4 * @file include/acl_selectors.php
8 use Friendica\Core\Config;
9 use Friendica\Database\DBM;
11 require_once "include/contact_selectors.php";
12 require_once "include/contact_widgets.php";
13 require_once "include/DirSearch.php";
14 require_once "include/features.php";
15 require_once "mod/proxy.php";
19 * @package acl_selectors
21 function group_select($selname,$selclass,$preselected = false,$size = 4) {
27 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
29 $r = q("SELECT `id`, `name` FROM `group` WHERE NOT `deleted` AND `uid` = %d ORDER BY `name` ASC",
34 $arr = array('group' => $r, 'entry' => $o);
36 // e.g. 'network_pre_group_deny', 'profile_pre_group_allow'
38 call_hooks($a->module . '_pre_' . $selname, $arr);
40 if (DBM::is_result($r)) {
42 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
43 $selected = " selected=\"selected\" ";
48 $trimmed = mb_substr($rr['name'],0,12);
50 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}\" >$trimmed</option>\r\n";
54 $o .= "</select>\r\n";
56 call_hooks($a->module . '_post_' . $selname, $o);
62 /// @TODO after an optional parameter, no mandadory parameter can follow
63 /// @TODO find proper type-hints
64 function contact_selector($selname, $selclass, $preselected = false, $options) {
74 if (is_array($options)) {
75 if (x($options, 'size'))
76 $size = $options['size'];
78 if (x($options, 'mutual_friends')) {
81 if (x($options, 'single')) {
84 if (x($options, 'multiple')) {
87 if (x($options, 'exclude')) {
88 $exclude = $options['exclude'];
91 if (x($options, 'networks')) {
92 switch ($options['networks']) {
94 $networks = array(NETWORK_DFRN);
97 if (is_array($a->user) && $a->user['prvnets']) {
98 $networks = array(NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA);
100 $networks = array(NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA);
104 if (is_array($a->user) && $a->user['prvnets']) {
105 $networks = array(NETWORK_DFRN, NETWORK_MAIL, NETWORK_DIASPORA);
107 $networks = array(NETWORK_DFRN, NETWORK_FACEBOOK, NETWORK_MAIL, NETWORK_DIASPORA, NETWORK_OSTATUS);
110 default: /// @TODO Maybe log this call?
116 $x = array('options' => $options, 'size' => $size, 'single' => $single, 'mutual' => $mutual, 'exclude' => $exclude, 'networks' => $networks);
118 call_hooks('contact_select_options', $x);
124 if (x($x, 'mutual')) {
125 $sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
128 if (x($x, 'exclude')) {
129 $sql_extra .= sprintf(" AND `id` != %d ", intval($x['exclude']));
132 if (is_array($x['networks']) && count($x['networks'])) {
133 /// @TODO rewrite to foreach()
134 for ($y = 0; $y < count($x['networks']) ; $y ++) {
135 $x['networks'][$y] = "'" . dbesc($x['networks'][$y]) . "'";
137 $str_nets = implode(',', $x['networks']);
138 $sql_extra .= " AND `network` IN ( $str_nets ) ";
141 $tabindex = (x($options, 'tabindex') ? "tabindex=\"" . $options["tabindex"] . "\"" : "");
144 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"" . $x['size'] . "\" $tabindex >\r\n";
146 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"" . $x['size'] . "$\" $tabindex >\r\n";
149 $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
150 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
152 ORDER BY `name` ASC ",
157 $arr = array('contact' => $r, 'entry' => $o);
159 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
161 call_hooks($a->module . '_pre_' . $selname, $arr);
163 if (DBM::is_result($r)) {
164 foreach ($r as $rr) {
165 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
166 $selected = " selected=\"selected\" ";
171 $trimmed = mb_substr($rr['name'],0,20);
173 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
178 $o .= "</select>\r\n";
180 call_hooks($a->module . '_post_' . $selname, $o);
187 function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {
189 require_once "include/bbcode.php";
195 // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
196 // to one recipient. By default our selector allows multiple selects amongst all contacts.
200 if ($privmail || $celeb) {
201 $sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
205 $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s') ",
206 NETWORK_DFRN, NETWORK_DIASPORA);
207 } elseif ($privatenet) {
208 $sql_extra .= sprintf(" AND `network` IN ('%s' , '%s', '%s', '%s') ",
209 NETWORK_DFRN, NETWORK_MAIL, NETWORK_FACEBOOK, NETWORK_DIASPORA);
212 $tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");
214 if ($privmail && $preselected) {
215 $sql_extra .= " AND `id` IN (".implode(",", $preselected).")";
216 $hidepreselected = ' style="display: none;"';
218 $hidepreselected = "";
222 $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex $hidepreselected>\r\n";
224 $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
227 $r = q("SELECT `id`, `name`, `url`, `network` FROM `contact`
228 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
230 ORDER BY `name` ASC ",
235 $arr = array('contact' => $r, 'entry' => $o);
237 // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
239 call_hooks($a->module . '_pre_' . $selname, $arr);
241 $receiverlist = array();
243 if (DBM::is_result($r)) {
244 foreach ($r as $rr) {
245 if ((is_array($preselected)) && in_array($rr['id'], $preselected)) {
246 $selected = " selected=\"selected\" ";
252 $trimmed = GetProfileUsername($rr['url'], $rr['name'], false);
254 $trimmed = mb_substr($rr['name'],0,20);
257 $receiverlist[] = $trimmed;
259 $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
264 $o .= "</select>\r\n";
266 if ($privmail && $preselected) {
267 $o .= implode(", ", $receiverlist);
270 call_hooks($a->module . '_post_' . $selname, $o);
276 function fixacl(&$item) {
277 $item = intval(str_replace(array('<', '>'), array('', ''), $item));
280 function prune_deadguys($arr) {
286 $str = dbesc(implode(',', $arr));
288 $r = q("SELECT `id` FROM `contact` WHERE `id` IN ( " . $str . ") AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 ");
290 if (DBM::is_result($r)) {
292 foreach ($r as $rr) {
293 $ret[] = intval($rr['id']);
302 function get_acl_permissions($user = null) {
303 $allow_cid = $allow_gid = $deny_cid = $deny_gid = false;
305 if (is_array($user)) {
306 $allow_cid = ((strlen($user['allow_cid']))
307 ? explode('><', $user['allow_cid']) : array() );
308 $allow_gid = ((strlen($user['allow_gid']))
309 ? explode('><', $user['allow_gid']) : array() );
310 $deny_cid = ((strlen($user['deny_cid']))
311 ? explode('><', $user['deny_cid']) : array() );
312 $deny_gid = ((strlen($user['deny_gid']))
313 ? explode('><', $user['deny_gid']) : array() );
314 array_walk($allow_cid,'fixacl');
315 array_walk($allow_gid,'fixacl');
316 array_walk($deny_cid,'fixacl');
317 array_walk($deny_gid,'fixacl');
320 $allow_cid = prune_deadguys($allow_cid);
323 'allow_cid' => $allow_cid,
324 'allow_gid' => $allow_gid,
325 'deny_cid' => $deny_cid,
326 'deny_gid' => $deny_gid,
331 function populate_acl($user = null, $show_jotnets = false) {
333 $perms = get_acl_permissions($user);
337 $mail_disabled = ((function_exists('imap_open') && (! Config::get('system','imap_disabled'))) ? 0 : 1);
339 $mail_enabled = false;
340 $pubmail_enabled = false;
342 if (! $mail_disabled) {
343 $r = q("SELECT `pubmail` FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
346 if (DBM::is_result($r)) {
347 $mail_enabled = true;
348 if (intval($r[0]['pubmail'])) {
349 $pubmail_enabled = true;
354 if (!$user['hidewall']) {
356 $selected = (($pubmail_enabled) ? ' checked="checked" ' : '');
357 $jotnets .= '<div class="profile-jot-net"><input type="checkbox" name="pubmail_enable"' . $selected . ' value="1" /> ' . t("Post to Email") . '</div>';
360 call_hooks('jot_networks', $jotnets);
362 $jotnets .= sprintf(t('Connectors disabled, since "%s" is enabled.'),
363 t('Hide your profile details from unknown viewers?'));
367 $tpl = get_markup_template("acl_selector.tpl");
368 $o = replace_macros($tpl, array(
369 '$showall'=> t("Visible to everybody"),
370 '$show' => t("show"),
371 '$hide' => t("don't show"),
372 '$allowcid' => json_encode($perms['allow_cid']),
373 '$allowgid' => json_encode($perms['allow_gid']),
374 '$denycid' => json_encode($perms['deny_cid']),
375 '$denygid' => json_encode($perms['deny_gid']),
376 '$networks' => $show_jotnets,
377 '$emailcc' => t('CC: email addresses'),
378 '$emtitle' => t('Example: bob@example.com, mary@example.com'),
379 '$jotnets' => $jotnets,
380 '$aclModalTitle' => t('Permissions'),
381 '$aclModalDismiss' => t('Close'),
382 '$features' => array(
383 'aclautomention' => (feature_enabled($user['uid'], "aclautomention") ? "true" : "false")
392 function construct_acl_data(App $a, $user) {
393 // This function is now deactivated. It seems as if the generated data isn't used anywhere.
394 /// @todo Remove this function and all function calls before releasing Friendica 3.5.3
397 // Get group and contact information for html ACL selector
398 $acl_data = acl_lookup($a, 'html');
400 $user_defaults = get_acl_permissions($user);
402 if ($acl_data['groups']) {
403 foreach ($acl_data['groups'] as $key => $group) {
404 // Add a "selected" flag to groups that are posted to by default
405 if ($user_defaults['allow_gid'] &&
406 in_array($group['id'], $user_defaults['allow_gid']) && !in_array($group['id'], $user_defaults['deny_gid']) ) {
407 $acl_data['groups'][$key]['selected'] = 1;
409 $acl_data['groups'][$key]['selected'] = 0;
413 if ($acl_data['contacts']) {
414 foreach ($acl_data['contacts'] as $key => $contact) {
415 // Add a "selected" flag to groups that are posted to by default
416 if ($user_defaults['allow_cid'] &&
417 in_array($contact['id'], $user_defaults['allow_cid']) && !in_array($contact['id'], $user_defaults['deny_cid']) ) {
418 $acl_data['contacts'][$key]['selected'] = 1;
420 $acl_data['contacts'][$key]['selected'] = 0;
429 function acl_lookup(App $a, $out_type = 'json') {
435 $start = (x($_REQUEST,'start') ? $_REQUEST['start'] : 0);
436 $count = (x($_REQUEST,'count') ? $_REQUEST['count'] : 100);
437 $search = (x($_REQUEST,'search') ? $_REQUEST['search'] : "");
438 $type = (x($_REQUEST,'type') ? $_REQUEST['type'] : "");
439 $mode = (x($_REQUEST,'smode') ? $_REQUEST['smode'] : "");
440 $conv_id = (x($_REQUEST,'conversation') ? $_REQUEST['conversation'] : null);
442 // For use with jquery.textcomplete for private mail completion
444 if (x($_REQUEST, 'query') && strlen($_REQUEST['query'])) {
448 $search = $_REQUEST['query'];
451 logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
454 $sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
455 $sql_extra2 = "AND (`attag` LIKE '%%".dbesc($search)."%%' OR `name` LIKE '%%".dbesc($search)."%%' OR `nick` LIKE '%%".dbesc($search)."%%')";
457 /// @TODO Avoid these needless else blocks by putting variable-initialization atop of if()
458 $sql_extra = $sql_extra2 = "";
461 // count groups and contacts
462 if ($type == '' || $type == 'g') {
463 $r = q("SELECT COUNT(*) AS g FROM `group` WHERE `deleted` = 0 AND `uid` = %d $sql_extra",
466 $group_count = (int)$r[0]['g'];
471 $sql_extra2 .= " ".unavailable_networks();
473 if ($type == '' || $type == 'c') {
474 // autocomplete for editor mentions
475 $r = q("SELECT COUNT(*) AS c FROM `contact`
476 WHERE `uid` = %d AND NOT `self`
477 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
478 AND `success_update` >= `failure_update`
479 AND `notify` != '' $sql_extra2" ,
482 $contact_count = (int)$r[0]['c'];
483 } elseif ($type == 'f') {
484 // autocomplete for editor mentions of forums
485 $r = q("SELECT COUNT(*) AS c FROM `contact`
486 WHERE `uid` = %d AND NOT `self`
487 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
488 AND (`forum` OR `prv`)
489 AND `success_update` >= `failure_update`
490 AND `notify` != '' $sql_extra2" ,
493 $contact_count = (int)$r[0]['c'];
494 } elseif ($type == 'm') {
495 // autocomplete for Private Messages
497 $r = q("SELECT COUNT(*) AS c FROM `contact`
498 WHERE `uid` = %d AND NOT `self`
499 AND NOT `blocked` AND NOT `pending` AND NOT `archive`
500 AND `success_update` >= `failure_update`
501 AND `network` IN ('%s','%s','%s') $sql_extra2" ,
502 intval(local_user()),
505 dbesc(NETWORK_DIASPORA)
507 $contact_count = (int)$r[0]['c'];
509 } elseif ($type == 'a') {
511 // autocomplete for Contacts
513 $r = q("SELECT COUNT(*) AS c FROM `contact`
514 WHERE `uid` = %d AND NOT `self`
515 AND NOT `pending` $sql_extra2" ,
518 $contact_count = (int)$r[0]['c'];
525 $tot = $group_count+$contact_count;
530 if ($type == '' || $type == 'g') {
532 /// @todo We should cache this query.
533 // This can be done when we can delete cache entries via wildcard
534 $r = q("SELECT `group`.`id`, `group`.`name`, GROUP_CONCAT(DISTINCT `group_member`.`contact-id` SEPARATOR ',') AS uids
536 INNER JOIN `group_member` ON `group_member`.`gid`=`group`.`id` AND `group_member`.`uid` = `group`.`uid`
537 WHERE NOT `group`.`deleted` AND `group`.`uid` = %d
539 GROUP BY `group`.`name`, `group`.`id`
540 ORDER BY `group`.`name`
542 intval(local_user()),
548 // logger('acl: group: ' . $g['name'] . ' members: ' . $g['uids']);
551 "photo" => "images/twopeople.png",
552 "name" => htmlentities($g['name']),
553 "id" => intval($g['id']),
554 "uids" => array_map("intval", explode(",",$g['uids'])),
559 if ((count($groups) > 0) && ($search == "")) {
560 $groups[] = array("separator" => true);
566 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv`, (`prv` OR `forum`) AS `frm` FROM `contact`
567 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
568 AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s', '%s'))
570 ORDER BY `name` ASC ",
571 intval(local_user()),
572 dbesc(NETWORK_OSTATUS), dbesc(NETWORK_STATUSNET)
574 } elseif ($type == 'c') {
575 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
576 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
577 AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s'))
579 ORDER BY `name` ASC ",
580 intval(local_user()),
581 dbesc(NETWORK_STATUSNET)
583 } elseif ($type == 'f') {
584 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
585 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive` AND `notify` != ''
586 AND `success_update` >= `failure_update` AND NOT (`network` IN ('%s'))
587 AND (`forum` OR `prv`)
589 ORDER BY `name` ASC ",
590 intval(local_user()),
591 dbesc(NETWORK_STATUSNET)
593 } elseif ($type == 'm') {
594 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr` FROM `contact`
595 WHERE `uid` = %d AND NOT `self` AND NOT `blocked` AND NOT `pending` AND NOT `archive`
596 AND `success_update` >= `failure_update` AND `network` IN ('%s','%s','%s')
598 ORDER BY `name` ASC ",
599 intval(local_user()),
602 dbesc(NETWORK_DIASPORA)
604 } elseif ($type == 'a') {
605 $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, `addr`, `forum`, `prv` FROM `contact`
606 WHERE `uid` = %d AND `pending` = 0 AND `success_update` >= `failure_update`
608 ORDER BY `name` ASC ",
611 } elseif ($type == 'x') {
612 // autocomplete for global contact search (e.g. navbar search)
613 $r = navbar_complete($a);
618 'photo' => proxy_url($g['photo'], false, PROXY_SIZE_MICRO),
619 'name' => $g['name'],
620 'nick' => (x($g['addr']) ? $g['addr'] : $g['url']),
621 'network' => $g['network'],
623 'forum' => (x($g['community']) ? 1 : 0),
630 'items' => $contacts,
632 echo json_encode($o);
639 if (DBM::is_result($r)) {
644 'photo' => proxy_url($g['micro'], false, PROXY_SIZE_MICRO),
645 'name' => htmlentities($g['name']),
646 'id' => intval($g['id']),
647 'network' => $g['network'],
649 'nick' => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']),
650 'addr' => htmlentities(($g['addr']) ? $g['addr'] : $g['url']),
651 'forum' => ((x($g, 'forum') || x($g, 'prv')) ? 1 : 0),
653 if ($entry['forum']) {
656 $contacts[] = $entry;
659 if (count($forums) > 0) {
661 $forums[] = array("separator" => true);
663 $contacts = array_merge($forums, $contacts);
667 $items = array_merge($groups, $contacts);
671 * if $conv_id is set, get unknown contacts in thread
672 * but first get known contacts url to filter them out
674 $known_contacts = array_map(
676 return dbesc($i['link']);
680 $unknown_contacts = array();
681 $r = q("SELECT `author-link`
682 FROM `item` WHERE `parent` = %d
683 AND (`author-name` LIKE '%%%s%%' OR `author-link` LIKE '%%%s%%')
684 AND `author-link` NOT IN ('%s')
685 GROUP BY `author-link`, `author-avatar`, `author-name`
686 ORDER BY `author-name` ASC
691 implode("', '", $known_contacts)
693 if (DBM::is_result($r)) {
694 foreach ($r as $row) {
695 $contact = get_contact_details_by_url($row['author-link']);
697 if (count($contact) > 0) {
698 $unknown_contacts[] = array(
700 'photo' => proxy_url($contact['micro'], false, PROXY_SIZE_MICRO),
701 'name' => htmlentities($contact['name']),
702 'id' => intval($contact['cid']),
703 'network' => $contact['network'],
704 'link' => $contact['url'],
705 'nick' => htmlentities($contact['nick'] ? : $contact['addr']),
706 'addr' => htmlentities(($contact['addr']) ? $contact['addr'] : $contact['url']),
707 'forum' => $contact['forum']
713 $items = array_merge($items, $unknown_contacts);
714 $tot += count($unknown_contacts);
722 'contacts' => $contacts,
728 call_hooks('acl_lookup_end', $results);
730 if ($out_type === 'html') {
732 'tot' => $results['tot'],
733 'start' => $results['start'],
734 'count' => $results['count'],
735 'groups' => $results['groups'],
736 'contacts' => $results['contacts'],
742 'tot' => $results['tot'],
743 'start' => $results['start'],
744 'count' => $results['count'],
745 'items' => $results['items'],
748 echo json_encode($o);
753 * @brief Searching for global contacts for autocompletion
756 * @return array with the search results
758 function navbar_complete(App $a) {
760 // logger('navbar_complete');
762 if ((Config::get('system','block_public')) && (! local_user()) && (! remote_user())) {
766 // check if searching in the local global contact table is enabled
767 $localsearch = Config::get('system','poco_local_search');
769 $search = $prefix.notags(trim($_REQUEST['search']));
770 $mode = $_REQUEST['smode'];
772 // don't search if search term has less than 2 characters
773 if (! $search || mb_strlen($search) < 2) {
777 if (substr($search,0,1) === '@') {
778 $search = substr($search,1);
782 $x = DirSearch::global_search_by_name($search, $mode);
786 if (! $localsearch) {
787 $p = (($a->pager['page'] != 1) ? '&p=' . $a->pager['page'] : '');
789 $x = z_fetch_url(get_server().'/lsearch?f=' . $p . '&search=' . urlencode($search));
792 $j = json_decode($x['body'],true);
793 if ($j && $j['results']) {
794 return $j['results'];
799 /// @TODO Not needed here?
projects / friendica.git / blob