<?php
/**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\DI;
+use Friendica\Model\APContact;
use Friendica\Model\Attach;
use Friendica\Model\Contact;
use Friendica\Model\Conversation;
use Friendica\Model\FileTag;
use Friendica\Model\Item;
+use Friendica\Model\ItemURI;
use Friendica\Model\Notification;
use Friendica\Model\Photo;
use Friendica\Model\Post;
use Friendica\Network\HTTPException;
use Friendica\Object\EMail\ItemCCEMail;
use Friendica\Protocol\Activity;
-use Friendica\Protocol\Diaspora;
use Friendica\Security\Security;
use Friendica\Util\DateTimeFormat;
+use Friendica\Util\ParseUrl;
use Friendica\Worker\Delivery;
function item_post(App $a) {
if ($parent_item_id || $thr_parent_uri) {
if ($parent_item_id) {
- $parent_item = Post::selectFirst([], ['id' => $parent_item_id]);
+ $parent_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $parent_item_id]);
} elseif ($thr_parent_uri) {
- $parent_item = Post::selectFirst([], ['uri' => $thr_parent_uri, 'uid' => $profile_uid]);
+ $parent_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['uri' => $thr_parent_uri, 'uid' => $profile_uid]);
}
// if this isn't the top-level parent of the conversation, find it
$toplevel_item = $parent_item;
if ($parent_item['gravity'] != GRAVITY_PARENT) {
- $toplevel_item = Post::selectFirst([], ['id' => $toplevel_item['parent']]);
+ $toplevel_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $toplevel_item['parent']]);
}
}
$stored = Item::storeForUserByUriId($toplevel_item['uri-id'], local_user());
Logger::info('Public item stored for user', ['uri-id' => $toplevel_item['uri-id'], 'uid' => $uid, 'stored' => $stored]);
if ($stored) {
- $toplevel_item = Post::selectFirst([], ['id' => $stored]);
+ $toplevel_item = Post::selectFirst(Item::ITEM_FIELDLIST, ['id' => $stored]);
}
}
}
// Allow commenting if it is an answer to a public post
- $allow_comment = local_user() && ($profile_uid == 0) && $toplevel_item_id && in_array($toplevel_item['network'], Protocol::FEDERATED);
+ $allow_comment = local_user() && $toplevel_item_id && in_array($toplevel_item['private'], [Item::PUBLIC, Item::UNLISTED]) && in_array($toplevel_item['network'], Protocol::FEDERATED);
// Now check that valid personal details have been provided
if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
+ Logger::notice('Permission denied.', ['local' => local_user(), 'profile_uid' => $profile_uid, 'toplevel_item_id' => $toplevel_item_id, 'network' => $toplevel_item['network']]);
notice(DI::l10n()->t('Permission denied.'));
if ($return_path) {
DI::baseUrl()->redirect($return_path);
$attachment_img_width = $_REQUEST['attachment_img_width'] ?? 0;
$attachment_img_height = $_REQUEST['attachment_img_height'] ?? 0;
- $attachment = [
- 'type' => $attachment_type,
- 'title' => $attachment_title,
- 'text' => $attachment_text,
- 'url' => $attachment_url,
- ];
+
+ // Fetch the basic attachment data
+ $attachment = ParseUrl::getSiteinfoCached($attachment_url);
+ unset($attachment['keywords']);
+
+ // Overwrite the basic data with possible changes from the frontend
+ $attachment['type'] = $attachment_type;
+ $attachment['title'] = $attachment_title;
+ $attachment['text'] = $attachment_text;
+ $attachment['url'] = $attachment_url;
if (!empty($attachment_img_src)) {
$attachment['images'] = [
'height' => $attachment_img_height
]
];
+ } else {
+ unset($attachment['images']);
}
$att_bbcode = "\n" . PageInfo::getFooterFromData($attachment);
}
}
- $success = ItemHelper::replaceTag($body, $inform, local_user() ? local_user() : $profile_uid, $tag, $network);
- if ($success['replaced']) {
- $tagged[] = $tag;
- }
- // When the forum is private or the forum is addressed with a "!" make the post private
- if (!empty($success['contact']['prv']) || ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION])) {
- $private_forum = $success['contact']['prv'];
- $only_to_forum = ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION]);
- $private_id = $success['contact']['id'];
- $forum_contact = $success['contact'];
- } elseif (!empty($success['contact']['forum']) && ($str_contact_allow == '<' . $success['contact']['id'] . '>')) {
- $private_forum = false;
- $only_to_forum = true;
- $private_id = $success['contact']['id'];
- $forum_contact = $success['contact'];
+ if ($success = ItemHelper::replaceTag($body, $inform, local_user() ? local_user() : $profile_uid, $tag, $network)) {
+ if ($success['replaced']) {
+ $tagged[] = $tag;
+ }
+ // When the forum is private or the forum is addressed with a "!" make the post private
+ if (!empty($success['contact']['prv']) || ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION])) {
+ $private_forum = $success['contact']['prv'];
+ $only_to_forum = ($tag_type == Tag::TAG_CHARACTER[Tag::EXCLUSIVE_MENTION]);
+ $private_id = $success['contact']['id'];
+ $forum_contact = $success['contact'];
+ } elseif (!empty($success['contact']['forum']) && ($str_contact_allow == '<' . $success['contact']['id'] . '>')) {
+ $private_forum = false;
+ $only_to_forum = true;
+ $private_id = $success['contact']['id'];
+ $forum_contact = $success['contact'];
+ }
}
}
if (!$toplevel_item_id && !empty($forum_contact) && ($private_forum || $only_to_forum)) {
// we tagged a forum in a top level post. Now we change the post
- $private = $private_forum;
+ $private = $private_forum ? Item::PRIVATE : Item::UNLISTED;
- $str_group_allow = '';
- $str_contact_deny = '';
- $str_group_deny = '';
- if ($private_forum) {
- $str_contact_allow = '<' . $private_id . '>';
- } else {
+ if ($only_to_forum) {
+ $postopts = '';
+ }
+
+ if (!$private_forum) {
$str_contact_allow = '';
+ $str_group_allow = '';
+ $str_contact_deny = '';
+ $str_group_deny = '';
+ }
+
+ if ($private_forum || !APContact::getByURL($forum_contact['url'])) {
+ $str_group_allow = '';
+ $str_contact_deny = '';
+ $str_group_deny = '';
+ if ($private_forum) {
+ $str_contact_allow = '<' . $private_id . '>';
+ } else {
+ $str_contact_allow = '';
+ }
+ $contact_id = $private_id;
+ $contact_record = $forum_contact;
+ $_REQUEST['origin'] = false;
+ $wall = 0;
}
- $contact_id = $private_id;
- $contact_record = $forum_contact;
- $_REQUEST['origin'] = false;
- $wall = 0;
}
/*
/*
* Next link in any attachment references we find in the post.
*/
- $match = false;
+ $match = [];
/// @todo these lines should be moved to Model/Attach (Once it exists)
if (!$preview && preg_match_all("/\[attachment\](.*?)\[\/attachment\]/", $body, $match)) {
// embedded bookmark or attachment in post? set bookmark flag
$data = BBCode::getAttachmentData($body);
+ $match = [];
if ((preg_match_all("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism", $body, $match, PREG_SET_ORDER) || isset($data["type"]))
&& ($posttype != Item::PT_PERSONAL_NOTE)) {
$posttype = Item::PT_PAGE;
}
$attachments = '';
- $match = false;
+ $match = [];
if (preg_match_all('/(\[attachment\]([0-9]+)\[\/attachment\])/',$body,$match)) {
foreach ($match[2] as $mtch) {
$datarray['postopts'] = $postopts;
$datarray['origin'] = $origin;
- $datarray['moderated'] = false;
$datarray['object'] = $object;
+ $datarray['attachments'] = $_REQUEST['attachments'] ?? [];
+
/*
* These fields are for the convenience of addons...
* 'self' if true indicates the owner is posting on their own wall
// doesn't have an ID.
$datarray["id"] = -1;
$datarray["uri-id"] = -1;
- $datarray["item_id"] = -1;
$datarray["author-network"] = Protocol::DFRN;
- $o = conversation($a, [array_merge($contact_record, $datarray)], 'search', false, true);
+ $o = DI::conversation()->create([array_merge($contact_record, $datarray)], 'search', false, true);
System::jsonExit(['preview' => $o]);
}
Hook::callAll('post_local',$datarray);
+ if (!empty($_REQUEST['scheduled_at'])) {
+ $scheduled_at = DateTimeFormat::convert($_REQUEST['scheduled_at'], 'UTC', $a->getTimeZone());
+ if ($scheduled_at > DateTimeFormat::utcNow()) {
+ unset($datarray['created']);
+ unset($datarray['edited']);
+ unset($datarray['commented']);
+ unset($datarray['received']);
+ unset($datarray['changed']);
+ unset($datarray['edit']);
+ unset($datarray['self']);
+ unset($datarray['api_source']);
+
+ Post\Delayed::add($datarray['uri'], $datarray, PRIORITY_HIGH, Post\Delayed::PREPARED_NO_HOOK, $scheduled_at);
+ item_post_return(DI::baseUrl(), $api_source, $return_path);
+ }
+ }
+
if (!empty($datarray['cancel'])) {
Logger::info('mod_item: post cancelled by addon.');
if ($return_path) {
System::jsonExit($json);
}
+ $datarray['uri-id'] = ItemURI::getIdByURI($datarray['uri']);
+
if ($orig_post) {
// Fill the cache field
// This could be done in Item::update as well - but we have to check for the existance of some fields.
unset($datarray['self']);
unset($datarray['api_source']);
- if ($origin) {
- $signed = Diaspora::createCommentSignature($uid, $datarray);
- if (!empty($signed)) {
- $datarray['diaspora_signed_text'] = json_encode($signed);
- }
- }
-
$post_id = Item::insert($datarray);
if (!$post_id) {
// When we are doing some forum posting via ! we have to start the notifier manually.
// These kind of posts don't initiate the notifier call in the item class.
if ($only_to_forum) {
- Worker::add(['priority' => PRIORITY_HIGH, 'dont_fork' => false], "Notifier", Delivery::POST, $post_id);
+ Worker::add(['priority' => PRIORITY_HIGH, 'dont_fork' => false], "Notifier", Delivery::POST, (int)$datarray['uri-id'], (int)$datarray['uid']);
}
Logger::info('post_complete');
throw new HTTPException\NotFoundException('Item not found');
}
- $cdata = Contact::getPublicAndUserContacID($item['author-id'], local_user());
- if (empty($cdata['user'])) {
- throw new HTTPException\NotFoundException('Contact not found');
- }
-
- Contact::block($cdata['user'], DI::l10n()->t('Blocked on item with guid %s', $item['guid']));
+ Contact\User::setBlocked($item['author-id'], local_user(), true);
if (DI::mode()->isAjax()) {
// ajax return: [<item id>, 0 (no perm) | <owner id>]
item_redirect_after_action($item, $return);
} else {
+ Logger::notice('Permission denied.', ['local' => local_user(), 'uid' => $item['uid'], 'cid' => $contact_id]);
notice(DI::l10n()->t('Permission denied.'));
DI::baseUrl()->redirect('display/' . $item['guid']);
//NOTREACHED