function post()
{
// logger('file upload: ' . print_r($_REQUEST,true));
$channel = $_REQUEST['channick'] ? get_channel_by_nick($_REQUEST['channick']) : null;
if (!$channel) {
logger('channel not found');
killme();
}
$_REQUEST['source'] = 'file_upload';
if ($channel['channel_id'] != local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
if ($_REQUEST['filename']) {
$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
$r = attach_mkdir($channel, get_observer_hash(), $_REQUEST);
} else {
$r = attach_store($channel, get_observer_hash(), '', $_REQUEST);
}
goaway(z_root() . '/' . $_REQUEST['return_url']);
}
function notifier_run($argv, $argc)
{
global $a, $db;
if (is_null($a)) {
$a = new App();
}
if (is_null($db)) {
@(include ".htconfig.php");
require_once "dba.php";
$db = new dba($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
}
require_once "session.php";
require_once "datetime.php";
require_once 'include/items.php';
require_once 'include/bbcode.php';
load_config('config');
load_config('system');
load_hooks();
if ($argc < 3) {
return;
}
$a->set_baseurl(get_config('system', 'url'));
logger('notifier: invoked: ' . print_r($argv, true));
$cmd = $argv[1];
switch ($cmd) {
case 'mail':
default:
$item_id = intval($argv[2]);
if (!$item_id) {
return;
}
break;
}
$expire = false;
$mail = false;
$fsuggest = false;
$top_level = false;
$recipients = array();
$url_recipients = array();
$normal_mode = true;
if ($cmd === 'mail') {
$normal_mode = false;
$mail = true;
$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($message)) {
return;
}
$uid = $message[0]['uid'];
$recipients[] = $message[0]['contact-id'];
$item = $message[0];
} elseif ($cmd === 'expire') {
$normal_mode = false;
$expire = true;
$items = q("SELECT * FROM `item` WHERE `uid` = %d AND `wall` = 1 \n\t\t\tAND `deleted` = 1 AND `changed` > UTC_TIMESTAMP() - INTERVAL 10 MINUTE", intval($item_id));
$uid = $item_id;
$item_id = 0;
if (!count($items)) {
return;
}
} elseif ($cmd === 'suggest') {
$normal_mode = false;
$fsuggest = true;
$suggest = q("SELECT * FROM `fsuggest` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($suggest)) {
return;
}
$uid = $suggest[0]['uid'];
$recipients[] = $suggest[0]['cid'];
$item = $suggest[0];
} else {
// find ancestors
$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($r) || !intval($r[0]['parent'])) {
return;
}
$target_item = $r[0];
$parent_id = intval($r[0]['parent']);
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
if (!$parent_id) {
return;
}
$items = q("SELECT `item`.*, `sign`.`signed_text`,`sign`.`signature`,`sign`.`signer` \n\t\t\tFROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d ORDER BY `id` ASC", intval($parent_id));
if (!count($items)) {
return;
}
// avoid race condition with deleting entries
if ($items[0]['deleted']) {
foreach ($items as $item) {
$item['deleted'] = 1;
}
}
if (count($items) == 1 && $items[0]['id'] === $target_item['id'] && $items[0]['uri'] === $items[0]['parent-uri']) {
logger('notifier: top level post');
$top_level = true;
}
}
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`, \n\t\t`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`, \n\t\t`user`.`page-flags`, `user`.`prvnets`\n\t\tFROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` \n\t\tWHERE `contact`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1", intval($uid));
if (!count($r)) {
return;
}
$owner = $r[0];
$walltowall = $top_level && $owner['id'] != $items[0]['contact-id'] ? true : false;
$hub = get_config('system', 'huburl');
// If this is a public conversation, notify the feed hub
$public_message = true;
// fill this in with a single salmon slap if applicable
$slap = '';
if (!($mail || $fsuggest)) {
require_once 'include/group.php';
$parent = $items[0];
// This is IMPORTANT!!!!
// We will only send a "notify owner to relay" or followup message if the referenced post
// originated on our system by virtue of having our hostname somewhere
// in the URI, AND it was a comment (not top_level) AND the parent originated elsewhere.
// if $parent['wall'] == 1 we will already have the parent message in our array
// and we will relay the whole lot.
// expire sends an entire group of expire messages and cannot be forwarded.
// However the conversation owner will be a part of the conversation and will
// be notified during this run.
// Other DFRN conversation members will be alerted during polled updates.
// Diaspora members currently are not notified of expirations, and other networks have
// either limited or no ability to process deletions. We should at least fix Diaspora
// by stringing togther an array of retractions and sending them onward.
$localhost = $a->get_hostname();
if (strpos($localhost, ':')) {
$localhost = substr($localhost, 0, strpos($localhost, ':'));
}
/**
*
* Be VERY CAREFUL if you make any changes to the following several lines. Seemingly innocuous changes
* have been known to cause runaway conditions which affected several servers, along with
* permissions issues.
*
*/
$relay_to_owner = false;
if (!$top_level && $parent['wall'] == 0 && !$expire && stristr($target_item['uri'], $localhost)) {
$relay_to_owner = true;
}
if ($cmd === 'uplink' && intval($parent['forum_mode']) && !$top_level) {
$relay_to_owner = true;
}
// until the 'origin' flag has been in use for several months
// we will just use it as a fallback test
// later we will be able to use it as the primary test of whether or not to relay.
if (!$target_item['origin']) {
$relay_to_owner = false;
}
if ($parent['origin']) {
$relay_to_owner = false;
}
if ($relay_to_owner) {
logger('notifier: followup', LOGGER_DEBUG);
// local followup to remote post
$followup = true;
$public_message = false;
// not public
$conversant_str = dbesc($parent['contact-id']);
} else {
$followup = false;
// don't send deletions onward for other people's stuff
if ($target_item['deleted'] && !intval($target_item['wall'])) {
logger('notifier: ignoring delete notification for non-wall item');
return;
}
if (strlen($parent['allow_cid']) || strlen($parent['allow_gid']) || strlen($parent['deny_cid']) || strlen($parent['deny_gid'])) {
$public_message = false;
// private recipients, not public
}
$allow_people = expand_acl($parent['allow_cid']);
$allow_groups = expand_groups(expand_acl($parent['allow_gid']));
$deny_people = expand_acl($parent['deny_cid']);
$deny_groups = expand_groups(expand_acl($parent['deny_gid']));
// if our parent is a forum, uplink to the origonal author causing
// a delivery fork
if (intval($parent['forum_mode']) && !$top_level && $cmd !== 'uplink') {
proc_run('php', 'include/notifier', 'uplink', $item_id);
}
$conversants = array();
foreach ($items as $item) {
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
// pull out additional tagged people to notify (if public message)
if ($public_message && strlen($item['inform'])) {
$people = explode(',', $item['inform']);
foreach ($people as $person) {
if (substr($person, 0, 4) === 'cid:') {
$recipients[] = intval(substr($person, 4));
$conversants[] = intval(substr($person, 4));
} else {
$url_recipients[] = substr($person, 4);
}
}
}
}
logger('notifier: url_recipients' . print_r($url_recipients, true));
$conversants = array_unique($conversants);
$recipients = array_unique(array_merge($recipients, $allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$recipients = array_diff($recipients, $deny);
$conversant_str = dbesc(implode(', ', $conversants));
}
$r = q("SELECT * FROM `contact` WHERE `id` IN ( {$conversant_str} ) AND `blocked` = 0 AND `pending` = 0");
if (count($r)) {
$contacts = $r;
}
}
$feed_template = get_markup_template('atom_feed.tpl');
$mail_template = get_markup_template('atom_mail.tpl');
$atom = '';
$slaps = array();
$hubxml = feed_hublinks();
$birthday = feed_birthday($owner['uid'], $owner['timezone']);
if (strlen($birthday)) {
$birthday = '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>';
}
$atom .= replace_macros($feed_template, array('$version' => xmlify(FRIENDICA_VERSION), '$feed_id' => xmlify($a->get_baseurl() . '/profile/' . $owner['nickname']), '$feed_title' => xmlify($owner['name']), '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', $updated . '+00:00', ATOM_TIME)), '$hub' => $hubxml, '$salmon' => '', '$name' => xmlify($owner['name']), '$profile_page' => xmlify($owner['url']), '$photo' => xmlify($owner['photo']), '$thumb' => xmlify($owner['thumb']), '$picdate' => xmlify(datetime_convert('UTC', 'UTC', $owner['avatar-date'] . '+00:00', ATOM_TIME)), '$uridate' => xmlify(datetime_convert('UTC', 'UTC', $owner['uri-date'] . '+00:00', ATOM_TIME)), '$namdate' => xmlify(datetime_convert('UTC', 'UTC', $owner['name-date'] . '+00:00', ATOM_TIME)), '$birthday' => $birthday));
if ($mail) {
$public_message = false;
// mail is not public
$body = fix_private_photos($item['body'], $owner['uid']);
$atom .= replace_macros($mail_template, array('$name' => xmlify($owner['name']), '$profile_page' => xmlify($owner['url']), '$thumb' => xmlify($owner['thumb']), '$item_id' => xmlify($item['uri']), '$subject' => xmlify($item['title']), '$created' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00', ATOM_TIME)), '$content' => xmlify($body), '$parent_id' => xmlify($item['parent-uri'])));
} elseif ($fsuggest) {
$public_message = false;
// suggestions are not public
$sugg_template = get_markup_template('atom_suggest.tpl');
$atom .= replace_macros($sugg_template, array('$name' => xmlify($item['name']), '$url' => xmlify($item['url']), '$photo' => xmlify($item['photo']), '$request' => xmlify($item['request']), '$note' => xmlify($item['note'])));
// We don't need this any more
q("DELETE FROM `fsuggest` WHERE `id` = %d LIMIT 1", intval($item['id']));
} else {
if ($followup) {
foreach ($items as $item) {
// there is only one item
if (!$item['parent']) {
continue;
}
if ($item['id'] == $item_id) {
logger('notifier: followup: item: ' . print_r($item, true), LOGGER_DATA);
$slap = atom_entry($item, 'html', $owner, $owner, false);
$atom .= atom_entry($item, 'text', $owner, $owner, false);
}
}
} else {
foreach ($items as $item) {
if (!$item['parent']) {
continue;
}
// private emails may be in included in public conversations. Filter them.
if ($public_message && $item['private']) {
continue;
}
$contact = get_item_contact($item, $contacts);
if (!$contact) {
continue;
}
if ($normal_mode) {
// we only need the current item, but include the parent because without it
// older sites without a corresponding dfrn_notify change may do the wrong thing.
if ($item_id == $item['id'] || $item['id'] == $item['parent']) {
$atom .= atom_entry($item, 'text', $contact, $owner, true);
}
} else {
$atom .= atom_entry($item, 'text', $contact, $owner, true);
}
if ($top_level && $public_message && $item['author-link'] === $item['owner-link'] && !$expire) {
$slaps[] = atom_entry($item, 'html', $contact, $owner, true);
}
}
}
}
$atom .= '</feed>' . "\r\n";
logger('notifier: ' . $atom, LOGGER_DATA);
logger('notifier: slaps: ' . print_r($slaps, true), LOGGER_DATA);
// If this is a public message and pubmail is set on the parent, include all your email contacts
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (!$mail_disabled) {
if (!strlen($target_item['allow_cid']) && !strlen($target_item['allow_gid']) && !strlen($target_item['deny_cid']) && !strlen($target_item['deny_gid']) && intval($target_item['pubmail'])) {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `network` = '%s'", intval($uid), dbesc(NETWORK_MAIL));
if (count($r)) {
foreach ($r as $rr) {
$recipients[] = $rr['id'];
}
}
}
}
if ($followup) {
$recip_str = $parent['contact-id'];
} else {
$recip_str = implode(', ', $recipients);
}
$r = q("SELECT * FROM `contact` WHERE `id` IN ( %s ) AND `blocked` = 0 AND `pending` = 0 ", dbesc($recip_str));
require_once 'include/salmon.php';
$interval = get_config('system', 'delivery_interval') === false ? 2 : intval(get_config('system', 'delivery_interval'));
// delivery loop
if (count($r)) {
foreach ($r as $contact) {
if (!$mail && !$fsuggest && !$followup && !$contact['self']) {
if ($contact['network'] === NETWORK_DIASPORA && $public_message) {
continue;
}
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )", dbesc($cmd), intval($item_id), intval($contact['id']));
}
}
foreach ($r as $contact) {
if ($contact['self']) {
continue;
}
// potentially more than one recipient. Start a new process and space them out a bit.
// we will deliver single recipient types of message and email receipients here.
if (!$mail && !$fsuggest && !$followup) {
proc_run('php', 'include/delivery.php', $cmd, $item_id, $contact['id']);
if ($interval) {
@time_sleep_until(microtime(true) + (double) $interval);
}
continue;
}
$deliver_status = 0;
logger("main delivery by notifier: followup={$followup} mail={$mail} fsuggest={$fsuggest}");
switch ($contact['network']) {
case NETWORK_DFRN:
// perform local delivery if we are on the same site
$basepath = implode('/', array_slice(explode('/', $contact['url']), 0, 3));
if (link_compare($basepath, $a->get_baseurl())) {
$nickname = basename($contact['url']);
if ($contact['issued-id']) {
$sql_extra = sprintf(" AND `dfrn-id` = '%s' ", dbesc($contact['issued-id']));
} else {
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($contact['dfrn-id']));
}
$x = q("SELECT\t`contact`.*, `contact`.`uid` AS `importer_uid`, \n\t\t\t\t\t\t\t`contact`.`pubkey` AS `cpubkey`, \n\t\t\t\t\t\t\t`contact`.`prvkey` AS `cprvkey`, \n\t\t\t\t\t\t\t`contact`.`thumb` AS `thumb`, \n\t\t\t\t\t\t\t`contact`.`url` as `url`,\n\t\t\t\t\t\t\t`contact`.`name` as `senderName`,\n\t\t\t\t\t\t\t`user`.* \n\t\t\t\t\t\t\tFROM `contact` \n\t\t\t\t\t\t\tLEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` \n\t\t\t\t\t\t\tWHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\t\t\t\tAND `contact`.`network` = '%s' AND `user`.`nickname` = '%s'\n\t\t\t\t\t\t\t{$sql_extra}\n\t\t\t\t\t\t\tAND `user`.`account_expired` = 0 LIMIT 1", dbesc(NETWORK_DFRN), dbesc($nickname));
if (count($x)) {
require_once 'library/simplepie/simplepie.inc';
logger('mod-delivery: local delivery');
local_delivery($x[0], $atom);
break;
}
}
logger('notifier: dfrndelivery: ' . $contact['name']);
$deliver_status = dfrn_deliver($owner, $contact, $atom);
logger('notifier: dfrn_delivery returns ' . $deliver_status);
if ($deliver_status == -1) {
logger('notifier: delivery failed: queuing message');
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_DFRN, $atom);
}
break;
case NETWORK_OSTATUS:
// Do not send to otatus if we are not configured to send to public networks
if ($owner['prvnets']) {
break;
}
if (get_config('system', 'ostatus_disabled') || get_config('system', 'dfrn_only')) {
break;
}
if ($followup && $contact['notify']) {
logger('notifier: slapdelivery: ' . $contact['name']);
$deliver_status = slapper($owner, $contact['notify'], $slap);
if ($deliver_status == -1) {
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_OSTATUS, $slap);
}
} else {
// only send salmon if public - e.g. if it's ok to notify
// a public hub, it's ok to send a salmon
if (count($slaps) && $public_message && !$expire) {
logger('notifier: slapdelivery: ' . $contact['name']);
foreach ($slaps as $slappy) {
if ($contact['notify']) {
$deliver_status = slapper($owner, $contact['notify'], $slappy);
if ($deliver_status == -1) {
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_OSTATUS, $slappy);
}
}
}
}
}
break;
case NETWORK_MAIL:
if (get_config('system', 'dfrn_only')) {
break;
}
// WARNING: does not currently convert to RFC2047 header encodings, etc.
$addr = $contact['addr'];
if (!strlen($addr)) {
break;
}
if ($cmd === 'wall-new' || $cmd === 'comment-new') {
$it = null;
if ($cmd === 'wall-new') {
$it = $items[0];
} else {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($argv[2]), intval($uid));
if (count($r)) {
$it = $r[0];
}
}
if (!$it) {
break;
}
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($uid));
if (!count($local_user)) {
break;
}
$reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval($uid));
if ($r1 && $r1[0]['reply_to']) {
$reply_to = $r1[0]['reply_to'];
}
$subject = $it['title'] ? $it['title'] : t("(no subject)");
$headers = 'From: ' . $local_user[0]['username'] . ' <' . $local_user[0]['email'] . '>' . "\n";
if ($reply_to) {
$headers .= 'Reply-to: ' . $reply_to . "\n";
}
$headers .= 'Message-id: <' . $it['uri'] . '>' . "\n";
if ($it['uri'] !== $it['parent-uri']) {
$header .= 'References: <' . $it['parent-uri'] . '>' . "\n";
if (!strlen($it['title'])) {
$r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' LIMIT 1", dbesc($it['parent-uri']));
if (count($r)) {
$subtitle = $r[0]['title'];
if ($subtitle) {
if (strncasecmp($subtitle, 'RE:', 3)) {
$subject = $subtitle;
} else {
$subject = 'Re: ' . $subtitle;
}
}
}
}
}
$headers .= 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n";
$headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n";
$html = prepare_body($it);
$message = '<html><body>' . $html . '</body></html>';
logger('notifier: email delivery to ' . $addr);
mail($addr, $subject, $message, $headers);
}
break;
case NETWORK_DIASPORA:
require_once 'include/diaspora.php';
if (get_config('system', 'dfrn_only') || !get_config('system', 'diaspora_enabled')) {
break;
}
if ($mail) {
diaspora_send_mail($item, $owner, $contact);
break;
}
if (!$normal_mode) {
break;
}
// special handling for followup to public post
// all other public posts processed as public batches further below
if ($public_message) {
if ($followup) {
diaspora_send_followup($target_item, $owner, $contact, true);
}
break;
}
if (!$contact['pubkey']) {
break;
}
if ($target_item['verb'] === ACTIVITY_DISLIKE) {
// unsupported
break;
} elseif ($target_item['deleted'] && $target_item['verb'] !== ACTIVITY_LIKE) {
// diaspora delete,
diaspora_send_retraction($target_item, $owner, $contact);
break;
} elseif ($followup) {
// send comments, likes and retractions of likes to owner to relay
diaspora_send_followup($target_item, $owner, $contact);
break;
} elseif ($target_item['parent'] != $target_item['id']) {
// we are the relay - send comments, likes and unlikes to our conversants
diaspora_send_relay($target_item, $owner, $contact);
break;
} elseif ($top_level && !$walltowall) {
// currently no workable solution for sending walltowall
diaspora_send_status($target_item, $owner, $contact);
break;
}
break;
case NETWORK_FEED:
case NETWORK_FACEBOOK:
if (get_config('system', 'dfrn_only')) {
break;
}
default:
break;
}
}
}
// send additional slaps to mentioned remote tags (@foo@example.com)
if ($slap && count($url_recipients) && ($followup || $top_level) && $public_message && !$expire) {
if (!get_config('system', 'dfrn_only')) {
foreach ($url_recipients as $url) {
if ($url) {
logger('notifier: urldelivery: ' . $url);
$deliver_status = slapper($owner, $url, $slap);
// TODO: redeliver/queue these items on failure, though there is no contact record
}
}
}
}
if ($public_message) {
$r1 = q("SELECT DISTINCT(`batch`), `id`, `name`,`network` FROM `contact` WHERE `network` = '%s' \n\t\t\tAND `uid` = %d AND `rel` != %d group by `batch` ORDER BY rand() ", dbesc(NETWORK_DIASPORA), intval($owner['uid']), intval(CONTACT_IS_SHARING));
$r2 = q("SELECT `id`, `name`,`network` FROM `contact` \n\t\t\tWHERE `network` = '%s' AND `uid` = %d AND `blocked` = 0 AND `pending` = 0\n\t\t\tAND `rel` != %d order by rand() ", dbesc(NETWORK_DFRN), intval($owner['uid']), intval(CONTACT_IS_SHARING));
$r = array_merge($r2, $r1);
if (count($r)) {
logger('pubdeliver: ' . print_r($r, true), LOGGER_DEBUG);
// throw everything into the queue in case we get killed
foreach ($r as $rr) {
if (!$mail && !$fsuggest && !$followup) {
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )", dbesc($cmd), intval($item_id), intval($rr['id']));
}
}
foreach ($r as $rr) {
// except for Diaspora batch jobs
// Don't deliver to folks who have already been delivered to
if ($rr['network'] !== NETWORK_DIASPORA && in_array($rr['id'], $conversants)) {
logger('notifier: already delivered id=' . $rr['id']);
continue;
}
if (!$mail && !$fsuggest && !$followup) {
logger('notifier: delivery agent: ' . $rr['name'] . ' ' . $rr['id']);
proc_run('php', 'include/delivery.php', $cmd, $item_id, $rr['id']);
if ($interval) {
@time_sleep_until(microtime(true) + (double) $interval);
}
}
}
}
if (strlen($hub)) {
$hubs = explode(',', $hub);
if (count($hubs)) {
foreach ($hubs as $h) {
$h = trim($h);
if (!strlen($h)) {
continue;
}
$params = 'hub.mode=publish&hub.url=' . urlencode($a->get_baseurl() . '/dfrn_poll/' . $owner['nickname']);
post_url($h, $params);
logger('pubsub: publish: ' . $h . ' ' . $params . ' returned ' . $a->get_curl_code());
if (count($hubs) > 1) {
sleep(7);
}
// try and avoid multiple hubs responding at precisely the same time
}
}
}
}
if ($normal_mode) {
call_hooks('notifier_normal', $target_item);
}
call_hooks('notifier_end', $target_item);
return;
}
/**
* @brief Returns array of channels which have recursive permission for a file
*
* @param $arr_allow_cid
* @param $arr_allow_gid
* @param $arr_deny_cid
* @param $arr_deny_gid
* @param $folder_hash
*/
function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash)
{
$ret = array();
$parent_arr = array();
$count_values = array();
$poster = get_app()->get_observer();
//turn allow_gid into allow_cid's
foreach ($arr_allow_gid as $gid) {
$in_group = in_group($gid);
$arr_allow_cid = array_unique(array_merge($arr_allow_cid, $in_group));
}
$count = 0;
while ($folder_hash) {
$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, folder FROM attach WHERE hash = '%s' LIMIT 1", dbesc($folder_hash));
//only process private folders
if ($x[0]['allow_cid'] || $x[0]['allow_gid'] || $x[0]['deny_cid'] || $x[0]['deny_gid']) {
$parent_arr['allow_cid'][] = expand_acl($x[0]['allow_cid']);
$parent_arr['allow_gid'][] = expand_acl($x[0]['allow_gid']);
/**
* @TODO should find a much better solution for the allow_cid <-> allow_gid problem.
* Do not use allow_gid for now. Instead lookup the members of the group directly and add them to allow_cid.
* */
if ($parent_arr['allow_gid']) {
foreach ($parent_arr['allow_gid'][$count] as $gid) {
$in_group = in_group($gid);
$parent_arr['allow_cid'][$count] = array_unique(array_merge($parent_arr['allow_cid'][$count], $in_group));
}
}
$parent_arr['deny_cid'][] = expand_acl($x[0]['deny_cid']);
$parent_arr['deny_gid'][] = expand_acl($x[0]['deny_gid']);
$count++;
}
$folder_hash = $x[0]['folder'];
}
//if none of the parent folders is private just return file perms
if (!$parent_arr['allow_cid'] && !$parent_arr['allow_gid'] && !$parent_arr['deny_cid'] && !$parent_arr['deny_gid']) {
$ret['allow_gid'] = $arr_allow_gid;
$ret['allow_cid'] = $arr_allow_cid;
$ret['deny_gid'] = $arr_deny_gid;
$ret['deny_cid'] = $arr_deny_cid;
return $ret;
}
//if there are no perms on the file we get them from the first parent folder
if (!$arr_allow_cid && !$arr_allow_gid && !$arr_deny_cid && !$arr_deny_gid) {
$arr_allow_cid = $parent_arr['allow_cid'][0];
$arr_allow_gid = $parent_arr['allow_gid'][0];
$arr_deny_cid = $parent_arr['deny_cid'][0];
$arr_deny_gid = $parent_arr['deny_gid'][0];
}
//allow_cid
$r_arr_allow_cid = false;
foreach ($parent_arr['allow_cid'] as $folder_arr_allow_cid) {
foreach ($folder_arr_allow_cid as $ac_hash) {
$count_values[$ac_hash]++;
}
}
foreach ($arr_allow_cid as $fac_hash) {
if ($count_values[$fac_hash] == $count) {
$r_arr_allow_cid[] = $fac_hash;
}
}
//allow_gid
$r_arr_allow_gid = false;
foreach ($parent_arr['allow_gid'] as $folder_arr_allow_gid) {
foreach ($folder_arr_allow_gid as $ag_hash) {
$count_values[$ag_hash]++;
}
}
foreach ($arr_allow_gid as $fag_hash) {
if ($count_values[$fag_hash] == $count) {
$r_arr_allow_gid[] = $fag_hash;
}
}
//deny_gid
foreach ($parent_arr['deny_gid'] as $folder_arr_deny_gid) {
$r_arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid);
}
$r_arr_deny_gid = array_unique($r_arr_deny_gid);
//deny_cid
foreach ($parent_arr['deny_cid'] as $folder_arr_deny_cid) {
$r_arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid);
}
$r_arr_deny_cid = array_unique($r_arr_deny_cid);
//if none is allowed restrict to self
if ($r_arr_allow_gid === false && $r_arr_allow_cid === false) {
$ret['allow_cid'] = $poster['xchan_hash'];
} else {
$ret['allow_gid'] = $r_arr_allow_gid;
$ret['allow_cid'] = $r_arr_allow_cid;
$ret['deny_gid'] = $r_arr_deny_gid;
$ret['deny_cid'] = $r_arr_deny_cid;
}
return $ret;
}
function lockview_content(&$a)
{
$type = argc() > 1 ? argv(1) : 0;
if (is_numeric($type)) {
$item_id = intval($type);
$type = 'item';
} else {
$item_id = argc() > 2 ? intval(argv(2)) : 0;
}
if (!$item_id) {
killme();
}
if (!in_array($type, array('item', 'photo', 'event'))) {
killme();
}
$r = q("SELECT * FROM %s WHERE id = %d LIMIT 1", dbesc($type), intval($item_id));
if (!$r) {
killme();
}
$item = $r[0];
if ($item['uid'] != local_user()) {
echo '<li>' . t('Remote privacy information not available.') . '</li>';
killme();
}
if ($item['item_private'] == 1 && !strlen($item['allow_cid']) && !strlen($item['allow_gid']) && !strlen($item['deny_cid']) && !strlen($item['deny_gid'])) {
// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any
// specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it
// as unknown specific recipients. The sender will have the visibility list and will fall through to the
// next section.
echo '<li>' . translate_scope(!$item['public_policy'] ? 'specific' : $item['public_policy']) . '</li>';
killme();
}
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
$o = '<li>' . t('Visible to:') . '</li>';
$l = array();
stringify_array_elms($allowed_groups, true);
stringify_array_elms($allowed_users, true);
stringify_array_elms($deny_groups, true);
stringify_array_elms($deny_users, true);
if (count($allowed_groups)) {
$r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><b>' . $rr['name'] . '</b></li>';
}
}
}
if (count($allowed_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $allowed_users) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li>' . $rr['xchan_name'] . '</li>';
}
}
}
if (count($deny_groups)) {
$r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><b><strike>' . $rr['name'] . '</strike></b></li>';
}
}
}
if (count($deny_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>';
}
}
}
echo $o . implode($l);
killme();
}
/**
* @param App $a
* @param object $b
* @return mixed
*/
function fbpost_post_hook(&$a, &$b)
{
logger('fbpost_post_hook: Facebook post invoked', LOGGER_DEBUG);
if ($b['deleted'] || $b['created'] !== $b['edited']) {
return;
}
logger('fbpost_post_hook: Facebook post first check successful', LOGGER_DEBUG);
// if post comes from facebook don't send it back
if ($b['extid'] == NETWORK_FACEBOOK) {
return;
}
if ($b['app'] == "Facebook" and $b['verb'] != ACTIVITY_LIKE) {
return;
}
logger('fbpost_post_hook: Facebook post accepted', LOGGER_DEBUG);
/**
* Post to Facebook stream
*/
require_once 'include/group.php';
require_once 'include/html2plain.php';
$reply = false;
$likes = false;
$deny_arr = array();
$allow_arr = array();
$toplevel = $b['id'] == $b['parent'] ? true : false;
$linking = get_pconfig($b['uid'], 'facebook', 'no_linking') ? 0 : 1;
if (!$toplevel && $linking) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($b['parent']), intval($b['uid']));
//$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
// dbesc($b['parent-uri']),
// intval($b['uid'])
//);
// is it a reply to a facebook post?
// A reply to a toplevel post is only allowed for "real" facebook posts
if (count($r) && substr($r[0]['uri'], 0, 4) === 'fb::') {
$reply = substr($r[0]['uri'], 4);
} elseif (count($r) && substr($r[0]['extid'], 0, 4) === 'fb::' and $r[0]['id'] != $r[0]['parent']) {
$reply = substr($r[0]['extid'], 4);
} else {
return;
}
$u = q("SELECT * FROM user where uid = %d limit 1", intval($b['uid']));
if (!count($u)) {
return;
}
// only accept comments from the item owner. Other contacts are unknown to FB.
if (!link_compare($b['author-link'], $a->get_baseurl() . '/profile/' . $u[0]['nickname'])) {
return;
}
logger('fbpost_post_hook: facebook reply id=' . $reply);
}
if (strstr($b['postopts'], 'facebook') || $b['private'] || $reply) {
if ($b['private'] && $reply === false) {
$allow_people = expand_acl($b['allow_cid']);
$allow_groups = expand_groups(expand_acl($b['allow_gid']));
$deny_people = expand_acl($b['deny_cid']);
$deny_groups = expand_groups(expand_acl($b['deny_gid']));
$recipients = array_unique(array_merge($allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$allow_str = dbesc(implode(', ', $recipients));
if ($allow_str) {
logger("fbpost_post_hook: private post to: " . $allow_str, LOGGER_DEBUG);
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$allow_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$allow_arr[] = $rr['notify'];
}
}
}
$deny_str = dbesc(implode(', ', $deny));
if ($deny_str) {
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$deny_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$deny_arr[] = $rr['notify'];
}
}
}
if (count($deny_arr) && !count($allow_arr)) {
// One or more FB folks were denied access but nobody on FB was specifically allowed access.
// This might cause the post to be open to public on Facebook, but only to selected members
// on another network. Since this could potentially leak a post to somebody who was denied,
// we will skip posting it to Facebook with a slightly vague but relevant message that will
// hopefully lead somebody to this code comment for a better explanation of what went wrong.
notice(t('Post to Facebook cancelled because of multi-network access permission conflict.') . EOL);
return;
}
// if it's a private message but no Facebook members are allowed or denied, skip Facebook post
if (!count($allow_arr) && !count($deny_arr)) {
return;
}
}
if ($b['verb'] == ACTIVITY_LIKE) {
$likes = true;
logger('fbpost_post_hook: liking ' . print_r($b, true), LOGGER_DEBUG);
}
$appid = get_config('facebook', 'appid');
$secret = get_config('facebook', 'appsecret');
if ($appid && $secret) {
logger('fbpost_post_hook: have appid+secret');
$fb_token = get_pconfig($b['uid'], 'facebook', 'access_token');
// post to facebook if it's a public post and we've ticked the 'post to Facebook' box,
// or it's a private message with facebook participants
// or it's a reply or likes action to an existing facebook post
if ($fb_token && ($toplevel || $b['private'] || $reply)) {
logger('fbpost_post_hook: able to post');
require_once 'library/facebook.php';
require_once 'include/bbcode.php';
$msg = $b['body'];
logger('fbpost_post_hook: original msg=' . $msg, LOGGER_DATA);
if ($toplevel) {
require_once "include/plaintext.php";
$msgarr = plaintext($a, $b, 0, false, 9);
$msg = $msgarr["text"];
$link = $msgarr["url"];
$linkname = $msgarr["title"];
if ($msgarr["type"] != "video") {
$image = $msgarr["image"];
}
// Fallback - if message is empty
if (!strlen($msg)) {
$msg = $linkname;
}
if (!strlen($msg)) {
$msg = $link;
}
if (!strlen($msg)) {
$msg = $image;
}
} else {
require_once "include/bbcode.php";
require_once "include/html2plain.php";
$msg = bb_CleanPictureLinks($msg);
$msg = bbcode($msg, false, false, 2, true);
$msg = trim(html2plain($msg, 0));
$link = "";
$image = "";
$linkname = "";
}
// If there is nothing to post then exit
if (!strlen($msg)) {
return;
}
logger('fbpost_post_hook: msg=' . $msg, LOGGER_DATA);
$video = "";
if ($likes) {
$postvars = array('access_token' => $fb_token);
} else {
// message, picture, link, name, caption, description, source, place, tags
//if(trim($link) != "")
// if (@exif_imagetype($link) != 0) {
// $image = $link;
// $link = "";
// }
$postvars = array('access_token' => $fb_token, 'message' => $msg);
if (trim($image) != "") {
$postvars['picture'] = $image;
}
if (trim($link) != "") {
$postvars['link'] = $link;
if (stristr($link, 'youtube') || stristr($link, 'youtu.be') || stristr($link, 'vimeo')) {
$video = $link;
}
}
if (trim($linkname) != "") {
$postvars['name'] = $linkname;
}
}
if ($b['private'] && $toplevel) {
$postvars['privacy'] = '{"value": "CUSTOM", "friends": "SOME_FRIENDS"';
if (count($allow_arr)) {
$postvars['privacy'] .= ',"allow": "' . implode(',', $allow_arr) . '"';
}
if (count($deny_arr)) {
$postvars['privacy'] .= ',"deny": "' . implode(',', $deny_arr) . '"';
}
$postvars['privacy'] .= '}';
}
$post_to_page = get_pconfig($b['uid'], 'facebook', 'post_to_page');
$page_access_token = get_pconfig($b['uid'], 'facebook', 'page_access_token');
if (intval($post_to_page) != 0 and $page_access_token != "") {
$target = $post_to_page;
} else {
$target = "me";
}
if ($reply) {
$url = 'https://graph.facebook.com/' . $reply . '/' . ($likes ? 'likes' : 'comments');
} else {
if ($video != "" or $image == "" and $link != "") {
// If it is a link to a video or a link without a preview picture then post it as a link
if ($video != "") {
$link = $video;
}
$postvars = array('access_token' => $fb_token, 'link' => $link);
if ($msg != $video) {
$postvars['message'] = $msg;
}
$url = 'https://graph.facebook.com/' . $target . '/links';
} else {
if ($link == "" and $image != "") {
// If it is only an image without a page link then post this image as a photo
$postvars = array('access_token' => $fb_token, 'url' => $image);
if ($msg != $image) {
$postvars['message'] = $msg;
}
$url = 'https://graph.facebook.com/' . $target . '/photos';
//} else if (($link != "") or ($image != "") or ($b['title'] == '') or (strlen($msg) < 500)) {
} else {
$url = 'https://graph.facebook.com/' . $target . '/feed';
if (!get_pconfig($b['uid'], 'facebook', 'suppress_view_on_friendica') and $b['plink']) {
$postvars['actions'] = '{"name": "' . t('View on Friendica') . '", "link": "' . $b['plink'] . '"}';
}
}
}
}
/* } else {
// if its only a message and a subject and the message is larger than 500 characters then post it as note
$postvars = array(
'access_token' => $fb_token,
'message' => bbcode($b['body'], false, false),
'subject' => $b['title'],
);
$url = 'https://graph.facebook.com/'.$target.'/notes';
} */
// Post to page?
if (!$reply and $target != "me" and $page_access_token) {
$postvars['access_token'] = $page_access_token;
}
logger('fbpost_post_hook: post to ' . $url);
logger('fbpost_post_hook: postvars: ' . print_r($postvars, true));
// "test_mode" prevents anything from actually being posted.
// Otherwise, let's do it.
if (!get_config('facebook', 'test_mode')) {
$x = post_url($url, $postvars);
logger('fbpost_post_hook: post returns: ' . $x, LOGGER_DEBUG);
$retj = json_decode($x);
if ($retj->id) {
// Only set the extid when it isn't the toplevel post
q("UPDATE `item` SET `extid` = '%s' WHERE `id` = %d AND `parent` != %d", dbesc('fb::' . $retj->id), intval($b['id']), intval($b['id']));
} else {
// Sometimes posts are accepted from facebook although it telling an error
// This leads to endless comment flooding.
// If it is a special kind of failure the post was receiced
// Although facebook said it wasn't received ...
if (!$likes and ($retj->error->type != "OAuthException" or $retj->error->code != 2) and $x != "") {
$r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self`", intval($b['uid']));
if (count($r)) {
$a->contact = $r[0]["id"];
}
$s = serialize(array('url' => $url, 'item' => $b['id'], 'post' => $postvars));
require_once 'include/queue_fn.php';
add_to_queue($a->contact, NETWORK_FACEBOOK, $s);
logger('fbpost_post_hook: Post failed, requeued.', LOGGER_DEBUG);
notice(t('Facebook post failed. Queued for retry.') . EOL);
}
if (isset($retj->error) && $retj->error->type == "OAuthException" && $retj->error->code == 190) {
logger('fbpost_post_hook: Facebook session has expired due to changed password.', LOGGER_DEBUG);
$last_notification = get_pconfig($b['uid'], 'facebook', 'session_expired_mailsent');
if (!$last_notification || $last_notification < time() - FACEBOOK_SESSION_ERR_NOTIFICATION_INTERVAL) {
require_once 'include/enotify.php';
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($b['uid']));
notification(array('uid' => $b['uid'], 'type' => NOTIFY_SYSTEM, 'system_type' => 'facebook_connection_invalid', 'language' => $r[0]['language'], 'to_name' => $r[0]['username'], 'to_email' => $r[0]['email'], 'source_name' => t('Administrator'), 'source_link' => $a->config["system"]["url"], 'source_photo' => $a->config["system"]["url"] . '/images/person-80.jpg'));
set_pconfig($b['uid'], 'facebook', 'session_expired_mailsent', time());
} else {
logger('fbpost_post_hook: No notification, as the last one was sent on ' . $last_notification, LOGGER_DEBUG);
}
}
}
}
}
}
}
}
function notifier_run(&$argv, &$argc)
{
global $a, $db;
if (is_null($a)) {
$a = new App();
}
if (is_null($db)) {
@(include ".htconfig.php");
require_once "include/dba.php";
$db = new dba($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
}
require_once "include/session.php";
require_once "include/datetime.php";
require_once 'include/items.php';
require_once 'include/bbcode.php';
require_once 'include/email.php';
load_config('config');
load_config('system');
load_hooks();
if ($argc < 3) {
return;
}
$a->set_baseurl(get_config('system', 'url'));
logger('notifier: invoked: ' . print_r($argv, true), LOGGER_DEBUG);
$cmd = $argv[1];
switch ($cmd) {
case 'mail':
default:
$item_id = intval($argv[2]);
if (!$item_id) {
return;
}
break;
}
$expire = false;
$mail = false;
$fsuggest = false;
$relocate = false;
$top_level = false;
$recipients = array();
$url_recipients = array();
$normal_mode = true;
if ($cmd === 'mail') {
$normal_mode = false;
$mail = true;
$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($message)) {
return;
}
$uid = $message[0]['uid'];
$recipients[] = $message[0]['contact-id'];
$item = $message[0];
} elseif ($cmd === 'expire') {
$normal_mode = false;
$expire = true;
$items = q("SELECT * FROM `item` WHERE `uid` = %d AND `wall` = 1\n\t\t\tAND `deleted` = 1 AND `changed` > UTC_TIMESTAMP() - INTERVAL 10 MINUTE", intval($item_id));
$uid = $item_id;
$item_id = 0;
if (!count($items)) {
return;
}
} elseif ($cmd === 'suggest') {
$normal_mode = false;
$fsuggest = true;
$suggest = q("SELECT * FROM `fsuggest` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($suggest)) {
return;
}
$uid = $suggest[0]['uid'];
$recipients[] = $suggest[0]['cid'];
$item = $suggest[0];
} elseif ($cmd === 'removeme') {
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($item_id));
if (!$r) {
return;
}
$user = $r[0];
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($item_id));
if (!$r) {
return;
}
$self = $r[0];
$r = q("SELECT * FROM `contact` WHERE `self` = 0 AND `uid` = %d", intval($item_id));
if (!$r) {
return;
}
require_once 'include/Contact.php';
foreach ($r as $contact) {
terminate_friendship($user, $self, $contact);
}
return;
} elseif ($cmd === 'relocate') {
$normal_mode = false;
$relocate = true;
$uid = $item_id;
} else {
// find ancestors
$r = q("SELECT * FROM `item` WHERE `id` = %d and visible = 1 and moderated = 0 LIMIT 1", intval($item_id));
if (!count($r) || !intval($r[0]['parent'])) {
return;
}
$target_item = $r[0];
$parent_id = intval($r[0]['parent']);
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
// POSSIBLE CLEANUP --> The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
if (!$parent_id) {
return;
}
$items = q("SELECT `item`.*, `sign`.`signed_text`,`sign`.`signature`,`sign`.`signer`\n\t\t\tFROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d and visible = 1 and moderated = 0 ORDER BY `id` ASC", intval($parent_id));
if (!count($items)) {
return;
}
// avoid race condition with deleting entries
if ($items[0]['deleted']) {
foreach ($items as $item) {
$item['deleted'] = 1;
}
}
if (count($items) == 1 && $items[0]['id'] === $target_item['id'] && $items[0]['uri'] === $items[0]['parent-uri']) {
logger('notifier: top level post');
$top_level = true;
}
}
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`,\n\t\t`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,\n\t\t`user`.`page-flags`, `user`.`prvnets`\n\t\tFROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`\n\t\tWHERE `contact`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1", intval($uid));
if (!count($r)) {
return;
}
$owner = $r[0];
$walltowall = $top_level && $owner['id'] != $items[0]['contact-id'] ? true : false;
$hub = get_config('system', 'huburl');
// If this is a public conversation, notify the feed hub
$public_message = true;
// Do a PuSH
$push_notify = false;
// fill this in with a single salmon slap if applicable
$slap = '';
if (!($mail || $fsuggest || $relocate)) {
require_once 'include/group.php';
$parent = $items[0];
$thr_parent = q("SELECT `network` FROM `item` WHERE `uri` = '%s' AND `uid` = %d", dbesc($target_item["thr-parent"]), intval($target_item["uid"]));
logger('Parent is ' . $parent['network'] . '. Thread parent is ' . $thr_parent[0]['network'], LOGGER_DEBUG);
// This is IMPORTANT!!!!
// We will only send a "notify owner to relay" or followup message if the referenced post
// originated on our system by virtue of having our hostname somewhere
// in the URI, AND it was a comment (not top_level) AND the parent originated elsewhere.
// if $parent['wall'] == 1 we will already have the parent message in our array
// and we will relay the whole lot.
// expire sends an entire group of expire messages and cannot be forwarded.
// However the conversation owner will be a part of the conversation and will
// be notified during this run.
// Other DFRN conversation members will be alerted during polled updates.
// Diaspora members currently are not notified of expirations, and other networks have
// either limited or no ability to process deletions. We should at least fix Diaspora
// by stringing togther an array of retractions and sending them onward.
$localhost = str_replace('www.', '', $a->get_hostname());
if (strpos($localhost, ':')) {
$localhost = substr($localhost, 0, strpos($localhost, ':'));
}
/**
*
* Be VERY CAREFUL if you make any changes to the following several lines. Seemingly innocuous changes
* have been known to cause runaway conditions which affected several servers, along with
* permissions issues.
*
*/
$relay_to_owner = false;
if (!$top_level && $parent['wall'] == 0 && !$expire && stristr($target_item['uri'], $localhost)) {
$relay_to_owner = true;
}
if ($cmd === 'uplink' && intval($parent['forum_mode']) == 1 && !$top_level) {
$relay_to_owner = true;
}
// until the 'origin' flag has been in use for several months
// we will just use it as a fallback test
// later we will be able to use it as the primary test of whether or not to relay.
if (!$target_item['origin']) {
$relay_to_owner = false;
}
if ($parent['origin']) {
$relay_to_owner = false;
}
if ($relay_to_owner) {
logger('notifier: followup ' . $target_item["guid"], LOGGER_DEBUG);
// local followup to remote post
$followup = true;
$public_message = false;
// not public
$conversant_str = dbesc($parent['contact-id']);
$recipients = array($parent['contact-id']);
if (!$target_item['private'] and $target_item['wall'] and strlen($target_item['allow_cid'] . $target_item['allow_gid'] . $target_item['deny_cid'] . $target_item['deny_gid']) == 0) {
$push_notify = true;
}
// We notify Friendica users in the thread when it is an OStatus thread.
// Hopefully this transfers the messages to the other Friendica servers. (Untested)
if ($thr_parent and $thr_parent[0]['network'] == NETWORK_OSTATUS or $parent['network'] == NETWORK_OSTATUS) {
$push_notify = true;
if ($parent["network"] == NETWORK_OSTATUS) {
$r = q("SELECT `author-link` FROM `item` WHERE `parent` = %d AND `author-link` != '%s'", intval($target_item["parent"]), dbesc($owner['url']));
foreach ($r as $parent_item) {
$probed_contact = probe_url($parent_item["author-link"]);
if ($probed_contact["notify"] != "" and $probed_contact["network"] == NETWORK_DFRN) {
logger('Notify Friendica user ' . $probed_contact["url"] . ': ' . $probed_contact["notify"]);
$url_recipients[$probed_contact["notify"]] = $probed_contact["notify"];
}
}
}
if (count($url_recipients)) {
logger("url_recipients " . print_r($url_recipients, true));
}
}
} else {
$followup = false;
logger('Distributing directly ' . $target_item["guid"], LOGGER_DEBUG);
// don't send deletions onward for other people's stuff
if ($target_item['deleted'] && !intval($target_item['wall'])) {
logger('notifier: ignoring delete notification for non-wall item');
return;
}
if (strlen($parent['allow_cid']) || strlen($parent['allow_gid']) || strlen($parent['deny_cid']) || strlen($parent['deny_gid'])) {
$public_message = false;
// private recipients, not public
}
$allow_people = expand_acl($parent['allow_cid']);
$allow_groups = expand_groups(expand_acl($parent['allow_gid']), true);
$deny_people = expand_acl($parent['deny_cid']);
$deny_groups = expand_groups(expand_acl($parent['deny_gid']));
// if our parent is a public forum (forum_mode == 1), uplink to the origional author causing
// a delivery fork. private groups (forum_mode == 2) do not uplink
if (intval($parent['forum_mode']) == 1 && !$top_level && $cmd !== 'uplink') {
proc_run('php', 'include/notifier.php', 'uplink', $item_id);
}
$conversants = array();
foreach ($items as $item) {
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
// pull out additional tagged people to notify (if public message)
if ($public_message && strlen($item['inform'])) {
$people = explode(',', $item['inform']);
foreach ($people as $person) {
if (substr($person, 0, 4) === 'cid:') {
$recipients[] = intval(substr($person, 4));
$conversants[] = intval(substr($person, 4));
} else {
$url_recipients[] = substr($person, 4);
}
}
}
}
if (count($url_recipients)) {
logger('notifier: ' . $target_item["guid"] . ' url_recipients ' . print_r($url_recipients, true));
}
$conversants = array_unique($conversants);
$recipients = array_unique(array_merge($recipients, $allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$recipients = array_diff($recipients, $deny);
$conversant_str = dbesc(implode(', ', $conversants));
}
// If the thread parent is OStatus then do some magic to distribute the messages.
// We have not only to look at the parent, since it could be a Friendica thread.
if ($thr_parent and $thr_parent[0]['network'] == NETWORK_OSTATUS or $parent['network'] == NETWORK_OSTATUS) {
logger('Some parent is OStatus for ' . $target_item["guid"], LOGGER_DEBUG);
// Send a salmon notification to every person we mentioned in the post
$arr = explode(',', $target_item['tag']);
foreach ($arr as $x) {
//logger('Checking tag '.$x, LOGGER_DEBUG);
$matches = null;
if (preg_match('/@\\[url=([^\\]]*)\\]/', $x, $matches)) {
$probed_contact = probe_url($matches[1]);
if ($probed_contact["notify"] != "") {
logger('Notify mentioned user ' . $probed_contact["url"] . ': ' . $probed_contact["notify"]);
$url_recipients[$probed_contact["notify"]] = $probed_contact["notify"];
}
}
}
// It only makes sense to distribute answers to OStatus messages to Friendica and OStatus - but not Diaspora
$sql_extra = " AND `network` IN ('" . NETWORK_OSTATUS . "', '" . NETWORK_DFRN . "')";
} else {
$sql_extra = "";
}
$r = q("SELECT * FROM `contact` WHERE `id` IN ({$conversant_str}) AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0" . $sql_extra);
if (count($r)) {
$contacts = $r;
}
}
$feed_template = get_markup_template('atom_feed.tpl');
$mail_template = get_markup_template('atom_mail.tpl');
$atom = '';
$slaps = array();
$hubxml = feed_hublinks();
$birthday = feed_birthday($owner['uid'], $owner['timezone']);
if (strlen($birthday)) {
$birthday = '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>';
}
$atom .= replace_macros($feed_template, array('$version' => xmlify(FRIENDICA_VERSION), '$feed_id' => xmlify($a->get_baseurl() . '/profile/' . $owner['nickname']), '$feed_title' => xmlify($owner['name']), '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', $updated . '+00:00', ATOM_TIME)), '$hub' => $hubxml, '$salmon' => '', '$name' => xmlify($owner['name']), '$profile_page' => xmlify($owner['url']), '$photo' => xmlify($owner['photo']), '$thumb' => xmlify($owner['thumb']), '$picdate' => xmlify(datetime_convert('UTC', 'UTC', $owner['avatar-date'] . '+00:00', ATOM_TIME)), '$uridate' => xmlify(datetime_convert('UTC', 'UTC', $owner['uri-date'] . '+00:00', ATOM_TIME)), '$namdate' => xmlify(datetime_convert('UTC', 'UTC', $owner['name-date'] . '+00:00', ATOM_TIME)), '$birthday' => $birthday, '$community' => $owner['page-flags'] == PAGE_COMMUNITY ? '<dfrn:community>1</dfrn:community>' : ''));
if ($mail) {
$public_message = false;
// mail is not public
$body = fix_private_photos($item['body'], $owner['uid'], null, $message[0]['contact-id']);
$atom .= replace_macros($mail_template, array('$name' => xmlify($owner['name']), '$profile_page' => xmlify($owner['url']), '$thumb' => xmlify($owner['thumb']), '$item_id' => xmlify($item['uri']), '$subject' => xmlify($item['title']), '$created' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00', ATOM_TIME)), '$content' => xmlify($body), '$parent_id' => xmlify($item['parent-uri'])));
} elseif ($fsuggest) {
$public_message = false;
// suggestions are not public
$sugg_template = get_markup_template('atom_suggest.tpl');
$atom .= replace_macros($sugg_template, array('$name' => xmlify($item['name']), '$url' => xmlify($item['url']), '$photo' => xmlify($item['photo']), '$request' => xmlify($item['request']), '$note' => xmlify($item['note'])));
// We don't need this any more
q("DELETE FROM `fsuggest` WHERE `id` = %d LIMIT 1", intval($item['id']));
} elseif ($relocate) {
$public_message = false;
// suggestions are not public
$sugg_template = get_markup_template('atom_relocate.tpl');
/* get site pubkey. this could be a new installation with no site keys*/
$pubkey = get_config('system', 'site_pubkey');
if (!$pubkey) {
$res = new_keypair(1024);
set_config('system', 'site_prvkey', $res['prvkey']);
set_config('system', 'site_pubkey', $res['pubkey']);
}
$rp = q("SELECT `resource-id` , `scale`, type FROM `photo` \n\t\t\t\t\t\tWHERE `profile` = 1 AND `uid` = %d ORDER BY scale;", $uid);
$photos = array();
$ext = Photo::supportedTypes();
foreach ($rp as $p) {
$photos[$p['scale']] = $a->get_baseurl() . '/photo/' . $p['resource-id'] . '-' . $p['scale'] . '.' . $ext[$p['type']];
}
unset($rp, $ext);
$atom .= replace_macros($sugg_template, array('$name' => xmlify($owner['name']), '$photo' => xmlify($photos[4]), '$thumb' => xmlify($photos[5]), '$micro' => xmlify($photos[6]), '$url' => xmlify($owner['url']), '$request' => xmlify($owner['request']), '$confirm' => xmlify($owner['confirm']), '$notify' => xmlify($owner['notify']), '$poll' => xmlify($owner['poll']), '$sitepubkey' => xmlify(get_config('system', 'site_pubkey'))));
$recipients_relocate = q("SELECT * FROM contact WHERE uid = %d AND self = 0 AND network = '%s'", intval($uid), NETWORK_DFRN);
unset($photos);
} else {
$slap = ostatus_salmon($target_item, $owner);
//$slap = atom_entry($target_item,'html',null,$owner,false);
if ($followup) {
foreach ($items as $item) {
// there is only one item
if (!$item['parent']) {
continue;
}
if ($item['id'] == $item_id) {
logger('notifier: followup: item: ' . print_r($item, true), LOGGER_DATA);
//$slap = atom_entry($item,'html',null,$owner,false);
$atom .= atom_entry($item, 'text', null, $owner, false);
}
}
} else {
foreach ($items as $item) {
if (!$item['parent']) {
continue;
}
// private emails may be in included in public conversations. Filter them.
if ($public_message && $item['private'] == 1) {
continue;
}
$contact = get_item_contact($item, $contacts);
if (!$contact) {
continue;
}
if ($normal_mode) {
// we only need the current item, but include the parent because without it
// older sites without a corresponding dfrn_notify change may do the wrong thing.
if ($item_id == $item['id'] || $item['id'] == $item['parent']) {
$atom .= atom_entry($item, 'text', null, $owner, true);
}
} else {
$atom .= atom_entry($item, 'text', null, $owner, true);
}
if ($top_level && $public_message && $item['author-link'] === $item['owner-link'] && !$expire) {
$slaps[] = ostatus_salmon($item, $owner);
}
//$slaps[] = atom_entry($item,'html',null,$owner,true);
}
}
}
$atom .= '</feed>' . "\r\n";
logger('notifier: ' . $atom, LOGGER_DATA);
logger('notifier: slaps: ' . print_r($slaps, true), LOGGER_DATA);
// If this is a public message and pubmail is set on the parent, include all your email contacts
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (!$mail_disabled) {
if (!strlen($target_item['allow_cid']) && !strlen($target_item['allow_gid']) && !strlen($target_item['deny_cid']) && !strlen($target_item['deny_gid']) && intval($target_item['pubmail'])) {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `network` = '%s'", intval($uid), dbesc(NETWORK_MAIL));
if (count($r)) {
foreach ($r as $rr) {
$recipients[] = $rr['id'];
}
}
}
}
if ($followup) {
$recip_str = $parent['contact-id'];
} else {
$recip_str = implode(', ', $recipients);
}
if ($relocate) {
$r = $recipients_relocate;
} else {
$r = q("SELECT * FROM `contact` WHERE `id` IN ( %s ) AND `blocked` = 0 AND `pending` = 0 ", dbesc($recip_str));
}
require_once 'include/salmon.php';
$interval = get_config('system', 'delivery_interval') === false ? 2 : intval(get_config('system', 'delivery_interval'));
// If we are using the worker we don't need a delivery interval
if (get_config("system", "worker")) {
$interval = false;
}
// delivery loop
if (count($r)) {
foreach ($r as $contact) {
if (!$mail && !$fsuggest && !$followup && !$relocate && !$contact['self']) {
if ($contact['network'] === NETWORK_DIASPORA && $public_message) {
continue;
}
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )", dbesc($cmd), intval($item_id), intval($contact['id']));
}
}
// This controls the number of deliveries to execute with each separate delivery process.
// By default we'll perform one delivery per process. Assuming a hostile shared hosting
// provider, this provides the greatest chance of deliveries if processes start getting
// killed. We can also space them out with the delivery_interval to also help avoid them
// getting whacked.
// If $deliveries_per_process > 1, we will chain this number of multiple deliveries
// together into a single process. This will reduce the overall number of processes
// spawned for each delivery, but they will run longer.
// When using the workerqueue, we don't need this functionality.
$deliveries_per_process = intval(get_config('system', 'delivery_batch_count'));
if ($deliveries_per_process <= 0 or get_config("system", "worker")) {
$deliveries_per_process = 1;
}
$this_batch = array();
for ($x = 0; $x < count($r); $x++) {
$contact = $r[$x];
if ($contact['self']) {
continue;
}
logger("Deliver " . $target_item["guid"] . " to " . $contact['url'], LOGGER_DEBUG);
// potentially more than one recipient. Start a new process and space them out a bit.
// we will deliver single recipient types of message and email recipients here.
if (!$mail && !$fsuggest && !$relocate && !$followup) {
$this_batch[] = $contact['id'];
if (count($this_batch) == $deliveries_per_process) {
proc_run('php', 'include/delivery.php', $cmd, $item_id, $this_batch);
$this_batch = array();
if ($interval) {
@time_sleep_until(microtime(true) + (double) $interval);
}
}
continue;
}
// be sure to pick up any stragglers
if (count($this_batch)) {
proc_run('php', 'include/delivery.php', $cmd, $item_id, $this_batch);
}
$deliver_status = 0;
logger("main delivery by notifier: followup={$followup} mail={$mail} fsuggest={$fsuggest} relocate={$relocate}");
switch ($contact['network']) {
case NETWORK_DFRN:
// perform local delivery if we are on the same site
$basepath = implode('/', array_slice(explode('/', $contact['url']), 0, 3));
if (link_compare($basepath, $a->get_baseurl())) {
$nickname = basename($contact['url']);
if ($contact['issued-id']) {
$sql_extra = sprintf(" AND `dfrn-id` = '%s' ", dbesc($contact['issued-id']));
} else {
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($contact['dfrn-id']));
}
$x = q("SELECT\t`contact`.*, `contact`.`uid` AS `importer_uid`,\n\t\t\t\t\t\t\t`contact`.`pubkey` AS `cpubkey`,\n\t\t\t\t\t\t\t`contact`.`prvkey` AS `cprvkey`,\n\t\t\t\t\t\t\t`contact`.`thumb` AS `thumb`,\n\t\t\t\t\t\t\t`contact`.`url` as `url`,\n\t\t\t\t\t\t\t`contact`.`name` as `senderName`,\n\t\t\t\t\t\t\t`user`.*\n\t\t\t\t\t\t\tFROM `contact`\n\t\t\t\t\t\t\tINNER JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\t\t\t\t\t\tWHERE `contact`.`blocked` = 0 AND `contact`.`archive` = 0\n\t\t\t\t\t\t\tAND `contact`.`pending` = 0\n\t\t\t\t\t\t\tAND `contact`.`network` = '%s' AND `user`.`nickname` = '%s'\n\t\t\t\t\t\t\t{$sql_extra}\n\t\t\t\t\t\t\tAND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 LIMIT 1", dbesc(NETWORK_DFRN), dbesc($nickname));
if ($x && count($x)) {
$write_flag = $x[0]['rel'] && $x[0]['rel'] != CONTACT_IS_SHARING ? true : false;
if (($owner['page-flags'] == PAGE_COMMUNITY || $write_flag) && !$x[0]['writable']) {
q("update contact set writable = 1 where id = %d", intval($x[0]['id']));
$x[0]['writable'] = 1;
}
// if contact's ssl policy changed, which we just determined
// is on our own server, update our contact links
$ssl_policy = get_config('system', 'ssl_policy');
fix_contact_ssl_policy($x[0], $ssl_policy);
// If we are setup as a soapbox we aren't accepting top level posts from this person
if ($x[0]['page-flags'] == PAGE_SOAPBOX and $top_level) {
break;
}
require_once 'library/simplepie/simplepie.inc';
logger('mod-delivery: local delivery');
local_delivery($x[0], $atom);
break;
}
}
logger('notifier: dfrndelivery: ' . $contact['name']);
$deliver_status = dfrn_deliver($owner, $contact, $atom);
logger('notifier: dfrn_delivery returns ' . $deliver_status);
if ($deliver_status == -1) {
logger('notifier: delivery failed: queuing message');
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_DFRN, $atom);
}
break;
case NETWORK_OSTATUS:
// Do not send to ostatus if we are not configured to send to public networks
if ($owner['prvnets']) {
break;
}
if (get_config('system', 'ostatus_disabled') || get_config('system', 'dfrn_only')) {
break;
}
if ($followup && $contact['notify']) {
logger('slapdelivery followup item ' . $item_id . ' to ' . $contact['name']);
$deliver_status = slapper($owner, $contact['notify'], $slap);
if ($deliver_status == -1) {
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_OSTATUS, $slap);
}
} else {
// only send salmon if public - e.g. if it's ok to notify
// a public hub, it's ok to send a salmon
if (count($slaps) && $public_message && !$expire) {
logger('slapdelivery item ' . $item_id . ' to ' . $contact['name']);
foreach ($slaps as $slappy) {
if ($contact['notify']) {
$deliver_status = slapper($owner, $contact['notify'], $slappy);
if ($deliver_status == -1) {
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_OSTATUS, $slappy);
}
}
}
}
}
break;
case NETWORK_MAIL:
case NETWORK_MAIL2:
if (get_config('system', 'dfrn_only')) {
break;
}
// WARNING: does not currently convert to RFC2047 header encodings, etc.
$addr = $contact['addr'];
if (!strlen($addr)) {
break;
}
if ($cmd === 'wall-new' || $cmd === 'comment-new') {
$it = null;
if ($cmd === 'wall-new') {
$it = $items[0];
} else {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($argv[2]), intval($uid));
if (count($r)) {
$it = $r[0];
}
}
if (!$it) {
break;
}
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($uid));
if (!count($local_user)) {
break;
}
$reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval($uid));
if ($r1 && $r1[0]['reply_to']) {
$reply_to = $r1[0]['reply_to'];
}
$subject = $it['title'] ? email_header_encode($it['title'], 'UTF-8') : t("(no subject)");
// only expose our real email address to true friends
if ($contact['rel'] == CONTACT_IS_FRIEND && !$contact['blocked']) {
if ($reply_to) {
$headers = 'From: ' . email_header_encode($local_user[0]['username'], 'UTF-8') . ' <' . $reply_to . '>' . "\n";
$headers .= 'Sender: ' . $local_user[0]['email'] . "\n";
} else {
$headers = 'From: ' . email_header_encode($local_user[0]['username'], 'UTF-8') . ' <' . $local_user[0]['email'] . '>' . "\n";
}
} else {
$headers = 'From: ' . email_header_encode($local_user[0]['username'], 'UTF-8') . ' <' . t('noreply') . '@' . $a->get_hostname() . '>' . "\n";
}
//if($reply_to)
// $headers .= 'Reply-to: ' . $reply_to . "\n";
$headers .= 'Message-Id: <' . iri2msgid($it['uri']) . '>' . "\n";
if ($it['uri'] !== $it['parent-uri']) {
$headers .= "References: <" . iri2msgid($it["parent-uri"]) . ">";
// If Threading is enabled, write down the correct parent
if ($it["thr-parent"] != "" and $it["thr-parent"] != $it["parent-uri"]) {
$headers .= " <" . iri2msgid($it["thr-parent"]) . ">";
}
$headers .= "\n";
if (!$it['title']) {
$r = q("SELECT `title` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($it['parent-uri']), intval($uid));
if (count($r) and $r[0]['title'] != '') {
$subject = $r[0]['title'];
} else {
$r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($it['parent-uri']), intval($uid));
if (count($r) and $r[0]['title'] != '') {
$subject = $r[0]['title'];
}
}
}
if (strncasecmp($subject, 'RE:', 3)) {
$subject = 'Re: ' . $subject;
}
}
email_send($addr, $subject, $headers, $it);
}
break;
case NETWORK_DIASPORA:
if (get_config('system', 'dfrn_only') || !get_config('system', 'diaspora_enabled')) {
break;
}
if ($mail) {
diaspora_send_mail($item, $owner, $contact);
break;
}
if (!$normal_mode) {
break;
}
// special handling for followup to public post
// all other public posts processed as public batches further below
if ($public_message) {
if ($followup) {
diaspora_send_followup($target_item, $owner, $contact, true);
}
break;
}
if (!$contact['pubkey']) {
break;
}
$unsupported_activities = array(ACTIVITY_DISLIKE, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE);
//don't transmit activities which are not supported by diaspora
foreach ($unsupported_activities as $act) {
if (activity_match($target_item['verb'], $act)) {
break 2;
}
}
if ($target_item['deleted'] && ($target_item['uri'] === $target_item['parent-uri'] || $followup)) {
// send both top-level retractions and relayable retractions for owner to relay
diaspora_send_retraction($target_item, $owner, $contact);
break;
} elseif ($followup) {
// send comments and likes to owner to relay
diaspora_send_followup($target_item, $owner, $contact);
break;
} elseif ($target_item['uri'] !== $target_item['parent-uri']) {
// we are the relay - send comments, likes and relayable_retractions
// (of comments and likes) to our conversants
diaspora_send_relay($target_item, $owner, $contact);
break;
} elseif ($top_level && !$walltowall) {
// currently no workable solution for sending walltowall
diaspora_send_status($target_item, $owner, $contact);
break;
}
break;
case NETWORK_FEED:
case NETWORK_FACEBOOK:
if (get_config('system', 'dfrn_only')) {
break;
}
case NETWORK_PUMPIO:
if (get_config('system', 'dfrn_only')) {
break;
}
default:
break;
}
}
}
// send additional slaps to mentioned remote tags (@foo@example.com)
//if($slap && count($url_recipients) && ($followup || $top_level) && ($public_message || $push_notify) && (! $expire)) {
if ($slap && count($url_recipients) && ($public_message || $push_notify) && !$expire) {
if (!get_config('system', 'dfrn_only')) {
foreach ($url_recipients as $url) {
if ($url) {
logger('notifier: urldelivery: ' . $url);
$deliver_status = slapper($owner, $url, $slap);
// TODO: redeliver/queue these items on failure, though there is no contact record
}
}
}
}
if ($public_message) {
if (!$followup) {
$r0 = diaspora_fetch_relay();
} else {
$r0 = array();
}
$r1 = q("SELECT DISTINCT(`batch`), `id`, `name`,`network` FROM `contact` WHERE `network` = '%s'\n\t\t\tAND `uid` = %d AND `rel` != %d group by `batch` ORDER BY rand() ", dbesc(NETWORK_DIASPORA), intval($owner['uid']), intval(CONTACT_IS_SHARING));
$r2 = q("SELECT `id`, `name`,`network` FROM `contact`\n\t\t\tWHERE `network` in ( '%s', '%s') AND `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0\n\t\t\tAND `rel` != %d order by rand() ", dbesc(NETWORK_DFRN), dbesc(NETWORK_MAIL2), intval($owner['uid']), intval(CONTACT_IS_SHARING));
$r = array_merge($r2, $r1, $r0);
if (count($r)) {
logger('pubdeliver: ' . print_r($r, true), LOGGER_DEBUG);
// throw everything into the queue in case we get killed
foreach ($r as $rr) {
if (!$mail && !$fsuggest && !$followup) {
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )", dbesc($cmd), intval($item_id), intval($rr['id']));
}
}
foreach ($r as $rr) {
// except for Diaspora batch jobs
// Don't deliver to folks who have already been delivered to
if ($rr['network'] !== NETWORK_DIASPORA && in_array($rr['id'], $conversants)) {
logger('notifier: already delivered id=' . $rr['id']);
continue;
}
if (!$mail && !$fsuggest && !$followup) {
logger('notifier: delivery agent: ' . $rr['name'] . ' ' . $rr['id']);
proc_run('php', 'include/delivery.php', $cmd, $item_id, $rr['id']);
if ($interval) {
@time_sleep_until(microtime(true) + (double) $interval);
}
}
}
}
$push_notify = true;
}
if ($push_notify and strlen($hub)) {
$hubs = explode(',', $hub);
if (count($hubs)) {
foreach ($hubs as $h) {
$h = trim($h);
if (!strlen($h)) {
continue;
}
if ($h === '[internal]') {
// Set push flag for PuSH subscribers to this topic,
// they will be notified in queue.php
q("UPDATE `push_subscriber` SET `push` = 1 " . "WHERE `nickname` = '%s'", dbesc($owner['nickname']));
logger('Activating internal PuSH for item ' . $item_id, LOGGER_DEBUG);
} else {
$params = 'hub.mode=publish&hub.url=' . urlencode($a->get_baseurl() . '/dfrn_poll/' . $owner['nickname']);
post_url($h, $params);
logger('publish for item ' . $item_id . ' ' . $h . ' ' . $params . ' returned ' . $a->get_curl_code());
}
if (count($hubs) > 1) {
sleep(7);
}
// try and avoid multiple hubs responding at precisely the same time
}
}
// Handling the pubsubhubbub requests
proc_run('php', 'include/pubsubpublish.php');
}
// If the item was deleted, clean up the `sign` table
if ($target_item['deleted']) {
$r = q("DELETE FROM sign where `retract_iid` = %d", intval($target_item['id']));
}
logger('notifier: calling hooks', LOGGER_DEBUG);
if ($normal_mode) {
call_hooks('notifier_normal', $target_item);
}
call_hooks('notifier_end', $target_item);
return;
}
/**
* @brief Create a new game by generating a new item table record as a standard
* post. This will propagate to the other player and provide a link to begin playing
*
* @return array Status and parameters of the new game post
*/
function chess_create_game($channel, $color, $acl)
{
$resource_type = 'chess';
// Generate unique resource_id using the same method as item_message_id()
do {
$dups = false;
$resource_id = random_string(5);
$r = q("SELECT mid FROM item WHERE resource_id = '%s' AND resource_type = '%s' AND uid = %d LIMIT 1", dbesc($resource_id), dbesc($resource_type), intval($channel['channel_id']));
if (count($r)) {
$dups = true;
}
} while ($dups == true);
$ac = $acl->get();
$mid = item_message_id();
$arr = array();
// Initialize the array of parameters for the post
$objtype = ACTIVITY_OBJ_CHESSGAME;
$perms = $acl->get();
$allow_cid = expand_acl($perms['allow_cid']);
$player2 = null;
if (count($allow_cid)) {
foreach ($allow_cid as $allow) {
if ($allow === $channel['channel_hash']) {
continue;
}
$player2 = $allow;
}
}
$players = array($channel['channel_hash'], $player2);
$object = json_encode(array('id' => z_root() . '/chess/game/' . $resource_id, 'players' => $players, 'colors' => array($color, $color === 'white' ? 'black' : 'white'), 'active' => $color === 'white' ? $players[0] : $players[1], 'position' => 'start', 'version' => chess_get_version()));
$item_hidden = 0;
// TODO: Allow form creator to send post to ACL about new game automatically
$game_url = z_root() . '/chess/' . $channel['channel_address'] . '/' . $resource_id;
$arr['aid'] = $channel['channel_account_id'];
$arr['uid'] = $channel['channel_id'];
$arr['mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['item_hidden'] = $item_hidden;
$arr['resource_type'] = $resource_type;
$arr['resource_id'] = $resource_id;
$arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $channel['channel_hash'];
// Store info about the type of chess item using the "title" field
// Other types include 'move' for children items but may in the future include
// additional types that will determine how the "object" field is interpreted
$arr['title'] = 'game';
$arr['allow_cid'] = $ac['allow_cid'];
$arr['item_wall'] = 1;
$arr['item_origin'] = 1;
$arr['item_thread_top'] = 1;
$arr['item_private'] = intval($acl->is_private());
$arr['verb'] = ACTIVITY_POST;
$arr['obj_type'] = $objtype;
$arr['obj'] = $object;
$arr['body'] = '[table][tr][td][h1]New Chess Game[/h1][/td][/tr][tr][td][zrl=' . $game_url . ']Click here to play[/zrl][/td][/tr][/table]';
$post = item_store($arr);
$item_id = $post['item_id'];
if ($item_id) {
Zotlabs\Daemon\Master::Summon(['Notifier', 'activity', $item_id]);
return array('item' => $arr, 'status' => true);
} else {
return array('item' => null, 'status' => false);
}
}
function acl2json($s)
{
$s = expand_acl($s);
$s = json_encode($s);
return $s;
}
function remote_permissions_content($a, $item_copy)
{
if ($item_copy['uid'] != local_user()) {
return;
}
if (get_config('remote_perms', 'global') == 0) {
// Admin has set Individual choice. We need to find
// the original poster. First, get the contact's info
$r = q("SELECT nick, url FROM contact WHERE id = %d LIMIT 1", intval($item_copy['contact-id']));
if (!$r) {
return;
}
// Find out if the contact lives here
$baseurl = $a->get_baseurl();
$baseurl = substr($baseurl, strpos($baseurl, '://') + 3);
if (strpos($r[0]['url'], $baseurl) === false) {
return;
}
// The contact lives here. Get his/her user info
$nick = $r[0]['nick'];
$r = q("SELECT uid FROM user WHERE nickname = '%s' LIMIT 1", dbesc($nick));
if (!$r) {
return;
}
if (get_pconfig($r[0]['uid'], 'remote_perms', 'show') == 0) {
return;
}
}
if ($item_copy['private'] == 1 && !strlen($item_copy['allow_cid']) && !strlen($item_copy['allow_gid']) && !strlen($item_copy['deny_cid']) && !strlen($item_copy['deny_gid'])) {
$allow_names = array();
// Check for the original post here -- that's the only way
// to definitely get all of the recipients
if ($item_copy['uri'] === $item_copy['parent-uri']) {
// Lockview for a top-level post
$r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1", dbesc($item_copy['uri']));
} else {
// Lockview for a comment
$r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'\n\t\t\t AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1", dbesc($item_copy['uri']), dbesc($item_copy['parent-uri']));
}
if ($r) {
$item = $r[0];
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
$o = t('Visible to:') . '<br />';
$allow = array();
$deny = array();
if (count($allowed_groups)) {
$r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )", dbesc(implode(', ', $allowed_groups)));
foreach ($r as $rr) {
$allow[] = $rr['contact-id'];
}
}
$allow = array_unique($allow + $allowed_users);
if (count($deny_groups)) {
$r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )", dbesc(implode(', ', $deny_groups)));
foreach ($r as $rr) {
$deny[] = $rr['contact-id'];
}
}
$deny = $deny + $deny_users;
if ($allow) {
$r = q("SELECT name FROM contact WHERE id IN ( %s )", dbesc(implode(', ', array_diff($allow, $deny))));
foreach ($r as $rr) {
$allow_names[] = $rr['name'];
}
}
} else {
// We don't have the original post. Let's try for the next best thing:
// checking who else has the post on our own server. Note that comments
// that were sent to Diaspora and were relayed to others on our server
// will have different URIs than the original. We can match the GUID for
// those
$r = q("SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s'", dbesc($item_copy['uri']), dbesc($item_copy['guid']));
if (!$r) {
return;
}
$allow = array();
foreach ($r as $rr) {
$allow[] = $rr['uid'];
}
$r = q("SELECT username FROM user WHERE uid IN ( %s )", dbesc(implode(', ', $allow)));
if (!$r) {
return;
}
$o = t('Visible to') . ' (' . t('may only be a partial list') . '):<br />';
foreach ($r as $rr) {
$allow_names[] = $rr['username'];
}
}
// Sort the names alphabetically, case-insensitive
natcasesort($allow_names);
echo $o . implode(', ', $allow_names);
killme();
}
return;
}
function get()
{
$atokens = array();
if (local_channel()) {
$at = q("select * from atoken where atoken_uid = %d", intval(local_channel()));
if ($at) {
foreach ($at as $t) {
$atokens[] = atoken_xchan($t);
}
}
}
$type = argc() > 1 ? argv(1) : 0;
if (is_numeric($type)) {
$item_id = intval($type);
$type = 'item';
} else {
$item_id = argc() > 2 ? intval(argv(2)) : 0;
}
if (!$item_id) {
killme();
}
if (!in_array($type, array('item', 'photo', 'event', 'menu_item', 'chatroom'))) {
killme();
}
//we have different naming in in menu_item table and chatroom table
switch ($type) {
case 'menu_item':
$id = 'mitem_id';
break;
case 'chatroom':
$id = 'cr_id';
break;
default:
$id = 'id';
break;
}
$r = q("SELECT * FROM %s WHERE {$id} = %d LIMIT 1", dbesc($type), intval($item_id));
if (!$r) {
killme();
}
$item = $r[0];
//we have different naming in in menu_item table and chatroom table
switch ($type) {
case 'menu_item':
$uid = $item['mitem_channel_id'];
break;
case 'chatroom':
$uid = $item['cr_uid'];
break;
default:
$uid = $item['uid'];
break;
}
if ($uid != local_channel()) {
echo '<li>' . t('Remote privacy information not available.') . '</li>';
killme();
}
if ($item['item_private'] == 1 && !strlen($item['allow_cid']) && !strlen($item['allow_gid']) && !strlen($item['deny_cid']) && !strlen($item['deny_gid'])) {
// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any
// specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it
// as unknown specific recipients. The sender will have the visibility list and will fall through to the
// next section.
echo '<li>' . translate_scope(!$item['public_policy'] ? 'specific' : $item['public_policy']) . '</li>';
killme();
}
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
$o = '<li>' . t('Visible to:') . '</li>';
$l = array();
stringify_array_elms($allowed_groups, true);
stringify_array_elms($allowed_users, true);
stringify_array_elms($deny_groups, true);
stringify_array_elms($deny_users, true);
if (count($allowed_groups)) {
$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><b>' . $rr['gname'] . '</b></li>';
}
}
}
if (count($allowed_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $allowed_users) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li>' . $rr['xchan_name'] . '</li>';
}
}
if ($atokens) {
foreach ($atokens as $at) {
if (in_array("'" . $at['xchan_hash'] . "'", $allowed_users)) {
$l[] = '<li>' . $at['xchan_name'] . '</li>';
}
}
}
}
if (count($deny_groups)) {
$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><b><strike>' . $rr['gname'] . '</strike></b></li>';
}
}
}
if (count($deny_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>';
}
}
if ($atokens) {
foreach ($atokens as $at) {
if (in_array("'" . $at['xchan_hash'] . "'", $deny_users)) {
$l[] = '<li><strike>' . $at['xchan_name'] . '</strike></li>';
}
}
}
}
echo $o . implode($l);
killme();
}
} else {
killme();
}
if ($cmd != 'mail') {
require_once 'include/group.php';
$parent = $items[0];
if ($parent['type'] == 'remote') {
// local followup to remote post
$followup = true;
$conversant_str = dbesc($parent['contact-id']);
} else {
$followup = false;
$allow_people = expand_acl($parent['allow_cid']);
$allow_groups = expand_groups(expand_acl($parent['allow_gid']));
$deny_people = expand_acl($parent['deny_cid']);
$deny_groups = expand_groups(expand_acl($parent['deny_gid']));
$conversants = array();
foreach ($items as $item) {
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
}
$conversants = array_unique($conversants, SORT_NUMERIC);
$recipients = array_unique(array_merge($recipients, $allow_people, $allow_groups), SORT_NUMERIC);
$deny = array_unique(array_merge($deny_people, $deny_groups), SORT_NUMERIC);
$recipients = array_diff($recipients, $deny);
$conversant_str = dbesc(implode(', ', $conversants));
}
$r = q("SELECT * FROM `contact` WHERE `id` IN ( {$conversant_str} ) AND `blocked` = 0 AND `pending` = 0");
if (!count($r)) {
killme();
}
/**
* @param App $a
* @param object $b
* @return mixed
*/
function facebook_post_hook(&$a, &$b)
{
if ($b['deleted'] || $b['created'] !== $b['edited']) {
return;
}
/**
* Post to Facebook stream
*/
require_once 'include/group.php';
require_once 'include/html2plain.php';
logger('Facebook post');
$reply = false;
$likes = false;
$deny_arr = array();
$allow_arr = array();
$toplevel = $b['id'] == $b['parent'] ? true : false;
$linking = get_pconfig($b['uid'], 'facebook', 'no_linking') ? 0 : 1;
if (!$toplevel && $linking) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($b['parent']), intval($b['uid']));
if (count($r) && substr($r[0]['uri'], 0, 4) === 'fb::') {
$reply = substr($r[0]['uri'], 4);
} elseif (count($r) && substr($r[0]['extid'], 0, 4) === 'fb::') {
$reply = substr($r[0]['extid'], 4);
} else {
return;
}
$u = q("SELECT * FROM user where uid = %d limit 1", intval($b['uid']));
if (!count($u)) {
return;
}
// only accept comments from the item owner. Other contacts are unknown to FB.
if (!link_compare($b['author-link'], $a->get_baseurl() . '/profile/' . $u[0]['nickname'])) {
return;
}
logger('facebook reply id=' . $reply);
}
if (strstr($b['postopts'], 'facebook') || $b['private'] || $reply) {
if ($b['private'] && $reply === false) {
$allow_people = expand_acl($b['allow_cid']);
$allow_groups = expand_groups(expand_acl($b['allow_gid']));
$deny_people = expand_acl($b['deny_cid']);
$deny_groups = expand_groups(expand_acl($b['deny_gid']));
$recipients = array_unique(array_merge($allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$allow_str = dbesc(implode(', ', $recipients));
if ($allow_str) {
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$allow_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$allow_arr[] = $rr['notify'];
}
}
}
$deny_str = dbesc(implode(', ', $deny));
if ($deny_str) {
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$deny_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$deny_arr[] = $rr['notify'];
}
}
}
if (count($deny_arr) && !count($allow_arr)) {
// One or more FB folks were denied access but nobody on FB was specifically allowed access.
// This might cause the post to be open to public on Facebook, but only to selected members
// on another network. Since this could potentially leak a post to somebody who was denied,
// we will skip posting it to Facebook with a slightly vague but relevant message that will
// hopefully lead somebody to this code comment for a better explanation of what went wrong.
notice(t('Post to Facebook cancelled because of multi-network access permission conflict.') . EOL);
return;
}
// if it's a private message but no Facebook members are allowed or denied, skip Facebook post
if (!count($allow_arr) && !count($deny_arr)) {
return;
}
}
if ($b['verb'] == ACTIVITY_LIKE) {
$likes = true;
}
$appid = get_config('facebook', 'appid');
$secret = get_config('facebook', 'appsecret');
if ($appid && $secret) {
logger('facebook: have appid+secret');
$fb_token = get_pconfig($b['uid'], 'facebook', 'access_token');
// post to facebook if it's a public post and we've ticked the 'post to Facebook' box,
// or it's a private message with facebook participants
// or it's a reply or likes action to an existing facebook post
if ($fb_token && ($toplevel || $b['private'] || $reply)) {
logger('facebook: able to post');
require_once 'library/facebook.php';
require_once 'include/bbcode.php';
$msg = $b['body'];
logger('Facebook post: original msg=' . $msg, LOGGER_DATA);
// make links readable before we strip the code
// unless it's a dislike - just send the text as a comment
// if($b['verb'] == ACTIVITY_DISLIKE)
// $msg = trim(strip_tags(bbcode($msg)));
// Old code
/*$search_str = $a->get_baseurl() . '/search';
if(preg_match("/\[url=(.*?)\](.*?)\[\/url\]/is",$msg,$matches)) {
// don't use hashtags for message link
if(strpos($matches[2],$search_str) === false) {
$link = $matches[1];
if(substr($matches[2],0,5) != '[img]')
$linkname = $matches[2];
}
}
// strip tag links to avoid link clutter, this really should be
// configurable because we're losing information
$msg = preg_replace("/\#\[url=(.*?)\](.*?)\[\/url\]/is",'#$2',$msg);
// provide the link separately for normal links
$msg = preg_replace("/\[url=(.*?)\](.*?)\[\/url\]/is",'$2 $1',$msg);
if(preg_match("/\[img\](.*?)\[\/img\]/is",$msg,$matches))
$image = $matches[1];
$msg = preg_replace("/\[img\](.*?)\[\/img\]/is", t('Image: ') . '$1', $msg);
if((strpos($link,z_root()) !== false) && (! $image))
$image = $a->get_baseurl() . '/images/friendica-64.jpg';
$msg = trim(strip_tags(bbcode($msg)));*/
// New code
// Looking for the first image
$image = '';
if (preg_match("/\\[img\\=([0-9]*)x([0-9]*)\\](.*?)\\[\\/img\\]/is", $b['body'], $matches)) {
$image = $matches[3];
}
if ($image == '') {
if (preg_match("/\\[img\\](.*?)\\[\\/img\\]/is", $b['body'], $matches)) {
$image = $matches[1];
}
}
// Checking for a bookmark element
$body = $b['body'];
if (strpos($body, "[bookmark") !== false) {
// splitting the text in two parts:
// before and after the bookmark
$pos = strpos($body, "[bookmark");
$body1 = substr($body, 0, $pos);
$body2 = substr($body, $pos);
// Removing the bookmark and all quotes after the bookmark
// they are mostly only the content after the bookmark.
$body2 = preg_replace("/\\[bookmark\\=([^\\]]*)\\](.*?)\\[\\/bookmark\\]/ism", '', $body2);
$body2 = preg_replace("/\\[quote\\=([^\\]]*)\\](.*?)\\[\\/quote\\]/ism", '', $body2);
$body2 = preg_replace("/\\[quote\\](.*?)\\[\\/quote\\]/ism", '', $body2);
$body = $body1 . $body2;
}
// At first convert the text to html
$html = bbcode($body);
// Then convert it to plain text
$msg = trim($b['title'] . " \n\n" . html2plain($html, 0, true));
$msg = html_entity_decode($msg, ENT_QUOTES, 'UTF-8');
// Removing multiple newlines
while (strpos($msg, "\n\n\n") !== false) {
$msg = str_replace("\n\n\n", "\n\n", $msg);
}
// add any attachments as text urls
$arr = explode(',', $b['attach']);
if (count($arr)) {
$msg .= "\n";
foreach ($arr as $r) {
$matches = false;
$cnt = preg_match('|\\[attach\\]href=\\"(.*?)\\" size=\\"(.*?)\\" type=\\"(.*?)\\" title=\\"(.*?)\\"\\[\\/attach\\]|', $r, $matches);
if ($cnt) {
$msg .= "\n" . $matches[1];
}
}
}
$link = '';
$linkname = '';
// look for bookmark-bbcode and handle it with priority
if (preg_match("/\\[bookmark\\=([^\\]]*)\\](.*?)\\[\\/bookmark\\]/is", $b['body'], $matches)) {
$link = $matches[1];
$linkname = $matches[2];
}
// If there is no bookmark element then take the first link
if ($link == '') {
$links = collecturls($html);
if (sizeof($links) > 0) {
reset($links);
$link = current($links);
}
}
// Remove trailing and leading spaces
$msg = trim($msg);
// Since facebook increased the maxpostlen massively this never should happen again :)
if (strlen($msg) > FACEBOOK_MAXPOSTLEN) {
require_once 'library/slinky.php';
$display_url = $b['plink'];
$slinky = new Slinky($display_url);
// setup a cascade of shortening services
// try to get a short link from these services
// in the order ur1.ca, trim, id.gd, tinyurl
$slinky->set_cascade(array(new Slinky_UR1ca(), new Slinky_Trim(), new Slinky_IsGd(), new Slinky_TinyURL()));
$shortlink = $slinky->short();
// the new message will be shortened such that "... $shortlink"
// will fit into the character limit
$msg = substr($msg, 0, FACEBOOK_MAXPOSTLEN - strlen($shortlink) - 4);
$msg .= '... ' . $shortlink;
}
// Fallback - if message is empty
if (!strlen($msg)) {
$msg = $link;
}
if (!strlen($msg)) {
$msg = $image;
}
if (!strlen($msg)) {
$msg = $linkname;
}
// If there is nothing to post then exit
if (!strlen($msg)) {
return;
}
logger('Facebook post: msg=' . $msg, LOGGER_DATA);
if ($likes) {
$postvars = array('access_token' => $fb_token);
} else {
$postvars = array('access_token' => $fb_token, 'message' => $msg);
if (isset($image)) {
$postvars['picture'] = $image;
//$postvars['type'] = "photo";
}
if (isset($link)) {
$postvars['link'] = $link;
//$postvars['type'] = "link";
}
if (isset($linkname)) {
$postvars['name'] = $linkname;
}
}
if ($b['private'] && $toplevel) {
$postvars['privacy'] = '{"value": "CUSTOM", "friends": "SOME_FRIENDS"';
if (count($allow_arr)) {
$postvars['privacy'] .= ',"allow": "' . implode(',', $allow_arr) . '"';
}
if (count($deny_arr)) {
$postvars['privacy'] .= ',"deny": "' . implode(',', $deny_arr) . '"';
}
$postvars['privacy'] .= '}';
}
if ($reply) {
$url = 'https://graph.facebook.com/' . $reply . '/' . ($likes ? 'likes' : 'comments');
} else {
if ($link != "" or $image != "" or $b['title'] == '' or strlen($msg) < 500) {
$url = 'https://graph.facebook.com/me/feed';
if ($b['plink']) {
$postvars['actions'] = '{"name": "' . t('View on Friendica') . '", "link": "' . $b['plink'] . '"}';
}
} else {
// if its only a message and a subject and the message is larger than 500 characters then post it as note
$postvars = array('access_token' => $fb_token, 'message' => bbcode($b['body']), 'subject' => $b['title']);
$url = 'https://graph.facebook.com/me/notes';
}
}
logger('facebook: post to ' . $url);
logger('facebook: postvars: ' . print_r($postvars, true));
// "test_mode" prevents anything from actually being posted.
// Otherwise, let's do it.
if (!get_config('facebook', 'test_mode')) {
$x = post_url($url, $postvars);
logger('Facebook post returns: ' . $x, LOGGER_DEBUG);
$retj = json_decode($x);
if ($retj->id) {
q("UPDATE `item` SET `extid` = '%s' WHERE `id` = %d LIMIT 1", dbesc('fb::' . $retj->id), intval($b['id']));
} else {
if (!$likes) {
$s = serialize(array('url' => $url, 'item' => $b['id'], 'post' => $postvars));
require_once 'include/queue_fn.php';
add_to_queue($a->contact, NETWORK_FACEBOOK, $s);
notice(t('Facebook post failed. Queued for retry.') . EOL);
}
if (isset($retj->error) && $retj->error->type == "OAuthException" && $retj->error->code == 190) {
logger('Facebook session has expired due to changed password.', LOGGER_DEBUG);
$last_notification = get_pconfig($b['uid'], 'facebook', 'session_expired_mailsent');
if (!$last_notification || $last_notification < time() - FACEBOOK_SESSION_ERR_NOTIFICATION_INTERVAL) {
require_once 'include/enotify.php';
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($b['uid']));
notification(array('uid' => $b['uid'], 'type' => NOTIFY_SYSTEM, 'system_type' => 'facebook_connection_invalid', 'language' => $r[0]['language'], 'to_name' => $r[0]['username'], 'to_email' => $r[0]['email'], 'source_name' => t('Administrator'), 'source_link' => $a->config["system"]["url"], 'source_photo' => $a->config["system"]["url"] . '/images/person-80.jpg'));
set_pconfig($b['uid'], 'facebook', 'session_expired_mailsent', time());
} else {
logger('Facebook: No notification, as the last one was sent on ' . $last_notification, LOGGER_DEBUG);
}
}
}
}
}
}
}
}
/**
* test invalid input, empty <>
*
* TODO: should there be an exception? Or array(1, 3)
* (This should be array(1,3) - mike)
*/
public function testExpandAclEmptyMatch()
{
$text = "<1><><3>";
$this->assertEquals(array(1, 3), expand_acl($text));
}
function photos_post(&$a)
{
logger('mod-photos: photos_post: begin', LOGGER_DEBUG);
logger('mod_photos: REQUEST ' . print_r($_REQUEST, true), LOGGER_DATA);
logger('mod_photos: FILES ' . print_r($_FILES, true), LOGGER_DATA);
$ph = photo_factory('');
$phototypes = $ph->supportedTypes();
$can_post = false;
$page_owner_uid = $a->data['channel']['channel_id'];
if (perm_is_allowed($page_owner_uid, get_observer_hash(), 'write_storage')) {
$can_post = true;
}
if (!$can_post) {
notice(t('Permission denied.') . EOL);
if (is_ajax()) {
killme();
}
return;
}
$s = abook_self($page_owner_uid);
if (!$s) {
notice(t('Page owner information could not be retrieved.') . EOL);
logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
if (is_ajax()) {
killme();
}
return;
}
$owner_record = $s[0];
$acl = new AccessList($a->data['channel']);
if (argc() > 3 && argv(2) === 'album') {
$album = hex2bin(argv(3));
if ($album === t('Profile Photos')) {
// not allowed
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
if (!photos_album_exists($page_owner_uid, $album)) {
notice(t('Album not found.') . EOL);
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
/*
* RENAME photo album
*/
$newalbum = notags(trim($_REQUEST['albumname']));
if ($newalbum != $album) {
// @fixme - syncronise with DAV or disallow completely
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
// $x = photos_album_rename($page_owner_uid,$album,$newalbum);
// if($x) {
// $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
// goaway($a->get_baseurl() . '/' . $newurl);
// }
}
/*
* DELETE photo album and all its photos
*/
if ($_REQUEST['dropalbum'] == t('Delete Album')) {
$res = array();
// get the list of photos we are about to delete
if (remote_channel() && !local_channel()) {
$str = photos_album_get_db_idstr($page_owner_uid, $album, remote_channel());
} elseif (local_channel()) {
$str = photos_album_get_db_idstr(local_channel(), $album);
} else {
$str = null;
}
if (!$str) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$r = q("select id from item where resource_id in ( {$str} ) and resource_type = 'photo' and uid = %d " . item_normal(), intval($page_owner_uid));
if ($r) {
foreach ($r as $i) {
attach_delete($page_owner_uid, $i['resource_id'], 1);
// This is now being done in attach_delete()
// drop_item($i['id'],false,DROPITEM_PHASE1,true /* force removal of linked items */);
// proc_run('php','include/notifier.php','drop',$i['id']);
}
}
// remove the associated photos in case they weren't attached to an item
q("delete from photo where resource_id in ( {$str} ) and uid = %d", intval($page_owner_uid));
// @FIXME do the same for the linked attach
}
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address']);
}
if (argc() > 2 && x($_REQUEST, 'delete') && $_REQUEST['delete'] === t('Delete Photo')) {
// same as above but remove single photo
$ob_hash = get_observer_hash();
if (!$ob_hash) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$r = q("SELECT `id`, `resource_id` FROM `photo` WHERE ( xchan = '%s' or `uid` = %d ) AND `resource_id` = '%s' LIMIT 1", dbesc($ob_hash), intval(local_channel()), dbesc($a->argv[2]));
if ($r) {
/* this happens in attach_delete
q("DELETE FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s'",
intval($page_owner_uid),
dbesc($r[0]['resource_id'])
);
*/
attach_delete($page_owner_uid, $r[0]['resource_id'], 1);
/* this happens in attach_delete
$i = q("SELECT * FROM `item` WHERE `resource_id` = '%s' AND resource_type = 'photo' and `uid` = %d LIMIT 1",
dbesc($r[0]['resource_id']),
intval($page_owner_uid)
);
if(count($i)) {
drop_item($i[0]['id'],true,DROPITEM_PHASE1);
$url = $a->get_baseurl();
}
*/
}
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
}
if ($a->argc > 2 && (x($_POST, 'desc') !== false || x($_POST, 'newtag') !== false) || x($_POST, 'albname') !== false) {
$desc = x($_POST, 'desc') ? notags(trim($_POST['desc'])) : '';
$rawtags = x($_POST, 'newtag') ? notags(trim($_POST['newtag'])) : '';
$item_id = x($_POST, 'item_id') ? intval($_POST['item_id']) : 0;
$albname = x($_POST, 'albname') ? notags(trim($_POST['albname'])) : '';
$is_nsfw = x($_POST, 'adult') ? intval($_POST['adult']) : 0;
$acl->set_from_array($_POST);
$perm = $acl->get();
$resource_id = $a->argv[2];
if (!strlen($albname)) {
$albname = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y');
}
if (x($_POST, 'rotate') !== false && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) {
logger('rotate');
$r = q("select * from photo where `resource_id` = '%s' and uid = %d and scale = 0 limit 1", dbesc($resource_id), intval($page_owner_uid));
if (count($r)) {
$d = $r[0]['os_storage'] ? @file_get_contents($r[0]['data']) : dbunescbin($r[0]['data']);
$ph = photo_factory($d, $r[0]['type']);
if ($ph->is_valid()) {
$rotate_deg = intval($_POST['rotate']) == 1 ? 270 : 90;
$ph->rotate($rotate_deg);
$width = $ph->getWidth();
$height = $ph->getHeight();
if (intval($r[0]['os_storage'])) {
@file_put_contents($r[0]['data'], $ph->imageString());
$data = $r[0]['data'];
$fsize = @filesize($r[0]['data']);
q("update attach set filesize = %d where hash = '%s' and uid = %d limit 1", intval($fsize), dbesc($resource_id), intval($page_owner_uid));
} else {
$data = $ph->imageString();
$fsize = strlen($data);
}
$x = q("update photo set data = '%s', `size` = %d, height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 0", dbescbin($data), intval($fsize), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 1024 || $height > 1024) {
$ph->scaleImage(1024);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 1", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 2", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 3", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
}
}
$p = q("SELECT type, is_nsfw, description, resource_id, scale, allow_cid, allow_gid, deny_cid, deny_gid FROM photo WHERE resource_id = '%s' AND uid = %d ORDER BY scale DESC", dbesc($resource_id), intval($page_owner_uid));
if ($p) {
$ext = $phototypes[$p[0]['type']];
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
}
$item_private = $str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny ? true : false;
$old_is_nsfw = $p[0]['is_nsfw'];
if ($old_is_nsfw != $is_nsfw) {
$r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d", intval($is_nsfw), dbesc($resource_id), intval($page_owner_uid));
}
/* Don't make the item visible if the only change was the album name */
$visibility = 0;
if ($p[0]['description'] !== $desc || strlen($rawtags)) {
$visibility = 1;
}
if (!$item_id) {
$item_id = photos_create_item($a->data['channel'], get_observer_hash(), $p[0], $visibility);
}
if ($item_id) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$old_tag = $r[0]['tag'];
$old_inform = $r[0]['inform'];
}
}
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d\n\t\t\twhere id = %d", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), intval($acl->is_private()), intval($item_id));
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
if (strlen($rawtags)) {
$str_tags = '';
$inform = '';
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention
$x = substr($rawtags, 0, 1);
if ($x !== '@' && $x !== '#') {
$rawtags = '@' . $rawtags;
}
require_once 'include/text.php';
$profile_uid = $a->profile['profile_uid'];
$results = linkify_tags($a, $rawtags, local_channel() ? local_channel() : $profile_uid);
$success = $results['success'];
$post_tags = array();
foreach ($results as $result) {
$success = $result['success'];
if ($success['replaced']) {
$post_tags[] = array('uid' => $profile_uid, 'type' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url']);
}
}
$r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$r = fetch_post_tags($r, true);
$datarray = $r[0];
if ($post_tags) {
if (!array_key_exists('term', $datarray) || !is_array($datarray['term'])) {
$datarray['term'] = $post_tags;
} else {
$datarray['term'] = array_merge($datarray['term'], $post_tags);
}
}
item_store_update($datarray, $execflag);
}
}
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
/**
* default post action - upload a photo
*/
$channel = $a->data['channel'];
$observer = $a->data['observer'];
$_REQUEST['source'] = 'photos';
require_once 'include/attach.php';
if (!local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($a->channel, get_observer_hash(), '', $_REQUEST);
if (!$r['success']) {
notice($r['message'] . EOL);
}
if ($_REQUEST['newalbum']) {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($_REQUEST['newalbum']));
} else {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex(datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y')));
}
}
function post()
{
logger('mod-photos: photos_post: begin', LOGGER_DEBUG);
logger('mod_photos: REQUEST ' . print_r($_REQUEST, true), LOGGER_DATA);
logger('mod_photos: FILES ' . print_r($_FILES, true), LOGGER_DATA);
$ph = photo_factory('');
$phototypes = $ph->supportedTypes();
$can_post = false;
$page_owner_uid = \App::$data['channel']['channel_id'];
if (perm_is_allowed($page_owner_uid, get_observer_hash(), 'write_storage')) {
$can_post = true;
}
if (!$can_post) {
notice(t('Permission denied.') . EOL);
if (is_ajax()) {
killme();
}
return;
}
$s = abook_self($page_owner_uid);
if (!$s) {
notice(t('Page owner information could not be retrieved.') . EOL);
logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
if (is_ajax()) {
killme();
}
return;
}
$owner_record = $s[0];
$acl = new \Zotlabs\Access\AccessList(\App::$data['channel']);
if (argc() > 3 && argv(2) === 'album') {
$album = hex2bin(argv(3));
if ($album === t('Profile Photos')) {
// not allowed
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
if (!photos_album_exists($page_owner_uid, $album)) {
notice(t('Album not found.') . EOL);
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
/*
* DELETE photo album and all its photos
*/
if ($_REQUEST['dropalbum'] == t('Delete Album')) {
// This is dangerous because we combined file storage and photos into one interface
// This function will remove all photos from any directory with the same name since
// we have not passed the path value.
// The correct solution would be to use a full pathname from your storage root for 'album'
// We also need to prevent/block removing the storage root folder.
$folder_hash = '';
$r = q("select * from attach where is_dir = 1 and uid = %d and filename = '%s'", intval($page_owner_uid), dbesc($album));
if (!$r) {
notice(t('Album not found.') . EOL);
return;
}
if (count($r) > 1) {
notice(t('Multiple storage folders exist with this album name, but within different directories. Please remove the desired folder or folders using the Files manager') . EOL);
return;
} else {
$folder_hash = $r[0]['hash'];
}
$res = array();
// get the list of photos we are about to delete
if (remote_channel() && !local_channel()) {
$str = photos_album_get_db_idstr($page_owner_uid, $album, remote_channel());
} elseif (local_channel()) {
$str = photos_album_get_db_idstr(local_channel(), $album);
} else {
$str = null;
}
if (!$str) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
$r = q("select id from item where resource_id in ( {$str} ) and resource_type = 'photo' and uid = %d " . item_normal(), intval($page_owner_uid));
if ($r) {
foreach ($r as $i) {
attach_delete($page_owner_uid, $i['resource_id'], 1);
}
}
// remove the associated photos in case they weren't attached to an item
q("delete from photo where resource_id in ( {$str} ) and uid = %d", intval($page_owner_uid));
// @FIXME do the same for the linked attach
if ($folder_hash) {
attach_delete($page_owner_uid, $folder_hash, 1);
$sync = attach_export_data(\App::$data['channel'], $folder_hash, true);
if ($sync) {
build_sync_packet($page_owner_uid, array('file' => array($sync)));
}
}
}
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address']);
}
if (argc() > 2 && x($_REQUEST, 'delete') && $_REQUEST['delete'] === t('Delete Photo')) {
// same as above but remove single photo
$ob_hash = get_observer_hash();
if (!$ob_hash) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
$r = q("SELECT `id`, `resource_id` FROM `photo` WHERE ( xchan = '%s' or `uid` = %d ) AND `resource_id` = '%s' LIMIT 1", dbesc($ob_hash), intval(local_channel()), dbesc(\App::$argv[2]));
if ($r) {
attach_delete($page_owner_uid, $r[0]['resource_id'], 1);
$sync = attach_export_data(\App::$data['channel'], $r[0]['resource_id'], true);
if ($sync) {
build_sync_packet($page_owner_uid, array('file' => array($sync)));
}
}
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . $_SESSION['album_return']);
}
if (argc() > 2 && array_key_exists('move_to_album', $_POST)) {
$m = q("select folder from attach where hash = '%s' and uid = %d limit 1", dbesc(argv(2)), intval($page_owner_uid));
if ($m && $m[0]['folder'] != $_POST['move_to_album']) {
attach_move($page_owner_uid, argv(2), $_POST['move_to_album']);
if (!($_POST['desc'] && $_POST['newtag'])) {
goaway(z_root() . '/' . $_SESSION['photo_return']);
}
}
}
if (argc() > 2 && (x($_POST, 'desc') !== false || x($_POST, 'newtag') !== false)) {
$desc = x($_POST, 'desc') ? notags(trim($_POST['desc'])) : '';
$rawtags = x($_POST, 'newtag') ? notags(trim($_POST['newtag'])) : '';
$item_id = x($_POST, 'item_id') ? intval($_POST['item_id']) : 0;
$is_nsfw = x($_POST, 'adult') ? intval($_POST['adult']) : 0;
$acl->set_from_array($_POST);
$perm = $acl->get();
$resource_id = argv(2);
if (x($_POST, 'rotate') !== false && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) {
logger('rotate');
$r = q("select * from photo where `resource_id` = '%s' and uid = %d and imgscale = 0 limit 1", dbesc($resource_id), intval($page_owner_uid));
if (count($r)) {
$d = $r[0]['os_storage'] ? @file_get_contents($r[0]['content']) : dbunescbin($r[0]['content']);
$ph = photo_factory($d, $r[0]['mimetype']);
if ($ph->is_valid()) {
$rotate_deg = intval($_POST['rotate']) == 1 ? 270 : 90;
$ph->rotate($rotate_deg);
$width = $ph->getWidth();
$height = $ph->getHeight();
if (intval($r[0]['os_storage'])) {
@file_put_contents($r[0]['content'], $ph->imageString());
$data = $r[0]['content'];
$fsize = @filesize($r[0]['content']);
q("update attach set filesize = %d where hash = '%s' and uid = %d limit 1", intval($fsize), dbesc($resource_id), intval($page_owner_uid));
} else {
$data = $ph->imageString();
$fsize = strlen($data);
}
$x = q("update photo set content = '%s', filesize = %d, height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 0", dbescbin($data), intval($fsize), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 1024 || $height > 1024) {
$ph->scaleImage(1024);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 1", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 2", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 3", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
}
}
$p = q("SELECT mimetype, is_nsfw, description, resource_id, imgscale, allow_cid, allow_gid, deny_cid, deny_gid FROM photo WHERE resource_id = '%s' AND uid = %d ORDER BY imgscale DESC", dbesc($resource_id), intval($page_owner_uid));
if ($p) {
$ext = $phototypes[$p[0]['mimetype']];
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
}
$item_private = $str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny ? true : false;
$old_is_nsfw = $p[0]['is_nsfw'];
if ($old_is_nsfw != $is_nsfw) {
$r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d", intval($is_nsfw), dbesc($resource_id), intval($page_owner_uid));
}
/* Don't make the item visible if the only change was the album name */
$visibility = 0;
if ($p[0]['description'] !== $desc || strlen($rawtags)) {
$visibility = 1;
}
if (!$item_id) {
$item_id = photos_create_item(\App::$data['channel'], get_observer_hash(), $p[0], $visibility);
}
if ($item_id) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$old_tag = $r[0]['tag'];
$old_inform = $r[0]['inform'];
}
}
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d\n\t\t\t\twhere id = %d", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), intval($acl->is_private()), intval($item_id));
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
if (strlen($rawtags)) {
$str_tags = '';
$inform = '';
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention
$x = substr($rawtags, 0, 1);
if ($x !== '@' && $x !== '#') {
$rawtags = '@' . $rawtags;
}
require_once 'include/text.php';
$profile_uid = \App::$profile['profile_uid'];
$results = linkify_tags($a, $rawtags, local_channel() ? local_channel() : $profile_uid);
$success = $results['success'];
$post_tags = array();
foreach ($results as $result) {
$success = $result['success'];
if ($success['replaced']) {
$post_tags[] = array('uid' => $profile_uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url']);
}
}
$r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$r = fetch_post_tags($r, true);
$datarray = $r[0];
if ($post_tags) {
if (!array_key_exists('term', $datarray) || !is_array($datarray['term'])) {
$datarray['term'] = $post_tags;
} else {
$datarray['term'] = array_merge($datarray['term'], $post_tags);
}
}
item_store_update($datarray, $execflag);
}
}
$sync = attach_export_data(\App::$data['channel'], $resource_id);
if ($sync) {
build_sync_packet($page_owner_uid, array('file' => array($sync)));
}
goaway(z_root() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
/**
* default post action - upload a photo
*/
$channel = \App::$data['channel'];
$observer = \App::$data['observer'];
$_REQUEST['source'] = 'photos';
require_once 'include/attach.php';
if (!local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($channel, get_observer_hash(), '', $_REQUEST);
if (!$r['success']) {
notice($r['message'] . EOL);
}
if ($_REQUEST['newalbum']) {
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . bin2hex($_REQUEST['newalbum']));
} else {
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . bin2hex(datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y')));
}
}
/**
* @brief Returns an array of contact-ids that are allowed to see this object.
*
* @param object $obj
* @return array
*/
function enumerate_permissions($obj)
{
require_once 'include/group.php';
$allow_people = expand_acl($obj['allow_cid']);
$allow_groups = expand_groups(expand_acl($obj['allow_gid']));
$deny_people = expand_acl($obj['deny_cid']);
$deny_groups = expand_groups(expand_acl($obj['deny_gid']));
$recipients = array_unique(array_merge($allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$recipients = array_diff($recipients, $deny);
return $recipients;
}
function lockview_content(&$a)
{
$type = $a->argc > 1 ? $a->argv[1] : 0;
if (is_numeric($type)) {
$item_id = intval($type);
$type = 'item';
} else {
$item_id = $a->argc > 2 ? intval($a->argv[2]) : 0;
}
if (!$item_id) {
killme();
}
if (!in_array($type, array('item', 'photo', 'event'))) {
killme();
}
$r = q("SELECT * FROM `%s` WHERE `id` = %d LIMIT 1", dbesc($type), intval($item_id));
if (!count($r)) {
killme();
}
$item = $r[0];
if ($item['uid'] != local_user()) {
killme();
}
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
if ($item['private'] && !strlen($item['allow_cid']) && !strlen($item['allow_gid']) && !strlen($item['deny_cid']) && !strlen($item['deny_gid'])) {
echo t('Remote privacy information not available.') . '<br />';
killme();
}
$o = t('Visible to:') . '<br />';
$l = array();
if (count($allowed_groups)) {
$r = q("SELECT `name` FROM `group` WHERE `id` IN ( %s )", dbesc(implode(', ', $allowed_groups)));
if (count($r)) {
foreach ($r as $rr) {
$l[] = '<b>' . $rr['name'] . '</b>';
}
}
}
if (count($allowed_users)) {
$r = q("SELECT `name` FROM `contact` WHERE `id` IN ( %s )", dbesc(implode(', ', $allowed_users)));
if (count($r)) {
foreach ($r as $rr) {
$l[] = $rr['name'];
}
}
}
if (count($deny_groups)) {
$r = q("SELECT `name` FROM `group` WHERE `id` IN ( %s )", dbesc(implode(', ', $deny_groups)));
if (count($r)) {
foreach ($r as $rr) {
$l[] = '<b><strike>' . $rr['name'] . '</strike></b>';
}
}
}
if (count($deny_users)) {
$r = q("SELECT `name` FROM `contact` WHERE `id` IN ( %s )", dbesc(implode(', ', $deny_users)));
if (count($r)) {
foreach ($r as $rr) {
$l[] = '<strike>' . $rr['name'] . '</strike>';
}
}
}
echo $o . implode(', ', $l);
killme();
}