<?php
/**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
use Friendica\Content\Widget\CalendarExport;
use Friendica\Core\ACL;
use Friendica\Core\Logger;
+use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
use Friendica\Core\Theme;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\DI;
+use Friendica\Model\Conversation;
use Friendica\Model\Event;
use Friendica\Model\Item;
+use Friendica\Model\Post;
use Friendica\Model\User;
use Friendica\Module\BaseProfile;
use Friendica\Module\Security\Login;
// If it's a json request abort here because we don't
// need the widget data
- if ($a->argc > 1 && $a->argv[1] === 'json') {
+ if (DI::args()->getArgc() > 1 && DI::args()->getArgv()[1] === 'json') {
return;
}
DI::page()['aside'] = '';
}
- $cal_widget = CalendarExport::getHTML();
+ $cal_widget = CalendarExport::getHTML(local_user());
DI::page()['aside'] .= $cal_widget;
function events_post(App $a)
{
-
Logger::debug('post', ['request' => $_REQUEST]);
-
if (!local_user()) {
return;
}
$adjust = intval($_POST['adjust'] ?? 0);
$nofinish = intval($_POST['nofinish'] ?? 0);
+ $share = intval($_POST['share'] ?? 0);
+
// The default setting for the `private` field in event_store() is false, so mirror that
$private_event = false;
];
$action = ($event_id == '') ? 'new' : 'event/' . $event_id;
- $onerror_path = 'events/' . $action . '?' . http_build_query($params, null, null, PHP_QUERY_RFC3986);
+ $onerror_path = 'events/' . $action . '?' . http_build_query($params, '', '&', PHP_QUERY_RFC3986);
if (strcmp($finish, $start) < 0 && !$nofinish) {
notice(DI::l10n()->t('Event can not end before it has started.'));
DI::baseUrl()->redirect($onerror_path);
}
- $share = intval($_POST['share'] ?? 0);
-
- $c = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1",
- intval(local_user())
- );
-
- if (DBA::isResult($c)) {
- $self = $c[0]['id'];
- } else {
- $self = 0;
- }
+ $self = \Friendica\Model\Contact::getPublicIdByUserId($uid);
+ $aclFormatter = DI::aclFormatter();
if ($share) {
-
- $aclFormatter = DI::aclFormatter();
-
- $str_group_allow = $aclFormatter->toString($_POST['group_allow'] ?? '');
- $str_contact_allow = $aclFormatter->toString($_POST['contact_allow'] ?? '');
- $str_group_deny = $aclFormatter->toString($_POST['group_deny'] ?? '');
- $str_contact_deny = $aclFormatter->toString($_POST['contact_deny'] ?? '');
-
- // Undo the pseudo-contact of self, since there are real contacts now
- if (strpos($str_contact_allow, '<' . $self . '>') !== false) {
- $str_contact_allow = str_replace('<' . $self . '>', '', $str_contact_allow);
+ $user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
+ if (!DBA::isResult($user)) {
+ return;
}
- // Make sure to set the `private` field as true. This is necessary to
- // have the posts show up correctly in Diaspora if an event is created
- // as visible only to self at first, but then edited to display to others.
- if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) {
- $private_event = true;
+
+ $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
+ $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
+ $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
+ $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
+
+ $visibility = $_REQUEST['visibility'] ?? '';
+ if ($visibility === 'public') {
+ // The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected
+ $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+ } else if ($visibility === 'custom') {
+ // Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL
+ // case that would make it public. So we always append the author's contact id to the allowed contacts.
+ // See https://github.com/friendica/friendica/issues/9672
+ $str_contact_allow .= $aclFormatter->toString($self);
}
} else {
- // Note: do not set `private` field for self-only events. It will
- // keep even you from seeing them!
- $str_contact_allow = '<' . $self . '>';
+ $str_contact_allow = $aclFormatter->toString($self);
$str_group_allow = $str_contact_deny = $str_group_deny = '';
}
+ // Make sure to set the `private` field as true. This is necessary to
+ // have the posts show up correctly in Diaspora if an event is created
+ // as visible only to self at first, but then edited to display to others.
+ if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) {
+ $private_event = true;
+ }
$datarray = [];
$datarray['start'] = $start;
exit();
}
- $item_id = Event::store($datarray);
+ $event_id = Event::store($datarray);
- if (!$cid) {
- Worker::add(PRIORITY_HIGH, "Notifier", Delivery::POST, $item_id);
+ $item = ['network' => Protocol::DFRN, 'protocol' => Conversation::PARCEL_DIRECT, 'direction' => Conversation::PUSH];
+ $item = Event::getItemArrayForId($event_id, $item);
+ if (Item::insert($item)) {
+ $uri_id = $item['uri-id'];
+ } else {
+ $uri_id = 0;
+ }
+
+ if (!$cid && $uri_id) {
+ Worker::add(PRIORITY_HIGH, "Notifier", Delivery::POST, (int)$uri_id, (int)$uid);
}
DI::baseUrl()->redirect('events');
return Login::form();
}
- if ($a->argc == 1) {
+ if (DI::args()->getArgc() == 1) {
$_SESSION['return_path'] = DI::args()->getCommand();
}
- if (($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) {
- q("UPDATE `event` SET `ignore` = 1 WHERE `id` = %d AND `uid` = %d",
- intval($a->argv[2]),
- intval(local_user())
- );
+ if ((DI::args()->getArgc() > 2) && (DI::args()->getArgv()[1] === 'ignore') && intval(DI::args()->getArgv()[2])) {
+ DBA::update('event', ['ignore' => true], ['id' => DI::args()->getArgv()[2], 'uid' => local_user()]);
}
- if (($a->argc > 2) && ($a->argv[1] === 'unignore') && intval($a->argv[2])) {
- q("UPDATE `event` SET `ignore` = 0 WHERE `id` = %d AND `uid` = %d",
- intval($a->argv[2]),
- intval(local_user())
- );
+ if ((DI::args()->getArgc() > 2) && (DI::args()->getArgv()[1] === 'unignore') && intval(DI::args()->getArgv()[2])) {
+ DBA::update('event', ['ignore' => false], ['id' => DI::args()->getArgv()[2], 'uid' => local_user()]);
}
- if ($a->theme_events_in_profile) {
+ if ($a->getThemeInfoValue('events_in_profile')) {
Nav::setSelected('home');
} else {
Nav::setSelected('events');
$o = '';
$tabs = '';
// tabs
- if ($a->theme_events_in_profile) {
- $tabs = BaseProfile::getTabsHTML($a, 'events', true);
+ if ($a->getThemeInfoValue('events_in_profile')) {
+ $tabs = BaseProfile::getTabsHTML($a, 'events', true, $a->getLoggedInUserNickname(), false);
}
$mode = 'view';
$m = 0;
$ignored = !empty($_REQUEST['ignored']) ? intval($_REQUEST['ignored']) : 0;
- if ($a->argc > 1) {
- if ($a->argc > 2 && $a->argv[1] == 'event') {
+ if (DI::args()->getArgc() > 1) {
+ if (DI::args()->getArgc() > 2 && DI::args()->getArgv()[1] == 'event') {
$mode = 'edit';
- $event_id = intval($a->argv[2]);
+ $event_id = intval(DI::args()->getArgv()[2]);
}
- if ($a->argc > 2 && $a->argv[1] == 'drop') {
+ if (DI::args()->getArgc() > 2 && DI::args()->getArgv()[1] == 'drop') {
$mode = 'drop';
- $event_id = intval($a->argv[2]);
+ $event_id = intval(DI::args()->getArgv()[2]);
}
- if ($a->argc > 2 && $a->argv[1] == 'copy') {
+ if (DI::args()->getArgc() > 2 && DI::args()->getArgv()[1] == 'copy') {
$mode = 'copy';
- $event_id = intval($a->argv[2]);
+ $event_id = intval(DI::args()->getArgv()[2]);
}
- if ($a->argv[1] === 'new') {
+ if (DI::args()->getArgv()[1] === 'new') {
$mode = 'new';
$event_id = 0;
}
- if ($a->argc > 2 && intval($a->argv[1]) && intval($a->argv[2])) {
+ if (DI::args()->getArgc() > 2 && intval(DI::args()->getArgv()[1]) && intval(DI::args()->getArgv()[2])) {
$mode = 'view';
- $y = intval($a->argv[1]);
- $m = intval($a->argv[2]);
+ $y = intval(DI::args()->getArgv()[1]);
+ $m = intval(DI::args()->getArgv()[2]);
}
}
$start = sprintf('%d-%d-%d %d:%d:%d', $y, $m, 1, 0, 0, 0);
$finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59);
- if ($a->argc > 1 && $a->argv[1] === 'json') {
+ if (DI::args()->getArgc() > 1 && DI::args()->getArgv()[1] === 'json') {
if (!empty($_GET['start'])) {
$start = $_GET['start'];
}
$events = Event::prepareListForTemplate($r);
}
- if ($a->argc > 1 && $a->argv[1] === 'json') {
+ if (DI::args()->getArgc() > 1 && DI::args()->getArgv()[1] === 'json') {
header('Content-Type: application/json');
echo json_encode($events);
exit();
}
if (($mode === 'edit' || $mode === 'copy') && $event_id) {
- $r = q("SELECT * FROM `event` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($event_id),
- intval(local_user())
- );
- if (DBA::isResult($r)) {
- $orig_event = $r[0];
- }
+ $orig_event = DBA::selectFirst('event', [], ['id' => $event_id, 'uid' => local_user()]);
}
// Passed parameters overrides anything found in the DB
$fdt = $orig_event['finish'] ?? 'now';
$tz = date_default_timezone_get();
- if (!empty($orig_event)) {
+ if (isset($orig_event['adjust'])) {
$tz = ($orig_event['adjust'] ? date_default_timezone_get() : 'UTC');
}
$fminute = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'i') : '00';
if (!$cid && in_array($mode, ['new', 'copy'])) {
- $acl = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($orig_event));
+ $acl = ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId(), false, ACL::getDefaultUserPermissions($orig_event));
} else {
$acl = '';
}
Item::deleteForUser(['id' => $ev[0]['itemid']], local_user());
}
- if (Item::exists(['id' => $ev[0]['itemid']])) {
+ if (Post::exists(['id' => $ev[0]['itemid']])) {
notice(DI::l10n()->t('Failed to remove event'));
}