function item_store_update($arr, $allow_exec = false)
{
$d = array('item' => $arr, 'allow_exec' => $allow_exec);
call_hooks('item_store_update', $d);
$arr = $d['item'];
$allow_exec = $d['allow_exec'];
$ret = array('success' => false, 'item_id' => 0);
if (!intval($arr['uid'])) {
logger('item_store_update: no uid');
$ret['message'] = 'no uid.';
return $ret;
}
if (!intval($arr['id'])) {
logger('item_store_update: no id');
$ret['message'] = 'no id.';
return $ret;
}
$orig_post_id = $arr['id'];
$uid = $arr['uid'];
$orig = q("select * from item where id = %d and uid = %d limit 1", intval($orig_post_id), intval($uid));
if (!$orig) {
logger('item_store_update: original post not found: ' . $orig_post_id);
$ret['message'] = 'no original';
return $ret;
}
// override the unseen flag with the original
if (intval($arr['item_flags'])) {
$arr['item_unseen'] = 0;
}
if ($orig[0]['item_flags'] & ITEM_VERIFIED) {
$orig[0]['item_flags'] = $orig[0]['item_flags'] ^ ITEM_VERIFIED;
}
if ($orig[0]['item_flags'] & ITEM_OBSCURED) {
$orig[0]['item_flags'] = $orig[0]['item_flags'] ^ ITEM_OBSCURED;
}
$arr['item_flags'] = intval($arr['item_flags']) | $orig[0]['item_flags'];
$arr['item_restrict'] = intval($arr['item_restrict']) | $orig[0]['item_restrict'];
if (array_key_exists('edit', $arr)) {
unset($arr['edit']);
}
$arr['mimetype'] = x($arr, 'mimetype') ? notags(trim($arr['mimetype'])) : 'text/bbcode';
if ($arr['mimetype'] == 'application/x-php' && !$allow_exec) {
logger('item_store: php mimetype but allow_exec is denied.');
$ret['message'] = 'exec denied.';
return $ret;
}
if (!($arr['item_flags'] & ITEM_OBSCURED)) {
$arr['lang'] = detect_language($arr['body']);
// apply the input filter here - if it is obscured it has been filtered already
$arr['body'] = trim(z_input_filter($arr['uid'], $arr['body'], $arr['mimetype']));
if (local_channel() && !$arr['sig']) {
$channel = get_app()->get_channel();
if ($channel['channel_hash'] === $arr['author_xchan']) {
$arr['sig'] = base64url_encode(rsa_sign($arr['body'], $channel['channel_prvkey']));
$arr['item_flags'] |= ITEM_VERIFIED;
}
}
$allowed_languages = get_pconfig($arr['uid'], 'system', 'allowed_languages');
if (is_array($allowed_languages) && $arr['lang'] && !array_key_exists($arr['lang'], $allowed_languages)) {
$translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false);
call_hooks('item_translate', $translate);
if (!$translate['translated'] && intval(get_pconfig($arr['uid'], 'system', 'reject_disallowed_languages'))) {
logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']);
$ret['message'] = 'language not accepted';
return $ret;
}
$arr = $translate['item'];
}
if ($arr['item_private']) {
$key = get_config('system', 'pubkey');
$arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED;
if ($arr['title']) {
$arr['title'] = json_encode(crypto_encapsulate($arr['title'], $key));
}
if ($arr['body']) {
$arr['body'] = json_encode(crypto_encapsulate($arr['body'], $key));
}
}
}
if (x($arr, 'object') && is_array($arr['object'])) {
activity_sanitise($arr['object']);
$arr['object'] = json_encode($arr['object']);
}
if (x($arr, 'target') && is_array($arr['target'])) {
activity_sanitise($arr['target']);
$arr['target'] = json_encode($arr['target']);
}
if (x($arr, 'attach') && is_array($arr['attach'])) {
activity_sanitise($arr['attach']);
$arr['attach'] = json_encode($arr['attach']);
}
unset($arr['id']);
unset($arr['uid']);
unset($arr['aid']);
unset($arr['mid']);
unset($arr['parent']);
unset($arr['parent_mid']);
unset($arr['created']);
unset($arr['author_xchan']);
unset($arr['owner_xchan']);
unset($arr['thr_parent']);
unset($arr['llink']);
$arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert();
$arr['expires'] = x($arr, 'expires') !== false ? datetime_convert('UTC', 'UTC', $arr['expires']) : $orig[0]['expires'];
if (array_key_exists('comments_closed', $arr) && $arr['comments_closed'] != NULL_DATE) {
$arr['comments_closed'] = datetime_convert('UTC', 'UTC', $arr['comments_closed']);
} else {
$arr['comments_closed'] = $orig[0]['comments_closed'];
}
$arr['commented'] = $orig[0]['commented'];
$arr['received'] = datetime_convert();
$arr['changed'] = datetime_convert();
$arr['route'] = array_key_exists('route', $arr) ? trim($arr['route']) : $orig[0]['route'];
$arr['diaspora_meta'] = x($arr, 'diaspora_meta') ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta'];
$arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : $orig[0]['location'];
$arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : $orig[0]['coord'];
$arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : $orig[0]['verb'];
$arr['obj_type'] = x($arr, 'obj_type') ? notags(trim($arr['obj_type'])) : $orig[0]['obj_type'];
$arr['object'] = x($arr, 'object') ? trim($arr['object']) : $orig[0]['object'];
$arr['tgt_type'] = x($arr, 'tgt_type') ? notags(trim($arr['tgt_type'])) : $orig[0]['tgt_type'];
$arr['target'] = x($arr, 'target') ? trim($arr['target']) : $orig[0]['target'];
$arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : $orig[0]['plink'];
$arr['allow_cid'] = array_key_exists('allow_cid', $arr) ? trim($arr['allow_cid']) : $orig[0]['allow_cid'];
$arr['allow_gid'] = array_key_exists('allow_gid', $arr) ? trim($arr['allow_gid']) : $orig[0]['allow_gid'];
$arr['deny_cid'] = array_key_exists('deny_cid', $arr) ? trim($arr['deny_cid']) : $orig[0]['deny_cid'];
$arr['deny_gid'] = array_key_exists('deny_gid', $arr) ? trim($arr['deny_gid']) : $orig[0]['deny_gid'];
$arr['item_private'] = array_key_exists('item_private', $arr) ? intval($arr['item_private']) : $orig[0]['item_private'];
$arr['title'] = array_key_exists('title', $arr) ? trim($arr['title']) : $orig[0]['title'];
$arr['body'] = array_key_exists('body', $arr) ? trim($arr['body']) : $orig[0]['body'];
$arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : $orig[0]['attach'];
$arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : $orig[0]['app'];
// $arr['item_restrict'] = ((x($arr,'item_restrict')) ? intval($arr['item_restrict']) : $orig[0]['item_restrict'] );
// $arr['item_flags'] = ((x($arr,'item_flags')) ? intval($arr['item_flags']) : $orig[0]['item_flags'] );
$arr['sig'] = x($arr, 'sig') ? $arr['sig'] : '';
$arr['layout_mid'] = array_key_exists('layout_mid', $arr) ? dbesc($arr['layout_mid']) : $orig[0]['layout_mid'];
$arr['public_policy'] = x($arr, 'public_policy') ? notags(trim($arr['public_policy'])) : $orig[0]['public_policy'];
$arr['comment_policy'] = x($arr, 'comment_policy') ? notags(trim($arr['comment_policy'])) : $orig[0]['comment_policy'];
call_hooks('post_remote_update', $arr);
if (x($arr, 'cancel')) {
logger('item_store_update: post cancelled by plugin.');
$ret['message'] = 'cancelled.';
return $ret;
}
// pull out all the taxonomy stuff for separate storage
$terms = null;
if (array_key_exists('term', $arr)) {
$terms = $arr['term'];
unset($arr['term']);
}
dbesc_array($arr);
logger('item_store_update: ' . print_r($arr, true), LOGGER_DATA);
$str = '';
foreach ($arr as $k => $v) {
if ($str) {
$str .= ",";
}
$str .= " `" . $k . "` = '" . $v . "' ";
}
$r = dbq("update `item` set " . $str . " where id = " . $orig_post_id);
if ($r) {
logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG);
} else {
logger('item_store_update: could not update item');
$ret['message'] = 'DB update failed.';
return $ret;
}
$r = q("delete from term where oid = %d and otype = %d", intval($orig_post_id), intval(TERM_OBJ_POST));
if (is_array($terms)) {
foreach ($terms as $t) {
q("insert into term (uid,oid,otype,type,term,url)\n\t\t\t\tvalues(%d,%d,%d,%d,'%s','%s') ", intval($uid), intval($orig_post_id), intval(TERM_OBJ_POST), intval($t['type']), dbesc($t['term']), dbesc($t['url']));
}
$arr['term'] = $terms;
}
call_hooks('post_remote_update_end', $arr);
send_status_notifications($orig_post_id, $arr);
tag_deliver($uid, $orig_post_id);
$ret['success'] = true;
$ret['item_id'] = $orig_post_id;
return $ret;
}
/**
* @brief Deletes an imported item.
*
* @param array $sender
* * \e string \b hash a xchan_hash
* @param array $item
* @param int $uid
* @param boolean $relay
* @return boolean|int post_id
*/
function delete_imported_item($sender, $item, $uid, $relay)
{
logger('delete_imported_item invoked', LOGGER_DEBUG);
$ownership_valid = false;
$item_found = false;
$post_id = 0;
$r = q("select id, author_xchan, owner_xchan, source_xchan, item_deleted from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' )\n\t\tand mid = '%s' and uid = %d limit 1", dbesc($sender['hash']), dbesc($sender['hash']), dbesc($sender['hash']), dbesc($item['mid']), intval($uid));
if ($r) {
if ($r[0]['author_xchan'] === $sender['hash'] || $r[0]['owner_xchan'] === $sender['hash'] || $r[0]['source_xchan'] === $sender['hash']) {
$ownership_valid = true;
}
$post_id = $r[0]['id'];
$item_found = true;
} else {
// perhaps the item is still in transit and the delete notification got here before the actual item did. Store it with the deleted flag set.
// item_store() won't try to deliver any notifications or start delivery chains if this flag is set.
// This means we won't end up with potentially even more delivery threads trying to push this delete notification.
// But this will ensure that if the (undeleted) original post comes in at a later date, we'll reject it because it will have an older timestamp.
logger('delete received for non-existent item - storing item data.');
/** @BUG $arr is undefined here, so this is dead code */
if ($arr['author_xchan'] === $sender['hash'] || $arr['owner_xchan'] === $sender['hash'] || $arr['source_xchan'] === $sender['hash']) {
$ownership_valid = true;
$item_result = item_store($arr);
$post_id = $item_result['item_id'];
}
}
if ($ownership_valid === false) {
logger('delete_imported_item: failed: ownership issue');
return false;
}
require_once 'include/items.php';
if ($item_found) {
if (intval($r[0]['item_deleted'])) {
logger('delete_imported_item: item was already deleted');
if (!$relay) {
return false;
}
// This is a bit hackish, but may have to suffice until the notification/delivery loop is optimised
// a bit further. We're going to strip the ITEM_ORIGIN on this item if it's a comment, because
// it was already deleted, and we're already relaying, and this ensures that no other process or
// code path downstream can relay it again (causing a loop). Since it's already gone it's not coming
// back, and we aren't going to (or shouldn't at any rate) delete it again in the future - so losing
// this information from the metadata should have no other discernible impact.
if ($r[0]['id'] != $r[0]['parent'] && intval($r[0]['item_origin'])) {
q("update item set item_origin = 0 where id = %d and uid = %d", intval($r[0]['id']), intval($r[0]['uid']));
}
}
require_once 'include/items.php';
// Use phased deletion to set the deleted flag, call both tag_deliver and the notifier to notify downstream channels
// and then clean up after ourselves with a cron job after several days to do the delete_item_lowlevel() (DROPITEM_PHASE2).
drop_item($post_id, false, DROPITEM_PHASE1);
tag_deliver($uid, $post_id);
}
return $post_id;
}
function item_store($arr, $force_parent = false, $notify = false, $dontcache = false)
{
// If it is a posting where users should get notifications, then define it as wall posting
if ($notify) {
$arr['wall'] = 1;
$arr['type'] = 'wall';
$arr['origin'] = 1;
$arr['last-child'] = 1;
$arr['network'] = NETWORK_DFRN;
}
// If a Diaspora signature structure was passed in, pull it out of the
// item array and set it aside for later storage.
$dsprsig = null;
if (x($arr, 'dsprsig')) {
$dsprsig = json_decode(base64_decode($arr['dsprsig']));
unset($arr['dsprsig']);
}
// Converting the plink
if ($arr['network'] == NETWORK_OSTATUS) {
if (isset($arr['plink'])) {
$arr['plink'] = ostatus_convert_href($arr['plink']);
} elseif (isset($arr['uri'])) {
$arr['plink'] = ostatus_convert_href($arr['uri']);
}
}
if (x($arr, 'gravity')) {
$arr['gravity'] = intval($arr['gravity']);
} elseif ($arr['parent-uri'] === $arr['uri']) {
$arr['gravity'] = 0;
} elseif (activity_match($arr['verb'], ACTIVITY_POST)) {
$arr['gravity'] = 6;
} else {
$arr['gravity'] = 6;
}
// extensible catchall
if (!x($arr, 'type')) {
$arr['type'] = 'remote';
}
/* check for create date and expire time */
$uid = intval($arr['uid']);
$r = q("SELECT expire FROM user WHERE uid = %d", intval($uid));
if (count($r)) {
$expire_interval = $r[0]['expire'];
if ($expire_interval > 0) {
$expire_date = new DateTime('- ' . $expire_interval . ' days', new DateTimeZone('UTC'));
$created_date = new DateTime($arr['created'], new DateTimeZone('UTC'));
if ($created_date < $expire_date) {
logger('item-store: item created (' . $arr['created'] . ') before expiration time (' . $expire_date->format(DateTime::W3C) . '). ignored. ' . print_r($arr, true), LOGGER_DEBUG);
return 0;
}
}
}
// Do we already have this item?
// We have to check several networks since Friendica posts could be repeated via OStatus (maybe Diasporsa as well)
if (in_array(trim($arr['network']), array(NETWORK_DIASPORA, NETWORK_DFRN, NETWORK_OSTATUS, ""))) {
$r = q("SELECT `id`, `network` FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` IN ('%s', '%s', '%s') LIMIT 1", dbesc(trim($arr['uri'])), intval($uid), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_DFRN), dbesc(NETWORK_OSTATUS));
if ($r) {
// We only log the entries with a different user id than 0. Otherwise we would have too many false positives
if ($uid != 0) {
logger("Item with uri " . $arr['uri'] . " already existed for user " . $uid . " with id " . $r[0]["id"] . " target network " . $r[0]["network"] . " - new network: " . $arr['network']);
}
return $r[0]["id"];
}
}
// If there is no guid then take the same guid that was taken before for the same uri
if (trim($arr['guid']) == "" and trim($arr['uri']) != "" and trim($arr['network']) != "") {
logger('item_store: checking for an existing guid for uri ' . $arr['uri'], LOGGER_DEBUG);
$r = q("SELECT `guid` FROM `guid` WHERE `uri` = '%s' AND `network` = '%s' LIMIT 1", dbesc(trim($arr['uri'])), dbesc(trim($arr['network'])));
if (count($r)) {
$arr['guid'] = $r[0]["guid"];
logger('item_store: found guid ' . $arr['guid'] . ' for uri ' . $arr['uri'], LOGGER_DEBUG);
}
}
// If there is no guid then take the same guid that was taken before for the same plink
if (trim($arr['guid']) == "" and trim($arr['plink']) != "" and trim($arr['network']) != "") {
logger('item_store: checking for an existing guid for plink ' . $arr['plink'], LOGGER_DEBUG);
$r = q("SELECT `guid`, `uri` FROM `guid` WHERE `plink` = '%s' AND `network` = '%s' LIMIT 1", dbesc(trim($arr['plink'])), dbesc(trim($arr['network'])));
if (count($r)) {
$arr['guid'] = $r[0]["guid"];
logger('item_store: found guid ' . $arr['guid'] . ' for plink ' . $arr['plink'], LOGGER_DEBUG);
if ($r[0]["uri"] != $arr['uri']) {
logger('Different uri for same guid: ' . $arr['uri'] . ' and ' . $r[0]["uri"] . ' - this shouldnt happen!', LOGGER_DEBUG);
}
}
}
// Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin.
// Deactivated, since the bbcode parser can handle with it - and it destroys posts with some smileys that contain "<"
//if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false))
// $arr['body'] = strip_tags($arr['body']);
item_add_language_opt($arr);
if ($notify) {
$guid_prefix = "";
} else {
$parsed = parse_url($arr["author-link"]);
$guid_prefix = hash("crc32", $parsed["host"]);
}
$arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0;
$arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid(32, $guid_prefix);
$arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : $arr['guid'];
$arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : '';
$arr['author-name'] = x($arr, 'author-name') ? trim($arr['author-name']) : '';
$arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : '';
$arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : '';
$arr['owner-name'] = x($arr, 'owner-name') ? trim($arr['owner-name']) : '';
$arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : '';
$arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : '';
$arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert();
$arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert();
$arr['commented'] = x($arr, 'commented') !== false ? datetime_convert('UTC', 'UTC', $arr['commented']) : datetime_convert();
$arr['received'] = x($arr, 'received') !== false ? datetime_convert('UTC', 'UTC', $arr['received']) : datetime_convert();
$arr['changed'] = x($arr, 'changed') !== false ? datetime_convert('UTC', 'UTC', $arr['changed']) : datetime_convert();
$arr['title'] = x($arr, 'title') ? trim($arr['title']) : '';
$arr['location'] = x($arr, 'location') ? trim($arr['location']) : '';
$arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : '';
$arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0;
$arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1;
$arr['deleted'] = 0;
$arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : '';
$arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : '';
$arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : '';
$arr['object'] = x($arr, 'object') ? trim($arr['object']) : '';
$arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : '';
$arr['target'] = x($arr, 'target') ? trim($arr['target']) : '';
$arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : '';
$arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : '';
$arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : '';
$arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : '';
$arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : '';
$arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0;
$arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0;
$arr['body'] = x($arr, 'body') ? trim($arr['body']) : '';
$arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : '';
$arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : '';
$arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : '';
$arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0;
$arr['network'] = x($arr, 'network') ? trim($arr['network']) : '';
$arr['postopts'] = x($arr, 'postopts') ? trim($arr['postopts']) : '';
$arr['resource-id'] = x($arr, 'resource-id') ? trim($arr['resource-id']) : '';
$arr['event-id'] = x($arr, 'event-id') ? intval($arr['event-id']) : 0;
$arr['inform'] = x($arr, 'inform') ? trim($arr['inform']) : '';
$arr['file'] = x($arr, 'file') ? trim($arr['file']) : '';
if ($arr['plink'] == "") {
$a = get_app();
$arr['plink'] = $a->get_baseurl() . '/display/' . urlencode($arr['guid']);
}
if ($arr['network'] == "") {
$r = q("SELECT `network` FROM `contact` WHERE `network` IN ('%s', '%s', '%s') AND `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS), dbesc(normalise_link($arr['author-link'])), intval($arr['uid']));
if (!count($r)) {
$r = q("SELECT `network` FROM `gcontact` WHERE `network` IN ('%s', '%s', '%s') AND `nurl` = '%s' LIMIT 1", dbesc(NETWORK_DFRN), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_OSTATUS), dbesc(normalise_link($arr['author-link'])));
}
if (!count($r)) {
$r = q("SELECT `network` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($arr['contact-id']), intval($arr['uid']));
}
if (count($r)) {
$arr['network'] = $r[0]["network"];
}
// Fallback to friendica (why is it empty in some cases?)
if ($arr['network'] == "") {
$arr['network'] = NETWORK_DFRN;
}
logger("item_store: Set network to " . $arr["network"] . " for " . $arr["uri"], LOGGER_DEBUG);
}
if ($arr['guid'] != "") {
// Checking if there is already an item with the same guid
logger('checking for an item for user ' . $arr['uid'] . ' on network ' . $arr['network'] . ' with the guid ' . $arr['guid'], LOGGER_DEBUG);
$r = q("SELECT `guid` FROM `item` WHERE `guid` = '%s' AND `network` = '%s' AND `uid` = '%d' LIMIT 1", dbesc($arr['guid']), dbesc($arr['network']), intval($arr['uid']));
if (count($r)) {
logger('found item with guid ' . $arr['guid'] . ' for user ' . $arr['uid'] . ' on network ' . $arr['network'], LOGGER_DEBUG);
return 0;
}
}
// Check for hashtags in the body and repair or add hashtag links
item_body_set_hashtags($arr);
$arr['thr-parent'] = $arr['parent-uri'];
if ($arr['parent-uri'] === $arr['uri']) {
$parent_id = 0;
$parent_deleted = 0;
$allow_cid = $arr['allow_cid'];
$allow_gid = $arr['allow_gid'];
$deny_cid = $arr['deny_cid'];
$deny_gid = $arr['deny_gid'];
$notify_type = 'wall-new';
} else {
// find the parent and snarf the item id and ACLs
// and anything else we need to inherit
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid']));
if (count($r)) {
// is the new message multi-level threaded?
// even though we don't support it now, preserve the info
// and re-attach to the conversation parent.
if ($r[0]['uri'] != $r[0]['parent-uri']) {
$arr['parent-uri'] = $r[0]['parent-uri'];
$z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d\n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid']));
if ($z && count($z)) {
$r = $z;
}
}
$parent_id = $r[0]['id'];
$parent_deleted = $r[0]['deleted'];
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
$deny_cid = $r[0]['deny_cid'];
$deny_gid = $r[0]['deny_gid'];
$arr['wall'] = $r[0]['wall'];
$notify_type = 'comment-new';
// if the parent is private, force privacy for the entire conversation
// This differs from the above settings as it subtly allows comments from
// email correspondents to be private even if the overall thread is not.
if ($r[0]['private']) {
$arr['private'] = $r[0]['private'];
}
// Edge case. We host a public forum that was originally posted to privately.
// The original author commented, but as this is a comment, the permissions
// weren't fixed up so it will still show the comment as private unless we fix it here.
if (intval($r[0]['forum_mode']) == 1 && !$r[0]['private']) {
$arr['private'] = 0;
}
// If its a post from myself then tag the thread as "mention"
logger("item_store: Checking if parent " . $parent_id . " has to be tagged as mention for user " . $arr['uid'], LOGGER_DEBUG);
$u = q("select * from user where uid = %d limit 1", intval($arr['uid']));
if (count($u)) {
$a = get_app();
$self = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
logger("item_store: 'myself' is " . $self . " for parent " . $parent_id . " checking against " . $arr['author-link'] . " and " . $arr['owner-link'], LOGGER_DEBUG);
if (normalise_link($arr['author-link']) == $self or normalise_link($arr['owner-link']) == $self) {
q("UPDATE `thread` SET `mention` = 1 WHERE `iid` = %d", intval($parent_id));
logger("item_store: tagged thread " . $parent_id . " as mention for user " . $self, LOGGER_DEBUG);
}
}
} else {
// Allow one to see reply tweets from status.net even when
// we don't have or can't see the original post.
if ($force_parent) {
logger('item_store: $force_parent=true, reply converted to top-level post.');
$parent_id = 0;
$arr['parent-uri'] = $arr['uri'];
$arr['gravity'] = 0;
} else {
logger('item_store: item parent ' . $arr['parent-uri'] . ' for ' . $arr['uid'] . ' was not found - ignoring item');
return 0;
}
$parent_deleted = 0;
}
}
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `network` IN ('%s', '%s') AND `uid` = %d LIMIT 1", dbesc($arr['uri']), dbesc($arr['network']), dbesc(NETWORK_DFRN), intval($arr['uid']));
if ($r && count($r)) {
logger('duplicated item with the same uri found. ' . print_r($arr, true));
return 0;
}
// Check for an existing post with the same content. There seems to be a problem with OStatus.
$r = q("SELECT `id` FROM `item` WHERE `body` = '%s' AND `network` = '%s' AND `created` = '%s' AND `contact-id` = %d AND `uid` = %d LIMIT 1", dbesc($arr['body']), dbesc($arr['network']), dbesc($arr['created']), intval($arr['contact-id']), intval($arr['uid']));
if ($r && count($r)) {
logger('duplicated item with the same body found. ' . print_r($arr, true));
return 0;
}
// Is this item available in the global items (with uid=0)?
if ($arr["uid"] == 0) {
$arr["global"] = true;
q("UPDATE `item` SET `global` = 1 WHERE `guid` = '%s'", dbesc($arr["guid"]));
} else {
$isglobal = q("SELECT `global` FROM `item` WHERE `uid` = 0 AND `guid` = '%s'", dbesc($arr["guid"]));
$arr["global"] = count($isglobal) > 0;
}
// Fill the cache field
put_item_in_cache($arr);
if ($notify) {
call_hooks('post_local', $arr);
} else {
call_hooks('post_remote', $arr);
}
if (x($arr, 'cancel')) {
logger('item_store: post cancelled by plugin.');
return 0;
}
// Store the unescaped version
$unescaped = $arr;
dbesc_array($arr);
logger('item_store: ' . print_r($arr, true), LOGGER_DATA);
$r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')");
// And restore it
$arr = $unescaped;
// find the item that we just created
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` = '%s' ORDER BY `id` ASC", dbesc($arr['uri']), intval($arr['uid']), dbesc($arr['network']));
if (count($r) > 1) {
// There are duplicates. Keep the oldest one, delete the others
logger('item_store: duplicated post occurred. Removing newer duplicates. uri = ' . $arr['uri'] . ' uid = ' . $arr['uid']);
q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `network` = '%s' AND `id` > %d", dbesc($arr['uri']), intval($arr['uid']), dbesc($arr['network']), intval($r[0]["id"]));
return 0;
} elseif (count($r)) {
// Store the guid and other relevant data
add_guid($arr);
$current_post = $r[0]['id'];
logger('item_store: created item ' . $current_post);
// Set "success_update" and "last-item" to the date of the last time we heard from this contact
// This can be used to filter for inactive contacts.
// Only do this for public postings to avoid privacy problems, since poco data is public.
// Don't set this value if it isn't from the owner (could be an author that we don't know)
$update = (!$arr['private'] and ($arr["author-link"] === $arr["owner-link"] or $arr["parent-uri"] === $arr["uri"]));
// Is it a forum? Then we don't care about the rules from above
if (!$update and $arr["network"] == NETWORK_DFRN and $arr["parent-uri"] === $arr["uri"]) {
$isforum = q("SELECT `forum` FROM `contact` WHERE `id` = %d AND `forum`", intval($arr['contact-id']));
if ($isforum) {
$update = true;
}
}
if ($update) {
q("UPDATE `contact` SET `success_update` = '%s', `last-item` = '%s' WHERE `id` = %d", dbesc($arr['received']), dbesc($arr['received']), intval($arr['contact-id']));
}
} else {
logger('item_store: could not locate created item');
return 0;
}
if (!$parent_id || $arr['parent-uri'] === $arr['uri']) {
$parent_id = $current_post;
}
if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) {
$private = 1;
} else {
$private = $arr['private'];
}
// Set parent id - and also make sure to inherit the parent's ACLs.
$r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post));
$arr['id'] = $current_post;
$arr['parent'] = $parent_id;
$arr['allow_cid'] = $allow_cid;
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
$arr['private'] = $private;
$arr['deleted'] = $parent_deleted;
// update the commented timestamp on the parent
// Only update "commented" if it is really a comment
if ($arr['verb'] == ACTIVITY_POST or !get_config("system", "like_no_comment")) {
q("UPDATE `item` SET `commented` = '%s', `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id));
} else {
q("UPDATE `item` SET `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), intval($parent_id));
}
if ($dsprsig) {
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer));
}
/**
* If this is now the last-child, force all _other_ children of this parent to *not* be last-child
*/
if ($arr['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post));
}
$deleted = tag_deliver($arr['uid'], $current_post);
// current post can be deleted if is for a community page and no mention are
// in it.
if (!$deleted and !$dontcache) {
$r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post));
if (count($r) == 1) {
if ($notify) {
call_hooks('post_local_end', $r[0]);
} else {
call_hooks('post_remote_end', $r[0]);
}
} else {
logger('item_store: new item not found in DB, id ' . $current_post);
}
}
// Add every contact of the post to the global contact table
poco_store($arr);
create_tags_from_item($current_post);
create_files_from_item($current_post);
// Only check for notifications on start posts
if ($arr['parent-uri'] === $arr['uri']) {
add_thread($current_post);
logger('item_store: Check notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
// Send a notification for every new post?
$r = q("SELECT `notify_new_posts` FROM `contact` WHERE `id` = %d AND `uid` = %d AND `notify_new_posts` LIMIT 1", intval($arr['contact-id']), intval($arr['uid']));
$send_notification = count($r);
if (!$send_notification) {
$tags = q("SELECT `url` FROM `term` WHERE `otype` = %d AND `oid` = %d AND `type` = %d AND `uid` = %d", intval(TERM_OBJ_POST), intval($current_post), intval(TERM_MENTION), intval($arr['uid']));
if (count($tags)) {
foreach ($tags as $tag) {
$r = q("SELECT `id` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `notify_new_posts`", normalise_link($tag["url"]), intval($arr['uid']));
if (count($r)) {
$send_notification = true;
}
}
}
}
if ($send_notification) {
logger('item_store: Send notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
$u = q("SELECT * FROM user WHERE uid = %d LIMIT 1", intval($arr['uid']));
$item = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d", intval($current_post), intval($arr['uid']));
$a = get_app();
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_SHARE, 'notify_flags' => $u[0]['notify-flags'], 'language' => $u[0]['language'], 'to_name' => $u[0]['username'], 'to_email' => $u[0]['email'], 'uid' => $u[0]['uid'], 'item' => $item[0], 'link' => $a->get_baseurl() . '/display/' . urlencode($arr['guid']), 'source_name' => $item[0]['author-name'], 'source_link' => $item[0]['author-link'], 'source_photo' => $item[0]['author-avatar'], 'verb' => ACTIVITY_TAG, 'otype' => 'item', 'parent' => $arr['parent']));
logger('item_store: Notification sent for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
}
} else {
update_thread($parent_id);
add_shadow_entry($arr);
}
if ($notify) {
proc_run('php', "include/notifier.php", $notify_type, $current_post);
}
return $current_post;
}
function item_content(&$a)
{
if (!local_channel() && !remote_channel()) {
return;
}
require_once 'include/security.php';
if (argc() == 3 && argv(1) === 'drop' && intval(argv(2))) {
require_once 'include/items.php';
$i = q("select id, uid, author_xchan, owner_xchan, source_xchan, item_restrict from item where id = %d limit 1", intval(argv(2)));
if ($i) {
$can_delete = false;
$local_delete = false;
if (local_channel() && local_channel() == $i[0]['uid']) {
$local_delete = true;
}
$sys = get_sys_channel();
if (is_site_admin() && $sys['channel_id'] == $i[0]['uid']) {
$can_delete = true;
}
$ob_hash = get_observer_hash();
if ($ob_hash && ($ob_hash === $i[0]['author_xchan'] || $ob_hash === $i[0]['owner_xchan'] || $ob_hash === $i[0]['source_xchan'])) {
$can_delete = true;
}
if (!($can_delete || $local_delete)) {
notice(t('Permission denied.') . EOL);
return;
}
// if this is a different page type or it's just a local delete
// but not by the item author or owner, do a simple deletion
if ($i[0]['item_restrict'] || $local_delete && !$can_delete) {
drop_item($i[0]['id']);
} else {
// complex deletion that needs to propagate and be performed in phases
drop_item($i[0]['id'], true, DROPITEM_PHASE1);
tag_deliver($i[0]['uid'], $i[0]['id']);
}
}
}
}
function item_store_update($arr, $allow_exec = false, $deliver = true)
{
$d = array('item' => $arr, 'allow_exec' => $allow_exec);
call_hooks('item_store_update', $d);
$arr = $d['item'];
$allow_exec = $d['allow_exec'];
$ret = array('success' => false, 'item_id' => 0);
if (!intval($arr['uid'])) {
logger('item_store_update: no uid');
$ret['message'] = 'no uid.';
return $ret;
}
if (!intval($arr['id'])) {
logger('item_store_update: no id');
$ret['message'] = 'no id.';
return $ret;
}
$orig_post_id = $arr['id'];
$uid = $arr['uid'];
$orig = q("select * from item where id = %d and uid = %d limit 1", intval($orig_post_id), intval($uid));
if (!$orig) {
logger('item_store_update: original post not found: ' . $orig_post_id);
$ret['message'] = 'no original';
return $ret;
}
// override the unseen flag with the original
$arr['item_unseen'] = $orig[0]['item_unseen'];
if (array_key_exists('edit', $arr)) {
unset($arr['edit']);
}
$arr['mimetype'] = x($arr, 'mimetype') ? notags(trim($arr['mimetype'])) : 'text/bbcode';
if ($arr['mimetype'] == 'application/x-php' && !$allow_exec) {
logger('item_store: php mimetype but allow_exec is denied.');
$ret['message'] = 'exec denied.';
return $ret;
}
if (!array_key_exists('item_obscured', $arr) || $arr['item_obscured'] == 0) {
$arr['lang'] = detect_language($arr['body']);
// apply the input filter here - if it is obscured it has been filtered already
$arr['body'] = trim(z_input_filter($arr['uid'], $arr['body'], $arr['mimetype']));
if (local_channel() && !$arr['sig']) {
$channel = App::get_channel();
if ($channel['channel_hash'] === $arr['author_xchan']) {
$arr['sig'] = base64url_encode(rsa_sign($arr['body'], $channel['channel_prvkey']));
$arr['item_verified'] = 1;
}
}
$allowed_languages = get_pconfig($arr['uid'], 'system', 'allowed_languages');
if (is_array($allowed_languages) && $arr['lang'] && !array_key_exists($arr['lang'], $allowed_languages)) {
$translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false);
call_hooks('item_translate', $translate);
if (!$translate['translated'] && intval(get_pconfig($arr['uid'], 'system', 'reject_disallowed_languages'))) {
logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']);
$ret['message'] = 'language not accepted';
return $ret;
}
$arr = $translate['item'];
}
}
if (x($arr, 'obj') && is_array($arr['obj'])) {
activity_sanitise($arr['obj']);
$arr['obj'] = json_encode($arr['obj']);
}
if (x($arr, 'target') && is_array($arr['target'])) {
activity_sanitise($arr['target']);
$arr['target'] = json_encode($arr['target']);
}
if (x($arr, 'attach') && is_array($arr['attach'])) {
activity_sanitise($arr['attach']);
$arr['attach'] = json_encode($arr['attach']);
}
unset($arr['id']);
unset($arr['uid']);
unset($arr['aid']);
unset($arr['mid']);
unset($arr['parent']);
unset($arr['parent_mid']);
unset($arr['created']);
unset($arr['author_xchan']);
unset($arr['owner_xchan']);
unset($arr['thr_parent']);
unset($arr['llink']);
$arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert();
$arr['expires'] = x($arr, 'expires') !== false ? datetime_convert('UTC', 'UTC', $arr['expires']) : $orig[0]['expires'];
if (array_key_exists('comments_closed', $arr) && $arr['comments_closed'] > NULL_DATE) {
$arr['comments_closed'] = datetime_convert('UTC', 'UTC', $arr['comments_closed']);
} else {
$arr['comments_closed'] = $orig[0]['comments_closed'];
}
$arr['commented'] = $orig[0]['commented'];
if ($deliver) {
$arr['received'] = datetime_convert();
$arr['changed'] = datetime_convert();
} else {
// When deliver flag is false, we are *probably* performing an import or bulk migration.
// If one updates the changed timestamp it will be made available to zotfeed and delivery
// will still take place through backdoor methods. Since these fields are rarely used
// otherwise, just preserve the original timestamp.
$arr['received'] = $orig[0]['received'];
$arr['changed'] = $orig[0]['changed'];
}
$arr['route'] = array_key_exists('route', $arr) ? trim($arr['route']) : $orig[0]['route'];
$arr['diaspora_meta'] = x($arr, 'diaspora_meta') ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta'];
$arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : $orig[0]['location'];
$arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : $orig[0]['coord'];
$arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : $orig[0]['verb'];
$arr['obj_type'] = x($arr, 'obj_type') ? notags(trim($arr['obj_type'])) : $orig[0]['obj_type'];
$arr['obj'] = x($arr, 'obj') ? trim($arr['obj']) : $orig[0]['obj'];
$arr['tgt_type'] = x($arr, 'tgt_type') ? notags(trim($arr['tgt_type'])) : $orig[0]['tgt_type'];
$arr['target'] = x($arr, 'target') ? trim($arr['target']) : $orig[0]['target'];
$arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : $orig[0]['plink'];
$arr['allow_cid'] = array_key_exists('allow_cid', $arr) ? trim($arr['allow_cid']) : $orig[0]['allow_cid'];
$arr['allow_gid'] = array_key_exists('allow_gid', $arr) ? trim($arr['allow_gid']) : $orig[0]['allow_gid'];
$arr['deny_cid'] = array_key_exists('deny_cid', $arr) ? trim($arr['deny_cid']) : $orig[0]['deny_cid'];
$arr['deny_gid'] = array_key_exists('deny_gid', $arr) ? trim($arr['deny_gid']) : $orig[0]['deny_gid'];
$arr['item_private'] = array_key_exists('item_private', $arr) ? intval($arr['item_private']) : $orig[0]['item_private'];
$arr['title'] = array_key_exists('title', $arr) && strlen($arr['title']) ? trim($arr['title']) : '';
$arr['body'] = array_key_exists('body', $arr) && strlen($arr['body']) ? trim($arr['body']) : '';
$arr['html'] = array_key_exists('html', $arr) && strlen($arr['html']) ? trim($arr['html']) : '';
$arr['attach'] = array_key_exists('attach', $arr) ? notags(trim($arr['attach'])) : $orig[0]['attach'];
$arr['app'] = array_key_exists('app', $arr) ? notags(trim($arr['app'])) : $orig[0]['app'];
$arr['item_origin'] = array_key_exists('item_origin', $arr) ? intval($arr['item_origin']) : $orig[0]['item_origin'];
$arr['item_unseen'] = array_key_exists('item_unseen', $arr) ? intval($arr['item_unseen']) : $orig[0]['item_unseen'];
$arr['item_starred'] = array_key_exists('item_starred', $arr) ? intval($arr['item_starred']) : $orig[0]['item_starred'];
$arr['item_uplink'] = array_key_exists('item_uplink', $arr) ? intval($arr['item_uplink']) : $orig[0]['item_uplink'];
$arr['item_consensus'] = array_key_exists('item_consensus', $arr) ? intval($arr['item_consensus']) : $orig[0]['item_consensus'];
$arr['item_wall'] = array_key_exists('item_wall', $arr) ? intval($arr['item_wall']) : $orig[0]['item_wall'];
$arr['item_thread_top'] = array_key_exists('item_thread_top', $arr) ? intval($arr['item_thread_top']) : $orig[0]['item_thread_top'];
$arr['item_notshown'] = array_key_exists('item_notshown', $arr) ? intval($arr['item_notshown']) : $orig[0]['item_notshown'];
$arr['item_nsfw'] = array_key_exists('item_nsfw', $arr) ? intval($arr['item_nsfw']) : $orig[0]['item_nsfw'];
$arr['item_relay'] = array_key_exists('item_relay', $arr) ? intval($arr['item_relay']) : $orig[0]['item_relay'];
$arr['item_mentionsme'] = array_key_exists('item_mentionsme', $arr) ? intval($arr['item_mentionsme']) : $orig[0]['item_mentionsme'];
$arr['item_nocomment'] = array_key_exists('item_nocomment', $arr) ? intval($arr['item_nocomment']) : $orig[0]['item_nocomment'];
$arr['item_obscured'] = array_key_exists('item_obscured', $arr) ? intval($arr['item_obscured']) : $orig[0]['item_obscured'];
$arr['item_verified'] = array_key_exists('item_verified', $arr) ? intval($arr['item_verified']) : $orig[0]['item_verified'];
$arr['item_retained'] = array_key_exists('item_retained', $arr) ? intval($arr['item_retained']) : $orig[0]['item_retained'];
$arr['item_rss'] = array_key_exists('item_rss', $arr) ? intval($arr['item_rss']) : $orig[0]['item_rss'];
$arr['item_deleted'] = array_key_exists('item_deleted', $arr) ? intval($arr['item_deleted']) : $orig[0]['item_deleted'];
$arr['item_type'] = array_key_exists('item_type', $arr) ? intval($arr['item_type']) : $orig[0]['item_type'];
$arr['item_hidden'] = array_key_exists('item_hidden', $arr) ? intval($arr['item_hidden']) : $orig[0]['item_hidden'];
$arr['item_unpublished'] = array_key_exists('item_unpublished', $arr) ? intval($arr['item_unpublished']) : $orig[0]['item_unpublished'];
$arr['item_delayed'] = array_key_exists('item_delayed', $arr) ? intval($arr['item_delayed']) : $orig[0]['item_delayed'];
$arr['item_pending_remove'] = array_key_exists('item_pending_remove', $arr) ? intval($arr['item_pending_remove']) : $orig[0]['item_pending_remove'];
$arr['item_blocked'] = array_key_exists('item_blocked', $arr) ? intval($arr['item_blocked']) : $orig[0]['item_blocked'];
$arr['sig'] = x($arr, 'sig') ? $arr['sig'] : '';
$arr['layout_mid'] = array_key_exists('layout_mid', $arr) ? dbesc($arr['layout_mid']) : $orig[0]['layout_mid'];
$arr['public_policy'] = x($arr, 'public_policy') ? notags(trim($arr['public_policy'])) : $orig[0]['public_policy'];
$arr['comment_policy'] = x($arr, 'comment_policy') ? notags(trim($arr['comment_policy'])) : $orig[0]['comment_policy'];
call_hooks('post_remote_update', $arr);
if (x($arr, 'cancel')) {
logger('item_store_update: post cancelled by plugin.');
$ret['message'] = 'cancelled.';
return $ret;
}
// pull out all the taxonomy stuff for separate storage
$terms = null;
if (array_key_exists('term', $arr)) {
$terms = $arr['term'];
unset($arr['term']);
}
$meta = null;
if (array_key_exists('iconfig', $arr)) {
$meta = $arr['iconfig'];
unset($arr['iconfig']);
}
dbesc_array($arr);
logger('item_store_update: ' . print_r($arr, true), LOGGER_DATA);
$str = '';
foreach ($arr as $k => $v) {
if ($str) {
$str .= ",";
}
$str .= " `" . $k . "` = '" . $v . "' ";
}
$r = dbq("update `item` set " . $str . " where id = " . $orig_post_id);
if ($r) {
logger('item_store_update: updated item ' . $orig_post_id, LOGGER_DEBUG);
} else {
logger('item_store_update: could not update item');
$ret['message'] = 'DB update failed.';
return $ret;
}
// fetch an unescaped complete copy of the stored item
$r = q("select * from item where id = %d", intval($orig_post_id));
if ($r) {
$arr = $r[0];
}
$r = q("delete from term where oid = %d and otype = %d", intval($orig_post_id), intval(TERM_OBJ_POST));
if (is_array($terms)) {
foreach ($terms as $t) {
q("insert into term (uid,oid,otype,ttype,term,url)\n\t\t\t\tvalues(%d,%d,%d,%d,'%s','%s') ", intval($uid), intval($orig_post_id), intval(TERM_OBJ_POST), intval($t['ttype']), dbesc($t['term']), dbesc($t['url']));
}
$arr['term'] = $terms;
}
$r = q("delete from iconfig where iid = %d", intval($orig_post_id));
if ($meta) {
foreach ($meta as $m) {
set_iconfig($orig_post_id, $m['cat'], $m['k'], $m['v'], $m['sharing']);
}
$arr['iconfig'] = $meta;
}
$ret['item'] = $arr;
call_hooks('post_remote_update_end', $arr);
if ($deliver) {
send_status_notifications($orig_post_id, $arr);
tag_deliver($uid, $orig_post_id);
}
$ret['success'] = true;
$ret['item_id'] = $orig_post_id;
return $ret;
}
function item_store($arr, $force_parent = false)
{
// If a Diaspora signature structure was passed in, pull it out of the
// item array and set it aside for later storage.
$dsprsig = null;
if (x($arr, 'dsprsig')) {
$dsprsig = json_decode(base64_decode($arr['dsprsig']));
unset($arr['dsprsig']);
}
if (x($arr, 'gravity')) {
$arr['gravity'] = intval($arr['gravity']);
} elseif ($arr['parent-uri'] === $arr['uri']) {
$arr['gravity'] = 0;
} elseif (activity_match($arr['verb'], ACTIVITY_POST)) {
$arr['gravity'] = 6;
} else {
$arr['gravity'] = 6;
}
// extensible catchall
if (!x($arr, 'type')) {
$arr['type'] = 'remote';
}
// Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin.
if (strpos($arr['body'], '<') !== false || strpos($arr['body'], '>') !== false) {
$arr['body'] = strip_tags($arr['body']);
}
$arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0;
$arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : random_string();
$arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : '';
$arr['author-name'] = x($arr, 'author-name') ? notags(trim($arr['author-name'])) : '';
$arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : '';
$arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : '';
$arr['owner-name'] = x($arr, 'owner-name') ? notags(trim($arr['owner-name'])) : '';
$arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : '';
$arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : '';
$arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert();
$arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert();
$arr['commented'] = datetime_convert();
$arr['received'] = datetime_convert();
$arr['changed'] = datetime_convert();
$arr['title'] = x($arr, 'title') ? notags(trim($arr['title'])) : '';
$arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : '';
$arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : '';
$arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0;
$arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1;
$arr['deleted'] = 0;
$arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : '';
$arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : '';
$arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : '';
$arr['object'] = x($arr, 'object') ? trim($arr['object']) : '';
$arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : '';
$arr['target'] = x($arr, 'target') ? trim($arr['target']) : '';
$arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : '';
$arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : '';
$arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : '';
$arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : '';
$arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : '';
$arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0;
$arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0;
$arr['body'] = x($arr, 'body') ? trim($arr['body']) : '';
$arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : '';
$arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : '';
$arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : '';
$arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0;
$arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid();
if ($arr['parent-uri'] === $arr['uri']) {
$parent_id = 0;
$parent_deleted = 0;
$allow_cid = $arr['allow_cid'];
$allow_gid = $arr['allow_gid'];
$deny_cid = $arr['deny_cid'];
$deny_gid = $arr['deny_gid'];
} else {
// find the parent and snarf the item id and ACL's
// and anything else we need to inherit
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid']));
if (count($r)) {
// is the new message multi-level threaded?
// even though we don't support it now, preserve the info
// and re-attach to the conversation parent.
if ($r[0]['uri'] != $r[0]['parent-uri']) {
$arr['thr-parent'] = $arr['parent-uri'];
$arr['parent-uri'] = $r[0]['parent-uri'];
$z = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d \n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid']));
if ($z && count($z)) {
$r = $z;
}
}
$parent_id = $r[0]['id'];
$parent_deleted = $r[0]['deleted'];
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
$deny_cid = $r[0]['deny_cid'];
$deny_gid = $r[0]['deny_gid'];
$arr['wall'] = $r[0]['wall'];
} else {
// Allow one to see reply tweets from status.net even when
// we don't have or can't see the original post.
if ($force_parent) {
logger('item_store: $force_parent=true, reply converted to top-level post.');
$parent_id = 0;
$arr['thr-parent'] = $arr['parent-uri'];
$arr['parent-uri'] = $arr['uri'];
$arr['gravity'] = 0;
} else {
logger('item_store: item parent was not found - ignoring item');
return 0;
}
$parent_deleted = 0;
}
}
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($arr['uri']), intval($arr['uid']));
if ($r && count($r)) {
logger('item-store: duplicate item ignored. ' . print_r($arr, true));
return 0;
}
call_hooks('post_remote', $arr);
if (x($arr, 'cancel')) {
logger('item_store: post cancelled by plugin.');
return 0;
}
dbesc_array($arr);
logger('item_store: ' . print_r($arr, true), LOGGER_DATA);
$r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')");
// find the item we just created
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ", $arr['uri'], intval($arr['uid']));
if (count($r)) {
$current_post = $r[0]['id'];
logger('item_store: created item ' . $current_post);
} else {
logger('item_store: could not locate created item');
return 0;
}
if (count($r) > 1) {
logger('item_store: duplicated post occurred. Removing duplicates.');
q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ", $arr['uri'], intval($arr['uid']), intval($current_post));
}
if (!$parent_id || $arr['parent-uri'] === $arr['uri']) {
$parent_id = $current_post;
}
if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) {
$private = 1;
} else {
$private = $arr['private'];
}
// Set parent id - and also make sure to inherit the parent's ACL's.
$r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d LIMIT 1", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post));
// update the commented timestamp on the parent
q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id));
if ($dsprsig) {
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer));
}
/**
* If this is now the last-child, force all _other_ children of this parent to *not* be last-child
*/
if ($arr['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post));
}
tag_deliver($arr['uid'], $current_post);
return $current_post;
}
function item_store($arr, $force_parent = false)
{
// If a Diaspora signature structure was passed in, pull it out of the
// item array and set it aside for later storage.
$dsprsig = null;
if (x($arr, 'dsprsig')) {
$dsprsig = json_decode(base64_decode($arr['dsprsig']));
unset($arr['dsprsig']);
}
// if an OStatus conversation url was passed in, it is stored and then
// removed from the array.
$ostatus_conversation = null;
if (isset($arr["ostatus_conversation"])) {
$ostatus_conversation = $arr["ostatus_conversation"];
unset($arr["ostatus_conversation"]);
}
if (x($arr, 'gravity')) {
$arr['gravity'] = intval($arr['gravity']);
} elseif ($arr['parent-uri'] === $arr['uri']) {
$arr['gravity'] = 0;
} elseif (activity_match($arr['verb'], ACTIVITY_POST)) {
$arr['gravity'] = 6;
} else {
$arr['gravity'] = 6;
}
// extensible catchall
if (!x($arr, 'type')) {
$arr['type'] = 'remote';
}
// Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin.
if (strpos($arr['body'], '<') !== false || strpos($arr['body'], '>') !== false) {
$arr['body'] = strip_tags($arr['body']);
}
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
require_once 'library/langdet/Text/LanguageDetect.php';
$naked_body = preg_replace('/\\[(.+?)\\]/', '', $arr['body']);
$l = new Text_LanguageDetect();
//$lng = $l->detectConfidence($naked_body);
//$arr['postopts'] = (($lng['language']) ? 'lang=' . $lng['language'] . ';' . $lng['confidence'] : '');
$lng = $l->detect($naked_body, 3);
if (sizeof($lng) > 0) {
$postopts = "";
foreach ($lng as $language => $score) {
if ($postopts == "") {
$postopts = "lang=";
} else {
$postopts .= ":";
}
$postopts .= $language . ";" . $score;
}
$arr['postopts'] = $postopts;
}
}
$arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0;
$arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : random_string();
$arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : '';
$arr['author-name'] = x($arr, 'author-name') ? notags(trim($arr['author-name'])) : '';
$arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : '';
$arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : '';
$arr['owner-name'] = x($arr, 'owner-name') ? notags(trim($arr['owner-name'])) : '';
$arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : '';
$arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : '';
$arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert();
$arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert();
$arr['commented'] = datetime_convert();
$arr['received'] = datetime_convert();
$arr['changed'] = datetime_convert();
$arr['title'] = x($arr, 'title') ? notags(trim($arr['title'])) : '';
$arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : '';
$arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : '';
$arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0;
$arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1;
$arr['deleted'] = 0;
$arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : '';
$arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : '';
$arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : '';
$arr['object'] = x($arr, 'object') ? trim($arr['object']) : '';
$arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : '';
$arr['target'] = x($arr, 'target') ? trim($arr['target']) : '';
$arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : '';
$arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : '';
$arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : '';
$arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : '';
$arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : '';
$arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0;
$arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0;
$arr['body'] = x($arr, 'body') ? trim($arr['body']) : '';
$arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : '';
$arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : '';
$arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : '';
$arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0;
$arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid();
$arr['thr-parent'] = $arr['parent-uri'];
if ($arr['parent-uri'] === $arr['uri']) {
$parent_id = 0;
$parent_deleted = 0;
$allow_cid = $arr['allow_cid'];
$allow_gid = $arr['allow_gid'];
$deny_cid = $arr['deny_cid'];
$deny_gid = $arr['deny_gid'];
} else {
// find the parent and snarf the item id and ACLs
// and anything else we need to inherit
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid']));
if (count($r)) {
// is the new message multi-level threaded?
// even though we don't support it now, preserve the info
// and re-attach to the conversation parent.
if ($r[0]['uri'] != $r[0]['parent-uri']) {
$arr['parent-uri'] = $r[0]['parent-uri'];
$z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d \n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid']));
if ($z && count($z)) {
$r = $z;
}
}
$parent_id = $r[0]['id'];
$parent_deleted = $r[0]['deleted'];
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
$deny_cid = $r[0]['deny_cid'];
$deny_gid = $r[0]['deny_gid'];
$arr['wall'] = $r[0]['wall'];
// if the parent is private, force privacy for the entire conversation
// This differs from the above settings as it subtly allows comments from
// email correspondents to be private even if the overall thread is not.
if ($r[0]['private']) {
$arr['private'] = $r[0]['private'];
}
// Edge case. We host a public forum that was originally posted to privately.
// The original author commented, but as this is a comment, the permissions
// weren't fixed up so it will still show the comment as private unless we fix it here.
if (intval($r[0]['forum_mode']) == 1 && !$r[0]['private']) {
$arr['private'] = 0;
}
} else {
// Allow one to see reply tweets from status.net even when
// we don't have or can't see the original post.
if ($force_parent) {
logger('item_store: $force_parent=true, reply converted to top-level post.');
$parent_id = 0;
$arr['parent-uri'] = $arr['uri'];
$arr['gravity'] = 0;
} else {
logger('item_store: item parent was not found - ignoring item');
return 0;
}
$parent_deleted = 0;
}
}
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($arr['uri']), intval($arr['uid']));
if ($r && count($r)) {
logger('item-store: duplicate item ignored. ' . print_r($arr, true));
return 0;
}
call_hooks('post_remote', $arr);
if (x($arr, 'cancel')) {
logger('item_store: post cancelled by plugin.');
return 0;
}
dbesc_array($arr);
logger('item_store: ' . print_r($arr, true), LOGGER_DATA);
$r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')");
// find the item we just created
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ", $arr['uri'], intval($arr['uid']));
if (count($r)) {
$current_post = $r[0]['id'];
logger('item_store: created item ' . $current_post);
create_tags_from_item($r[0]['id']);
} else {
logger('item_store: could not locate created item');
return 0;
}
if (count($r) > 1) {
logger('item_store: duplicated post occurred. Removing duplicates.');
q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ", $arr['uri'], intval($arr['uid']), intval($current_post));
}
if (!$parent_id || $arr['parent-uri'] === $arr['uri']) {
$parent_id = $current_post;
}
if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) {
$private = 1;
} else {
$private = $arr['private'];
}
// Set parent id - and also make sure to inherit the parent's ACL's.
$r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d LIMIT 1", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post));
create_tags_from_item($current_post);
// Complete ostatus threads
if ($ostatus_conversation) {
complete_conversation($current_post, $ostatus_conversation);
}
$arr['id'] = $current_post;
$arr['parent'] = $parent_id;
$arr['allow_cid'] = $allow_cid;
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
$arr['private'] = $private;
$arr['deleted'] = $parent_deleted;
// update the commented timestamp on the parent
q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id));
if ($dsprsig) {
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer));
}
/**
* If this is now the last-child, force all _other_ children of this parent to *not* be last-child
*/
if ($arr['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post));
}
tag_deliver($arr['uid'], $current_post);
// Store the fresh generated item into the cache
$cachefile = get_cachefile($arr["guid"] . "-" . hash("md5", $arr['body']));
if ($cachefile != '' and !file_exists($cachefile)) {
$s = prepare_text($arr['body']);
$a = get_app();
$stamp1 = microtime(true);
file_put_contents($cachefile, $s);
$a->save_timestamp($stamp1, "file");
logger('item_store: put item ' . $current_post . ' into cachefile ' . $cachefile);
}
$r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post));
if (count($r) == 1) {
call_hooks('post_remote_end', $r[0]);
} else {
logger('item_store: new item not found in DB, id ' . $current_post);
}
return $current_post;
}
function item_store($arr, $force_parent = false, $notify = false)
{
// If it is a posting where users should get notifications, then define it as wall posting
if ($notify) {
$arr['wall'] = 1;
$arr['type'] = 'wall';
$arr['origin'] = 1;
$arr['last-child'] = 1;
$arr['network'] = NETWORK_DFRN;
}
// If a Diaspora signature structure was passed in, pull it out of the
// item array and set it aside for later storage.
$dsprsig = null;
if (x($arr, 'dsprsig')) {
$dsprsig = json_decode(base64_decode($arr['dsprsig']));
unset($arr['dsprsig']);
}
// if an OStatus conversation url was passed in, it is stored and then
// removed from the array.
$ostatus_conversation = null;
if (isset($arr["ostatus_conversation"])) {
$ostatus_conversation = $arr["ostatus_conversation"];
unset($arr["ostatus_conversation"]);
}
if (x($arr, 'gravity')) {
$arr['gravity'] = intval($arr['gravity']);
} elseif ($arr['parent-uri'] === $arr['uri']) {
$arr['gravity'] = 0;
} elseif (activity_match($arr['verb'], ACTIVITY_POST)) {
$arr['gravity'] = 6;
} else {
$arr['gravity'] = 6;
}
// extensible catchall
if (!x($arr, 'type')) {
$arr['type'] = 'remote';
}
/* check for create date and expire time */
$uid = intval($arr['uid']);
$r = q("SELECT expire FROM user WHERE uid = %d", $uid);
if (count($r)) {
$expire_interval = $r[0]['expire'];
if ($expire_interval > 0) {
$expire_date = new DateTime('- ' . $expire_interval . ' days', new DateTimeZone('UTC'));
$created_date = new DateTime($arr['created'], new DateTimeZone('UTC'));
if ($created_date < $expire_date) {
logger('item-store: item created (' . $arr['created'] . ') before expiration time (' . $expire_date->format(DateTime::W3C) . '). ignored. ' . print_r($arr, true), LOGGER_DEBUG);
return 0;
}
}
}
// If there is no guid then take the same guid that was taken before for the same uri
if (trim($arr['guid']) == "" and trim($arr['uri']) != "") {
logger('item_store: checking for an existing guid for uri ' . $arr['uri'], LOGGER_DEBUG);
$r = q("SELECT `guid` FROM `item` WHERE `uri` = '%s' AND `guid` != '' LIMIT 1", dbesc(trim($arr['uri'])));
if (count($r)) {
$arr['guid'] = $r[0]["guid"];
logger('item_store: found guid ' . $arr['guid'] . ' for uri ' . $arr['uri'], LOGGER_DEBUG);
}
}
// Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin.
// Deactivated, since the bbcode parser can handle with it - and it destroys posts with some smileys that contain "<"
//if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false))
// $arr['body'] = strip_tags($arr['body']);
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
require_once 'library/langdet/Text/LanguageDetect.php';
$naked_body = preg_replace('/\\[(.+?)\\]/', '', $arr['body']);
$l = new Text_LanguageDetect();
//$lng = $l->detectConfidence($naked_body);
//$arr['postopts'] = (($lng['language']) ? 'lang=' . $lng['language'] . ';' . $lng['confidence'] : '');
$lng = $l->detect($naked_body, 3);
if (sizeof($lng) > 0) {
$postopts = "";
foreach ($lng as $language => $score) {
if ($postopts == "") {
$postopts = "lang=";
} else {
$postopts .= ":";
}
$postopts .= $language . ";" . $score;
}
$arr['postopts'] = $postopts;
}
}
$arr['wall'] = x($arr, 'wall') ? intval($arr['wall']) : 0;
$arr['uri'] = x($arr, 'uri') ? notags(trim($arr['uri'])) : random_string();
$arr['extid'] = x($arr, 'extid') ? notags(trim($arr['extid'])) : '';
$arr['author-name'] = x($arr, 'author-name') ? notags(trim($arr['author-name'])) : '';
$arr['author-link'] = x($arr, 'author-link') ? notags(trim($arr['author-link'])) : '';
$arr['author-avatar'] = x($arr, 'author-avatar') ? notags(trim($arr['author-avatar'])) : '';
$arr['owner-name'] = x($arr, 'owner-name') ? notags(trim($arr['owner-name'])) : '';
$arr['owner-link'] = x($arr, 'owner-link') ? notags(trim($arr['owner-link'])) : '';
$arr['owner-avatar'] = x($arr, 'owner-avatar') ? notags(trim($arr['owner-avatar'])) : '';
$arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert();
$arr['edited'] = x($arr, 'edited') !== false ? datetime_convert('UTC', 'UTC', $arr['edited']) : datetime_convert();
$arr['commented'] = datetime_convert();
$arr['received'] = datetime_convert();
$arr['changed'] = datetime_convert();
$arr['title'] = x($arr, 'title') ? notags(trim($arr['title'])) : '';
$arr['location'] = x($arr, 'location') ? notags(trim($arr['location'])) : '';
$arr['coord'] = x($arr, 'coord') ? notags(trim($arr['coord'])) : '';
$arr['last-child'] = x($arr, 'last-child') ? intval($arr['last-child']) : 0;
$arr['visible'] = x($arr, 'visible') !== false ? intval($arr['visible']) : 1;
$arr['deleted'] = 0;
$arr['parent-uri'] = x($arr, 'parent-uri') ? notags(trim($arr['parent-uri'])) : '';
$arr['verb'] = x($arr, 'verb') ? notags(trim($arr['verb'])) : '';
$arr['object-type'] = x($arr, 'object-type') ? notags(trim($arr['object-type'])) : '';
$arr['object'] = x($arr, 'object') ? trim($arr['object']) : '';
$arr['target-type'] = x($arr, 'target-type') ? notags(trim($arr['target-type'])) : '';
$arr['target'] = x($arr, 'target') ? trim($arr['target']) : '';
$arr['plink'] = x($arr, 'plink') ? notags(trim($arr['plink'])) : '';
$arr['allow_cid'] = x($arr, 'allow_cid') ? trim($arr['allow_cid']) : '';
$arr['allow_gid'] = x($arr, 'allow_gid') ? trim($arr['allow_gid']) : '';
$arr['deny_cid'] = x($arr, 'deny_cid') ? trim($arr['deny_cid']) : '';
$arr['deny_gid'] = x($arr, 'deny_gid') ? trim($arr['deny_gid']) : '';
$arr['private'] = x($arr, 'private') ? intval($arr['private']) : 0;
$arr['bookmark'] = x($arr, 'bookmark') ? intval($arr['bookmark']) : 0;
$arr['body'] = x($arr, 'body') ? trim($arr['body']) : '';
$arr['tag'] = x($arr, 'tag') ? notags(trim($arr['tag'])) : '';
$arr['attach'] = x($arr, 'attach') ? notags(trim($arr['attach'])) : '';
$arr['app'] = x($arr, 'app') ? notags(trim($arr['app'])) : '';
$arr['origin'] = x($arr, 'origin') ? intval($arr['origin']) : 0;
$arr['guid'] = x($arr, 'guid') ? notags(trim($arr['guid'])) : get_guid(30);
$arr['network'] = x($arr, 'network') ? trim($arr['network']) : '';
if ($arr['plink'] == "") {
$a = get_app();
$arr['plink'] = $a->get_baseurl() . '/display/' . urlencode($arr['guid']);
}
if ($arr['network'] == "") {
$r = q("SELECT `network` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($arr['contact-id']), intval($arr['uid']));
if (count($r)) {
$arr['network'] = $r[0]["network"];
}
// Fallback to friendica (why is it empty in some cases?)
if ($arr['network'] == "") {
$arr['network'] = NETWORK_DFRN;
}
logger("item_store: Set network to " . $arr["network"] . " for " . $arr["uri"], LOGGER_DEBUG);
}
$arr['thr-parent'] = $arr['parent-uri'];
if ($arr['parent-uri'] === $arr['uri']) {
$parent_id = 0;
$parent_deleted = 0;
$allow_cid = $arr['allow_cid'];
$allow_gid = $arr['allow_gid'];
$deny_cid = $arr['deny_cid'];
$deny_gid = $arr['deny_gid'];
$notify_type = 'wall-new';
} else {
// find the parent and snarf the item id and ACLs
// and anything else we need to inherit
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1", dbesc($arr['parent-uri']), intval($arr['uid']));
if (count($r)) {
// is the new message multi-level threaded?
// even though we don't support it now, preserve the info
// and re-attach to the conversation parent.
if ($r[0]['uri'] != $r[0]['parent-uri']) {
$arr['parent-uri'] = $r[0]['parent-uri'];
$z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d\n\t\t\t\t\tORDER BY `id` ASC LIMIT 1", dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']), intval($arr['uid']));
if ($z && count($z)) {
$r = $z;
}
}
$parent_id = $r[0]['id'];
$parent_deleted = $r[0]['deleted'];
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
$deny_cid = $r[0]['deny_cid'];
$deny_gid = $r[0]['deny_gid'];
$arr['wall'] = $r[0]['wall'];
$notify_type = 'comment-new';
// if the parent is private, force privacy for the entire conversation
// This differs from the above settings as it subtly allows comments from
// email correspondents to be private even if the overall thread is not.
if ($r[0]['private']) {
$arr['private'] = $r[0]['private'];
}
// Edge case. We host a public forum that was originally posted to privately.
// The original author commented, but as this is a comment, the permissions
// weren't fixed up so it will still show the comment as private unless we fix it here.
if (intval($r[0]['forum_mode']) == 1 && !$r[0]['private']) {
$arr['private'] = 0;
}
// If its a post from myself then tag the thread as "mention"
logger("item_store: Checking if parent " . $parent_id . " has to be tagged as mention for user " . $arr['uid'], LOGGER_DEBUG);
$u = q("select * from user where uid = %d limit 1", intval($arr['uid']));
if (count($u)) {
$a = get_app();
$self = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
logger("item_store: 'myself' is " . $self . " for parent " . $parent_id . " checking against " . $arr['author-link'] . " and " . $arr['owner-link'], LOGGER_DEBUG);
if (normalise_link($arr['author-link']) == $self or normalise_link($arr['owner-link']) == $self) {
q("UPDATE `thread` SET `mention` = 1 WHERE `iid` = %d", intval($parent_id));
logger("item_store: tagged thread " . $parent_id . " as mention for user " . $self, LOGGER_DEBUG);
}
}
} else {
// Allow one to see reply tweets from status.net even when
// we don't have or can't see the original post.
if ($force_parent) {
logger('item_store: $force_parent=true, reply converted to top-level post.');
$parent_id = 0;
$arr['parent-uri'] = $arr['uri'];
$arr['gravity'] = 0;
} else {
logger('item_store: item parent was not found - ignoring item');
return 0;
}
$parent_deleted = 0;
}
}
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($arr['uri']), intval($arr['uid']));
if ($r && count($r)) {
logger('item-store: duplicate item ignored. ' . print_r($arr, true));
return 0;
}
call_hooks('post_remote', $arr);
if (x($arr, 'cancel')) {
logger('item_store: post cancelled by plugin.');
return 0;
}
dbesc_array($arr);
logger('item_store: ' . print_r($arr, true), LOGGER_DATA);
$r = dbq("INSERT INTO `item` (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')");
// find the item we just created
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ", $arr['uri'], intval($arr['uid']));
if (count($r)) {
$current_post = $r[0]['id'];
logger('item_store: created item ' . $current_post);
// Only check for notifications on start posts
if ($arr['parent-uri'] === $arr['uri']) {
add_thread($r[0]['id']);
logger('item_store: Check notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
// Send a notification for every new post?
$r = q("SELECT `notify_new_posts` FROM `contact` WHERE `id` = %d AND `uid` = %d AND `notify_new_posts` LIMIT 1", intval($arr['contact-id']), intval($arr['uid']));
if (count($r)) {
logger('item_store: Send notification for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
$u = q("SELECT * FROM user WHERE uid = %d LIMIT 1", intval($arr['uid']));
$item = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d", intval($current_post), intval($arr['uid']));
$a = get_app();
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_SHARE, 'notify_flags' => $u[0]['notify-flags'], 'language' => $u[0]['language'], 'to_name' => $u[0]['username'], 'to_email' => $u[0]['email'], 'uid' => $u[0]['uid'], 'item' => $item[0], 'link' => $a->get_baseurl() . '/display/' . urlencode($arr['guid']), 'source_name' => $item[0]['author-name'], 'source_link' => $item[0]['author-link'], 'source_photo' => $item[0]['author-avatar'], 'verb' => ACTIVITY_TAG, 'otype' => 'item'));
logger('item_store: Notification sent for contact ' . $arr['contact-id'] . ' and post ' . $current_post, LOGGER_DEBUG);
}
}
} else {
logger('item_store: could not locate created item');
return 0;
}
if (count($r) > 1) {
logger('item_store: duplicated post occurred. Removing duplicates.');
q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ", $arr['uri'], intval($arr['uid']), intval($current_post));
}
if (!$parent_id || $arr['parent-uri'] === $arr['uri']) {
$parent_id = $current_post;
}
if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) {
$private = 1;
} else {
$private = $arr['private'];
}
// Set parent id - and also make sure to inherit the parent's ACLs.
$r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',\n\t\t`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d", intval($parent_id), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid), intval($private), intval($parent_deleted), intval($current_post));
// Complete ostatus threads
if ($ostatus_conversation) {
complete_conversation($current_post, $ostatus_conversation);
}
$arr['id'] = $current_post;
$arr['parent'] = $parent_id;
$arr['allow_cid'] = $allow_cid;
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
$arr['private'] = $private;
$arr['deleted'] = $parent_deleted;
// update the commented timestamp on the parent
q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), intval($parent_id));
update_thread($parent_id);
if ($dsprsig) {
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text), dbesc($dsprsig->signature), dbesc($dsprsig->signer));
}
/**
* If this is now the last-child, force all _other_ children of this parent to *not* be last-child
*/
if ($arr['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d", dbesc($arr['uri']), intval($arr['uid']), intval($current_post));
}
$deleted = tag_deliver($arr['uid'], $current_post);
// current post can be deleted if is for a communuty page and no mention are
// in it.
if (!$deleted) {
// Store the fresh generated item into the cache
$cachefile = get_cachefile($arr["guid"] . "-" . hash("md5", $arr['body']));
if ($cachefile != '' and !file_exists($cachefile)) {
$s = prepare_text($arr['body']);
$a = get_app();
$stamp1 = microtime(true);
file_put_contents($cachefile, $s);
$a->save_timestamp($stamp1, "file");
logger('item_store: put item ' . $current_post . ' into cachefile ' . $cachefile);
}
$r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post));
if (count($r) == 1) {
call_hooks('post_remote_end', $r[0]);
} else {
logger('item_store: new item not found in DB, id ' . $current_post);
}
}
create_tags_from_item($current_post);
create_files_from_item($current_post);
if ($notify) {
proc_run('php', "include/notifier.php", $notify_type, $current_post);
}
return $current_post;
}
function delete_imported_item($sender, $item, $uid)
{
logger('delete_imported_item invoked', LOGGER_DEBUG);
$r = q("select id, item_restrict from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' )\n\t\tand mid = '%s' and uid = %d limit 1", dbesc($sender['hash']), dbesc($sender['hash']), dbesc($sender['hash']), dbesc($item['mid']), intval($uid));
if (!$r) {
logger('delete_imported_item: failed: ownership issue');
return false;
}
if ($r[0]['item_restrict'] & ITEM_DELETED) {
logger('delete_imported_item: item was already deleted');
return false;
}
require_once 'include/items.php';
// Use phased deletion to set the deleted flag, call both tag_deliver and the notifier to notify downstream channels
// and then clean up after ourselves with a cron job after several days to do the delete_item_lowlevel() (DROPITEM_PHASE2).
drop_item($r[0]['id'], false, DROPITEM_PHASE1);
tag_deliver($uid, $r[0]['id']);
return $r[0]['id'];
}
