$res['body'] = escape_tags($res['body']);
}
+
// this tag is obsolete but we keep it for really old sites
$allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
$arr['origin'] = ((x($arr,'origin')) ? intval($arr['origin']) : 0 );
$arr['guid'] = ((x($arr,'guid')) ? notags(trim($arr['guid'])) : get_guid());
+
+ $arr['thr-parent'] = $arr['parent-uri'];
if($arr['parent-uri'] === $arr['uri']) {
$parent_id = 0;
$parent_deleted = 0;
// and re-attach to the conversation parent.
if($r[0]['uri'] != $r[0]['parent-uri']) {
- $arr['thr-parent'] = $arr['parent-uri'];
$arr['parent-uri'] = $r[0]['parent-uri'];
$z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d
ORDER BY `id` ASC LIMIT 1",
if($force_parent) {
logger('item_store: $force_parent=true, reply converted to top-level post.');
$parent_id = 0;
- $arr['thr-parent'] = $arr['parent-uri'];
$arr['parent-uri'] = $arr['uri'];
$arr['gravity'] = 0;
}
// send a notification
+ // use a local photo if we have one
+
+ $r = q("select * from contact where uid = %d and nurl = '%s' limit 1",
+ intval($u[0]['uid']),
+ dbesc(normalise_link($item['author-link']))
+ );
+ $photo = (($r && count($r)) ? $r[0]['thumb'] : $item['author-avatar']);
+
+
require_once('include/enotify.php');
notification(array(
'type' => NOTIFY_TAGSELF,
'link' => $a->get_baseurl() . '/display/' . $u[0]['nickname'] . '/' . $item['id'],
'source_name' => $item['author-name'],
'source_link' => $item['author-link'],
- 'source_photo' => $item['author-avatar'],
+ 'source_photo' => $photo,
'verb' => ACTIVITY_TAG,
'otype' => 'item'
));
+
+ $arr = array('item' => $item, 'user' => $u[0], 'contact' => $r[0]);
+
+ call_hooks('tagged', $arr);
+
if((! $community_page) && (! $prvgroup))
return;
+function tgroup_check($uid,$item) {
+
+ $a = get_app();
+
+ $mention = false;
+
+ // check that the message originated elsewhere and is a top-level post
+
+ if(($item['wall']) || ($item['origin']) || ($item['uri'] != $item['parent-uri']))
+ return false;
+
+
+ $u = q("select * from user where uid = %d limit 1",
+ intval($uid)
+ );
+ if(! count($u))
+ return false;
+
+ $community_page = (($u[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
+ $prvgroup = (($u[0]['page-flags'] == PAGE_PRVGROUP) ? true : false);
+
+
+ $link = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
+
+ // Diaspora uses their own hardwired link URL in @-tags
+ // instead of the one we supply with webfinger
+
+ $dlink = normalise_link($a->get_baseurl() . '/u/' . $u[0]['nickname']);
+
+ $cnt = preg_match_all('/[\@\!]\[url\=(.*?)\](.*?)\[\/url\]/ism',$item['body'],$matches,PREG_SET_ORDER);
+ if($cnt) {
+ foreach($matches as $mtch) {
+ if(link_compare($link,$mtch[1]) || link_compare($dlink,$mtch[1])) {
+ $mention = true;
+ logger('tgroup_check: mention found: ' . $mtch[2]);
+ }
+ }
+ }
+
+ if(! $mention)
+ return false;
+
+ if((! $community_page) && (! $prvgroup))
+ return false;
+
+
+
+ return true;
+
+}
+
+
+
if($pass == 1)
continue;
+ // not allowed to post
+
+ if($contact['rel'] == CONTACT_IS_FOLLOWER)
+ continue;
+
+
// Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray['owner-avatar'] = $contact['thumb'];
}
+ // We've allowed "followers" to reach this point so we can decide if they are
+ // posting an @-tag delivery, which followers are allowed to do for certain
+ // page types. Now that we've parsed the post, let's check if it is legit. Otherwise ignore it.
+
+ if(($contact['rel'] == CONTACT_IS_FOLLOWER) && (! tgroup_check($importer['uid'],$datarray)))
+ continue;
+
+
$r = item_store($datarray);
continue;
$feed->enable_order_by_date(false);
$feed->init();
+
+ if($feed->error())
+ logger('local_delivery: Error parsing XML: ' . $feed->error());
+
+
+ // Check at the feed level for updated contact name and/or photo
+
+ $name_updated = '';
+ $new_name = '';
+ $photo_timestamp = '';
+ $photo_url = '';
+
+
+ $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'owner');
+
+// Fallback should not be needed here. If it isn't DFRN it won't have DFRN updated tags
+// if(! $rawtags)
+// $rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
+
+ if($rawtags) {
+ $elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
+ if($elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated']) {
+ $name_updated = $elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated'];
+ $new_name = $elems['name'][0]['data'];
+ }
+ if((x($elems,'link')) && ($elems['link'][0]['attribs']['']['rel'] === 'photo') && ($elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated'])) {
+ $photo_timestamp = datetime_convert('UTC','UTC',$elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated']);
+ $photo_url = $elems['link'][0]['attribs']['']['href'];
+ }
+ }
+
+ if(($photo_timestamp) && (strlen($photo_url)) && ($photo_timestamp > $importer['avatar-date'])) {
+ logger('local_delivery: Updating photo for ' . $importer['name']);
+ require_once("Photo.php");
+ $photo_failure = false;
+ $have_photo = false;
+
+ $r = q("SELECT `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1",
+ intval($importer['id']),
+ intval($importer['importer_uid'])
+ );
+ if(count($r)) {
+ $resource_id = $r[0]['resource-id'];
+ $have_photo = true;
+ }
+ else {
+ $resource_id = photo_new_resource();
+ }
+
+ $img_str = fetch_url($photo_url,true);
+ // guess mimetype from headers or filename
+ $type = guess_image_type($photo_url,true);
+
+
+ $img = new Photo($img_str, $type);
+ if($img->is_valid()) {
+ if($have_photo) {
+ q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `contact-id` = %d AND `uid` = %d",
+ dbesc($resource_id),
+ intval($importer['id']),
+ intval($importer['importer_uid'])
+ );
+ }
+
+ $img->scaleImageSquare(175);
+
+ $hash = $resource_id;
+ $r = $img->store($importer['importer_uid'], $importer['id'], $hash, basename($photo_url), 'Contact Photos', 4);
+
+ $img->scaleImage(80);
+ $r = $img->store($importer['importer_uid'], $importer['id'], $hash, basename($photo_url), 'Contact Photos', 5);
+
+ $img->scaleImage(48);
+ $r = $img->store($importer['importer_uid'], $importer['id'], $hash, basename($photo_url), 'Contact Photos', 6);
+
+ $a = get_app();
+
+ q("UPDATE `contact` SET `avatar-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s'
+ WHERE `uid` = %d AND `id` = %d LIMIT 1",
+ dbesc(datetime_convert()),
+ dbesc($a->get_baseurl() . '/photo/' . $hash . '-4.'.$img->getExt()),
+ dbesc($a->get_baseurl() . '/photo/' . $hash . '-5.'.$img->getExt()),
+ dbesc($a->get_baseurl() . '/photo/' . $hash . '-6.'.$img->getExt()),
+ intval($importer['importer_uid']),
+ intval($importer['id'])
+ );
+ }
+ }
+
+ if(($name_updated) && (strlen($new_name)) && ($name_updated > $importer['name-date'])) {
+ $r = q("select * from contact where uid = %d and id = %d limit 1",
+ intval($importer['importer_uid']),
+ intval($importer['id'])
+ );
+
+ $x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
+ dbesc(notags(trim($new_name))),
+ dbesc(datetime_convert()),
+ intval($importer['importer_uid']),
+ intval($importer['id'])
+ );
+
+ // do our best to update the name on content items
+
+ if(count($r)) {
+ q("update item set `author-name` = '%s' where `author-name` = '%s' and `author-link` = '%s' and uid = %d",
+ dbesc(notags(trim($new_name))),
+ dbesc($r[0]['name']),
+ dbesc($r[0]['url']),
+ intval($importer['importer_uid'])
+ );
+ }
+ }
+
+
/*
// Currently unsupported - needs a lot of work
$reloc = $feed->get_feed_tags( NAMESPACE_DFRN, 'relocate' );
$is_a_remote_delete = false;
+ // POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,
`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`
LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
intval($importer['importer_uid'])
);
if($r && count($r))
- $is_a_remote_delete = true;
+ $is_a_remote_delete = true;
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
// Specifically, the recipient?
$is_a_remote_comment = false;
-
- // POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
- $r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,
- `contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`
- LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
- WHERE `item`.`uri` = '%s' AND (`item`.`parent-uri` = '%s' or `item`.`thr-parent` = '%s')
- AND `item`.`uid` = %d
- $sql_extra
+ $top_uri = $parent_uri;
+
+ $r = q("select `item`.`parent-uri` from `item`
+ WHERE `item`.`uri` = '%s'
LIMIT 1",
- dbesc($parent_uri),
- dbesc($parent_uri),
- dbesc($parent_uri),
- intval($importer['importer_uid'])
+ dbesc($parent_uri)
);
- if($r && count($r))
- $is_a_remote_comment = true;
+ if($r && count($r)) {
+ $top_uri = $r[0]['parent-uri'];
+
+ // POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
+ $r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,
+ `contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`
+ LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
+ WHERE `item`.`uri` = '%s' AND (`item`.`parent-uri` = '%s' or `item`.`thr-parent` = '%s')
+ AND `item`.`uid` = %d
+ $sql_extra
+ LIMIT 1",
+ dbesc($top_uri),
+ dbesc($top_uri),
+ dbesc($top_uri),
+ intval($importer['importer_uid'])
+ );
+ if($r && count($r))
+ $is_a_remote_comment = true;
+ }
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
}
- // TODO: make this next part work against both delivery threads of a community post
-
-// if((! link_compare($datarray['author-link'],$importer['url'])) && (! $community)) {
-// logger('local_delivery: received relay claiming to be from ' . $importer['url'] . ' however comment author url is ' . $datarray['author-link'] );
- // they won't know what to do so don't report an error. Just quietly die.
-// return 0;
-// }
-
- // our user with $importer['importer_uid'] is the owner
$own = q("select name,url,thumb from contact where uid = %d and self = 1 limit 1",
intval($importer['importer_uid'])
}
}
-// if($community) {
-// $newtag = '@[url=' . $a->get_baseurl() . '/profile/' . $importer['nickname'] . ']' . $importer['username'] . '[/url]';
-// if(! stristr($datarray['tag'],$newtag)) {
-// if(strlen($datarray['tag']))
-// $datarray['tag'] .= ',';
-// $datarray['tag'] .= $newtag;
-// }
-// }
-
$posted_id = item_store($datarray);
$parent = 0;
if($posted_id) {
- $r = q("SELECT `parent` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `parent`, `parent-uri` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($posted_id),
intval($importer['importer_uid'])
);
- if(count($r))
+ if(count($r)) {
$parent = $r[0]['parent'];
+ $parent_uri = $r[0]['parent-uri'];
+ }
if(! $is_like) {
$r1 = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `uid` = %d AND `parent` = %d",
}
if($posted_id && $parent) {
-
+
proc_run('php',"include/notifier.php","comment-import","$posted_id");
if((! $is_like) && (! $importer['self'])) {
'verb' => ACTIVITY_POST,
'otype' => 'item',
'parent' => $parent,
-
+ 'parent_uri' => $parent_uri,
));
}
$item_id = $item->get_id();
$datarray = get_atom_elements($feed,$item);
+ if($importer['rel'] == CONTACT_IS_FOLLOWER)
+ continue;
+
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
dbesc($item_id),
intval($importer['importer_uid'])
if(!x($datarray['type']) || $datarray['type'] != 'activity') {
$myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 AND `deleted` = 0",
- dbesc($parent_uri),
+ dbesc($top_uri),
intval($importer['importer_uid'])
);
'verb' => ACTIVITY_POST,
'otype' => 'item',
'parent' => $conv_parent,
+ 'parent_uri' => $parent_uri
));
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
- if(! link_compare($datarray['owner-link'],$contact['url'])) {
+
+ if(! link_compare($datarray['owner-link'],$importer['url'])) {
// The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery,
// but otherwise there's a possible data mixup on the sender's system.
// the tgroup delivery code called from item_store will correct it if it's a forum,
$datarray['owner-avatar'] = $importer['thumb'];
}
- $r = item_store($datarray);
+ if(($importer['rel'] == CONTACT_IS_FOLLOWER) && (! tgroup_check($importer['importer_uid'],$datarray)))
+ continue;
+
+ $posted_id = item_store($datarray);
+
+ if(stristr($datarray['verb'],ACTIVITY_POKE)) {
+ $verb = urldecode(substr($datarray['verb'],strpos($datarray['verb'],'#')+1));
+ if(! $verb)
+ continue;
+ $xo = parse_xml_string($datarray['object'],false);
+
+ if(($xo->type == ACTIVITY_OBJ_PERSON) && ($xo->id)) {
+
+ // somebody was poked/prodded. Was it me?
+
+ $links = parse_xml_string("<links>".unxmlify($xo->link)."</links>",false);
+
+ foreach($links->link as $l) {
+ $atts = $l->attributes();
+ switch($atts['rel']) {
+ case "alternate":
+ $Blink = $atts['href'];
+ break;
+ default:
+ break;
+ }
+ }
+ if($Blink && link_compare($Blink,$a->get_baseurl() . '/profile/' . $importer['nickname'])) {
+
+ // send a notification
+ require_once('include/enotify.php');
+
+ notification(array(
+ 'type' => NOTIFY_POKE,
+ 'notify_flags' => $importer['notify-flags'],
+ 'language' => $importer['language'],
+ 'to_name' => $importer['username'],
+ 'to_email' => $importer['email'],
+ 'uid' => $importer['importer_uid'],
+ 'item' => $datarray,
+ 'link' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id,
+ 'source_name' => stripslashes($datarray['author-name']),
+ 'source_link' => $datarray['author-link'],
+ 'source_photo' => ((link_compare($datarray['author-link'],$importer['url']))
+ ? $importer['thumb'] : $datarray['author-avatar']),
+ 'verb' => $datarray['verb'],
+ 'otype' => 'person',
+ 'activity' => $verb,
+
+ ));
+ }
+ }
+ }
+
continue;
}
}
else
$body = $item['body'];
-
$o = "\r\n\r\n<entry>\r\n";
if(is_array($author))
if(strlen($item['owner-name']))
$o .= atom_author('dfrn:owner',$item['owner-name'],$item['owner-link'],80,80,$item['owner-avatar']);
- if(($item['parent'] != $item['id']) || ($item['parent-uri'] !== $item['uri']) || ($item['thr-parent'])) {
+ if(($item['parent'] != $item['id']) || ($item['parent-uri'] !== $item['uri']) || (($item['thr-parent'] !== '') && ($item['thr-parent'] !== $item['uri']))) {
$parent_item = (($item['thr-parent']) ? $item['thr-parent'] : $item['parent-uri']);
$o .= '<thr:in-reply-to ref="' . xmlify($parent_item) . '" type="text/html" href="' . xmlify($a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['parent']) . '" />' . "\r\n";
}
$owner = $item['uid'];
+ $cid = 0;
+
// check if logged in user is either the author or owner of this item
- if((local_user() == $item['uid']) || (remote_user() == $item['contact-id'])) {
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $item['uid'] && $visitor['cid'] == $item['contact-id']) {
+ $cid = $visitor['cid'];
+ break;
+ }
+ }
+ }
+
+
+ if((local_user() == $item['uid']) || ($cid) || (! $interactive)) {
+ logger('delete item: ' . $item['id'], LOGGER_DEBUG);
// delete the item
$r = q("UPDATE `item` SET `deleted` = 1, `title` = '', `body` = '', `edited` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1",
projects / friendica.git / blobdiff