function item_store_update($arr, $allow_exec = false) { $d = array('item' => $arr, 'allow_exec' => $allow_exec); call_hooks('item_store_update', $d); $arr = $d['item']; $allow_exec = $d['allow_exec']; $ret = array('success' => false, 'item_id' => 0); if (!intval($arr['uid'])) { logger('item_store_update: no uid'); $ret['message'] = 'no uid.'; return $ret; } if (!intval($arr['id'])) { logger('item_store_update: no id'); $ret['message'] = 'no id.'; return $ret; } $orig_post_id = $arr['id']; $uid = $arr['uid']; $orig = q("select * from item where id = %d and uid = %d limit 1", intval($orig_post_id), intval($uid)); if (!$orig) { logger('item_store_update: original post not found: ' . $orig_post_id); $ret['message'] = 'no original'; return $ret; } // override the unseen flag with the original if (intval($arr['item_flags'])) { $arr['item_unseen'] = 0; } if ($orig[0]['item_flags'] & ITEM_VERIFIED) { $orig[0]['item_flags'] = $orig[0]['item_flags'] ^ ITEM_VERIFIED; } if ($orig[0]['item_flags'] & ITEM_OBSCURED) { $orig[0]['item_flags'] = $orig[0]['item_flags'] ^ ITEM_OBSCURED; } $arr['item_flags'] = intval($arr['item_flags']) | $orig[0]['item_flags']; $arr['item_restrict'] = intval($arr['item_restrict']) | $orig[0]['item_restrict']; if (array_key_exists('edit', $arr)) { unset($arr['edit']); } $arr['mimetype'] = x($arr, 'mimetype') ? notags(trim($arr['mimetype'])) : 'text/bbcode'; if ($arr['mimetype'] == 'application/x-php' && !$allow_exec) { logger('item_store: php mimetype but allow_exec is denied.'); $ret['message'] = 'exec denied.'; return $ret; } if (!($arr['item_flags'] & ITEM_OBSCURED)) { $arr['lang'] = detect_language($arr['body']); // apply the input filter here - if it is obscured it has been filtered already $arr['body'] = trim(z_input_filter($arr['uid'], $arr['body'], $arr['mimetype'])); if (local_channel() && !$arr['sig']) { $channel = get_app()->get_channel(); if ($channel['channel_hash'] === $arr['author_xchan']) { $arr['sig'] = base64url_encode(rsa_sign($arr['body'], $channel['channel_prvkey'])); $arr['item_flags'] |= ITEM_VERIFIED; } } $allowed_languages = get_pconfig($arr['uid'], 'system', 'allowed_languages'); if (is_array($allowed_languages) && $arr['lang'] && !array_key_exists($arr['lang'], $allowed_languages)) { $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); call_hooks('item_translate', $translate); if (!$translate['translated'] && intval(get_pconfig($arr['uid'], 'system', 'reject_disallowed_languages'))) { logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); $ret['message'] = 'language not accepted'; return $ret; } $arr = $translate['item']; } if ($arr['item_private']) { $key = get_config('system', 'pubkey'); $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED; if ($arr['title']) { $arr['title'] = json_encode(crypto_encapsulate($arr['title'], $key)); } if ($arr['body']) { $arr['body'] = json_encode(crypto_encapsulate($arr['body'], $key)); } } } if (x($arr, 'object') && is_array($arr['object'])) { activity_sanitise($arr['object']); $arr['object'] = json_encode($arr['object']); } if (x($arr, 'target') && is_array($arr['target'])) { activity_sanitise($arr['target']); $arr['target'] = json_encode($arr['target']); } if (x($arr, 'attach') && is_array($arr['attach'])) { activity_sanitise($arr['attach']); $arr['attach'] = json_encode($arr['attach']); } unset($arr['id']); unset($arr['uid']); unset($arr['aid']); unset($arr['mid']); unset($arr['parent']); unset($arr['parent_mid']); unset($arr['created']); unset($arr['author_xchan']); unset($arr['owner_xchan']); unset($arr['thr_parent']); unset($arr['llink']); $arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert(); $arr['expires'] = x($arr, 'expires') !== false ? datetime_convert('UTC', 'UTC', $arr['expires']) : $orig[0]['expires']; if (array_key_exists('comments_closed', $arr) && $arr['comments_closed'] != NULL_DATE) { $arr['comments_closed'] = datetime_convert('UTC', 'UTC', $arr['comments_closed']); } else { $arr['comments_closed'] = $orig[0]['comments_closed']; } $arr['commented'] = $orig[0]['commented']; $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['route'] = array_key_exists('route', $arr) ? trim($arr['route']) : $orig[0]['route']; $arr['diaspora_meta'] = x($arr, 'diaspora_meta') ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta']; $arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : $orig[0]['location']; $arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : $orig[0]['coord']; $arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : $orig[0]['verb']; $arr['obj_type'] = x($arr, 'obj_type') ? notags(trim($arr['obj_type'])) : $orig[0]['obj_type']; $arr['object'] = x($arr, 'object') ? trim($arr['object']) : $orig[0]['object']; $arr['tgt_type'] = x($arr, 'tgt_type') ? notags(trim($arr['tgt_type'])) : $orig[0]['tgt_type']; $arr['target'] = x($arr, 'target') ? trim($arr['target']) : $orig[0]['target']; $arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : $orig[0]['plink']; $arr['allow_cid'] = array_key_exists('allow_cid', $arr) ? trim($arr['allow_cid']) : $orig[0]['allow_cid']; $arr['allow_gid'] = array_key_exists('allow_gid', $arr) ? trim($arr['allow_gid']) : $orig[0]['allow_gid']; $arr['deny_cid'] = array_key_exists('deny_cid', $arr) ? trim($arr['deny_cid']) : $orig[0]['deny_cid']; $arr['deny_gid'] = array_key_exists('deny_gid', $arr) ? trim($arr['deny_gid']) : $orig[0]['deny_gid']; $arr['item_private'] = array_key_exists('item_private', $arr) ? intval($arr['item_private']) : $orig[0]['item_private']; $arr['title'] = array_key_exists('title', $arr) ? trim($arr['title']) : $orig[0]['title']; $arr['body'] = array_key_exists('body', $arr) ? trim($arr['body']) : $orig[0]['body']; $arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : $orig[0]['attach']; $arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : $orig[0]['app']; // $arr['item_restrict'] = ((x($arr,'item_restrict')) ? intval($arr['item_restrict']) : $orig[0]['item_restrict'] ); // $arr['item_flags'] = ((x($arr,'item_flags')) ? intval($arr['item_flags']) : $orig[0]['item_flags'] ); $arr['sig'] = x($arr, 'sig') ? $arr['sig'] : ''; $arr['layout_mid'] = array_key_exists('layout_mid', $arr) ? dbesc($arr['layout_mid']) : $orig[0]['layout_mid']; $arr['public_policy'] = x($arr, 'public_policy') ? notags(trim($arr['public_policy'])) : $orig[0]['public_policy']; $arr['comment_policy'] = x($arr, 'comment_policy') ? notags(trim($arr['comment_policy'])) : $orig[0]['comment_policy']; call_hooks('post_remote_update', $arr); if (x($arr, 'cancel')) { logger('item_store_update: post cancelled by plugin.'); $ret['message'] = 'cancelled.'; return $ret; } // pull out all the taxonomy stuff for separate storage $terms = null; if (array_key_exists('term', $arr)) { $terms = $arr['term']; unset($arr['term']); } dbesc_array($arr); logger('item_store_update: ' . print_r($arr, true), LOGGER_DATA); $str = ''; foreach ($arr as $k => $v) { if ($str) { $str .= ","; } $str .= " `" . $k . "` = '" . $v . "' "; } $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id); if ($r) { logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG); } else { logger('item_store_update: could not update item'); $ret['message'] = 'DB update failed.'; return $ret; } $r = q("delete from term where oid = %d and otype = %d", intval($orig_post_id), intval(TERM_OBJ_POST)); if (is_array($terms)) { foreach ($terms as $t) { q("insert into term (uid,oid,otype,type,term,url)\n\t\t\t\tvalues(%d,%d,%d,%d,'%s','%s') ", intval($uid), intval($orig_post_id), intval(TERM_OBJ_POST), intval($t['type']), dbesc($t['term']), dbesc($t['url'])); } $arr['term'] = $terms; } call_hooks('post_remote_update_end', $arr); send_status_notifications($orig_post_id, $arr); tag_deliver($uid, $orig_post_id); $ret['success'] = true; $ret['item_id'] = $orig_post_id; return $ret; }
/** * @brief Deletes an imported item. * * @param array $sender * * \e string \b hash a xchan_hash * @param array $item * @param int $uid * @param boolean $relay * @return boolean|int post_id */ function delete_imported_item($sender, $item, $uid, $relay) { logger('delete_imported_item invoked', LOGGER_DEBUG); $ownership_valid = false; $item_found = false; $post_id = 0; $r = q("select id, author_xchan, owner_xchan, source_xchan, item_deleted from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' )\n\t\tand mid = '%s' and uid = %d limit 1", dbesc($sender['hash']), dbesc($sender['hash']), dbesc($sender['hash']), dbesc($item['mid']), intval($uid)); if ($r) { if ($r[0]['author_xchan'] === $sender['hash'] || $r[0]['owner_xchan'] === $sender['hash'] || $r[0]['source_xchan'] === $sender['hash']) { $ownership_valid = true; } $post_id = $r[0]['id']; $item_found = true; } else { // perhaps the item is still in transit and the delete notification got here before the actual item did. Store it with the deleted flag set. // item_store() won't try to deliver any notifications or start delivery chains if this flag is set. // This means we won't end up with potentially even more delivery threads trying to push this delete notification. // But this will ensure that if the (undeleted) original post comes in at a later date, we'll reject it because it will have an older timestamp. logger('delete received for non-existent item - storing item data.'); /** @BUG $arr is undefined here, so this is dead code */ if ($arr['author_xchan'] === $sender['hash'] || $arr['owner_xchan'] === $sender['hash'] || $arr['source_xchan'] === $sender['hash']) { $ownership_valid = true; $item_result = item_store($arr); $post_id = $item_result['item_id']; } } if ($ownership_valid === false) { logger('delete_imported_item: failed: ownership issue'); return false; } require_once 'include/items.php'; if ($item_found) { if (intval($r[0]['item_deleted'])) { logger('delete_imported_item: item was already deleted'); if (!$relay) { return false; } // This is a bit hackish, but may have to suffice until the notification/delivery loop is optimised // a bit further. We're going to strip the ITEM_ORIGIN on this item if it's a comment, because // it was already deleted, and we're already relaying, and this ensures that no other process or // code path downstream can relay it again (causing a loop). Since it's already gone it's not coming // back, and we aren't going to (or shouldn't at any rate) delete it again in the future - so losing // this information from the metadata should have no other discernible impact. if ($r[0]['id'] != $r[0]['parent'] && intval($r[0]['item_origin'])) { q("update item set item_origin = 0 where id = %d and uid = %d", intval($r[0]['id']), intval($r[0]['uid'])); } } require_once 'include/items.php'; // Use phased deletion to set the deleted flag, call both tag_deliver and the notifier to notify downstream channels // and then clean up after ourselves with a cron job after several days to do the delete_item_lowlevel() (DROPITEM_PHASE2). drop_item($post_id, false, DROPITEM_PHASE1); tag_deliver($uid, $post_id); } return $post_id; }
function item_store($arr, $force_parent = false, $notify = false, $dontcache = false) { // If it is a posting where users should get notifications, then define it as wall posting if ($notify) { $arr['wall'] = 1; $arr['type'] = 'wall'; $arr['origin'] = 1; $arr['last-child'] = 1; $arr['network'] = NETWORK_DFRN; } // If a Diaspora signature structure was passed in, pull it out of the // item array and set it aside for later storage. $dsprsig = null; if (x($arr, 'dsprsig')) { $dsprsig = json_decode(base64_decode($arr['dsprsig'])); unset($arr['dsprsig']); } // Converting the plink if ($arr['network'] == NETWORK_OSTATUS) { if (isset($arr['plink'])) { $arr['plink'] = ostatus_convert_href($arr['plink']); } elseif (isset($arr['uri'])) { $arr['plink'] = ostatus_convert_href($arr['uri']); } } if (x($arr, 'gravity')) { $arr['gravity'] = intval($arr['gravity']); } elseif ($arr['parent-uri'] === $arr['uri']) { $arr['gravity'] = 0; } elseif (activity_match($arr['verb'], ACTIVITY_POST)) { $arr['gravity'] = 6; } else { $arr['gravity'] = 6; } // extensible catchall if (!x($arr, 'type')) { $arr['type'] = 'remote'; } /* check for create date and expire time */ $uid = intval($arr['uid']); $r = q("SELECT expire FROM user WHERE uid = %d", intval($uid)); if (count($r)) { $expire_interval = $r[0]['expire']; if ($expire_interval > 0) { $expire_date = new DateTime('- ' . $expire_interval . ' days', new DateTimeZone('UTC')); $created_date = new DateTime($arr['created'], new DateTimeZone('UTC')); if ($created_date < $expire_date) { logger('item-store: item created (' . $arr['created'] . ') before expiration time (' . $expire_date->format(DateTime::W3C) . '). ignored. ' . print_r($arr, true), LOGGER_DEBUG); return 0; } } } // Do we already have this item? // We have to check several networks since Friendica posts could be repeated via OStatus (maybe Diasporsa as well) if (in_array(trim($arr['network']), array(NETWORK_DIASPORA, NETWORK_DFRN, NETWORK_OSTATUS, ""))) { $r = q("SELECT `id`, `network` FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` IN ('%s', '%s', '%s') LIMIT 1", dbesc(trim($arr['uri'])), intval($uid), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_DFRN), dbesc(NETWORK_OSTATUS)); if ($r) { // We only log the entries with a different user id than 0. Otherwise we would have too many false positives if ($uid != 0) { logger("Item with uri " . $arr['uri'] . " already existed for user " . $uid . " with id " . $r[0]["id"] . " target network " . $r[0]["network"] . " - new network: " . $arr['network']); } return $r[0]["id"]; } } // If there is no guid then take the same guid that was taken before for the same uri if (trim($arr['guid']) == "" and trim($arr['uri']) != "" and trim($arr['network']) != "") { logger('item_store: checking for an existing guid for uri ' . $arr['uri'], LOGGER_DEBUG); $r = q("SELECT `guid` FROM `guid` WHERE `uri` = '%s' AND `network` = '%s' LIMIT 1", dbesc(trim($arr['uri'])), dbesc(trim($arr['network']))); if (count($r)) { $arr['guid'] = $r[0]["guid"]; logger('item_store: found guid ' . $arr['guid'] . ' for uri ' . $arr['uri'], LOGGER_DEBUG); } } // If there is no guid then take the same guid that was taken before for the same plink if (trim($arr['guid']) == "" and trim($arr['plink']) != "" and trim($arr['network']) != "") { logger('item_store: checking for an existing guid for plink ' . $arr['plink'], LOGGER_DEBUG); $r = q("SELECT `guid`, `uri` FROM `guid` WHERE `plink` = '%s' AND `network` = '%s' LIMIT 1", dbesc(trim($arr['plink'])), dbesc(trim($arr['network']))); if (count($r)) { $arr['guid'] = $r[0]["guid"]; logger('item_store: found guid ' . $arr['guid'] . ' for plink ' . $arr['plink'], LOGGER_DEBUG); if ($r[0]["uri"] != $arr['uri']) { logger('Different uri for same guid: ' . $arr['uri'] . ' and ' . $r[0]["uri"] . ' - this shouldnt happen!', LOGGER_DEBUG); } } } // Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin. // Deactivated, since the bbcode parser can handle with it - and it destroys posts with some smileys that contain "<" //if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false)) // $arr['body'] = strip_tags($arr['body']); item_add_language_opt($arr); if ($notify) { $guid_prefix = ""; } else { $parsed = parse_url($arr["author-link"]); $guid_prefix = hash("crc32", $parsed["host"]); } $arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0; $arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid(32, $guid_prefix); $arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : $arr['guid']; $arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : ''; $arr['author-name'] = x($arr, 'author-name') ? trim($arr['author-name']) : ''; $arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : ''; $arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : ''; $arr['owner-name'] = x($arr, 'owner-name') ? trim($arr['owner-name']) : ''; $arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : ''; $arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : ''; $arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert(); $arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert(); $arr['commented'] = x($arr, 'commented') !== false ? datetime_convert('UTC', 'UTC', $arr['commented']) : datetime_convert(); $arr['received'] = x($arr, 'received') !== false ? datetime_convert('UTC', 'UTC', $arr['received']) : datetime_convert(); $arr['changed'] = x($arr, 'changed') !== false ? datetime_convert('UTC', 'UTC', $arr['changed']) : datetime_convert(); $arr['title'] = x($arr, 'title') ? trim($arr['title']) : ''; $arr['location'] = x($arr, 'location') ? trim($arr['location']) : ''; $arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : ''; $arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0; $arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1; $arr['deleted'] = 0; $arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : ''; $arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : ''; $arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : ''; $arr['object'] = x($arr, 'object') ? trim($arr['object']) : ''; $arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : ''; $arr['target'] = x($arr, 'target') ? trim($arr['target']) : ''; $arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : ''; $arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : ''; $arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : ''; $arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : ''; $arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : ''; $arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0; $arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0; $arr['body'] = x($arr, 'body') ? trim($arr['body']) : ''; $arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : ''; $arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : ''; $arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : ''; $arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0; $arr['network'] = x($arr, 'network') ? trim($arr['network']) : ''; $arr['postopts'] = x($arr, 'postopts') ? trim($arr['postopts']) : ''; $arr['resource-id'] = x($arr, 'resource-id') ? trim($arr['resource-id']) : ''; $arr['event-id'] = x($arr, 'event-id') ? intval($arr['event-id']) : 0; $arr['inform'] = x($arr, 'inform') ? trim($arr['inform']) : ''; $arr['file'] = x($arr, 'file') ? trim($arr['file']) : ''; if ($arr['plink'] == "") { $a = get_app(); $arr['plink'] = $a->get_baseurl() . '/display/' . urlencode($arr['guid']); } if ($arr['network'] == "") { $r = q("SELECT `network` FROM `contact` WHERE `network` IN ('%s', '%s', '%s') AND `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS), dbesc(normalise_link($arr['author-link'])), intval($arr['uid'])); if (!count($r)) { $r = q("SELECT `network` FROM `gcontact` WHERE `network` IN ('%s', '%s', '%s') AND `nurl` = '%s' LIMIT 1", dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS), dbesc(normalise_link($arr['author-link']))); } if (!count($r)) { $r = q("SELECT `network` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($arr['contact-id']), intval($arr['uid'])); } if (count($r)) { $arr['network'] = $r[0]["network"]; } // Fallback to friendica (why is it empty in some cases?) if ($arr['network'] == "") { $arr['network'] = NETWORK_DFRN; } logger("item_store: Set network to " . $arr["network"] . " for " . $arr["uri"], LOGGER_DEBUG); } if ($arr['guid'] != "") { // Checking if there is already an item with the same guid logger('checking for an item for user ' . $arr['uid'] . ' on network ' . $arr['network'] . ' with the guid ' . $arr['guid'], LOGGER_DEBUG); $r = q("SELECT `guid` FROM `item` WHERE `guid` = '%s' AND `network` = '%s' AND `uid` = '%d' LIMIT 1", dbesc($arr['guid']), dbesc($arr['network']), intval($arr['uid'])); if (count($r)) { logger('found item with guid ' . $arr['guid'] . ' for user ' . $arr['uid'] . ' on network ' . $arr['network'], LOGGER_DEBUG); return 0; } } // Check for hashtags in the body and repair or add hashtag links item_body_set_hashtags($arr); $arr['thr-parent'] = $arr['parent-uri']; if ($arr['parent-uri'] === $arr['uri']) { $parent_id = 0; $parent_deleted = 0; $allow_cid = $arr['allow_cid']; $allow_gid = $arr['allow_gid']; $deny_cid = $arr['deny_cid']; $deny_gid = $arr['deny_gid']; $notify_type = 'wall-new'; } else { // find the parent and snarf the item id and ACLs // and anything else we need to inherit $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid'])); if (count($r)) { // is the new message multi-level threaded? // even though we don't support it now, preserve the info // and re-attach to the conversation parent. if ($r[0]['uri'] != $r[0]['parent-uri']) { $arr['parent-uri'] = $r[0]['parent-uri']; $z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d\n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid'])); if ($z && count($z)) { $r = $z; } } $parent_id = $r[0]['id']; $parent_deleted = $r[0]['deleted']; $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; $deny_cid = $r[0]['deny_cid']; $deny_gid = $r[0]['deny_gid']; $arr['wall'] = $r[0]['wall']; $notify_type = 'comment-new'; // if the parent is private, force privacy for the entire conversation // This differs from the above settings as it subtly allows comments from // email correspondents to be private even if the overall thread is not. if ($r[0]['private']) { $arr['private'] = $r[0]['private']; } // Edge case. We host a public forum that was originally posted to privately. // The original author commented, but as this is a comment, the permissions // weren't fixed up so it will still show the comment as private unless we fix it here. if (intval($r[0]['forum_mode']) == 1 && !$r[0]['private']) { $arr['private'] = 0; } // If its a post from myself then tag the thread as "mention" logger("item_store: Checking if parent " . $parent_id . " has to be tagged as mention for user " . $arr['uid'], LOGGER_DEBUG); $u = q("select * from user where uid = %d limit 1", intval($arr['uid'])); if (count($u)) { $a = get_app(); $self = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']); logger("item_store: 'myself' is " . $self . " for parent " . $parent_id . " checking against " . $arr['author-link'] . " and " . $arr['owner-link'], LOGGER_DEBUG); if (normalise_link($arr['author-link']) == $self or normalise_link($arr['owner-link']) == $self) { q("UPDATE `thread` SET `mention` = 1 WHERE `iid` = %d", intval($parent_id)); logger("item_store: tagged thread " . $parent_id . " as mention for user " . $self, LOGGER_DEBUG); } } } else { // Allow one to see reply tweets from status.net even when // we don't have or can't see the original post. if ($force_parent) { logger('item_store: $force_parent=true, reply converted to top-level post.'); $parent_id = 0; $arr['parent-uri'] = $arr['uri']; $arr['gravity'] = 0; } else { logger('item_store: item parent ' . $arr['parent-uri'] . ' for ' . $arr['uid'] . ' was not found - ignoring item'); return 0; } $parent_deleted = 0; } } $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `network` IN ('%s', '%s') AND `uid` = %d LIMIT 1", dbesc($arr['uri']), dbesc($arr['network']), dbesc(NETWORK_DFRN), intval($arr['uid'])); if ($r && count($r)) { logger('duplicated item with the same uri found. ' . print_r($arr, true)); return 0; } // Check for an existing post with the same content. There seems to be a problem with OStatus. $r = q("SELECT `id` FROM `item` WHERE `body` = '%s' AND `network` = '%s' AND `created` = '%s' AND `contact-id` = %d AND `uid` = %d LIMIT 1", dbesc($arr['body']), dbesc($arr['network']), dbesc($arr['created']), intval($arr['contact-id']), intval($arr['uid'])); if ($r && count($r)) { logger('duplicated item with the same body found. ' . print_r($arr, true)); return 0; } // Is this item available in the global items (with uid=0)? if ($arr["uid"] == 0) { $arr["global"] = true; q("UPDATE `item` SET `global` = 1 WHERE `guid` = '%s'", dbesc($arr["guid"])); } else { $isglobal = q("SELECT `global` FROM `item` WHERE `uid` = 0 AND `guid` = '%s'", dbesc($arr["guid"])); $arr["global"] = count($isglobal) > 0; } // Fill the cache field put_item_in_cache($arr); if ($notify) { call_hooks('post_local', $arr); } else { call_hooks('post_remote', $arr); } if (x($arr, 'cancel')) { logger('item_store: post cancelled by plugin.'); return 0; } // Store the unescaped version $unescaped = $arr; dbesc_array($arr); logger('item_store: ' . print_r($arr, true), LOGGER_DATA); $r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')"); // And restore it $arr = $unescaped; // find the item that we just created $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` = '%s' ORDER BY `id` ASC", dbesc($arr['uri']), intval($arr['uid']), dbesc($arr['network'])); if (count($r) > 1) { // There are duplicates. Keep the oldest one, delete the others logger('item_store: duplicated post occurred. Removing newer duplicates. uri = ' . $arr['uri'] . ' uid = ' . $arr['uid']); q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` = '%s' AND `id` > %d", dbesc($arr['uri']), intval($arr['uid']), dbesc($arr['network']), intval($r[0]["id"])); return 0; } elseif (count($r)) { // Store the guid and other relevant data add_guid($arr); $current_post = $r[0]['id']; logger('item_store: created item ' . $current_post); // Set "success_update" and "last-item" to the date of the last time we heard from this contact // This can be used to filter for inactive contacts. // Only do this for public postings to avoid privacy problems, since poco data is public. // Don't set this value if it isn't from the owner (could be an author that we don't know) $update = (!$arr['private'] and ($arr["author-link"] === $arr["owner-link"] or $arr["parent-uri"] === $arr["uri"])); // Is it a forum? Then we don't care about the rules from above if (!$update and $arr["network"] == NETWORK_DFRN and $arr["parent-uri"] === $arr["uri"]) { $isforum = q("SELECT `forum` FROM `contact` WHERE `id` = %d AND `forum`", intval($arr['contact-id'])); if ($isforum) { $update = true; } } if ($update) { q("UPDATE `contact` SET `success_update` = '%s', `last-item` = '%s' WHERE `id` = %d", dbesc($arr['received']), dbesc($arr['received']), intval($arr['contact-id'])); } } else { logger('item_store: could not locate created item'); return 0; } if (!$parent_id || $arr['parent-uri'] === $arr['uri']) { $parent_id = $current_post; } if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) { $private = 1; } else { $private = $arr['private']; } // Set parent id - and also make sure to inherit the parent's ACLs. $r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post)); $arr['id'] = $current_post; $arr['parent'] = $parent_id; $arr['allow_cid'] = $allow_cid; $arr['allow_gid'] = $allow_gid; $arr['deny_cid'] = $deny_cid; $arr['deny_gid'] = $deny_gid; $arr['private'] = $private; $arr['deleted'] = $parent_deleted; // update the commented timestamp on the parent // Only update "commented" if it is really a comment if ($arr['verb'] == ACTIVITY_POST or !get_config("system", "like_no_comment")) { q("UPDATE `item` SET `commented` = '%s', `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id)); } else { q("UPDATE `item` SET `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), intval($parent_id)); } if ($dsprsig) { q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer)); } /** * If this is now the last-child, force all _other_ children of this parent to *not* be last-child */ if ($arr['last-child']) { $r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post)); } $deleted = tag_deliver($arr['uid'], $current_post); // current post can be deleted if is for a community page and no mention are // in it. if (!$deleted and !$dontcache) { $r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post)); if (count($r) == 1) { if ($notify) { call_hooks('post_local_end', $r[0]); } else { call_hooks('post_remote_end', $r[0]); } } else { logger('item_store: new item not found in DB, id ' . $current_post); } } // Add every contact of the post to the global contact table poco_store($arr); create_tags_from_item($current_post); create_files_from_item($current_post); // Only check for notifications on start posts if ($arr['parent-uri'] === $arr['uri']) { add_thread($current_post); logger('item_store: Check notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG); // Send a notification for every new post? $r = q("SELECT `notify_new_posts` FROM `contact` WHERE `id` = %d AND `uid` = %d AND `notify_new_posts` LIMIT 1", intval($arr['contact-id']), intval($arr['uid'])); $send_notification = count($r); if (!$send_notification) { $tags = q("SELECT `url` FROM `term` WHERE `otype` = %d AND `oid` = %d AND `type` = %d AND `uid` = %d", intval(TERM_OBJ_POST), intval($current_post), intval(TERM_MENTION), intval($arr['uid'])); if (count($tags)) { foreach ($tags as $tag) { $r = q("SELECT `id` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `notify_new_posts`", normalise_link($tag["url"]), intval($arr['uid'])); if (count($r)) { $send_notification = true; } } } } if ($send_notification) { logger('item_store: Send notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG); $u = q("SELECT * FROM user WHERE uid = %d LIMIT 1", intval($arr['uid'])); $item = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d", intval($current_post), intval($arr['uid'])); $a = get_app(); require_once 'include/enotify.php'; notification(array('type' => NOTIFY_SHARE, 'notify_flags' => $u[0]['notify-flags'], 'language' => $u[0]['language'], 'to_name' => $u[0]['username'], 'to_email' => $u[0]['email'], 'uid' => $u[0]['uid'], 'item' => $item[0], 'link' => $a->get_baseurl() . '/display/' . urlencode($arr['guid']), 'source_name' => $item[0]['author-name'], 'source_link' => $item[0]['author-link'], 'source_photo' => $item[0]['author-avatar'], 'verb' => ACTIVITY_TAG, 'otype' => 'item', 'parent' => $arr['parent'])); logger('item_store: Notification sent for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG); } } else { update_thread($parent_id); add_shadow_entry($arr); } if ($notify) { proc_run('php', "include/notifier.php", $notify_type, $current_post); } return $current_post; }
function item_content(&$a) { if (!local_channel() && !remote_channel()) { return; } require_once 'include/security.php'; if (argc() == 3 && argv(1) === 'drop' && intval(argv(2))) { require_once 'include/items.php'; $i = q("select id, uid, author_xchan, owner_xchan, source_xchan, item_restrict from item where id = %d limit 1", intval(argv(2))); if ($i) { $can_delete = false; $local_delete = false; if (local_channel() && local_channel() == $i[0]['uid']) { $local_delete = true; } $sys = get_sys_channel(); if (is_site_admin() && $sys['channel_id'] == $i[0]['uid']) { $can_delete = true; } $ob_hash = get_observer_hash(); if ($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) { $can_delete = true; } if (!($can_delete || $local_delete)) { notice(t('Permission denied.') . EOL); return; } // if this is a different page type or it's just a local delete // but not by the item author or owner, do a simple deletion if ($i[0]['item_restrict'] || $local_delete && !$can_delete) { drop_item($i[0]['id']); } else { // complex deletion that needs to propagate and be performed in phases drop_item($i[0]['id'], true, DROPITEM_PHASE1); tag_deliver($i[0]['uid'], $i[0]['id']); } } } }
function item_store_update($arr, $allow_exec = false, $deliver = true) { $d = array('item' => $arr, 'allow_exec' => $allow_exec); call_hooks('item_store_update', $d); $arr = $d['item']; $allow_exec = $d['allow_exec']; $ret = array('success' => false, 'item_id' => 0); if (!intval($arr['uid'])) { logger('item_store_update: no uid'); $ret['message'] = 'no uid.'; return $ret; } if (!intval($arr['id'])) { logger('item_store_update: no id'); $ret['message'] = 'no id.'; return $ret; } $orig_post_id = $arr['id']; $uid = $arr['uid']; $orig = q("select * from item where id = %d and uid = %d limit 1", intval($orig_post_id), intval($uid)); if (!$orig) { logger('item_store_update: original post not found: ' . $orig_post_id); $ret['message'] = 'no original'; return $ret; } // override the unseen flag with the original $arr['item_unseen'] = $orig[0]['item_unseen']; if (array_key_exists('edit', $arr)) { unset($arr['edit']); } $arr['mimetype'] = x($arr, 'mimetype') ? notags(trim($arr['mimetype'])) : 'text/bbcode'; if ($arr['mimetype'] == 'application/x-php' && !$allow_exec) { logger('item_store: php mimetype but allow_exec is denied.'); $ret['message'] = 'exec denied.'; return $ret; } if (!array_key_exists('item_obscured', $arr) || $arr['item_obscured'] == 0) { $arr['lang'] = detect_language($arr['body']); // apply the input filter here - if it is obscured it has been filtered already $arr['body'] = trim(z_input_filter($arr['uid'], $arr['body'], $arr['mimetype'])); if (local_channel() && !$arr['sig']) { $channel = App::get_channel(); if ($channel['channel_hash'] === $arr['author_xchan']) { $arr['sig'] = base64url_encode(rsa_sign($arr['body'], $channel['channel_prvkey'])); $arr['item_verified'] = 1; } } $allowed_languages = get_pconfig($arr['uid'], 'system', 'allowed_languages'); if (is_array($allowed_languages) && $arr['lang'] && !array_key_exists($arr['lang'], $allowed_languages)) { $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); call_hooks('item_translate', $translate); if (!$translate['translated'] && intval(get_pconfig($arr['uid'], 'system', 'reject_disallowed_languages'))) { logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); $ret['message'] = 'language not accepted'; return $ret; } $arr = $translate['item']; } } if (x($arr, 'obj') && is_array($arr['obj'])) { activity_sanitise($arr['obj']); $arr['obj'] = json_encode($arr['obj']); } if (x($arr, 'target') && is_array($arr['target'])) { activity_sanitise($arr['target']); $arr['target'] = json_encode($arr['target']); } if (x($arr, 'attach') && is_array($arr['attach'])) { activity_sanitise($arr['attach']); $arr['attach'] = json_encode($arr['attach']); } unset($arr['id']); unset($arr['uid']); unset($arr['aid']); unset($arr['mid']); unset($arr['parent']); unset($arr['parent_mid']); unset($arr['created']); unset($arr['author_xchan']); unset($arr['owner_xchan']); unset($arr['thr_parent']); unset($arr['llink']); $arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert(); $arr['expires'] = x($arr, 'expires') !== false ? datetime_convert('UTC', 'UTC', $arr['expires']) : $orig[0]['expires']; if (array_key_exists('comments_closed', $arr) && $arr['comments_closed'] > NULL_DATE) { $arr['comments_closed'] = datetime_convert('UTC', 'UTC', $arr['comments_closed']); } else { $arr['comments_closed'] = $orig[0]['comments_closed']; } $arr['commented'] = $orig[0]['commented']; if ($deliver) { $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); } else { // When deliver flag is false, we are *probably* performing an import or bulk migration. // If one updates the changed timestamp it will be made available to zotfeed and delivery // will still take place through backdoor methods. Since these fields are rarely used // otherwise, just preserve the original timestamp. $arr['received'] = $orig[0]['received']; $arr['changed'] = $orig[0]['changed']; } $arr['route'] = array_key_exists('route', $arr) ? trim($arr['route']) : $orig[0]['route']; $arr['diaspora_meta'] = x($arr, 'diaspora_meta') ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta']; $arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : $orig[0]['location']; $arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : $orig[0]['coord']; $arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : $orig[0]['verb']; $arr['obj_type'] = x($arr, 'obj_type') ? notags(trim($arr['obj_type'])) : $orig[0]['obj_type']; $arr['obj'] = x($arr, 'obj') ? trim($arr['obj']) : $orig[0]['obj']; $arr['tgt_type'] = x($arr, 'tgt_type') ? notags(trim($arr['tgt_type'])) : $orig[0]['tgt_type']; $arr['target'] = x($arr, 'target') ? trim($arr['target']) : $orig[0]['target']; $arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : $orig[0]['plink']; $arr['allow_cid'] = array_key_exists('allow_cid', $arr) ? trim($arr['allow_cid']) : $orig[0]['allow_cid']; $arr['allow_gid'] = array_key_exists('allow_gid', $arr) ? trim($arr['allow_gid']) : $orig[0]['allow_gid']; $arr['deny_cid'] = array_key_exists('deny_cid', $arr) ? trim($arr['deny_cid']) : $orig[0]['deny_cid']; $arr['deny_gid'] = array_key_exists('deny_gid', $arr) ? trim($arr['deny_gid']) : $orig[0]['deny_gid']; $arr['item_private'] = array_key_exists('item_private', $arr) ? intval($arr['item_private']) : $orig[0]['item_private']; $arr['title'] = array_key_exists('title', $arr) && strlen($arr['title']) ? trim($arr['title']) : ''; $arr['body'] = array_key_exists('body', $arr) && strlen($arr['body']) ? trim($arr['body']) : ''; $arr['html'] = array_key_exists('html', $arr) && strlen($arr['html']) ? trim($arr['html']) : ''; $arr['attach'] = array_key_exists('attach', $arr) ? notags(trim($arr['attach'])) : $orig[0]['attach']; $arr['app'] = array_key_exists('app', $arr) ? notags(trim($arr['app'])) : $orig[0]['app']; $arr['item_origin'] = array_key_exists('item_origin', $arr) ? intval($arr['item_origin']) : $orig[0]['item_origin']; $arr['item_unseen'] = array_key_exists('item_unseen', $arr) ? intval($arr['item_unseen']) : $orig[0]['item_unseen']; $arr['item_starred'] = array_key_exists('item_starred', $arr) ? intval($arr['item_starred']) : $orig[0]['item_starred']; $arr['item_uplink'] = array_key_exists('item_uplink', $arr) ? intval($arr['item_uplink']) : $orig[0]['item_uplink']; $arr['item_consensus'] = array_key_exists('item_consensus', $arr) ? intval($arr['item_consensus']) : $orig[0]['item_consensus']; $arr['item_wall'] = array_key_exists('item_wall', $arr) ? intval($arr['item_wall']) : $orig[0]['item_wall']; $arr['item_thread_top'] = array_key_exists('item_thread_top', $arr) ? intval($arr['item_thread_top']) : $orig[0]['item_thread_top']; $arr['item_notshown'] = array_key_exists('item_notshown', $arr) ? intval($arr['item_notshown']) : $orig[0]['item_notshown']; $arr['item_nsfw'] = array_key_exists('item_nsfw', $arr) ? intval($arr['item_nsfw']) : $orig[0]['item_nsfw']; $arr['item_relay'] = array_key_exists('item_relay', $arr) ? intval($arr['item_relay']) : $orig[0]['item_relay']; $arr['item_mentionsme'] = array_key_exists('item_mentionsme', $arr) ? intval($arr['item_mentionsme']) : $orig[0]['item_mentionsme']; $arr['item_nocomment'] = array_key_exists('item_nocomment', $arr) ? intval($arr['item_nocomment']) : $orig[0]['item_nocomment']; $arr['item_obscured'] = array_key_exists('item_obscured', $arr) ? intval($arr['item_obscured']) : $orig[0]['item_obscured']; $arr['item_verified'] = array_key_exists('item_verified', $arr) ? intval($arr['item_verified']) : $orig[0]['item_verified']; $arr['item_retained'] = array_key_exists('item_retained', $arr) ? intval($arr['item_retained']) : $orig[0]['item_retained']; $arr['item_rss'] = array_key_exists('item_rss', $arr) ? intval($arr['item_rss']) : $orig[0]['item_rss']; $arr['item_deleted'] = array_key_exists('item_deleted', $arr) ? intval($arr['item_deleted']) : $orig[0]['item_deleted']; $arr['item_type'] = array_key_exists('item_type', $arr) ? intval($arr['item_type']) : $orig[0]['item_type']; $arr['item_hidden'] = array_key_exists('item_hidden', $arr) ? intval($arr['item_hidden']) : $orig[0]['item_hidden']; $arr['item_unpublished'] = array_key_exists('item_unpublished', $arr) ? intval($arr['item_unpublished']) : $orig[0]['item_unpublished']; $arr['item_delayed'] = array_key_exists('item_delayed', $arr) ? intval($arr['item_delayed']) : $orig[0]['item_delayed']; $arr['item_pending_remove'] = array_key_exists('item_pending_remove', $arr) ? intval($arr['item_pending_remove']) : $orig[0]['item_pending_remove']; $arr['item_blocked'] = array_key_exists('item_blocked', $arr) ? intval($arr['item_blocked']) : $orig[0]['item_blocked']; $arr['sig'] = x($arr, 'sig') ? $arr['sig'] : ''; $arr['layout_mid'] = array_key_exists('layout_mid', $arr) ? dbesc($arr['layout_mid']) : $orig[0]['layout_mid']; $arr['public_policy'] = x($arr, 'public_policy') ? notags(trim($arr['public_policy'])) : $orig[0]['public_policy']; $arr['comment_policy'] = x($arr, 'comment_policy') ? notags(trim($arr['comment_policy'])) : $orig[0]['comment_policy']; call_hooks('post_remote_update', $arr); if (x($arr, 'cancel')) { logger('item_store_update: post cancelled by plugin.'); $ret['message'] = 'cancelled.'; return $ret; } // pull out all the taxonomy stuff for separate storage $terms = null; if (array_key_exists('term', $arr)) { $terms = $arr['term']; unset($arr['term']); } $meta = null; if (array_key_exists('iconfig', $arr)) { $meta = $arr['iconfig']; unset($arr['iconfig']); } dbesc_array($arr); logger('item_store_update: ' . print_r($arr, true), LOGGER_DATA); $str = ''; foreach ($arr as $k => $v) { if ($str) { $str .= ","; } $str .= " `" . $k . "` = '" . $v . "' "; } $r = dbq("update `item` set " . $str . " where id = " . $orig_post_id); if ($r) { logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG); } else { logger('item_store_update: could not update item'); $ret['message'] = 'DB update failed.'; return $ret; } // fetch an unescaped complete copy of the stored item $r = q("select * from item where id = %d", intval($orig_post_id)); if ($r) { $arr = $r[0]; } $r = q("delete from term where oid = %d and otype = %d", intval($orig_post_id), intval(TERM_OBJ_POST)); if (is_array($terms)) { foreach ($terms as $t) { q("insert into term (uid,oid,otype,ttype,term,url)\n\t\t\t\tvalues(%d,%d,%d,%d,'%s','%s') ", intval($uid), intval($orig_post_id), intval(TERM_OBJ_POST), intval($t['ttype']), dbesc($t['term']), dbesc($t['url'])); } $arr['term'] = $terms; } $r = q("delete from iconfig where iid = %d", intval($orig_post_id)); if ($meta) { foreach ($meta as $m) { set_iconfig($orig_post_id, $m['cat'], $m['k'], $m['v'], $m['sharing']); } $arr['iconfig'] = $meta; } $ret['item'] = $arr; call_hooks('post_remote_update_end', $arr); if ($deliver) { send_status_notifications($orig_post_id, $arr); tag_deliver($uid, $orig_post_id); } $ret['success'] = true; $ret['item_id'] = $orig_post_id; return $ret; }
function item_store($arr, $force_parent = false) { // If a Diaspora signature structure was passed in, pull it out of the // item array and set it aside for later storage. $dsprsig = null; if (x($arr, 'dsprsig')) { $dsprsig = json_decode(base64_decode($arr['dsprsig'])); unset($arr['dsprsig']); } if (x($arr, 'gravity')) { $arr['gravity'] = intval($arr['gravity']); } elseif ($arr['parent-uri'] === $arr['uri']) { $arr['gravity'] = 0; } elseif (activity_match($arr['verb'], ACTIVITY_POST)) { $arr['gravity'] = 6; } else { $arr['gravity'] = 6; } // extensible catchall if (!x($arr, 'type')) { $arr['type'] = 'remote'; } // Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin. if (strpos($arr['body'], '<') !== false || strpos($arr['body'], '>') !== false) { $arr['body'] = strip_tags($arr['body']); } $arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0; $arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : random_string(); $arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : ''; $arr['author-name'] = x($arr, 'author-name') ? notags(trim($arr['author-name'])) : ''; $arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : ''; $arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : ''; $arr['owner-name'] = x($arr, 'owner-name') ? notags(trim($arr['owner-name'])) : ''; $arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : ''; $arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : ''; $arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert(); $arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert(); $arr['commented'] = datetime_convert(); $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['title'] = x($arr, 'title') ? notags(trim($arr['title'])) : ''; $arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : ''; $arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : ''; $arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0; $arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1; $arr['deleted'] = 0; $arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : ''; $arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : ''; $arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : ''; $arr['object'] = x($arr, 'object') ? trim($arr['object']) : ''; $arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : ''; $arr['target'] = x($arr, 'target') ? trim($arr['target']) : ''; $arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : ''; $arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : ''; $arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : ''; $arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : ''; $arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : ''; $arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0; $arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0; $arr['body'] = x($arr, 'body') ? trim($arr['body']) : ''; $arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : ''; $arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : ''; $arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : ''; $arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0; $arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid(); if ($arr['parent-uri'] === $arr['uri']) { $parent_id = 0; $parent_deleted = 0; $allow_cid = $arr['allow_cid']; $allow_gid = $arr['allow_gid']; $deny_cid = $arr['deny_cid']; $deny_gid = $arr['deny_gid']; } else { // find the parent and snarf the item id and ACL's // and anything else we need to inherit $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid'])); if (count($r)) { // is the new message multi-level threaded? // even though we don't support it now, preserve the info // and re-attach to the conversation parent. if ($r[0]['uri'] != $r[0]['parent-uri']) { $arr['thr-parent'] = $arr['parent-uri']; $arr['parent-uri'] = $r[0]['parent-uri']; $z = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d \n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid'])); if ($z && count($z)) { $r = $z; } } $parent_id = $r[0]['id']; $parent_deleted = $r[0]['deleted']; $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; $deny_cid = $r[0]['deny_cid']; $deny_gid = $r[0]['deny_gid']; $arr['wall'] = $r[0]['wall']; } else { // Allow one to see reply tweets from status.net even when // we don't have or can't see the original post. if ($force_parent) { logger('item_store: $force_parent=true, reply converted to top-level post.'); $parent_id = 0; $arr['thr-parent'] = $arr['parent-uri']; $arr['parent-uri'] = $arr['uri']; $arr['gravity'] = 0; } else { logger('item_store: item parent was not found - ignoring item'); return 0; } $parent_deleted = 0; } } $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($arr['uri']), intval($arr['uid'])); if ($r && count($r)) { logger('item-store: duplicate item ignored. ' . print_r($arr, true)); return 0; } call_hooks('post_remote', $arr); if (x($arr, 'cancel')) { logger('item_store: post cancelled by plugin.'); return 0; } dbesc_array($arr); logger('item_store: ' . print_r($arr, true), LOGGER_DATA); $r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')"); // find the item we just created $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ", $arr['uri'], intval($arr['uid'])); if (count($r)) { $current_post = $r[0]['id']; logger('item_store: created item ' . $current_post); } else { logger('item_store: could not locate created item'); return 0; } if (count($r) > 1) { logger('item_store: duplicated post occurred. Removing duplicates.'); q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ", $arr['uri'], intval($arr['uid']), intval($current_post)); } if (!$parent_id || $arr['parent-uri'] === $arr['uri']) { $parent_id = $current_post; } if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) { $private = 1; } else { $private = $arr['private']; } // Set parent id - and also make sure to inherit the parent's ACL's. $r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d LIMIT 1", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post)); // update the commented timestamp on the parent q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id)); if ($dsprsig) { q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer)); } /** * If this is now the last-child, force all _other_ children of this parent to *not* be last-child */ if ($arr['last-child']) { $r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post)); } tag_deliver($arr['uid'], $current_post); return $current_post; }
function item_store($arr, $force_parent = false) { // If a Diaspora signature structure was passed in, pull it out of the // item array and set it aside for later storage. $dsprsig = null; if (x($arr, 'dsprsig')) { $dsprsig = json_decode(base64_decode($arr['dsprsig'])); unset($arr['dsprsig']); } // if an OStatus conversation url was passed in, it is stored and then // removed from the array. $ostatus_conversation = null; if (isset($arr["ostatus_conversation"])) { $ostatus_conversation = $arr["ostatus_conversation"]; unset($arr["ostatus_conversation"]); } if (x($arr, 'gravity')) { $arr['gravity'] = intval($arr['gravity']); } elseif ($arr['parent-uri'] === $arr['uri']) { $arr['gravity'] = 0; } elseif (activity_match($arr['verb'], ACTIVITY_POST)) { $arr['gravity'] = 6; } else { $arr['gravity'] = 6; } // extensible catchall if (!x($arr, 'type')) { $arr['type'] = 'remote'; } // Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin. if (strpos($arr['body'], '<') !== false || strpos($arr['body'], '>') !== false) { $arr['body'] = strip_tags($arr['body']); } if (version_compare(PHP_VERSION, '5.3.0', '>=')) { require_once 'library/langdet/Text/LanguageDetect.php'; $naked_body = preg_replace('/\\[(.+?)\\]/', '', $arr['body']); $l = new Text_LanguageDetect(); //$lng = $l->detectConfidence($naked_body); //$arr['postopts'] = (($lng['language']) ? 'lang=' . $lng['language'] . ';' . $lng['confidence'] : ''); $lng = $l->detect($naked_body, 3); if (sizeof($lng) > 0) { $postopts = ""; foreach ($lng as $language => $score) { if ($postopts == "") { $postopts = "lang="; } else { $postopts .= ":"; } $postopts .= $language . ";" . $score; } $arr['postopts'] = $postopts; } } $arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0; $arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : random_string(); $arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : ''; $arr['author-name'] = x($arr, 'author-name') ? notags(trim($arr['author-name'])) : ''; $arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : ''; $arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : ''; $arr['owner-name'] = x($arr, 'owner-name') ? notags(trim($arr['owner-name'])) : ''; $arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : ''; $arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : ''; $arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert(); $arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert(); $arr['commented'] = datetime_convert(); $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['title'] = x($arr, 'title') ? notags(trim($arr['title'])) : ''; $arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : ''; $arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : ''; $arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0; $arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1; $arr['deleted'] = 0; $arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : ''; $arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : ''; $arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : ''; $arr['object'] = x($arr, 'object') ? trim($arr['object']) : ''; $arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : ''; $arr['target'] = x($arr, 'target') ? trim($arr['target']) : ''; $arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : ''; $arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : ''; $arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : ''; $arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : ''; $arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : ''; $arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0; $arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0; $arr['body'] = x($arr, 'body') ? trim($arr['body']) : ''; $arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : ''; $arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : ''; $arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : ''; $arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0; $arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid(); $arr['thr-parent'] = $arr['parent-uri']; if ($arr['parent-uri'] === $arr['uri']) { $parent_id = 0; $parent_deleted = 0; $allow_cid = $arr['allow_cid']; $allow_gid = $arr['allow_gid']; $deny_cid = $arr['deny_cid']; $deny_gid = $arr['deny_gid']; } else { // find the parent and snarf the item id and ACLs // and anything else we need to inherit $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid'])); if (count($r)) { // is the new message multi-level threaded? // even though we don't support it now, preserve the info // and re-attach to the conversation parent. if ($r[0]['uri'] != $r[0]['parent-uri']) { $arr['parent-uri'] = $r[0]['parent-uri']; $z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d \n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid'])); if ($z && count($z)) { $r = $z; } } $parent_id = $r[0]['id']; $parent_deleted = $r[0]['deleted']; $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; $deny_cid = $r[0]['deny_cid']; $deny_gid = $r[0]['deny_gid']; $arr['wall'] = $r[0]['wall']; // if the parent is private, force privacy for the entire conversation // This differs from the above settings as it subtly allows comments from // email correspondents to be private even if the overall thread is not. if ($r[0]['private']) { $arr['private'] = $r[0]['private']; } // Edge case. We host a public forum that was originally posted to privately. // The original author commented, but as this is a comment, the permissions // weren't fixed up so it will still show the comment as private unless we fix it here. if (intval($r[0]['forum_mode']) == 1 && !$r[0]['private']) { $arr['private'] = 0; } } else { // Allow one to see reply tweets from status.net even when // we don't have or can't see the original post. if ($force_parent) { logger('item_store: $force_parent=true, reply converted to top-level post.'); $parent_id = 0; $arr['parent-uri'] = $arr['uri']; $arr['gravity'] = 0; } else { logger('item_store: item parent was not found - ignoring item'); return 0; } $parent_deleted = 0; } } $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($arr['uri']), intval($arr['uid'])); if ($r && count($r)) { logger('item-store: duplicate item ignored. ' . print_r($arr, true)); return 0; } call_hooks('post_remote', $arr); if (x($arr, 'cancel')) { logger('item_store: post cancelled by plugin.'); return 0; } dbesc_array($arr); logger('item_store: ' . print_r($arr, true), LOGGER_DATA); $r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')"); // find the item we just created $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ", $arr['uri'], intval($arr['uid'])); if (count($r)) { $current_post = $r[0]['id']; logger('item_store: created item ' . $current_post); create_tags_from_item($r[0]['id']); } else { logger('item_store: could not locate created item'); return 0; } if (count($r) > 1) { logger('item_store: duplicated post occurred. Removing duplicates.'); q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ", $arr['uri'], intval($arr['uid']), intval($current_post)); } if (!$parent_id || $arr['parent-uri'] === $arr['uri']) { $parent_id = $current_post; } if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) { $private = 1; } else { $private = $arr['private']; } // Set parent id - and also make sure to inherit the parent's ACL's. $r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d LIMIT 1", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post)); create_tags_from_item($current_post); // Complete ostatus threads if ($ostatus_conversation) { complete_conversation($current_post, $ostatus_conversation); } $arr['id'] = $current_post; $arr['parent'] = $parent_id; $arr['allow_cid'] = $allow_cid; $arr['allow_gid'] = $allow_gid; $arr['deny_cid'] = $deny_cid; $arr['deny_gid'] = $deny_gid; $arr['private'] = $private; $arr['deleted'] = $parent_deleted; // update the commented timestamp on the parent q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id)); if ($dsprsig) { q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer)); } /** * If this is now the last-child, force all _other_ children of this parent to *not* be last-child */ if ($arr['last-child']) { $r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post)); } tag_deliver($arr['uid'], $current_post); // Store the fresh generated item into the cache $cachefile = get_cachefile($arr["guid"] . "-" . hash("md5", $arr['body'])); if ($cachefile != '' and !file_exists($cachefile)) { $s = prepare_text($arr['body']); $a = get_app(); $stamp1 = microtime(true); file_put_contents($cachefile, $s); $a->save_timestamp($stamp1, "file"); logger('item_store: put item ' . $current_post . ' into cachefile ' . $cachefile); } $r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post)); if (count($r) == 1) { call_hooks('post_remote_end', $r[0]); } else { logger('item_store: new item not found in DB, id ' . $current_post); } return $current_post; }
function item_store($arr, $force_parent = false, $notify = false) { // If it is a posting where users should get notifications, then define it as wall posting if ($notify) { $arr['wall'] = 1; $arr['type'] = 'wall'; $arr['origin'] = 1; $arr['last-child'] = 1; $arr['network'] = NETWORK_DFRN; } // If a Diaspora signature structure was passed in, pull it out of the // item array and set it aside for later storage. $dsprsig = null; if (x($arr, 'dsprsig')) { $dsprsig = json_decode(base64_decode($arr['dsprsig'])); unset($arr['dsprsig']); } // if an OStatus conversation url was passed in, it is stored and then // removed from the array. $ostatus_conversation = null; if (isset($arr["ostatus_conversation"])) { $ostatus_conversation = $arr["ostatus_conversation"]; unset($arr["ostatus_conversation"]); } if (x($arr, 'gravity')) { $arr['gravity'] = intval($arr['gravity']); } elseif ($arr['parent-uri'] === $arr['uri']) { $arr['gravity'] = 0; } elseif (activity_match($arr['verb'], ACTIVITY_POST)) { $arr['gravity'] = 6; } else { $arr['gravity'] = 6; } // extensible catchall if (!x($arr, 'type')) { $arr['type'] = 'remote'; } /* check for create date and expire time */ $uid = intval($arr['uid']); $r = q("SELECT expire FROM user WHERE uid = %d", $uid); if (count($r)) { $expire_interval = $r[0]['expire']; if ($expire_interval > 0) { $expire_date = new DateTime('- ' . $expire_interval . ' days', new DateTimeZone('UTC')); $created_date = new DateTime($arr['created'], new DateTimeZone('UTC')); if ($created_date < $expire_date) { logger('item-store: item created (' . $arr['created'] . ') before expiration time (' . $expire_date->format(DateTime::W3C) . '). ignored. ' . print_r($arr, true), LOGGER_DEBUG); return 0; } } } // If there is no guid then take the same guid that was taken before for the same uri if (trim($arr['guid']) == "" and trim($arr['uri']) != "") { logger('item_store: checking for an existing guid for uri ' . $arr['uri'], LOGGER_DEBUG); $r = q("SELECT `guid` FROM `item` WHERE `uri` = '%s' AND `guid` != '' LIMIT 1", dbesc(trim($arr['uri']))); if (count($r)) { $arr['guid'] = $r[0]["guid"]; logger('item_store: found guid ' . $arr['guid'] . ' for uri ' . $arr['uri'], LOGGER_DEBUG); } } // Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin. // Deactivated, since the bbcode parser can handle with it - and it destroys posts with some smileys that contain "<" //if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false)) // $arr['body'] = strip_tags($arr['body']); if (version_compare(PHP_VERSION, '5.3.0', '>=')) { require_once 'library/langdet/Text/LanguageDetect.php'; $naked_body = preg_replace('/\\[(.+?)\\]/', '', $arr['body']); $l = new Text_LanguageDetect(); //$lng = $l->detectConfidence($naked_body); //$arr['postopts'] = (($lng['language']) ? 'lang=' . $lng['language'] . ';' . $lng['confidence'] : ''); $lng = $l->detect($naked_body, 3); if (sizeof($lng) > 0) { $postopts = ""; foreach ($lng as $language => $score) { if ($postopts == "") { $postopts = "lang="; } else { $postopts .= ":"; } $postopts .= $language . ";" . $score; } $arr['postopts'] = $postopts; } } $arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0; $arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : random_string(); $arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : ''; $arr['author-name'] = x($arr, 'author-name') ? notags(trim($arr['author-name'])) : ''; $arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : ''; $arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : ''; $arr['owner-name'] = x($arr, 'owner-name') ? notags(trim($arr['owner-name'])) : ''; $arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : ''; $arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : ''; $arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert(); $arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert(); $arr['commented'] = datetime_convert(); $arr['received'] = datetime_convert(); $arr['changed'] = datetime_convert(); $arr['title'] = x($arr, 'title') ? notags(trim($arr['title'])) : ''; $arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : ''; $arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : ''; $arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0; $arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1; $arr['deleted'] = 0; $arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : ''; $arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : ''; $arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : ''; $arr['object'] = x($arr, 'object') ? trim($arr['object']) : ''; $arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : ''; $arr['target'] = x($arr, 'target') ? trim($arr['target']) : ''; $arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : ''; $arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : ''; $arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : ''; $arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : ''; $arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : ''; $arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0; $arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0; $arr['body'] = x($arr, 'body') ? trim($arr['body']) : ''; $arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : ''; $arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : ''; $arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : ''; $arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0; $arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid(30); $arr['network'] = x($arr, 'network') ? trim($arr['network']) : ''; if ($arr['plink'] == "") { $a = get_app(); $arr['plink'] = $a->get_baseurl() . '/display/' . urlencode($arr['guid']); } if ($arr['network'] == "") { $r = q("SELECT `network` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($arr['contact-id']), intval($arr['uid'])); if (count($r)) { $arr['network'] = $r[0]["network"]; } // Fallback to friendica (why is it empty in some cases?) if ($arr['network'] == "") { $arr['network'] = NETWORK_DFRN; } logger("item_store: Set network to " . $arr["network"] . " for " . $arr["uri"], LOGGER_DEBUG); } $arr['thr-parent'] = $arr['parent-uri']; if ($arr['parent-uri'] === $arr['uri']) { $parent_id = 0; $parent_deleted = 0; $allow_cid = $arr['allow_cid']; $allow_gid = $arr['allow_gid']; $deny_cid = $arr['deny_cid']; $deny_gid = $arr['deny_gid']; $notify_type = 'wall-new'; } else { // find the parent and snarf the item id and ACLs // and anything else we need to inherit $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid'])); if (count($r)) { // is the new message multi-level threaded? // even though we don't support it now, preserve the info // and re-attach to the conversation parent. if ($r[0]['uri'] != $r[0]['parent-uri']) { $arr['parent-uri'] = $r[0]['parent-uri']; $z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d\n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid'])); if ($z && count($z)) { $r = $z; } } $parent_id = $r[0]['id']; $parent_deleted = $r[0]['deleted']; $allow_cid = $r[0]['allow_cid']; $allow_gid = $r[0]['allow_gid']; $deny_cid = $r[0]['deny_cid']; $deny_gid = $r[0]['deny_gid']; $arr['wall'] = $r[0]['wall']; $notify_type = 'comment-new'; // if the parent is private, force privacy for the entire conversation // This differs from the above settings as it subtly allows comments from // email correspondents to be private even if the overall thread is not. if ($r[0]['private']) { $arr['private'] = $r[0]['private']; } // Edge case. We host a public forum that was originally posted to privately. // The original author commented, but as this is a comment, the permissions // weren't fixed up so it will still show the comment as private unless we fix it here. if (intval($r[0]['forum_mode']) == 1 && !$r[0]['private']) { $arr['private'] = 0; } // If its a post from myself then tag the thread as "mention" logger("item_store: Checking if parent " . $parent_id . " has to be tagged as mention for user " . $arr['uid'], LOGGER_DEBUG); $u = q("select * from user where uid = %d limit 1", intval($arr['uid'])); if (count($u)) { $a = get_app(); $self = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']); logger("item_store: 'myself' is " . $self . " for parent " . $parent_id . " checking against " . $arr['author-link'] . " and " . $arr['owner-link'], LOGGER_DEBUG); if (normalise_link($arr['author-link']) == $self or normalise_link($arr['owner-link']) == $self) { q("UPDATE `thread` SET `mention` = 1 WHERE `iid` = %d", intval($parent_id)); logger("item_store: tagged thread " . $parent_id . " as mention for user " . $self, LOGGER_DEBUG); } } } else { // Allow one to see reply tweets from status.net even when // we don't have or can't see the original post. if ($force_parent) { logger('item_store: $force_parent=true, reply converted to top-level post.'); $parent_id = 0; $arr['parent-uri'] = $arr['uri']; $arr['gravity'] = 0; } else { logger('item_store: item parent was not found - ignoring item'); return 0; } $parent_deleted = 0; } } $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($arr['uri']), intval($arr['uid'])); if ($r && count($r)) { logger('item-store: duplicate item ignored. ' . print_r($arr, true)); return 0; } call_hooks('post_remote', $arr); if (x($arr, 'cancel')) { logger('item_store: post cancelled by plugin.'); return 0; } dbesc_array($arr); logger('item_store: ' . print_r($arr, true), LOGGER_DATA); $r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')"); // find the item we just created $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ", $arr['uri'], intval($arr['uid'])); if (count($r)) { $current_post = $r[0]['id']; logger('item_store: created item ' . $current_post); // Only check for notifications on start posts if ($arr['parent-uri'] === $arr['uri']) { add_thread($r[0]['id']); logger('item_store: Check notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG); // Send a notification for every new post? $r = q("SELECT `notify_new_posts` FROM `contact` WHERE `id` = %d AND `uid` = %d AND `notify_new_posts` LIMIT 1", intval($arr['contact-id']), intval($arr['uid'])); if (count($r)) { logger('item_store: Send notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG); $u = q("SELECT * FROM user WHERE uid = %d LIMIT 1", intval($arr['uid'])); $item = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d", intval($current_post), intval($arr['uid'])); $a = get_app(); require_once 'include/enotify.php'; notification(array('type' => NOTIFY_SHARE, 'notify_flags' => $u[0]['notify-flags'], 'language' => $u[0]['language'], 'to_name' => $u[0]['username'], 'to_email' => $u[0]['email'], 'uid' => $u[0]['uid'], 'item' => $item[0], 'link' => $a->get_baseurl() . '/display/' . urlencode($arr['guid']), 'source_name' => $item[0]['author-name'], 'source_link' => $item[0]['author-link'], 'source_photo' => $item[0]['author-avatar'], 'verb' => ACTIVITY_TAG, 'otype' => 'item')); logger('item_store: Notification sent for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG); } } } else { logger('item_store: could not locate created item'); return 0; } if (count($r) > 1) { logger('item_store: duplicated post occurred. Removing duplicates.'); q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ", $arr['uri'], intval($arr['uid']), intval($current_post)); } if (!$parent_id || $arr['parent-uri'] === $arr['uri']) { $parent_id = $current_post; } if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) { $private = 1; } else { $private = $arr['private']; } // Set parent id - and also make sure to inherit the parent's ACLs. $r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post)); // Complete ostatus threads if ($ostatus_conversation) { complete_conversation($current_post, $ostatus_conversation); } $arr['id'] = $current_post; $arr['parent'] = $parent_id; $arr['allow_cid'] = $allow_cid; $arr['allow_gid'] = $allow_gid; $arr['deny_cid'] = $deny_cid; $arr['deny_gid'] = $deny_gid; $arr['private'] = $private; $arr['deleted'] = $parent_deleted; // update the commented timestamp on the parent q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id)); update_thread($parent_id); if ($dsprsig) { q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer)); } /** * If this is now the last-child, force all _other_ children of this parent to *not* be last-child */ if ($arr['last-child']) { $r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post)); } $deleted = tag_deliver($arr['uid'], $current_post); // current post can be deleted if is for a communuty page and no mention are // in it. if (!$deleted) { // Store the fresh generated item into the cache $cachefile = get_cachefile($arr["guid"] . "-" . hash("md5", $arr['body'])); if ($cachefile != '' and !file_exists($cachefile)) { $s = prepare_text($arr['body']); $a = get_app(); $stamp1 = microtime(true); file_put_contents($cachefile, $s); $a->save_timestamp($stamp1, "file"); logger('item_store: put item ' . $current_post . ' into cachefile ' . $cachefile); } $r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post)); if (count($r) == 1) { call_hooks('post_remote_end', $r[0]); } else { logger('item_store: new item not found in DB, id ' . $current_post); } } create_tags_from_item($current_post); create_files_from_item($current_post); if ($notify) { proc_run('php', "include/notifier.php", $notify_type, $current_post); } return $current_post; }
function delete_imported_item($sender, $item, $uid) { logger('delete_imported_item invoked', LOGGER_DEBUG); $r = q("select id, item_restrict from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' )\n\t\tand mid = '%s' and uid = %d limit 1", dbesc($sender['hash']), dbesc($sender['hash']), dbesc($sender['hash']), dbesc($item['mid']), intval($uid)); if (!$r) { logger('delete_imported_item: failed: ownership issue'); return false; } if ($r[0]['item_restrict'] & ITEM_DELETED) { logger('delete_imported_item: item was already deleted'); return false; } require_once 'include/items.php'; // Use phased deletion to set the deleted flag, call both tag_deliver and the notifier to notify downstream channels // and then clean up after ourselves with a cron job after several days to do the delete_item_lowlevel() (DROPITEM_PHASE2). drop_item($r[0]['id'], false, DROPITEM_PHASE1); tag_deliver($uid, $r[0]['id']); return $r[0]['id']; }