3 * @file include/acl_selectors.php
6 use Friendica\Content\Feature;
7 use Friendica\Content\Widget;
8 use Friendica\Core\Addon;
9 use Friendica\Core\Config;
10 use Friendica\Core\L10n;
11 use Friendica\Database\DBM;
12 use Friendica\Model\Contact;
13 use Friendica\Model\GContact;
14 use Friendica\Util\Network;
16 require_once "mod/proxy.php";
19 * @package acl_selectors
21 function group_select($selname,$selclass,$preselected = false,$size = 4) {
27 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
29 $r = q("SELECT `id`, `name` FROM `group` WHERE NOT `deleted` AND `uid` = %d ORDER BY `name` ASC",
34 $arr = ['group' => $r, 'entry' => $o];
36 // e.g. 'network_pre_group_deny', 'profile_pre_group_allow'
38 Addon::callHooks($a->module . '_pre_' . $selname, $arr);
40 if (DBM::is_result($r)) {
42 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
43 $selected = " selected=\"selected\" ";
48 $trimmed = mb_substr($rr['name'],0,12);
50 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}\" >$trimmed</option>\r\n";
54 $o .= "</select>\r\n";
56 Addon::callHooks($a->module . '_post_' . $selname, $o);
62 /// @TODO find proper type-hints
63 function contact_selector($selname, $selclass, $options, $preselected = false)
73 if (is_array($options)) {
74 if (x($options, 'size'))
75 $size = $options['size'];
77 if (x($options, 'mutual_friends')) {
80 if (x($options, 'single')) {
83 if (x($options, 'multiple')) {
86 if (x($options, 'exclude')) {
87 $exclude = $options['exclude'];
90 if (x($options, 'networks')) {
91 switch ($options['networks']) {
93 $networks = [NETWORK_DFRN];
96 if (is_array($a->user) && $a->user['prvnets']) {
97 $networks = [NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA];
99 $networks = [NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA];
103 if (is_array($a->user) && $a->user['prvnets']) {
104 $networks = [NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA];
106 $networks = [NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA, NETWORK_OSTATUS];
109 default: /// @TODO Maybe log this call?
115 $x = ['options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks];
117 Addon::callHooks('contact_select_options', $x);
123 if (x($x, 'mutual')) {
124 $sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
127 if (x($x, 'exclude')) {
128 $sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude']));
131 if (is_array($x['networks']) && count($x['networks'])) {
132 /// @TODO rewrite to foreach()
133 for ($y = 0; $y < count($x['networks']) ; $y ++) {
134 $x['networks'][$y] = "'" . dbesc($x['networks'][$y]) . "'";
136 $str_nets = implode(',', $x['networks']);
137 $sql_extra .= " AND `network` IN ( $str_nets ) ";
140 $tabindex = (x($options, 'tabindex') ? "tabindex=\"" . $options["tabindex"] . "\"" : "");
143 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
145 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
148 $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
149 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
151 ORDER BY `name` ASC ",
156 $arr = ['contact' => $r, 'entry' => $o];
158 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
160 Addon::callHooks($a->module . '_pre_' . $selname, $arr);
162 if (DBM::is_result($r)) {
163 foreach ($r as $rr) {
164 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
165 $selected = " selected=\"selected\" ";
170 $trimmed = mb_substr($rr['name'],0,20);
172 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
177 $o .= "</select>\r\n";
179 Addon::callHooks($a->module . '_post_' . $selname, $o);
186 function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {
188 require_once "include/bbcode.php";
194 // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
195 // to one recipient. By default our selector allows multiple selects amongst all contacts.
199 if ($privmail || $celeb) {
200 $sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
204 $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s') ",
205 NETWORK_DFRN, NETWORK_DIASPORA);
206 } elseif ($privatenet) {
207 $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s', '%s', '%s') ",
208 NETWORK_DFRN, NETWORK_MAIL, NETWORK_FACEBOOK, NETWORK_DIASPORA);
211 $tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");
213 if ($privmail && $preselected) {
214 $sql_extra .= " AND `id` IN (".implode(",", $preselected).")";
215 $hidepreselected = ' style="display: none;"';
217 $hidepreselected = "";
221 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex $hidepreselected>\r\n";
223 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
226 $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
227 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
229 ORDER BY `name` ASC ",
234 $arr = ['contact' => $r, 'entry' => $o];
236 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
238 Addon::callHooks($a->module . '_pre_' . $selname, $arr);
242 if (DBM::is_result($r)) {
243 foreach ($r as $rr) {
244 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
245 $selected = " selected=\"selected\" ";
251 $trimmed = GetProfileUsername($rr['url'], $rr['name'], false);
253 $trimmed = mb_substr($rr['name'],0,20);
256 $receiverlist[] = $trimmed;
258 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
263 $o .= "</select>\r\n";
265 if ($privmail && $preselected) {
266 $o .= implode(", ", $receiverlist);
269 Addon::callHooks($a->module . '_post_' . $selname, $o);
275 function fixacl(&$item) {
276 $item = intval(str_replace(['<', '>'], ['', ''], $item));
279 function prune_deadguys($arr) {
285 $str = dbesc(implode(',', $arr));
287 $r = q("SELECT `id` FROM `contact` WHERE `id` IN ( " . $str . ") AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 ");
289 if (DBM::is_result($r)) {
291 foreach ($r as $rr) {
292 $ret[] = intval($rr['id']);
301 function get_acl_permissions($user = null) {
302 $allow_cid = $allow_gid = $deny_cid = $deny_gid = false;
304 if (is_array($user)) {
305 $allow_cid = ((strlen($user['allow_cid']))
306 ? explode('><', $user['allow_cid']) : [] );
307 $allow_gid = ((strlen($user['allow_gid']))
308 ? explode('><', $user['allow_gid']) : [] );
309 $deny_cid = ((strlen($user['deny_cid']))
310 ? explode('><', $user['deny_cid']) : [] );
311 $deny_gid = ((strlen($user['deny_gid']))
312 ? explode('><', $user['deny_gid']) : [] );
313 array_walk($allow_cid,'fixacl');
314 array_walk($allow_gid,'fixacl');
315 array_walk($deny_cid,'fixacl');
316 array_walk($deny_gid,'fixacl');
319 $allow_cid = prune_deadguys($allow_cid);
322 'allow_cid' => $allow_cid,
323 'allow_gid' => $allow_gid,
324 'deny_cid' => $deny_cid,
325 'deny_gid' => $deny_gid,
330 function populate_acl($user = null, $show_jotnets = false) {
332 $perms = get_acl_permissions($user);
336 $mail_disabled = ((function_exists('imap_open') && (! Config::get('system','imap_disabled'))) ? 0 : 1);
338 $mail_enabled = false;
339 $pubmail_enabled = false;
341 if (! $mail_disabled) {
342 $r = q("SELECT `pubmail` FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
345 if (DBM::is_result($r)) {
346 $mail_enabled = true;
347 if (intval($r[0]['pubmail'])) {
348 $pubmail_enabled = true;
353 if (!$user['hidewall']) {
355 $selected = (($pubmail_enabled) ? ' checked="checked" ' : '');
356 $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . L10n::t("Post to Email") . '</div>';
359 Addon::callHooks('jot_networks', $jotnets);
361 $jotnets .= L10n::t('Connectors disabled, since "%s" is enabled.', L10n::t('Hide your profile details from unknown viewers?'));
365 $tpl = get_markup_template("acl_selector.tpl");
366 $o = replace_macros($tpl, [
367 '$showall'=> L10n::t("Visible to everybody"),
368 '$show' => L10n::t("show"),
369 '$hide' => L10n::t("don't show"),
370 '$allowcid' => json_encode($perms['allow_cid']),
371 '$allowgid' => json_encode($perms['allow_gid']),
372 '$denycid' => json_encode($perms['deny_cid']),
373 '$denygid' => json_encode($perms['deny_gid']),
374 '$networks' => $show_jotnets,
375 '$emailcc' => L10n::t('CC: email addresses'),
376 '$emtitle' => L10n::t('Example: bob@example.com, mary@example.com'),
377 '$jotnets' => $jotnets,
378 '$aclModalTitle' => L10n::t('Permissions'),
379 '$aclModalDismiss' => L10n::t('Close'),
381 'aclautomention' => (Feature::isEnabled($user['uid'], "aclautomention") ? "true" : "false")
390 function acl_lookup(App $a, $out_type = 'json')
396 $start = defaults($_REQUEST, 'start' , 0);
397 $count = defaults($_REQUEST, 'count' , 100);
398 $search = defaults($_REQUEST, 'search' , '');
399 $type = defaults($_REQUEST, 'type' , '');
400 $conv_id = defaults($_REQUEST, 'conversation', null);
402 // For use with jquery.textcomplete for private mail completion
403 if (x($_REQUEST, 'query')) {
407 $search = $_REQUEST['query'];
410 logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
413 $sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
414 $sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')";
416 /// @TODO Avoid these needless else blocks by putting variable-initialization atop of if()
417 $sql_extra = $sql_extra2 = "";
420 // count groups and contacts
421 if ($type == '' || $type == 'g') {
422 $r = q("SELECT COUNT(*) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
425 $group_count = (int)$r[0]['g'];
430 $sql_extra2 .= " ".Widget::unavailableNetworks();
432 if ($type == '' || $type == 'c') {
433 // autocomplete for editor mentions
434 $r = q("SELECT COUNT(*) AS c FROM `contact`
435 WHERE `uid` = %d AND NOT `self`
436 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
437 AND `success_update` >= `failure_update`
438 AND `notify` != '' $sql_extra2" ,
441 $contact_count = (int)$r[0]['c'];
442 } elseif ($type == 'f') {
443 // autocomplete for editor mentions of forums
444 $r = q("SELECT COUNT(*) AS c FROM `contact`
445 WHERE `uid` = %d AND NOT `self`
446 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
447 AND (`forum` OR `prv`)
448 AND `success_update` >= `failure_update`
449 AND `notify` != '' $sql_extra2" ,
452 $contact_count = (int)$r[0]['c'];
453 } elseif ($type == 'm') {
454 // autocomplete for Private Messages
455 $r = q("SELECT COUNT(*) AS c FROM `contact`
456 WHERE `uid` = %d AND NOT `self`
457 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
458 AND `success_update` >= `failure_update`
459 AND `network` IN ('%s', '%s') $sql_extra2" ,
460 intval(local_user()),
462 dbesc(NETWORK_DIASPORA)
464 $contact_count = (int)$r[0]['c'];
466 } elseif ($type == 'a') {
467 // autocomplete for Contacts
468 $r = q("SELECT COUNT(*) AS c FROM `contact`
469 WHERE `uid` = %d AND NOT `self`
470 AND NOT `pending` $sql_extra2" ,
473 $contact_count = (int)$r[0]['c'];
478 $tot = $group_count + $contact_count;
483 if ($type == '' || $type == 'g') {
484 /// @todo We should cache this query.
485 // This can be done when we can delete cache entries via wildcard
486 $r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`contact-id` SEPARATOR ',') AS uids
488 INNER JOIN `group_member` ON `group_member`.`gid`=`group`.`id`
489 WHERE NOT `group`.`deleted` AND `group`.`uid` = %d
491 GROUP BY `group`.`name`, `group`.`id`
492 ORDER BY `group`.`name`
494 intval(local_user()),
502 "photo" => "images/twopeople.png",
503 "name" => htmlentities($g['name']),
504 "id" => intval($g['id']),
505 "uids" => array_map("intval", explode(",",$g['uids'])),
510 if ((count($groups) > 0) && ($search == "")) {
511 $groups[] = ["separator" => true];
516 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv`, (`prv` OR `forum`) AS `frm` FROM `contact`
517 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
518 AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s', '%s'))
520 ORDER BY `name` ASC ",
521 intval(local_user()),
522 dbesc(NETWORK_OSTATUS), dbesc(NETWORK_STATUSNET)
524 } elseif ($type == 'c') {
525 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
526 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
527 AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s'))
529 ORDER BY `name` ASC ",
530 intval(local_user()),
531 dbesc(NETWORK_STATUSNET)
533 } elseif ($type == 'f') {
534 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
535 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
536 AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s'))
537 AND (`forum` OR `prv`)
539 ORDER BY `name` ASC ",
540 intval(local_user()),
541 dbesc(NETWORK_STATUSNET)
543 } elseif ($type == 'm') {
544 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr` FROM `contact`
545 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive`
546 AND `success_update` >= `failure_update` AND `network` IN ('%s', '%s')
548 ORDER BY `name` ASC ",
549 intval(local_user()),
551 dbesc(NETWORK_DIASPORA)
553 } elseif ($type == 'a') {
554 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
555 WHERE `uid` = %d AND `pending` = 0 AND `success_update` >= `failure_update`
557 ORDER BY `name` ASC ",
560 } elseif ($type == 'x') {
561 // autocomplete for global contact search (e.g. navbar search)
562 $r = navbar_complete($a);
567 'photo' => proxy_url($g['photo'], false, PROXY_SIZE_MICRO),
568 'name' => $g['name'],
569 'nick' => (x($g['addr']) ? $g['addr'] : $g['url']),
570 'network' => $g['network'],
572 'forum' => (x($g['community']) ? 1 : 0),
579 'items' => $contacts,
581 echo json_encode($o);
587 if (DBM::is_result($r)) {
592 'photo' => proxy_url($g['micro'], false, PROXY_SIZE_MICRO),
593 'name' => htmlentities($g['name']),
594 'id' => intval($g['id']),
595 'network' => $g['network'],
597 'nick' => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']),
598 'addr' => htmlentities(($g['addr']) ? $g['addr'] : $g['url']),
599 'forum' => ((x($g, 'forum') || x($g, 'prv')) ? 1 : 0),
601 if ($entry['forum']) {
604 $contacts[] = $entry;
607 if (count($forums) > 0) {
609 $forums[] = ["separator" => true];
611 $contacts = array_merge($forums, $contacts);
615 $items = array_merge($groups, $contacts);
619 * if $conv_id is set, get unknown contacts in thread
620 * but first get known contacts url to filter them out
622 $known_contacts = array_map(
624 return dbesc($i['link']);
628 $unknown_contacts = [];
629 $r = q("SELECT `author-link`
630 FROM `item` WHERE `parent` = %d
631 AND (`author-name` LIKE '%%%s%%' OR `author-link` LIKE '%%%s%%')
632 AND `author-link` NOT IN ('%s')
633 GROUP BY `author-link`, `author-avatar`, `author-name`
634 ORDER BY `author-name` ASC
639 implode("', '", $known_contacts)
641 if (DBM::is_result($r)) {
642 foreach ($r as $row) {
643 $contact = Contact::getDetailsByURL($row['author-link']);
645 if (count($contact) > 0) {
646 $unknown_contacts[] = [
648 'photo' => proxy_url($contact['micro'], false, PROXY_SIZE_MICRO),
649 'name' => htmlentities($contact['name']),
650 'id' => intval($contact['cid']),
651 'network' => $contact['network'],
652 'link' => $contact['url'],
653 'nick' => htmlentities($contact['nick'] ? : $contact['addr']),
654 'addr' => htmlentities(($contact['addr']) ? $contact['addr'] : $contact['url']),
655 'forum' => $contact['forum']
661 $items = array_merge($items, $unknown_contacts);
662 $tot += count($unknown_contacts);
670 'contacts' => $contacts,
676 Addon::callHooks('acl_lookup_end', $results);
678 if ($out_type === 'html') {
680 'tot' => $results['tot'],
681 'start' => $results['start'],
682 'count' => $results['count'],
683 'groups' => $results['groups'],
684 'contacts' => $results['contacts'],
690 'tot' => $results['tot'],
691 'start' => $results['start'],
692 'count' => $results['count'],
693 'items' => $results['items'],
696 echo json_encode($o);
701 * @brief Searching for global contacts for autocompletion
704 * @return array with the search results
706 function navbar_complete(App $a) {
708 // logger('navbar_complete');
710 if ((Config::get('system','block_public')) && (! local_user()) && (! remote_user())) {
714 // check if searching in the local global contact table is enabled
715 $localsearch = Config::get('system','poco_local_search');
717 $search = $prefix.notags(trim($_REQUEST['search']));
718 $mode = $_REQUEST['smode'];
720 // don't search if search term has less than 2 characters
721 if (! $search || mb_strlen($search) < 2) {
725 if (substr($search,0,1) === '@') {
726 $search = substr($search,1);
730 $x = GContact::searchByName($search, $mode);
734 if (! $localsearch) {
735 $p = (($a->pager['page'] != 1) ? '&p=' . $a->pager['page'] : '');
737 $x = Network::curl(get_server() . '/lsearch?f=' . $p . '&search=' . urlencode($search));
739 $j = json_decode($x['body'],true);
740 if ($j && isset($j['results'])) {
741 return $j['results'];
746 /// @TODO Not needed here?
projects / friendica.git / blob