Merge pull request #2347 from annando/1602-dfrn-forum

[friendica.git] / include / acl_selectors.php

diff --git a/include/acl_selectors.php b/include/acl_selectors.php
index 8b03a1312cd2b5aa0307cbde49bd3c6a1b2b8bc5..69181b7359bcb1ab68af4e84892782156771bf8c 100644 (file)
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once("include/contact_selectors.php");
+require_once("include/contact_widgets.php");
 require_once("include/features.php");
 require_once("mod/proxy.php");
 
@@ -19,7 +20,7 @@ function group_select($selname,$selclass,$preselected = false,$size = 4) {
 
        $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
 
-       $r = q("SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d ORDER BY `name` ASC",
+       $r = q("SELECT `id`, `name` FROM `group` WHERE NOT `deleted` AND `uid` = %d ORDER BY `name` ASC",
                intval(local_user())
        );
 
@@ -190,8 +191,14 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 
        $tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");
 
+       if ($privmail AND $preselected) {
+               $sql_extra .= " AND `id` IN (".implode(",", $preselected).")";
+               $hidepreselected = ' style="display: none;"';
+       } else
+               $hidepreselected = "";
+
        if($privmail)
-               $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n";
+               $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex $hidepreselected>\r\n";
        else
                $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
 
@@ -209,6 +216,8 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 
        call_hooks($a->module . '_pre_' . $selname, $arr);
 
+       $receiverlist = array();
+
        if(count($r)) {
                foreach($r as $rr) {
                        if((is_array($preselected)) && in_array($rr['id'], $preselected))
@@ -221,6 +230,8 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
                        else
                                $trimmed = mb_substr($rr['name'],0,20);
 
+                       $receiverlist[] = $trimmed;
+
                        $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
                }
 
@@ -228,6 +239,9 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 
        $o .= "</select>\r\n";
 
+       if ($privmail AND $preselected)
+               $o .= implode(", ", $receiverlist);
+
        call_hooks($a->module . '_post_' . $selname, $o);
 
        return $o;
@@ -295,7 +309,7 @@ function populate_acl($user = null, $show_jotnets = false) {
                $pubmail_enabled = false;
 
                if(! $mail_disabled) {
-                       $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
+                       $r = q("SELECT `pubmail` FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
                                intval(local_user())
                        );
                        if(count($r)) {
@@ -379,7 +393,6 @@ function acl_lookup(&$a, $out_type = 'json') {
        if(!local_user())
                return "";
 
-
        $start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
        $count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
        $search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
@@ -394,7 +407,7 @@ function acl_lookup(&$a, $out_type = 'json') {
                $search = $_REQUEST['query'];
        }
 
-//     logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
+       logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
 
        if ($search!=""){
                $sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
@@ -413,6 +426,8 @@ function acl_lookup(&$a, $out_type = 'json') {
                $group_count = 0;
        }
 
+       $sql_extra2 .= " ".unavailable_networks();
+
        if ($type=='' || $type=='c'){
                $r = q("SELECT COUNT(*) AS c FROM `contact`
                                WHERE `uid` = %d AND `self` = 0
@@ -479,7 +494,7 @@ function acl_lookup(&$a, $out_type = 'json') {
                        $groups[] = array(
                                "type"  => "g",
                                "photo" => "images/twopeople.png",
-                               "name"  => $g['name'],
+                               "name"  => htmlentities($g['name']),
                                "id"    => intval($g['id']),
                                "uids"  => array_map("intval", explode(",",$g['uids'])),
                                "link"  => '',
@@ -488,7 +503,7 @@ function acl_lookup(&$a, $out_type = 'json') {
                }
        }
 
-       if ($type=='' || $type=='c'){
+       if ($type==''){
 
                $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, forum FROM `contact`
                        WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
@@ -499,6 +514,17 @@ function acl_lookup(&$a, $out_type = 'json') {
                        dbesc(NETWORK_OSTATUS), dbesc(NETWORK_STATUSNET)
                );
        }
+       elseif ($type=='c'){
+
+               $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, forum FROM `contact`
+                       WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
+                       AND NOT (`network` IN ('%s'))
+                       $sql_extra2
+                       ORDER BY `name` ASC ",
+                       intval(local_user()),
+                       dbesc(NETWORK_STATUSNET)
+               );
+       }
        elseif($type == 'm') {
                $r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
                        WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
@@ -532,9 +558,9 @@ function acl_lookup(&$a, $out_type = 'json') {
                $x['data'] = array();
                if(count($r)) {
                        foreach($r as $g) {
-                               $x['photos'][] = proxy_url($g['micro']);
+                               $x['photos'][] = proxy_url($g['micro'], false, PROXY_SIZE_MICRO);
                                $x['links'][] = $g['url'];
-                               $x['suggestions'][] = $g['name'];
+                               $x['suggestions'][] = htmlentities($g['name']);
                                $x['data'][] = intval($g['id']);
                        }
                }
@@ -546,12 +572,12 @@ function acl_lookup(&$a, $out_type = 'json') {
                foreach($r as $g){
                        $contacts[] = array(
                                "type"  => "c",
-                               "photo" => proxy_url($g['micro']),
-                               "name"  => $g['name'],
+                               "photo" => proxy_url($g['micro'], false, PROXY_SIZE_MICRO),
+                               "name"  => htmlentities($g['name']),
                                "id"    => intval($g['id']),
                                "network" => $g['network'],
                                "link" => $g['url'],
-                               "nick" => ($g['attag']) ? $g['attag'] : $g['nick'],
+                               "nick" => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']),
                                "forum" => $g['forum']
                        );
                }
@@ -591,12 +617,12 @@ function acl_lookup(&$a, $out_type = 'json') {
                                // /nickname
                                $unknow_contacts[] = array(
                                        "type"  => "c",
-                                       "photo" => proxy_url($row['author-avatar']),
-                                       "name"  => $row['author-name'],
+                                       "photo" => proxy_url($row['author-avatar'], false, PROXY_SIZE_MICRO),
+                                       "name"  => htmlentities($row['author-name']),
                                        "id"    => '',
                                        "network" => "unknown",
                                        "link" => $row['author-link'],
-                                       "nick" => $nick,
+                                       "nick" => htmlentities($nick),
                                        "forum" => false
                                );
                        }