+ $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
+ WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1",
+ intval($page_owner_uid)
+ );
+
+ if(! count($r)) {
+ notice( t('Contact information unavailable') . EOL);
+ logger('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
+ killme();
+ }
+
+ $owner_record = $r[0];
+
+
+ if(($a->argc > 3) && ($a->argv[2] === 'album')) {
+ $album = hex2bin($a->argv[3]);
+
+ if($album == t('Profile Photos') || $album == t('Contact Photos')) {
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ $r = q("SELECT count(*) FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
+ dbesc($album),
+ intval($page_owner_uid)
+ );
+ if(! count($r)) {
+ notice( t('Album not found.') . EOL);
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ $newalbum = notags(trim($_POST['albumname']));
+ if($newalbum != $album) {
+ q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
+ dbesc($newalbum),
+ dbesc($album),
+ intval($page_owner_uid)
+ );
+ $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
+ goaway($a->get_baseurl() . '/' . $newurl);
+ return; // NOTREACHED
+ }
+
+
+ if($_POST['dropalbum'] == t('Delete Album')) {
+
+ $res = array();
+
+ // get the list of photos we are about to delete
+
+ if($visitor) {
+ $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'",
+ intval($visitor),
+ intval($page_owner_uid),
+ dbesc($album)
+ );
+ }
+ else {
+ $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'",
+ intval(local_user()),
+ dbesc($album)
+ );
+ }
+ if(count($r)) {
+ foreach($r as $rr) {
+ $res[] = "'" . dbesc($rr['rid']) . "'" ;
+ }
+ }
+ else {
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ $str_res = implode(',', $res);
+
+ // remove the associated photos
+
+ q("DELETE FROM `photo` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
+ intval($page_owner_uid)
+ );
+
+ // find and delete the corresponding item with all the comments and likes/dislikes
+
+ $r = q("SELECT `parent-uri` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
+ intval($page_owner_uid)
+ );
+ if(count($r)) {
+ foreach($r as $rr) {
+ q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
+ dbesc(datetime_convert()),
+ dbesc($rr['parent-uri']),
+ intval($page_owner_uid)
+ );
+
+ $drop_id = intval($rr['id']);
+
+ // send the notification upstream/downstream as the case may be
+
+ if($rr['visible'])
+ proc_run('php',"include/notifier.php","drop","$drop_id");
+ }
+ }
+ }
+ goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
+ return; // NOTREACHED
+ }
+
+ if(($a->argc > 2) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) {
+
+ // same as above but remove single photo
+
+ if($visitor) {
+ $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1",
+ intval($visitor),
+ intval($page_owner_uid),
+ dbesc($a->argv[2])
+ );
+ }
+ else {
+ $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1",
+ intval(local_user()),
+ dbesc($a->argv[2])
+ );
+ }
+ if(count($r)) {
+ q("DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'",
+ intval($page_owner_uid),
+ dbesc($r[0]['resource-id'])
+ );
+ $i = q("SELECT * FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($r[0]['resource-id']),
+ intval($page_owner_uid)
+ );
+ if(count($i)) {
+ q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($i[0]['uri']),
+ intval($page_owner_uid)
+ );
+
+ $url = $a->get_baseurl();
+ $drop_id = intval($i[0]['id']);
+
+ if($i[0]['visible'])
+ proc_run('php',"include/notifier.php","drop","$drop_id");
+ }
+ }
+
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
+
+ $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : '');
+ $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
+ $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
+ $albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
+ $str_group_allow = perms2str($_POST['group_allow']);
+ $str_contact_allow = perms2str($_POST['contact_allow']);
+ $str_group_deny = perms2str($_POST['group_deny']);
+ $str_contact_deny = perms2str($_POST['contact_deny']);
+
+ $resource_id = $a->argv[2];
+
+ if(! strlen($albname))
+ $albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
+
+
+ $p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC",
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ if(count($p)) {
+ $r = q("UPDATE `photo` SET `desc` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource-id` = '%s' AND `uid` = %d",
+ dbesc($desc),
+ dbesc($albname),
+ dbesc($str_contact_allow),
+ dbesc($str_group_allow),
+ dbesc($str_contact_deny),
+ dbesc($str_group_deny),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ }
+
+ /* Don't make the item visible if the only change was the album name */
+
+ $visibility = 0;
+ if($p[0]['desc'] !== $desc || strlen($rawtags))
+ $visibility = 1;
+
+ if(! $item_id) {
+
+ // Create item container
+
+ $title = '';
+ $basename = basename($filename);
+ $uri = item_new_uri($a->get_hostname(),$page_owner_uid);
+
+ $arr = array();
+
+ $arr['uid'] = $page_owner_uid;
+ $arr['uri'] = $uri;
+ $arr['parent-uri'] = $uri;
+ $arr['type'] = 'photo';
+ $arr['wall'] = 1;
+ $arr['resource-id'] = $p[0]['resource-id'];
+ $arr['contact-id'] = $owner_record['id'];
+ $arr['owner-name'] = $owner_record['name'];
+ $arr['owner-link'] = $owner_record['url'];
+ $arr['owner-avatar'] = $owner_record['thumb'];
+ $arr['author-name'] = $owner_record['name'];
+ $arr['author-link'] = $owner_record['url'];
+ $arr['author-avatar'] = $owner_record['thumb'];
+ $arr['title'] = $title;
+ $arr['allow_cid'] = $p[0]['allow_cid'];
+ $arr['allow_gid'] = $p[0]['allow_gid'];
+ $arr['deny_cid'] = $p[0]['deny_cid'];
+ $arr['deny_gid'] = $p[0]['deny_gid'];
+ $arr['last-child'] = 1;
+ $arr['visible'] = $visibility;
+ $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $p[0]['resource-id'] . ']'
+ . '[img]' . $a->get_baseurl() . '/photo/' . $p[0]['resource-id'] . '-' . $p[0]['scale'] . '.jpg' . '[/img]'
+ . '[/url]';
+
+ $item_id = item_store($arr);
+
+ }
+
+ if($item_id) {
+ $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ intval($item_id),
+ intval($page_owner_uid)
+ );
+ }
+ if(count($r)) {
+ $old_tag = $r[0]['tag'];
+ $old_inform = $r[0]['inform'];
+ }
+
+ if(strlen($rawtags)) {
+
+ $str_tags = '';
+ $inform = '';
+
+ // if the new tag doesn't have a namespace specifier (@foo or #foo) give it a hashtag
+
+ $x = substr($rawtags,0,1);
+ if($x !== '@' && $x !== '#')
+ $rawtags = '#' . $rawtags;
+
+ $taginfo = array();
+ $tags = get_tags($rawtags);
+
+ if(count($tags)) {
+ foreach($tags as $tag) {
+ if(strpos($tag,'@') === 0) {
+ $name = substr($tag,1);
+ if((strpos($name,'@')) || (strpos($name,'http://'))) {
+ $newname = $name;
+ $links = @lrdd($name);
+ if(count($links)) {
+ foreach($links as $link) {
+ if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
+ $profile = $link['@attributes']['href'];
+ if($link['@attributes']['rel'] === 'salmon') {
+ $salmon = '$url:' . str_replace(',','%sc',$link['@attributes']['href']);
+ if(strlen($inform))
+ $inform .= ',';
+ $inform .= $salmon;
+ }
+ }
+ }
+ $taginfo[] = array($newname,$profile,$salmon);
+ }
+ else {
+ $newname = $name;
+ if(strstr($name,'_')) {
+ $newname = str_replace('_',' ',$name);
+ $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($newname),
+ intval($page_owner_uid)
+ );
+ }
+ else {
+ $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($name),
+ intval($page_owner_uid)
+ );
+ }
+ if(count($r)) {
+ $newname = $r[0]['name'];
+ $profile = $r[0]['url'];
+ $notify = 'cid:' . $r[0]['id'];
+ if(strlen($inform))
+ $inform .= ',';
+ $inform .= $notify;
+ }
+ }
+ if($profile) {
+ if(substr($notify,0,4) === 'cid:')
+ $taginfo[] = array($newname,$profile,$notify,$r[0],'@[url=' . str_replace(',','%2c',$profile) . ']' . $newname . '[/url]');
+ else
+ $taginfo[] = array($newname,$profile,$notify,null,$str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]');
+ if(strlen($str_tags))
+ $str_tags .= ',';
+ $profile = str_replace(',','%2c',$profile);
+ $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]';
+ }
+ }
+ }
+ }
+
+ $newtag = $old_tag;
+ if(strlen($newtag) && strlen($str_tags))
+ $newtag .= ',';
+ $newtag .= $str_tags;
+
+ $newinform = $old_inform;
+ if(strlen($newinform) && strlen($inform))
+ $newinform .= ',';
+ $newinform .= $inform;
+
+ $r = q("UPDATE `item` SET `tag` = '%s', `inform` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ dbesc($newtag),
+ dbesc($newinform),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ intval($item_id),
+ intval($page_owner_uid)
+ );
+
+ $best = 0;
+ foreach($p as $scales) {
+ if(intval($scales['scale']) == 2) {
+ $best = 2;
+ break;
+ }
+ if(intval($scales['scale']) == 4) {
+ $best = 4;
+ break;
+ }
+ }
+
+ if(count($taginfo)) {
+ foreach($taginfo as $tagged) {
+
+ $uri = item_new_uri($a->get_hostname(),$page_owner_uid);
+
+ $arr = array();
+
+ $arr['uid'] = $page_owner_uid;
+ $arr['uri'] = $uri;
+ $arr['parent-uri'] = $uri;
+ $arr['type'] = 'activity';
+ $arr['wall'] = 1;
+ $arr['contact-id'] = $owner_record['id'];
+ $arr['owner-name'] = $owner_record['name'];
+ $arr['owner-link'] = $owner_record['url'];
+ $arr['owner-avatar'] = $owner_record['thumb'];
+ $arr['author-name'] = $owner_record['name'];
+ $arr['author-link'] = $owner_record['url'];
+ $arr['author-avatar'] = $owner_record['thumb'];
+ $arr['title'] = '';
+ $arr['allow_cid'] = $p[0]['allow_cid'];
+ $arr['allow_gid'] = $p[0]['allow_gid'];
+ $arr['deny_cid'] = $p[0]['deny_cid'];
+ $arr['deny_gid'] = $p[0]['deny_gid'];
+ $arr['last-child'] = 1;
+ $arr['visible'] = 1;
+ $arr['verb'] = ACTIVITY_TAG;
+ $arr['object-type'] = ACTIVITY_OBJ_PERSON;
+ $arr['target-type'] = ACTIVITY_OBJ_PHOTO;
+ $arr['tag'] = $tagged[4];
+ $arr['inform'] = $tagged[2];
+
+ $arr['body'] = '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]' . ' ' . t('was tagged in a') . ' ' . '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . t('photo') . '[/url]' . ' ' . t('by') . ' ' . '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]' ;
+ $arr['body'] .= "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . $a->get_baseurl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.jpg' . '[/img][/url]' . "\n" ;
+
+ $arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>';
+ $arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n");
+ if($tagged[3])
+ $arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $tagged[3]['photo'] . '" />' . "\n");
+ $arr['object'] .= '</link></object>' . "\n";
+
+ $arr['target'] = '<target><type>' . ACTIVITY_OBJ_PHOTO . '</type><title>' . $p[0]['desc'] . '</title><id>'
+ . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '</id>';
+ $arr['target'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '" />' . "\n" . '<link rel="preview" type="image/jpeg" href="' . $a->get_baseurl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.jpg' . '" />') . '</link></target>';
+
+ $item_id = item_store($arr);
+ if($item_id)
+ proc_run('php',"include/notifier.php","tag","$item_id");
+ }
+
+ }
+
+ }
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+
+ /**
+ * default post action - upload a photo
+ */
+
+ call_hooks('photo_post_init', $_POST);