<?php
/**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
-use Friendica\Core\Renderer;
use Friendica\Core\Session;
use Friendica\Core\System;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\DI;
+use Friendica\Model\APContact;
use Friendica\Model\Attach;
use Friendica\Model\Contact;
use Friendica\Model\Conversation;
use Friendica\Model\FileTag;
use Friendica\Model\Item;
-use Friendica\Model\Notify\Type;
+use Friendica\Model\ItemURI;
+use Friendica\Model\Notification;
use Friendica\Model\Photo;
+use Friendica\Model\Post;
use Friendica\Model\Tag;
+use Friendica\Model\User;
use Friendica\Network\HTTPException;
use Friendica\Object\EMail\ItemCCEMail;
use Friendica\Protocol\Activity;
-use Friendica\Protocol\Diaspora;
+use Friendica\Security\Security;
use Friendica\Util\DateTimeFormat;
-use Friendica\Util\Security;
-use Friendica\Util\Strings;
+use Friendica\Util\ParseUrl;
use Friendica\Worker\Delivery;
function item_post(App $a) {
$api_source = $_REQUEST['api_source'] ?? false;
- $message_id = ((!empty($_REQUEST['message_id']) && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
-
$return_path = $_REQUEST['return'] ?? '';
$preview = intval($_REQUEST['preview'] ?? 0);
}
// Is this a reply to something?
- $toplevel_item_id = intval($_REQUEST['parent'] ?? 0);
+ $parent_item_id = intval($_REQUEST['parent'] ?? 0);
$thr_parent_uri = trim($_REQUEST['parent_uri'] ?? '');
+ $parent_item = null;
$toplevel_item = null;
- $parent_user = null;
+ $toplevel_item_id = 0;
+ $toplevel_user_id = null;
$objecttype = null;
$profile_uid = ($_REQUEST['profile_uid'] ?? 0) ?: local_user();
$posttype = ($_REQUEST['post_type'] ?? '') ?: Item::PT_ARTICLE;
- if ($toplevel_item_id || $thr_parent_uri) {
- if ($toplevel_item_id) {
- $toplevel_item = Item::selectFirst([], ['id' => $toplevel_item_id]);
+ if ($parent_item_id || $thr_parent_uri) {
+ if ($parent_item_id) {
+ $parent_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $parent_item_id]);
} elseif ($thr_parent_uri) {
- $toplevel_item = Item::selectFirst([], ['uri' => $thr_parent_uri, 'uid' => $profile_uid]);
+ $parent_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['uri' => $thr_parent_uri, 'uid' => $profile_uid]);
}
// if this isn't the top-level parent of the conversation, find it
- if (DBA::isResult($toplevel_item)) {
+ if (DBA::isResult($parent_item)) {
// The URI and the contact is taken from the direct parent which needn't to be the top parent
- $thr_parent_uri = $toplevel_item['uri'];
+ $thr_parent_uri = $parent_item['uri'];
+ $toplevel_item = $parent_item;
- if ($toplevel_item['gravity'] != GRAVITY_PARENT) {
- $toplevel_item = Item::selectFirst([], ['id' => $toplevel_item['parent']]);
+ if ($parent_item['gravity'] != GRAVITY_PARENT) {
+ $toplevel_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $toplevel_item['parent']]);
}
}
// When commenting on a public post then store the post for the current user
// This enables interaction like starring and saving into folders
if ($toplevel_item['uid'] == 0) {
- $stored = Item::storeForUser($toplevel_item, local_user());
+ $stored = Item::storeForUserByUriId($toplevel_item['uri-id'], local_user());
Logger::info('Public item stored for user', ['uri-id' => $toplevel_item['uri-id'], 'uid' => $uid, 'stored' => $stored]);
if ($stored) {
- $toplevel_item = Item::selectFirst([], ['id' => $stored]);
+ $toplevel_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $stored]);
}
}
$toplevel_item_id = $toplevel_item['id'];
- $parent_user = $toplevel_item['uid'];
+ $toplevel_user_id = $toplevel_item['uid'];
$objecttype = Activity\ObjectType::COMMENT;
}
}
// Ensure that the user id in a thread always stay the same
- if (!is_null($parent_user) && in_array($parent_user, [local_user(), 0])) {
- $profile_uid = $parent_user;
- }
-
- // Check for multiple posts with the same message id (when the post was created via API)
- if (($message_id != '') && ($profile_uid != 0)) {
- if (Item::exists(['uri' => $message_id, 'uid' => $profile_uid])) {
- Logger::info('Message already exists for user', ['uri' => $message_id, 'uid' => $profile_uid]);
- return 0;
- }
+ if (!is_null($toplevel_user_id) && in_array($toplevel_user_id, [local_user(), 0])) {
+ $profile_uid = $toplevel_user_id;
}
// Allow commenting if it is an answer to a public post
// is this an edited post?
if ($post_id > 0) {
- $orig_post = Item::selectFirst(Item::ITEM_FIELDLIST, ['id' => $post_id]);
+ $orig_post = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $post_id]);
}
- $user = DBA::selectFirst('user', [], ['uid' => $profile_uid]);
-
+ $user = User::getById($profile_uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
if (!DBA::isResult($user) && !$toplevel_item_id) {
return 0;
}
$attachment_img_width = $_REQUEST['attachment_img_width'] ?? 0;
$attachment_img_height = $_REQUEST['attachment_img_height'] ?? 0;
- $attachment = [
- 'type' => $attachment_type,
- 'title' => $attachment_title,
- 'text' => $attachment_text,
- 'url' => $attachment_url,
- ];
+
+ // Fetch the basic attachment data
+ $attachment = ParseUrl::getSiteinfoCached($attachment_url);
+ unset($attachment['keywords']);
+
+ // Overwrite the basic data with possible changes from the frontend
+ $attachment['type'] = $attachment_type;
+ $attachment['title'] = $attachment_title;
+ $attachment['text'] = $attachment_text;
+ $attachment['url'] = $attachment_url;
if (!empty($attachment_img_src)) {
$attachment['images'] = [
'height' => $attachment_img_height
]
];
+ } else {
+ unset($attachment['images']);
}
$att_bbcode = "\n" . PageInfo::getFooterFromData($attachment);
$verb = $orig_post['verb'];
$objecttype = $orig_post['object-type'];
$app = $orig_post['app'];
- $categories = $orig_post['file'] ?? '';
- $title = Strings::escapeTags(trim($_REQUEST['title']));
+ $categories = Post\Category::getTextByURIId($orig_post['uri-id'], $orig_post['uid']);
+ $title = trim($_REQUEST['title'] ?? '');
$body = trim($body);
$private = $orig_post['private'];
$pubmail_enabled = $orig_post['pubmail'];
$guid = $orig_post['guid'];
$extid = $orig_post['extid'];
} else {
- $str_contact_allow = '';
- $str_group_allow = '';
- $str_contact_deny = '';
- $str_group_deny = '';
-
- if (($_REQUEST['visibility'] ?? '') !== 'public') {
- $aclFormatter = DI::aclFormatter();
- $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
- $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
- $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
- $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
- }
-
- $title = Strings::escapeTags(trim($_REQUEST['title'] ?? ''));
- $location = Strings::escapeTags(trim($_REQUEST['location'] ?? ''));
- $coord = Strings::escapeTags(trim($_REQUEST['coord'] ?? ''));
- $verb = Strings::escapeTags(trim($_REQUEST['verb'] ?? ''));
- $emailcc = Strings::escapeTags(trim($_REQUEST['emailcc'] ?? ''));
+ $aclFormatter = DI::aclFormatter();
+ $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
+ $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
+ $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
+ $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
+
+ $visibility = $_REQUEST['visibility'] ?? '';
+ if ($visibility === 'public') {
+ // The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected
+ $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+ } else if ($visibility === 'custom') {
+ // Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL
+ // case that would make it public. So we always append the author's contact id to the allowed contacts.
+ // See https://github.com/friendica/friendica/issues/9672
+ $str_contact_allow .= $aclFormatter->toString(Contact::getPublicIdByUserId($uid));
+ }
+
+ $title = trim($_REQUEST['title'] ?? '');
+ $location = trim($_REQUEST['location'] ?? '');
+ $coord = trim($_REQUEST['coord'] ?? '');
+ $verb = trim($_REQUEST['verb'] ?? '');
+ $emailcc = trim($_REQUEST['emailcc'] ?? '');
$body = trim($body);
- $network = Strings::escapeTags(trim(($_REQUEST['network'] ?? '') ?: Protocol::DFRN));
+ $network = trim(($_REQUEST['network'] ?? '') ?: Protocol::DFRN);
$guid = System::createUUID();
$postopts = $_REQUEST['postopts'] ?? '';
$filedas = FileTag::fileToArray($categories);
}
- // save old and new categories, so we can determine what needs to be deleted from pconfig
- $categories_old = $categories;
$categories = FileTag::listToFile(trim($_REQUEST['category'] ?? ''), 'category');
- $categories_new = $categories;
if (!empty($filedas) && is_array($filedas)) {
// append the fileas stuff to the new categories list
}
}
- $success = ItemHelper::replaceTag($body, $inform, local_user() ? local_user() : $profile_uid, $tag, $network);
- if ($success['replaced']) {
- $tagged[] = $tag;
- }
- // When the forum is private or the forum is addressed with a "!" make the post private
- if (!empty($success['contact']['prv']) || ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION])) {
- $private_forum = $success['contact']['prv'];
- $only_to_forum = ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION]);
- $private_id = $success['contact']['id'];
- $forum_contact = $success['contact'];
- } elseif (!empty($success['contact']['forum']) && ($str_contact_allow == '<' . $success['contact']['id'] . '>')) {
- $private_forum = false;
- $only_to_forum = true;
- $private_id = $success['contact']['id'];
- $forum_contact = $success['contact'];
+ if ($success = ItemHelper::replaceTag($body, $inform, local_user() ? local_user() : $profile_uid, $tag, $network)) {
+ if ($success['replaced']) {
+ $tagged[] = $tag;
+ }
+ // When the forum is private or the forum is addressed with a "!" make the post private
+ if (!empty($success['contact']['prv']) || ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION])) {
+ $private_forum = $success['contact']['prv'];
+ $only_to_forum = ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION]);
+ $private_id = $success['contact']['id'];
+ $forum_contact = $success['contact'];
+ } elseif (!empty($success['contact']['forum']) && ($str_contact_allow == '<' . $success['contact']['id'] . '>')) {
+ $private_forum = false;
+ $only_to_forum = true;
+ $private_id = $success['contact']['id'];
+ $forum_contact = $success['contact'];
+ }
}
}
if (!$toplevel_item_id && !empty($forum_contact) && ($private_forum || $only_to_forum)) {
// we tagged a forum in a top level post. Now we change the post
- $private = $private_forum;
+ $private = $private_forum ? Item::PRIVATE : Item::UNLISTED;
- $str_group_allow = '';
- $str_contact_deny = '';
- $str_group_deny = '';
- if ($private_forum) {
- $str_contact_allow = '<' . $private_id . '>';
- } else {
+ if ($only_to_forum) {
+ $postopts = '';
+ }
+
+ if (!$private_forum) {
$str_contact_allow = '';
+ $str_group_allow = '';
+ $str_contact_deny = '';
+ $str_group_deny = '';
+ }
+
+ if ($private_forum || !APContact::getByURL($forum_contact['url'])) {
+ $str_group_allow = '';
+ $str_contact_deny = '';
+ $str_group_deny = '';
+ if ($private_forum) {
+ $str_contact_allow = '<' . $private_id . '>';
+ } else {
+ $str_contact_allow = '';
+ }
+ $contact_id = $private_id;
+ $contact_record = $forum_contact;
+ $_REQUEST['origin'] = false;
+ $wall = 0;
}
- $contact_id = $private_id;
- $contact_record = $forum_contact;
- $_REQUEST['origin'] = false;
- $wall = 0;
}
/*
/*
* Next link in any attachment references we find in the post.
*/
- $match = false;
+ $match = [];
/// @todo these lines should be moved to Model/Attach (Once it exists)
if (!$preview && preg_match_all("/\[attachment\](.*?)\[\/attachment\]/", $body, $match)) {
// embedded bookmark or attachment in post? set bookmark flag
$data = BBCode::getAttachmentData($body);
+ $match = [];
if ((preg_match_all("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism", $body, $match, PREG_SET_ORDER) || isset($data["type"]))
&& ($posttype != Item::PT_PERSONAL_NOTE)) {
$posttype = Item::PT_PAGE;
}
$attachments = '';
- $match = false;
+ $match = [];
if (preg_match_all('/(\[attachment\]([0-9]+)\[\/attachment\])/',$body,$match)) {
foreach ($match[2] as $mtch) {
if (strlen($attachments)) {
$attachments .= ',';
}
- $attachments .= '[attach]href="' . DI::baseUrl() . '/attach/' . $attachment['id'] .
- '" length="' . $attachment['filesize'] . '" type="' . $attachment['filetype'] .
- '" title="' . ($attachment['filename'] ? $attachment['filename'] : '') . '"[/attach]';
+ $attachments .= Post\Media::getAttachElement(DI::baseUrl() . '/attach/' . $attachment['id'],
+ $attachment['filesize'], $attachment['filetype'], $attachment['filename'] ?? '');
}
$body = str_replace($match[1],'',$body);
}
$origin = $_REQUEST['origin'];
}
- $uri = ($message_id ? $message_id : Item::newURI($api_source ? $profile_uid : $uid, $guid));
+ $uri = Item::newURI($api_source ? $profile_uid : $uid, $guid);
// Fallback so that we alway have a parent uri
if (!$thr_parent_uri || !$toplevel_item_id) {
$datarray['pubmail'] = $pubmail_enabled;
$datarray['attach'] = $attachments;
- // This is not a bug. The item store function changes 'parent-uri' to 'thr-parent' and fetches 'parent-uri' new. (We should change this)
- $datarray['parent-uri'] = $thr_parent_uri;
+ $datarray['thr-parent'] = $thr_parent_uri;
$datarray['postopts'] = $postopts;
$datarray['origin'] = $origin;
- $datarray['moderated'] = false;
$datarray['object'] = $object;
+ $datarray['attachments'] = $_REQUEST['attachments'] ?? [];
+
/*
* These fields are for the convenience of addons...
* 'self' if true indicates the owner is posting on their own wall
$datarray['api_source'] = $api_source;
// This field is for storing the raw conversation data
- $datarray['protocol'] = Conversation::PARCEL_DFRN;
+ $datarray['protocol'] = Conversation::PARCEL_DIRECT;
+ $datarray['direction'] = Conversation::PUSH;
- $conversation = DBA::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $datarray['parent-uri']]);
+ $conversation = DBA::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $datarray['thr-parent']]);
if (DBA::isResult($conversation)) {
if ($conversation['conversation-uri'] != '') {
$datarray['conversation-uri'] = $conversation['conversation-uri'];
// doesn't have an ID.
$datarray["id"] = -1;
$datarray["uri-id"] = -1;
- $datarray["item_id"] = -1;
$datarray["author-network"] = Protocol::DFRN;
$o = conversation($a, [array_merge($contact_record, $datarray)], 'search', false, true);
Hook::callAll('post_local',$datarray);
+ if (!empty($_REQUEST['scheduled_at'])) {
+ $scheduled_at = DateTimeFormat::convert($_REQUEST['scheduled_at'], 'UTC', $a->getTimezone());
+ if ($scheduled_at > DateTimeFormat::utcNow()) {
+ unset($datarray['created']);
+ unset($datarray['edited']);
+ unset($datarray['commented']);
+ unset($datarray['received']);
+ unset($datarray['changed']);
+ unset($datarray['edit']);
+ unset($datarray['self']);
+ unset($datarray['api_source']);
+
+ Post\Delayed::add($datarray['uri'], $datarray, PRIORITY_HIGH, Post\Delayed::PREPARED_NO_HOOK, $scheduled_at);
+ item_post_return(DI::baseUrl(), $api_source, $return_path);
+ }
+ }
+
if (!empty($datarray['cancel'])) {
Logger::info('mod_item: post cancelled by addon.');
if ($return_path) {
System::jsonExit($json);
}
+ $datarray['uri-id'] = ItemURI::getIdByURI($datarray['uri']);
+
if ($orig_post) {
// Fill the cache field
// This could be done in Item::update as well - but we have to check for the existance of some fields.
Item::update($fields, ['id' => $post_id]);
- // update filetags in pconfig
- FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category');
-
if ($return_path) {
DI::baseUrl()->redirect($return_path);
}
unset($datarray['self']);
unset($datarray['api_source']);
- if ($origin) {
- $signed = Diaspora::createCommentSignature($uid, $datarray);
- if (!empty($signed)) {
- $datarray['diaspora_signed_text'] = json_encode($signed);
- }
- }
-
$post_id = Item::insert($datarray);
if (!$post_id) {
throw new HTTPException\InternalServerErrorException(DI::l10n()->t('Item wasn\'t stored.'));
}
- $datarray = Item::selectFirst(Item::ITEM_FIELDLIST, ['id' => $post_id]);
+ $datarray = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $post_id]);
if (!DBA::isResult($datarray)) {
Logger::error('Item couldn\'t be fetched.', ['post_id' => $post_id]);
Tag::createImplicitMentions($datarray['uri-id'], $datarray['thr-parent-id']);
}
- // update filetags in pconfig
- FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category');
-
// These notifications are sent if someone else is commenting other your wall
if ($contact_record != $author) {
if ($toplevel_item_id) {
notification([
- 'type' => Type::COMMENT,
- 'notify_flags' => $user['notify-flags'],
- 'language' => $user['language'],
- 'to_name' => $user['username'],
- 'to_email' => $user['email'],
- 'uid' => $user['uid'],
- 'item' => $datarray,
- 'link' => DI::baseUrl().'/display/'.urlencode($datarray['guid']),
- 'source_name' => $datarray['author-name'],
- 'source_link' => $datarray['author-link'],
- 'source_photo' => $datarray['author-avatar'],
- 'verb' => Activity::POST,
- 'otype' => 'item',
- 'parent' => $toplevel_item_id,
- 'parent_uri' => $toplevel_item['uri']
+ 'type' => Notification\Type::COMMENT,
+ 'otype' => Notification\ObjectType::ITEM,
+ 'verb' => Activity::POST,
+ 'uid' => $profile_uid,
+ 'cid' => $datarray['author-id'],
+ 'item' => $datarray,
+ 'link' => DI::baseUrl() . '/display/' . urlencode($datarray['guid']),
]);
} elseif (empty($forum_contact)) {
notification([
- 'type' => Type::WALL,
- 'notify_flags' => $user['notify-flags'],
- 'language' => $user['language'],
- 'to_name' => $user['username'],
- 'to_email' => $user['email'],
- 'uid' => $user['uid'],
- 'item' => $datarray,
- 'link' => DI::baseUrl().'/display/'.urlencode($datarray['guid']),
- 'source_name' => $datarray['author-name'],
- 'source_link' => $datarray['author-link'],
- 'source_photo' => $datarray['author-avatar'],
- 'verb' => Activity::POST,
- 'otype' => 'item'
+ 'type' => Notification\Type::WALL,
+ 'otype' => Notification\ObjectType::ITEM,
+ 'verb' => Activity::POST,
+ 'uid' => $profile_uid,
+ 'cid' => $datarray['author-id'],
+ 'item' => $datarray,
+ 'link' => DI::baseUrl() . '/display/' . urlencode($datarray['guid']),
]);
}
}
}
}
- // Insert an item entry for UID=0 for global entries.
- // We now do it in the background to save some time.
- // This is important in interactive environments like the frontend or the API.
- // We don't fork a new process since this is done anyway with the following command
- Worker::add(['priority' => PRIORITY_HIGH, 'dont_fork' => true], "CreateShadowEntry", $post_id);
-
// When we are doing some forum posting via ! we have to start the notifier manually.
// These kind of posts don't initiate the notifier call in the item class.
if ($only_to_forum) {
- Worker::add(['priority' => PRIORITY_HIGH, 'dont_fork' => false], "Notifier", Delivery::POST, $post_id);
+ Worker::add(['priority' => PRIORITY_HIGH, 'dont_fork' => false], "Notifier", Delivery::POST, (int)$datarray['uri-id'], (int)$datarray['uid']);
}
Logger::info('post_complete');
function item_content(App $a)
{
if (!Session::isAuthenticated()) {
- return;
+ throw new HTTPException\UnauthorizedException();
}
- $o = '';
+ $args = DI::args();
- if (($a->argc >= 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
- if (DI::mode()->isAjax()) {
- Item::deleteForUser(['id' => $a->argv[2]], local_user());
- // ajax return: [<item id>, 0 (no perm) | <owner id>]
- System::jsonExit([intval($a->argv[2]), local_user()]);
- } else {
- if (!empty($a->argv[3])) {
- $o = drop_item($a->argv[2], $a->argv[3]);
+ if (!$args->has(3)) {
+ throw new HTTPException\BadRequestException();
+ }
+
+ $o = '';
+ switch ($args->get(1)) {
+ case 'drop':
+ if (DI::mode()->isAjax()) {
+ Item::deleteForUser(['id' => $args->get(2)], local_user());
+ // ajax return: [<item id>, 0 (no perm) | <owner id>]
+ System::jsonExit([intval($args->get(2)), local_user()]);
+ } else {
+ if (!empty($args->get(3))) {
+ $o = drop_item($args->get(2), $args->get(3));
+ } else {
+ $o = drop_item($args->get(2));
+ }
}
- else {
- $o = drop_item($a->argv[2]);
+ break;
+ case 'block':
+ $item = Post::selectFirstForUser(local_user(), ['guid', 'author-id', 'parent', 'gravity'], ['id' => $args->get(2)]);
+ if (empty($item['author-id'])) {
+ throw new HTTPException\NotFoundException('Item not found');
}
- }
+
+ Contact\User::setBlocked($item['author-id'], local_user(), true);
+
+ if (DI::mode()->isAjax()) {
+ // ajax return: [<item id>, 0 (no perm) | <owner id>]
+ System::jsonExit([intval($args->get(2)), local_user()]);
+ } else {
+ item_redirect_after_action($item, $args->get(3));
+ }
+ break;
}
return $o;
{
// locate item to be deleted
$fields = ['id', 'uid', 'guid', 'contact-id', 'deleted', 'gravity', 'parent'];
- $item = Item::selectFirstForUser(local_user(), $fields, ['id' => $id]);
+ $item = Post::selectFirstForUser(local_user(), $fields, ['id' => $id]);
if (!DBA::isResult($item)) {
- notice(DI::l10n()->t('Item not found.') . EOL);
+ notice(DI::l10n()->t('Item not found.'));
DI::baseUrl()->redirect('network');
}
}
if ((local_user() == $item['uid']) || $contact_id) {
- // Check if we should do HTML-based delete confirmation
- if (!empty($_REQUEST['confirm'])) {
- // <form> can't take arguments in its "action" parameter
- // so add any arguments as hidden inputs
- $query = explode_querystring(DI::args()->getQueryString());
- $inputs = [];
-
- foreach ($query['args'] as $arg) {
- if (strpos($arg, 'confirm=') === false) {
- $arg_parts = explode('=', $arg);
- $inputs[] = ['name' => $arg_parts[0], 'value' => $arg_parts[1]];
- }
- }
-
- return Renderer::replaceMacros(Renderer::getMarkupTemplate('confirm.tpl'), [
- '$method' => 'get',
- '$message' => DI::l10n()->t('Do you really want to delete this item?'),
- '$extra_inputs' => $inputs,
- '$confirm' => DI::l10n()->t('Yes'),
- '$confirm_url' => $query['base'],
- '$confirm_name' => 'confirmed',
- '$cancel' => DI::l10n()->t('Cancel'),
- ]);
- }
- // Now check how the user responded to the confirmation query
- if (!empty($_REQUEST['canceled'])) {
- DI::baseUrl()->redirect('display/' . $item['guid']);
- }
-
- $is_comment = $item['gravity'] == GRAVITY_COMMENT;
- $parentitem = null;
- if (!empty($item['parent'])) {
- $fields = ['guid'];
- $parentitem = Item::selectFirstForUser(local_user(), $fields, ['id' => $item['parent']]);
- }
-
// delete the item
Item::deleteForUser(['id' => $item['id']], local_user());
- $return_url = hex2bin($return);
-
- // removes update_* from return_url to ignore Ajax refresh
- $return_url = str_replace("update_", "", $return_url);
-
- // Check if delete a comment
- if ($is_comment) {
- // Return to parent guid
- if (!empty($parentitem)) {
- DI::baseUrl()->redirect('display/' . $parentitem['guid']);
- //NOTREACHED
- } // In case something goes wrong
- else {
- DI::baseUrl()->redirect('network');
- //NOTREACHED
- }
- } else {
- // if unknown location or deleting top level post called from display
- if (empty($return_url) || strpos($return_url, 'display') !== false) {
- DI::baseUrl()->redirect('network');
- //NOTREACHED
- } else {
- DI::baseUrl()->redirect($return_url);
- //NOTREACHED
- }
- }
+ item_redirect_after_action($item, $return);
} else {
notice(DI::l10n()->t('Permission denied.'));
DI::baseUrl()->redirect('display/' . $item['guid']);
return '';
}
+
+function item_redirect_after_action($item, $returnUrlHex)
+{
+ $return_url = hex2bin($returnUrlHex);
+
+ // removes update_* from return_url to ignore Ajax refresh
+ $return_url = str_replace("update_", "", $return_url);
+
+ // Check if delete a comment
+ if ($item['gravity'] == GRAVITY_COMMENT) {
+ if (!empty($item['parent'])) {
+ $parentitem = Post::selectFirstForUser(local_user(), ['guid'], ['id' => $item['parent']]);
+ }
+
+ // Return to parent guid
+ if (!empty($parentitem)) {
+ DI::baseUrl()->redirect('display/' . $parentitem['guid']);
+ //NOTREACHED
+ } // In case something goes wrong
+ else {
+ DI::baseUrl()->redirect('network');
+ //NOTREACHED
+ }
+ } else {
+ // if unknown location or deleting top level post called from display
+ if (empty($return_url) || strpos($return_url, 'display') !== false) {
+ DI::baseUrl()->redirect('network');
+ //NOTREACHED
+ } else {
+ DI::baseUrl()->redirect($return_url);
+ //NOTREACHED
+ }
+ }
+}