Merge pull request #5830 from nupplaphil/update_from_boot

[friendica.git] / mod / cal.php

diff --git a/mod/cal.php b/mod/cal.php
index 5779b0316ae570b8a5562ab15423748468c72c89..6f483acc163478853847b72c36b343bccb0117d4 100644 (file)
--- a/mod/cal.php
+++ b/mod/cal.php
@@ -17,10 +17,12 @@ use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Model\Event;
 use Friendica\Model\Group;
+use Friendica\Model\Item;
 use Friendica\Model\Profile;
 use Friendica\Protocol\DFRN;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Temporal;
+use Friendica\Util\Security;
 
 function cal_init(App $a)
 {
@@ -29,11 +31,11 @@ function cal_init(App $a)
        }
 
        if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
-               return;
+               System::httpExit(403, ['title' => L10n::t('Access denied.')]);
        }
 
        if ($a->argc < 2) {
-               System::httpExit(403, ["title" => L10n::t('Access denied.')]);
+               System::httpExit(403, ['title' => L10n::t('Access denied.')]);
        }
 
        Nav::setSelected('events');
@@ -41,7 +43,7 @@ function cal_init(App $a)
        $nick = $a->argv[1];
        $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]);
        if (!DBA::isResult($user)) {
-               return;
+               System::httpExit(404, ['title' => L10n::t('Page not found.')]);
        }
 
        $a->data['user'] = $user;
@@ -94,11 +96,6 @@ function cal_content(App $a)
                '$i18n' => $i18n,
        ]);
 
-       $etpl = get_markup_template('event_end.tpl');
-       $a->page['end'] .= replace_macros($etpl, [
-               '$baseurl' => System::baseUrl(),
-       ]);
-
        $mode = 'view';
        $y = 0;
        $m = 0;
@@ -146,7 +143,7 @@ function cal_content(App $a)
        }
 
        // get the permissions
-       $sql_perms = item_permissions_sql($owner_uid, $remote_contact, $groups);
+       $sql_perms = Item::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
        // we only want to have the events of the profile owner
        $sql_extra = " AND `event`.`cid` = 0 " . $sql_perms;
 
@@ -224,7 +221,7 @@ function cal_content(App $a)
 
                // get events by id or by date
                if ($event_params['event_id']) {
-                       $r = Event::getListById($owner_uid, $event_params['event-id'], $sql_extra);
+                       $r = Event::getListById($owner_uid, $event_params['event_id'], $sql_extra);
                } else {
                        $r = Event::getListByDate($owner_uid, $event_params, $sql_extra);
                }
@@ -304,7 +301,7 @@ function cal_content(App $a)
                // Respect the export feature setting for all other /cal pages if it's not the own profile
                if ((local_user() !== intval($owner_uid)) && !Feature::isEnabled($owner_uid, "export_calendar")) {
                        notice(L10n::t('Permission denied.') . EOL);
-                       goaway('cal/' . $nick);
+                       $a->internalRedirect('cal/' . $nick);
                }
 
                // Get the export data by uid
@@ -325,7 +322,7 @@ function cal_content(App $a)
                                $return_path = "cal/" . $nick;
                        }
 
-                       goaway($return_path);
+                       $a->internalRedirect($return_path);
                }
 
                // If nothing went wrong we can echo the export content