/** * Delete comment menu * * @return voud; * @access private */ function ossn_comment_menu($name, $type, $params) { ossn_unregister_menu('delete', 'comments'); $OssnComment = new OssnComments(); if (is_object($params)) { $params = get_object_vars($params); } $comment = $OssnComment->getComment($params['id']); if ($comment->type == 'comments:post') { if (com_is_active('OssnWall')) { $ossnwall = new OssnWall(); $post = $ossnwall->GetPost($comment->subject_guid); //check if type is group if ($post->type == 'group') { $group = ossn_get_group_by_guid($post->owner_guid); } //group admins must be able to delete ANY comment in their own group #170 //just show menu if group owner is loggedin if (ossn_loggedin_user()->guid == $post->owner_guid || ossn_loggedin_user()->guid == $group->owner_guid) { ossn_register_menu_link('delete', ossn_print('comment:delete'), array('href' => ossn_site_url("action/delete/comment?comment={$params['id']}", true), 'class' => 'ossn-delete-comment'), 'comments'); } } } $user = ossn_loggedin_user(); if (ossn_isLoggedin()) { if ($comment->type == 'comments:entity') { $entity = ossn_get_entity($comment->subject_guid); } if ($user->guid == $params['owner_guid'] || ossn_isAdminLoggedin() || $comment->type == 'comments:entity' && ($entity->type = 'user' && $user->guid == $entity->owner_guid)) { ossn_register_menu_link('delete', ossn_print('comment:delete'), array('href' => ossn_site_url("action/delete/comment?comment={$params['id']}", true), 'class' => 'ossn-delete-comment'), 'comments'); } } }
/** * Delete comment menu * * @return voud; * @access private */ function ossn_comment_menu($name, $type, $params) { ossn_unregister_menu('delete', 'comments'); $OssnComment = new OssnComments(); if (is_object($params)) { $params = get_object_vars($params); } $comment = $OssnComment->getComment($params['id']); if ($comment->type == 'comments:post') { if (com_is_active('OssnWall')) { $ossnwall = new OssnWall(); $post = $ossnwall->GetPost($comment->subject_guid); if (ossn_loggedin_user()->guid == $post->owner_guid) { ossn_register_menu_link('delete', ossn_print('comment:delete'), array('href' => ossn_site_url("action/delete/comment?comment={$params['id']}"), 'class' => 'ossn-delete-comment'), 'comments'); } } } $user = ossn_loggedin_user(); if (ossn_isLoggedin()) { if ($user->guid == $params['owner_guid'] || ossn_isAdminLoggedin()) { ossn_register_menu_link('delete', ossn_print('comment:delete'), array('href' => ossn_site_url("action/delete/comment?comment={$params['id']}"), 'class' => 'ossn-delete-comment'), 'comments'); } } }
//walltype is user $OssnWall->name = 'user'; //getting some inputs that are required for wall post $post = input('post'); $friends = input('friends'); $location = input('location'); $privacy = input('privacy'); //validate wall privacy $privacy = ossn_access_id_str($privacy); if (!empty($privacy)) { $access = input('privacy'); } else { $access = OSSN_FRIENDS; } if ($OssnWall->Post($post, $friends, $location, $access)) { if (ossn_is_xhr()) { $guid = $OssnWall->getObjectId(); $get = $OssnWall->GetPost($guid); if ($get) { $get = ossn_wallpost_to_item($get); ossn_set_ajax_data(array('post' => ossn_wall_view_template($get))); } } //no need to show message on success. //3.x why not? $arsalanshah ossn_trigger_message(ossn_print('post:created')); redirect(REF); } else { ossn_trigger_message(ossn_print('post:create:error'), 'error'); redirect(REF); }
/** * OssnWall post page handlers * * @param array $pages List of pages * * @return false|mixed data * @access private */ function ossn_post_page($pages) { $page = $pages[0]; if (empty($page)) { return false; } switch ($page) { case 'view': $title = ossn_print('post:view'); $wall = new OssnWall(); $post = $pages[1]; $post = $wall->GetPost($post); if (empty($post->guid) || empty($pages[1])) { ossn_error_page(); } $params['post'] = $post; $contents = array('content' => ossn_plugin_view('wall/pages/view', $params)); $content = ossn_set_page_layout('newsfeed', $contents); echo ossn_view_page($title, $content); break; case 'photo': if (isset($pages[1]) && isset($pages[2])) { $image = ossn_get_userdata("object/{$pages[1]}/ossnwall/images/{$pages[2]}"); header('Content-Type: image/jpeg'); echo file_get_contents($image); } break; case 'privacy': if (ossn_is_xhr()) { $params = array('title' => ossn_print('privacy'), 'contents' => ossn_plugin_view('wall/privacy'), 'callback' => '#ossn-wall-privacy'); echo ossn_plugin_view('output/ossnbox', $params); } break; case 'refresh_home': echo ossn_plugin_view('wall/siteactivity'); break; default: ossn_error_page(); break; } }
<?php /** * Open Source Social Network * * @package (Informatikon.com).ossn * @author OSSN Core Team <*****@*****.**> * @copyright 2014 iNFORMATIKON TECHNOLOGIES * @license General Public Licence http://www.opensource-socialnetwork.org/licence * @link http://www.opensource-socialnetwork.org/licence */ $ossnwall = new OssnWall(); $id = input('post'); $post = $ossnwall->GetPost($id); if ($post->type == 'user' && !ossn_isAdminLoggedin()) { if ($post->poster_guid !== ossn_loggedin_user()->guid && $post->owner_guid !== ossn_loggedin_user()->guid) { if (!ossn_is_xhr()) { ossn_trigger_message(ossn_print('post:delete:fail'), 'error'); redirect(REF); } else { echo 0; exit; } } } if ($post->type == 'group' && !ossn_isAdminLoggedin()) { $group = new OssnGroup(); $group = $group->getGroup($post->owner_guid); //lastchange group admins are unable to delete member posting on group wall #171 // change or operator to and if ($post->poster_guid !== ossn_loggedin_user()->guid && ossn_loggedin_user()->guid !== $group->owner_guid) {
/** * OssnWall post page handlers * * @param array $pages List of pages * * @return false|mixed data * @access private */ function ossn_post_page($pages) { $page = $pages[0]; if (empty($page)) { return false; } switch ($page) { case 'view': $title = ossn_print('post:view'); $wall = new OssnWall(); $post = $pages[1]; $post = $wall->GetPost($post); if (empty($post->guid) || empty($pages[1])) { ossn_error_page(); } $params['post'] = $post; $contents = array('content' => ossn_plugin_view('wall/pages/view', $params)); $content = ossn_set_page_layout('newsfeed', $contents); echo ossn_view_page($title, $content); break; case 'photo': if (isset($pages[1]) && isset($pages[2])) { $name = str_replace(array('.jpg', '.jpeg', 'gif'), '', $pages[2]); $etag = $pages[1] . $name; if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == "\"{$etag}\"") { header("HTTP/1.1 304 Not Modified"); exit; } $image = ossn_get_userdata("object/{$pages[1]}/ossnwall/images/{$pages[2]}"); //get image file else show error page if (is_file($image)) { //Image cache on wall post #529 $filesize = filesize($image); header("Content-type: image/jpeg"); header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', strtotime("+6 months")), true); header("Pragma: public"); header("Cache-Control: public"); header("Content-Length: {$filesize}"); header("ETag: \"{$etag}\""); readfile($image); return; } else { ossn_error_page(); } } break; case 'privacy': if (ossn_is_xhr()) { $params = array('title' => ossn_print('privacy'), 'contents' => ossn_plugin_view('wall/privacy'), 'callback' => '#ossn-wall-privacy'); echo ossn_plugin_view('output/ossnbox', $params); } break; case 'refresh_home': echo ossn_plugin_view('wall/siteactivity'); break; default: ossn_error_page(); break; } }
/** * Delete comment menu * * @return voud; * @access private */ function ossn_comment_menu($name, $type, $params) { //unset previous comment menu item //Post owner can not delete others comments #607 //Pull request #601 , refactoring ossn_unregister_menu('delete', 'comments'); $user = ossn_loggedin_user(); $OssnComment = new OssnComments(); if (is_object($params)) { $params = get_object_vars($params); } $comment = $OssnComment->getComment($params['id']); if ($comment->type == 'comments:post') { if (com_is_active('OssnWall')) { $ossnwall = new OssnWall(); $post = $ossnwall->GetPost($comment->subject_guid); //check if type is group if ($post->type == 'group') { $group = ossn_get_group_by_guid($post->owner_guid); } //group admins must be able to delete ANY comment in their own group #170 //just show menu if group owner is loggedin if (ossn_loggedin_user()->guid == $post->owner_guid || $user->guid == $comment->owner_guid || ossn_loggedin_user()->guid == $group->owner_guid) { ossn_unregister_menu('delete', 'comments'); ossn_register_menu_item('comments', array('name' => 'delete', 'href' => ossn_site_url("action/delete/comment?comment={$params['id']}", true), 'class' => 'ossn-delete-comment', 'text' => ossn_print('comment:delete'))); } } } //this section is for entity comment only if (ossn_isLoggedin() && $comment->type == 'comments:entity') { $entity = ossn_get_entity($comment->subject_guid); if ($user->guid == $params['owner_guid'] || ossn_isAdminLoggedin() || $comment->type == 'comments:entity' && ($entity->type = 'user' && $user->guid == $entity->owner_guid)) { ossn_unregister_menu('delete', 'comments'); ossn_register_menu_item('comments', array('name' => 'delete', 'href' => ossn_site_url("action/delete/comment?comment={$params['id']}", true), 'class' => 'ossn-delete-comment', 'text' => ossn_print('comment:delete'))); } } }