4 * @file include/acl_selectors.php
7 require_once("include/contact_selectors.php");
8 require_once("include/contact_widgets.php");
9 require_once("include/DirSearch.php");
10 require_once("include/features.php");
11 require_once("mod/proxy.php");
15 * @package acl_selectors
17 function group_select($selname,$selclass,$preselected = false,$size = 4) {
23 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
25 $r = q("SELECT `id`, `name` FROM `group` WHERE NOT `deleted` AND `uid` = %d ORDER BY `name` ASC",
30 $arr = array('group' => $r, 'entry' => $o);
32 // e.g. 'network_pre_group_deny', 'profile_pre_group_allow'
34 call_hooks($a->module . '_pre_' . $selname, $arr);
36 if (dbm::is_result($r)) {
38 if ((is_array($preselected)) && in_array($rr['id'], $preselected))
39 $selected = " selected=\"selected\" ";
43 $trimmed = mb_substr($rr['name'],0,12);
45 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}\" >$trimmed</option>\r\n";
49 $o .= "</select>\r\n";
51 call_hooks($a->module . '_post_' . $selname, $o);
58 function contact_selector($selname, $selclass, $preselected = false, $options) {
68 if (is_array($options)) {
69 if (x($options,'size'))
70 $size = $options['size'];
72 if (x($options,'mutual_friends')) {
75 if (x($options,'single')) {
78 if (x($options,'multiple')) {
81 if (x($options,'exclude')) {
82 $exclude = $options['exclude'];
85 if (x($options,'networks')) {
86 switch($options['networks']) {
88 $networks = array(NETWORK_DFRN);
91 if (is_array($a->user) && $a->user['prvnets']) {
92 $networks = array(NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA);
94 $networks = array(NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA);
98 if (is_array($a->user) && $a->user['prvnets']) {
99 $networks = array(NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA);
101 $networks = array(NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA, NETWORK_OSTATUS);
104 default: /// @TODO Maybe log this call?
110 $x = array('options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks);
112 call_hooks('contact_select_options', $x);
119 $sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
122 if (intval($x['exclude'])) {
123 $sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude']));
126 if (is_array($x['networks']) && count($x['networks'])) {
127 /// @TODO rewrite to foreach()
128 for ($y = 0; $y < count($x['networks']) ; $y ++) {
129 $x['networks'][$y] = "'" . dbesc($x['networks'][$y]) . "'";
131 $str_nets = implode(',',$x['networks']);
132 $sql_extra .= " AND `network` IN ( $str_nets ) ";
135 $tabindex = (x($options, 'tabindex') ? "tabindex=\"" . $options["tabindex"] . "\"" : "");
138 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
140 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
143 $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
144 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
146 ORDER BY `name` ASC ",
151 $arr = array('contact' => $r, 'entry' => $o);
153 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
155 call_hooks($a->module . '_pre_' . $selname, $arr);
157 if (dbm::is_result($r)) {
158 foreach ($r as $rr) {
159 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
160 $selected = " selected=\"selected\" ";
165 $trimmed = mb_substr($rr['name'],0,20);
167 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
172 $o .= "</select>\r\n";
174 call_hooks($a->module . '_post_' . $selname, $o);
181 function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {
183 require_once "include/bbcode.php";
189 // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
190 // to one recipient. By default our selector allows multiple selects amongst all contacts.
194 if ($privmail || $celeb) {
195 $sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
199 $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s') ",
200 NETWORK_DFRN, NETWORK_DIASPORA);
201 } elseif ($privatenet) {
202 $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s', '%s', '%s') ",
203 NETWORK_DFRN, NETWORK_MAIL, NETWORK_FACEBOOK, NETWORK_DIASPORA);
206 $tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");
208 if ($privmail AND $preselected) {
209 $sql_extra .= " AND `id` IN (".implode(",", $preselected).")";
210 $hidepreselected = ' style="display: none;"';
212 $hidepreselected = "";
216 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex $hidepreselected>\r\n";
218 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
221 $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
222 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
224 ORDER BY `name` ASC ",
229 $arr = array('contact' => $r, 'entry' => $o);
231 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
233 call_hooks($a->module . '_pre_' . $selname, $arr);
235 $receiverlist = array();
237 if (dbm::is_result($r)) {
238 foreach ($r as $rr) {
239 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
240 $selected = " selected=\"selected\" ";
246 $trimmed = GetProfileUsername($rr['url'], $rr['name'], false);
248 $trimmed = mb_substr($rr['name'],0,20);
251 $receiverlist[] = $trimmed;
253 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
258 $o .= "</select>\r\n";
260 if ($privmail AND $preselected) {
261 $o .= implode(", ", $receiverlist);
264 call_hooks($a->module . '_post_' . $selname, $o);
270 function fixacl(&$item) {
271 $item = intval(str_replace(array('<', '>'), array('', ''), $item));
274 function prune_deadguys($arr) {
280 $str = dbesc(implode(',',$arr));
282 $r = q("SELECT `id` FROM `contact` WHERE `id` IN ( " . $str . ") AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 ");
284 if (dbm::is_result($r)) {
286 foreach ($r as $rr) {
287 $ret[] = intval($rr['id']);
296 function get_acl_permissions($user = null) {
297 $allow_cid = $allow_gid = $deny_cid = $deny_gid = false;
299 if (is_array($user)) {
300 $allow_cid = ((strlen($user['allow_cid']))
301 ? explode('><', $user['allow_cid']) : array() );
302 $allow_gid = ((strlen($user['allow_gid']))
303 ? explode('><', $user['allow_gid']) : array() );
304 $deny_cid = ((strlen($user['deny_cid']))
305 ? explode('><', $user['deny_cid']) : array() );
306 $deny_gid = ((strlen($user['deny_gid']))
307 ? explode('><', $user['deny_gid']) : array() );
308 array_walk($allow_cid,'fixacl');
309 array_walk($allow_gid,'fixacl');
310 array_walk($deny_cid,'fixacl');
311 array_walk($deny_gid,'fixacl');
314 $allow_cid = prune_deadguys($allow_cid);
317 'allow_cid' => $allow_cid,
318 'allow_gid' => $allow_gid,
319 'deny_cid' => $deny_cid,
320 'deny_gid' => $deny_gid,
325 function populate_acl($user = null, $show_jotnets = false) {
327 $perms = get_acl_permissions($user);
331 $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
333 $mail_enabled = false;
334 $pubmail_enabled = false;
336 if (! $mail_disabled) {
337 $r = q("SELECT `pubmail` FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
340 if (dbm::is_result($r)) {
341 $mail_enabled = true;
342 if (intval($r[0]['pubmail'])) {
343 $pubmail_enabled = true;
348 if (!$user['hidewall']) {
350 $selected = (($pubmail_enabled) ? ' checked="checked" ' : '');
351 $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . t("Post to Email") . '</div>';
354 call_hooks('jot_networks', $jotnets);
356 $jotnets .= sprintf(t('Connectors disabled, since "%s" is enabled.'),
357 t('Hide your profile details from unknown viewers?'));
361 $tpl = get_markup_template("acl_selector.tpl");
362 $o = replace_macros($tpl, array(
363 '$showall'=> t("Visible to everybody"),
364 '$show' => t("show"),
365 '$hide' => t("don't show"),
366 '$allowcid' => json_encode($perms['allow_cid']),
367 '$allowgid' => json_encode($perms['allow_gid']),
368 '$denycid' => json_encode($perms['deny_cid']),
369 '$denygid' => json_encode($perms['deny_gid']),
370 '$networks' => $show_jotnets,
371 '$emailcc' => t('CC: email addresses'),
372 '$emtitle' => t('Example: bob@example.com, mary@example.com'),
373 '$jotnets' => $jotnets,
374 '$aclModalTitle' => t('Permissions'),
375 '$aclModalDismiss' => t('Close'),
376 '$features' => array(
377 'aclautomention' => (feature_enabled($user['uid'],"aclautomention")?"true":"false")
386 function construct_acl_data(App $a, $user) {
388 // Get group and contact information for html ACL selector
389 $acl_data = acl_lookup($a, 'html');
391 $user_defaults = get_acl_permissions($user);
393 if ($acl_data['groups']) {
394 foreach ($acl_data['groups'] as $key=>$group) {
395 // Add a "selected" flag to groups that are posted to by default
396 if ($user_defaults['allow_gid'] &&
397 in_array($group['id'], $user_defaults['allow_gid']) && !in_array($group['id'], $user_defaults['deny_gid']) )
398 $acl_data['groups'][$key]['selected'] = 1;
400 $acl_data['groups'][$key]['selected'] = 0;
403 if ($acl_data['contacts']) {
404 foreach ($acl_data['contacts'] as $key=>$contact) {
405 // Add a "selected" flag to groups that are posted to by default
406 if ($user_defaults['allow_cid'] &&
407 in_array($contact['id'], $user_defaults['allow_cid']) && !in_array($contact['id'], $user_defaults['deny_cid']) )
408 $acl_data['contacts'][$key]['selected'] = 1;
410 $acl_data['contacts'][$key]['selected'] = 0;
418 function acl_lookup(App $a, $out_type = 'json') {
424 $start = (x($_REQUEST,'start') ? $_REQUEST['start'] : 0);
425 $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 100);
426 $search = (x($_REQUEST,'search') ? $_REQUEST['search'] : "");
427 $type = (x($_REQUEST,'type') ? $_REQUEST['type'] : "");
428 $mode = (x($_REQUEST,'smode') ? $_REQUEST['smode'] : "");
429 $conv_id = (x($_REQUEST,'conversation') ? $_REQUEST['conversation'] : null);
431 // For use with jquery.textcomplete for private mail completion
433 if (x($_REQUEST,'query') && strlen($_REQUEST['query'])) {
436 $search = $_REQUEST['query'];
439 logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
442 $sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
443 $sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')";
445 /// @TODO Avoid these needless else blocks by putting variable-initialization atop of if()
446 $sql_extra = $sql_extra2 = "";
449 // count groups and contacts
450 if ($type=='' || $type=='g'){
451 $r = q("SELECT COUNT(*) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
454 $group_count = (int)$r[0]['g'];
459 $sql_extra2 .= " ".unavailable_networks();
461 if ($type == '' || $type == 'c') {
462 // autocomplete for editor mentions
463 $r = q("SELECT COUNT(*) AS c FROM `contact`
464 WHERE `uid` = %d AND NOT `self`
465 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
466 AND `notify` != '' $sql_extra2" ,
469 $contact_count = (int)$r[0]['c'];
471 elseif ($type == 'm') {
473 // autocomplete for Private Messages
475 $r = q("SELECT COUNT(*) AS c FROM `contact`
476 WHERE `uid` = %d AND NOT `self`
477 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
478 AND `network` IN ('%s','%s','%s') $sql_extra2" ,
479 intval(local_user()),
482 dbesc(NETWORK_DIASPORA)
484 $contact_count = (int)$r[0]['c'];
487 elseif ($type == 'a') {
489 // autocomplete for Contacts
491 $r = q("SELECT COUNT(*) AS c FROM `contact`
492 WHERE `uid` = %d AND NOT `self`
493 AND NOT `pending` $sql_extra2" ,
496 $contact_count = (int)$r[0]['c'];
503 $tot = $group_count+$contact_count;
508 if ($type=='' || $type=='g'){
510 /// @todo We should cache this query.
511 // This can be done when we can delete cache entries via wildcard
512 $r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`contact-id` SEPARATOR ',') AS uids
514 INNER JOIN `group_member` ON `group_member`.`gid`=`group`.`id` AND `group_member`.`uid` = `group`.`uid`
515 WHERE NOT `group`.`deleted` AND `group`.`uid` = %d
517 GROUP BY `group`.`name`
518 ORDER BY `group`.`name`
520 intval(local_user()),
526 // logger('acl: group: ' . $g['name'] . ' members: ' . $g['uids']);
529 "photo" => "images/twopeople.png",
530 "name" => htmlentities($g['name']),
531 "id" => intval($g['id']),
532 "uids" => array_map("intval", explode(",",$g['uids'])),
541 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `forum`, `prv` FROM `contact`
542 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
543 AND NOT (`network` IN ('%s', '%s'))
545 ORDER BY `name` ASC ",
546 intval(local_user()),
547 dbesc(NETWORK_OSTATUS), dbesc(NETWORK_STATUSNET)
552 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `forum`, `prv` FROM `contact`
553 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
554 AND NOT (`network` IN ('%s'))
556 ORDER BY `name` ASC ",
557 intval(local_user()),
558 dbesc(NETWORK_STATUSNET)
561 elseif ($type == 'm') {
562 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
563 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive`
564 AND `network` IN ('%s','%s','%s')
566 ORDER BY `name` ASC ",
567 intval(local_user()),
570 dbesc(NETWORK_DIASPORA)
572 } elseif ($type == 'a') {
573 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `forum`, `prv` FROM `contact`
574 WHERE `uid` = %d AND `pending` = 0
576 ORDER BY `name` ASC ",
579 } elseif ($type == 'x') {
580 // autocomplete for global contact search (e.g. navbar search)
581 $r = navbar_complete($a);
586 'photo' => proxy_url($g['photo'], false, PROXY_SIZE_MICRO),
587 'name' => $g['name'],
588 'nick' => (x($g['addr']) ? $g['addr'] : $g['url']),
589 'network' => $g['network'],
591 'forum' => (x($g['community']) ? 1 : 0),
598 'items' => $contacts,
600 echo json_encode($o);
607 if (dbm::is_result($r)) {
611 'photo' => proxy_url($g['micro'], false, PROXY_SIZE_MICRO),
612 'name' => htmlentities($g['name']),
613 'id' => intval($g['id']),
614 'network' => $g['network'],
616 'nick' => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']),
617 'forum' => ((x($g['forum']) || x($g['prv'])) ? 1 : 0),
622 $items = array_merge($groups, $contacts);
625 /* if $conv_id is set, get unknow contacts in thread */
626 /* but first get know contacts url to filter them out */
627 function _contact_link($i){ return dbesc($i['link']); }
628 $known_contacts = array_map(_contact_link, $contacts);
629 $unknow_contacts=array();
630 $r = q("SELECT `author-avatar`,`author-name`,`author-link`
631 FROM `item` WHERE `parent` = %d
632 AND (`author-name` LIKE '%%%s%%' OR `author-link` LIKE '%%%s%%')
633 AND `author-link` NOT IN ('%s')
634 GROUP BY `author-link`
635 ORDER BY `author-name` ASC
640 implode("','", $known_contacts)
642 if (dbm::is_result($r)){
643 foreach ($r as $row) {
645 $up = parse_url($row['author-link']);
646 $nick = explode("/",$up['path']);
647 $nick = $nick[count($nick)-1];
648 $nick .= "@".$up['host'];
650 $unknow_contacts[] = array(
652 'photo' => proxy_url($row['author-avatar'], false, PROXY_SIZE_MICRO),
653 'name' => htmlentities($row['author-name']),
655 'network' => 'unknown',
656 'link' => $row['author-link'],
657 'nick' => htmlentities($nick),
663 $items = array_merge($items, $unknow_contacts);
664 $tot += count($unknow_contacts);
672 'contacts' => $contacts,
678 call_hooks('acl_lookup_end', $results);
680 if ($out_type === 'html') {
682 'tot' => $results['tot'],
683 'start' => $results['start'],
684 'count' => $results['count'],
685 'groups' => $results['groups'],
686 'contacts' => $results['contacts'],
692 'tot' => $results['tot'],
693 'start' => $results['start'],
694 'count' => $results['count'],
695 'items' => $results['items'],
698 echo json_encode($o);
703 * @brief Searching for global contacts for autocompletion
706 * @return array with the search results
708 function navbar_complete(App $a) {
710 // logger('navbar_complete');
712 if ((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
716 // check if searching in the local global contact table is enabled
717 $localsearch = get_config('system','poco_local_search');
719 $search = $prefix.notags(trim($_REQUEST['search']));
720 $mode = $_REQUEST['smode'];
722 // don't search if search term has less than 2 characters
723 if (! $search || mb_strlen($search) < 2) {
727 if (substr($search,0,1) === '@') {
728 $search = substr($search,1);
732 $x = DirSearch::global_search_by_name($search, $mode);
736 if (! $localsearch) {
737 $p = (($a->pager['page'] != 1) ? '&p=' . $a->pager['page'] : '');
739 $x = z_fetch_url(get_server().'/lsearch?f=' . $p . '&search=' . urlencode($search));
742 $j = json_decode($x['body'],true);
743 if ($j && $j['results']) {
744 return $j['results'];
749 /// @TODO Not needed here?