예제 #1
0
function items_fetch($arr, $channel = null, $observer_hash = null, $client_mode = CLIENT_MODE_NORMAL, $module = 'network')
{
    $result = array('success' => false);
    $a = get_app();
    $sql_extra = '';
    $sql_nets = '';
    $sql_options = '';
    $sql_extra2 = '';
    $sql_extra3 = '';
    $def_acl = '';
    $item_uids = ' true ';
    if ($arr['uid']) {
        $uid = $arr['uid'];
    }
    if ($channel) {
        $uid = $channel['channel_id'];
        $uidhash = $channel['channel_hash'];
        $item_uids = " item.uid = " . intval($uid) . " ";
    }
    if ($arr['star']) {
        $sql_options .= " and (item_flags & " . intval(ITEM_STARRED) . ")>0 ";
    }
    if ($arr['wall']) {
        $sql_options .= " and (item_flags & " . intval(ITEM_WALL) . ")>0 ";
    }
    $sql_extra = " AND item.parent IN ( SELECT parent FROM item WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ")>0 {$sql_options} ) ";
    if ($arr['since_id']) {
        $sql_extra .= " and item.id > " . $since_id . " ";
    }
    if ($arr['gid'] && $uid) {
        $r = q("SELECT * FROM `groups` WHERE id = %d AND uid = %d LIMIT 1", intval($arr['group']), intval($uid));
        if (!$r) {
            $result['message'] = t('Collection not found.');
            return $result;
        }
        $contact_str = '';
        /** @FIXME $group is undefined */
        $contacts = group_get_members($group);
        if ($contacts) {
            foreach ($contacts as $c) {
                if ($contact_str) {
                    $contact_str .= ',';
                }
                $contact_str .= "'" . $c['xchan'] . "'";
            }
        } else {
            $contact_str = ' 0 ';
            $result['message'] = t('Collection is empty.');
            return $result;
        }
        $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND (( author_xchan IN ( {$contact_str} ) OR owner_xchan in ( {$contact_str})) or allow_gid like '" . protect_sprintf('%<' . dbesc($r[0]['hash']) . '>%') . "' ) and id = parent and item_restrict = 0 ) ";
        $x = group_rec_byhash($uid, $r[0]['hash']);
        $result['headline'] = sprintf(t('Collection: %s'), $x['name']);
    } elseif ($arr['cid'] && $uid) {
        $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ")>0 limit 1", intval($arr['cid']), intval(local_channel()));
        if ($r) {
            $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND uid = " . intval($arr['uid']) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) and item_restrict = 0 ) ";
            $result['headline'] = sprintf(t('Connection: %s'), $r[0]['xchan_name']);
        } else {
            $result['message'] = t('Connection not found.');
            return $result;
        }
    }
    if ($arr['datequery']) {
        $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $arr['datequery']))));
    }
    if ($arr['datequery2']) {
        $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $arr['datequery2']))));
    }
    if (!array_key_exists('nouveau', $arr)) {
        $sql_extra2 = " AND item.parent = item.id ";
        $sql_extra3 = '';
    }
    if ($arr['search']) {
        if (strpos($arr['search'], '#') === 0) {
            $sql_extra .= term_query('item', substr($arr['search'], 1), TERM_HASHTAG);
        } else {
            $sql_extra .= sprintf(" AND item.body like '%s' ", dbesc(protect_sprintf('%' . $arr['search'] . '%')));
        }
    }
    if (strlen($arr['file'])) {
        $sql_extra .= term_query('item', $arr['files'], TERM_FILE);
    }
    if ($arr['conv'] && $channel) {
        $sql_extra .= sprintf(" AND parent IN (SELECT distinct parent from item where ( author_xchan like '%s' or ( item_flags & %d )>0)) ", dbesc(protect_sprintf($uidhash)), intval(ITEM_MENTIONSME));
    }
    if ($client_mode & CLIENT_MODE_UPDATE && !($client_mode & CLIENT_MODE_LOAD)) {
        // only setup pagination on initial page view
        $pager_sql = '';
    } else {
        $itemspage = $channel ? get_pconfig($uid, 'system', 'itemspage') : 20;
        $a->set_pager_itemspage(intval($itemspage) ? $itemspage : 20);
        $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(get_app()->pager['itemspage']), intval(get_app()->pager['start']));
    }
    if (isset($arr['start']) && isset($arr['records'])) {
        $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($arr['records']), intval($arr['start']));
    }
    if (array_key_exists('cmin', $arr) || array_key_exists('cmax', $arr)) {
        if ($arr['cmin'] != 0 || $arr['cmax'] != 99) {
            // Not everybody who shows up in the network stream will be in your address book.
            // By default those that aren't are assumed to have closeness = 99; but this isn't
            // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in
            // the stream with a NULL address book entry.
            $sql_nets .= " AND ";
            if ($arr['cmax'] == 99) {
                $sql_nets .= " ( ";
            }
            $sql_nets .= "( abook.abook_closeness >= " . intval($arr['cmin']) . " ";
            $sql_nets .= " AND abook.abook_closeness <= " . intval($arr['cmax']) . " ) ";
            /** @fixme dead code, $cmax is undefined */
            if ($cmax == 99) {
                $sql_nets .= " OR abook.abook_closeness IS NULL ) ";
            }
        }
    }
    $simple_update = $client_mode & CLIENT_MODE_UPDATE ? " and ( item.item_unseen = 1 ) " : '';
    if ($client_mode & CLIENT_MODE_LOAD) {
        $simple_update = '';
    }
    //$start = dba_timer();
    require_once 'include/security.php';
    $sql_extra .= item_permissions_sql($channel['channel_id'], $observer_hash);
    if ($arr['pages']) {
        $item_restrict = " AND (item_restrict & " . ITEM_WEBPAGE . ") ";
    } else {
        $item_restrict = " AND item_restrict = 0 ";
    }
    if ($arr['nouveau'] && $client_mode & CLIENT_MODE_LOAD && $channel) {
        // "New Item View" - show all items unthreaded in reverse created date order
        $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\tWHERE {$item_uids} {$item_restrict}\n\t\t\t\t{$simple_update}\n\t\t\t\t{$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY item.received DESC {$pager_sql}");
        require_once 'include/items.php';
        xchan_query($items);
        $items = fetch_post_tags($items, true);
    } else {
        // Normal conversation view
        if ($arr['order'] === 'post') {
            $ordering = "created";
        } else {
            $ordering = "commented";
        }
        if ($client_mode & CLIENT_MODE_LOAD || $client_mode == CLIENT_MODE_NORMAL) {
            // Fetch a page full of parent items for this page
            $r = q("SELECT distinct item.id AS item_id, item.{$ordering} FROM item\n                left join abook on item.author_xchan = abook.abook_xchan\n                WHERE {$item_uids} {$item_restrict}\n                AND item.parent = item.id\n                and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n                {$sql_extra3} {$sql_extra} {$sql_nets}\n                ORDER BY item.{$ordering} DESC {$pager_sql} ", intval(ABOOK_FLAG_BLOCKED));
        } else {
            // update
            $r = q("SELECT item.parent AS item_id FROM item\n                left join abook on item.author_xchan = abook.abook_xchan\n                WHERE {$item_uids} {$item_restrict} {$simple_update}\n                and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n                {$sql_extra3} {$sql_extra} {$sql_nets} ", intval(ABOOK_FLAG_BLOCKED));
        }
        //$first = dba_timer();
        // Then fetch all the children of the parents that are on this page
        if ($r) {
            $parents_str = ids_to_querystr($r, 'item_id');
            if ($arr['top']) {
                $sql_extra = ' and id = parent ' . $sql_extra;
            }
            $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\tWHERE {$item_uids} {$item_restrict}\n\t\t\t\tAND item.parent IN ( %s )\n\t\t\t\t{$sql_extra} ", dbesc($parents_str));
            //$second = dba_timer();
            xchan_query($items);
            //$third = dba_timer();
            $items = fetch_post_tags($items, true);
            //$fourth = dba_timer();
            require_once 'include/conversation.php';
            $items = conv_sort($items, $ordering);
            //logger('items: ' . print_r($items,true));
        } else {
            $items = array();
        }
        if ($parents_str && $arr['mark_seen']) {
            $update_unseen = ' AND parent IN ( ' . dbesc($parents_str) . ' )';
        }
        /** @FIXME finish mark unseen sql */
    }
    return $items;
}
예제 #2
0
 function get($update = 0, $load = false)
 {
     if (!local_channel()) {
         $_SESSION['return_url'] = \App::$query_string;
         return login(false);
     }
     if ($load) {
         $_SESSION['loadtime'] = datetime_convert();
     }
     $arr = array('query' => \App::$query_string);
     call_hooks('network_content_init', $arr);
     $channel = \App::get_channel();
     $item_normal = item_normal();
     $datequery = $datequery2 = '';
     $group = 0;
     $nouveau = false;
     $datequery = x($_GET, 'dend') && is_a_date_arg($_GET['dend']) ? notags($_GET['dend']) : '';
     $datequery2 = x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin']) ? notags($_GET['dbegin']) : '';
     $nouveau = x($_GET, 'new') ? intval($_GET['new']) : 0;
     $gid = x($_GET, 'gid') ? intval($_GET['gid']) : 0;
     $category = x($_REQUEST, 'cat') ? $_REQUEST['cat'] : '';
     $hashtags = x($_REQUEST, 'tag') ? $_REQUEST['tag'] : '';
     $verb = x($_REQUEST, 'verb') ? $_REQUEST['verb'] : '';
     $search = $_GET['search'] ? $_GET['search'] : '';
     if ($search) {
         if (strpos($search, '@') === 0) {
             $r = q("select abook_id from abook left join xchan on abook_xchan = xchan_hash where xchan_name = '%s' and abook_channel = %d limit 1", dbesc(substr($search, 1)), intval(local_channel()));
             if ($r) {
                 $_GET['cid'] = $r[0]['abook_id'];
                 $search = $_GET['search'] = '';
             }
         } elseif (strpos($search, '#') === 0) {
             $hashtags = substr($search, 1);
             $search = $_GET['search'] = '';
         }
     }
     if ($datequery) {
         $_GET['order'] = 'post';
     }
     // filter by collection (e.g. group)
     if ($gid) {
         $r = q("SELECT * FROM groups WHERE id = %d AND uid = %d LIMIT 1", intval($gid), intval(local_channel()));
         if (!$r) {
             if ($update) {
                 killme();
             }
             notice(t('No such group') . EOL);
             goaway(z_root() . '/network');
             // NOTREACHED
         }
         $group = $gid;
         $group_hash = $r[0]['hash'];
         $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>');
     }
     $o = '';
     // if no tabs are selected, defaults to comments
     $cid = x($_GET, 'cid') ? intval($_GET['cid']) : 0;
     $star = x($_GET, 'star') ? intval($_GET['star']) : 0;
     $order = x($_GET, 'order') ? notags($_GET['order']) : 'comment';
     $liked = x($_GET, 'liked') ? intval($_GET['liked']) : 0;
     $conv = x($_GET, 'conv') ? intval($_GET['conv']) : 0;
     $spam = x($_GET, 'spam') ? intval($_GET['spam']) : 0;
     $cmin = x($_GET, 'cmin') ? intval($_GET['cmin']) : 0;
     $cmax = x($_GET, 'cmax') ? intval($_GET['cmax']) : 99;
     $firehose = x($_GET, 'fh') ? intval($_GET['fh']) : 0;
     $file = x($_GET, 'file') ? $_GET['file'] : '';
     $deftag = '';
     if (x($_GET, 'search') || x($_GET, 'file')) {
         $nouveau = true;
     }
     if ($cid) {
         $r = q("SELECT abook_xchan FROM abook WHERE abook_id = %d AND abook_channel = %d LIMIT 1", intval($cid), intval(local_channel()));
         if (!$r) {
             if ($update) {
                 killme();
             }
             notice(t('No such channel') . EOL);
             goaway(z_root() . '/network');
             // NOTREACHED
         }
         if ($_GET['pf'] === '1') {
             $deftag = '@' . t('forum') . '+' . intval($cid) . '+';
         } else {
             $def_acl = array('allow_cid' => '<' . $r[0]['abook_xchan'] . '>');
         }
     }
     if (!$update) {
         $tabs = network_tabs();
         $o .= $tabs;
         // search terms header
         if ($search) {
             $o .= replace_macros(get_markup_template("section_title.tpl"), array('$title' => t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT, 'UTF-8')));
         }
         nav_set_selected('network');
         $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
         $private_editing = ($group || $cid) && !intval($_GET['pf']) ? true : false;
         $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $private_editing || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($private_editing ? $def_acl : $channel_acl, true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post'), 'bang' => $private_editing ? '!' : '', 'visitor' => true, 'profile_uid' => local_channel(), 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true);
         if ($deftag) {
             $x['pretext'] = $deftag;
         }
         $status_editor = status_editor($a, $x);
         $o .= $status_editor;
     }
     // We don't have to deal with ACL's on this page. You're looking at everything
     // that belongs to you, hence you can see all of it. We will filter by group if
     // desired.
     $sql_options = $star ? " and item_starred = 1 " : '';
     $sql_nets = '';
     $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE item_thread_top = 1 {$sql_options} ) ";
     if ($group) {
         $contact_str = '';
         $contacts = group_get_members($group);
         if ($contacts) {
             foreach ($contacts as $c) {
                 if ($contact_str) {
                     $contact_str .= ',';
                 }
                 $contact_str .= "'" . $c['xchan'] . "'";
             }
         } else {
             $contact_str = ' 0 ';
             info(t('Privacy group is empty'));
         }
         $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND (( author_xchan IN ( {$contact_str} ) OR owner_xchan in ( {$contact_str} )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent {$item_normal} ) ";
         $x = group_rec_byhash(local_channel(), $group_hash);
         if ($x) {
             $title = replace_macros(get_markup_template("section_title.tpl"), array('$title' => t('Privacy group: ') . $x['name']));
         }
         $o = $tabs;
         $o .= $title;
         $o .= $status_editor;
     } elseif ($cid) {
         $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and abook_blocked = 0 limit 1", intval($cid), intval(local_channel()));
         if ($r) {
             $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND uid = " . intval(local_channel()) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) {$item_normal} ) ";
             $title = replace_macros(get_markup_template("section_title.tpl"), array('$title' => '<a href="' . zid($r[0]['xchan_url']) . '" ><img src="' . zid($r[0]['xchan_photo_s']) . '" alt="' . urlencode($r[0]['xchan_name']) . '" /></a> <a href="' . zid($r[0]['xchan_url']) . '" >' . $r[0]['xchan_name'] . '</a>'));
             $o = $tabs;
             $o .= $title;
             $o .= $status_editor;
         } else {
             notice(t('Invalid connection.') . EOL);
             goaway(z_root() . '/network');
         }
     }
     if (x($category)) {
         $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
     }
     if (x($hashtags)) {
         $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
     }
     if (!$update) {
         // The special div is needed for liveUpdate to kick in for this page.
         // We only launch liveUpdate if you aren't filtering in some incompatible
         // way and also you aren't writing a comment (discovered in javascript).
         if ($gid || $cid || $cmin || $cmax != 99 || $star || $liked || $conv || $spam || $nouveau || $list) {
             $firehose = 0;
         }
         $maxheight = get_pconfig(local_channel(), 'system', 'network_divmore_height');
         if (!$maxheight) {
             $maxheight = 400;
         }
         $o .= '<div id="live-network"></div>' . "\r\n";
         $o .= "<script> var profile_uid = " . local_channel() . "; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
         \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'network', '$uid' => local_channel() ? local_channel() : '0', '$gid' => $gid ? $gid : '0', '$cid' => $cid ? $cid : '0', '$cmin' => $cmin ? $cmin : '0', '$cmax' => $cmax ? $cmax : '0', '$star' => $star ? $star : '0', '$liked' => $liked ? $liked : '0', '$conv' => $conv ? $conv : '0', '$spam' => $spam ? $spam : '0', '$fh' => $firehose ? $firehose : '0', '$nouveau' => $nouveau ? $nouveau : '0', '$wall' => '0', '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$search' => $search ? $search : '', '$order' => $order, '$file' => $file, '$cats' => $category, '$tags' => $hashtags, '$dend' => $datequery, '$mid' => '', '$verb' => $verb, '$dbegin' => $datequery2));
     }
     $sql_extra3 = '';
     if ($datequery) {
         $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
     }
     if ($datequery2) {
         $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
     }
     $sql_extra2 = $nouveau ? '' : " AND item.parent = item.id ";
     $sql_extra3 = $nouveau ? '' : $sql_extra3;
     if (x($_GET, 'search')) {
         $search = escape_tags($_GET['search']);
         if (strpos($search, '#') === 0) {
             $sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG, TERM_COMMUNITYTAG);
         } else {
             $sql_extra .= sprintf(" AND item.body like '%s' ", dbesc(protect_sprintf('%' . $search . '%')));
         }
     }
     if ($verb) {
         $sql_extra .= sprintf(" AND item.verb like '%s' ", dbesc(protect_sprintf('%' . $verb . '%')));
     }
     if (strlen($file)) {
         $sql_extra .= term_query('item', $file, TERM_FILE);
     }
     if ($conv) {
         $sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or item_mentionsme = 1 )) ", dbesc(protect_sprintf($channel['channel_hash'])));
     }
     if ($update && !$load) {
         // only setup pagination on initial page view
         $pager_sql = '';
     } else {
         $itemspage = get_pconfig(local_channel(), 'system', 'itemspage');
         \App::set_pager_itemspage(intval($itemspage) ? $itemspage : 20);
         $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
     }
     if ($cmin != 0 || $cmax != 99) {
         // Not everybody who shows up in the network stream will be in your address book.
         // By default those that aren't are assumed to have closeness = 99; but this isn't
         // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in
         // the stream with a NULL address book entry.
         $sql_nets .= " AND ";
         if ($cmax == 99) {
             $sql_nets .= " ( ";
         }
         $sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " ";
         $sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) ";
         if ($cmax == 99) {
             $sql_nets .= " OR abook.abook_closeness IS NULL ) ";
         }
     }
     $abook_uids = " and abook.abook_channel = " . local_channel() . " ";
     if ($firehose && !get_config('system', 'disable_discover_tab')) {
         require_once 'include/identity.php';
         $sys = get_sys_channel();
         $uids = " and item.uid  = " . intval($sys['channel_id']) . " ";
         \App::$data['firehose'] = intval($sys['channel_id']);
     } else {
         $uids = " and item.uid = " . local_channel() . " ";
     }
     if (get_pconfig(local_channel(), 'system', 'network_list_mode')) {
         $page_mode = 'list';
     } else {
         $page_mode = 'client';
     }
     $simple_update = $update ? " and item_unseen = 1 " : '';
     // This fixes a very subtle bug so I'd better explain it. You wake up in the morning or return after a day
     // or three and look at your matrix page - after opening up your browser. The first page loads just as it
     // should. All of a sudden a few seconds later, page 2 will get inserted at the beginning of the page
     // (before the page 1 content). The update code is actually doing just what it's supposed
     // to, it's fetching posts that have the ITEM_UNSEEN bit set. But the reason that page 2 content is being
     // returned in an UPDATE is because you hadn't gotten that far yet - you're still on page 1 and everything
     // that we loaded for page 1 is now marked as seen. But the stuff on page 2 hasn't been. So... it's being
     // treated as "new fresh" content because it is unseen. We need to distinguish it somehow from content
     // which "arrived as you were reading page 1". We're going to do this
     // by storing in your session the current UTC time whenever you LOAD a network page, and only UPDATE items
     // which are both ITEM_UNSEEN and have "changed" since that time. Cross fingers...
     if ($update && $_SESSION['loadtime']) {
         $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
     }
     if ($load) {
         $simple_update = '';
     }
     if ($nouveau && $load) {
         // "New Item View" - show all items unthreaded in reverse created date order
         $items = q("SELECT item.*, item.id AS item_id, received FROM item\n\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t{$simple_update}\n\t\t\t\t{$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY item.received DESC {$pager_sql} ");
         require_once 'include/items.php';
         xchan_query($items);
         $items = fetch_post_tags($items, true);
     } elseif ($update) {
         // Normal conversation view
         if ($order === 'post') {
             $ordering = "created";
         } else {
             $ordering = "commented";
         }
         if ($load) {
             // Fetch a page full of parent items for this page
             $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\t\tAND item.parent = item.id\n\t\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\t\t\tORDER BY {$ordering} DESC {$pager_sql} ");
         } else {
             // this is an update
             $r = q("SELECT item.parent AS item_id FROM item\n\t\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\t\tWHERE true {$uids} {$item_normal} {$simple_update}\n\t\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets} ");
             $_SESSION['loadtime'] = datetime_convert();
         }
         // Then fetch all the children of the parents that are on this page
         $parents_str = '';
         $update_unseen = '';
         if ($r) {
             $parents_str = ids_to_querystr($r, 'item_id');
             $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\t\tAND item.parent IN ( %s )\n\t\t\t\t\t{$sql_extra} ", dbesc($parents_str));
             xchan_query($items, true, $firehose ? local_channel() : 0);
             $items = fetch_post_tags($items, true);
             $items = conv_sort($items, $ordering);
         } else {
             $items = array();
         }
         if ($page_mode === 'list') {
             /**
              * in "list mode", only mark the parent item and any like activities as "seen". 
              * We won't distinguish between comment likes and post likes. The important thing
              * is that the number of unseen comments will be accurate. The SQL to separate the
              * comment likes could also get somewhat hairy. 
              */
             if ($parents_str) {
                 $update_unseen = " AND ( id IN ( " . dbesc($parents_str) . " )";
                 $update_unseen .= " OR ( parent IN ( " . dbesc($parents_str) . " ) AND verb in ( '" . dbesc(ACTIVITY_LIKE) . "','" . dbesc(ACTIVITY_DISLIKE) . "' ))) ";
             }
         } else {
             if ($parents_str) {
                 $update_unseen = " AND parent IN ( " . dbesc($parents_str) . " )";
             }
         }
     }
     if ($update_unseen && !$firehose) {
         $r = q("UPDATE item SET item_unseen = 0 WHERE item_unseen = 1 AND uid = %d {$update_unseen} ", intval(local_channel()));
     }
     $mode = $nouveau ? 'network-new' : 'network';
     $o .= conversation($a, $items, $mode, $update, $page_mode);
     if ($items && !$update) {
         $o .= alt_pager($a, count($items));
     }
     return $o;
 }
예제 #3
0
 function get($update = 0, $load = false)
 {
     $checkjs = new \Zotlabs\Web\CheckJS(1);
     if ($load) {
         $_SESSION['loadtime'] = datetime_convert();
     }
     if (observer_prohibited()) {
         notice(t('Public access denied.') . EOL);
         return;
     }
     require_once "include/bbcode.php";
     require_once 'include/security.php';
     require_once 'include/conversation.php';
     require_once 'include/acl_selectors.php';
     require_once 'include/items.php';
     \App::$page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array());
     if (argc() > 1 && argv(1) !== 'load') {
         $item_hash = argv(1);
     }
     if ($_REQUEST['mid']) {
         $item_hash = $_REQUEST['mid'];
     }
     if (!$item_hash) {
         \App::$error = 404;
         notice(t('Item not found.') . EOL);
         return;
     }
     $observer_is_owner = false;
     if (local_channel() && !$update) {
         $channel = \App::get_channel();
         $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
         $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($channel_acl), 'permissions' => $channel_acl, 'bang' => '', 'visitor' => true, 'profile_uid' => local_channel(), 'return_path' => 'channel/' . $channel['channel_address'], 'expanded' => true, 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true);
         $o = '<div id="jot-popup">';
         $o .= status_editor($a, $x);
         $o .= '</div>';
     }
     // This page can be viewed by anybody so the query could be complicated
     // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally.
     // If that fails (or we aren't logged in locally),
     // query an item in which the observer (if logged in remotely) has cid or gid rights
     // and if that fails, look for a copy of the post that has no privacy restrictions.
     // If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported.
     // find a copy of the item somewhere
     $target_item = null;
     $r = q("select id, uid, mid, parent_mid, item_type, item_deleted from item where mid like '%s' limit 1", dbesc($item_hash . '%'));
     if ($r) {
         $target_item = $r[0];
     }
     $r = null;
     if ($target_item['item_type'] == ITEM_TYPE_WEBPAGE) {
         $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']));
         $y = q("select * from iconfig left join item on iconfig.iid = item.id \n\t\t\t\twhere item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item.id = %d limit 1", intval($target_item['uid']), intval($target_item['id']));
         if ($x && $y) {
             goaway(z_root() . '/page/' . $x[0]['channel_address'] . '/' . $y[0]['v']);
         } else {
             notice(t('Page not found.') . EOL);
             return '';
         }
     }
     $simple_update = $update ? " AND item_unseen = 1 " : '';
     if ($update && $_SESSION['loadtime']) {
         $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
     }
     if ($load) {
         $simple_update = '';
     }
     if (!$update && !$load) {
         $o .= '<div id="live-display"></div>' . "\r\n";
         $o .= "<script> var profile_uid = " . (intval(local_channel()) ? local_channel() : -1) . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; </script>\r\n";
         \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'display', '$uid' => '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '99', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$fh' => '0', '$nouveau' => '0', '$wall' => '0', '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$search' => '', '$order' => '', '$file' => '', '$cats' => '', '$tags' => '', '$dend' => '', '$dbegin' => '', '$verb' => '', '$mid' => $item_hash));
     }
     $observer_hash = get_observer_hash();
     $item_normal = item_normal();
     $sql_extra = public_permissions_sql($observer_hash);
     if ($update && $load || $checkjs->disabled()) {
         $updateable = false;
         $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
         if ($load || $checkjs->disabled()) {
             $r = null;
             require_once 'include/channel.php';
             $sys = get_sys_channel();
             $sysid = $sys['channel_id'];
             if (local_channel()) {
                 $r = q("SELECT * from item\n\t\t\t\t\t\tWHERE uid = %d\n\t\t\t\t\t\tand mid = '%s'\n\t\t\t\t\t\t{$item_normal}\n\t\t\t\t\t\tlimit 1", intval(local_channel()), dbesc($target_item['parent_mid']));
                 if ($r) {
                     $updateable = true;
                 }
             }
             if ($r === null) {
                 // in case somebody turned off public access to sys channel content using permissions
                 // make that content unsearchable by ensuring the owner_xchan can't match
                 if (!perm_is_allowed($sysid, $observer_hash, 'view_stream')) {
                     $sysid = 0;
                 }
                 $r = q("SELECT * from item\n\t\t\t\t\t\tWHERE mid = '%s'\n\t\t\t\t\t\tAND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' \n\t\t\t\t\t\tAND `item`.`deny_gid`  = '' AND item_private = 0 ) \n\t\t\t\t\t\tand owner_xchan in ( " . stream_perms_xchans($observer_hash ? PERMS_NETWORK | PERMS_PUBLIC : PERMS_PUBLIC) . " ))\n\t\t\t\t\t\tOR uid = %d )\n\t\t\t\t\t\t{$sql_extra} )\n\t\t\t\t\t\t{$item_normal}\n\t\t\t\t\t\tlimit 1", dbesc($target_item['parent_mid']), intval($sysid));
             }
         }
     } elseif ($update && !$load) {
         $r = null;
         require_once 'include/channel.php';
         $sys = get_sys_channel();
         $sysid = $sys['channel_id'];
         if (local_channel()) {
             $r = q("SELECT * from item\n\t\t\t\t\tWHERE uid = %d\n\t\t\t\t\tand mid = '%s'\n\t\t\t\t\t{$item_normal}\n\t\t\t\t\t{$simple_update}\n\t\t\t\t\tlimit 1", intval(local_channel()), dbesc($target_item['parent_mid']));
             if ($r) {
                 $updateable = true;
             }
         }
         if ($r === null) {
             // in case somebody turned off public access to sys channel content using permissions
             // make that content unsearchable by ensuring the owner_xchan can't match
             if (!perm_is_allowed($sysid, $observer_hash, 'view_stream')) {
                 $sysid = 0;
             }
             $r = q("SELECT * from item\n\t\t\t\t\tWHERE mid = '%s'\n\t\t\t\t\tAND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' \n\t\t\t\t\tAND `item`.`deny_gid`  = '' AND item_private = 0 ) \n\t\t\t\t\tand owner_xchan in ( " . stream_perms_xchans($observer_hash ? PERMS_NETWORK | PERMS_PUBLIC : PERMS_PUBLIC) . " ))\n\t\t\t\t\tOR uid = %d )\n\t\t\t\t\t{$sql_extra} )\n\t\t\t\t\t{$item_normal}\n\t\t\t\t\t{$simple_update}\n\t\t\t\t\tlimit 1", dbesc($target_item['parent_mid']), intval($sysid));
         }
         $_SESSION['loadtime'] = datetime_convert();
     } else {
         $r = array();
     }
     if ($r) {
         $parents_str = ids_to_querystr($r, 'id');
         if ($parents_str) {
             $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\t\t\tFROM `item`\n\t\t\t\t\tWHERE parent in ( %s ) {$item_normal} ", dbesc($parents_str));
             xchan_query($items);
             $items = fetch_post_tags($items, true);
             $items = conv_sort($items, 'created');
         }
     } else {
         $items = array();
     }
     if ($checkjs->disabled()) {
         $o .= conversation($a, $items, 'display', $update, 'traditional');
         if ($items[0]['title']) {
             \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
         }
     } else {
         $o .= conversation($a, $items, 'display', $update, 'client');
     }
     if ($updateable) {
         $x = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 AND uid = %d and parent = %d ", intval(local_channel()), intval($r[0]['parent']));
     }
     $o .= '<div id="content-complete"></div>';
     return $o;
     /*
     	elseif((! $update) && (!  {
     		
     		$r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1",
     			dbesc($item_hash),
     			dbesc($item_hash)
     		);
     		if($r) {
     			if(intval($r[0]['item_deleted'])) {
     				notice( t('Item has been removed.') . EOL );
     			}
     			else {	
     				notice( t('Permission denied.') . EOL ); 
     			}
     		}
     		else {
     			notice( t('Item not found.') . EOL );
     		}
     
     	}
     */
 }
예제 #4
0
function public_content(&$a, $update = 0, $load = false)
{
    if ($load) {
        $_SESSION['loadtime'] = datetime_convert();
    }
    if (get_config('system', 'block_public') && !get_account_id() && !remote_channel()) {
        return login();
    }
    if (get_config('system', 'disable_discover_tab')) {
        return;
    }
    $item_normal = item_normal();
    if (!$update) {
        $maxheight = get_config('system', 'home_divmore_height');
        if (!$maxheight) {
            $maxheight = 400;
        }
        $o .= '<div id="live-public"></div>' . "\r\n";
        $o .= "<script> var profile_uid = " . (intval(local_channel()) ? local_channel() : -1) . "; var profile_page = " . App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
        App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'public', '$uid' => local_channel() ? local_channel() : '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '99', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$fh' => '1', '$nouveau' => '0', '$wall' => '0', '$list' => '0', '$page' => App::$pager['page'] != 1 ? App::$pager['page'] : 1, '$search' => '', '$order' => 'comment', '$file' => '', '$cats' => '', '$tags' => '', '$dend' => '', '$mid' => '', '$verb' => '', '$dbegin' => ''));
    }
    if ($update && !$load) {
        // only setup pagination on initial page view
        $pager_sql = '';
    } else {
        App::set_pager_itemspage(20);
        $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(App::$pager['itemspage']), intval(App::$pager['start']));
    }
    require_once 'include/identity.php';
    require_once 'include/security.php';
    if (get_config('system', 'site_firehose')) {
        $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0  and item_wall = 1 ";
    } else {
        $sys = get_sys_channel();
        $uids = " and item.uid  = " . intval($sys['channel_id']) . " ";
        $sql_extra = item_permissions_sql($sys['channel_id']);
        App::$data['firehose'] = intval($sys['channel_id']);
    }
    if (get_config('system', 'public_list_mode')) {
        $page_mode = 'list';
    } else {
        $page_mode = 'client';
    }
    $simple_update = $update ? " and item.item_unseen = 1 " : '';
    if ($update && $_SESSION['loadtime']) {
        $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
    }
    if ($load) {
        $simple_update = '';
    }
    //logger('update: ' . $update . ' load: ' . $load);
    if ($update) {
        $ordering = "commented";
        if ($load) {
            // Fetch a page full of parent items for this page
            $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tAND item.parent = item.id\n\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY {$ordering} DESC {$pager_sql} ");
        } elseif ($update) {
            $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tAND item.parent = item.id {$simple_update}\n\t\t\t\tand (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}");
            $_SESSION['loadtime'] = datetime_convert();
        }
        // Then fetch all the children of the parents that are on this page
        $parents_str = '';
        $update_unseen = '';
        if ($r) {
            $parents_str = ids_to_querystr($r, 'item_id');
            $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\tWHERE true {$uids} {$item_normal}\n\t\t\t\tAND item.parent IN ( %s )\n\t\t\t\t{$sql_extra} ", dbesc($parents_str));
            xchan_query($items, true, -1);
            $items = fetch_post_tags($items, true);
            $items = conv_sort($items, $ordering);
        } else {
            $items = array();
        }
    }
    // fake it
    $mode = 'network';
    $o .= conversation($a, $items, $mode, $update, $page_mode);
    if ($items && !$update) {
        $o .= alt_pager($a, count($items));
    }
    return $o;
}
예제 #5
0
 function get($update = 0, $load = false)
 {
     if ($load) {
         $_SESSION['loadtime'] = datetime_convert();
     }
     $checkjs = new \Zotlabs\Web\CheckJS(1);
     $category = $datequery = $datequery2 = '';
     $mid = x($_REQUEST, 'mid') ? $_REQUEST['mid'] : '';
     $datequery = x($_GET, 'dend') && is_a_date_arg($_GET['dend']) ? notags($_GET['dend']) : '';
     $datequery2 = x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin']) ? notags($_GET['dbegin']) : '';
     if (observer_prohibited(true)) {
         return login();
     }
     $category = x($_REQUEST, 'cat') ? $_REQUEST['cat'] : '';
     $hashtags = x($_REQUEST, 'tag') ? $_REQUEST['tag'] : '';
     $groups = array();
     $o = '';
     if ($update) {
         // Ensure we've got a profile owner if updating.
         \App::$profile['profile_uid'] = \App::$profile_uid = $update;
     } else {
         if (\App::$profile['profile_uid'] == local_channel()) {
             nav_set_selected('home');
         }
     }
     $is_owner = local_channel() && \App::$profile['profile_uid'] == local_channel() ? true : false;
     $channel = \App::get_channel();
     $observer = \App::get_observer();
     $ob_hash = $observer ? $observer['xchan_hash'] : '';
     $perms = get_all_perms(\App::$profile['profile_uid'], $ob_hash);
     if (!$perms['view_stream']) {
         // We may want to make the target of this redirect configurable
         if ($perms['view_profile']) {
             notice(t('Insufficient permissions.  Request redirected to profile page.') . EOL);
             goaway(z_root() . "/profile/" . \App::$profile['channel_address']);
         }
         notice(t('Permission denied.') . EOL);
         return;
     }
     if (!$update) {
         $o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']);
         $o .= common_friends_visitor_widget(\App::$profile['profile_uid']);
         if ($channel && $is_owner) {
             $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
         } else {
             $channel_acl = array();
         }
         if ($perms['post_wall']) {
             $x = array('is_owner' => $is_owner, 'allow_location' => ($is_owner || $observer) && intval(get_pconfig(\App::$profile['profile_uid'], 'system', 'use_browser_location')) ? true : false, 'default_location' => $is_owner ? \App::$profile['channel_location'] : '', 'nickname' => \App::$profile['channel_address'], 'lockstate' => strlen(\App::$profile['channel_allow_cid']) || strlen(\App::$profile['channel_allow_gid']) || strlen(\App::$profile['channel_deny_cid']) || strlen(\App::$profile['channel_deny_gid']) ? 'lock' : 'unlock', 'acl' => $is_owner ? populate_acl($channel_acl, true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : '', 'showacl' => $is_owner ? 'yes' : '', 'bang' => '', 'visitor' => $is_owner || $observer ? true : false, 'profile_uid' => \App::$profile['profile_uid'], 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true);
             $o .= status_editor($a, $x);
         }
     }
     /**
      * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
      */
     $item_normal = item_normal();
     $sql_extra = item_permissions_sql(\App::$profile['profile_uid']);
     if (get_pconfig(\App::$profile['profile_uid'], 'system', 'channel_list_mode') && !$mid) {
         $page_mode = 'list';
     } else {
         $page_mode = 'client';
     }
     $abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " ";
     $simple_update = $update ? " AND item_unseen = 1 " : '';
     \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n";
     if ($update && $_SESSION['loadtime']) {
         $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
     }
     if ($load) {
         $simple_update = '';
     }
     if ($update && !$load) {
         if ($mid) {
             $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d {$item_normal}\n\t\t\t\t\tAND item_wall = 1 AND item_unseen = 1 {$sql_extra} limit 1", dbesc($mid . '%'), intval(\App::$profile['profile_uid']));
         } else {
             $r = q("SELECT distinct parent AS `item_id`, created from item\n\t\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\t\tWHERE uid = %d {$item_normal}\n\t\t\t\t\tAND item_wall = 1 {$simple_update}\n\t\t\t\t\tAND (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra}\n\t\t\t\t\tORDER BY created DESC", intval(\App::$profile['profile_uid']));
             $_SESSION['loadtime'] = datetime_convert();
         }
     } else {
         if (x($category)) {
             $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
         }
         if (x($hashtags)) {
             $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG));
         }
         if ($datequery) {
             $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
         }
         if ($datequery2) {
             $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
         }
         $itemspage = get_pconfig(local_channel(), 'system', 'itemspage');
         \App::set_pager_itemspage(intval($itemspage) ? $itemspage : 20);
         $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start']));
         if ($load || $checkjs->disabled()) {
             if ($mid) {
                 $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d {$item_normal}\n\t\t\t\t\t\tAND item_wall = 1 {$sql_extra} limit 1", dbesc($mid), intval(\App::$profile['profile_uid']));
                 if (!$r) {
                     notice(t('Permission denied.') . EOL);
                 }
             } else {
                 $r = q("SELECT distinct id AS item_id, created FROM item \n\t\t\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\t\t\tWHERE uid = %d {$item_normal}\n\t\t\t\t\t\tAND item_wall = 1 and item_thread_top = 1\n\t\t\t\t\t\tAND (abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t\t{$sql_extra} {$sql_extra2}\n\t\t\t\t\t\tORDER BY created DESC {$pager_sql} ", intval(\App::$profile['profile_uid']));
             }
         } else {
             $r = array();
         }
     }
     if ($r) {
         $parents_str = ids_to_querystr($r, 'item_id');
         $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\t\tFROM `item`\n\t\t\t\tWHERE `item`.`uid` = %d {$item_normal}\n\t\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t\t{$sql_extra} ", intval(\App::$profile['profile_uid']), dbesc($parents_str));
         xchan_query($items);
         $items = fetch_post_tags($items, true);
         $items = conv_sort($items, 'created');
         if ($load && $mid && !count($items)) {
             // This will happen if we don't have sufficient permissions
             // to view the parent item (or the item itself if it is toplevel)
             notice(t('Permission denied.') . EOL);
         }
     } else {
         $items = array();
     }
     if (!$update && !$load) {
         // This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
         // because browser prefetching might change it on us. We have to deliver it with the page.
         $maxheight = get_pconfig(\App::$profile['profile_uid'], 'system', 'channel_divmore_height');
         if (!$maxheight) {
             $maxheight = 400;
         }
         $o .= '<div id="live-channel"></div>' . "\r\n";
         $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
         \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'channel', '$uid' => \App::$profile['profile_uid'] ? \App::$profile['profile_uid'] : '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '0', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$nouveau' => '0', '$wall' => '1', '$fh' => '0', '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$search' => '', '$order' => '', '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$file' => '', '$cats' => $category ? $category : '', '$tags' => $hashtags ? $hashtags : '', '$mid' => $mid, '$verb' => '', '$dend' => $datequery, '$dbegin' => $datequery2));
     }
     $update_unseen = '';
     if ($page_mode === 'list') {
         /**
          * in "list mode", only mark the parent item and any like activities as "seen". 
          * We won't distinguish between comment likes and post likes. The important thing
          * is that the number of unseen comments will be accurate. The SQL to separate the
          * comment likes could also get somewhat hairy. 
          */
         if ($parents_str) {
             $update_unseen = " AND ( id IN ( " . dbesc($parents_str) . " )";
             $update_unseen .= " OR ( parent IN ( " . dbesc($parents_str) . " ) AND verb in ( '" . dbesc(ACTIVITY_LIKE) . "','" . dbesc(ACTIVITY_DISLIKE) . "' ))) ";
         }
     } else {
         if ($parents_str) {
             $update_unseen = " AND parent IN ( " . dbesc($parents_str) . " )";
         }
     }
     if ($is_owner && $update_unseen) {
         $r = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 and item_wall = 1 AND uid = %d {$update_unseen}", intval(local_channel()));
     }
     if ($checkjs->disabled()) {
         $o .= conversation($a, $items, 'channel', $update, 'traditional');
     } else {
         $o .= conversation($a, $items, 'channel', $update, $page_mode);
     }
     if (!$update || $checkjs->disabled()) {
         $o .= alt_pager($a, count($items));
         if ($mid && $items[0]['title']) {
             \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title'];
         }
     }
     if ($mid) {
         $o .= '<div id="content-complete"></div>';
     }
     return $o;
 }
예제 #6
0
파일: channel.php 프로젝트: Mauru/red
function channel_content(&$a, $update = 0, $load = false)
{
    $category = $datequery = $datequery2 = '';
    $mid = $_GET['mid'];
    $datequery = x($_GET, 'dend') && is_a_date_arg($_GET['dend']) ? notags($_GET['dend']) : '';
    $datequery2 = x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin']) ? notags($_GET['dbegin']) : '';
    if (get_config('system', 'block_public') && !get_account_id() && !remote_user()) {
        return login();
    }
    $category = x($_REQUEST, 'cat') ? $_REQUEST['cat'] : '';
    $groups = array();
    $o = '';
    if ($update) {
        // Ensure we've got a profile owner if updating.
        $a->profile['profile_uid'] = $update;
    } else {
        if ($a->profile['profile_uid'] == local_user()) {
            nav_set_selected('home');
        }
    }
    $is_owner = local_user() && $a->profile['profile_uid'] == local_user() ? true : false;
    $channel = $a->get_channel();
    $observer = $a->get_observer();
    $ob_hash = $observer ? $observer['xchan_hash'] : '';
    $perms = get_all_perms($a->profile['profile_uid'], $ob_hash);
    if (!$perms['view_stream']) {
        // We may want to make the target of this redirect configurable
        if ($perms['view_profile']) {
            notice(t('Insufficient permissions.  Request redirected to profile page.') . EOL);
            goaway(z_root() . "/profile/" . $a->profile['channel_address']);
        }
        notice(t('Permission denied.') . EOL);
        return;
    }
    if (!$update) {
        $o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
        $o .= common_friends_visitor_widget($a->profile['profile_uid']);
        if ($channel && $is_owner) {
            $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
        } else {
            $channel_acl = array();
        }
        if ($perms['post_wall']) {
            $x = array('is_owner' => $is_owner, 'allow_location' => ($is_owner || $observer) && intval(get_pconfig($a->profile['profile_uid'], 'system', 'use_browser_location')) ? true : false, 'default_location' => $is_owner ? $a->profile['channel_location'] : '', 'nickname' => $a->profile['channel_address'], 'lockstate' => strlen($a->profile['channel_allow_cid']) || strlen($a->profile['channel_allow_gid']) || strlen($a->profile['channel_deny_cid']) || strlen($a->profile['channel_deny_gid']) ? 'lock' : 'unlock', 'acl' => $is_owner ? populate_acl($channel_acl) : '', 'showacl' => $is_owner ? 'yes' : '', 'bang' => '', 'visitor' => $is_owner || $observer ? true : false, 'profile_uid' => $a->profile['profile_uid']);
            $o .= status_editor($a, $x);
        }
    }
    /**
     * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
     */
    $sql_extra = item_permissions_sql($a->profile['profile_uid'], $remote_contact, $groups);
    if ($update && !$load) {
        if ($mid) {
            $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d AND item_restrict = 0\n\t\t\t\tAND (item_flags &  %d) AND (item_flags & %d) {$sql_extra} limit 1", dbesc($mid), intval($a->profile['profile_uid']), intval(ITEM_WALL), intval(ITEM_UNSEEN));
        } else {
            $r = q("SELECT distinct parent AS `item_id` from item\n\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\tWHERE uid = %d AND item_restrict = 0\n\t\t\t\tAND (item_flags &  %d) AND ( item_flags & %d ) \n\t\t\t\tAND ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n\t\t\t\t{$sql_extra}\n\t\t\t\tORDER BY created DESC", intval($a->profile['profile_uid']), intval(ITEM_WALL), intval(ITEM_UNSEEN), intval(ABOOK_FLAG_BLOCKED));
        }
    } else {
        if (x($category)) {
            $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
        }
        if ($datequery) {
            $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
        }
        if ($datequery2) {
            $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
        }
        $itemspage = get_pconfig(local_user(), 'system', 'itemspage');
        $a->set_pager_itemspage(intval($itemspage) ? $itemspage : 20);
        $pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
        if ($load || $_COOKIE['jsAvailable'] != 1) {
            if ($mid) {
                $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d AND item_restrict = 0\n\t\t\t\t\tAND (item_flags &  %d) {$sql_extra} limit 1", dbesc($mid), intval($a->profile['profile_uid']), intval(ITEM_WALL));
                if (!$r) {
                    notice(t('Permission denied.') . EOL);
                }
            } else {
                $r = q("SELECT distinct id AS item_id FROM item \n\t\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\t\tWHERE uid = %d AND item_restrict = 0\n\t\t\t\t\tAND (item_flags &  %d) and (item_flags & %d)\n\t\t\t\t\tAND ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra} {$sql_extra2}\n\t\t\t\t\tORDER BY created DESC {$pager_sql} ", intval($a->profile['profile_uid']), intval(ITEM_WALL), intval(ITEM_THREAD_TOP), intval(ABOOK_FLAG_BLOCKED));
            }
        } else {
            $r = array();
        }
    }
    if ($r) {
        $parents_str = ids_to_querystr($r, 'item_id');
        $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\tFROM `item`\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`item_restrict` = 0\n\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t{$sql_extra} ", intval($a->profile['profile_uid']), dbesc($parents_str));
        xchan_query($items);
        $items = fetch_post_tags($items, true);
        $items = conv_sort($items, 'created');
        if ($load && $mid && !count($items)) {
            // This will happen if we don't have sufficient permissions
            // to view the parent item (or the item itself if it is toplevel)
            notice(t('Permission denied.') . EOL);
        }
    } else {
        $items = array();
    }
    if (!$update && !$load) {
        // This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
        // because browser prefetching might change it on us. We have to deliver it with the page.
        $o .= '<div id="live-channel"></div>' . "\r\n";
        $o .= "<script> var profile_uid = " . $a->profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
        $a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'channel', '$uid' => $a->profile['profile_uid'] ? $a->profile['profile_uid'] : '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '0', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$nouveau' => '0', '$wall' => '1', '$fh' => '0', '$page' => $a->pager['page'] != 1 ? $a->pager['page'] : 1, '$search' => '', '$order' => '', '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$file' => '', '$cats' => $category ? $category : '', '$mid' => $mid, '$dend' => $datequery, '$dbegin' => $datequery2));
    }
    if ($is_owner) {
        $r = q("UPDATE item SET item_flags = (item_flags ^ %d)\n\t\t\tWHERE (item_flags & %d) AND (item_flags & %d) AND uid = %d ", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(ITEM_WALL), intval(local_user()));
    }
    if ($_COOKIE['jsAvailable'] == 1) {
        $o .= conversation($a, $items, 'channel', $update, 'client');
    } else {
        $o .= conversation($a, $items, 'channel', $update, 'traditional');
    }
    if (!$update || $_COOKIE['jsAvailable'] != 1) {
        $o .= alt_pager($a, count($items));
    }
    if ($mid) {
        $o .= '<div id="content-complete"></div>';
    }
    return $o;
}
예제 #7
0
function stream_perms_xchans($perms = NULL)
{
    $perms = is_null($perms) ? PERMS_SITE | PERMS_NETWORK | PERMS_PUBLIC : $perms;
    $ret = array();
    if (local_channel()) {
        $ret[] = get_observer_hash();
    }
    $x = q("select uid from pconfig where cat = 'perm_limits' and k = 'view_stream' and ( v & %d ) > 0 ", intval($perms));
    if ($x) {
        $ids = ids_to_querystr($x, 'uid');
        $r = q("select channel_hash from channel where channel_id in ( {$ids} ) and ( channel_pageflags & %d ) = 0 and channel_system = 0 and channel_removed = 0 ", intval(PAGE_ADULT | PAGE_CENSORED));
        if ($r) {
            foreach ($r as $rr) {
                if (!in_array($rr['channel_hash'], $ret)) {
                    $ret[] = $rr['channel_hash'];
                }
            }
        }
    }
    $str = '';
    if ($ret) {
        foreach ($ret as $rr) {
            if ($str) {
                $str .= ',';
            }
            $str .= "'" . dbesc($rr) . "'";
        }
    } else {
        $str = "''";
    }
    logger('stream_perms_xchans: ' . $str, LOGGER_DEBUG);
    return $str;
}
예제 #8
0
파일: home.php 프로젝트: redmatrix/red
function home_content(&$a, $update = 0, $load = false)
{
    $o = '';
    if ($load) {
        $_SESSION['loadtime'] = datetime_convert();
    }
    if (x($_SESSION, 'theme')) {
        unset($_SESSION['theme']);
    }
    if (x($_SESSION, 'mobile_theme')) {
        unset($_SESSION['mobile_theme']);
    }
    $splash = argc() > 1 && argv(1) === 'splash' ? true : false;
    if (get_config('system', 'projecthome')) {
        $o .= file_get_contents('assets/home.html');
        $a->page['template'] = 'full';
        $a->page['title'] = t('Red Matrix - &quot;The Network&quot;');
        return $o;
    }
    // Deprecated
    $channel_address = get_config("system", "site_channel");
    // See if the sys channel set a homepage
    if (!$channel_address) {
        require_once 'include/identity.php';
        $u = get_sys_channel();
        if ($u) {
            $u = array($u);
            // change to channel_id when below deprecated and skip the $u=...
            $channel_address = $u[0]['channel_address'];
        }
    }
    if ($channel_address) {
        $page_id = 'home';
        $u = q("select channel_id from channel where channel_address = '%s' limit 1", dbesc($channel_address));
        $r = q("select item.* from item left join item_id on item.id = item_id.iid\n\t\t\twhere item.uid = %d and sid = '%s' and service = 'WEBPAGE' and \n\t\t\titem_restrict = %d limit 1", intval($u[0]['channel_id']), dbesc($page_id), intval(ITEM_WEBPAGE));
        if ($r) {
            xchan_query($r);
            $r = fetch_post_tags($r, true);
            if ($r[0]['layout_mid']) {
                $l = q("select body from item where mid = '%s' and uid = %d limit 1", dbesc($r[0]['layout_mid']), intval($u[0]['channel_id']));
                if ($l) {
                    require_once 'include/comanche.php';
                    comanche_parser($a, $l[0]['body']);
                    $a->pdl = $l[0]['body'];
                }
            }
            $a->profile = array('profile_uid' => $u[0]['channel_id']);
            $a->profile_uid = $u[0]['channel_id'];
            $o .= prepare_page($r[0]);
            return $o;
        }
    }
    // Nope, we didn't find an item.  Let's see if there's any html
    if (file_exists('home.html')) {
        $o .= file_get_contents('home.html');
    } else {
        $sitename = get_config('system', 'sitename');
        if ($sitename) {
            $o .= '<h1>' . sprintf(t("Welcome to %s"), $sitename) . '</h1>';
        }
        if (intval(get_config('system', 'block_public')) && !local_channel() && !remote_channel()) {
            // If there's nothing special happening, just spit out a login box
            if (!$a->config['system']['no_login_on_homepage']) {
                $o .= login($a->config['system']['register_policy'] == REGISTER_CLOSED ? 0 : 1);
            }
            return $o;
        } else {
            if (get_config('system', 'disable_discover_tab')) {
                call_hooks('home_content', $o);
                return $o;
            }
            if (!$update) {
                $maxheight = get_config('system', 'home_divmore_height');
                if (!$maxheight) {
                    $maxheight = 75;
                }
                $o .= '<div id="live-home"></div>' . "\r\n";
                $o .= "<script> var profile_uid = " . (intval(local_channel()) ? local_channel() : -1) . "; var profile_page = " . $a->pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
                $a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'home', '$uid' => local_channel() ? local_channel() : '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '99', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$fh' => '1', '$nouveau' => '0', '$wall' => '0', '$list' => '0', '$page' => $a->pager['page'] != 1 ? $a->pager['page'] : 1, '$search' => '', '$order' => 'comment', '$file' => '', '$cats' => '', '$tags' => '', '$dend' => '', '$mid' => '', '$verb' => '', '$dbegin' => ''));
            }
            if ($update && !$load) {
                // only setup pagination on initial page view
                $pager_sql = '';
            } else {
                $a->set_pager_itemspage(20);
                $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($a->pager['itemspage']), intval($a->pager['start']));
            }
            require_once 'include/identity.php';
            if (get_config('system', 'site_firehose')) {
                require_once 'include/security.php';
                $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0  and (item_flags & " . intval(ITEM_WALL) . " ) > 0 ";
            } else {
                $sys = get_sys_channel();
                $uids = " and item.uid  = " . intval($sys['channel_id']) . " ";
                $a->data['firehose'] = intval($sys['channel_id']);
            }
            $page_mode = 'list';
            $simple_update = $update ? " and item.item_unseen = 1 " : '';
            if ($update && $_SESSION['loadtime']) {
                $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' )  OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) ";
            }
            if ($load) {
                $simple_update = '';
            }
            //logger('update: ' . $update . ' load: ' . $load);
            if ($update) {
                $ordering = "commented";
                if ($load) {
                    // Fetch a page full of parent items for this page
                    $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\t\t\tWHERE true {$uids} AND item.item_restrict = 0\n\t\t\t\t\t\tAND item.parent = item.id\n\t\t\t\t\t\tand ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n\t\t\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\t\t\t\tORDER BY {$ordering} DESC {$pager_sql} ", intval(ABOOK_FLAG_BLOCKED));
                } elseif ($update) {
                    $r = q("SELECT distinct item.id AS item_id, {$ordering} FROM item\n\t\t\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\t\t\tWHERE true {$uids} AND item.item_restrict = 0\n\t\t\t\t\t\tAND item.parent = item.id {$simple_update}\n\t\t\t\t\t\tand ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n\t\t\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}", intval(ABOOK_FLAG_BLOCKED));
                    $_SESSION['loadtime'] = datetime_convert();
                }
                // Then fetch all the children of the parents that are on this page
                $parents_str = '';
                $update_unseen = '';
                if ($r) {
                    $parents_str = ids_to_querystr($r, 'item_id');
                    $items = q("SELECT item.*, item.id AS item_id FROM item\n\t\t\t\t\t\tWHERE true {$uids} AND item.item_restrict = 0\n\t\t\t\t\t\tAND item.parent IN ( %s )\n\t\t\t\t\t\t{$sql_extra} ", dbesc($parents_str));
                    xchan_query($items, true, -1);
                    $items = fetch_post_tags($items, true);
                    $items = conv_sort($items, $ordering);
                } else {
                    $items = array();
                }
            }
            // fake it
            $mode = 'network';
            $o .= conversation($a, $items, $mode, $update, $page_mode);
            if ($items && !$update) {
                $o .= alt_pager($a, count($items));
            }
            return $o;
        }
        call_hooks('home_content', $o);
        return $o;
    }
    return $o;
}
예제 #9
0
파일: network.php 프로젝트: Mauru/red
function network_content(&$a, $update = 0, $load = false)
{
    if (!local_user()) {
        $_SESSION['return_url'] = $a->query_string;
        return login(false);
    }
    $arr = array('query' => $a->query_string);
    call_hooks('network_content_init', $arr);
    $channel = $a->get_channel();
    $search = $_GET['search'] ? $_GET['search'] : '';
    if ($search) {
        if (strpos($search, '@') === 0) {
            $r = q("select abook_id from abook left join xchan on abook_xchan = xchan_hash where xchan_name = '%s' and abook_channel = %d limit 1", dbesc(substr($search, 1)), intval(local_user()));
            if ($r) {
                $_GET['cid'] = $r[0]['abook_id'];
                $search = $_GET['search'] = '';
            }
        } elseif (strpos($search, '#') === 0) {
            $search = $_GET['search'] = substr($search, 1);
        }
    }
    $datequery = $datequery2 = '';
    $group = 0;
    $nouveau = false;
    $datequery = x($_GET, 'dend') && is_a_date_arg($_GET['dend']) ? notags($_GET['dend']) : '';
    $datequery2 = x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin']) ? notags($_GET['dbegin']) : '';
    $nouveau = x($_GET, 'new') ? intval($_GET['new']) : 0;
    $gid = x($_GET, 'gid') ? intval($_GET['gid']) : 0;
    if ($datequery) {
        $_GET['order'] = 'post';
    }
    if ($gid) {
        $r = q("SELECT * FROM `groups` WHERE id = %d AND uid = %d LIMIT 1", intval($gid), intval(local_user()));
        if (!$r) {
            if ($update) {
                killme();
            }
            notice(t('No such group') . EOL);
            goaway($a->get_baseurl(true) . '/network');
            // NOTREACHED
        }
        $group = $gid;
        $group_hash = $r[0]['hash'];
        $def_acl = array('allow_gid' => '<' . $r[0]['hash'] . '>');
    }
    $o = '';
    // if no tabs are selected, defaults to comments
    $cid = x($_GET, 'cid') ? intval($_GET['cid']) : 0;
    $star = x($_GET, 'star') ? intval($_GET['star']) : 0;
    $order = x($_GET, 'order') ? notags($_GET['order']) : 'comment';
    $liked = x($_GET, 'liked') ? intval($_GET['liked']) : 0;
    $conv = x($_GET, 'conv') ? intval($_GET['conv']) : 0;
    $spam = x($_GET, 'spam') ? intval($_GET['spam']) : 0;
    $cmin = x($_GET, 'cmin') ? intval($_GET['cmin']) : 0;
    $cmax = x($_GET, 'cmax') ? intval($_GET['cmax']) : 99;
    $firehose = x($_GET, 'fh') ? intval($_GET['fh']) : 0;
    $file = x($_GET, 'file') ? $_GET['file'] : '';
    if (x($_GET, 'search') || x($_GET, 'file')) {
        $nouveau = true;
    }
    if ($cid) {
        $def_acl = array('allow_cid' => '<' . intval($cid) . '>');
    }
    if (!$update) {
        $o .= network_tabs();
        // search terms header
        if ($search) {
            $o .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT, 'UTF-8') . '</h2>';
        }
        nav_set_selected('network');
        $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
        $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($group || $cid ? $def_acl : $channel_acl), 'bang' => $group || $cid ? '!' : '', 'visitor' => true, 'profile_uid' => local_user());
        $o .= status_editor($a, $x);
    }
    // We don't have to deal with ACL's on this page. You're looking at everything
    // that belongs to you, hence you can see all of it. We will filter by group if
    // desired.
    $sql_options = $star ? " and (item_flags & " . intval(ITEM_STARRED) . ")" : '';
    $sql_nets = '';
    $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") {$sql_options} ) ";
    if ($group) {
        $contact_str = '';
        $contacts = group_get_members($group);
        if ($contacts) {
            foreach ($contacts as $c) {
                if ($contact_str) {
                    $contact_str .= ',';
                }
                $contact_str .= "'" . $c['xchan'] . "'";
            }
        } else {
            $contact_str = ' 0 ';
            info(t('Collection is empty'));
        }
        $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND (( author_xchan IN ( {$contact_str} ) OR owner_xchan in ( {$contact_str} )) or allow_gid like '" . protect_sprintf('%<' . dbesc($group_hash) . '>%') . "' ) and id = parent and item_restrict = 0 ) ";
        $x = group_rec_byhash(local_user(), $group_hash);
        if ($x) {
            $o = '<h2>' . t('Collection: ') . $x['name'] . '</h2>' . $o;
        }
    } elseif ($cid) {
        $r = q("SELECT abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ") limit 1", intval($cid), intval(local_user()));
        if ($r) {
            $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true {$sql_options} AND uid = " . intval(local_user()) . " AND ( author_xchan = '" . dbesc($r[0]['abook_xchan']) . "' or owner_xchan = '" . dbesc($r[0]['abook_xchan']) . "' ) and item_restrict = 0 ) ";
            $o = '<h2>' . t('Connection: ') . $r[0]['xchan_name'] . '</h2>' . $o;
        } else {
            notice(t('Invalid connection.') . EOL);
            goaway($a->get_baseurl(true) . '/network');
        }
    }
    if (!$update) {
        // The special div is needed for liveUpdate to kick in for this page.
        // We only launch liveUpdate if you aren't filtering in some incompatible
        // way and also you aren't writing a comment (discovered in javascript).
        if ($gid || $cid || $cmin || $cmax != 99 || $star || $liked || $conv || $spam || $nouveau || $list) {
            $firehose = 0;
        }
        $o .= '<div id="live-network"></div>' . "\r\n";
        $o .= "<script> var profile_uid = " . $_SESSION['uid'] . "; var profile_page = " . $a->pager['page'] . ";</script>";
        $a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'network', '$uid' => local_user() ? local_user() : '0', '$gid' => $gid ? $gid : '0', '$cid' => $cid ? $cid : '0', '$cmin' => $cmin ? $cmin : '0', '$cmax' => $cmax ? $cmax : '0', '$star' => $star ? $star : '0', '$liked' => $liked ? $liked : '0', '$conv' => $conv ? $conv : '0', '$spam' => $spam ? $spam : '0', '$fh' => $firehose ? $firehose : '0', '$nouveau' => $nouveau ? $nouveau : '0', '$wall' => '0', '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$page' => $a->pager['page'] != 1 ? $a->pager['page'] : 1, '$search' => $search ? $search : '', '$order' => $order, '$file' => $file, '$cats' => '', '$dend' => $datequery, '$mid' => '', '$dbegin' => $datequery2));
    }
    $sql_extra3 = '';
    if ($datequery) {
        $sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
    }
    if ($datequery2) {
        $sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
    }
    $sql_extra2 = $nouveau ? '' : " AND `item`.`parent` = `item`.`id` ";
    $sql_extra3 = $nouveau ? '' : $sql_extra3;
    if (x($_GET, 'search')) {
        $search = escape_tags($_GET['search']);
        if (strpos($search, '#') === 0) {
            $sql_extra .= term_query('item', substr($search, 1), TERM_HASHTAG);
        } else {
            $sql_extra .= sprintf(" AND `item`.`body` like '%s' ", dbesc(protect_sprintf('%' . $search . '%')));
        }
    }
    if (strlen($file)) {
        $sql_extra .= term_query('item', $file, TERM_FILE);
    }
    if ($conv) {
        $sql_extra .= sprintf(" AND parent IN (SELECT distinct(parent) from item where ( author_xchan like '%s' or ( item_flags & %d ))) ", dbesc(protect_sprintf($channel['channel_hash'])), intval(ITEM_MENTIONSME));
    }
    if ($update && !$load) {
        // only setup pagination on initial page view
        $pager_sql = '';
    } else {
        $itemspage = get_pconfig(local_user(), 'system', 'itemspage');
        $a->set_pager_itemspage(intval($itemspage) ? $itemspage : 20);
        $pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
    }
    if ($cmin != 0 || $cmax != 99) {
        // Not everybody who shows up in the network stream will be in your address book.
        // By default those that aren't are assumed to have closeness = 99; but this isn't
        // recorded anywhere. So if cmax is 99, we'll open the search up to anybody in
        // the stream with a NULL address book entry.
        $sql_nets .= " AND ";
        if ($cmax == 99) {
            $sql_nets .= " ( ";
        }
        $sql_nets .= "( abook.abook_closeness >= " . intval($cmin) . " ";
        $sql_nets .= " AND abook.abook_closeness <= " . intval($cmax) . " ) ";
        if ($cmax == 99) {
            $sql_nets .= " OR abook.abook_closeness IS NULL ) ";
        }
    }
    if ($firehose && !get_config('system', 'disable_discover_tab')) {
        require_once 'include/identity.php';
        $sys = get_sys_channel();
        $uids = " and item.uid  = " . intval($sys['channel_id']) . " ";
        $a->data['firehose'] = intval($sys['channel_id']);
    } else {
        $uids = " and item.uid = " . local_user() . " ";
    }
    $simple_update = $update ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : '';
    // This fixes a very subtle bug so I'd better explain it. You wake up in the morning or return after a day
    // or three and look at your matrix page - after opening up your browser. The first page loads just as it
    // should. All of a sudden a few seconds later, page 2 will get inserted at the beginning of the page
    // (before the page 1 content). The update code is actually doing just what it's supposed
    // to, it's fetching posts that have the ITEM_UNSEEN bit set. But the reason that page 2 content is being
    // returned in an UPDATE is because you hadn't gotten that far yet - you're still on page 1 and everything
    // that we loaded for page 1 is now marked as seen. But the stuff on page 2 hasn't been. So... it's being
    // treated as "new fresh" content because it is unseen. We need to distinguish it somehow from content
    // which "arrived as you were reading page 1". We're going to do this
    // by storing in your session the current UTC time whenever you LOAD a network page, and only UPDATE items
    // which are both ITEM_UNSEEN and have "changed" since that time. Cross fingers...
    if ($update && $_SESSION['loadtime']) {
        $simple_update .= " and item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ";
    }
    if ($load) {
        $simple_update = '';
    }
    if ($nouveau && $load) {
        // "New Item View" - show all items unthreaded in reverse created date order
        $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item` \n\t\t\tWHERE true {$uids} AND item_restrict = 0 \n\t\t\t{$simple_update}\n\t\t\t{$sql_extra} {$sql_nets}\n\t\t\tORDER BY `item`.`received` DESC {$pager_sql} ");
        require_once 'include/items.php';
        xchan_query($items);
        $items = fetch_post_tags($items, true);
    } elseif ($update) {
        // Normal conversation view
        if ($order === 'post') {
            $ordering = "`created`";
        } else {
            $ordering = "`commented`";
        }
        if ($load) {
            $_SESSION['loadtime'] = datetime_convert();
            // Fetch a page full of parent items for this page
            $r = q("SELECT distinct item.id AS item_id FROM item \n\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\tWHERE true {$uids} AND item.item_restrict = 0\n\t\t\t\tAND item.parent = item.id\n\t\t\t\tand ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY item.{$ordering} DESC {$pager_sql} ", intval(ABOOK_FLAG_BLOCKED));
        } else {
            if (!$firehose) {
                // update
                $r = q("SELECT item.parent AS item_id FROM item\n\t\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\t\tWHERE true {$uids} AND item.item_restrict = 0 {$simple_update}\n\t\t\t\t\tand ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets} ", intval(ABOOK_FLAG_BLOCKED));
            }
        }
        // Then fetch all the children of the parents that are on this page
        $parents_str = '';
        $update_unseen = '';
        if ($r) {
            $parents_str = ids_to_querystr($r, 'item_id');
            $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item` \n\t\t\t\tWHERE true {$uids} AND `item`.`item_restrict` = 0\n\t\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t\t{$sql_extra} ", dbesc($parents_str));
            xchan_query($items);
            $items = fetch_post_tags($items, true);
            $items = conv_sort($items, $ordering);
        } else {
            $items = array();
        }
        if ($parents_str) {
            $update_unseen = ' AND parent IN ( ' . dbesc($parents_str) . ' )';
        }
    }
    if ($update_unseen && !$firehose) {
        $r = q("UPDATE `item` SET item_flags = ( item_flags ^ %d)\n\t\t\tWHERE (item_flags & %d) AND `uid` = %d {$update_unseen} ", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(local_user()));
    }
    $mode = $nouveau ? 'network-new' : 'network';
    $o .= conversation($a, $items, $mode, $update, 'client');
    if ($items && !$update) {
        $o .= alt_pager($a, count($items));
    }
    return $o;
}
예제 #10
0
파일: display.php 프로젝트: Mauru/red
function display_content(&$a, $update = 0, $load = false)
{
    //	logger("mod-display: update = $update load = $load");
    if (intval(get_config('system', 'block_public')) && !local_user() && !remote_user()) {
        notice(t('Public access denied.') . EOL);
        return;
    }
    require_once "include/bbcode.php";
    require_once 'include/security.php';
    require_once 'include/conversation.php';
    require_once 'include/acl_selectors.php';
    require_once 'include/items.php';
    $a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array());
    if (argc() > 1 && argv(1) !== 'load') {
        $item_hash = argv(1);
    }
    if ($_REQUEST['mid']) {
        $item_hash = $_REQUEST['mid'];
    }
    if (!$item_hash) {
        $a->error = 404;
        notice(t('Item not found.') . EOL);
        return;
    }
    $observer_is_owner = false;
    if (local_user() && !$update) {
        $channel = $a->get_channel();
        $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']);
        $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $group || $cid || $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($channel_acl), 'bang' => '', 'visitor' => true, 'profile_uid' => local_user(), 'return_path' => 'channel/' . $channel['channel_address']);
        $o .= status_editor($a, $x);
    }
    // This page can be viewed by anybody so the query could be complicated
    // First we'll see if there is a copy of the item which is owned by us - if we're logged in locally.
    // If that fails (or we aren't logged in locally),
    // query an item in which the observer (if logged in remotely) has cid or gid rights
    // and if that fails, look for a copy of the post that has no privacy restrictions.
    // If we find the post, but we don't find a copy that we're allowed to look at, this fact needs to be reported.
    // find a copy of the item somewhere
    $target_item = null;
    $r = q("select id, uid, mid, parent_mid, item_restrict from item where mid like '%s' limit 1", dbesc($item_hash . '%'));
    if ($r) {
        $target_item = $r[0];
    }
    if ($target_item['item_restrict'] & ITEM_WEBPAGE) {
        $x = q("select * from channel where channel_id = %d limit 1", intval($target_item['uid']));
        $y = q("select * from item_id where uid = %d and service = 'WEBPAGE' and iid = %d limit 1", intval($target_item['uid']), intval($target_item['id']));
        if ($x && $y) {
            goaway(z_root() . '/page/' . $x[0]['channel_address'] . '/' . $y[0]['sid']);
        } else {
            notice(t('Page not found.') . EOL);
            return '';
        }
    }
    if (!$update && !$load) {
        $o .= '<div id="live-display"></div>' . "\r\n";
        $o .= "<script> var profile_uid = " . (intval(local_user()) ? local_user() : -1) . "; var netargs = '?f='; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
        $a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'display', '$uid' => '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '99', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$fh' => '0', '$nouveau' => '0', '$wall' => '0', '$page' => $a->pager['page'] != 1 ? $a->pager['page'] : 1, '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$search' => '', '$order' => '', '$file' => '', '$cats' => '', '$dend' => '', '$dbegin' => '', '$mid' => $item_hash));
    }
    $observer_hash = get_observer_hash();
    $sql_extra = public_permissions_sql($observer_hash);
    if ($update && $load || $_COOKIE['jsAvailable'] != 1) {
        $updateable = false;
        $pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
        if ($load || $_COOKIE['jsAvailable'] != 1) {
            $r = null;
            require_once 'include/identity.php';
            $sys = get_sys_channel();
            if (local_user()) {
                $r = q("SELECT * from item\n\t\t\t\t\tWHERE item_restrict = 0\n\t\t\t\t\tand uid = %d\n\t\t\t\t\tand mid = '%s'\n\t\t\t\t\tlimit 1", intval(local_user()), dbesc($target_item['parent_mid']));
                if ($r) {
                    $updateable = true;
                }
            }
            if ($r === null) {
                // in case somebody turned off public access to sys channel content using permissions
                // make that content unsearchable by ensuring the owner_xchan can't match
                if (!perm_is_allowed($sys['channel_id'], $observer_hash, 'view_stream')) {
                    $sys['xchan_hash'] .= 'disabled';
                }
                $r = q("SELECT * from item\n\t\t\t\t\tWHERE item_restrict = 0\n\t\t\t\t\tand mid = '%s'\n\t\t\t\t\tAND (((( `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' \n\t\t\t\t\tAND `item`.`deny_gid`  = '' AND item_private = 0 ) \n\t\t\t\t\tand owner_xchan in ( " . stream_perms_xchans($observer_hash ? PERMS_NETWORK | PERMS_PUBLIC : PERMS_PUBLIC) . " ))\n\t\t\t\t\tOR owner_xchan = '%s')\n\t\t\t\t\t{$sql_extra} )\n\t\t\t\t\tgroup by mid limit 1", dbesc($target_item['parent_mid']), dbesc($sys['xchan_hash']));
            }
        } else {
            $r = array();
        }
    }
    if ($r) {
        $parents_str = ids_to_querystr($r, 'id');
        if ($parents_str) {
            $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\t\tFROM `item`\n\t\t\t\tWHERE item_restrict = 0 and parent in ( %s ) ", dbesc($parents_str));
            xchan_query($items);
            $items = fetch_post_tags($items, true);
            $items = conv_sort($items, 'created');
        }
    } else {
        $items = array();
    }
    if ($_COOKIE['jsAvailable'] == 1) {
        $o .= conversation($a, $items, 'display', $update, 'client');
    } else {
        $o .= conversation($a, $items, 'display', $update, 'traditional');
    }
    if ($updateable) {
        $x = q("UPDATE item SET item_flags = ( item_flags ^ %d )\n\t\t\tWHERE (item_flags & %d) AND uid = %d and parent = %d ", intval(ITEM_UNSEEN), intval(ITEM_UNSEEN), intval(local_user()), intval($r[0]['parent']));
    }
    $o .= '<div id="content-complete"></div>';
    return $o;
    /*
    	elseif((! $update) && (!  {
    		
    		$r = q("SELECT `id`, item_flags FROM `item` WHERE `id` = '%s' OR `mid` = '%s' LIMIT 1",
    			dbesc($item_hash),
    			dbesc($item_hash)
    		);
    		if($r) {
    			if($r[0]['item_flags'] & ITEM_DELETED) {
    				notice( t('Item has been removed.') . EOL );
    			}
    			else {	
    				notice( t('Permission denied.') . EOL ); 
    			}
    		}
    		else {
    			notice( t('Item not found.') . EOL );
    		}
    
    	}
    */
    return $o;
}