3 require_once('include/security.php');
4 require_once('include/bbcode.php');
5 require_once('include/items.php');
8 function like_content(&$a) {
10 if(! local_user() && ! remote_user()) {
14 $verb = notags(trim($_GET['verb']));
23 $activity = ACTIVITY_LIKE;
27 $activity = ACTIVITY_DISLIKE;
31 $activity = ACTIVITY_ATTEND;
35 $activity = ACTIVITY_ATTENDNO;
39 $activity = ACTIVITY_ATTENDMAYBE;
47 $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
49 logger('like: verb ' . $verb . ' item ' . $item_id);
52 $r = q("SELECT * FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1",
57 if(! $item_id || (! count($r))) {
58 logger('like: no item ' . $item_id);
64 $owner_uid = $item['uid'];
66 if(! can_write_wall($a,$owner_uid)) {
73 // The top level post may have been written by somebody on another system
74 $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
75 intval($item['contact-id']),
81 $remote_owner = $r[0];
84 // this represents the post owner on this system.
86 $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
87 WHERE `contact`.`self` = 1 AND `contact`.`uid` = %d LIMIT 1",
94 logger('like: no owner');
99 $remote_owner = $owner;
102 // This represents the person posting
104 if((local_user()) && (local_user() == $owner_uid)) {
108 $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
109 intval($_SESSION['visitor_id']),
120 // See if we've been passed a return path to redirect to
121 $return_path = ((x($_REQUEST,'return')) ? $_REQUEST['return'] : '');
123 $verbs = " '".dbesc($activity)."' ";
125 // event participation are essentially radio toggles. If you make a subsequent choice,
126 // we need to eradicate your first choice.
127 if($activity === ACTIVITY_ATTEND || $activity === ACTIVITY_ATTENDNO || $activity === ACTIVITY_ATTENDMAYBE) {
128 $verbs = " '" . dbesc(ACTIVITY_ATTEND) . "','" . dbesc(ACTIVITY_ATTENDNO) . "','" . dbesc(ACTIVITY_ATTENDMAYBE) . "' ";
131 $r = q("SELECT `id`, `guid` FROM `item` WHERE `verb` IN ( $verbs ) AND `deleted` = 0
132 AND `contact-id` = %d AND `uid` = %d
133 AND (`parent` = '%s' OR `parent-uri` = '%s' OR `thr-parent` = '%s') LIMIT 1",
134 intval($contact['id']), intval($owner_uid),
135 dbesc($item_id), dbesc($item_id), dbesc($item['uri'])
141 // Already voted, undo it
142 $r = q("UPDATE `item` SET `deleted` = 1, `unseen` = 1, `changed` = '%s' WHERE `id` = %d",
143 dbesc(datetime_convert()),
144 intval($like_item['id'])
148 // Clean up the Diaspora signatures for this like
149 // Go ahead and do it even if Diaspora support is disabled. We still want to clean up
150 // if it had been enabled in the past
151 $r = q("DELETE FROM `sign` WHERE `iid` = %d",
152 intval($like_item['id'])
155 // Save the author information for the unlike in case we need to relay to Diaspora
156 store_diaspora_like_retract_sig($activity, $item, $like_item, $contact);
158 // proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here!
159 $like_item_id = $like_item['id'];
160 proc_run('php',"include/notifier.php","like","$like_item_id");
162 like_content_return($a->get_baseurl(), $return_path);
163 return; // NOTREACHED
166 $uri = item_new_uri($a->get_hostname(),$owner_uid);
168 $post_type = (($item['resource-id']) ? t('photo') : t('status'));
169 if($item['obj_type'] === ACTIVITY_OBJ_EVENT)
170 $post_type = t('event');
171 $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
172 $link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
173 $body = $item['body'];
178 <type>$objtype</type>
180 <id>{$item['uri']}</id>
183 <content>$body</content>
187 $bodyverb = t('%1$s likes %2$s\'s %3$s');
188 if($verb === 'dislike')
189 $bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
190 if($verb === 'attendyes')
191 $bodyverb = t('%1$s is attending %2$s\'s %3$s');
192 if($verb === 'attendno')
193 $bodyverb = t('%1$s is not attending %2$s\'s %3$s');
194 if($verb === 'attendmaybe')
195 $bodyverb = t('%1$s may attend %2$s\'s %3$s');
197 if(! isset($bodyverb))
203 $arr['uid'] = $owner_uid;
204 $arr['contact-id'] = $contact['id'];
205 $arr['type'] = 'activity';
206 $arr['wall'] = $item['wall'];
208 $arr['gravity'] = GRAVITY_LIKE;
209 $arr['parent'] = $item['id'];
210 $arr['parent-uri'] = $item['uri'];
211 $arr['thr-parent'] = $item['uri'];
212 $arr['owner-name'] = $remote_owner['name'];
213 $arr['owner-link'] = $remote_owner['url'];
214 $arr['owner-avatar'] = $remote_owner['thumb'];
215 $arr['author-name'] = $contact['name'];
216 $arr['author-link'] = $contact['url'];
217 $arr['author-avatar'] = $contact['thumb'];
219 $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
220 $alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
221 $plink = '[url=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]';
222 $arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink );
224 $arr['verb'] = $activity;
225 $arr['object-type'] = $objtype;
226 $arr['object'] = $obj;
227 $arr['allow_cid'] = $item['allow_cid'];
228 $arr['allow_gid'] = $item['allow_gid'];
229 $arr['deny_cid'] = $item['deny_cid'];
230 $arr['deny_gid'] = $item['deny_gid'];
233 $arr['last-child'] = 0;
235 $post_id = item_store($arr);
237 if(! $item['visible']) {
238 $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d",
245 // Save the author information for the like in case we need to relay to Diaspora
246 store_diaspora_like_sig($activity, $post_type, $contact, $post_id);
248 $arr['id'] = $post_id;
250 call_hooks('post_local_end', $arr);
252 proc_run('php',"include/notifier.php","like","$post_id");
254 like_content_return($a->get_baseurl(), $return_path);
255 killme(); // NOTREACHED
256 // return; // NOTREACHED
260 // Decide how to return. If we were called with a 'return' argument,
261 // then redirect back to the calling page. If not, just quietly end
263 function like_content_return($baseurl, $return_path) {
266 $rand = '_=' . time();
267 if(strpos($return_path, '?')) $rand = "&$rand";
268 else $rand = "?$rand";
270 goaway($baseurl . "/" . $return_path . $rand);
277 function store_diaspora_like_retract_sig($activity, $item, $like_item, $contact) {
278 // Note that we can only create a signature for a user of the local server. We don't have
279 // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
280 // means we are the relay, and for relayable_retractions, Diaspora
281 // only checks the parent_author_signature if it doesn't have to relay further
283 // If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support
284 // likes on photos, so don't bother.
286 $enabled = intval(get_config('system','diaspora_enabled'));
288 logger('mod_like: diaspora support disabled, not storing like retraction signature', LOGGER_DEBUG);
292 logger('mod_like: storing diaspora like retraction signature');
294 if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) {
295 $signed_text = $like_item['guid'] . ';' . 'Like';
297 // Only works for NETWORK_DFRN
298 $contact_baseurl_start = strpos($contact['url'],'://') + 3;
299 $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
300 $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
301 $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
303 // Get contact's private key if he's a user of the local Friendica server
304 $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
305 dbesc($contact['url'])
309 $contact_uid = $r['uid'];
310 $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
315 $authorsig = base64_encode(rsa_sign($signed_text,$r['prvkey'],'sha256'));
318 if(! isset($authorsig))
321 q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
322 intval($like_item['id']),
325 dbesc($diaspora_handle)
332 function store_diaspora_like_sig($activity, $post_type, $contact, $post_id) {
333 // Note that we can only create a signature for a user of the local server. We don't have
334 // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
335 // means we are the relay, and for relayable_retractions, Diaspora
336 // only checks the parent_author_signature if it doesn't have to relay further
338 $enabled = intval(get_config('system','diaspora_enabled'));
340 logger('mod_like: diaspora support disabled, not storing like signature', LOGGER_DEBUG);
344 logger('mod_like: storing diaspora like signature');
346 if(($activity === ACTIVITY_LIKE) && ($post_type === t('status'))) {
347 // Only works for NETWORK_DFRN
348 $contact_baseurl_start = strpos($contact['url'],'://') + 3;
349 $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
350 $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
351 $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
353 // Get contact's private key if he's a user of the local Friendica server
354 $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
355 dbesc($contact['url'])
359 $contact_uid = $r['uid'];
360 $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
365 $contact_uprvkey = $r['prvkey'];
368 $r = q("SELECT guid, parent FROM `item` WHERE id = %d LIMIT 1",
372 $p = q("SELECT guid FROM `item` WHERE id = %d AND parent = %d LIMIT 1",
373 intval($r[0]['parent']),
374 intval($r[0]['parent'])
377 $signed_text = $r[0]['guid'] . ';Post;' . $p[0]['guid'] . ';true;' . $diaspora_handle;
379 if(isset($contact_uprvkey))
380 $authorsig = base64_encode(rsa_sign($signed_text,$contact_uprvkey,'sha256'));
384 q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
388 dbesc($diaspora_handle)