Merge pull request #10723 from annando/issue-9871-photos

[friendica.git] / include / conversation.php

diff --git a/include/conversation.php b/include/conversation.php
index 352060d7f246f17a88ea8eedc1811a07a4a192a2..1cb2c745cc50a058a45d5382eb2a3d3cb1e2e543 100644 (file)
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -20,6 +20,7 @@
  */
 
 use Friendica\App;
+use Friendica\BaseModule;
 use Friendica\Content\ContactSelector;
 use Friendica\Content\Feature;
 use Friendica\Core\ACL;
@@ -396,6 +397,7 @@ function conversation(App $a, array $items, $mode, $update, $preview = false, $o
        $threadsid = -1;
 
        $page_template = Renderer::getMarkupTemplate("conversation.tpl");
+       $formSecurityToken = BaseModule::getFormSecurityToken('contact_action');
 
        if (!empty($items)) {
                if (in_array($mode, ['community', 'contacts'])) {
@@ -417,7 +419,14 @@ function conversation(App $a, array $items, $mode, $update, $preview = false, $o
 
                        $tpl = 'search_item.tpl';
 
+                       $uriids = [];
+
                        foreach ($items as $item) {
+                               if (in_array($item['uri-id'], $uriids)) {
+                                       continue;
+                               }
+
+                               $uriids[] = $item['uri-id'];
 
                                if (!visible_activity($item)) {
                                        continue;
@@ -502,7 +511,7 @@ function conversation(App $a, array $items, $mode, $update, $preview = false, $o
                                        'network_icon' => ContactSelector::networkToIcon($item['network'], $item['author-link']),
                                        'linktitle' => DI::l10n()->t('View %s\'s profile @ %s', $profile_name, $item['author-link']),
                                        'profile_url' => $profile_link,
-                                       'item_photo_menu_html' => item_photo_menu($item),
+                                       'item_photo_menu_html' => item_photo_menu($item, $formSecurityToken),
                                        'name' => $profile_name,
                                        'sparkle' => $sparkle,
                                        'lock' => false,
@@ -590,7 +599,7 @@ function conversation(App $a, array $items, $mode, $update, $preview = false, $o
                                }
                        }
 
-                       $threads = $conv->getTemplateData($conv_responses);
+                       $threads = $conv->getTemplateData($conv_responses, $formSecurityToken);
                        if (!$threads) {
                                Logger::log('[ERROR] conversation : Failed to get template data.', Logger::DEBUG);
                                $threads = [];
@@ -782,7 +791,7 @@ function conversation_add_children(array $parents, $block_authors, $order, $uid)
        return $items;
 }
 
-function item_photo_menu($item)
+function item_photo_menu($item, string $formSecurityToken)
 {
        DI::profiler()->startRecording('rendering');
        $sub_link = '';
@@ -825,8 +834,8 @@ function item_photo_menu($item)
        if (!empty($pcid)) {
                $contact_url = 'contact/' . $pcid;
                $posts_link  = $contact_url . '/posts';
-               $block_link  = $item['self'] ? '' : $contact_url . '/block';
-               $ignore_link = $item['self'] ? '' : $contact_url . '/ignore';
+               $block_link  = $item['self'] ? '' : $contact_url . '/block?t=' . $formSecurityToken;
+               $ignore_link = $item['self'] ? '' : $contact_url . '/ignore?t=' . $formSecurityToken;
        }
 
        if ($cid && !$item['self']) {
@@ -1138,10 +1147,10 @@ function status_editor(App $a, array $x = [], $notes_cid = 0, $popup = false)
                '$placeholdercategory' => Feature::isEnabled(local_user(), 'categories') ? DI::l10n()->t("Categories \x28comma-separated list\x29") : '',
                '$scheduled_at' => Temporal::getDateTimeField(
                        new DateTime(),
-                       DateTime::createFromFormat(DateTimeFormat::MYSQL, DateTimeFormat::local('now + 6 months')),
+                       new DateTime('now + 6 months'),
                        null,
                        DI::l10n()->t('Scheduled at'),
-                       'scheduled_at',
+                       'scheduled_at'
                ),
                '$wait'         => DI::l10n()->t('Please wait'),
                '$permset'      => DI::l10n()->t('Permission settings'),