function init() { $starred = 0; if (!local_channel()) { killme(); } if (argc() > 1) { $message_id = intval(argv(1)); } if (!$message_id) { killme(); } $r = q("SELECT item_flags FROM item WHERE uid = %d AND id = %d LIMIT 1", intval(local_channel()), intval($message_id)); if (!count($r)) { killme(); } $item_starred = intval($r[0]['item_starred']) ? 0 : 1; $r = q("UPDATE item SET item_starred = %d WHERE uid = %d and id = %d", intval($item_starred), intval(local_channel()), intval($message_id)); $r = q("select * from item where id = %d", intval($message_id)); if ($r) { xchan_query($r); $sync_item = fetch_post_tags($r); build_sync_packet(local_channel(), ['item' => [encode_item($sync_item[0], true)]]); } header('Content-type: application/json'); echo json_encode(array('result' => $item_starred)); killme(); }
function init() { if (argc() != 3 || !in_array(argv(1), ['post', 'status_message', 'reshare'])) { http_status_exit(404, 'Not found'); } $guid = argv(2); // Fetch the item $item = q("SELECT * from item where mid = '%s' and item_private = 0 and mid = parent_mid limit 1", dbesc($guid)); if (!$item) { http_status_exit(404, 'Not found'); } xchan_query($item); $item = fetch_post_tags($item, true); $channel = channelx_by_hash($item[0]['author_xchan']); if (!$channel) { $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($item[0]['author_xchan'])); if ($r) { $url = $r[0]['xchan_url']; if (strpos($url, z_root()) === false) { $m = parse_url($url); goaway($m['scheme'] . '://' . $m['host'] . ($m['port'] ? ':' . $m['port'] : '') . '/fetch/' . argv(1) . '/' . argv(2)); } } http_status_exit(404, 'Not found'); } $status = diaspora_build_status($item[0], $channel); header("Content-type: application/magic-envelope+xml; charset=utf-8"); echo diaspora_magic_env($channel, $status); killme(); }
function share_init(&$a) { $post_id = argc() > 1 ? intval(argv(1)) : 0; if (!$post_id) { killme(); } if (!(local_channel() || remote_channel())) { killme(); } $r = q("SELECT * from item left join xchan on author_xchan = xchan_hash WHERE id = %d LIMIT 1", intval($post_id)); if (!$r) { killme(); } if ($r[0]['item_private'] && $r[0]['xchan_network'] !== 'rss') { killme(); } $sql_extra = item_permissions_sql($r[0]['uid']); $r = q("select * from item where id = %d {$sql_extra}", intval($post_id)); if (!$r) { killme(); } /** @FIXME we only share bbcode */ if ($r[0]['mimetype'] !== 'text/bbcode') { killme(); } /** @FIXME eventually we want to post remotely via rpost on your home site */ // When that works remove this next bit: if (!local_channel()) { killme(); } xchan_query($r); if (strpos($r[0]['body'], "[/share]") !== false) { $pos = strpos($r[0]['body'], "[share"); $o = substr($r[0]['body'], $pos); } else { $o = "[share author='" . urlencode($r[0]['author']['xchan_name']) . "' profile='" . $r[0]['author']['xchan_url'] . "' avatar='" . $r[0]['author']['xchan_photo_s'] . "' link='" . $r[0]['plink'] . "' posted='" . $r[0]['created'] . "' message_id='" . $r[0]['mid'] . "']"; if ($r[0]['title']) { $o .= '[b]' . $r[0]['title'] . '[/b]' . "\n"; } $o .= $r[0]['body']; $o .= "[/share]"; } if (local_channel()) { echo $o; killme(); } $observer = $a->get_observer(); $parsed = $observer['xchan_url']; if ($parsed) { $post_url = $parsed['scheme'] . ':' . $parsed['host'] . ($parsed['port'] ? ':' . $parsed['port'] : '') . '/rpost'; /** * @FIXME we were probably called from JS so we don't know the return page. * In fact we won't be able to load the remote page. * we might need an iframe */ $x = z_post_url($post_url, array('f' => '', 'body' => $o)); killme(); } }
function page_content(&$a) { $observer = $a->get_observer(); $ob_hash = $observer ? $observer['xchan_hash'] : ''; $perms = get_all_perms($a->profile['profile_uid'], $ob_hash); if (!$perms['view_pages']) { notice(t('Permission denied.') . EOL); return; } if (argc() < 3) { notice(t('Invalid item.') . EOL); return; } $channel_address = argv(1); $page_id = argv(2); $u = q("select channel_id from channel where channel_address = '%s' limit 1", dbesc($channel_address)); if (!$u) { notice(t('Channel not found.') . EOL); return; } if ($_REQUEST['rev']) { $revision = " and revision = " . intval($_REQUEST['rev']) . " "; } else { $revision = " order by revision desc "; } require_once 'include/security.php'; $sql_options = item_permissions_sql($u[0]['channel_id']); $r = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\twhere item.uid = %d and sid = '%s' and service = 'WEBPAGE' and \n\t\titem_restrict = %d {$sql_options} {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_WEBPAGE)); if (!$r) { // Check again with no permissions clause to see if it is a permissions issue $x = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\twhere item.uid = %d and sid = '%s' and service = 'WEBPAGE' and \n\t\titem_restrict = %d {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_WEBPAGE)); if ($x) { // Yes, it's there. You just aren't allowed to see it. notice(t('Permission denied.') . EOL); } else { notice(t('Page not found.') . EOL); } return; } if ($r[0]['layout_mid']) { $l = q("select body from item where mid = '%s' and uid = %d limit 1", dbesc($r[0]['layout_mid']), intval($u[0]['channel_id'])); if ($l) { require_once 'include/comanche.php'; comanche_parser(get_app(), $l[0]['body']); } } // logger('layout: ' . print_r($a->layout,true)); // Use of widgets should be determined by Comanche, but we don't have it on system pages yet, so... if ($perms['write_pages']) { $chan = $a->channel['channel_id']; $who = $channel_address; $which = $r[0]['id']; $o .= writepages_widget($who, $which); } xchan_query($r); $r = fetch_post_tags($r, true); $o .= prepare_page($r[0]); return $o; }
function home_content(&$a) { $o = ''; if (x($_SESSION, 'theme')) { unset($_SESSION['theme']); } if (x($_SESSION, 'mobile_theme')) { unset($_SESSION['mobile_theme']); } $channel_address = get_config("system", "site_channel"); if ($channel_address) { // We can do better, but until we figure out auto-linkification, let's keep things simple $page_id = 'home'; $u = q("select channel_id from channel where channel_address = '%s' limit 1", dbesc($channel_address)); if (!$u) { notice(t('Channel not found.') . EOL); return; } $r = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\t\twhere item.uid = %d and sid = '%s' and service = 'WEBPAGE' and \n\t\t\titem_restrict = %d limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_WEBPAGE)); if (!$r) { notice(t('Item not found.') . EOL); return; } xchan_query($r); $r = fetch_post_tags($r, true); $a->profile = array('profile_uid' => $u[0]['channel_id']); $o .= prepare_page($r[0]); return $o; } if (get_config('system', 'projecthome')) { $o .= file_get_contents('assets/home.html'); $a->page['template'] = 'full'; $a->page['title'] = t('Red Matrix - "The Network"'); return $o; } if (file_exists('home.html')) { $o .= file_get_contents('home.html'); } else { // If there's no site channel or home contents configured, fallback to the old behaviour $sitename = get_config('system', 'sitename'); if ($sitename) { $o .= '<h1>' . sprintf(t("Welcome to %s"), $sitename) . '</h1>'; } if (!$a->config['system']['no_login_on_homepage']) { $o .= login($a->config['system']['register_policy'] == REGISTER_CLOSED ? 0 : 1); } } call_hooks('home_content', $o); return $o; }
function page_content(&$a) { $r = $a->data['webpage']; if (!$r) { return; } if ($r[0]['item_restrict'] == ITEM_PDL) { $r[0]['body'] = t('Lorem Ipsum'); $r[0]['mimetype'] = 'text/plain'; $r[0]['title'] = ''; } xchan_query($r); $r = fetch_post_tags($r, true); $o .= prepare_page($r[0]); return $o; }
function page_content(&$a) { $r = $a->data['webpage']; if (!$r) { return; } if ($r[0]['item_type'] == ITEM_TYPE_PDL) { $r[0]['body'] = t('Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.'); $r[0]['mimetype'] = 'text/plain'; $r[0]['title'] = ''; } xchan_query($r); $r = fetch_post_tags($r, true); $o .= prepare_page($r[0]); return $o; }
function page_content(&$a) { $r = $a->data['webpage']; if (!$r) { return; } // logger('layout: ' . print_r($a->layout,true)); // Use of widgets should be determined by Comanche, but we don't have it on system pages yet, so... // I recommend we now get rid of this bit - it's quite a hack to work around... - mike if ($perms['write_pages']) { $chan = $a->channel['channel_id']; $who = $channel_address; $which = $r[0]['id']; $o .= writepages_widget($who, $which); } xchan_query($r); $r = fetch_post_tags($r, true); $o .= prepare_page($r[0]); return $o; }
function block_content(&$a) { if (!perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'view_pages')) { notice(t('Permission denied.') . EOL); return; } if (argc() < 3) { notice(t('Invalid item.') . EOL); return; } $channel_address = argv(1); $page_id = argv(2); $u = q("select channel_id from channel where channel_address = '%s' limit 1", dbesc($channel_address)); if (!$u) { notice(t('Channel not found.') . EOL); return; } if ($_REQUEST['rev']) { $revision = " and revision = " . intval($_REQUEST['rev']) . " "; } else { $revision = " order by revision desc "; } require_once 'include/security.php'; $sql_options = item_permissions_sql($u[0]['channel_id']); $r = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\twhere item.uid = %d and sid = '%s' and service = 'BUILDBLOCK' and \n\t\titem_type = %d {$sql_options} {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_TYPE_BLOCK)); if (!$r) { // Check again with no permissions clause to see if it is a permissions issue $x = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\twhere item.uid = %d and sid = '%s' and service = 'BUILDBLOCK' and \n\t\titem_type = %d {$revision} limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_TYPE_BLOCK)); if ($x) { // Yes, it's there. You just aren't allowed to see it. notice(t('Permission denied.') . EOL); } else { notice(t('Page not found.') . EOL); } return; } xchan_query($r); $r = fetch_post_tags($r, true); $o .= prepare_page($r[0]); return $o; }
function identity_export_year($channel_id, $year, $month = 0) { if (!$year) { return array(); } if ($month && $month <= 12) { $target_month = sprintf('%02d', $month); $target_month_plus = sprintf('%02d', $month + 1); } else { $target_month = '01'; } $ret = array(); $mindate = datetime_convert('UTC', 'UTC', $year . '-' . $target_month . '-01 00:00:00'); if ($month && $month < 12) { $maxdate = datetime_convert('UTC', 'UTC', $year . '-' . $target_month_plus . '-01 00:00:00'); } else { $maxdate = datetime_convert('UTC', 'UTC', $year + 1 . '-01-01 00:00:00'); } $r = q("select * from item where item_wall = 1 and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created", intval($channel_id), dbesc($mindate), dbesc($maxdate)); if ($r) { $ret['item'] = array(); xchan_query($r); $r = fetch_post_tags($r, true); foreach ($r as $rr) { $ret['item'][] = encode_item($rr, true); } } $r = q("select item_id.*, item.mid from item_id left join item on item_id.iid = item.id where item_id.uid = %d \n\t\tand item.created >= '%s' and item.created < '%s' order by created ", intval($channel_id), dbesc($mindate), dbesc($maxdate)); if ($r) { $ret['item_id'] = $r; } return $ret; }
function get($update = 0, $load = false) { $checkjs = new \Zotlabs\Web\CheckJS(1); if ($load) { $_SESSION['loadtime'] = datetime_convert(); } if (observer_prohibited()) { notice(t('Public access denied.') . EOL); return; } require_once "include/bbcode.php"; require_once 'include/security.php'; require_once 'include/conversation.php'; require_once 'include/acl_selectors.php'; require_once 'include/items.php'; \App::$page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array()); if (argc() > 1 && argv(1) !== 'load') { $item_hash = argv(1); } if ($_REQUEST['mid']) { $item_hash = $_REQUEST['mid']; } if (!$item_hash) { \App::$error = 404; notice(t('Item not found.') . EOL); return; } $observer_is_owner = false; if (local_channel() && !$update) { $channel = \App::get_channel(); $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']); $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($channel_acl), 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, 'profile_uid' => local_channel(), 'return_path' => 'channel/' . $channel['channel_address'], 'expanded' => true, 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true); $o = '<div id="jot-popup">'; $o .= status_editor($a, $x); $o .= '</div>'; } // This page can be viewed by anybody so the query could be complicated // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally. // If that fails (or we aren't logged in locally), // query an item in which the observer (if logged in remotely) has cid or gid rights // and if that fails, look for a copy of the post that has no privacy restrictions. // If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported. // find a copy of the item somewhere $target_item = null; $r = q("select id, uid, mid, parent_mid, item_type, item_deleted from item where mid like '%s' limit 1", dbesc($item_hash . '%')); if ($r) { $target_item = $r[0]; } $r = null; if ($target_item['item_type'] == ITEM_TYPE_WEBPAGE) { $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid'])); $y = q("select * from iconfig left join item on iconfig.iid = item.id \n\t\t\t\twhere item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['id'])); if ($x && $y) { goaway(z_root() . '/page/' . $x[0]['channel_address'] . '/' . $y[0]['v']); } else { notice(t('Page not found.') . EOL); return ''; } } $simple_update = $update ? " AND item_unseen = 1 " : ''; if ($update && $_SESSION['loadtime']) { $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; } if ($load) { $simple_update = ''; } if (!$update && !$load) { $o .= '<div id="live-display"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . (intval(local_channel()) ? local_channel() : -1) . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n"; \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'display', '$uid' => '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '99', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$fh' => '0', '$nouveau' => '0', '$wall' => '0', '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$search' => '', '$order' => '', '$file' => '', '$cats' => '', '$tags' => '', '$dend' => '', '$dbegin' => '', '$verb' => '', '$mid' => $item_hash)); } $observer_hash = get_observer_hash(); $item_normal = item_normal(); $sql_extra = public_permissions_sql($observer_hash); if ($update && $load || $checkjs->disabled()) { $updateable = false; $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); if ($load || $checkjs->disabled()) { $r = null; require_once 'include/channel.php'; $sys = get_sys_channel(); $sysid = $sys['channel_id']; if (local_channel()) { $r = q("SELECT * from item\n\t\t\t\t\t\tWHERE uid = %d\n\t\t\t\t\t\tand mid = '%s'\n\t\t\t\t\t\t{$item_normal}\n\t\t\t\t\t\tlimit 1", intval(local_channel()), dbesc($target_item['parent_mid'])); if ($r) { $updateable = true; } } if ($r === null) { // in case somebody turned off public access to sys channel content using permissions // make that content unsearchable by ensuring the owner_xchan can't match if (!perm_is_allowed($sysid, $observer_hash, 'view_stream')) { $sysid = 0; } $r = q("SELECT * from item\n\t\t\t\t\t\tWHERE mid = '%s'\n\t\t\t\t\t\tAND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' \n\t\t\t\t\t\tAND `item`.`deny_gid` = '' AND item_private = 0 ) \n\t\t\t\t\t\tand owner_xchan in ( " . stream_perms_xchans($observer_hash ? PERMS_NETWORK | PERMS_PUBLIC : PERMS_PUBLIC) . " ))\n\t\t\t\t\t\tOR uid = %d )\n\t\t\t\t\t\t{$sql_extra} )\n\t\t\t\t\t\t{$item_normal}\n\t\t\t\t\t\tlimit 1", dbesc($target_item['parent_mid']), intval($sysid)); } } } elseif ($update && !$load) { $r = null; require_once 'include/channel.php'; $sys = get_sys_channel(); $sysid = $sys['channel_id']; if (local_channel()) { $r = q("SELECT * from item\n\t\t\t\t\tWHERE uid = %d\n\t\t\t\t\tand mid = '%s'\n\t\t\t\t\t{$item_normal}\n\t\t\t\t\t{$simple_update}\n\t\t\t\t\tlimit 1", intval(local_channel()), dbesc($target_item['parent_mid'])); if ($r) { $updateable = true; } } if ($r === null) { // in case somebody turned off public access to sys channel content using permissions // make that content unsearchable by ensuring the owner_xchan can't match if (!perm_is_allowed($sysid, $observer_hash, 'view_stream')) { $sysid = 0; } $r = q("SELECT * from item\n\t\t\t\t\tWHERE mid = '%s'\n\t\t\t\t\tAND (((( `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' \n\t\t\t\t\tAND `item`.`deny_gid` = '' AND item_private = 0 ) \n\t\t\t\t\tand owner_xchan in ( " . stream_perms_xchans($observer_hash ? PERMS_NETWORK | PERMS_PUBLIC : PERMS_PUBLIC) . " ))\n\t\t\t\t\tOR uid = %d )\n\t\t\t\t\t{$sql_extra} )\n\t\t\t\t\t{$item_normal}\n\t\t\t\t\t{$simple_update}\n\t\t\t\t\tlimit 1", dbesc($target_item['parent_mid']), intval($sysid)); } $_SESSION['loadtime'] = datetime_convert(); } else { $r = array(); } if ($r) { $parents_str = ids_to_querystr($r, 'id'); if ($parents_str) { $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\t\t\tFROM `item`\n\t\t\t\t\tWHERE parent in ( %s ) {$item_normal} ", dbesc($parents_str)); xchan_query($items); $items = fetch_post_tags($items, true); $items = conv_sort($items, 'created'); } } else { $items = array(); } if ($checkjs->disabled()) { $o .= conversation($a, $items, 'display', $update, 'traditional'); if ($items[0]['title']) { \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title']; } } else { $o .= conversation($a, $items, 'display', $update, 'client'); } if ($updateable) { $x = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 AND uid = %d and parent = %d ", intval(local_channel()), intval($r[0]['parent'])); } $o .= '<div id="content-complete"></div>'; return $o; /* elseif((! $update) && (! { $r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1", dbesc($item_hash), dbesc($item_hash) ); if($r) { if(intval($r[0]['item_deleted'])) { notice( t('Item has been removed.') . EOL ); } else { notice( t('Permission denied.') . EOL ); } } else { notice( t('Item not found.') . EOL ); } } */ }
function photos_content(&$a) { // URLs: // photos/name // photos/name/album/xxxxx (xxxxx is album name) // photos/name/image/xxxxx if (get_config('system', 'block_public') && !local_channel() && !remote_channel()) { notice(t('Public access denied.') . EOL); return; } $unsafe = array_key_exists('unsafe', $_REQUEST) && $_REQUEST['unsafe'] ? 1 : 0; require_once 'include/bbcode.php'; require_once 'include/security.php'; require_once 'include/conversation.php'; if (!x($a->data, 'channel')) { notice(t('No photos selected') . EOL); return; } $ph = photo_factory(''); $phototypes = $ph->supportedTypes(); $_SESSION['photo_return'] = $a->cmd; // // Parse arguments // $can_comment = perm_is_allowed($a->profile['profile_uid'], get_observer_hash(), 'post_comments'); if (argc() > 3) { $datatype = argv(2); $datum = argv(3); } else { if (argc() > 2) { $datatype = argv(2); $datum = ''; } else { $datatype = 'summary'; } } if (argc() > 4) { $cmd = argv(4); } else { $cmd = 'view'; } // // Setup permissions structures // $can_post = false; $visitor = 0; $owner_uid = $a->data['channel']['channel_id']; $owner_aid = $a->data['channel']['channel_account_id']; $observer = $a->get_observer(); $can_post = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'write_storage'); $can_view = perm_is_allowed($owner_uid, $observer['xchan_hash'], 'view_storage'); if (!$can_view) { notice(t('Access to this item is restricted.') . EOL); return; } $sql_extra = permissions_sql($owner_uid); $o = ""; $o .= "<script> var profile_uid = " . $a->profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n"; // tabs $_is_owner = local_channel() && local_channel() == $owner_uid; $o .= profile_tabs($a, $_is_owner, $a->data['channel']['channel_address']); /** * Display upload form */ if ($can_post) { $uploader = ''; $ret = array('post_url' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'], 'addon_text' => $uploader, 'default_upload' => true); call_hooks('photo_upload_form', $ret); /* Show space usage */ $r = q("select sum(size) as total from photo where aid = %d and scale = 0 ", intval($a->data['channel']['channel_account_id'])); $limit = service_class_fetch($a->data['channel']['channel_id'], 'photo_upload_limit'); if ($limit !== false) { $usage_message = sprintf(t("%1\$.2f MB of %2\$.2f MB photo storage used."), $r[0]['total'] / 1024000, $limit / 1024000); } else { $usage_message = sprintf(t('%1$.2f MB photo storage used.'), $r[0]['total'] / 1024000); } if ($_is_owner) { $channel = $a->get_channel(); $acl = new AccessList($channel); $channel_acl = $acl->get(); $lockstate = $acl->is_private() ? 'lock' : 'unlock'; } $aclselect = $_is_owner ? populate_acl($channel_acl, false) : ''; $selname = $datum ? hex2bin($datum) : ''; $albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']); if (!$selname) { $def_album = get_pconfig($a->data['channel']['channel_id'], 'system', 'photo_path'); if ($def_album) { $selname = filepath_macro($def_album); $albums['album'][] = array('text' => $selname); } } $tpl = get_markup_template('photos_upload.tpl'); $upload_form = replace_macros($tpl, array('$pagename' => t('Upload Photos'), '$sessid' => session_id(), '$usage' => $usage_message, '$nickname' => $a->data['channel']['channel_address'], '$newalbum_label' => t('Enter an album name'), '$newalbum_placeholder' => t('or select an existing album (doubleclick)'), '$visible' => array('visible', t('Create a status post for this upload'), 0, '', array(t('No'), t('Yes'))), '$albums' => $albums['albums'], '$selname' => $selname, '$permissions' => t('Permissions'), '$aclselect' => $aclselect, '$lockstate' => $lockstate, '$uploader' => $ret['addon_text'], '$default' => $ret['default_upload'] ? true : false, '$uploadurl' => $ret['post_url'], '$submit' => t('Submit'))); } // // dispatch request // /* * Display a single photo album */ if ($datatype === 'album') { if (strlen($datum)) { if (strlen($datum) & 1 || !ctype_xdigit($datum)) { notice(t('Album name could not be decoded') . EOL); logger('mod_photos: illegal album encoding: ' . $datum); $datum = ''; } } $album = $datum ? hex2bin($datum) : ''; $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' \n\t\t\tAND `scale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY `resource_id`", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe)); if (count($r)) { $a->set_pager_total(count($r)); $a->set_pager_itemspage(60); } else { goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address']); } if ($_GET['order'] === 'posted') { $order = 'ASC'; } else { $order = 'DESC'; } $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.scale, p.description, p.created FROM photo p INNER JOIN\n\t\t\t\t(SELECT resource_id, max(scale) scale FROM photo WHERE uid = %d AND album = '%s' AND scale <= 4 AND photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY resource_id) ph \n\t\t\t\tON (p.resource_id = ph.resource_id AND p.scale = ph.scale)\n\t\t\tORDER BY created {$order} LIMIT %d OFFSET %d", intval($owner_uid), dbesc($album), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start'])); //edit album name $album_edit = null; if ($album !== t('Profile Photos') && $album !== 'Profile Photos' && $album !== 'Contact Photos' && $album !== t('Contact Photos')) { if ($can_post) { if ($a->get_template_engine() === 'internal') { $album_e = template_escape($album); } else { $album_e = $album; } $albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']); // @fixme - syncronise actions with DAV // $edit_tpl = get_markup_template('album_edit.tpl'); // $album_edit = replace_macros($edit_tpl,array( // '$nametext' => t('Enter a new album name'), // '$name_placeholder' => t('or select an existing one (doubleclick)'), // '$nickname' => $a->data['channel']['channel_address'], // '$album' => $album_e, // '$albums' => $albums['albums'], // '$hexalbum' => bin2hex($album), // '$submit' => t('Submit'), // '$dropsubmit' => t('Delete Album') // )); } } if ($_GET['order'] === 'posted') { $order = array(t('Show Newest First'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album)); } else { $order = array(t('Show Oldest First'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($album) . '?f=&order=posted'); } $photos = array(); if (count($r)) { $twist = 'rotright'; foreach ($r as $rr) { if ($twist == 'rotright') { $twist = 'rotleft'; } else { $twist = 'rotright'; } $ext = $phototypes[$rr['type']]; $imgalt_e = $rr['filename']; $desc_e = $rr['description']; $imagelink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : ''); $photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $imagelink, 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . $rr['scale'] . '.' . $ext, 'alt' => $imgalt_e, 'desc' => $desc_e, 'ext' => $ext, 'hash' => $rr['resource_id'], 'unknown' => t('Unknown')); } } if ($_REQUEST['aj']) { if ($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'), array('$photos' => $photos)); } else { $o = '<div id="content-complete"></div>'; } echo $o; killme(); } else { $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photo_album.tpl'); $o .= replace_macros($tpl, array('$photos' => $photos, '$album' => $album, '$album_edit' => array(t('Edit Album'), $album_edit), '$can_post' => $can_post, '$upload' => array(t('Upload'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload/' . bin2hex($album)), '$order' => $order, '$upload_form' => $upload_form, '$usage' => $usage_message)); } if (!$photos && $_REQUEST['aj']) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } // $o .= paginate($a); return $o; } /** * Display one photo */ if ($datatype === 'image') { // fetch image, item containing image, then comments $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' \n\t\t\t{$sql_extra} ORDER BY `scale` ASC ", intval($owner_uid), dbesc($datum)); if (!$ph) { /* Check again - this time without specifying permissions */ $ph = q("SELECT id FROM photo WHERE uid = %d AND resource_id = '%s' LIMIT 1", intval($owner_uid), dbesc($datum)); if ($ph) { notice(t('Permission denied. Access to this item may be restricted.') . EOL); } else { notice(t('Photo not available') . EOL); } return; } $prevlink = ''; $nextlink = ''; if ($_GET['order'] === 'posted') { $order = 'ASC'; } else { $order = 'DESC'; } $prvnxt = q("SELECT `resource_id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 \n\t\t\t{$sql_extra} ORDER BY `created` {$order} ", dbesc($ph[0]['album']), intval($owner_uid)); if (count($prvnxt)) { for ($z = 0; $z < count($prvnxt); $z++) { if ($prvnxt[$z]['resource_id'] == $ph[0]['resource_id']) { $prv = $z - 1; $nxt = $z + 1; if ($prv < 0) { $prv = count($prvnxt) - 1; } if ($nxt >= count($prvnxt)) { $nxt = 0; } break; } } $prevlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$prv]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : ''); $nextlink = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $prvnxt[$nxt]['resource_id'] . ($_GET['order'] === 'posted' ? '?f=&order=posted' : ''); } if (count($ph) == 1) { $hires = $lores = $ph[0]; } if (count($ph) > 1) { if ($ph[1]['scale'] == 2) { // original is 640 or less, we can display it directly $hires = $lores = $ph[0]; } else { $hires = $ph[0]; $lores = $ph[1]; } } $album_link = $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($ph[0]['album']); $tools = Null; $lock = Null; if ($can_post && $ph[0]['uid'] == $owner_uid) { $tools = array('profile' => array($a->get_baseurl() . '/profile_photo/use/' . $ph[0]['resource_id'], t('Use as profile photo'))); } // lockstate $lockstate = strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid']) ? array('lock', t('Private Photo')) : array('unlock', Null); $a->page['htmlhead'] .= '<script>$(document).keydown(function(event) {' . "\n"; if ($prevlink) { $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n"; } if ($nextlink) { $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n"; } $a->page['htmlhead'] .= '});</script>'; if ($prevlink) { $prevlink = array($prevlink, t('Previous')); } $photo = array('href' => $a->get_baseurl() . '/photo/' . $hires['resource_id'] . '-' . $hires['scale'] . '.' . $phototypes[$hires['type']], 'title' => t('View Full Size'), 'src' => $a->get_baseurl() . '/photo/' . $lores['resource_id'] . '-' . $lores['scale'] . '.' . $phototypes[$lores['type']] . '?f=&_u=' . datetime_convert('', '', '', 'ymdhis')); if ($nextlink) { $nextlink = array($nextlink, t('Next')); } // Do we have an item for this photo? $linked_items = q("SELECT * FROM item WHERE resource_id = '%s' and resource_type = 'photo' \n\t\t\t{$sql_extra} LIMIT 1", dbesc($datum)); $map = null; if ($linked_items) { xchan_query($linked_items); $linked_items = fetch_post_tags($linked_items, true); $link_item = $linked_items[0]; $item_normal = item_normal(); $r = q("select * from item where parent_mid = '%s' \n\t\t\t\t{$item_normal} and uid = %d {$sql_extra} ", dbesc($link_item['mid']), intval($link_item['uid'])); if ($r) { xchan_query($r); $r = fetch_post_tags($r, true); $r = conv_sort($r, 'commented'); } $tags = array(); if ($link_item['term']) { $cnt = 0; foreach ($link_item['term'] as $t) { $tags[$cnt] = array(0 => format_term_for_display($t)); if ($can_post && $ph[0]['uid'] == $owner_uid) { $tags[$cnt][1] = 'tagrm/drop/' . $link_item['id'] . '/' . bin2hex($t['term']); //?f=&item=' . $link_item['id']; $tags[$cnt][2] = t('Remove'); } $cnt++; } } if (local_channel() && local_channel() == $link_item['uid']) { q("UPDATE `item` SET item_unseen = 0 WHERE parent = %d and uid = %d and item_unseen = 1", intval($link_item['parent']), intval(local_channel())); } if ($link_item['coord']) { $map = generate_map($link_item['coord']); } } // logger('mod_photo: link_item' . print_r($link_item,true)); // FIXME - remove this when we move to conversation module $r = $r[0]['children']; $edit = null; if ($can_post) { $album_e = $ph[0]['album']; $caption_e = $ph[0]['description']; $aclselect_e = $_is_owner ? populate_acl($ph[0]) : ''; $albums = array_key_exists('albums', $a->data) ? $a->data['albums'] : photos_albums_list($a->data['channel'], $a->data['observer']); $_SESSION['album_return'] = bin2hex($ph[0]['album']); $edit = array('edit' => t('Edit photo'), 'id' => $link_item['id'], 'rotatecw' => t('Rotate CW (right)'), 'rotateccw' => t('Rotate CCW (left)'), 'albums' => $albums['albums'], 'album' => $album_e, 'newalbum_label' => t('Enter a new album name'), 'newalbum_placeholder' => t('or select an existing one (doubleclick)'), 'nickname' => $a->data['channel']['channel_address'], 'resource_id' => $ph[0]['resource_id'], 'capt_label' => t('Caption'), 'caption' => $caption_e, 'tag_label' => t('Add a Tag'), 'permissions' => t('Permissions'), 'aclselect' => $aclselect_e, 'lockstate' => $lockstate[0], 'help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com'), 'item_id' => count($linked_items) ? $link_item['id'] : 0, 'adult_enabled' => feature_enabled($owner_uid, 'adult_photo_flagging'), 'adult' => array('adult', t('Flag as adult in album view'), intval($ph[0]['is_nsfw']), ''), 'submit' => t('Submit'), 'delete' => t('Delete Photo')); } if (count($linked_items)) { $cmnt_tpl = get_markup_template('comment_item.tpl'); $tpl = get_markup_template('photo_item.tpl'); $return_url = $a->cmd; $like_tpl = get_markup_template('like_noshare.tpl'); $likebuttons = ''; if ($can_post || $can_comment) { $likebuttons = array('id' => $link_item['id'], 'likethis' => t("I like this (toggle)"), 'nolike' => t("I don't like this (toggle)"), 'share' => t('Share'), 'wait' => t('Please wait')); } $comments = ''; if (!count($r)) { if ($can_post || $can_comment) { $commentbox = replace_macros($cmnt_tpl, array('$return_path' => '', '$mode' => 'photos', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$preview' => t('Preview'), '$ww' => '', '$feature_encrypt' => false)); } } $alike = array(); $dlike = array(); $like = ''; $dislike = ''; $conv_responses = array('like' => array('title' => t('Likes', 'title')), 'dislike' => array('title' => t('Dislikes', 'title')), 'agree' => array('title' => t('Agree', 'title')), 'disagree' => array('title' => t('Disagree', 'title')), 'abstain' => array('title' => t('Abstain', 'title')), 'attendyes' => array('title' => t('Attending', 'title')), 'attendno' => array('title' => t('Not attending', 'title')), 'attendmaybe' => array('title' => t('Might attend', 'title'))); if ($r) { foreach ($r as $item) { builtin_activity_puller($item, $conv_responses); } $like_count = x($alike, $link_item['mid']) ? $alike[$link_item['mid']] : ''; $like_list = x($alike, $link_item['mid']) ? $alike[$link_item['mid'] . '-l'] : ''; if (count($like_list) > MAX_LIKERS) { $like_list_part = array_slice($like_list, 0, MAX_LIKERS); array_push($like_list_part, '<a href="#" data-toggle="modal" data-target="#likeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>'); } else { $like_list_part = ''; } $like_button_label = tt('Like', 'Likes', $like_count, 'noun'); //if (feature_enabled($conv->get_profile_owner(),'dislike')) { $dislike_count = x($dlike, $link_item['mid']) ? $dlike[$link_item['mid']] : ''; $dislike_list = x($dlike, $link_item['mid']) ? $dlike[$link_item['mid'] . '-l'] : ''; $dislike_button_label = tt('Dislike', 'Dislikes', $dislike_count, 'noun'); if (count($dislike_list) > MAX_LIKERS) { $dislike_list_part = array_slice($dislike_list, 0, MAX_LIKERS); array_push($dislike_list_part, '<a href="#" data-toggle="modal" data-target="#dislikeModal-' . $this->get_id() . '"><b>' . t('View all') . '</b></a>'); } else { $dislike_list_part = ''; } //} $like = isset($alike[$link_item['mid']]) ? format_like($alike[$link_item['mid']], $alike[$link_item['mid'] . '-l'], 'like', $link_item['mid']) : ''; $dislike = isset($dlike[$link_item['mid']]) ? format_like($dlike[$link_item['mid']], $dlike[$link_item['mid'] . '-l'], 'dislike', $link_item['mid']) : ''; // display comments foreach ($r as $item) { $comment = ''; $template = $tpl; $sparkle = ''; if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && $item['id'] != $item['parent']) { continue; } $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid']; $profile_url = zid($item['author']['xchan_url']); $sparkle = ''; $profile_name = $item['author']['xchan_name']; $profile_avatar = $item['author']['xchan_photo_m']; $profile_link = $profile_url; $drop = ''; if ($observer['xchan_hash'] === $item['author_xchan'] || $observer['xchan_hash'] === $item['owner_xchan']) { $drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete'))); } $name_e = $profile_name; $title_e = $item['title']; unobscure($item); $body_e = prepare_text($item['body'], $item['mimetype']); $comments .= replace_macros($template, array('$id' => $item['id'], '$mode' => 'photos', '$profile_url' => $profile_link, '$name' => $name_e, '$thumb' => $profile_avatar, '$sparkle' => $sparkle, '$title' => $title_e, '$body' => $body_e, '$ago' => relative_date($item['created']), '$indent' => $item['parent'] != $item['id'] ? ' comment' : '', '$drop' => $drop, '$comment' => $comment)); } if ($can_post || $can_comment) { $commentbox = replace_macros($cmnt_tpl, array('$return_path' => '', '$jsreload' => $return_url, '$type' => 'wall-comment', '$id' => $link_item['id'], '$parent' => $link_item['id'], '$profile_uid' => $owner_uid, '$mylink' => $observer['xchan_url'], '$mytitle' => t('This is you'), '$myphoto' => $observer['xchan_photo_s'], '$comment' => t('Comment'), '$submit' => t('Submit'), '$ww' => '')); } } $paginate = paginate($a); } $album_e = array($album_link, $ph[0]['album']); $like_e = $like; $dislike_e = $dislike; $response_verbs = array('like'); if (feature_enabled($owner_uid, 'dislike')) { $response_verbs[] = 'dislike'; } $responses = get_responses($conv_responses, $response_verbs, '', $link_item); $photo_tpl = get_markup_template('photo_view.tpl'); $o .= replace_macros($photo_tpl, array('$id' => $ph[0]['id'], '$album' => $album_e, '$tools' => $tools, '$lock' => $lockstate[1], '$photo' => $photo, '$prevlink' => $prevlink, '$nextlink' => $nextlink, '$desc' => $ph[0]['description'], '$filename' => $ph[0]['filename'], '$unknown' => t('Unknown'), '$tag_hdr' => t('In This Photo:'), '$tags' => $tags, 'responses' => $responses, '$edit' => $edit, '$map' => $map, '$map_text' => t('Map'), '$likebuttons' => $likebuttons, '$like' => $like_e, '$dislike' => $dislike_e, '$like_count' => $like_count, '$like_list' => $like_list, '$like_list_part' => $like_list_part, '$like_button_label' => $like_button_label, '$like_modal_title' => t('Likes', 'noun'), '$dislike_modal_title' => t('Dislikes', 'noun'), '$dislike_count' => $dislike_count, '$dislike_list' => $dislike_list, '$dislike_list_part' => $dislike_list_part, '$dislike_button_label' => $dislike_button_label, '$modal_dismiss' => t('Close'), '$comments' => $comments, '$commentbox' => $commentbox, '$paginate' => $paginate)); $a->data['photo_html'] = $o; return $o; } // Default - show recent photos with upload link (if applicable) //$o = ''; $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' \n\t\tand photo_usage in ( %d, %d ) and is_nsfw = %d {$sql_extra} GROUP BY `resource_id`", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe)); if (count($r)) { $a->set_pager_total(count($r)); $a->set_pager_itemspage(60); } $r = q("SELECT p.resource_id, p.id, p.filename, p.type, p.album, p.scale, p.created FROM photo p INNER JOIN \n\t\t(SELECT resource_id, max(scale) scale FROM photo \n\t\t\tWHERE uid=%d AND album != '%s' AND album != '%s' \n\t\t\tAND photo_usage IN ( %d, %d ) and is_nsfw = %d {$sql_extra} group by resource_id) ph \n\t\tON (p.resource_id = ph.resource_id and p.scale = ph.scale) ORDER by p.created DESC LIMIT %d OFFSET %d", intval($a->data['channel']['channel_id']), dbesc('Contact Photos'), dbesc(t('Contact Photos')), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE), intval($unsafe), intval($a->pager['itemspage']), intval($a->pager['start'])); $photos = array(); if (count($r)) { $twist = 'rotright'; foreach ($r as $rr) { if ($twist == 'rotright') { $twist = 'rotleft'; } else { $twist = 'rotright'; } $ext = $phototypes[$rr['type']]; if ($a->get_template_engine() === 'internal') { $alt_e = template_escape($rr['filename']); $name_e = template_escape($rr['album']); } else { $alt_e = $rr['filename']; $name_e = $rr['album']; } $photos[] = array('id' => $rr['id'], 'twist' => ' ' . $twist . rand(2, 4), 'link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/image/' . $rr['resource_id'], 'title' => t('View Photo'), 'src' => $a->get_baseurl() . '/photo/' . $rr['resource_id'] . '-' . ($rr['scale'] == 6 ? 4 : $rr['scale']) . '.' . $ext, 'alt' => $alt_e, 'album' => array('link' => $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($rr['album']), 'name' => $name_e, 'alt' => t('View Album'))); } } if ($_REQUEST['aj']) { if ($photos) { $o = replace_macros(get_markup_template('photosajax.tpl'), array('$photos' => $photos)); } else { $o = '<div id="content-complete"></div>'; } echo $o; killme(); } else { $o .= "<script> var page_query = '" . $_GET['q'] . "'; var extra_args = '" . extra_query_args() . "' ; </script>"; $tpl = get_markup_template('photos_recent.tpl'); $o .= replace_macros($tpl, array('$title' => t('Recent Photos'), '$can_post' => $can_post, '$upload' => array(t('Upload'), $a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/upload'), '$photos' => $photos, '$upload_form' => $upload_form, '$usage' => $usage_message)); } if (!$photos && $_REQUEST['aj']) { $o .= '<div id="content-complete"></div>'; echo $o; killme(); } // paginate($a); return $o; }
function get($update = 0, $load = false) { if (!local_channel()) { $_SESSION['return_url'] = \App::$query_string; return login(false); } if ($load) { $_SESSION['loadtime'] = datetime_convert(); } $arr = array('query' => \App::$query_string); call_hooks('network_content_init', $arr); $channel = \App::get_channel(); $item_normal = item_normal(); $datequery = $datequery2 = ''; $group = 0; $nouveau = false; $datequery = x($_GET, 'dend') && is_a_date_arg($_GET['dend']) ? notags($_GET['dend']) : ''; $datequery2 = x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin']) ? notags($_GET['dbegin']) : ''; $nouveau = x($_GET, 'new') ? intval($_GET['new']) : 0; $gid = x($_GET, 'gid') ? intval($_GET['gid']) : 0; $category = x($_REQUEST, 'cat') ? $_REQUEST['cat'] : ''; $hashtags = x($_REQUEST, 'tag') ? $_REQUEST['tag'] : ''; $verb = x($_REQUEST, 'verb') ? $_REQUEST['verb'] : ''; $search = $_GET['search'] ? $_GET['search'] : ''; if ($search) { if (strpos($search, '@') === 0) { $r = q("select abook_id from abook left join xchan on abook_xchan = xchan_hash where xchan_name = '%s' and abook_channel = %d limit 1", dbesc(substr($search, 1)), intval(local_channel())); if ($r) { $_GET['cid'] = $r[0]['abook_id']; $search = $_GET['search'] = ''; } } elseif (strpos($search, '#') === 0) { $hashtags = substr($search, 1); $search = $_GET['search'] = ''; } } if ($datequery) { $_GET['order'] = 'post'; } // filter by collection (e.g. group) if ($gid) { $r = q("SELECT * FROM groups WHERE id = %d AND uid = %d LIMIT 1", intval($gid), intval(local_channel())); if (!$r) { if ($update) { killme(); } notice(t('No such group') . EOL); goaway(z_root() . '/network'); // NOTREACHED } $group = $gid; $group_hash = $r[0]['hash']; $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>'); } $o = ''; // if no tabs are selected, defaults to comments $cid = x($_GET, 'cid') ? intval($_GET['cid']) : 0; $star = x($_GET, 'star') ? intval($_GET['star']) : 0; $order = x($_GET, 'order') ? notags($_GET['order']) : 'comment'; $liked = x($_GET, 'liked') ? intval($_GET['liked']) : 0; $conv = x($_GET, 'conv') ? intval($_GET['conv']) : 0; $spam = x($_GET, 'spam') ? intval($_GET['spam']) : 0; $cmin = x($_GET, 'cmin') ? intval($_GET['cmin']) : 0; $cmax = x($_GET, 'cmax') ? intval($_GET['cmax']) : 99; $firehose = x($_GET, 'fh') ? intval($_GET['fh']) : 0; $file = x($_GET, 'file') ? $_GET['file'] : ''; $deftag = ''; if (x($_GET, 'search') || x($_GET, 'file')) { $nouveau = true; } if ($cid) { $r = q("SELECT abook_xchan FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($cid), intval(local_channel())); if (!$r) { if ($update) { killme(); } notice(t('No such channel') . EOL); goaway(z_root() . '/network'); // NOTREACHED } if ($_GET['pf'] === '1') { $deftag = '@' . t('forum') . '+' . intval($cid) . '+'; } else { $def_acl = array('allow_cid' => '<' . $r[0]['abook_xchan'] . '>'); } } if (!$update) { $tabs = network_tabs(); $o .= $tabs; // search terms header if ($search) { $o .= replace_macros(get_markup_template("section_title.tpl"), array('$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT, 'UTF-8'))); } nav_set_selected('network'); $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']); $private_editing = ($group || $cid) && !intval($_GET['pf']) ? true : false; $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($private_editing ? $def_acl : $channel_acl, true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'bang' => $private_editing ? '!' : '', 'visitor' => true, 'profile_uid' => local_channel(), 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true); if ($deftag) { $x['pretext'] = $deftag; } $status_editor = status_editor($a, $x); $o .= $status_editor; } // We don't have to deal with ACL's on this page. You're looking at everything // that belongs to you, hence you can see all of it. We will filter by group if // desired. $sql_options = $star ? " and item_starred = 1 " : ''; $sql_nets = ''; $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE item_thread_top = 1 {$sql_options} ) "; if ($group) { $contact_str = ''; $contacts = group_get_members($group); if ($contacts) { foreach ($contacts as $c) { if ($contact_str) { $contact_str .= ','; } $contact_str .= "'" . $c['xchan'] . "'"; } } else { $contact_str = ' 0 '; info(t('Privacy group is empty')); } $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND (( author_xchan IN ( {$contact_str} ) OR owner_xchan in ( {$contact_str} )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent {$item_normal} ) "; $x = group_rec_byhash(local_channel(), $group_hash); if ($x) { $title = replace_macros(get_markup_template("section_title.tpl"), array('$title' => t('Privacy group: ') . $x['name'])); } $o = $tabs; $o .= $title; $o .= $status_editor; } elseif ($cid) { $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and abook_blocked = 0 limit 1", intval($cid), intval(local_channel())); if ($r) { $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) {$item_normal} ) "; $title = replace_macros(get_markup_template("section_title.tpl"), array('$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s']) . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>')); $o = $tabs; $o .= $title; $o .= $status_editor; } else { notice(t('Invalid connection.') . EOL); goaway(z_root() . '/network'); } } if (x($category)) { $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if (x($hashtags)) { $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } if (!$update) { // The special div is needed for liveUpdate to kick in for this page. // We only launch liveUpdate if you aren't filtering in some incompatible // way and also you aren't writing a comment (discovered in javascript). if ($gid || $cid || $cmin || $cmax != 99 || $star || $liked || $conv || $spam || $nouveau || $list) { $firehose = 0; } $maxheight = get_pconfig(local_channel(), 'system', 'network_divmore_height'); if (!$maxheight) { $maxheight = 400; } $o .= '<div id="live-network"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . local_channel() . "; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'network', '$uid' => local_channel() ? local_channel() : '0', '$gid' => $gid ? $gid : '0', '$cid' => $cid ? $cid : '0', '$cmin' => $cmin ? $cmin : '0', '$cmax' => $cmax ? $cmax : '0', '$star' => $star ? $star : '0', '$liked' => $liked ? $liked : '0', '$conv' => $conv ? $conv : '0', '$spam' => $spam ? $spam : '0', '$fh' => $firehose ? $firehose : '0', '$nouveau' => $nouveau ? $nouveau : '0', '$wall' => '0', '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$search' => $search ? $search : '', '$order' => $order, '$file' => $file, '$cats' => $category, '$tags' => $hashtags, '$dend' => $datequery, '$mid' => '', '$verb' => $verb, '$dbegin' => $datequery2)); } $sql_extra3 = ''; if ($datequery) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery)))); } if ($datequery2) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2)))); } $sql_extra2 = $nouveau ? '' : " AND item.parent = item.id "; $sql_extra3 = $nouveau ? '' : $sql_extra3; if (x($_GET, 'search')) { $search = escape_tags($_GET['search']); if (strpos($search, '#') === 0) { $sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG, TERM_COMMUNITYTAG); } else { $sql_extra .= sprintf(" AND item.body like '%s' ", dbesc(protect_sprintf('%' . $search . '%'))); } } if ($verb) { $sql_extra .= sprintf(" AND item.verb like '%s' ", dbesc(protect_sprintf('%' . $verb . '%'))); } if (strlen($file)) { $sql_extra .= term_query('item', $file, TERM_FILE); } if ($conv) { $sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or item_mentionsme = 1 )) ", dbesc(protect_sprintf($channel['channel_hash']))); } if ($update && !$load) { // only setup pagination on initial page view $pager_sql = ''; } else { $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); \App::set_pager_itemspage(intval($itemspage) ? $itemspage : 20); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); } if ($cmin != 0 || $cmax != 99) { // Not everybody who shows up in the network stream will be in your address book. // By default those that aren't are assumed to have closeness = 99; but this isn't // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in // the stream with a NULL address book entry. $sql_nets .= " AND "; if ($cmax == 99) { $sql_nets .= " ( "; } $sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " "; $sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) "; if ($cmax == 99) { $sql_nets .= " OR abook.abook_closeness IS NULL ) "; } } $abook_uids = " and abook.abook_channel = " . local_channel() . " "; if ($firehose && !get_config('system', 'disable_discover_tab')) { require_once 'include/identity.php'; $sys = get_sys_channel(); $uids = " and item.uid = " . intval($sys['channel_id']) . " "; \App::$data['firehose'] = intval($sys['channel_id']); } else { $uids = " and item.uid = " . local_channel() . " "; } if (get_pconfig(local_channel(), 'system', 'network_list_mode')) { $page_mode = 'list'; } else { $page_mode = 'client'; } $simple_update = $update ? " and item_unseen = 1 " : ''; // This fixes a very subtle bug so I'd better explain it. You wake up in the morning or return after a day // or three and look at your matrix page - after opening up your browser. The first page loads just as it // should. All of a sudden a few seconds later, page 2 will get inserted at the beginning of the page // (before the page 1 content). The update code is actually doing just what it's supposed // to, it's fetching posts that have the ITEM_UNSEEN bit set. But the reason that page 2 content is being // returned in an UPDATE is because you hadn't gotten that far yet - you're still on page 1 and everything // that we loaded for page 1 is now marked as seen. But the stuff on page 2 hasn't been. So... it's being // treated as "new fresh" content because it is unseen. We need to distinguish it somehow from content // which "arrived as you were reading page 1". We're going to do this // by storing in your session the current UTC time whenever you LOAD a network page, and only UPDATE items // which are both ITEM_UNSEEN and have "changed" since that time. Cross fingers... if ($update && $_SESSION['loadtime']) { $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; } if ($load) { $simple_update = ''; } if ($nouveau && $load) { // "New Item View" - show all items unthreaded in reverse created date order $items = q("SELECT item.*, item.id AS item_id, received FROM item\n\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t{$simple_update}\n\t\t\t\t{$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY item.received DESC {$pager_sql} "); require_once 'include/items.php'; xchan_query($items); $items = fetch_post_tags($items, true); } elseif ($update) { // Normal conversation view if ($order === 'post') { $ordering = "created"; } else { $ordering = "commented"; } if ($load) { // Fetch a page full of parent items for this page $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\t\tAND item.parent = item.id\n\t\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\t\t\tORDER BY {$ordering} DESC {$pager_sql} "); } else { // this is an update $r = q("SELECT item.parent AS item_id FROM item\n\t\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\t\tWHERE true {$uids} {$item_normal} {$simple_update}\n\t\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets} "); $_SESSION['loadtime'] = datetime_convert(); } // Then fetch all the children of the parents that are on this page $parents_str = ''; $update_unseen = ''; if ($r) { $parents_str = ids_to_querystr($r, 'item_id'); $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\t\tAND item.parent IN ( %s )\n\t\t\t\t\t{$sql_extra} ", dbesc($parents_str)); xchan_query($items, true, $firehose ? local_channel() : 0); $items = fetch_post_tags($items, true); $items = conv_sort($items, $ordering); } else { $items = array(); } if ($page_mode === 'list') { /** * in "list mode", only mark the parent item and any like activities as "seen". * We won't distinguish between comment likes and post likes. The important thing * is that the number of unseen comments will be accurate. The SQL to separate the * comment likes could also get somewhat hairy. */ if ($parents_str) { $update_unseen = " AND ( id IN ( " . dbesc($parents_str) . " )"; $update_unseen .= " OR ( parent IN ( " . dbesc($parents_str) . " ) AND verb in ( '" . dbesc(ACTIVITY_LIKE) . "','" . dbesc(ACTIVITY_DISLIKE) . "' ))) "; } } else { if ($parents_str) { $update_unseen = " AND parent IN ( " . dbesc($parents_str) . " )"; } } } if ($update_unseen && !$firehose) { $r = q("UPDATE item SET item_unseen = 0 WHERE item_unseen = 1 AND uid = %d {$update_unseen} ", intval(local_channel())); } $mode = $nouveau ? 'network-new' : 'network'; $o .= conversation($a, $items, $mode, $update, $page_mode); if ($items && !$update) { $o .= alt_pager($a, count($items)); } return $o; }
function item_post(&$a) { // This will change. Figure out who the observer is and whether or not // they have permission to post here. Else ignore the post. if (!local_channel() && !remote_channel() && !x($_REQUEST, 'commenter')) { return; } require_once 'include/security.php'; $uid = local_channel(); $channel = null; $observer = null; /** * Is this a reply to something? */ $parent = x($_REQUEST, 'parent') ? intval($_REQUEST['parent']) : 0; $parent_mid = x($_REQUEST, 'parent_mid') ? trim($_REQUEST['parent_mid']) : ''; $remote_xchan = x($_REQUEST, 'remote_xchan') ? trim($_REQUEST['remote_xchan']) : false; $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($remote_xchan)); if ($r) { $remote_observer = $r[0]; } else { $remote_xchan = $remote_observer = false; } $profile_uid = x($_REQUEST, 'profile_uid') ? intval($_REQUEST['profile_uid']) : 0; require_once 'include/identity.php'; $sys = get_sys_channel(); if ($sys && $profile_uid && $sys['channel_id'] == $profile_uid && is_site_admin()) { $uid = intval($sys['channel_id']); $channel = $sys; $observer = $sys; } if (x($_REQUEST, 'dropitems')) { require_once 'include/items.php'; $arr_drop = explode(',', $_REQUEST['dropitems']); drop_items($arr_drop); $json = array('success' => 1); echo json_encode($json); killme(); } call_hooks('post_local_start', $_REQUEST); // logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); $api_source = x($_REQUEST, 'api_source') && $_REQUEST['api_source'] ? true : false; $consensus = intval($_REQUEST['consensus']); // 'origin' (if non-zero) indicates that this network is where the message originated, // for the purpose of relaying comments to other conversation members. // If using the API from a device (leaf node) you must set origin to 1 (default) or leave unset. // If the API is used from another network with its own distribution // and deliveries, you may wish to set origin to 0 or false and allow the other // network to relay comments. // If you are unsure, it is prudent (and important) to leave it unset. $origin = $api_source && array_key_exists('origin', $_REQUEST) ? intval($_REQUEST['origin']) : 1; // To represent message-ids on other networks - this will create an item_id record $namespace = $api_source && array_key_exists('namespace', $_REQUEST) ? strip_tags($_REQUEST['namespace']) : ''; $remote_id = $api_source && array_key_exists('remote_id', $_REQUEST) ? strip_tags($_REQUEST['remote_id']) : ''; $owner_hash = null; $message_id = x($_REQUEST, 'message_id') && $api_source ? strip_tags($_REQUEST['message_id']) : ''; $created = x($_REQUEST, 'created') ? datetime_convert('UTC', 'UTC', $_REQUEST['created']) : datetime_convert(); $post_id = x($_REQUEST, 'post_id') ? intval($_REQUEST['post_id']) : 0; $app = x($_REQUEST, 'source') ? strip_tags($_REQUEST['source']) : ''; $return_path = x($_REQUEST, 'return') ? $_REQUEST['return'] : ''; $preview = x($_REQUEST, 'preview') ? intval($_REQUEST['preview']) : 0; $categories = x($_REQUEST, 'category') ? escape_tags($_REQUEST['category']) : ''; $webpage = x($_REQUEST, 'webpage') ? intval($_REQUEST['webpage']) : 0; $pagetitle = x($_REQUEST, 'pagetitle') ? escape_tags(urlencode($_REQUEST['pagetitle'])) : ''; $layout_mid = x($_REQUEST, 'layout_mid') ? escape_tags($_REQUEST['layout_mid']) : ''; $plink = x($_REQUEST, 'permalink') ? escape_tags($_REQUEST['permalink']) : ''; $obj_type = x($_REQUEST, 'obj_type') ? escape_tags($_REQUEST['obj_type']) : ACTIVITY_OBJ_NOTE; // allow API to bulk load a bunch of imported items with sending out a bunch of posts. $nopush = x($_REQUEST, 'nopush') ? intval($_REQUEST['nopush']) : 0; /* * Check service class limits */ if ($uid && !x($_REQUEST, 'parent') && !x($_REQUEST, 'post_id')) { $ret = item_check_service_class($uid, $_REQUEST['webpage'] == ITEM_WEBPAGE ? true : false); if (!$ret['success']) { notice(t($ret['message']) . EOL); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } } if ($pagetitle) { require_once 'library/urlify/URLify.php'; $pagetitle = strtolower(URLify::transliterate($pagetitle)); } $item_flags = $item_restrict = 0; $route = ''; $parent_item = null; $parent_contact = null; $thr_parent = ''; $parid = 0; $r = false; if ($parent || $parent_mid) { if (!x($_REQUEST, 'type')) { $_REQUEST['type'] = 'net-comment'; } if ($obj_type == ACTIVITY_OBJ_POST) { $obj_type = ACTIVITY_OBJ_COMMENT; } if ($parent) { $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", intval($parent)); } elseif ($parent_mid && $uid) { // This is coming from an API source, and we are logged in $r = q("SELECT * FROM `item` WHERE `mid` = '%s' AND `uid` = %d LIMIT 1", dbesc($parent_mid), intval($uid)); } // if this isn't the real parent of the conversation, find it if ($r !== false && count($r)) { $parid = $r[0]['parent']; $parent_mid = $r[0]['mid']; if ($r[0]['id'] != $r[0]['parent']) { $r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", intval($parid)); } } if ($r === false || !count($r)) { notice(t('Unable to locate original post.') . EOL); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } // can_comment_on_post() needs info from the following xchan_query xchan_query($r); $parent_item = $r[0]; $parent = $r[0]['id']; // multi-level threading - preserve the info but re-parent to our single level threading $thr_parent = $parent_mid; $route = $parent_item['route']; } if (!$observer) { $observer = $a->get_observer(); } if ($parent) { logger('mod_item: item_post parent=' . $parent); $can_comment = false; if (array_key_exists('owner', $parent_item) && $parent_item['owner']['abook_flags'] & ABOOK_FLAG_SELF) { $can_comment = perm_is_allowed($profile_uid, $observer['xchan_hash'], 'post_comments'); } else { $can_comment = can_comment_on_post($observer['xchan_hash'], $parent_item); } if (!$can_comment) { notice(t('Permission denied.') . EOL); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } } else { if (!perm_is_allowed($profile_uid, $observer['xchan_hash'], 'post_wall')) { notice(t('Permission denied.') . EOL); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } } // is this an edited post? $orig_post = null; if ($namespace && $remote_id) { // It wasn't an internally generated post - see if we've got an item matching this remote service id $i = q("select iid from item_id where service = '%s' and sid = '%s' limit 1", dbesc($namespace), dbesc($remote_id)); if ($i) { $post_id = $i[0]['iid']; } } if ($post_id) { $i = q("SELECT * FROM `item` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($profile_uid), intval($post_id)); if (!count($i)) { killme(); } $orig_post = $i[0]; } if (!$channel) { if ($uid && $uid == $profile_uid) { $channel = $a->get_channel(); } else { // posting as yourself but not necessarily to a channel you control $r = q("select * from channel left join account on channel_account_id = account_id where channel_id = %d LIMIT 1", intval($profile_uid)); if ($r) { $channel = $r[0]; } } } if (!$channel) { logger("mod_item: no channel."); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } $owner_xchan = null; $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($channel['channel_hash'])); if ($r && count($r)) { $owner_xchan = $r[0]; } else { logger("mod_item: no owner."); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } $walltowall = false; $walltowall_comment = false; if ($remote_xchan) { $observer = $remote_observer; } if ($observer) { logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG); // wall-to-wall detection. // For top-level posts, if the author and owner are different it's a wall-to-wall // For comments, We need to additionally look at the parent and see if it's a wall post that originated locally. if ($observer['xchan_name'] != $owner_xchan['xchan_name']) { if ($parent_item && ($parent_item['item_flags'] & (ITEM_WALL | ITEM_ORIGIN)) == (ITEM_WALL | ITEM_ORIGIN)) { $walltowall_comment = true; $walltowall = true; } if (!$parent) { $walltowall = true; } } } $public_policy = x($_REQUEST, 'public_policy') ? escape_tags($_REQUEST['public_policy']) : map_scope($channel['channel_r_stream'], true); if ($webpage) { $public_policy = ''; } if ($public_policy) { $private = 1; } if ($orig_post) { $private = 0; // webpages are allowed to change ACLs after the fact. Normal conversation items aren't. if ($webpage) { $str_group_allow = perms2str($_REQUEST['group_allow']); $str_contact_allow = perms2str($_REQUEST['contact_allow']); $str_group_deny = perms2str($_REQUEST['group_deny']); $str_contact_deny = perms2str($_REQUEST['contact_deny']); } else { $str_group_allow = $orig_post['allow_gid']; $str_contact_allow = $orig_post['allow_cid']; $str_group_deny = $orig_post['deny_gid']; $str_contact_deny = $orig_post['deny_cid']; $public_policy = $orig_post['public_policy']; $private = $orig_post['item_private']; } if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny) || strlen($public_policy) || $private) { $private = 1; } $location = $orig_post['location']; $coord = $orig_post['coord']; $verb = $orig_post['verb']; $app = $orig_post['app']; $title = escape_tags(trim($_REQUEST['title'])); $body = trim($_REQUEST['body']); $item_flags = $orig_post['item_flags']; // force us to recalculate if we need to obscure this post if ($item_flags & ITEM_OBSCURED) { $item_flags = $item_flags ^ ITEM_OBSCURED; } $item_restrict = $orig_post['item_restrict']; $postopts = $orig_post['postopts']; $created = $orig_post['created']; $mid = $orig_post['mid']; $parent_mid = $orig_post['parent_mid']; $plink = $orig_post['plink']; } else { // if coming from the API and no privacy settings are set, // use the user default permissions - as they won't have // been supplied via a form. if ($api_source && !array_key_exists('contact_allow', $_REQUEST) && !array_key_exists('group_allow', $_REQUEST) && !array_key_exists('contact_deny', $_REQUEST) && !array_key_exists('group_deny', $_REQUEST)) { $str_group_allow = $channel['channel_allow_gid']; $str_contact_allow = $channel['channel_allow_cid']; $str_group_deny = $channel['channel_deny_gid']; $str_contact_deny = $channel['channel_deny_cid']; } elseif ($walltowall) { // use the channel owner's default permissions $str_group_allow = $channel['channel_allow_gid']; $str_contact_allow = $channel['channel_allow_cid']; $str_group_deny = $channel['channel_deny_gid']; $str_contact_deny = $channel['channel_deny_cid']; } else { // use the posted permissions $str_group_allow = perms2str($_REQUEST['group_allow']); $str_contact_allow = perms2str($_REQUEST['contact_allow']); $str_group_deny = perms2str($_REQUEST['group_deny']); $str_contact_deny = perms2str($_REQUEST['contact_deny']); } $location = notags(trim($_REQUEST['location'])); $coord = notags(trim($_REQUEST['coord'])); $verb = notags(trim($_REQUEST['verb'])); $title = escape_tags(trim($_REQUEST['title'])); $body = trim($_REQUEST['body']); $body .= trim($_REQUEST['attachment']); $postopts = ''; $private = strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny) || strlen($public_policy) ? 1 : 0; // If this is a comment, set the permissions from the parent. if ($parent_item) { $private = 0; if ($parent_item['item_private'] || strlen($parent_item['allow_cid']) || strlen($parent_item['allow_gid']) || strlen($parent_item['deny_cid']) || strlen($parent_item['deny_gid']) || strlen($parent_item['public_policy'])) { $private = $parent_item['item_private'] ? $parent_item['item_private'] : 1; } $public_policy = $parent_item['public_policy']; $str_contact_allow = $parent_item['allow_cid']; $str_group_allow = $parent_item['allow_gid']; $str_contact_deny = $parent_item['deny_cid']; $str_group_deny = $parent_item['deny_gid']; $owner_hash = $parent_item['owner_xchan']; } if (!strlen($body)) { if ($preview) { killme(); } info(t('Empty post discarded.') . EOL); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } } $expires = NULL_DATE; if (feature_enabled($profile_uid, 'content_expire')) { if (x($_REQUEST, 'expire')) { $expires = datetime_convert(date_default_timezone_get(), 'UTC', $_REQUEST['expire']); if ($expires <= datetime_convert()) { $expires = NULL_DATE; } } } $mimetype = notags(trim($_REQUEST['mimetype'])); if (!$mimetype) { $mimetype = 'text/bbcode'; } if ($preview) { $body = z_input_filter($profile_uid, $body, $mimetype); } // Verify ability to use html or php!!! $execflag = false; if ($mimetype === 'application/x-php') { $z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", intval($profile_uid)); if ($z && ($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE || $z[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { if ($uid && get_account_id() == $z[0]['account_id']) { $execflag = true; } else { notice(t('Executable content type not permitted to this channel.') . EOL); if (x($_REQUEST, 'return')) { goaway($a->get_baseurl() . "/" . $return_path); } killme(); } } } if ($mimetype === 'text/bbcode') { require_once 'include/text.php'; if ($uid && $uid == $profile_uid && feature_enabled($uid, 'markdown')) { require_once 'include/bb2diaspora.php'; $body = escape_tags($body); $body = preg_replace_callback('/\\[share(.*?)\\]/ism', 'share_shield', $body); $body = diaspora2bb($body, true); $body = preg_replace_callback('/\\[share(.*?)\\]/ism', 'share_unshield', $body); } // BBCODE alert: the following functions assume bbcode input // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) // we may need virtual or template classes to implement the possible alternatives // Work around doubled linefeeds in Tinymce 3.5b2 // First figure out if it's a status post that would've been // created using tinymce. Otherwise leave it alone. $plaintext = true; // $plaintext = ((feature_enabled($profile_uid,'richtext')) ? false : true); // if((! $parent) && (! $api_source) && (! $plaintext)) { // $body = fix_mce_lf($body); // } // If we're sending a private top-level message with a single @-taggable channel as a recipient, @-tag it, if our pconfig is set. if (!$parent && get_pconfig($profile_uid, 'system', 'tagifonlyrecip') && substr_count($str_contact_allow, '<') == 1 && $str_group_allow == '' && $str_contact_deny == '' && $str_group_deny == '') { $x = q("select abook_id, abook_their_perms from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc(str_replace(array('<', '>'), array('', ''), $str_contact_allow)), intval($profile_uid)); if ($x && $x[0]['abook_their_perms'] & PERMS_W_TAGWALL) { $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; } } /** * fix naked links by passing through a callback to see if this is a red site * (already known to us) which will get a zrl, otherwise link with url, add bookmark tag to both. * First protect any url inside certain bbcode tags so we don't double link it. */ $body = preg_replace_callback('/\\[code(.*?)\\[\\/(code)\\]/ism', 'red_escape_codeblock', $body); $body = preg_replace_callback('/\\[url(.*?)\\[\\/(url)\\]/ism', 'red_escape_codeblock', $body); $body = preg_replace_callback('/\\[zrl(.*?)\\[\\/(zrl)\\]/ism', 'red_escape_codeblock', $body); $body = preg_replace_callback("/([^\\]\\='" . '"' . "\\/]|^|\\#\\^)(https?\\:\\/\\/[a-zA-Z0-9\\:\\/\\-\\?\\&\\;\\.\\=\\@\\_\\~\\#\\%\$\\!\\+\\,]+)/ism", 'red_zrl_callback', $body); $body = preg_replace_callback('/\\[\\$b64zrl(.*?)\\[\\/(zrl)\\]/ism', 'red_unescape_codeblock', $body); $body = preg_replace_callback('/\\[\\$b64url(.*?)\\[\\/(url)\\]/ism', 'red_unescape_codeblock', $body); $body = preg_replace_callback('/\\[\\$b64code(.*?)\\[\\/(code)\\]/ism', 'red_unescape_codeblock', $body); // fix any img tags that should be zmg $body = preg_replace_callback('/\\[img(.*?)\\](.*?)\\[\\/img\\]/ism', 'red_zrlify_img_callback', $body); $body = bb_translate_video($body); /** * Fold multi-line [code] sequences */ $body = preg_replace('/\\[\\/code\\]\\s*\\[code\\]/ism', "\n", $body); $body = scale_external_images($body, false); // Look for tags and linkify them $results = linkify_tags($a, $body, $uid ? $uid : $profile_uid); if ($results) { // Set permissions based on tag replacements set_linkified_perms($results, $str_contact_allow, $str_group_allow, $profile_uid, $parent_item, $private); $post_tags = array(); foreach ($results as $result) { $success = $result['success']; if ($success['replaced']) { $post_tags[] = array('uid' => $profile_uid, 'type' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url']); } } } /** * * When a photo was uploaded into the message using the (profile wall) ajax * uploader, The permissions are initially set to disallow anybody but the * owner from seeing it. This is because the permissions may not yet have been * set for the post. If it's private, the photo permissions should be set * appropriately. But we didn't know the final permissions on the post until * now. So now we'll look for links of uploaded photos and attachments that are in the * post and set them to the same permissions as the post itself. * * If the post was end-to-end encrypted we can't find images and attachments in the body, * use our media_str input instead which only contains these elements - but only do this * when encrypted content exists because the photo/attachment may have been removed from * the post and we should keep it private. If it's encrypted we have no way of knowing * so we'll set the permissions regardless and realise that the media may not be * referenced in the post. * * What is preventing us from being able to upload photos into comments is dealing with * the photo and attachment permissions, since we don't always know who was in the * distribution for the top level post. * * We might be able to provide this functionality with a lot of fiddling: * - if the top level post is public (make the photo public) * - if the top level post was written by us or a wall post that belongs to us (match the top level post) * - if the top level post has privacy mentions, add those to the permissions. * - otherwise disallow the photo *or* make the photo public. This is the part that gets messy. */ if (!$preview) { fix_attached_photo_permissions($profile_uid, $owner_xchan['xchan_hash'], strpos($body, '[/crypt]') ? $_POST['media_str'] : $body, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); fix_attached_file_permissions($channel, $observer['xchan_hash'], strpos($body, '[/crypt]') ? $_POST['media_str'] : $body, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); } $attachments = ''; $match = false; if (preg_match_all('/(\\[attachment\\](.*?)\\[\\/attachment\\])/', $body, $match)) { $attachments = array(); foreach ($match[2] as $mtch) { $hash = substr($mtch, 0, strpos($mtch, ',')); $rev = intval(substr($mtch, strpos($mtch, ','))); $r = attach_by_hash_nodata($hash, $rev); if ($r['success']) { $attachments[] = array('href' => $a->get_baseurl() . '/attach/' . $r['data']['hash'], 'length' => $r['data']['filesize'], 'type' => $r['data']['filetype'], 'title' => urlencode($r['data']['filename']), 'revision' => $r['data']['revision']); } $body = str_replace($match[1], '', $body); } } } // BBCODE end alert if (strlen($categories)) { $cats = explode(',', $categories); foreach ($cats as $cat) { $post_tags[] = array('uid' => $profile_uid, 'type' => TERM_CATEGORY, 'otype' => TERM_OBJ_POST, 'term' => trim($cat), 'url' => $owner_xchan['xchan_url'] . '?f=&cat=' . urlencode(trim($cat))); } } $item_unseen = 1; // determine if this is a wall post if ($parent) { if ($parent_item['item_flags'] & ITEM_WALL) { $item_flags = $item_flags | ITEM_WALL; } } else { if (!$webpage) { $item_flags = $item_flags | ITEM_WALL; } } if ($origin) { $item_flags = $item_flags | ITEM_ORIGIN; } if ($moderated) { $item_restrict = $item_restrict | ITEM_MODERATED; } if ($webpage) { $item_restrict = $item_restrict | $webpage; } if (!strlen($verb)) { $verb = ACTIVITY_POST; } $notify_type = $parent ? 'comment-new' : 'wall-new'; if (!$mid) { $mid = $message_id ? $message_id : item_message_id(); } if (!$parent_mid) { $parent_mid = $mid; } if ($parent_item) { $parent_mid = $parent_item['mid']; } // Fallback so that we alway have a thr_parent if (!$thr_parent) { $thr_parent = $mid; } $datarray = array(); if (!$parent) { $item_flags = $item_flags | ITEM_THREAD_TOP; } if ($consensus) { $item_flags |= ITEM_CONSENSUS; } if (!$plink && $item_flags & ITEM_THREAD_TOP) { $plink = z_root() . '/channel/' . $channel['channel_address'] . '/?f=&mid=' . $mid; } $datarray['aid'] = $channel['channel_account_id']; $datarray['uid'] = $profile_uid; $datarray['owner_xchan'] = $owner_hash ? $owner_hash : $owner_xchan['xchan_hash']; $datarray['author_xchan'] = $observer['xchan_hash']; $datarray['created'] = $created; $datarray['edited'] = $orig_post ? datetime_convert() : $created; $datarray['expires'] = $expires; $datarray['commented'] = $orig_post ? datetime_convert() : $created; $datarray['received'] = $orig_post ? datetime_convert() : $created; $datarray['changed'] = $orig_post ? datetime_convert() : $created; $datarray['mid'] = $mid; $datarray['parent_mid'] = $parent_mid; $datarray['mimetype'] = $mimetype; $datarray['title'] = $title; $datarray['body'] = $body; $datarray['app'] = $app; $datarray['location'] = $location; $datarray['coord'] = $coord; $datarray['verb'] = $verb; $datarray['obj_type'] = $obj_type; $datarray['allow_cid'] = $str_contact_allow; $datarray['allow_gid'] = $str_group_allow; $datarray['deny_cid'] = $str_contact_deny; $datarray['deny_gid'] = $str_group_deny; $datarray['item_private'] = $private; $datarray['attach'] = $attachments; $datarray['thr_parent'] = $thr_parent; $datarray['postopts'] = $postopts; $datarray['item_restrict'] = $item_restrict; $datarray['item_flags'] = $item_flags; $datarray['layout_mid'] = $layout_mid; $datarray['public_policy'] = $public_policy; $datarray['comment_policy'] = map_scope($channel['channel_w_comment']); $datarray['term'] = $post_tags; $datarray['plink'] = $plink; $datarray['route'] = $route; $datarray['item_unseen'] = $item_unseen; // preview mode - prepare the body for display and send it via json if ($preview) { require_once 'include/conversation.php'; $datarray['owner'] = $owner_xchan; $datarray['author'] = $observer; $datarray['attach'] = json_encode($datarray['attach']); $o = conversation($a, array($datarray), 'search', false, 'preview'); // logger('preview: ' . $o, LOGGER_DEBUG); echo json_encode(array('preview' => $o)); killme(); } if ($orig_post) { $datarray['edit'] = true; } call_hooks('post_local', $datarray); if (x($datarray, 'cancel')) { logger('mod_item: post cancelled by plugin.'); if ($return_path) { goaway($a->get_baseurl() . "/" . $return_path); } $json = array('cancel' => 1); if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) { $json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload']; } echo json_encode($json); killme(); } if (mb_strlen($datarray['title']) > 255) { $datarray['title'] = mb_substr($datarray['title'], 0, 255); } if (array_key_exists('item_private', $datarray) && $datarray['item_private']) { $datarray['body'] = trim(z_input_filter($datarray['uid'], $datarray['body'], $datarray['mimetype'])); if ($uid) { if ($channel['channel_hash'] === $datarray['author_xchan']) { $datarray['sig'] = base64url_encode(rsa_sign($datarray['body'], $channel['channel_prvkey'])); $datarray['item_flags'] = $datarray['item_flags'] | ITEM_VERIFIED; } } logger('Encrypting local storage'); $key = get_config('system', 'pubkey'); $datarray['item_flags'] = $datarray['item_flags'] | ITEM_OBSCURED; if ($datarray['title']) { $datarray['title'] = json_encode(crypto_encapsulate($datarray['title'], $key)); } if ($datarray['body']) { $datarray['body'] = json_encode(crypto_encapsulate($datarray['body'], $key)); } } if ($orig_post) { $datarray['id'] = $post_id; item_store_update($datarray, $execflag); update_remote_id($channel, $post_id, $webpage, $pagetitle, $namespace, $remote_id, $mid); if (!$nopush) { proc_run('php', "include/notifier.php", 'edit_post', $post_id); } if (x($_REQUEST, 'return') && strlen($return_path)) { logger('return: ' . $return_path); goaway($a->get_baseurl() . "/" . $return_path); } killme(); } else { $post_id = 0; } $post = item_store($datarray, $execflag); $post_id = $post['item_id']; if ($post_id) { logger('mod_item: saved item ' . $post_id); if ($parent) { // only send comment notification if this is a wall-to-wall comment, // otherwise it will happen during delivery if ($datarray['owner_xchan'] != $datarray['author_xchan'] && $parent_item['item_flags'] & ITEM_WALL) { notification(array('type' => NOTIFY_COMMENT, 'from_xchan' => $datarray['author_xchan'], 'to_xchan' => $datarray['owner_xchan'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . $datarray['mid'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $parent, 'parent_mid' => $parent_item['mid'])); } } else { $parent = $post_id; if ($datarray['owner_xchan'] != $datarray['author_xchan']) { notification(array('type' => NOTIFY_WALL, 'from_xchan' => $datarray['author_xchan'], 'to_xchan' => $datarray['owner_xchan'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . $datarray['mid'], 'verb' => ACTIVITY_POST, 'otype' => 'item')); } if ($uid && $uid == $profile_uid && !$datarray['item_restrict']) { q("update channel set channel_lastpost = '%s' where channel_id = %d", dbesc(datetime_convert()), intval($uid)); } } // photo comments turn the corresponding item visible to the profile wall // This way we don't see every picture in your new photo album posted to your wall at once. // They will show up as people comment on them. if ($parent_item['item_restrict'] & ITEM_HIDDEN) { $r = q("UPDATE `item` SET `item_restrict` = %d WHERE `id` = %d", intval($parent_item['item_restrict'] - ITEM_HIDDEN), intval($parent_item['id'])); } } else { logger('mod_item: unable to retrieve post that was just stored.'); notice(t('System error. Post not saved.') . EOL); goaway($a->get_baseurl() . "/" . $return_path); // NOTREACHED } if ($parent) { // Store the comment signature information in case we need to relay to Diaspora $ditem = $datarray; $ditem['author'] = $observer; store_diaspora_comment_sig($ditem, $channel, $parent_item, $post_id, $walltowall_comment ? 1 : 0); } update_remote_id($channel, $post_id, $webpage, $pagetitle, $namespace, $remote_id, $mid); $datarray['id'] = $post_id; $datarray['llink'] = $a->get_baseurl() . '/display/' . $channel['channel_address'] . '/' . $post_id; call_hooks('post_local_end', $datarray); if (!$nopush) { proc_run('php', 'include/notifier.php', $notify_type, $post_id); } logger('post_complete'); // figure out how to return, depending on from whence we came if ($api_source) { return $post; } if ($return_path) { goaway($a->get_baseurl() . "/" . $return_path); } $json = array('success' => 1); if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) { $json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload']; } logger('post_json: ' . print_r($json, true), LOGGER_DEBUG); echo json_encode($json); killme(); // NOTREACHED }
public static function run($argc, $argv) { $maxsysload = intval(get_config('system', 'maxloadavg')); if ($maxsysload < 1) { $maxsysload = 50; } if (function_exists('sys_getloadavg')) { $load = sys_getloadavg(); if (intval($load[0]) > $maxsysload) { logger('system: load ' . $load . ' too high. Cron deferred to next scheduled run.'); return; } } // Check for a lockfile. If it exists, but is over an hour old, it's stale. Ignore it. $lockfile = 'store/[data]/cron'; if (file_exists($lockfile) && filemtime($lockfile) > time() - 3600 && !get_config('system', 'override_cron_lockfile')) { logger("cron: Already running"); return; } // Create a lockfile. Needs two vars, but $x doesn't need to contain anything. file_put_contents($lockfile, $x); logger('cron: start'); // run queue delivery process in the background Master::Summon(array('Queue')); Master::Summon(array('Poller')); // maintenance for mod sharedwithme - check for updated items and remove them require_once 'include/sharedwithme.php'; apply_updates(); // expire any expired mail q("delete from mail where expires > '%s' and expires < %s ", dbesc(NULL_DATE), db_utcnow()); // expire any expired items $r = q("select id from item where expires > '2001-01-01 00:00:00' and expires < %s \n\t\t\tand item_deleted = 0 ", db_utcnow()); if ($r) { require_once 'include/items.php'; foreach ($r as $rr) { drop_item($rr['id'], false); } } // delete expired access tokens $r = q("select atoken_id from atoken where atoken_expires > '%s' and atoken_expires < %s", dbesc(NULL_DATE), db_utcnow()); if ($r) { require_once 'include/security.php'; foreach ($r as $rr) { atoken_delete($rr['atoken_id']); } } // Ensure that every channel pings a directory server once a month. This way we can discover // channels and sites that quietly vanished and prevent the directory from accumulating stale // or dead entries. $r = q("select channel_id from channel where channel_dirdate < %s - INTERVAL %s", db_utcnow(), db_quoteinterval('30 DAY')); if ($r) { foreach ($r as $rr) { Master::Summon(array('Directory', $rr['channel_id'], 'force')); if ($interval) { @time_sleep_until(microtime(true) + (double) $interval); } } } // publish any applicable items that were set to be published in the future // (time travel posts). Restrict to items that have come of age in the last // couple of days to limit the query to something reasonable. $r = q("select id from item where item_delayed = 1 and created <= %s and created > '%s' ", db_utcnow(), dbesc(datetime_convert('UTC', 'UTC', 'now - 2 days'))); if ($r) { foreach ($r as $rr) { $x = q("update item set item_delayed = 0 where id = %d", intval($rr['id'])); if ($x) { $z = q("select * from item where id = %d", intval($message_id)); if ($z) { xchan_query($z); $sync_item = fetch_post_tags($z); build_sync_packet($sync_item[0]['uid'], ['item' => [encode_item($sync_item[0], true)]]); } Master::Summon(array('Notifier', 'wall-new', $rr['id'])); } } } $abandon_days = intval(get_config('system', 'account_abandon_days')); if ($abandon_days < 1) { $abandon_days = 0; } // once daily run birthday_updates and then expire in background // FIXME: add birthday updates, both locally and for xprof for use // by directory servers $d1 = intval(get_config('system', 'last_expire_day')); $d2 = intval(datetime_convert('UTC', 'UTC', 'now', 'd')); // Allow somebody to staggger daily activities if they have more than one site on their server, // or if it happens at an inconvenient (busy) hour. $h1 = intval(get_config('system', 'cron_hour')); $h2 = intval(datetime_convert('UTC', 'UTC', 'now', 'G')); if ($d2 != $d1 && $h1 == $h2) { Master::Summon(array('Cron_daily')); } // update any photos which didn't get imported properly // This should be rare $r = q("select xchan_photo_l, xchan_hash from xchan where xchan_photo_l != '' and xchan_photo_m = '' \n\t\t\tand xchan_photo_date < %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 DAY')); if ($r) { require_once 'include/photo/photo_driver.php'; foreach ($r as $rr) { $photos = import_xchan_photo($rr['xchan_photo_l'], $rr['xchan_hash']); $x = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'\n\t\t\t\t\twhere xchan_hash = '%s'", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc($photos[3]), dbesc($rr['xchan_hash'])); } } // pull in some public posts if (!get_config('system', 'disable_discover_tab')) { Master::Summon(array('Externals')); } $generation = 0; $restart = false; if ($argc > 1 && $argv[1] == 'restart') { $restart = true; $generation = intval($argv[2]); if (!$generation) { killme(); } } reload_plugins(); $d = datetime_convert(); // TODO check to see if there are any cronhooks before wasting a process if (!$restart) { Master::Summon(array('Cronhooks')); } set_config('system', 'lastcron', datetime_convert()); //All done - clear the lockfile @unlink($lockfile); return; }
/** * @brief do several updates when pinged. * * This function does several tasks. Whenever called it checks for new messages, * introductions, notifications, etc. and returns a json with the results. * * @param App &$a * @result JSON */ function ping_init(&$a) { $result = array(); $notifs = array(); $result['notify'] = 0; $result['home'] = 0; $result['network'] = 0; $result['intros'] = 0; $result['mail'] = 0; $result['register'] = 0; $result['events'] = 0; $result['events_today'] = 0; $result['birthdays'] = 0; $result['birthdays_today'] = 0; $result['all_events'] = 0; $result['all_events_today'] = 0; $result['notice'] = array(); $result['info'] = array(); $t0 = dba_timer(); header("content-type: application/json"); /** * If you have several windows open to this site and switch to a different channel * in one of them, the others may get into a confused state showing you a page or options * on that page which were only valid under the old identity. You session has changed. * Therefore we send a notification of this fact back to the browser where it is picked up * in javascript and which reloads the page it is on so that it is valid under the context * of the now current channel. */ $result['invalid'] = intval($_GET['uid']) && intval($_GET['uid']) != local_user() ? 1 : 0; /** * Send all system messages (alerts) to the browser. * Some are marked as informational and some represent * errors or serious notifications. These typically * will popup on the current page (no matter what page it is) */ if (x($_SESSION, 'sysmsg')) { foreach ($_SESSION['sysmsg'] as $m) { $result['notice'][] = array('message' => $m); } unset($_SESSION['sysmsg']); } if (x($_SESSION, 'sysmsg_info')) { foreach ($_SESSION['sysmsg_info'] as $m) { $result['info'][] = array('message' => $m); } unset($_SESSION['sysmsg_info']); } if ($a->install) { echo json_encode($result); killme(); } /** * Update chat presence indication (if applicable) */ if (get_observer_hash() && !$result['invalid']) { $r = q("select cp_id, cp_room from chatpresence where cp_xchan = '%s' and cp_client = '%s' and cp_room = 0 limit 1", dbesc(get_observer_hash()), dbesc($_SERVER['REMOTE_ADDR'])); $basic_presence = false; if ($r) { $basic_presence = true; q("update chatpresence set cp_last = '%s' where cp_id = %d limit 1", dbesc(datetime_convert()), intval($r[0]['cp_id'])); } if (!$basic_presence) { q("insert into chatpresence ( cp_xchan, cp_last, cp_status, cp_client)\n\t\t\t\tvalues( '%s', '%s', '%s', '%s' ) ", dbesc(get_observer_hash()), dbesc(datetime_convert()), dbesc('online'), dbesc($_SERVER['REMOTE_ADDR'])); } } /** * Chatpresence continued... if somebody hasn't pinged recently, they've most likely left the page * and shouldn't count as online anymore. We allow an expection for bots. */ q("delete from chatpresence where cp_last < UTC_TIMESTAMP() - INTERVAL 3 MINUTE and cp_client != 'auto' "); if (!local_user() || $result['invalid']) { echo json_encode($result); killme(); } /** * Everything following is only permitted under the context of a locally authenticated site member. */ /** * Handle "mark all xyz notifications read" requests. */ // mark all items read if (x($_REQUEST, 'markRead') && local_user()) { switch ($_REQUEST['markRead']) { case 'network': $r = q("update item set item_flags = ( item_flags ^ %d ) where (item_flags & %d) and uid = %d", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(local_user())); break; case 'home': $r = q("update item set item_flags = ( item_flags ^ %d ) where (item_flags & %d) and (item_flags & %d) and uid = %d", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(ITEM_WALL), intval(local_user())); break; case 'messages': $r = q("update mail set mail_flags = ( mail_flags ^ %d ) where channel_id = %d and not (mail_flags & %d)", intval(MAIL_SEEN), intval(local_user()), intval(MAIL_SEEN)); break; case 'all_events': $r = q("update event set `ignore` = 1 where `ignore` = 0 and uid = %d", intval(local_user())); break; case 'notify': $r = q("update notify set seen = 1 where uid = %d", intval(local_user())); break; default: break; } } /** * URL ping/something will return detail for "something", e.g. a json list with which to populate a notification * dropdown menu. */ if (argc() > 1 && argv(1) === 'notify') { $t = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_user())); if ($t && intval($t[0]['total']) > 49) { $z = q("select * from notify where uid = %d\n\t\t\t\tand seen = 0 order by date desc limit 0, 50", intval(local_user())); } else { $z1 = q("select * from notify where uid = %d\n\t\t\t\tand seen = 0 order by date desc limit 0, 50", intval(local_user())); $z2 = q("select * from notify where uid = %d\n\t\t\t\tand seen = 1 order by date desc limit 0, %d", intval(local_user()), intval(50 - intval($t[0]['total']))); $z = array_merge($z1, $z2); } if (count($z)) { foreach ($z as $zz) { $notifs[] = array('notify_link' => $a->get_baseurl() . '/notify/view/' . $zz['id'], 'name' => '', 'url' => $zz['url'], 'photo' => $zz['photo'], 'when' => relative_date($zz['date']), 'class' => $zz['seen'] ? 'notify-seen' : 'notify-unseen', 'message' => strip_tags(bbcode($zz['msg']))); } } echo json_encode(array('notify' => $notifs)); killme(); } if (argc() > 1 && argv(1) === 'messages') { $channel = $a->get_channel(); $t = q("select mail.*, xchan.* from mail left join xchan on xchan_hash = from_xchan \n\t\t\twhere channel_id = %d and not ( mail_flags & %d ) and not (mail_flags & %d ) \n\t\t\tand from_xchan != '%s' order by created desc limit 0,50", intval(local_user()), intval(MAIL_SEEN), intval(MAIL_DELETED), dbesc($channel['channel_hash'])); if ($t) { foreach ($t as $zz) { $notifs[] = array('notify_link' => $a->get_baseurl() . '/mail/' . $zz['id'], 'name' => $zz['xchan_name'], 'url' => $zz['xchan_url'], 'photo' => $zz['xchan_photo_s'], 'when' => relative_date($zz['created']), 'class' => $zz['mail_flags'] & MAIL_SEEN ? 'notify-seen' : 'notify-unseen', 'message' => t('sent you a private message')); } } echo json_encode(array('notify' => $notifs)); killme(); } if (argc() > 1 && (argv(1) === 'network' || argv(1) === 'home')) { $result = array(); $r = q("SELECT * FROM item\n\t\t\tWHERE item_restrict = %d and ( item_flags & %d ) and uid = %d", intval(ITEM_VISIBLE), intval(ITEM_UNSEEN), intval(local_user())); if ($r) { xchan_query($r); foreach ($r as $item) { if (argv(1) === 'home' && !($item['item_flags'] & ITEM_WALL)) { continue; } $result[] = format_notification($item); } } logger('ping (network||home): ' . print_r($result, true), LOGGER_DATA); echo json_encode(array('notify' => $result)); killme(); } if (argc() > 1 && argv(1) === 'intros') { $result = array(); $r = q("SELECT * FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", intval(local_user()), intval(ABOOK_FLAG_PENDING), intval(ABOOK_FLAG_SELF | ABOOK_FLAG_IGNORED), intval(XCHAN_FLAGS_DELETED | XCHAN_FLAGS_ORPHAN)); if ($r) { foreach ($r as $rr) { $result[] = array('notify_link' => $a->get_baseurl() . '/connedit/' . $rr['abook_id'], 'name' => $rr['xchan_name'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], 'when' => relative_date($rr['abook_created']), 'class' => 'notify-unseen', 'message' => t('added your channel')); } } logger('ping (intros): ' . print_r($result, true), LOGGER_DATA); echo json_encode(array('notify' => $result)); killme(); } if (argc() > 1 && argv(1) === 'all_events') { $bd_format = t('g A l F d'); // 8 AM Friday January 18 $result = array(); $r = q("SELECT * FROM event left join xchan on event_xchan = xchan_hash\n\t\t\tWHERE `event`.`uid` = %d AND start < '%s' AND start > '%s' and `ignore` = 0\n\t\t\tORDER BY `start` DESC ", intval(local_user()), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))); if ($r) { foreach ($r as $rr) { if ($rr['adjust']) { $md = datetime_convert('UTC', date_default_timezone_get(), $rr['start'], 'Y/m'); } else { $md = datetime_convert('UTC', 'UTC', $rr['start'], 'Y/m'); } $strt = datetime_convert('UTC', $rr['adjust'] ? date_default_timezone_get() : 'UTC', $rr['start']); $today = substr($strt, 0, 10) === datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d') ? true : false; $when = day_translate(datetime_convert('UTC', $rr['adjust'] ? date_default_timezone_get() : 'UTC', $rr['start'], $bd_format)) . ($today ? ' ' . t('[today]') : ''); $result[] = array('notify_link' => $a->get_baseurl() . '/events', 'name' => $rr['xchan_name'], 'url' => $rr['xchan_url'], 'photo' => $rr['xchan_photo_s'], 'when' => $when, 'class' => 'notify-unseen', 'message' => t('posted an event')); } } logger('ping (all_events): ' . print_r($result, true), LOGGER_DATA); echo json_encode(array('notify' => $result)); killme(); } /** * Normal ping - just the counts, no detail */ $t = q("select count(*) as total from notify where uid = %d and seen = 0", intval(local_user())); if ($t) { $result['notify'] = intval($t[0]['total']); } $t1 = dba_timer(); $r = q("SELECT id, item_restrict, item_flags FROM item\n\t\tWHERE (item_restrict = %d) and ( item_flags & %d ) and uid = %d", intval(ITEM_VISIBLE), intval(ITEM_UNSEEN), intval(local_user())); if (count($r)) { $arr = array('items' => $r); call_hooks('network_ping', $arr); foreach ($r as $it) { if ($it['item_flags'] & ITEM_WALL) { $result['home']++; } else { $result['network']++; } } } $t2 = dba_timer(); $intr = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and (abook_flags & %d) and not ((abook_flags & %d) or (xchan_flags & %d))", intval(local_user()), intval(ABOOK_FLAG_PENDING), intval(ABOOK_FLAG_SELF | ABOOK_FLAG_IGNORED), intval(XCHAN_FLAGS_DELETED | XCHAN_FLAGS_ORPHAN)); $t3 = dba_timer(); if ($intr) { $result['intros'] = intval($intr[0]['total']); } $t4 = dba_timer(); $channel = get_app()->get_channel(); $mails = q("SELECT count(id) as total from mail\n\t\tWHERE channel_id = %d AND not (mail_flags & %d) and from_xchan != '%s' ", intval(local_user()), intval(MAIL_SEEN), dbesc($channel['channel_hash'])); if ($mails) { $result['mail'] = intval($mails[0]['total']); } if ($a->config['system']['register_policy'] == REGISTER_APPROVE && is_site_admin()) { $regs = q("SELECT count(account_id) as total from account where (account_flags & %d)", intval(ACCOUNT_PENDING)); if ($regs) { $result['register'] = intval($regs[0]['total']); } } $t5 = dba_timer(); $events = q("SELECT type, start, adjust FROM `event`\n\t\tWHERE `event`.`uid` = %d AND start < '%s' AND start > '%s' and `ignore` = 0\n\t\tORDER BY `start` ASC ", intval(local_user()), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now + 7 days')), dbesc(datetime_convert('UTC', date_default_timezone_get(), 'now - 1 days'))); if ($events) { $result['all_events'] = count($events); if ($result['all_events']) { $str_now = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y-m-d'); foreach ($events as $x) { $bd = false; if ($x['type'] === 'birthday') { $result['birthdays']++; $bd = true; } else { $result['events']++; } if (datetime_convert('UTC', intval($x['adjust']) ? date_default_timezone_get() : 'UTC', $x['start'], 'Y-m-d') === $str_now) { $result['all_events_today']++; if ($bd) { $result['birthdays_today']++; } else { $result['events_today']++; } } } } } $x = json_encode($result); $t6 = dba_timer(); // logger('ping timer: ' . sprintf('%01.4f %01.4f %01.4f %01.4f %01.4f %01.4f',$t6 - $t5, $t5 - $t4, $t4 - $t3, $t3 - $t2, $t2 - $t1, $t1 - $t0)); echo $x; killme(); }
function get() { if (observer_prohibited()) { return; } $channel = null; if (argc() > 1) { $channel = channelx_by_nick(argv(1)); } if (!$channel) { notice(t('Channel not found.') . EOL); return; } // since we don't currently have an event permission - use the stream permission if (!perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_stream')) { notice(t('Permissions denied.') . EOL); return; } $sql_extra = permissions_sql($channel['channel_id'], get_observer_hash(), 'event'); $first_day = get_pconfig(local_channel(), 'system', 'cal_first_day'); $first_day = $first_day ? $first_day : 0; $htpl = get_markup_template('event_head.tpl'); \App::$page['htmlhead'] .= replace_macros($htpl, array('$baseurl' => z_root(), '$module_url' => '/cal/' . $channel['channel_address'], '$modparams' => 2, '$lang' => \App::$language, '$first_day' => $first_day)); $o = ''; $tabs = profile_tabs($a, True, $channel['channel_address']); $mode = 'view'; $y = 0; $m = 0; $ignored = x($_REQUEST, 'ignored') ? " and dismissed = " . intval($_REQUEST['ignored']) . " " : ''; // logger('args: ' . print_r(\App::$argv,true)); if (argc() > 3 && intval(argv(2)) && intval(argv(3))) { $mode = 'view'; $y = intval(argv(2)); $m = intval(argv(3)); } if (argc() <= 3) { $mode = 'view'; $event_id = argv(2); } if ($mode == 'view') { /* edit/create form */ if ($event_id) { $r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1", dbesc($event_id), intval($channel['channel_id'])); if (count($r)) { $orig_event = $r[0]; } } // Passed parameters overrides anything found in the DB if (!x($orig_event)) { $orig_event = array(); } $tz = date_default_timezone_get(); if (x($orig_event)) { $tz = $orig_event['adjust'] ? date_default_timezone_get() : 'UTC'; } $syear = datetime_convert('UTC', $tz, $sdt, 'Y'); $smonth = datetime_convert('UTC', $tz, $sdt, 'm'); $sday = datetime_convert('UTC', $tz, $sdt, 'd'); $shour = datetime_convert('UTC', $tz, $sdt, 'H'); $sminute = datetime_convert('UTC', $tz, $sdt, 'i'); $stext = datetime_convert('UTC', $tz, $sdt); $stext = substr($stext, 0, 14) . "00:00"; $fyear = datetime_convert('UTC', $tz, $fdt, 'Y'); $fmonth = datetime_convert('UTC', $tz, $fdt, 'm'); $fday = datetime_convert('UTC', $tz, $fdt, 'd'); $fhour = datetime_convert('UTC', $tz, $fdt, 'H'); $fminute = datetime_convert('UTC', $tz, $fdt, 'i'); $ftext = datetime_convert('UTC', $tz, $fdt); $ftext = substr($ftext, 0, 14) . "00:00"; $type = x($orig_event) ? $orig_event['etype'] : 'event'; $f = get_config('system', 'event_input_format'); if (!$f) { $f = 'ymd'; } $catsenabled = feature_enabled($channel['channel_id'], 'categories'); $show_bd = perm_is_allowed($channel['channel_id'], get_observer_hash(), 'view_contacts'); if (!$show_bd) { $sql_extra .= " and event.etype != 'birthday' "; } $category = ''; $thisyear = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y'); $thismonth = datetime_convert('UTC', date_default_timezone_get(), 'now', 'm'); if (!$y) { $y = intval($thisyear); } if (!$m) { $m = intval($thismonth); } // Put some limits on dates. The PHP date functions don't seem to do so well before 1900. // An upper limit was chosen to keep search engines from exploring links millions of years in the future. if ($y < 1901) { $y = 1900; } if ($y > 2099) { $y = 2100; } $nextyear = $y; $nextmonth = $m + 1; if ($nextmonth > 12) { $nextmonth = 1; $nextyear++; } $prevyear = $y; if ($m > 1) { $prevmonth = $m - 1; } else { $prevmonth = 12; $prevyear--; } $dim = get_dim($y, $m); $start = sprintf('%d-%d-%d %d:%d:%d', $y, $m, 1, 0, 0, 0); $finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59); if (argv(2) === 'json') { if (x($_GET, 'start')) { $start = $_GET['start']; } if (x($_GET, 'end')) { $finish = $_GET['end']; } } $start = datetime_convert('UTC', 'UTC', $start); $finish = datetime_convert('UTC', 'UTC', $finish); $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish); if (x($_GET, 'id')) { $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan\n\t from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d {$sql_extra} limit 1", intval($channel['channel_id']), intval($_GET['id'])); } else { // fixed an issue with "nofinish" events not showing up in the calendar. // There's still an issue if the finish date crosses the end of month. // Noting this for now - it will need to be fixed here and in Friendica. // Ultimately the finish date shouldn't be involved in the query. $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan\n\t from event left join item on event_hash = resource_id \n\t\t\t\t\twhere resource_type = 'event' and event.uid = %d {$ignored} \n\t\t\t\t\tAND (( adjust = 0 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' ) \n\t\t\t\t\tOR ( adjust = 1 AND ( dtend >= '%s' or nofinish = 1 ) AND dtstart <= '%s' )) {$sql_extra} ", intval($channel['channel_id']), dbesc($start), dbesc($finish), dbesc($adjust_start), dbesc($adjust_finish)); } $links = array(); if ($r) { xchan_query($r); $r = fetch_post_tags($r, true); $r = sort_by_date($r); } if ($r) { foreach ($r as $rr) { $j = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'j') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'j'); if (!x($links, $j)) { $links[$j] = z_root() . '/' . \App::$cmd . '#link-' . $j; } } } $events = array(); $last_date = ''; $fmt = t('l, F j'); if ($r) { foreach ($r as $rr) { $j = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'j') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'j'); $d = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], $fmt) : datetime_convert('UTC', 'UTC', $rr['dtstart'], $fmt); $d = day_translate($d); $start = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtstart'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtstart'], 'c'); if ($rr['nofinish']) { $end = null; } else { $end = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['dtend'], 'c') : datetime_convert('UTC', 'UTC', $rr['dtend'], 'c'); } $is_first = $d !== $last_date; $last_date = $d; $edit = false; $drop = false; $title = strip_tags(html_entity_decode(bbcode($rr['summary']), ENT_QUOTES, 'UTF-8')); if (!$title) { list($title, $_trash) = explode("<br", bbcode($rr['desc']), 2); $title = strip_tags(html_entity_decode($title, ENT_QUOTES, 'UTF-8')); } $html = format_event_html($rr); $rr['desc'] = bbcode($rr['desc']); $rr['location'] = bbcode($rr['location']); $events[] = array('id' => $rr['id'], 'hash' => $rr['event_hash'], 'start' => $start, 'end' => $end, 'drop' => $drop, 'allDay' => false, 'title' => $title, 'j' => $j, 'd' => $d, 'edit' => $edit, 'is_first' => $is_first, 'item' => $rr, 'html' => $html, 'plink' => array($rr['plink'], t('Link to Source'), '', '')); } } if (argv(2) === 'json') { echo json_encode($events); killme(); } // links: array('href', 'text', 'extra css classes', 'title') if (x($_GET, 'id')) { $tpl = get_markup_template("event_cal.tpl"); } else { $tpl = get_markup_template("events_cal-js.tpl"); } $nick = $channel['channel_address']; $o = replace_macros($tpl, array('$baseurl' => z_root(), '$new_event' => array(z_root() . '/cal', $event_id ? t('Edit Event') : t('Create Event'), '', ''), '$previus' => array(z_root() . "/cal/{$nick}/{$prevyear}/{$prevmonth}", t('Previous'), '', ''), '$next' => array(z_root() . "/cal/{$nick}/{$nextyear}/{$nextmonth}", t('Next'), '', ''), '$export' => array(z_root() . "/cal/{$nick}/{$y}/{$m}/export", t('Export'), '', ''), '$calendar' => cal($y, $m, $links, ' eventcal'), '$events' => $events, '$upload' => t('Import'), '$submit' => t('Submit'), '$prev' => t('Previous'), '$next' => t('Next'), '$today' => t('Today'), '$form' => $form, '$expandform' => x($_GET, 'expandform') ? true : false, '$tabs' => $tabs)); if (x($_GET, 'id')) { echo $o; killme(); } return $o; } }
function items_fetch($arr, $channel = null, $observer_hash = null, $client_mode = CLIENT_MODE_NORMAL, $module = 'network') { $result = array('success' => false); $a = get_app(); $sql_extra = ''; $sql_nets = ''; $sql_options = ''; $sql_extra2 = ''; $sql_extra3 = ''; $def_acl = ''; $item_uids = ' true '; if ($arr['uid']) { $uid = $arr['uid']; } if ($channel) { $uid = $channel['channel_id']; $uidhash = $channel['channel_hash']; $item_uids = " item.uid = " . intval($uid) . " "; } if ($arr['star']) { $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ")>0 "; } if ($arr['wall']) { $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ")>0 "; } $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ")>0 {$sql_options} ) "; if ($arr['since_id']) { $sql_extra .= " and item.id > " . $since_id . " "; } if ($arr['gid'] && $uid) { $r = q("SELECT * FROM `groups` WHERE id = %d AND uid = %d LIMIT 1", intval($arr['group']), intval($uid)); if (!$r) { $result['message'] = t('Collection not found.'); return $result; } $contact_str = ''; /** @FIXME $group is undefined */ $contacts = group_get_members($group); if ($contacts) { foreach ($contacts as $c) { if ($contact_str) { $contact_str .= ','; } $contact_str .= "'" . $c['xchan'] . "'"; } } else { $contact_str = ' 0 '; $result['message'] = t('Collection is empty.'); return $result; } $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND (( author_xchan IN ( {$contact_str} ) OR owner_xchan in ( {$contact_str})) or allow_gid like '" . protect_sprintf('%<' . dbesc($r[0]['hash']) . '>%') . "' ) and id = parent and item_restrict = 0 ) "; $x = group_rec_byhash($uid, $r[0]['hash']); $result['headline'] = sprintf(t('Collection: %s'), $x['name']); } elseif ($arr['cid'] && $uid) { $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ")>0 limit 1", intval($arr['cid']), intval(local_channel())); if ($r) { $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND uid = " . intval($arr['uid']) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) and item_restrict = 0 ) "; $result['headline'] = sprintf(t('Connection: %s'), $r[0]['xchan_name']); } else { $result['message'] = t('Connection not found.'); return $result; } } if ($arr['datequery']) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $arr['datequery'])))); } if ($arr['datequery2']) { $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $arr['datequery2'])))); } if (!array_key_exists('nouveau', $arr)) { $sql_extra2 = " AND item.parent = item.id "; $sql_extra3 = ''; } if ($arr['search']) { if (strpos($arr['search'], '#') === 0) { $sql_extra .= term_query('item', substr($arr['search'], 1), TERM_HASHTAG); } else { $sql_extra .= sprintf(" AND item.body like '%s' ", dbesc(protect_sprintf('%' . $arr['search'] . '%'))); } } if (strlen($arr['file'])) { $sql_extra .= term_query('item', $arr['files'], TERM_FILE); } if ($arr['conv'] && $channel) { $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d )>0)) ", dbesc(protect_sprintf($uidhash)), intval(ITEM_MENTIONSME)); } if ($client_mode & CLIENT_MODE_UPDATE && !($client_mode & CLIENT_MODE_LOAD)) { // only setup pagination on initial page view $pager_sql = ''; } else { $itemspage = $channel ? get_pconfig($uid, 'system', 'itemspage') : 20; $a->set_pager_itemspage(intval($itemspage) ? $itemspage : 20); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(get_app()->pager['itemspage']), intval(get_app()->pager['start'])); } if (isset($arr['start']) && isset($arr['records'])) { $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($arr['records']), intval($arr['start'])); } if (array_key_exists('cmin', $arr) || array_key_exists('cmax', $arr)) { if ($arr['cmin'] != 0 || $arr['cmax'] != 99) { // Not everybody who shows up in the network stream will be in your address book. // By default those that aren't are assumed to have closeness = 99; but this isn't // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in // the stream with a NULL address book entry. $sql_nets .= " AND "; if ($arr['cmax'] == 99) { $sql_nets .= " ( "; } $sql_nets .= "( abook.abook_closeness >= " . intval($arr['cmin']) . " "; $sql_nets .= " AND abook.abook_closeness <= " . intval($arr['cmax']) . " ) "; /** @fixme dead code, $cmax is undefined */ if ($cmax == 99) { $sql_nets .= " OR abook.abook_closeness IS NULL ) "; } } } $simple_update = $client_mode & CLIENT_MODE_UPDATE ? " and ( item.item_unseen = 1 ) " : ''; if ($client_mode & CLIENT_MODE_LOAD) { $simple_update = ''; } //$start = dba_timer(); require_once 'include/security.php'; $sql_extra .= item_permissions_sql($channel['channel_id'], $observer_hash); if ($arr['pages']) { $item_restrict = " AND (item_restrict & " . ITEM_WEBPAGE . ") "; } else { $item_restrict = " AND item_restrict = 0 "; } if ($arr['nouveau'] && $client_mode & CLIENT_MODE_LOAD && $channel) { // "New Item View" - show all items unthreaded in reverse created date order $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\tWHERE {$item_uids} {$item_restrict}\n\t\t\t\t{$simple_update}\n\t\t\t\t{$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY item.received DESC {$pager_sql}"); require_once 'include/items.php'; xchan_query($items); $items = fetch_post_tags($items, true); } else { // Normal conversation view if ($arr['order'] === 'post') { $ordering = "created"; } else { $ordering = "commented"; } if ($client_mode & CLIENT_MODE_LOAD || $client_mode == CLIENT_MODE_NORMAL) { // Fetch a page full of parent items for this page $r = q("SELECT distinct item.id AS item_id, item.{$ordering} FROM item\n left join abook on item.author_xchan = abook.abook_xchan\n WHERE {$item_uids} {$item_restrict}\n AND item.parent = item.id\n and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n {$sql_extra3} {$sql_extra} {$sql_nets}\n ORDER BY item.{$ordering} DESC {$pager_sql} ", intval(ABOOK_FLAG_BLOCKED)); } else { // update $r = q("SELECT item.parent AS item_id FROM item\n left join abook on item.author_xchan = abook.abook_xchan\n WHERE {$item_uids} {$item_restrict} {$simple_update}\n and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n {$sql_extra3} {$sql_extra} {$sql_nets} ", intval(ABOOK_FLAG_BLOCKED)); } //$first = dba_timer(); // Then fetch all the children of the parents that are on this page if ($r) { $parents_str = ids_to_querystr($r, 'item_id'); if ($arr['top']) { $sql_extra = ' and id = parent ' . $sql_extra; } $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\tWHERE {$item_uids} {$item_restrict}\n\t\t\t\tAND item.parent IN ( %s )\n\t\t\t\t{$sql_extra} ", dbesc($parents_str)); //$second = dba_timer(); xchan_query($items); //$third = dba_timer(); $items = fetch_post_tags($items, true); //$fourth = dba_timer(); require_once 'include/conversation.php'; $items = conv_sort($items, $ordering); //logger('items: ' . print_r($items,true)); } else { $items = array(); } if ($parents_str && $arr['mark_seen']) { $update_unseen = ' AND parent IN ( ' . dbesc($parents_str) . ' )'; } /** @FIXME finish mark unseen sql */ } return $items; }
function public_content(&$a, $update = 0, $load = false) { if ($load) { $_SESSION['loadtime'] = datetime_convert(); } if (get_config('system', 'block_public') && !get_account_id() && !remote_channel()) { return login(); } if (get_config('system', 'disable_discover_tab')) { return; } $item_normal = item_normal(); if (!$update) { $maxheight = get_config('system', 'home_divmore_height'); if (!$maxheight) { $maxheight = 400; } $o .= '<div id="live-public"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . (intval(local_channel()) ? local_channel() : -1) . "; var profile_page = " . App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'public', '$uid' => local_channel() ? local_channel() : '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '99', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$fh' => '1', '$nouveau' => '0', '$wall' => '0', '$list' => '0', '$page' => App::$pager['page'] != 1 ? App::$pager['page'] : 1, '$search' => '', '$order' => 'comment', '$file' => '', '$cats' => '', '$tags' => '', '$dend' => '', '$mid' => '', '$verb' => '', '$dbegin' => '')); } if ($update && !$load) { // only setup pagination on initial page view $pager_sql = ''; } else { App::set_pager_itemspage(20); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start'])); } require_once 'include/identity.php'; require_once 'include/security.php'; if (get_config('system', 'site_firehose')) { $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and item_wall = 1 "; } else { $sys = get_sys_channel(); $uids = " and item.uid = " . intval($sys['channel_id']) . " "; $sql_extra = item_permissions_sql($sys['channel_id']); App::$data['firehose'] = intval($sys['channel_id']); } if (get_config('system', 'public_list_mode')) { $page_mode = 'list'; } else { $page_mode = 'client'; } $simple_update = $update ? " and item.item_unseen = 1 " : ''; if ($update && $_SESSION['loadtime']) { $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; } if ($load) { $simple_update = ''; } //logger('update: ' . $update . ' load: ' . $load); if ($update) { $ordering = "commented"; if ($load) { // Fetch a page full of parent items for this page $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tAND item.parent = item.id\n\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY {$ordering} DESC {$pager_sql} "); } elseif ($update) { $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tAND item.parent = item.id {$simple_update}\n\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}"); $_SESSION['loadtime'] = datetime_convert(); } // Then fetch all the children of the parents that are on this page $parents_str = ''; $update_unseen = ''; if ($r) { $parents_str = ids_to_querystr($r, 'item_id'); $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tAND item.parent IN ( %s )\n\t\t\t\t{$sql_extra} ", dbesc($parents_str)); xchan_query($items, true, -1); $items = fetch_post_tags($items, true); $items = conv_sort($items, $ordering); } else { $items = array(); } } // fake it $mode = 'network'; $o .= conversation($a, $items, $mode, $update, $page_mode); if ($items && !$update) { $o .= alt_pager($a, count($items)); } return $o; }
function sync_an_item($channel_id, $item_id) { $r = q("select * from item where id = %d", intval($item_id)); if ($r) { xchan_query($r); $sync_item = fetch_post_tags($r); $rid = q("select * from item_id where iid = %d", intval($item_id)); build_sync_packet($channel_d, array('item' => array(encode_item($sync_item[0], true)), 'item_id' => $rid)); } }
function channel_export_items($channel_id, $start, $finish) { if (!$start) { return array(); } else { $start = datetime_convert('UTC', 'UTC', $start); } $finish = datetime_convert('UTC', 'UTC', $finish ? $finish : 'now'); if ($finish < $start) { return array(); } $ret = array(); $ch = channelx_by_n($channel_id); if ($ch) { $ret['relocate'] = ['channel_address' => $ch['channel_address'], 'url' => z_root()]; } $r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created < '%s' and resource_type = '' order by created", intval(ITEM_TYPE_POST), intval($channel_id), dbesc($start), dbesc($finish)); if ($r) { $ret['item'] = array(); xchan_query($r); $r = fetch_post_tags($r, true); foreach ($r as $rr) { $ret['item'][] = encode_item($rr, true); } } return $ret; }
function oep_mid_reply($args) { $ret = array(); $url = $args['url']; $maxwidth = intval($args['maxwidth']); $maxheight = intval($args['maxheight']); if (preg_match('#//(.*?)/(.*?)/(.*?)/(.*?)mid\\=(.*?)(&|$)#', $url, $matches)) { $chn = $matches[3]; $res = $matches[5]; } if (!($chn && $res)) { return; } $c = q("select * from channel where channel_address = '%s' limit 1", dbesc($chn)); if (!$c) { return; } $sql_extra = item_permissions_sql($c[0]['channel_id']); $p = q("select * from item where mid = '%s' and uid = %d {$sql_extra} limit 1", dbesc($res), intval($c[0]['channel_id'])); if (!$p) { return; } xchan_query($p, true); $p = fetch_post_tags($p, true); $o = "[share author='" . urlencode($p[0]['author']['xchan_name']) . "' profile='" . $p[0]['author']['xchan_url'] . "' avatar='" . $p[0]['author']['xchan_photo_s'] . "' link='" . $p[0]['plink'] . "' posted='" . $p[0]['created'] . "' message_id='" . $p[0]['mid'] . "']"; if ($p[0]['title']) { $o .= '[b]' . $p[0]['title'] . '[/b]' . "\r\n"; } $o .= $p[0]['body']; $o .= "[/share]"; $o = bbcode($o); $ret['type'] = 'rich'; $w = $maxwidth ? $maxwidth : 640; $h = $maxheight ? $maxheight : $w * 2 / 3; $ret['html'] = '<div style="width: ' . $w . '; height: ' . $h . '; font-family: sans-serif,arial,freesans;" >' . $o . '</div>'; $ret['width'] = $w; $ret['height'] = $h; return $ret; }
/** * @brief * * @param array $params an assoziative array with: * * \e string \b from_xchan sender xchan hash * * \e string \b to_xchan recipient xchan hash * * \e array \b item an assoziative array * * \e int \b type one of the NOTIFY_* constants from boot.php * * \e string \b link * * \e string \b parent_mid * * \e string \b otype * * \e string \b verb * * \e string \b activity */ public static function submit($params) { logger('notification: entry', LOGGER_DEBUG); // throw a small amount of entropy into the system to breakup duplicates arriving at the same precise instant. usleep(mt_rand(0, 10000)); if ($params['from_xchan']) { $x = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($params['from_xchan'])); } if ($params['to_xchan']) { $y = q("select channel.*, account.* from channel left join account on channel_account_id = account_id\n\t\t\t\twhere channel_hash = '%s' and channel_removed = 0 limit 1", dbesc($params['to_xchan'])); } if ($x & $y) { $sender = $x[0]; $recip = $y[0]; } else { logger('notification: no sender or recipient.'); logger('sender: ' . $params['from_xchan']); logger('recip: ' . $params['to_xchan']); return; } // from here on everything is in the recipients language push_lang($recip['account_language']); // should probably have a channel language $banner = t('$Projectname Notification'); $product = t('$projectname'); // PLATFORM_NAME; $siteurl = z_root(); $thanks = t('Thank You,'); $sitename = get_config('system', 'sitename'); $site_admin = sprintf(t('%s Administrator'), $sitename); $sender_name = $product; $hostname = \App::get_hostname(); if (strpos($hostname, ':')) { $hostname = substr($hostname, 0, strpos($hostname, ':')); } // Do not translate 'noreply' as it must be a legal 7-bit email address $reply_email = get_config('system', 'reply_address'); if (!$reply_email) { $reply_email = 'noreply' . '@' . $hostname; } $sender_email = get_config('system', 'from_email'); if (!$sender_email) { $sender_email = 'Administrator' . '@' . \App::get_hostname(); } $sender_name = get_config('system', 'from_email_name'); if (!$sender_name) { $sender_name = \Zotlabs\Lib\System::get_site_name(); } $additional_mail_header = ""; if (array_key_exists('item', $params)) { require_once 'include/conversation.php'; // if it's a normal item... if (array_key_exists('verb', $params['item'])) { // localize_item() alters the original item so make a copy first $i = $params['item']; logger('calling localize'); localize_item($i); $title = $i['title']; $body = $i['body']; $private = $i['item_private'] || intval($i['item_obscured']); } else { $title = $params['item']['title']; $body = $params['item']['body']; } } else { $title = $body = ''; } // e.g. "your post", "David's photo", etc. $possess_desc = t('%s <!item_type!>'); if ($params['type'] == NOTIFY_MAIL) { logger('notification: mail'); $subject = sprintf(t('[$Projectname:Notify] New mail received at %s'), $sitename); $preamble = sprintf(t('%1$s, %2$s sent you a new private message at %3$s.'), $recip['channel_name'], $sender['xchan_name'], $sitename); $epreamble = sprintf(t('%1$s sent you %2$s.'), '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', '[zrl=$itemlink]' . t('a private message') . '[/zrl]'); $sitelink = t('Please visit %s to view and/or reply to your private messages.'); $tsitelink = sprintf($sitelink, $siteurl . '/mail/' . $params['item']['id']); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '/mail/' . $params['item']['id'] . '">' . $sitename . '</a>'); $itemlink = $siteurl . '/mail/' . $params['item']['id']; } if ($params['type'] == NOTIFY_COMMENT) { // logger("notification: params = " . print_r($params, true), LOGGER_DEBUG); $itemlink = $params['link']; // ignore like/unlike activity on posts - they probably require a separate notification preference if (array_key_exists('item', $params) && !visible_activity($params['item'])) { logger('notification: not a visible activity. Ignoring.'); pop_lang(); return; } $parent_mid = $params['parent_mid']; // Check to see if there was already a notify for this post. // If so don't create a second notification $p = null; $p = q("select id from notify where link = '%s' and uid = %d limit 1", dbesc($params['link']), intval($recip['channel_id'])); if ($p) { logger('notification: comment already notified'); pop_lang(); return; } // if it's a post figure out who's post it is. $p = null; if ($params['otype'] === 'item' && $parent_mid) { $p = q("select * from item where mid = '%s' and uid = %d limit 1", dbesc($parent_mid), intval($recip['channel_id'])); } xchan_query($p); $item_post_type = item_post_type($p[0]); // $private = $p[0]['item_private']; $parent_id = $p[0]['id']; $parent_item = $p[0]; //$possess_desc = str_replace('<!item_type!>',$possess_desc); // "a post" $dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]a %4$s[/zrl]'), $recip['channel_name'], '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', $itemlink, $item_post_type); // "George Bull's post" if ($p) { $dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]%4$s\'s %5$s[/zrl]'), $recip['channel_name'], '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', $itemlink, $p[0]['author']['xchan_name'], $item_post_type); } // "your post" if ($p[0]['owner']['xchan_name'] == $p[0]['author']['xchan_name'] && intval($p[0]['item_wall'])) { $dest_str = sprintf(t('%1$s, %2$s commented on [zrl=%3$s]your %4$s[/zrl]'), $recip['channel_name'], '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', $itemlink, $item_post_type); } // Some mail softwares relies on subject field for threading. // So, we cannot have different subjects for notifications of the same thread. // Before this we have the name of the replier on the subject rendering // differents subjects for messages on the same thread. $subject = sprintf(t('[$Projectname:Notify] Comment to conversation #%1$d by %2$s'), $parent_id, $sender['xchan_name']); $preamble = sprintf(t('%1$s, %2$s commented on an item/conversation you have been following.'), $recip['channel_name'], $sender['xchan_name']); $epreamble = $dest_str; $sitelink = t('Please visit %s to view and/or reply to the conversation.'); $tsitelink = sprintf($sitelink, $siteurl); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); } if ($params['type'] == NOTIFY_WALL) { $subject = sprintf(t('[$Projectname:Notify] %s posted to your profile wall'), $sender['xchan_name']); $preamble = sprintf(t('%1$s, %2$s posted to your profile wall at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); $epreamble = sprintf(t('%1$s, %2$s posted to [zrl=%3$s]your wall[/zrl]'), $recip['channel_name'], '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', $params['link']); $sitelink = t('Please visit %s to view and/or reply to the conversation.'); $tsitelink = sprintf($sitelink, $siteurl); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); $itemlink = $params['link']; } if ($params['type'] == NOTIFY_TAGSELF) { $p = null; $p = q("select id from notify where link = '%s' and uid = %d limit 1", dbesc($params['link']), intval($recip['channel_id'])); if ($p) { logger('enotify: tag: already notified about this post'); pop_lang(); return; } $subject = sprintf(t('[$Projectname:Notify] %s tagged you'), $sender['xchan_name']); $preamble = sprintf(t('%1$s, %2$s tagged you at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); $epreamble = sprintf(t('%1$s, %2$s [zrl=%3$s]tagged you[/zrl].'), $recip['channel_name'], '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', $params['link']); $sitelink = t('Please visit %s to view and/or reply to the conversation.'); $tsitelink = sprintf($sitelink, $siteurl); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); $itemlink = $params['link']; } if ($params['type'] == NOTIFY_POKE) { $subject = sprintf(t('[$Projectname:Notify] %1$s poked you'), $sender['xchan_name']); $preamble = sprintf(t('%1$s, %2$s poked you at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); $epreamble = sprintf(t('%1$s, %2$s [zrl=%2$s]poked you[/zrl].'), $recip['channel_name'], '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', $params['link']); $subject = str_replace('poked', t($params['activity']), $subject); $preamble = str_replace('poked', t($params['activity']), $preamble); $epreamble = str_replace('poked', t($params['activity']), $epreamble); $sitelink = t('Please visit %s to view and/or reply to the conversation.'); $tsitelink = sprintf($sitelink, $siteurl); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); $itemlink = $params['link']; } if ($params['type'] == NOTIFY_TAGSHARE) { $subject = sprintf(t('[$Projectname:Notify] %s tagged your post'), $sender['xchan_name']); $preamble = sprintf(t('%1$s, %2$s tagged your post at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); $epreamble = sprintf(t('%1$s, %2$s tagged [zrl=%3$s]your post[/zrl]'), $recip['channel_name'], '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]', $itemlink); $sitelink = t('Please visit %s to view and/or reply to the conversation.'); $tsitelink = sprintf($sitelink, $siteurl); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); $itemlink = $params['link']; } if ($params['type'] == NOTIFY_INTRO) { $subject = sprintf(t('[$Projectname:Notify] Introduction received')); $preamble = sprintf(t('%1$s, you\'ve received an new connection request from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); $epreamble = sprintf(t('%1$s, you\'ve received [zrl=%2$s]a new connection request[/zrl] from %3$s.'), $recip['channel_name'], $siteurl . '/connections/ifpending', '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]'); $body = sprintf(t('You may visit their profile at %s'), $sender['xchan_url']); $sitelink = t('Please visit %s to approve or reject the connection request.'); $tsitelink = sprintf($sitelink, $siteurl . '/connections/ifpending'); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '/connections/ifpending">' . $sitename . '</a>'); $itemlink = $params['link']; } if ($params['type'] == NOTIFY_SUGGEST) { $subject = sprintf(t('[$Projectname:Notify] Friend suggestion received')); $preamble = sprintf(t('%1$s, you\'ve received a friend suggestion from \'%2$s\' at %3$s'), $recip['channel_name'], $sender['xchan_name'], $sitename); $epreamble = sprintf(t('%1$s, you\'ve received [zrl=%2$s]a friend suggestion[/zrl] for %3$s from %4$s.'), $recip['channel_name'], $itemlink, '[zrl=' . $params['item']['url'] . ']' . $params['item']['name'] . '[/zrl]', '[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]'); $body = t('Name:') . ' ' . $params['item']['name'] . "\n"; $body .= t('Photo:') . ' ' . $params['item']['photo'] . "\n"; $body .= sprintf(t('You may visit their profile at %s'), $params['item']['url']); $sitelink = t('Please visit %s to approve or reject the suggestion.'); $tsitelink = sprintf($sitelink, $siteurl); $hsitelink = sprintf($sitelink, '<a href="' . $siteurl . '">' . $sitename . '</a>'); $itemlink = $params['link']; } if ($params['type'] == NOTIFY_CONFIRM) { // ? } if ($params['type'] == NOTIFY_SYSTEM) { // ? } $h = array('params' => $params, 'subject' => $subject, 'preamble' => $preamble, 'epreamble' => $epreamble, 'body' => $body, 'sitelink' => $sitelink, 'sitename' => $sitename, 'tsitelink' => $tsitelink, 'hsitelink' => $hsitelink, 'itemlink' => $itemlink, 'sender' => $sender, 'recipient' => $recip); call_hooks('enotify', $h); $subject = $h['subject']; $preamble = $h['preamble']; $epreamble = $h['epreamble']; $body = $h['body']; $sitelink = $h['sitelink']; $tsitelink = $h['tsitelink']; $hsitelink = $h['hsitelink']; $itemlink = $h['itemlink']; require_once 'include/html2bbcode.php'; do { $dups = false; $hash = random_string(); $r = q("SELECT `id` FROM `notify` WHERE `hash` = '%s' LIMIT 1", dbesc($hash)); if ($r) { $dups = true; } } while ($dups === true); $datarray = array(); $datarray['hash'] = $hash; $datarray['sender_hash'] = $sender['xchan_hash']; $datarray['xname'] = $sender['xchan_name']; $datarray['url'] = $sender['xchan_url']; $datarray['photo'] = $sender['xchan_photo_s']; $datarray['created'] = datetime_convert(); $datarray['aid'] = $recip['channel_account_id']; $datarray['uid'] = $recip['channel_id']; $datarray['link'] = $itemlink; $datarray['parent'] = $parent_mid; $datarray['parent_item'] = $parent_item; $datarray['ntype'] = $params['type']; $datarray['verb'] = $params['verb']; $datarray['otype'] = $params['otype']; $datarray['abort'] = false; $datarray['item'] = $params['item']; call_hooks('enotify_store', $datarray); if ($datarray['abort']) { pop_lang(); return; } // create notification entry in DB $seen = 0; // Mark some notifications as seen right away // Note! The notification have to be created, because they are used to send emails // So easiest solution to hide them from Notices is to mark them as seen right away. // Another option would be to not add them to the DB, and change how emails are handled // (probably would be better that way) $always_show_in_notices = get_pconfig($recip['channel_id'], 'system', 'always_show_in_notices'); if (!$always_show_in_notices) { if ($params['type'] == NOTIFY_WALL || $params['type'] == NOTIFY_MAIL || $params['type'] == NOTIFY_INTRO) { $seen = 1; } } $r = q("insert into notify (hash,xname,url,photo,created,aid,uid,link,parent,seen,ntype,verb,otype)\n\t\tvalues('%s','%s','%s','%s','%s',%d,%d,'%s','%s',%d,%d,'%s','%s')", dbesc($datarray['hash']), dbesc($datarray['xname']), dbesc($datarray['url']), dbesc($datarray['photo']), dbesc($datarray['created']), intval($datarray['aid']), intval($datarray['uid']), dbesc($datarray['link']), dbesc($datarray['parent']), intval($seen), intval($datarray['ntype']), dbesc($datarray['verb']), dbesc($datarray['otype'])); $r = q("select id from notify where hash = '%s' and uid = %d limit 1", dbesc($hash), intval($recip['channel_id'])); if ($r) { $notify_id = $r[0]['id']; } else { logger('notification not found.'); pop_lang(); return; } $itemlink = z_root() . '/notify/view/' . $notify_id; $msg = str_replace('$itemlink', $itemlink, $epreamble); // wretched hack, but we don't want to duplicate all the preamble variations and we also don't want to screw up a translation if ((\App::$language === 'en' || !\App::$language) && strpos($msg, ', ')) { $msg = substr($msg, strpos($msg, ', ') + 1); } $r = q("update notify set msg = '%s' where id = %d and uid = %d", dbesc($msg), intval($notify_id), intval($datarray['uid'])); // send email notification if notification preferences permit require_once 'bbcode.php'; if (intval($recip['channel_notifyflags']) & intval($params['type']) || $params['type'] == NOTIFY_SYSTEM) { logger('notification: sending notification email'); $hn = get_pconfig($recip['channel_id'], 'system', 'email_notify_host'); if ($hn && !stristr(\App::get_hostname(), $hn)) { // this isn't the email notification host pop_lang(); return; } $textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "\n"), $body))), ENT_QUOTES, 'UTF-8')); $htmlversion = bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "<br />\n"), $body))); // use $_SESSION['zid_override'] to force zid() to use // the recipient address instead of the current observer $_SESSION['zid_override'] = channel_reddress($recip); $_SESSION['zrl_override'] = z_root() . '/channel/' . $recip['channel_address']; $textversion = zidify_links($textversion); $htmlversion = zidify_links($htmlversion); // unset when done to revert to normal behaviour unset($_SESSION['zid_override']); unset($_SESSION['zrl_override']); $datarray = array(); $datarray['banner'] = $banner; $datarray['product'] = $product; $datarray['preamble'] = $preamble; $datarray['sitename'] = $sitename; $datarray['siteurl'] = $siteurl; $datarray['type'] = $params['type']; $datarray['parent'] = $params['parent_mid']; $datarray['source_name'] = $sender['xchan_name']; $datarray['source_link'] = $sender['xchan_url']; $datarray['source_photo'] = $sender['xchan_photo_s']; $datarray['uid'] = $recip['channel_id']; $datarray['username'] = $recip['channel_name']; $datarray['hsitelink'] = $hsitelink; $datarray['tsitelink'] = $tsitelink; $datarray['hitemlink'] = '<a href="' . $itemlink . '">' . $itemlink . '</a>'; $datarray['titemlink'] = $itemlink; $datarray['thanks'] = $thanks; $datarray['site_admin'] = $site_admin; $datarray['title'] = stripslashes($title); $datarray['htmlversion'] = $htmlversion; $datarray['textversion'] = $textversion; $datarray['subject'] = $subject; $datarray['headers'] = $additional_mail_header; $datarray['email_secure'] = false; call_hooks('enotify_mail', $datarray); // Default to private - don't disclose message contents over insecure channels (such as email) // Might be interesting to use GPG,PGP,S/MIME encryption instead // but we'll save that for a clever plugin developer to implement $private_activity = false; if (!$datarray['email_secure']) { switch ($params['type']) { case NOTIFY_WALL: case NOTIFY_TAGSELF: case NOTIFY_POKE: case NOTIFY_COMMENT: if (!$private) { break; } $private_activity = true; case NOTIFY_MAIL: $datarray['textversion'] = $datarray['htmlversion'] = $datarray['title'] = ''; $datarray['subject'] = preg_replace('/' . preg_quote(t('[$Projectname:Notify]')) . '/', '$0*', $datarray['subject']); break; default: break; } } if ($private_activity && intval(get_pconfig($datarray['uid'], 'system', 'ignore_private_notifications'))) { pop_lang(); return; } // load the template for private message notifications $tpl = get_markup_template('email_notify_html.tpl'); $email_html_body = replace_macros($tpl, array('$banner' => $datarray['banner'], '$notify_icon' => \Zotlabs\Lib\System::get_notify_icon(), '$product' => $datarray['product'], '$preamble' => $datarray['preamble'], '$sitename' => $datarray['sitename'], '$siteurl' => $datarray['siteurl'], '$source_name' => $datarray['source_name'], '$source_link' => $datarray['source_link'], '$source_photo' => $datarray['source_photo'], '$username' => $datarray['to_name'], '$hsitelink' => $datarray['hsitelink'], '$hitemlink' => $datarray['hitemlink'], '$thanks' => $datarray['thanks'], '$site_admin' => $datarray['site_admin'], '$title' => $datarray['title'], '$htmlversion' => $datarray['htmlversion'])); // load the template for private message notifications $tpl = get_markup_template('email_notify_text.tpl'); $email_text_body = replace_macros($tpl, array('$banner' => $datarray['banner'], '$product' => $datarray['product'], '$preamble' => $datarray['preamble'], '$sitename' => $datarray['sitename'], '$siteurl' => $datarray['siteurl'], '$source_name' => $datarray['source_name'], '$source_link' => $datarray['source_link'], '$source_photo' => $datarray['source_photo'], '$username' => $datarray['to_name'], '$tsitelink' => $datarray['tsitelink'], '$titemlink' => $datarray['titemlink'], '$thanks' => $datarray['thanks'], '$site_admin' => $datarray['site_admin'], '$title' => $datarray['title'], '$textversion' => $datarray['textversion'])); // logger('text: ' . $email_text_body); // use the EmailNotification library to send the message self::send(array('fromName' => $sender_name, 'fromEmail' => $sender_email, 'replyTo' => $reply_email, 'toEmail' => $recip['account_email'], 'messageSubject' => $datarray['subject'], 'htmlVersion' => $email_html_body, 'textVersion' => $email_text_body, 'additionalMailHeader' => $datarray['headers'])); } pop_lang(); }
function events_content(&$a) { if (!local_channel()) { notice(t('Permission denied.') . EOL); return; } nav_set_selected('all_events'); if (argc() > 2 && argv(1) === 'ignore' && intval(argv(2))) { $r = q("update event set ignore = 1 where id = %d and uid = %d", intval(argv(2)), intval(local_channel())); } if (argc() > 2 && argv(1) === 'unignore' && intval(argv(2))) { $r = q("update event set ignore = 0 where id = %d and uid = %d", intval(argv(2)), intval(local_channel())); } $plaintext = true; // if(feature_enabled(local_channel(),'richtext')) // $plaintext = false; $htpl = get_markup_template('event_head.tpl'); $a->page['htmlhead'] .= replace_macros($htpl, array('$baseurl' => $a->get_baseurl(), '$editselect' => $plaintext ? 'none' : 'textareas')); $o = ""; // tabs $channel = $a->get_channel(); $tabs = profile_tabs($a, True, $channel['channel_address']); $mode = 'view'; $y = 0; $m = 0; $ignored = x($_REQUEST, 'ignored') ? " and ignored = " . intval($_REQUEST['ignored']) . " " : ''; if (argc() > 1) { if (argc() > 2 && argv(1) == 'event') { $mode = 'edit'; $event_id = argv(2); } if (argc() > 2 && argv(1) === 'add') { $mode = 'add'; $item_id = intval(argv(2)); } if (argc() > 2 && argv(1) === 'drop') { $mode = 'drop'; $event_id = argv(2); } if (argv(1) === 'new') { $mode = 'new'; $event_id = ''; } if (argc() > 2 && intval(argv(1)) && intval(argv(2))) { $mode = 'view'; $y = intval(argv(1)); $m = intval(argv(2)); } } if ($mode === 'add') { event_addtocal($item_id, local_channel()); killme(); } if ($mode == 'view') { $thisyear = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y'); $thismonth = datetime_convert('UTC', date_default_timezone_get(), 'now', 'm'); if (!$y) { $y = intval($thisyear); } if (!$m) { $m = intval($thismonth); } $export = false; if (argc() === 4 && argv(3) === 'export') { $export = true; } // Put some limits on dates. The PHP date functions don't seem to do so well before 1900. // An upper limit was chosen to keep search engines from exploring links millions of years in the future. if ($y < 1901) { $y = 1900; } if ($y > 2099) { $y = 2100; } $nextyear = $y; $nextmonth = $m + 1; if ($nextmonth > 12) { $nextmonth = 1; $nextyear++; } $prevyear = $y; if ($m > 1) { $prevmonth = $m - 1; } else { $prevmonth = 12; $prevyear--; } $dim = get_dim($y, $m); $start = sprintf('%d-%d-%d %d:%d:%d', $y, $m, 1, 0, 0, 0); $finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59); if (argv(1) === 'json') { if (x($_GET, 'start')) { $start = date("Y-m-d h:i:s", $_GET['start']); } if (x($_GET, 'end')) { $finish = date("Y-m-d h:i:s", $_GET['end']); } } $start = datetime_convert('UTC', 'UTC', $start); $finish = datetime_convert('UTC', 'UTC', $finish); $adjust_start = datetime_convert('UTC', date_default_timezone_get(), $start); $adjust_finish = datetime_convert('UTC', date_default_timezone_get(), $finish); if (x($_GET, 'id')) { $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan\n from event left join item on resource_id = event_hash where resource_type = 'event' and event.uid = %d and event.id = %d limit 1", intval(local_channel()), intval($_GET['id'])); } else { // fixed an issue with "nofinish" events not showing up in the calendar. // There's still an issue if the finish date crosses the end of month. // Noting this for now - it will need to be fixed here and in Friendica. // Ultimately the finish date shouldn't be involved in the query. $r = q("SELECT event.*, item.plink, item.item_flags, item.author_xchan, item.owner_xchan\n from event left join item on event_hash = resource_id \n\t\t\t\twhere resource_type = 'event' and event.uid = %d {$ignored}\n\t\t\t\tAND (( `adjust` = 0 AND ( `finish` >= '%s' or nofinish = 1 ) AND `start` <= '%s' ) \n\t\t\t\tOR ( `adjust` = 1 AND ( `finish` >= '%s' or nofinish = 1 ) AND `start` <= '%s' )) ", intval(local_channel()), dbesc($start), dbesc($finish), dbesc($adjust_start), dbesc($adjust_finish)); } $links = array(); if ($r) { xchan_query($r); $r = fetch_post_tags($r, true); $r = sort_by_date($r); foreach ($r as $rr) { $j = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['start'], 'j') : datetime_convert('UTC', 'UTC', $rr['start'], 'j'); if (!x($links, $j)) { $links[$j] = $a->get_baseurl() . '/' . $a->cmd . '#link-' . $j; } } } $events = array(); $last_date = ''; $fmt = t('l, F j'); if ($r) { foreach ($r as $rr) { $j = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['start'], 'j') : datetime_convert('UTC', 'UTC', $rr['start'], 'j'); $d = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['start'], $fmt) : datetime_convert('UTC', 'UTC', $rr['start'], $fmt); $d = day_translate($d); $start = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['start'], 'c') : datetime_convert('UTC', 'UTC', $rr['start'], 'c'); if ($rr['nofinish']) { $end = null; } else { $end = $rr['adjust'] ? datetime_convert('UTC', date_default_timezone_get(), $rr['finish'], 'c') : datetime_convert('UTC', 'UTC', $rr['finish'], 'c'); } $is_first = $d !== $last_date; $last_date = $d; // FIXME $edit = $rr['item_flags'] & ITEM_WALL ? array($a->get_baseurl() . '/events/event/' . $rr['event_hash'], t('Edit event'), '', '') : null; $drop = array($a->get_baseurl() . '/events/drop/' . $rr['event_hash'], t('Delete event'), '', ''); $title = strip_tags(html_entity_decode(bbcode($rr['summary']), ENT_QUOTES, 'UTF-8')); if (!$title) { list($title, $_trash) = explode("<br", bbcode($rr['desc']), 2); $title = strip_tags(html_entity_decode($title, ENT_QUOTES, 'UTF-8')); } $html = format_event_html($rr); $rr['desc'] = bbcode($rr['desc']); $rr['location'] = bbcode($rr['location']); $events[] = array('id' => $rr['id'], 'hash' => $rr['event_hash'], 'start' => $start, 'end' => $end, 'drop' => $drop, 'allDay' => false, 'title' => $title, 'j' => $j, 'd' => $d, 'edit' => $edit, 'is_first' => $is_first, 'item' => $rr, 'html' => $html, 'plink' => array($rr['plink'], t('Link to Source'), '', '')); } } if ($export) { header('Content-type: text/calendar'); header('content-disposition: attachment; filename="' . t('calendar') . '-' . $channel['channel_address'] . '.ics"'); echo ical_wrapper($r); killme(); } if ($a->argv[1] === 'json') { echo json_encode($events); killme(); } // links: array('href', 'text', 'extra css classes', 'title') if (x($_GET, 'id')) { $tpl = get_markup_template("event.tpl"); } else { $tpl = get_markup_template("events-js.tpl"); } $o = replace_macros($tpl, array('$baseurl' => $a->get_baseurl(), '$tabs' => $tabs, '$title' => t('Events'), '$new_event' => array($a->get_baseurl() . '/events/new', t('Create New Event'), '', ''), '$previus' => array($a->get_baseurl() . "/events/{$prevyear}/{$prevmonth}", t('Previous'), '', ''), '$next' => array($a->get_baseurl() . "/events/{$nextyear}/{$nextmonth}", t('Next'), '', ''), '$export' => array($a->get_baseurl() . "/events/{$y}/{$m}/export", t('Export'), '', ''), '$calendar' => cal($y, $m, $links, ' eventcal'), '$events' => $events)); if (x($_GET, 'id')) { echo $o; killme(); } return $o; } if ($mode === 'drop' && $event_id) { $r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1", dbesc($event_id), intval(local_channel())); if ($r) { $r = q("delete from event where event_hash = '%s' and uid = %d limit 1", dbesc($event_id), intval(local_channel())); if ($r) { $r = q("update item set resource_type = '', resource_id = '' where resource_type = 'event' and resource_id = '%s' and uid = %d", dbesc($event_id), intval(local_channel())); info(t('Event removed') . EOL); } else { notice(t('Failed to remove event') . EOL); } goaway(z_root() . '/events'); } } if ($mode === 'edit' && $event_id) { $r = q("SELECT * FROM `event` WHERE event_hash = '%s' AND `uid` = %d LIMIT 1", dbesc($event_id), intval(local_channel())); if (count($r)) { $orig_event = $r[0]; } } $channel = $a->get_channel(); // Passed parameters overrides anything found in the DB if ($mode === 'edit' || $mode === 'new') { if (!x($orig_event)) { $orig_event = array(); } // In case of an error the browser is redirected back here, with these parameters filled in with the previous values if (x($_REQUEST, 'nofinish')) { $orig_event['nofinish'] = $_REQUEST['nofinish']; } if (x($_REQUEST, 'adjust')) { $orig_event['adjust'] = $_REQUEST['adjust']; } if (x($_REQUEST, 'summary')) { $orig_event['summary'] = $_REQUEST['summary']; } if (x($_REQUEST, 'description')) { $orig_event['description'] = $_REQUEST['description']; } if (x($_REQUEST, 'location')) { $orig_event['location'] = $_REQUEST['location']; } if (x($_REQUEST, 'start')) { $orig_event['start'] = $_REQUEST['start']; } if (x($_REQUEST, 'finish')) { $orig_event['finish'] = $_REQUEST['finish']; } } if ($mode === 'edit' || $mode === 'new') { $n_checked = x($orig_event) && $orig_event['nofinish'] ? ' checked="checked" ' : ''; $a_checked = x($orig_event) && $orig_event['adjust'] ? ' checked="checked" ' : ''; $t_orig = x($orig_event) ? $orig_event['summary'] : ''; $d_orig = x($orig_event) ? $orig_event['description'] : ''; $l_orig = x($orig_event) ? $orig_event['location'] : ''; $eid = x($orig_event) ? $orig_event['id'] : 0; $event_xchan = x($orig_event) ? $orig_event['event_xchan'] : $channel['channel_hash']; $mid = x($orig_event) ? $orig_event['mid'] : ''; if (!x($orig_event)) { $sh_checked = ''; } else { $sh_checked = ($orig_event['allow_cid'] === '<' . $channel['channel_hash'] . '>' || !$orig_event['allow_cid']) && !$orig_event['allow_gid'] && !$orig_event['deny_cid'] && !$orig_event['deny_gid'] ? '' : ' checked="checked" '; } if ($orig_event['event_xchan']) { $sh_checked .= ' disabled="disabled" '; } $sdt = x($orig_event) ? $orig_event['start'] : 'now'; $fdt = x($orig_event) ? $orig_event['finish'] : 'now'; $tz = date_default_timezone_get(); if (x($orig_event)) { $tz = $orig_event['adjust'] ? date_default_timezone_get() : 'UTC'; } $syear = datetime_convert('UTC', $tz, $sdt, 'Y'); $smonth = datetime_convert('UTC', $tz, $sdt, 'm'); $sday = datetime_convert('UTC', $tz, $sdt, 'd'); $shour = x($orig_event) ? datetime_convert('UTC', $tz, $sdt, 'H') : 0; $sminute = x($orig_event) ? datetime_convert('UTC', $tz, $sdt, 'i') : 0; $stext = datetime_convert('UTC', $tz, $sdt); $stext = substr($stext, 0, 14) . "00:00"; $fyear = datetime_convert('UTC', $tz, $fdt, 'Y'); $fmonth = datetime_convert('UTC', $tz, $fdt, 'm'); $fday = datetime_convert('UTC', $tz, $fdt, 'd'); $fhour = x($orig_event) ? datetime_convert('UTC', $tz, $fdt, 'H') : 0; $fminute = x($orig_event) ? datetime_convert('UTC', $tz, $fdt, 'i') : 0; $ftext = datetime_convert('UTC', $tz, $fdt); $ftext = substr($ftext, 0, 14) . "00:00"; $f = get_config('system', 'event_input_format'); if (!$f) { $f = 'ymd'; } $catsenabled = feature_enabled(local_channel(), 'categories'); $category = ''; if ($catsenabled && x($orig_event)) { $itm = q("select * from item where resource_type = 'event' and resource_id = '%s' and uid = %d limit 1", dbesc($orig_event['event_hash']), intval(local_channel())); $itm = fetch_post_tags($itm); if ($itm) { $cats = get_terms_oftype($itm[0]['term'], TERM_CATEGORY); foreach ($cats as $cat) { if (strlen($category)) { $category .= ', '; } $category .= $cat['term']; } } } require_once 'include/acl_selectors.php'; $perm_defaults = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']); $tpl = get_markup_template('event_form.tpl'); $o .= replace_macros($tpl, array('$post' => $a->get_baseurl() . '/events', '$eid' => $eid, '$xchan' => $event_xchan, '$mid' => $mid, '$event_hash' => $event_id, '$title' => t('Event details'), '$desc' => t('Starting date and Title are required.'), '$catsenabled' => $catsenabled, '$placeholdercategory' => t('Categories (comma-separated list)'), '$category' => $category, '$s_text' => t('Event Starts:'), '$stext' => $stext, '$ftext' => $ftext, '$required' => ' <span class="required" title="' . t('Required') . '">*</span>', '$ModalCANCEL' => t('Cancel'), '$ModalOK' => t('OK'), '$s_dsel' => datetimesel($f, new DateTime(), DateTime::createFromFormat('Y', $syear + 5), DateTime::createFromFormat('Y-m-d H:i', "{$syear}-{$smonth}-{$sday} {$shour}:{$sminute}"), 'start_text', true, true, '', '', true), '$n_text' => t('Finish date/time is not known or not relevant'), '$n_checked' => $n_checked, '$f_text' => t('Event Finishes:'), '$f_dsel' => datetimesel($f, new DateTime(), DateTime::createFromFormat('Y', $fyear + 5), DateTime::createFromFormat('Y-m-d H:i', "{$fyear}-{$fmonth}-{$fday} {$fhour}:{$fminute}"), 'finish_text', true, true, 'start_text'), '$adjust' => array('adjust', t('Adjust for viewer timezone'), $a_checked, t('Important for events that happen in a particular place. Not practical for global holidays.')), '$a_text' => t('Adjust for viewer timezone'), '$d_text' => t('Description:'), '$d_orig' => $d_orig, '$l_text' => t('Location:'), '$l_orig' => $l_orig, '$t_text' => t('Title:'), '$t_orig' => $t_orig, '$sh_text' => t('Share this event'), '$sh_checked' => $sh_checked, '$preview' => t('Preview'), '$permissions' => t('Permissions'), '$acl' => $orig_event['event_xchan'] ? '' : populate_acl(x($orig_event) ? $orig_event : $perm_defaults, false), '$submit' => t('Submit'))); return $o; } }
function event_store_item($arr, $event) { require_once 'include/datetime.php'; require_once 'include/items.php'; require_once 'include/bbcode.php'; $item = null; if ($arr['mid'] && $arr['uid']) { $i = q("select * from item where mid = '%s' and uid = %d limit 1", dbesc($arr['mid']), intval($arr['uid'])); if ($i) { xchan_query($i); $item = fetch_post_tags($i, true); } } $item_arr = array(); $prefix = ''; // $birthday = false; if ($event['type'] === 'birthday') { $prefix = t('This event has been added to your calendar.'); // $birthday = true; // The event is created on your own site by the system, but appears to belong // to the birthday person. It also isn't propagated - so we need to prevent // folks from trying to comment on it. If you're looking at this and trying to // fix it, you'll need to completely change the way birthday events are created // and send them out from the source. This has its own issues. $item_arr['comment_policy'] = 'none'; } $r = q("SELECT * FROM item left join xchan on author_xchan = xchan_hash WHERE resource_id = '%s' AND resource_type = 'event' and uid = %d LIMIT 1", dbesc($event['event_hash']), intval($arr['uid'])); if ($r) { $object = json_encode(array('type' => ACTIVITY_OBJ_EVENT, 'id' => z_root() . '/event/' . $r[0]['resource_id'], 'title' => $arr['summary'], 'content' => format_event_bbcode($arr), 'author' => array('name' => $r[0]['xchan_name'], 'address' => $r[0]['xchan_addr'], 'guid' => $r[0]['xchan_guid'], 'guid_sig' => $r[0]['xchan_guid_sig'], 'link' => array(array('rel' => 'alternate', 'type' => 'text/html', 'href' => $r[0]['xchan_url']), array('rel' => 'photo', 'type' => $r[0]['xchan_photo_mimetype'], 'href' => $r[0]['xchan_photo_m']))))); $private = $arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid'] ? 1 : 0; q("UPDATE item SET title = '%s', body = '%s', object = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', edited = '%s', item_flags = %d, item_private = %d, obj_type = '%s' WHERE id = %d AND uid = %d", dbesc($arr['summary']), dbesc($prefix . format_event_bbcode($arr)), dbesc($object), dbesc($arr['allow_cid']), dbesc($arr['allow_gid']), dbesc($arr['deny_cid']), dbesc($arr['deny_gid']), dbesc($arr['edited']), intval($r[0]['item_flags']), intval($private), dbesc(ACTIVITY_OBJ_EVENT), intval($r[0]['id']), intval($arr['uid'])); q("delete from term where oid = %d and otype = %d", intval($r[0]['id']), intval(TERM_OBJ_POST)); if ($arr['term'] && is_array($arr['term'])) { foreach ($arr['term'] as $t) { q("insert into term (uid,oid,otype,type,term,url)\n\t\t\t\t\tvalues(%d,%d,%d,%d,'%s','%s') ", intval($arr['uid']), intval($r[0]['id']), intval(TERM_OBJ_POST), intval($t['type']), dbesc($t['term']), dbesc($t['url'])); } } $item_id = $r[0]['id']; call_hooks('event_updated', $event['id']); return $item_id; } else { $z = q("select * from channel where channel_id = %d limit 1", intval($arr['uid'])); $private = $arr['allow_cid'] || $arr['allow_gid'] || $arr['deny_cid'] || $arr['deny_gid'] ? 1 : 0; if ($item) { $item_arr['id'] = $item['id']; } else { $wall = $z[0]['channel_hash'] == $event['event_xchan'] ? true : false; $item_flags = ITEM_THREAD_TOP; if ($wall) { $item_flags |= ITEM_WALL; $item_flags |= ITEM_ORIGIN; } $item_arr['item_flags'] = $item_flags; } if (!$arr['mid']) { $arr['mid'] = item_message_id(); } $item_arr['aid'] = $z[0]['channel_account_id']; $item_arr['uid'] = $arr['uid']; $item_arr['author_xchan'] = $arr['event_xchan']; $item_arr['mid'] = $arr['mid']; $item_arr['parent_mid'] = $arr['mid']; $item_arr['owner_xchan'] = $wall ? $z[0]['channel_hash'] : $arr['event_xchan']; $item_arr['author_xchan'] = $arr['event_xchan']; $item_arr['title'] = $arr['summary']; $item_arr['allow_cid'] = $arr['allow_cid']; $item_arr['allow_gid'] = $arr['allow_gid']; $item_arr['deny_cid'] = $arr['deny_cid']; $item_arr['deny_gid'] = $arr['deny_gid']; $item_arr['item_private'] = $private; $item_arr['verb'] = ACTIVITY_POST; if (array_key_exists('term', $arr)) { $item_arr['term'] = $arr['term']; } $item_arr['resource_type'] = 'event'; $item_arr['resource_id'] = $event['event_hash']; $item_arr['obj_type'] = ACTIVITY_OBJ_EVENT; $item_arr['body'] = $prefix . format_event_bbcode($arr); // if it's local send the permalink to the channel page. // otherwise we'll fallback to /display/$message_id if ($wall) { $item_arr['plink'] = z_root() . '/channel/' . $z[0]['channel_address'] . '/?f=&mid=' . $item_arr['mid']; } else { $item_arr['plink'] = z_root() . '/display/' . $item_arr['mid']; } $x = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($arr['event_xchan'])); if ($x) { $item_arr['object'] = json_encode(array('type' => ACTIVITY_OBJ_EVENT, 'id' => z_root() . '/event/' . $event['event_hash'], 'title' => $arr['summary'], 'content' => format_event_bbcode($arr), 'author' => array('name' => $x[0]['xchan_name'], 'address' => $x[0]['xchan_addr'], 'guid' => $x[0]['xchan_guid'], 'guid_sig' => $x[0]['xchan_guid_sig'], 'link' => array(array('rel' => 'alternate', 'type' => 'text/html', 'href' => $x[0]['xchan_url']), array('rel' => 'photo', 'type' => $x[0]['xchan_photo_mimetype'], 'href' => $x[0]['xchan_photo_m']))))); } $res = item_store($item_arr); $item_id = $res['item_id']; call_hooks('event_created', $event['id']); return $item_id; } }
function attach_export_data($channel, $resource_id, $deleted = false) { $ret = array(); $paths = array(); $hash_ptr = $resource_id; $ret['fetch_url'] = z_root() . '/getfile'; $ret['original_channel'] = $channel['channel_address']; if ($deleted) { $ret['attach'] = array(array('hash' => $resource_id, 'deleted' => 1)); return $ret; } do { $r = q("select * from attach where hash = '%s' and uid = %d limit 1", dbesc($hash_ptr), intval($channel['channel_id'])); if (!$r) { break; } if ($hash_ptr === $resource_id) { $attach_ptr = $r[0]; } $hash_ptr = $r[0]['folder']; $paths[] = $r[0]; } while ($hash_ptr); $paths = array_reverse($paths); $ret['attach'] = $paths; if ($attach_ptr['is_photo']) { $r = q("select * from photo where resource_id = '%s' and uid = %d order by imgscale asc", dbesc($resource_id), intval($channel['channel_id'])); if ($r) { for ($x = 0; $x < count($r); $x++) { $r[$x]['content'] = base64_encode($r[$x]['content']); } $ret['photo'] = $r; } $r = q("select * from item where resource_id = '%s' and resource_type = 'photo' and uid = %d ", dbesc($resource_id), intval($channel['channel_id'])); if ($r) { $ret['item'] = array(); $items = q("select item.*, item.id as item_id from item where item.parent = %d ", intval($r[0]['id'])); if ($items) { xchan_query($items); $items = fetch_post_tags($items, true); foreach ($items as $rr) { $ret['item'][] = encode_item($rr, true); } } } } return $ret; }
function api_format_items($r, $user_info) { //logger('api_format_items: ' . print_r($r,true)); //logger('api_format_items: ' . print_r($user_info,true)); $a = get_app(); $ret = array(); if (!$r) { return $ret; } foreach ($r as $item) { localize_item($item); $status_user = $item['author_xchan'] == $user_info['guid'] ? $user_info : api_item_get_user($a, $item); if (array_key_exists('status', $status_user)) { unset($status_user['status']); } if ($item['parent'] != $item['id']) { $r = q("select id from item where parent= %d and id < %d order by id desc limit 1", intval($item['parent']), intval($item['id'])); if ($r) { $in_reply_to_status_id = $r[0]['id']; } else { $in_reply_to_status_id = $item['parent']; } xchan_query($r, true); $in_reply_to_screen_name = $r[0]['author']['xchan_name']; $in_reply_to_user_id = $r[0]['author']['abook_id']; } else { $in_reply_to_screen_name = ''; $in_reply_to_user_id = 0; $in_reply_to_status_id = 0; } unobscure($item); // Workaround for ostatus messages where the title is identically to the body $statusbody = trim(html2plain(prepare_text($item['body'], $item['mimetype']), 0)); $statustitle = trim($item['title']); if ($statustitle != '' and strpos($statusbody, $statustitle) !== false) { $statustext = trim($statusbody); } else { $statustext = trim($statustitle . "\n\n" . $statusbody); } $status = array('text' => $statustext, 'truncated' => False, 'created_at' => api_date($item['created']), 'in_reply_to_status_id' => $in_reply_to_status_id, 'source' => $item['app'] ? $item['app'] : 'web', 'id' => intval($item['id']), 'in_reply_to_user_id' => $in_reply_to_user_id, 'in_reply_to_screen_name' => $in_reply_to_screen_name, 'geo' => '', 'favorited' => intval($item['item_starred']) ? true : false, 'user' => $status_user, 'statusnet_html' => trim(prepare_text($item['body'], $item['mimetype'])), 'statusnet_conversation_id' => $item['parent']); // Seesmic doesn't like the following content if ($_SERVER['HTTP_USER_AGENT'] != 'Seesmic') { $status2 = array('updated' => api_date($item['edited']), 'published' => api_date($item['created']), 'message_id' => $item['mid'], 'url' => $item['plink'], 'coordinates' => $item['coord'], 'place' => $item['location'], 'contributors' => '', 'annotations' => '', 'entities' => '', 'objecttype' => $item['obj_type'] ? $item['obj_type'] : ACTIVITY_OBJ_NOTE, 'verb' => $item['verb'] ? $item['verb'] : ACTIVITY_POST, 'self' => $a->get_baseurl() . "/api/statuses/show/" . $item['id'] . "." . $type, 'edit' => $a->get_baseurl() . "/api/statuses/show/" . $item['id'] . "." . $type); $status = array_merge($status, $status2); } $ret[] = $status; } return $ret; }
function get($update = 0, $load = false) { if ($load) { $_SESSION['loadtime'] = datetime_convert(); } $checkjs = new \Zotlabs\Web\CheckJS(1); $category = $datequery = $datequery2 = ''; $mid = x($_REQUEST, 'mid') ? $_REQUEST['mid'] : ''; $datequery = x($_GET, 'dend') && is_a_date_arg($_GET['dend']) ? notags($_GET['dend']) : ''; $datequery2 = x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin']) ? notags($_GET['dbegin']) : ''; if (observer_prohibited(true)) { return login(); } $category = x($_REQUEST, 'cat') ? $_REQUEST['cat'] : ''; $hashtags = x($_REQUEST, 'tag') ? $_REQUEST['tag'] : ''; $groups = array(); $o = ''; if ($update) { // Ensure we've got a profile owner if updating. \App::$profile['profile_uid'] = \App::$profile_uid = $update; } else { if (\App::$profile['profile_uid'] == local_channel()) { nav_set_selected('home'); } } $is_owner = local_channel() && \App::$profile['profile_uid'] == local_channel() ? true : false; $channel = \App::get_channel(); $observer = \App::get_observer(); $ob_hash = $observer ? $observer['xchan_hash'] : ''; $perms = get_all_perms(\App::$profile['profile_uid'], $ob_hash); if (!$perms['view_stream']) { // We may want to make the target of this redirect configurable if ($perms['view_profile']) { notice(t('Insufficient permissions. Request redirected to profile page.') . EOL); goaway(z_root() . "/profile/" . \App::$profile['channel_address']); } notice(t('Permission denied.') . EOL); return; } if (!$update) { $o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']); $o .= common_friends_visitor_widget(\App::$profile['profile_uid']); if ($channel && $is_owner) { $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']); } else { $channel_acl = array(); } if ($perms['post_wall']) { $x = array('is_owner' => $is_owner, 'allow_location' => ($is_owner || $observer) && intval(get_pconfig(\App::$profile['profile_uid'], 'system', 'use_browser_location')) ? true : false, 'default_location' => $is_owner ? \App::$profile['channel_location'] : '', 'nickname' => \App::$profile['channel_address'], 'lockstate' => strlen(\App::$profile['channel_allow_cid']) || strlen(\App::$profile['channel_allow_gid']) || strlen(\App::$profile['channel_deny_cid']) || strlen(\App::$profile['channel_deny_gid']) ? 'lock' : 'unlock', 'acl' => $is_owner ? populate_acl($channel_acl, true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : '', 'showacl' => $is_owner ? 'yes' : '', 'bang' => '', 'visitor' => $is_owner || $observer ? true : false, 'profile_uid' => \App::$profile['profile_uid'], 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true); $o .= status_editor($a, $x); } } /** * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups */ $item_normal = item_normal(); $sql_extra = item_permissions_sql(\App::$profile['profile_uid']); if (get_pconfig(\App::$profile['profile_uid'], 'system', 'channel_list_mode') && !$mid) { $page_mode = 'list'; } else { $page_mode = 'client'; } $abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " "; $simple_update = $update ? " AND item_unseen = 1 " : ''; \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n"; if ($update && $_SESSION['loadtime']) { $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; } if ($load) { $simple_update = ''; } if ($update && !$load) { if ($mid) { $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d {$item_normal}\n\t\t\t\t\tAND item_wall = 1 AND item_unseen = 1 {$sql_extra} limit 1", dbesc($mid . '%'), intval(\App::$profile['profile_uid'])); } else { $r = q("SELECT distinct parent AS `item_id`, created from item\n\t\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\t\tWHERE uid = %d {$item_normal}\n\t\t\t\t\tAND item_wall = 1 {$simple_update}\n\t\t\t\t\tAND (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra}\n\t\t\t\t\tORDER BY created DESC", intval(\App::$profile['profile_uid'])); $_SESSION['loadtime'] = datetime_convert(); } } else { if (x($category)) { $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if (x($hashtags)) { $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } if ($datequery) { $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery)))); } if ($datequery2) { $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2)))); } $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); \App::set_pager_itemspage(intval($itemspage) ? $itemspage : 20); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); if ($load || $checkjs->disabled()) { if ($mid) { $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d {$item_normal}\n\t\t\t\t\t\tAND item_wall = 1 {$sql_extra} limit 1", dbesc($mid), intval(\App::$profile['profile_uid'])); if (!$r) { notice(t('Permission denied.') . EOL); } } else { $r = q("SELECT distinct id AS item_id, created FROM item \n\t\t\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\t\t\tWHERE uid = %d {$item_normal}\n\t\t\t\t\t\tAND item_wall = 1 and item_thread_top = 1\n\t\t\t\t\t\tAND (abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t\t{$sql_extra} {$sql_extra2}\n\t\t\t\t\t\tORDER BY created DESC {$pager_sql} ", intval(\App::$profile['profile_uid'])); } } else { $r = array(); } } if ($r) { $parents_str = ids_to_querystr($r, 'item_id'); $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\t\tFROM `item`\n\t\t\t\tWHERE `item`.`uid` = %d {$item_normal}\n\t\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t\t{$sql_extra} ", intval(\App::$profile['profile_uid']), dbesc($parents_str)); xchan_query($items); $items = fetch_post_tags($items, true); $items = conv_sort($items, 'created'); if ($load && $mid && !count($items)) { // This will happen if we don't have sufficient permissions // to view the parent item (or the item itself if it is toplevel) notice(t('Permission denied.') . EOL); } } else { $items = array(); } if (!$update && !$load) { // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. $maxheight = get_pconfig(\App::$profile['profile_uid'], 'system', 'channel_divmore_height'); if (!$maxheight) { $maxheight = 400; } $o .= '<div id="live-channel"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'channel', '$uid' => \App::$profile['profile_uid'] ? \App::$profile['profile_uid'] : '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '0', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$nouveau' => '0', '$wall' => '1', '$fh' => '0', '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$search' => '', '$order' => '', '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$file' => '', '$cats' => $category ? $category : '', '$tags' => $hashtags ? $hashtags : '', '$mid' => $mid, '$verb' => '', '$dend' => $datequery, '$dbegin' => $datequery2)); } $update_unseen = ''; if ($page_mode === 'list') { /** * in "list mode", only mark the parent item and any like activities as "seen". * We won't distinguish between comment likes and post likes. The important thing * is that the number of unseen comments will be accurate. The SQL to separate the * comment likes could also get somewhat hairy. */ if ($parents_str) { $update_unseen = " AND ( id IN ( " . dbesc($parents_str) . " )"; $update_unseen .= " OR ( parent IN ( " . dbesc($parents_str) . " ) AND verb in ( '" . dbesc(ACTIVITY_LIKE) . "','" . dbesc(ACTIVITY_DISLIKE) . "' ))) "; } } else { if ($parents_str) { $update_unseen = " AND parent IN ( " . dbesc($parents_str) . " )"; } } if ($is_owner && $update_unseen) { $r = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 and item_wall = 1 AND uid = %d {$update_unseen}", intval(local_channel())); } if ($checkjs->disabled()) { $o .= conversation($a, $items, 'channel', $update, 'traditional'); } else { $o .= conversation($a, $items, 'channel', $update, $page_mode); } if (!$update || $checkjs->disabled()) { $o .= alt_pager($a, count($items)); if ($mid && $items[0]['title']) { \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title']; } } if ($mid) { $o .= '<div id="content-complete"></div>'; } return $o; }
function widget_item($arr) { $uid = $a->profile['profile_uid']; if (!$uid || !$arr['mid']) { return ''; } if (!perm_is_allowed($uid, get_observer_hash(), 'view_pages')) { return ''; } require_once 'include/security.php'; $sql_extra = item_permissions_sql($uid); $r = q("select * from item where mid = '%s' and uid = %d and item_restrict = " . intval(ITEM_WEBPAGE) . " {$sql_extra} limit 1", dbesc($arr['mid']), intval($uid)); if (!$r) { return ''; } xchan_query($r); $r = fetch_post_tags($r, true); $o .= prepare_page($r[0]); return $o; }
/** * @brief Create an array representing the important channel information * which would be necessary to create a nomadic identity clone. This includes * most channel resources and connection information with the exception of content. * * @param int $channel_id * Channel_id to export * @param boolean $items * Include channel posts (wall items), default false * * @returns array * See function for details */ function identity_basic_export($channel_id, $items = false) { /* * Red basic channel export */ $ret = array(); $ret['compatibility'] = array('project' => RED_PLATFORM, 'version' => RED_VERSION, 'database' => DB_UPDATE_VERSION); $r = q("select * from channel where channel_id = %d limit 1", intval($channel_id)); if ($r) { $ret['channel'] = $r[0]; } $r = q("select * from profile where uid = %d", intval($channel_id)); if ($r) { $ret['profile'] = $r; } $xchans = array(); $r = q("select * from abook where abook_channel = %d ", intval($channel_id)); if ($r) { $ret['abook'] = $r; foreach ($r as $rr) { $xchans[] = $rr['abook_xchan']; } stringify_array_elms($xchans); } if ($xchans) { $r = q("select * from xchan where xchan_hash in ( " . implode(',', $xchans) . " ) "); if ($r) { $ret['xchan'] = $r; } $r = q("select * from hubloc where hubloc_hash in ( " . implode(',', $xchans) . " ) "); if ($r) { $ret['hubloc'] = $r; } } $r = q("select * from `groups` where uid = %d ", intval($channel_id)); if ($r) { $ret['group'] = $r; } $r = q("select * from group_member where uid = %d ", intval($channel_id)); if ($r) { $ret['group_member'] = $r; } $r = q("select * from pconfig where uid = %d", intval($channel_id)); if ($r) { $ret['config'] = $r; } $r = q("select type, data from photo where scale = 4 and profile = 1 and uid = %d limit 1", intval($channel_id)); if ($r) { $ret['photo'] = array('type' => $r[0]['type'], 'data' => base64url_encode($r[0]['data'])); } // All other term types will be included in items, if requested. $r = q("select * from term where type in (%d,%d) and uid = %d", intval(TERM_SAVEDSEARCH), intval(TERM_THING), intval($channel_id)); if ($r) { $ret['term'] = $r; } $r = q("select * from obj where obj_channel = %d", intval($channel_id)); if ($r) { $ret['obj'] = $r; } if (!$items) { return $ret; } $r = q("select likes.*, item.mid from likes left join item on likes.iid = item.id where likes.channel_id = %d", intval($channel_id)); if ($r) { $ret['likes'] = $r; } $r = q("select item_id.*, item.mid from item_id left join item on item_id.iid = item.id where item_id.uid = %d", intval($channel_id)); if ($r) { $ret['item_id'] = $r; } //$key = get_config('system','prvkey'); /** @warning this may run into memory limits on smaller systems */ $r = q("select * from item where (item_flags & %d)>0 and not (item_restrict & %d)>0 and uid = %d", intval(ITEM_WALL), intval(ITEM_DELETED), intval($channel_id)); if ($r) { $ret['item'] = array(); xchan_query($r); $r = fetch_post_tags($r, true); foreach ($r as $rr) { $ret['item'][] = encode_item($rr, true); } } return $ret; }