_link, $ph[0]['album']);
$like_e = $like;
$dislike_e = $dislike;
$photo_tpl = get_markup_template('photo_view.tpl');
$o .= replace_macros($photo_tpl, array('$id' => $ph[0]['id'], '$album' => $album_e, '$tools' => $tools, '$lock' => $lock, '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, '$desc' => $ph[0]['description'], '$tag_hdr' => t('In This Photo:'), '$tags' => $tags, '$edit' => $edit, '$likebuttons' => $likebuttons, '$like' => $like_e, '$dislike' => $dislike_e, '$comments' => $comments, '$paginate' => $paginate));
$a->data['photo_html'] = $o;
return $o;
}
// Default - show recent photos with upload link (if applicable)
//$o = '';
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' \n\t\tand ( photo_flags = %d or photo_flags = %d ) {$sql_extra} GROUP BY `resource_id`", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
if (count($r)) {
$a->set_pager_total(count($r));
$a->set_pager_itemspage(60);
}
$r = q("SELECT `resource_id`, `id`, `filename`, type, `album`, max(`scale`) AS `scale` FROM `photo`\n\t\tWHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'\n\t\tand ( photo_flags = %d or photo_flags = %d ) \n\t\t{$sql_extra} GROUP BY `resource_id` ORDER BY `created` DESC LIMIT %d , %d", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($a->pager['start']), intval($a->pager['itemspage']));
$photos = array();
if (count($r)) {
$twist = 'rotright';
foreach ($r as $rr) {
if ($twist == 'rotright') {
$twist = 'rotleft';
} else {
$twist = 'rotright';
}
$ext = $phototypes[$rr['type']];
if ($a->get_template_engine() === 'internal') {
$alt_e = template_escape($rr['filename']);
$name_e = template_escape($rr['album']);
} else {
$alt_e = $rr['filename'];
$name_e = $rr['album'];
}
$photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'], 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . ($rr['scale'] == 6 ? 4 : $rr['scale']) . '.' . $ext, 'alt' => $alt_e, 'album' => array('link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($rr['album']), 'name' => $name_e, 'alt' => t('View Album')));
}
}
if ($_REQUEST['aj']) {
if ($photos) {
$o = replace_macros(get_markup_template('photosajax.tpl'), array('$photos' => $photos));
} else {
$o = '<div id="content-complete"></div>';
}
echo $o;
killme();
} else {
$o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template('photos_recent.tpl');
$o .= replace_macros($tpl, array('$title' => t('Recent Photos'), '$can_post' => $can_post, '$upload' => array(t('Upload New Photos'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload'), '$photos' => $photos));
}
if (!$photos && $_REQUEST['aj']) {
$o .= '<div id="content-complete"></div>';
echo $o;
killme();
}
// $o .= paginate($a);
return $o;
}
function profile_photo_content(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$channel = $a->get_channel();
$newuser = false;
if (argc() == 2 && argv(1) === 'new') {
$newuser = true;
}
if (argv(1) === 'use') {
if (argc() < 3) {
notice(t('Permission denied.') . EOL);
return;
}
// check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
$resource_id = argv(2);
$r = q("SELECT id, album, scale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY scale ASC", intval(local_user()), dbesc($resource_id));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
$havescale = false;
foreach ($r as $rr) {
if ($rr['scale'] == 5) {
$havescale = true;
}
}
// set an already loaded photo as profile photo
if ($r[0]['album'] == t('Profile Photos') && $havescale) {
// unset any existing profile photos
$r = q("UPDATE photo SET profile = 0 WHERE profile = 1 AND uid = %d", intval(local_user()));
$r = q("UPDATE photo SET photo_flags = (photo_flags ^ %d ) WHERE (photo_flags & %d ) AND uid = %d", intval(PHOTO_PROFILE), intval(PHOTO_PROFILE), intval(local_user()));
// set all sizes of this one as profile photos
$r = q("UPDATE photo SET profile = 1 WHERE uid = %d AND resource_id = '%s'", intval(local_user()), dbesc($resource_id));
$r = q("UPDATE photo SET photo_flags = ( photo_flags | %d ) WHERE uid = %d AND resource_id = '%s'", intval(PHOTO_PROFILE), intval(local_user()), dbesc($resource_id));
$r = q("UPDATE xchan set xchan_photo_date = '%s' \n\t\t\t\twhere xchan_hash = '%s' limit 1", dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
profile_photo_set_profile_perms();
//Reset default photo permissions to public
proc_run('php', 'include/directory.php', local_user());
goaway($a->get_baseurl() . '/profiles');
}
$r = q("SELECT `data`, `type` FROM photo WHERE id = %d and uid = %d limit 1", intval($r[0]['id']), intval(local_user()));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
$ph = photo_factory($r[0]['data'], $r[0]['type']);
// go ahead as if we have just uploaded a new photo to crop
profile_photo_crop_ui_head($a, $ph);
}
$profiles = q("select id, profile_name as name, is_default from profile where uid = %d", intval(local_user()));
if (!x($a->data, 'imagecrop')) {
$tpl = get_markup_template('profile_photo.tpl');
$o .= replace_macros($tpl, array('$user' => $a->channel['channel_address'], '$lbl_upfile' => t('Upload File:'), '$lbl_profiles' => t('Select a profile:'), '$title' => t('Upload Profile Photo'), '$submit' => t('Upload'), '$profiles' => $profiles, '$form_security_token' => get_form_security_token("profile_photo"), '$select' => sprintf('%s %s', t('or'), $newuser ? '<a href="' . $a->get_baseurl() . '">' . t('skip this step') . '</a>' : '<a href="' . $a->get_baseurl() . '/photos/' . $a->channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')));
return $o;
} else {
$filename = $a->data['imagecrop'] . '-' . $a->data['imagecrop_resolution'] . '.' . $a->data['imagecrop_ext'];
$resolution = $a->data['imagecrop_resolution'];
$tpl = get_markup_template("cropbody.tpl");
$o .= replace_macros($tpl, array('$filename' => $filename, '$profile' => intval($_REQUEST['profile']), '$resource' => $a->data['imagecrop'] . '-' . $a->data['imagecrop_resolution'], '$image_url' => $a->get_baseurl() . '/photo/' . $filename, '$title' => t('Crop Image'), '$desc' => t('Please adjust the image cropping for optimum viewing.'), '$form_security_token' => get_form_security_token("profile_photo"), '$done' => t('Done Editing')));
return $o;
}
return;
// NOTREACHED
}
/**
* @brief
*
* @param array $channel
* @param array $observer
* @param array $args
* @return array
*/
function photo_upload($channel, $observer, $args)
{
$ret = array('success' => false);
$channel_id = $channel['channel_id'];
$account_id = $channel['channel_account_id'];
if (!perm_is_allowed($channel_id, $observer['xchan_hash'], 'post_photos')) {
$ret['message'] = t('Permission denied.');
return $ret;
}
call_hooks('photo_upload_begin', $args);
/*
* Determine the album to use
*/
$album = $args['album'];
$newalbum = $args['newalbum'];
logger('photo_upload: album= ' . $album . ' newalbum= ' . $newalbum, LOGGER_DEBUG);
if (!$album) {
if ($newalbum) {
$album = $newalbum;
} else {
$album = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m');
}
}
if (intval($args['visible']) || $args['visible'] === 'true') {
$visible = 1;
} else {
$visible = 0;
}
$str_group_allow = perms2str(is_array($args['group_allow']) ? $args['group_allow'] : explode(',', $args['group_allow']));
$str_contact_allow = perms2str(is_array($args['contact_allow']) ? $args['contact_allow'] : explode(',', $args['contact_allow']));
$str_group_deny = perms2str(is_array($args['group_deny']) ? $args['group_deny'] : explode(',', $args['group_deny']));
$str_contact_deny = perms2str(is_array($args['contact_deny']) ? $args['contact_deny'] : explode(',', $args['contact_deny']));
if ($args['data']) {
// allow an import from a binary string representing the image.
// This bypasses the upload step and max size limit checking
$imagedata = $args['data'];
$filename = $args['filename'];
$filesize = strlen($imagedata);
// this is going to be deleted if it exists
$src = '/tmp/deletemenow';
$type = $args['type'];
} else {
$f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
call_hooks('photo_upload_file', $f);
if (x($f, 'src') && x($f, 'filesize')) {
$src = $f['src'];
$filename = $f['filename'];
$filesize = $f['filesize'];
$type = $f['type'];
} else {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$type = $_FILES['userfile']['type'];
}
if (!$type) {
$type = guess_image_type($filename);
}
logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' (' . $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
$ret['message'] = sprintf(t('Image exceeds website size limit of %lu bytes'), $maximagesize);
@unlink($src);
call_hooks('photo_upload_end', $ret);
return $ret;
}
if (!$filesize) {
$ret['message'] = t('Image file is empty.');
@unlink($src);
call_hooks('photo_post_end', $ret);
return $ret;
}
logger('photo_upload: loading the contents of ' . $src, LOGGER_DEBUG);
$imagedata = @file_get_contents($src);
}
$r = q("select sum(size) as total from photo where aid = %d and scale = 0 ", intval($account_id));
$limit = service_class_fetch($channel_id, 'photo_upload_limit');
if ($r && $limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) {
$ret['message'] = upgrade_message();
@unlink($src);
call_hooks('photo_post_end', $ret);
return $ret;
}
$ph = photo_factory($imagedata, $type);
if (!$ph->is_valid()) {
$ret['message'] = t('Unable to process image');
logger('photo_upload: unable to process image');
@unlink($src);
call_hooks('photo_upload_end', $ret);
return $ret;
}
$exif = $ph->orient($src);
@unlink($src);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$smallest = 0;
$photo_hash = $args['resource_id'] ? $args['resource_id'] : photo_new_resource();
$visitor = '';
if ($channel['channel_hash'] !== $observer['xchan_hash']) {
$visitor = $observer['xchan_hash'];
}
$errors = false;
$p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash, 'filename' => $filename, 'album' => $album, 'scale' => 0, 'photo_flags' => PHOTO_NORMAL, 'allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, 'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny);
if ($args['created']) {
$p['created'] = $args['created'];
}
if ($args['edited']) {
$p['edited'] = $args['edited'];
}
if ($args['title']) {
$p['title'] = $args['title'];
}
if ($args['description']) {
$p['description'] = $args['description'];
}
$r1 = $ph->save($p);
if (!$r1) {
$errors = true;
}
if (($width > 640 || $height > 640) && !$errors) {
$ph->scaleImage(640);
$p['scale'] = 1;
$r2 = $ph->save($p);
$smallest = 1;
if (!$r2) {
$errors = true;
}
}
if (($width > 320 || $height > 320) && !$errors) {
$ph->scaleImage(320);
$p['scale'] = 2;
$r3 = $ph->save($p);
$smallest = 2;
if (!$r3) {
$errors = true;
}
}
if ($errors) {
q("delete from photo where resource_id = '%s' and uid = %d", dbesc($photo_hash), intval($channel_id));
$ret['message'] = t('Photo storage failed.');
logger('photo_upload: photo store failed.');
call_hooks('photo_upload_end', $ret);
return $ret;
}
// This will be the width and height of the smallest representation
$width_x_height = $ph->getWidth() . 'x' . $ph->getHeight();
$mid = item_message_id();
// Create item container
$lat = $lon = null;
if ($exif && $exif['GPS']) {
if (feature_enabled($channel_id, 'photo_location')) {
$lat = getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']);
$lon = getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']);
}
}
$item_flags = ITEM_WALL | ITEM_ORIGIN | ITEM_THREAD_TOP;
$item_restrict = $visible ? ITEM_VISIBLE : ITEM_HIDDEN;
$title = '';
$mid = item_message_id();
$arr = array();
if ($lat && $lon) {
$arr['coord'] = $lat . ' ' . $lon;
}
$arr['aid'] = $account_id;
$arr['uid'] = $channel_id;
$arr['mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['item_flags'] = $item_flags;
$arr['item_restrict'] = $item_restrict;
$arr['resource_type'] = 'photo';
$arr['resource_id'] = $photo_hash;
$arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $observer['xchan_hash'];
$arr['title'] = $title;
$arr['allow_cid'] = $str_contact_allow;
$arr['allow_gid'] = $str_group_allow;
$arr['deny_cid'] = $str_contact_deny;
$arr['deny_gid'] = $str_group_deny;
$arr['verb'] = ACTIVITY_POST;
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
// We should also put a width_x_height on large photos. Left as an exercise for
// devs looking fo simple stuff to fix.
$larger = feature_enabled($channel['channel_id'], 'large_photos');
if ($larger) {
$tag = '[zmg]';
if ($r2) {
$smallest = 1;
} else {
$smallest = 0;
}
} else {
if ($width_x_height) {
$tag = '[zmg=' . $width_x_height . ']';
} else {
$tag = '[zmg]';
}
}
$arr['body'] = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']' . $tag . z_root() . "/photo/{$photo_hash}-{$smallest}." . $ph->getExt() . '[/zmg]' . '[/zrl]';
$result = item_store($arr);
$item_id = $result['item_id'];
if ($visible) {
proc_run('php', "include/notifier.php", 'wall-new', $item_id);
}
$ret['success'] = true;
$ret['item'] = $arr;
$ret['body'] = $arr['body'];
$ret['resource_id'] = $photo_hash;
$ret['photoitem_id'] = $item_id;
call_hooks('photo_upload_end', $ret);
return $ret;
}
function import_channel_photo($photo, $type, $aid, $uid)
{
logger('import_channel_photo: importing channel photo for ' . $uid, LOGGER_DEBUG);
$hash = photo_new_resource();
$photo_failure = false;
$filename = $hash;
$img = photo_factory($photo, $type);
if ($img->is_valid()) {
$img->scaleImageSquare(300);
$p = array('aid' => $aid, 'uid' => $uid, 'resource_id' => $hash, 'filename' => $filename, 'album' => t('Profile Photos'), 'photo_usage' => PHOTO_PROFILE, 'imgscale' => 4);
$r = $img->save($p);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(80);
$p['imgscale'] = 5;
$r = $img->save($p);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(48);
$p['imgscale'] = 6;
$r = $img->save($p);
if ($r === false) {
$photo_failure = true;
}
} else {
logger('import_channel_photo: invalid image.');
$photo_failure = true;
}
//return(($photo_failure)? false : true);
if ($photo_failure) {
return false;
} else {
return $hash;
}
}
/**
* @brief
*
* @param array $channel
* @param array $observer
* @param array $args
* @return array
*/
function photo_upload($channel, $observer, $args)
{
$ret = array('success' => false);
$channel_id = $channel['channel_id'];
$account_id = $channel['channel_account_id'];
if (!perm_is_allowed($channel_id, $observer['xchan_hash'], 'write_storage')) {
$ret['message'] = t('Permission denied.');
return $ret;
}
// call_hooks('photo_upload_begin', $args);
/*
* Determine the album to use
*/
$album = $args['album'];
if (intval($args['visible']) || $args['visible'] === 'true') {
$visible = 1;
} else {
$visible = 0;
}
$deliver = true;
if (array_key_exists('deliver', $args)) {
$deliver = intval($args['deliver']);
}
// Set to default channel permissions. If the parent directory (album) has permissions set,
// use those instead. If we have specific permissions supplied, they take precedence over
// all other settings. 'allow_cid' being passed from an external source takes priority over channel settings.
// ...messy... needs re-factoring once the photos/files integration stabilises
$acl = new Zotlabs\Access\AccessList($channel);
if (array_key_exists('directory', $args) && $args['directory']) {
$acl->set($args['directory']);
}
if (array_key_exists('allow_cid', $args)) {
$acl->set($args);
}
if (array_key_exists('group_allow', $args) || array_key_exists('contact_allow', $args) || array_key_exists('group_deny', $args) || array_key_exists('contact_deny', $args)) {
$acl->set_from_array($args);
}
$ac = $acl->get();
$os_storage = 0;
if ($args['os_path'] && $args['getimagesize']) {
$imagedata = @file_get_contents($args['os_path']);
$filename = $args['filename'];
$filesize = strlen($imagedata);
// this is going to be deleted if it exists
$src = '/tmp/deletemenow';
$type = $args['getimagesize']['mime'];
$os_storage = 1;
} elseif ($args['data'] || $args['content']) {
// allow an import from a binary string representing the image.
// This bypasses the upload step and max size limit checking
$imagedata = $args['content'] ? $args['content'] : $args['data'];
$filename = $args['filename'];
$filesize = strlen($imagedata);
// this is going to be deleted if it exists
$src = '/tmp/deletemenow';
$type = $args['mimetype'] ? $args['mimetype'] : $args['type'];
} else {
$f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
// call_hooks('photo_upload_file',$f);
if (x($f, 'src') && x($f, 'filesize')) {
$src = $f['src'];
$filename = $f['filename'];
$filesize = $f['filesize'];
$type = $f['type'];
} else {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$type = $_FILES['userfile']['type'];
}
if (!$type) {
$type = guess_image_type($filename);
}
logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' (' . $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
$ret['message'] = sprintf(t('Image exceeds website size limit of %lu bytes'), $maximagesize);
@unlink($src);
call_hooks('photo_upload_end', $ret);
return $ret;
}
if (!$filesize) {
$ret['message'] = t('Image file is empty.');
@unlink($src);
call_hooks('photo_post_end', $ret);
return $ret;
}
logger('photo_upload: loading the contents of ' . $src, LOGGER_DEBUG);
$imagedata = @file_get_contents($src);
}
$r = q("select sum(filesize) as total from photo where aid = %d and imgscale = 0 ", intval($account_id));
$limit = engr_units_to_bytes(service_class_fetch($channel_id, 'photo_upload_limit'));
if ($r && $limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) {
$ret['message'] = upgrade_message();
@unlink($src);
call_hooks('photo_post_end', $ret);
return $ret;
}
$ph = photo_factory($imagedata, $type);
if (!$ph->is_valid()) {
$ret['message'] = t('Unable to process image');
logger('photo_upload: unable to process image');
@unlink($src);
call_hooks('photo_upload_end', $ret);
return $ret;
}
$exif = $ph->orient($args['os_path'] ? $args['os_path'] : $src);
@unlink($src);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$smallest = 0;
$photo_hash = $args['resource_id'] ? $args['resource_id'] : photo_new_resource();
$visitor = '';
if ($channel['channel_hash'] !== $observer['xchan_hash']) {
$visitor = $observer['xchan_hash'];
}
$errors = false;
$p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash, 'filename' => $filename, 'album' => $album, 'imgscale' => 0, 'photo_usage' => PHOTO_NORMAL, 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], 'os_storage' => $os_storage, 'os_path' => $args['os_path']);
if ($args['created']) {
$p['created'] = $args['created'];
}
if ($args['edited']) {
$p['edited'] = $args['edited'];
}
if ($args['title']) {
$p['title'] = $args['title'];
}
if ($args['description']) {
$p['description'] = $args['description'];
}
$link = array();
$r0 = $ph->save($p);
$link[0] = array('rel' => 'alternate', 'type' => 'text/html', 'href' => z_root() . '/photo/' . $photo_hash . '-0.' . $ph->getExt(), 'width' => $ph->getWidth(), 'height' => $ph->getHeight());
if (!$r0) {
$errors = true;
}
unset($p['os_storage']);
unset($p['os_path']);
if (($width > 1024 || $height > 1024) && !$errors) {
$ph->scaleImage(1024);
}
$p['imgscale'] = 1;
$r1 = $ph->save($p);
$link[1] = array('rel' => 'alternate', 'type' => 'text/html', 'href' => z_root() . '/photo/' . $photo_hash . '-1.' . $ph->getExt(), 'width' => $ph->getWidth(), 'height' => $ph->getHeight());
if (!$r1) {
$errors = true;
}
if (($width > 640 || $height > 640) && !$errors) {
$ph->scaleImage(640);
}
$p['imgscale'] = 2;
$r2 = $ph->save($p);
$link[2] = array('rel' => 'alternate', 'type' => 'text/html', 'href' => z_root() . '/photo/' . $photo_hash . '-2.' . $ph->getExt(), 'width' => $ph->getWidth(), 'height' => $ph->getHeight());
if (!$r2) {
$errors = true;
}
if (($width > 320 || $height > 320) && !$errors) {
$ph->scaleImage(320);
}
$p['imgscale'] = 3;
$r3 = $ph->save($p);
$link[3] = array('rel' => 'alternate', 'type' => 'text/html', 'href' => z_root() . '/photo/' . $photo_hash . '-3.' . $ph->getExt(), 'width' => $ph->getWidth(), 'height' => $ph->getHeight());
if (!$r3) {
$errors = true;
}
if ($errors) {
q("delete from photo where resource_id = '%s' and uid = %d", dbesc($photo_hash), intval($channel_id));
$ret['message'] = t('Photo storage failed.');
logger('photo_upload: photo store failed.');
call_hooks('photo_upload_end', $ret);
return $ret;
}
$item_hidden = $visible ? 0 : 1;
$lat = $lon = null;
if ($exif && $exif['GPS']) {
if (feature_enabled($channel_id, 'photo_location')) {
$lat = getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']);
$lon = getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']);
}
}
$title = $args['description'] ? $args['description'] : $args['filename'];
$large_photos = feature_enabled($channel['channel_id'], 'large_photos');
linkify_tags($a, $args['body'], $channel_id);
if ($large_photos) {
$scale = 1;
$width = $link[1]['width'];
$height = $link[1]['height'];
$tag = $r1 ? '[zmg=' . $width . 'x' . $height . ']' : '[zmg]';
} else {
$scale = 2;
$width = $link[2]['width'];
$height = $link[2]['height'];
$tag = $r2 ? '[zmg=' . $width . 'x' . $height . ']' : '[zmg]';
}
$author_link = '[zrl=' . z_root() . '/channel/' . $channel['channel_address'] . ']' . $channel['channel_name'] . '[/zrl]';
$photo_link = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']' . t('a new photo') . '[/zrl]';
$album_link = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album) . ']' . (strlen($album) ? $album : '/') . '[/zrl]';
$activity_format = sprintf(t('%1$s posted %2$s to %3$s', 'photo_upload'), $author_link, $photo_link, $album_link);
$summary = ($args['body'] ? $args['body'] : '') . '[footer]' . $activity_format . '[/footer]';
$obj_body = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']' . $tag . z_root() . "/photo/{$photo_hash}-{$scale}." . $ph->getExt() . '[/zmg]' . '[/zrl]';
// Create item object
$object = array('type' => ACTIVITY_OBJ_PHOTO, 'title' => $title, 'created' => $p['created'], 'edited' => $p['edited'], 'id' => z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash, 'link' => $link, 'body' => $obj_body);
$target = array('type' => ACTIVITY_OBJ_ALBUM, 'title' => $album ? $album : '/', 'id' => z_root() . '/photos/' . $channel['channel_address'] . '/album/' . bin2hex($album));
// Create item container
if ($args['item']) {
foreach ($args['item'] as $i) {
$item = get_item_elements($i);
$force = false;
if ($item['mid'] === $item['parent_mid']) {
$item['body'] = $summary;
$item['obj_type'] = ACTIVITY_OBJ_PHOTO;
$item['obj'] = json_encode($object);
$item['tgt_type'] = ACTIVITY_OBJ_ALBUM;
$item['target'] = json_encode($target);
if ($item['author_xchan'] === $channel['channel_hash']) {
$item['sig'] = base64url_encode(rsa_sign($item['body'], $channel['channel_prvkey']));
$item['item_verified'] = 1;
} else {
$item['sig'] = '';
}
$force = true;
}
$r = q("select id, edited from item where mid = '%s' and uid = %d limit 1", dbesc($item['mid']), intval($channel['channel_id']));
if ($r) {
if ($item['edited'] > $r[0]['edited'] || $force) {
$item['id'] = $r[0]['id'];
$item['uid'] = $channel['channel_id'];
item_store_update($item, false, $deliver);
continue;
}
} else {
$item['aid'] = $channel['channel_account_id'];
$item['uid'] = $channel['channel_id'];
$item_result = item_store($item, false, $deliver);
}
}
} else {
$mid = item_message_id();
$arr = array();
if ($lat && $lon) {
$arr['coord'] = $lat . ' ' . $lon;
}
$arr['aid'] = $account_id;
$arr['uid'] = $channel_id;
$arr['mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['item_hidden'] = $item_hidden;
$arr['resource_type'] = 'photo';
$arr['resource_id'] = $photo_hash;
$arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $observer['xchan_hash'];
$arr['title'] = $title;
$arr['allow_cid'] = $ac['allow_cid'];
$arr['allow_gid'] = $ac['allow_gid'];
$arr['deny_cid'] = $ac['deny_cid'];
$arr['deny_gid'] = $ac['deny_gid'];
$arr['verb'] = ACTIVITY_POST;
$arr['obj_type'] = ACTIVITY_OBJ_PHOTO;
$arr['obj'] = json_encode($object);
$arr['tgt_type'] = ACTIVITY_OBJ_ALBUM;
$arr['target'] = json_encode($target);
$arr['item_wall'] = 1;
$arr['item_origin'] = 1;
$arr['item_thread_top'] = 1;
$arr['item_private'] = intval($acl->is_private());
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
$arr['body'] = $summary;
// this one is tricky because the item and the photo have the same permissions, those of the photo.
// Use the channel read_stream permissions to get the correct public_policy for the item and recalculate the
// private flag accordingly. This may cause subtle bugs due to custom permissions roles. We want to use
// public policy when federating items to other sites, but should probably ignore them when accessing the item
// in the photos pages - using the photos permissions instead. We need the public policy to keep the photo
// linked item from leaking into the feed when somebody has a channel with read_stream restrictions.
$arr['public_policy'] = map_scope($channel['channel_r_stream'], true);
if ($arr['public_policy']) {
$arr['item_private'] = 1;
}
$result = item_store($arr, false, $deliver);
$item_id = $result['item_id'];
if ($visible && $deliver) {
Zotlabs\Daemon\Master::Summon(array('Notifier', 'wall-new', $item_id));
}
}
$ret['success'] = true;
$ret['item'] = $arr;
$ret['body'] = $obj_body;
$ret['resource_id'] = $photo_hash;
$ret['photoitem_id'] = $item_id;
call_hooks('photo_upload_end', $ret);
return $ret;
}
function photos_content(&$a)
{
// URLs:
// photos/name
// photos/name/album/xxxxx (xxxxx is album name)
// photos/name/image/xxxxx
if (get_config('system', 'block_public') && !local_channel() && !remote_channel()) {
notice(t('Public access denied.') . EOL);
return;
}
$unsafe = array_key_exists('unsafe', $_REQUEST) && $_REQUEST['unsafe'] ? 1 : 0;
require_once 'include/bbcode.php';
require_once 'include/security.php';
require_once 'include/conversation.php';
if (!x($a->data, 'channel')) {
notice(t('No photos selected') . EOL);
return;
}
$ph = photo_factory('');
$phototypes = $ph->supportedTypes();
$_SESSION['photo_return'] = $a->cmd;
//
// Parse arguments
//
$can_comment = perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'post_comments');
if (argc() > 3) {
$datatype = argv(2);
$datum = argv(3);
} else {
if (argc() > 2) {
$datatype = argv(2);
$datum = '';
} else {
$datatype = 'summary';
}
}
if (argc() > 4) {
$cmd = argv(4);
} else {
$cmd = 'view';
}
//
// Setup permissions structures
//
$can_post = false;
$visitor = 0;
$owner_uid = $a->data['channel']['channel_id'];
$owner_aid = $a->data['channel']['channel_account_id'];
$observer = $a->get_observer();
$can_post = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'write_storage');
$can_view = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'view_storage');
if (!$can_view) {
notice(t('Access to this item is restricted.') . EOL);
return;
}
$sql_extra = permissions_sql($owner_uid);
$o = "";
$o .= "<script> var profile_uid = " . $a->profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
// tabs
$_is_owner = local_channel() && local_channel() == $owner_uid;
$o .= profile_tabs($a, $_is_owner, $a->data['channel']['channel_address']);
/**
* Display upload form
*/
if ($can_post) {
$uploader = '';
$ret = array('post_url' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'], 'addon_text' => $uploader, 'default_upload' => true);
call_hooks('photo_upload_form', $ret);
/* Show space usage */
$r = q("select sum(size) as total from photo where aid = %d and scale = 0 ", intval($a->data['channel']['channel_account_id']));
$limit = service_class_fetch($a->data['channel']['channel_id'], 'photo_upload_limit');
if ($limit !== false) {
$usage_message = sprintf(t("%1\$.2f MB of %2\$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000);
} else {
$usage_message = sprintf(t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000);
}
if ($_is_owner) {
$channel = $a->get_channel();
$acl = new AccessList($channel);
$channel_acl = $acl->get();
$lockstate = $acl->is_private() ? 'lock' : 'unlock';
}
$aclselect = $_is_owner ? populate_acl($channel_acl, false) : '';
$selname = $datum ? hex2bin($datum) : '';
$albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']);
if (!$selname) {
$def_album = get_pconfig($a->data['channel']['channel_id'], 'system', 'photo_path');
if ($def_album) {
$selname = filepath_macro($def_album);
$albums['album'][] = array('text' => $selname);
}
}
$tpl = get_markup_template('photos_upload.tpl');
$upload_form = replace_macros($tpl, array('$pagename' => t('Upload Photos'), '$sessid' => session_id(), '$usage' => $usage_message, '$nickname' => $a->data['channel']['channel_address'], '$newalbum_label' => t('Enter an album name'), '$newalbum_placeholder' => t('or select an existing album (doubleclick)'), '$visible' => array('visible', t('Create a status post for this upload'), 0, '', array(t('No'), t('Yes'))), '$albums' => $albums['albums'], '$selname' => $selname, '$permissions' => t('Permissions'), '$aclselect' => $aclselect, '$lockstate' => $lockstate, '$uploader' => $ret['addon_text'], '$default' => $ret['default_upload'] ? true : false, '$uploadurl' => $ret['post_url'], '$submit' => t('Submit')));
}
//
// dispatch request
//
/*
* Display a single photo album
*/
if ($datatype === 'album') {
if (strlen($datum)) {
if (strlen($datum) & 1 || !ctype_xdigit($datum)) {
notice(t('Album name could not be decoded') . EOL);
logger('mod_photos: illegal album encoding: ' . $datum);
$datum = '';
}
}
$album = $datum ? hex2bin($datum) : '';
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' \n\t\t\tAND `scale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY `resource_id`", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe));
if (count($r)) {
$a->set_pager_total(count($r));
$a->set_pager_itemspage(60);
} else {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address']);
}
if ($_GET['order'] === 'posted') {
$order = 'ASC';
} else {
$order = 'DESC';
}
$r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN\n\t\t\t\t(SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY resource_id) ph \n\t\t\t\tON (p.resource_id = ph.resource_id AND p.scale = ph.scale)\n\t\t\tORDER BY created {$order} LIMIT %d OFFSET %d", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start']));
//edit album name
$album_edit = null;
if ($album !== t('Profile Photos') && $album !== 'Profile Photos' && $album !== 'Contact Photos' && $album !== t('Contact Photos')) {
if ($can_post) {
if ($a->get_template_engine() === 'internal') {
$album_e = template_escape($album);
} else {
$album_e = $album;
}
$albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']);
// @fixme - syncronise actions with DAV
// $edit_tpl = get_markup_template('album_edit.tpl');
// $album_edit = replace_macros($edit_tpl,array(
// '$nametext' => t('Enter a new album name'),
// '$name_placeholder' => t('or select an existing one (doubleclick)'),
// '$nickname' => $a->data['channel']['channel_address'],
// '$album' => $album_e,
// '$albums' => $albums['albums'],
// '$hexalbum' => bin2hex($album),
// '$submit' => t('Submit'),
// '$dropsubmit' => t('Delete Album')
// ));
}
}
if ($_GET['order'] === 'posted') {
$order = array(t('Show Newest First'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album));
} else {
$order = array(t('Show Oldest First'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album) . '?f=&order=posted');
}
$photos = array();
if (count($r)) {
$twist = 'rotright';
foreach ($r as $rr) {
if ($twist == 'rotright') {
$twist = 'rotleft';
} else {
$twist = 'rotright';
}
$ext = $phototypes[$rr['type']];
$imgalt_e = $rr['filename'];
$desc_e = $rr['description'];
$imagelink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : '');
$photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $imagelink, 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['scale'] . '.' . $ext, 'alt' => $imgalt_e, 'desc' => $desc_e, 'ext' => $ext, 'hash' => $rr['resource_id'], 'unknown' => t('Unknown'));
}
}
if ($_REQUEST['aj']) {
if ($photos) {
$o = replace_macros(get_markup_template('photosajax.tpl'), array('$photos' => $photos));
} else {
$o = '<div id="content-complete"></div>';
}
echo $o;
killme();
} else {
$o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array('$photos' => $photos, '$album' => $album, '$album_edit' => array(t('Edit Album'), $album_edit), '$can_post' => $can_post, '$upload' => array(t('Upload'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload/' . bin2hex($album)), '$order' => $order, '$upload_form' => $upload_form, '$usage' => $usage_message));
}
if (!$photos && $_REQUEST['aj']) {
$o .= '<div id="content-complete"></div>';
echo $o;
killme();
}
// $o .= paginate($a);
return $o;
}
/**
* Display one photo
*/
if ($datatype === 'image') {
// fetch image, item containing image, then comments
$ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' \n\t\t\t{$sql_extra} ORDER BY `scale` ASC ", intval($owner_uid), dbesc($datum));
if (!$ph) {
/* Check again - this time without specifying permissions */
$ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' LIMIT 1", intval($owner_uid), dbesc($datum));
if ($ph) {
notice(t('Permission denied. Access to this item may be restricted.') . EOL);
} else {
notice(t('Photo not available') . EOL);
}
return;
}
$prevlink = '';
$nextlink = '';
if ($_GET['order'] === 'posted') {
$order = 'ASC';
} else {
$order = 'DESC';
}
$prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 \n\t\t\t{$sql_extra} ORDER BY `created` {$order} ", dbesc($ph[0]['album']), intval($owner_uid));
if (count($prvnxt)) {
for ($z = 0; $z < count($prvnxt); $z++) {
if ($prvnxt[$z]['resource_id'] == $ph[0]['resource_id']) {
$prv = $z - 1;
$nxt = $z + 1;
if ($prv < 0) {
$prv = count($prvnxt) - 1;
}
if ($nxt >= count($prvnxt)) {
$nxt = 0;
}
break;
}
}
$prevlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : '');
$nextlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : '');
}
if (count($ph) == 1) {
$hires = $lores = $ph[0];
}
if (count($ph) > 1) {
if ($ph[1]['scale'] == 2) {
// original is 640 or less, we can display it directly
$hires = $lores = $ph[0];
} else {
$hires = $ph[0];
$lores = $ph[1];
}
}
$album_link = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($ph[0]['album']);
$tools = Null;
$lock = Null;
if ($can_post && $ph[0]['uid'] == $owner_uid) {
$tools = array('profile' => array($a->get_baseurl() . '/profile_photo/use/' . $ph[0]['resource_id'], t('Use as profile photo')));
}
// lockstate
$lockstate = strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid']) ? array('lock', t('Private Photo')) : array('unlock', Null);
$a->page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n";
if ($prevlink) {
$a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
}
if ($nextlink) {
$a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
}
$a->page['htmlhead'] .= '});</script>';
if ($prevlink) {
$prevlink = array($prevlink, t('Previous'));
}
$photo = array('href' => $a->get_baseurl() . '/photo/' . $hires['resource_id'] . '-' . $hires['scale'] . '.' . $phototypes[$hires['type']], 'title' => t('View Full Size'), 'src' => $a->get_baseurl() . '/photo/' . $lores['resource_id'] . '-' . $lores['scale'] . '.' . $phototypes[$lores['type']] . '?f=&_u=' . datetime_convert('', '', '', 'ymdhis'));
if ($nextlink) {
$nextlink = array($nextlink, t('Next'));
}
// Do we have an item for this photo?
$linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' \n\t\t\t{$sql_extra} LIMIT 1", dbesc($datum));
$map = null;
if ($linked_items) {
xchan_query($linked_items);
$linked_items = fetch_post_tags($linked_items, true);
$link_item = $linked_items[0];
$item_normal = item_normal();
$r = q("select * from item where parent_mid = '%s' \n\t\t\t\t{$item_normal} and uid = %d {$sql_extra} ", dbesc($link_item['mid']), intval($link_item['uid']));
if ($r) {
xchan_query($r);
$r = fetch_post_tags($r, true);
$r = conv_sort($r, 'commented');
}
$tags = array();
if ($link_item['term']) {
$cnt = 0;
foreach ($link_item['term'] as $t) {
$tags[$cnt] = array(0 => format_term_for_display($t));
if ($can_post && $ph[0]['uid'] == $owner_uid) {
$tags[$cnt][1] = 'tagrm/drop/' . $link_item['id'] . '/' . bin2hex($t['term']);
//?f=&item=' . $link_item['id'];
$tags[$cnt][2] = t('Remove');
}
$cnt++;
}
}
if (local_channel() && local_channel() == $link_item['uid']) {
q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", intval($link_item['parent']), intval(local_channel()));
}
if ($link_item['coord']) {
$map = generate_map($link_item['coord']);
}
}
// logger('mod_photo: link_item' . print_r($link_item,true));
// FIXME - remove this when we move to conversation module
$r = $r[0]['children'];
$edit = null;
if ($can_post) {
$album_e = $ph[0]['album'];
$caption_e = $ph[0]['description'];
$aclselect_e = $_is_owner ? populate_acl($ph[0]) : '';
$albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']);
$_SESSION['album_return'] = bin2hex($ph[0]['album']);
$edit = array('edit' => t('Edit photo'), 'id' => $link_item['id'], 'rotatecw' => t('Rotate CW (right)'), 'rotateccw' => t('Rotate CCW (left)'), 'albums' => $albums['albums'], 'album' => $album_e, 'newalbum_label' => t('Enter a new album name'), 'newalbum_placeholder' => t('or select an existing one (doubleclick)'), 'nickname' => $a->data['channel']['channel_address'], 'resource_id' => $ph[0]['resource_id'], 'capt_label' => t('Caption'), 'caption' => $caption_e, 'tag_label' => t('Add a Tag'), 'permissions' => t('Permissions'), 'aclselect' => $aclselect_e, 'lockstate' => $lockstate[0], 'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'), 'item_id' => count($linked_items) ? $link_item['id'] : 0, 'adult_enabled' => feature_enabled($owner_uid, 'adult_photo_flagging'), 'adult' => array('adult', t('Flag as adult in album view'), intval($ph[0]['is_nsfw']), ''), 'submit' => t('Submit'), 'delete' => t('Delete Photo'));
}
if (count($linked_items)) {
$cmnt_tpl = get_markup_template('comment_item.tpl');
$tpl = get_markup_template('photo_item.tpl');
$return_url = $a->cmd;
$like_tpl = get_markup_template('like_noshare.tpl');
$likebuttons = '';
if ($can_post || $can_comment) {
$likebuttons = array('id' => $link_item['id'], 'likethis' => t("I like this (toggle)"), 'nolike' => t("I don't like this (toggle)"), 'share' => t('Share'), 'wait' => t('Please wait'));
}
$comments = '';
if (!count($r)) {
if ($can_post || $can_comment) {
$commentbox = replace_macros($cmnt_tpl, array('$return_path' => '', '$mode' => 'photos', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$preview' => t('Preview'), '$ww' => '', '$feature_encrypt' => false));
}
}
$alike = array();
$dlike = array();
$like = '';
$dislike = '';
$conv_responses = array('like' => array('title' => t('Likes', 'title')), 'dislike' => array('title' => t('Dislikes', 'title')), 'agree' => array('title' => t('Agree', 'title')), 'disagree' => array('title' => t('Disagree', 'title')), 'abstain' => array('title' => t('Abstain', 'title')), 'attendyes' => array('title' => t('Attending', 'title')), 'attendno' => array('title' => t('Not attending', 'title')), 'attendmaybe' => array('title' => t('Might attend', 'title')));
if ($r) {
foreach ($r as $item) {
builtin_activity_puller($item, $conv_responses);
}
$like_count = x($alike, $link_item['mid']) ? $alike[$link_item['mid']] : '';
$like_list = x($alike, $link_item['mid']) ? $alike[$link_item['mid'] . '-l'] : '';
if (count($like_list) > MAX_LIKERS) {
$like_list_part = array_slice($like_list, 0, MAX_LIKERS);
array_push($like_list_part, '<a href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
} else {
$like_list_part = '';
}
$like_button_label = tt('Like', 'Likes', $like_count, 'noun');
//if (feature_enabled($conv->get_profile_owner(),'dislike')) {
$dislike_count = x($dlike, $link_item['mid']) ? $dlike[$link_item['mid']] : '';
$dislike_list = x($dlike, $link_item['mid']) ? $dlike[$link_item['mid'] . '-l'] : '';
$dislike_button_label = tt('Dislike', 'Dislikes', $dislike_count, 'noun');
if (count($dislike_list) > MAX_LIKERS) {
$dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS);
array_push($dislike_list_part, '<a href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>');
} else {
$dislike_list_part = '';
}
//}
$like = isset($alike[$link_item['mid']]) ? format_like($alike[$link_item['mid']], $alike[$link_item['mid'] . '-l'], 'like', $link_item['mid']) : '';
$dislike = isset($dlike[$link_item['mid']]) ? format_like($dlike[$link_item['mid']], $dlike[$link_item['mid'] . '-l'], 'dislike', $link_item['mid']) : '';
// display comments
foreach ($r as $item) {
$comment = '';
$template = $tpl;
$sparkle = '';
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) {
continue;
}
$redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'];
$profile_url = zid($item['author']['xchan_url']);
$sparkle = '';
$profile_name = $item['author']['xchan_name'];
$profile_avatar = $item['author']['xchan_photo_m'];
$profile_link = $profile_url;
$drop = '';
if ($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan']) {
$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
}
$name_e = $profile_name;
$title_e = $item['title'];
unobscure($item);
$body_e = prepare_text($item['body'], $item['mimetype']);
$comments .= replace_macros($template, array('$id' => $item['id'], '$mode' => 'photos', '$profile_url' => $profile_link, '$name' => $name_e, '$thumb' => $profile_avatar, '$sparkle' => $sparkle, '$title' => $title_e, '$body' => $body_e, '$ago' => relative_date($item['created']), '$indent' => $item['parent'] != $item['id'] ? ' comment' : '', '$drop' => $drop, '$comment' => $comment));
}
if ($can_post || $can_comment) {
$commentbox = replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$ww' => ''));
}
}
$paginate = paginate($a);
}
$album_e = array($album_link, $ph[0]['album']);
$like_e = $like;
$dislike_e = $dislike;
$response_verbs = array('like');
if (feature_enabled($owner_uid, 'dislike')) {
$response_verbs[] = 'dislike';
}
$responses = get_responses($conv_responses, $response_verbs, '', $link_item);
$photo_tpl = get_markup_template('photo_view.tpl');
$o .= replace_macros($photo_tpl, array('$id' => $ph[0]['id'], '$album' => $album_e, '$tools' => $tools, '$lock' => $lockstate[1], '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, '$desc' => $ph[0]['description'], '$filename' => $ph[0]['filename'], '$unknown' => t('Unknown'), '$tag_hdr' => t('In This Photo:'), '$tags' => $tags, 'responses' => $responses, '$edit' => $edit, '$map' => $map, '$map_text' => t('Map'), '$likebuttons' => $likebuttons, '$like' => $like_e, '$dislike' => $dislike_e, '$like_count' => $like_count, '$like_list' => $like_list, '$like_list_part' => $like_list_part, '$like_button_label' => $like_button_label, '$like_modal_title' => t('Likes', 'noun'), '$dislike_modal_title' => t('Dislikes', 'noun'), '$dislike_count' => $dislike_count, '$dislike_list' => $dislike_list, '$dislike_list_part' => $dislike_list_part, '$dislike_button_label' => $dislike_button_label, '$modal_dismiss' => t('Close'), '$comments' => $comments, '$commentbox' => $commentbox, '$paginate' => $paginate));
$a->data['photo_html'] = $o;
return $o;
}
// Default - show recent photos with upload link (if applicable)
//$o = '';
$r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' \n\t\tand photo_usage in ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY `resource_id`", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe));
if (count($r)) {
$a->set_pager_total(count($r));
$a->set_pager_itemspage(60);
}
$r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.album, p.scale, p.created FROM photo p INNER JOIN \n\t\t(SELECT resource_id, max(scale) scale FROM photo \n\t\t\tWHERE uid=%d AND album != '%s' AND album != '%s' \n\t\t\tAND photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} group by resource_id) ph \n\t\tON (p.resource_id = ph.resource_id and p.scale = ph.scale) ORDER by p.created DESC LIMIT %d OFFSET %d", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start']));
$photos = array();
if (count($r)) {
$twist = 'rotright';
foreach ($r as $rr) {
if ($twist == 'rotright') {
$twist = 'rotleft';
} else {
$twist = 'rotright';
}
$ext = $phototypes[$rr['type']];
if ($a->get_template_engine() === 'internal') {
$alt_e = template_escape($rr['filename']);
$name_e = template_escape($rr['album']);
} else {
$alt_e = $rr['filename'];
$name_e = $rr['album'];
}
$photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'], 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . ($rr['scale'] == 6 ? 4 : $rr['scale']) . '.' . $ext, 'alt' => $alt_e, 'album' => array('link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($rr['album']), 'name' => $name_e, 'alt' => t('View Album')));
}
}
if ($_REQUEST['aj']) {
if ($photos) {
$o = replace_macros(get_markup_template('photosajax.tpl'), array('$photos' => $photos));
} else {
$o = '<div id="content-complete"></div>';
}
echo $o;
killme();
} else {
$o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>";
$tpl = get_markup_template('photos_recent.tpl');
$o .= replace_macros($tpl, array('$title' => t('Recent Photos'), '$can_post' => $can_post, '$upload' => array(t('Upload'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload'), '$photos' => $photos, '$upload_form' => $upload_form, '$usage' => $usage_message));
}
if (!$photos && $_REQUEST['aj']) {
$o .= '<div id="content-complete"></div>';
echo $o;
killme();
}
// paginate($a);
return $o;
}
function get()
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
$channel = \App::get_channel();
$newuser = false;
if (argc() == 2 && argv(1) === 'new') {
$newuser = true;
}
if (argv(1) === 'use') {
if (argc() < 3) {
notice(t('Permission denied.') . EOL);
return;
}
$resource_id = argv(2);
// When using an existing photo, we don't have a dialogue to offer a choice of profiles,
// so it gets attached to the default
$p = q("select id from profile where is_default = 1 and uid = %d", intval(local_channel()));
if ($p) {
$_REQUEST['profile'] = $p[0]['id'];
}
$r = q("SELECT id, album, imgscale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY imgscale ASC", intval(local_channel()), dbesc($resource_id));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
$havescale = false;
foreach ($r as $rr) {
if ($rr['imgscale'] == PHOTO_RES_PROFILE_80) {
$havescale = true;
}
}
// set an already loaded and cropped photo as profile photo
if ($r[0]['album'] == t('Profile Photos') && $havescale) {
// unset any existing profile photos
$r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval(local_channel()));
$r = q("UPDATE photo SET photo_usage = %d WHERE uid = %d AND resource_id = '%s'", intval(PHOTO_PROFILE), intval(local_channel()), dbesc($resource_id));
$r = q("UPDATE xchan set xchan_photo_date = '%s' \n\t\t\t\t\twhere xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
profile_photo_set_profile_perms(local_channel());
// Reset default photo permissions to public
\Zotlabs\Daemon\Master::Summon(array('Directory', local_channel()));
goaway(z_root() . '/profiles');
}
$r = q("SELECT content, mimetype, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1", intval($r[0]['id']), intval(local_channel()));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
if (intval($r[0]['os_storage'])) {
$data = @file_get_contents($r[0]['content']);
} else {
$data = dbunescbin($r[0]['content']);
}
$ph = photo_factory($data, $r[0]['mimetype']);
$smallest = 0;
if ($ph->is_valid()) {
// go ahead as if we have just uploaded a new photo to crop
$i = q("select resource_id, imgscale from photo where resource_id = '%s' and uid = %d order by imgscale", dbesc($r[0]['resource_id']), intval(local_channel()));
if ($i) {
$hash = $i[0]['resource_id'];
foreach ($i as $ii) {
if (intval($ii['imgscale']) < PHOTO_RES_640) {
$smallest = intval($ii['imgscale']);
}
}
}
}
$this->profile_photo_crop_ui_head($a, $ph, $hash, $smallest);
// falls through with App::$data['imagecrop'] set so we go straight to the cropping section
}
// present an upload form
$profiles = q("select id, profile_name as name, is_default from profile where uid = %d order by id asc", intval(local_channel()));
if (!x(\App::$data, 'imagecrop')) {
$tpl = get_markup_template('profile_photo.tpl');
$o .= replace_macros($tpl, array('$user' => \App::$channel['channel_address'], '$lbl_upfile' => t('Upload File:'), '$lbl_profiles' => t('Select a profile:'), '$title' => t('Upload Profile Photo'), '$submit' => t('Upload'), '$profiles' => $profiles, '$single' => count($profiles) == 1 ? true : false, '$profile0' => $profiles[0], '$form_security_token' => get_form_security_token("profile_photo"), '$select' => sprintf('%s %s', t('or'), $newuser ? '<a href="' . z_root() . '">' . t('skip this step') . '</a>' : '<a href="' . z_root() . '/photos/' . \App::$channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')));
call_hooks('profile_photo_content_end', $o);
return $o;
} else {
// present a cropping form
$filename = \App::$data['imagecrop'] . '-' . \App::$data['imagecrop_resolution'];
$resolution = \App::$data['imagecrop_resolution'];
$tpl = get_markup_template("cropbody.tpl");
$o .= replace_macros($tpl, array('$filename' => $filename, '$profile' => intval($_REQUEST['profile']), '$resource' => \App::$data['imagecrop'] . '-' . \App::$data['imagecrop_resolution'], '$image_url' => z_root() . '/photo/' . $filename, '$title' => t('Crop Image'), '$desc' => t('Please adjust the image cropping for optimum viewing.'), '$form_security_token' => get_form_security_token("profile_photo"), '$done' => t('Done Editing')));
return $o;
}
return;
// NOTREACHED
}
function profile_photo_content(&$a)
{
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return;
}
$channel = App::get_channel();
$newuser = false;
if (argc() == 2 && argv(1) === 'new') {
$newuser = true;
}
if (argv(1) === 'use') {
if (argc() < 3) {
notice(t('Permission denied.') . EOL);
return;
}
// check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
$resource_id = argv(2);
$r = q("SELECT id, album, scale FROM photo WHERE uid = %d AND resource_id = '%s' ORDER BY scale ASC", intval(local_channel()), dbesc($resource_id));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
$havescale = false;
foreach ($r as $rr) {
if ($rr['scale'] == 5) {
$havescale = true;
}
}
// set an already loaded photo as profile photo
if ($r[0]['album'] == t('Profile Photos') && $havescale) {
// unset any existing profile photos
$r = q("UPDATE photo SET photo_usage = %d WHERE photo_usage = %d AND uid = %d", intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval(local_channel()));
$r = q("UPDATE photo SET photo_usage = %d WHERE uid = %d AND resource_id = '%s'", intval(PHOTO_PROFILE), intval(local_channel()), dbesc($resource_id));
$r = q("UPDATE xchan set xchan_photo_date = '%s' \n\t\t\t\twhere xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($channel['xchan_hash']));
profile_photo_set_profile_perms();
//Reset default photo permissions to public
proc_run('php', 'include/directory.php', local_channel());
goaway(z_root() . '/profiles');
}
$r = q("SELECT `data`, `type`, resource_id, os_storage FROM photo WHERE id = %d and uid = %d limit 1", intval($r[0]['id']), intval(local_channel()));
if (!$r) {
notice(t('Photo not available.') . EOL);
return;
}
if (intval($r[0]['os_storage'])) {
$data = @file_get_contents($r[0]['data']);
} else {
$data = dbunescbin($r[0]['data']);
}
$ph = photo_factory($data, $r[0]['type']);
$smallest = 0;
if ($ph->is_valid()) {
// go ahead as if we have just uploaded a new photo to crop
$i = q("select resource_id, scale from photo where resource_id = '%s' and uid = %d order by scale", dbesc($r[0]['resource_id']), intval(local_channel()));
if ($i) {
$hash = $i[0]['resource_id'];
foreach ($i as $ii) {
if (intval($ii['scale']) < 2) {
$smallest = intval($ii['scale']);
}
}
}
}
profile_photo_crop_ui_head($a, $ph, $hash, $smallest);
}
$profiles = q("select id, profile_name as name, is_default from profile where uid = %d", intval(local_channel()));
if (!x(App::$data, 'imagecrop')) {
$tpl = get_markup_template('profile_photo.tpl');
$o .= replace_macros($tpl, array('$user' => App::$channel['channel_address'], '$lbl_upfile' => t('Upload File:'), '$lbl_profiles' => t('Select a profile:'), '$title' => t('Upload Profile Photo'), '$submit' => t('Upload'), '$profiles' => $profiles, '$single' => count($profiles) == 1 ? true : false, '$profile0' => $profiles[0], '$form_security_token' => get_form_security_token("profile_photo"), '$select' => sprintf('%s %s', t('or'), $newuser ? '<a href="' . z_root() . '">' . t('skip this step') . '</a>' : '<a href="' . z_root() . '/photos/' . App::$channel['channel_address'] . '">' . t('select a photo from your photo albums') . '</a>')));
call_hooks('profile_photo_content_end', $o);
return $o;
} else {
$filename = App::$data['imagecrop'] . '-' . App::$data['imagecrop_resolution'];
$resolution = App::$data['imagecrop_resolution'];
$tpl = get_markup_template("cropbody.tpl");
$o .= replace_macros($tpl, array('$filename' => $filename, '$profile' => intval($_REQUEST['profile']), '$resource' => App::$data['imagecrop'] . '-' . App::$data['imagecrop_resolution'], '$image_url' => z_root() . '/photo/' . $filename, '$title' => t('Crop Image'), '$desc' => t('Please adjust the image cropping for optimum viewing.'), '$form_security_token' => get_form_security_token("profile_photo"), '$done' => t('Done Editing')));
return $o;
}
return;
// NOTREACHED
}
/**
* @brief
*
* @param array $channel
* @param array $observer
* @param array $args
* @return array
*/
function photo_upload($channel, $observer, $args)
{
$ret = array('success' => false);
$channel_id = $channel['channel_id'];
$account_id = $channel['channel_account_id'];
if (!perm_is_allowed($channel_id, $observer['xchan_hash'], 'write_storage')) {
$ret['message'] = t('Permission denied.');
return $ret;
}
// call_hooks('photo_upload_begin', $args);
/*
* Determine the album to use
*/
$album = $args['album'];
if (intval($args['visible']) || $args['visible'] === 'true') {
$visible = 1;
} else {
$visible = 0;
}
// Set to default channel permissions. If the parent directory (album) has permissions set,
// use those instead. If we have specific permissions supplied, they take precedence over
// all other settings. 'allow_cid' being passed from an external source takes priority over channel settings.
// ...messy... needs re-factoring once the photos/files integration stabilises
$acl = new AccessList($channel);
if (array_key_exists('directory', $args) && $args['directory']) {
$acl->set($args['directory']);
}
if (array_key_exists('allow_cid', $args)) {
$acl->set($args);
}
if (array_key_exists('group_allow', $args) || array_key_exists('contact_allow', $args) || array_key_exists('group_deny', $args) || array_key_exists('contact_deny', $args)) {
$acl->set_from_array($args);
}
$ac = $acl->get();
$os_storage = 0;
if ($args['os_path'] && $args['getimagesize']) {
$imagedata = @file_get_contents($args['os_path']);
$filename = $args['filename'];
$filesize = strlen($imagedata);
// this is going to be deleted if it exists
$src = '/tmp/deletemenow';
$type = $args['getimagesize']['mime'];
$os_storage = 1;
} elseif ($args['data']) {
// allow an import from a binary string representing the image.
// This bypasses the upload step and max size limit checking
$imagedata = $args['data'];
$filename = $args['filename'];
$filesize = strlen($imagedata);
// this is going to be deleted if it exists
$src = '/tmp/deletemenow';
$type = $args['type'];
} else {
$f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
// call_hooks('photo_upload_file',$f);
if (x($f, 'src') && x($f, 'filesize')) {
$src = $f['src'];
$filename = $f['filename'];
$filesize = $f['filesize'];
$type = $f['type'];
} else {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$type = $_FILES['userfile']['type'];
}
if (!$type) {
$type = guess_image_type($filename);
}
logger('photo_upload: received file: ' . $filename . ' as ' . $src . ' (' . $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
$ret['message'] = sprintf(t('Image exceeds website size limit of %lu bytes'), $maximagesize);
@unlink($src);
call_hooks('photo_upload_end', $ret);
return $ret;
}
if (!$filesize) {
$ret['message'] = t('Image file is empty.');
@unlink($src);
call_hooks('photo_post_end', $ret);
return $ret;
}
logger('photo_upload: loading the contents of ' . $src, LOGGER_DEBUG);
$imagedata = @file_get_contents($src);
}
$r = q("select sum(size) as total from photo where aid = %d and scale = 0 ", intval($account_id));
$limit = service_class_fetch($channel_id, 'photo_upload_limit');
if ($r && $limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) {
$ret['message'] = upgrade_message();
@unlink($src);
call_hooks('photo_post_end', $ret);
return $ret;
}
$ph = photo_factory($imagedata, $type);
if (!$ph->is_valid()) {
$ret['message'] = t('Unable to process image');
logger('photo_upload: unable to process image');
@unlink($src);
call_hooks('photo_upload_end', $ret);
return $ret;
}
$exif = $ph->orient($args['os_path'] ? $args['os_path'] : $src);
@unlink($src);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$smallest = 0;
$photo_hash = $args['resource_id'] ? $args['resource_id'] : photo_new_resource();
$visitor = '';
if ($channel['channel_hash'] !== $observer['xchan_hash']) {
$visitor = $observer['xchan_hash'];
}
$errors = false;
$p = array('aid' => $account_id, 'uid' => $channel_id, 'xchan' => $visitor, 'resource_id' => $photo_hash, 'filename' => $filename, 'album' => $album, 'scale' => 0, 'photo_usage' => PHOTO_NORMAL, 'allow_cid' => $ac['allow_cid'], 'allow_gid' => $ac['allow_gid'], 'deny_cid' => $ac['deny_cid'], 'deny_gid' => $ac['deny_gid'], 'os_storage' => $os_storage, 'os_path' => $args['os_path']);
if ($args['created']) {
$p['created'] = $args['created'];
}
if ($args['edited']) {
$p['edited'] = $args['edited'];
}
if ($args['title']) {
$p['title'] = $args['title'];
}
if ($args['description']) {
$p['description'] = $args['description'];
}
$r1 = $ph->save($p);
if (!$r1) {
$errors = true;
}
unset($p['os_storage']);
unset($p['os_path']);
if (($width > 640 || $height > 640) && !$errors) {
$ph->scaleImage(640);
$p['scale'] = 1;
$r2 = $ph->save($p);
$smallest = 1;
if (!$r2) {
$errors = true;
}
}
if (($width > 320 || $height > 320) && !$errors) {
$ph->scaleImage(320);
$p['scale'] = 2;
$r3 = $ph->save($p);
$smallest = 2;
if (!$r3) {
$errors = true;
}
}
if ($errors) {
q("delete from photo where resource_id = '%s' and uid = %d", dbesc($photo_hash), intval($channel_id));
$ret['message'] = t('Photo storage failed.');
logger('photo_upload: photo store failed.');
call_hooks('photo_upload_end', $ret);
return $ret;
}
// This will be the width and height of the smallest representation
$width_x_height = $ph->getWidth() . 'x' . $ph->getHeight();
// Create item container
$item_hidden = $visible ? 0 : 1;
$lat = $lon = null;
if ($exif && $exif['GPS']) {
if (feature_enabled($channel_id, 'photo_location')) {
$lat = getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']);
$lon = getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']);
}
}
if ($args['item']) {
foreach ($args['item'] as $i) {
$item = get_item_elements($i);
$force = false;
if ($item['mid'] === $item['parent_mid']) {
$item['body'] = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']' . $tag . z_root() . "/photo/{$photo_hash}-{$smallest}." . $ph->getExt() . '[/zmg]' . '[/zrl]';
if ($item['author_xchan'] === $channel['channel_hash']) {
$item['sig'] = base64url_encode(rsa_sign($item['body'], $channel['channel_prvkey']));
$item['item_verified'] = 1;
} else {
$item['sig'] = '';
}
$force = true;
}
$r = q("select id, edited from item where mid = '%s' and uid = %d limit 1", dbesc($item['mid']), intval($channel['channel_id']));
if ($r) {
if ($item['edited'] > $r[0]['edited'] || $force) {
$item['id'] = $r[0]['id'];
$item['uid'] = $channel['channel_id'];
item_store_update($item);
continue;
}
} else {
$item['aid'] = $channel['channel_account_id'];
$item['uid'] = $channel['channel_id'];
$item_result = item_store($item);
}
}
} else {
$title = '';
$mid = item_message_id();
$arr = array();
if ($lat && $lon) {
$arr['coord'] = $lat . ' ' . $lon;
}
$arr['aid'] = $account_id;
$arr['uid'] = $channel_id;
$arr['mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['item_hidden'] = $item_hidden;
$arr['resource_type'] = 'photo';
$arr['resource_id'] = $photo_hash;
$arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $observer['xchan_hash'];
$arr['title'] = $title;
$arr['allow_cid'] = $ac['allow_cid'];
$arr['allow_gid'] = $ac['allow_gid'];
$arr['deny_cid'] = $ac['deny_cid'];
$arr['deny_gid'] = $ac['deny_gid'];
$arr['verb'] = ACTIVITY_POST;
$arr['item_wall'] = 1;
$arr['item_origin'] = 1;
$arr['item_thread_top'] = 1;
$arr['item_private'] = intval($acl->is_private());
$arr['plink'] = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $arr['mid'];
// We should also put a width_x_height on large photos. Left as an exercise for
// devs looking for simple stuff to fix.
$larger = feature_enabled($channel['channel_id'], 'large_photos');
if ($larger) {
$tag = '[zmg]';
if ($r2) {
$smallest = 1;
} else {
$smallest = 0;
}
} else {
if ($width_x_height) {
$tag = '[zmg=' . $width_x_height . ']';
} else {
$tag = '[zmg]';
}
}
$arr['body'] = '[zrl=' . z_root() . '/photos/' . $channel['channel_address'] . '/image/' . $photo_hash . ']' . $tag . z_root() . "/photo/{$photo_hash}-{$smallest}." . $ph->getExt() . '[/zmg]' . '[/zrl]';
$result = item_store($arr);
$item_id = $result['item_id'];
if ($visible) {
proc_run('php', "include/notifier.php", 'wall-new', $item_id);
}
}
$ret['success'] = true;
$ret['item'] = $arr;
$ret['body'] = $arr['body'];
$ret['resource_id'] = $photo_hash;
$ret['photoitem_id'] = $item_id;
call_hooks('photo_upload_end', $ret);
return $ret;
}
