<?php
/**
- * @file mod/item.php
- */
-
-/*
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
* This is the POST destination for most all locally posted
* text stuff. This function handles status, wall-to-wall status,
* local comments, and remote coments that are posted on this site
use Friendica\Model\Conversation;
use Friendica\Model\FileTag;
use Friendica\Model\Item;
+use Friendica\Model\Notify\Type;
use Friendica\Model\Photo;
+use Friendica\Model\Tag;
use Friendica\Model\Term;
+use Friendica\Network\HTTPException;
use Friendica\Object\EMail\ItemCCEMail;
use Friendica\Protocol\Activity;
use Friendica\Protocol\Diaspora;
function item_post(App $a) {
if (!Session::isAuthenticated()) {
- return 0;
+ throw new HTTPException\ForbiddenException();
}
$uid = local_user();
$thread_parent_contact = Contact::getDetailsByURL($toplevel_item["author-link"]);
if ($toplevel_item['id'] != $toplevel_item['parent']) {
- $toplevel_item = Item::selectFirst(Item::ITEM_FIELDLIST, ['id' => $toplevel_item['parent']]);
+ $toplevel_item = Item::selectFirst([], ['id' => $toplevel_item['parent']]);
}
}
if (!DBA::isResult($toplevel_item)) {
- notice(DI::l10n()->t('Unable to locate original post.') . EOL);
+ notice(DI::l10n()->t('Unable to locate original post.'));
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}
- exit();
+ throw new HTTPException\NotFoundException(DI::l10n()->t('Unable to locate original post.'));
}
$toplevel_item_id = $toplevel_item['id'];
// Now check that valid personal details have been provided
if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
- notice(DI::l10n()->t('Permission denied.') . EOL);
+ notice(DI::l10n()->t('Permission denied.'));
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}
- exit();
+ throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.'));
}
// Init post instance
$network = $orig_post['network'];
$guid = $orig_post['guid'];
$extid = $orig_post['extid'];
-
} else {
+ $str_contact_allow = '';
+ $str_group_allow = '';
+ $str_contact_deny = '';
+ $str_group_deny = '';
- /*
- * if coming from the API and no privacy settings are set,
- * use the user default permissions - as they won't have
- * been supplied via a form.
- */
- if ($api_source
- && !array_key_exists('contact_allow', $_REQUEST)
- && !array_key_exists('group_allow', $_REQUEST)
- && !array_key_exists('contact_deny', $_REQUEST)
- && !array_key_exists('group_deny', $_REQUEST)) {
- $str_group_allow = $user['allow_gid'];
- $str_contact_allow = $user['allow_cid'];
- $str_group_deny = $user['deny_gid'];
- $str_contact_deny = $user['deny_cid'];
- } else {
- // use the posted permissions
-
+ if (($_REQUEST['visibility'] ?? '') !== 'public') {
$aclFormatter = DI::aclFormatter();
-
- $str_group_allow = $aclFormatter->toString($_REQUEST['group_allow'] ?? '');
- $str_contact_allow = $aclFormatter->toString($_REQUEST['contact_allow'] ?? '');
- $str_group_deny = $aclFormatter->toString($_REQUEST['group_deny'] ?? '');
- $str_contact_deny = $aclFormatter->toString($_REQUEST['contact_deny'] ?? '');
+ $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
+ $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
+ $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
+ $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
}
$title = Strings::escapeTags(trim($_REQUEST['title'] ?? ''));
$postopts = $_REQUEST['postopts'] ?? '';
- $private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
+ if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) {
+ $private = Item::PRIVATE;
+ } elseif (DI::pConfig()->get($profile_uid, 'system', 'unlisted')) {
+ $private = Item::UNLISTED;
+ } else {
+ $private = Item::PUBLIC;
+ }
// If this is a comment, set the permissions from the parent.
$network = $toplevel_item['network'];
}
- $str_contact_allow = $toplevel_item['allow_cid'];
- $str_group_allow = $toplevel_item['allow_gid'];
- $str_contact_deny = $toplevel_item['deny_cid'];
- $str_group_deny = $toplevel_item['deny_gid'];
+ $str_contact_allow = $toplevel_item['allow_cid'] ?? '';
+ $str_group_allow = $toplevel_item['allow_gid'] ?? '';
+ $str_contact_deny = $toplevel_item['deny_cid'] ?? '';
+ $str_group_deny = $toplevel_item['deny_gid'] ?? '';
$private = $toplevel_item['private'];
$wall = $toplevel_item['wall'];
if ($preview) {
System::jsonExit(['preview' => '']);
}
- info(DI::l10n()->t('Empty post discarded.') . EOL);
+
+ info(DI::l10n()->t('Empty post discarded.'));
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}
- exit();
+
+ throw new HTTPException\BadRequestException(DI::l10n()->t('Empty post discarded.'));
}
}
$match = null;
- if (!$preview && Photo::setPermissionFromBody($body, $profile_uid, $original_contact_id, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny)) {
+ if (!$preview && Photo::setPermissionFromBody($body, $uid, $original_contact_id, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny)) {
$objecttype = Activity\ObjectType::IMAGE;
}
$body = DI::bbCodeVideo()->transform($body);
- // Fold multi-line [code] sequences
- $body = preg_replace('/\[\/code\]\s*\[code\]/ism', "\n", $body);
-
$body = BBCode::scaleExternalImages($body);
// Setting the object type if not defined before
$datarray["item_id"] = -1;
$datarray["author-network"] = Protocol::DFRN;
- $o = conversation($a, [array_merge($contact_record, $datarray)], new Pager(DI::args()->getQueryString()), 'search', false, true);
+ $o = conversation($a, [array_merge($contact_record, $datarray)], 'search', false, true);
System::jsonExit(['preview' => $o]);
}
// update filetags in pconfig
FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category');
+ info(DI::l10n()->t('Post updated.'));
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}
- exit();
+
+ throw new HTTPException\OKException(DI::l10n()->t('Post updated.'));
}
unset($datarray['edit']);
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}
+
+ throw new HTTPException\InternalServerErrorException(DI::l10n()->t('Item wasn\'t stored.'));
}
$datarray = Item::selectFirst(Item::ITEM_FIELDLIST, ['id' => $post_id]);
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}
+
+ throw new HTTPException\InternalServerErrorException(DI::l10n()->t('Item couldn\'t be fetched.'));
}
+ Tag::storeFromBody($datarray['uri-id'], $datarray['body']);
+
// update filetags in pconfig
FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category');
if ($toplevel_item_id) {
if ($contact_record != $author) {
notification([
- 'type' => NOTIFY_COMMENT,
+ 'type' => Type::COMMENT,
'notify_flags' => $user['notify-flags'],
'language' => $user['language'],
'to_name' => $user['username'],
} else {
if (($contact_record != $author) && !count($forum_contact)) {
notification([
- 'type' => NOTIFY_WALL,
+ 'type' => Type::WALL,
'notify_flags' => $user['notify-flags'],
'language' => $user['language'],
'to_name' => $user['username'],
return $post_id;
}
+ info(DI::l10n()->t('Post published.'));
item_post_return(DI::baseUrl(), $api_source, $return_path);
// NOTREACHED
}
function item_post_return($baseurl, $api_source, $return_path)
{
- // figure out how to return, depending on from whence we came
- $a = DI::app();
-
if ($api_source) {
return;
}
*
* @return array|bool ['replaced' => $replaced, 'contact' => $contact];
* @throws ImagickException
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws HTTPException\InternalServerErrorException
*/
function handle_tag(&$body, &$inform, &$str_tags, $profile_uid, $tag, $network = "")
{