Esempio n. 1
0
/**
 * @brief Find an attachment by hash and revision.
 *
 * Returns the entire attach structure excluding data.
 *
 * @see attach_by_hash()
 * @param $hash
 * @param $rev revision default 0
 * @return associative array with everything except data
 *  * \e boolean \b success boolean true or false
 *  * \e string \b message (optional) only when success is false
 *  * \e array \b data array of attach DB entry without data component
 */
function attach_by_hash_nodata($hash, $rev = 0)
{
    $ret = array('success' => false);
    // Check for existence, which will also provide us the owner uid
    $sql_extra = '';
    if ($rev == -1) {
        $sql_extra = " order by revision desc ";
    } elseif ($rev) {
        $sql_extra = " and revision = " . intval($rev) . " ";
    }
    $r = q("SELECT uid FROM attach WHERE hash = '%s' {$sql_extra} LIMIT 1", dbesc($hash));
    if (!$r) {
        $ret['message'] = t('Item was not found.');
        return $ret;
    }
    if (!perm_is_allowed($r[0]['uid'], get_observer_hash(), 'view_storage')) {
        $ret['message'] = t('Permission denied.');
        return $ret;
    }
    $sql_extra = permissions_sql($r[0]['uid']);
    // Now we'll see if we can access the attachment
    $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, is_dir, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' {$sql_extra} limit 1", intval($r[0]['uid']), dbesc($hash));
    if (!$r) {
        $ret['message'] = t('Permission denied.');
        return $ret;
    }
    if ($r[0]['folder']) {
        $x = attach_can_view_folder($r[0]['uid'], get_observer_hash(), $r[0]['folder']);
        if (!$x) {
            $ret['message'] = t('Permission denied.');
            return $ret;
        }
    }
    $ret['success'] = true;
    $ret['data'] = $r[0];
    return $ret;
}
Esempio n. 2
0
function widget_album($args)
{
    $owner_uid = get_app()->profile_uid;
    $sql_extra = permissions_sql($owner_uid);
    if (!perm_is_allowed($owner_uid, get_observer_hash(), 'view_storage')) {
        return '';
    }
    if ($args['album']) {
        $album = $args['album'];
    }
    if ($args['title']) {
        $title = $args['title'];
    }
    /** 
     * This may return incorrect permissions if you have multiple directories of the same name.
     * It is a limitation of the photo table using a name for a photo album instead of a folder hash
     */
    if ($album) {
        $x = q("select hash from attach where filename = '%s' and uid = %d limit 1", dbesc($album), intval($owner_uid));
        if ($x) {
            $y = attach_can_view_folder($owner_uid, get_observer_hash(), $x[0]['hash']);
            if (!$y) {
                return '';
            }
        }
    }
    $order = 'DESC';
    $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN\n\t\t(SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND photo_usage IN ( %d, %d ) {$sql_extra} GROUP BY resource_id) ph \n\t\tON (p.resource_id = ph.resource_id AND p.scale = ph.scale)\n\t\tORDER BY created {$order} ", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
    //edit album name
    $album_edit = null;
    $photos = array();
    if ($r) {
        $twist = 'rotright';
        foreach ($r as $rr) {
            if ($twist == 'rotright') {
                $twist = 'rotleft';
            } else {
                $twist = 'rotright';
            }
            $ext = $phototypes[$rr['type']];
            $imgalt_e = $rr['filename'];
            $desc_e = $rr['description'];
            $imagelink = z_root() . '/photos/' . get_app()->profile['channel_address'] . '/image/' . $rr['resource_id'];
            $photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $imagelink, 'title' => t('View Photo'), 'src' => z_root() . '/photo/' . $rr['resource_id'] . '-' . $rr['scale'] . '.' . $ext, 'alt' => $imgalt_e, 'desc' => $desc_e, 'ext' => $ext, 'hash' => $rr['resource_id'], 'unknown' => t('Unknown'));
        }
    }
    $tpl = get_markup_template('photo_album.tpl');
    $o .= replace_macros($tpl, array('$photos' => $photos, '$album' => $title ? $title : $album, '$album_id' => rand(), '$album_edit' => array(t('Edit Album'), $album_edit), '$can_post' => false, '$upload' => array(t('Upload'), z_root() . '/photos/' . get_app()->profile['channel_address'] . '/upload/' . bin2hex($album)), '$order' => false, '$upload_form' => $upload_form, '$usage' => $usage_message));
    return $o;
}