Merge pull request #5967 from annando/ap-nick

[friendica.git] / mod / photos.php

diff --git a/mod/photos.php b/mod/photos.php
index 5fb6ba368354aab0735da2000e17d1d55354b6de..55c8881e4cecd17d74d278fbc2e75dd8bb4d817d 100644 (file)
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -26,9 +26,9 @@ use Friendica\Protocol\DFRN;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Map;
 use Friendica\Util\Temporal;
+use Friendica\Util\Security;
 
 require_once 'include/items.php';
-require_once 'include/security.php';
 
 function photos_init(App $a) {
 
@@ -212,7 +212,7 @@ function photos_post(App $a)
                }
 
                // Check if the user has responded to a delete confirmation query
-               if ($_REQUEST['canceled']) {
+               if (!empty($_REQUEST['canceled'])) {
                        goaway($_SESSION['photo_return']);
                }
 
@@ -472,7 +472,7 @@ function photos_post(App $a)
                        $uri = Item::newURI($page_owner_uid);
 
                        $arr = [];
-                       $arr['guid']          = System::createGUID(32);
+                       $arr['guid']          = System::createUUID();
                        $arr['uid']           = $page_owner_uid;
                        $arr['uri']           = $uri;
                        $arr['parent-uri']    = $uri;
@@ -651,7 +651,7 @@ function photos_post(App $a)
                                        $uri = Item::newURI($page_owner_uid);
 
                                        $arr = [];
-                                       $arr['guid']          = System::createGUID(32);
+                                       $arr['guid']          = System::createUUID();
                                        $arr['uid']           = $page_owner_uid;
                                        $arr['uri']           = $uri;
                                        $arr['parent-uri']    = $uri;
@@ -762,12 +762,14 @@ function photos_post(App $a)
                $filesize = $ret['filesize'];
                $type     = $ret['type'];
                $error    = UPLOAD_ERR_OK;
-       } else {
+       } elseif (!empty($_FILES['userfile'])) {
                $src      = $_FILES['userfile']['tmp_name'];
                $filename = basename($_FILES['userfile']['name']);
                $filesize = intval($_FILES['userfile']['size']);
                $type     = $_FILES['userfile']['type'];
                $error    = $_FILES['userfile']['error'];
+       } else {
+               $error    = UPLOAD_ERR_NO_FILE;
        }
 
        if ($error !== UPLOAD_ERR_OK) {
@@ -887,7 +889,7 @@ function photos_post(App $a)
                $arr['coord'] = $lat . ' ' . $lon;
        }
 
-       $arr['guid']          = System::createGUID(32);
+       $arr['guid']          = System::createUUID();
        $arr['uid']           = $page_owner_uid;
        $arr['uri']           = $uri;
        $arr['parent-uri']    = $uri;
@@ -946,7 +948,6 @@ function photos_content(App $a)
                return;
        }
 
-       require_once 'include/security.php';
        require_once 'include/conversation.php';
 
        if (empty($a->data['user'])) {
@@ -1051,7 +1052,7 @@ function photos_content(App $a)
                return;
        }
 
-       $sql_extra = permissions_sql($owner_uid, $remote_contact, $groups);
+       $sql_extra = Security::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
 
        $o = "";
 
@@ -1141,8 +1142,8 @@ function photos_content(App $a)
                        DBA::escape($album)
                );
                if (DBA::isResult($r)) {
-                       $a->set_pager_total(count($r));
-                       $a->set_pager_itemspage(20);
+                       $a->setPagerTotal(count($r));
+                       $a->setPagerItemsPage(20);
                }
 
                /// @TODO I have seen this many times, maybe generalize it script-wide and encapsulate it?
@@ -1391,7 +1392,7 @@ function photos_content(App $a)
                        $link_item = Item::selectFirst([], ['id' => $linked_items[0]['id']]);
 
                        $condition = ["`parent` = ? AND `parent` != `id`",  $link_item['parent']];
-                       $a->set_pager_total(DBA::count('item', $condition));
+                       $a->setPagerTotal(DBA::count('item', $condition));
 
                        $params = ['order' => ['id'], 'limit' => [$a->pager['start'], $a->pager['itemspage']]];
                        $result = Item::selectForUser($link_item['uid'], Item::ITEM_FIELDLIST, $condition, $params);
@@ -1471,7 +1472,7 @@ function photos_content(App $a)
                        $tpl = get_markup_template('photo_item.tpl');
                        $return_url = $a->cmd;
 
-                       if ($can_post || can_write_wall($owner_uid)) {
+                       if ($can_post || Security::canWriteToUserWall($owner_uid)) {
                                $like_tpl = get_markup_template('like_noshare.tpl');
                                $likebuttons = replace_macros($like_tpl, [
                                        '$id' => $link_item['id'],
@@ -1483,7 +1484,7 @@ function photos_content(App $a)
                        }
 
                        if (!DBA::isResult($items)) {
-                               if (($can_post || can_write_wall($owner_uid))) {
+                               if (($can_post || Security::canWriteToUserWall($owner_uid))) {
                                        $comments .= replace_macros($cmnt_tpl, [
                                                '$return_path' => '',
                                                '$jsreload' => $return_url,
@@ -1522,7 +1523,7 @@ function photos_content(App $a)
                                        $dislike = format_like($conv_responses['dislike'][$link_item['uri']], $conv_responses['dislike'][$link_item['uri'] . '-l'], 'dislike', $link_item['id']);
                                }
 
-                               if (($can_post || can_write_wall($owner_uid))) {
+                               if (($can_post || Security::canWriteToUserWall($owner_uid))) {
                                        $comments .= replace_macros($cmnt_tpl,[
                                                '$return_path' => '',
                                                '$jsreload' => $return_url,
@@ -1582,7 +1583,7 @@ function photos_content(App $a)
                                                '$comment' => $comment
                                        ]);
 
-                                       if (($can_post || can_write_wall($owner_uid))) {
+                                       if (($can_post || Security::canWriteToUserWall($owner_uid))) {
                                                $comments .= replace_macros($cmnt_tpl, [
                                                        '$return_path' => '',
                                                        '$jsreload' => $return_url,
@@ -1633,7 +1634,7 @@ function photos_content(App $a)
                        '$paginate' => $paginate,
                ]);
 
-               $a->page['htmlhead'] .= "\n" . '<meta name="twitter:card" content="photo" />' . "\n";
+               $a->page['htmlhead'] .= "\n" . '<meta name="twitter:card" content="summary_large_image" />' . "\n";
                $a->page['htmlhead'] .= '<meta name="twitter:title" content="' . $photo["album"] . '" />' . "\n";
                $a->page['htmlhead'] .= '<meta name="twitter:image" content="' . $photo["href"] . '" />' . "\n";
                $a->page['htmlhead'] .= '<meta name="twitter:image:width" content="' . $photo["width"] . '" />' . "\n";
@@ -1653,8 +1654,8 @@ function photos_content(App $a)
        );
 
        if (DBA::isResult($r)) {
-               $a->set_pager_total(count($r));
-               $a->set_pager_itemspage(20);
+               $a->setPagerTotal(count($r));
+               $a->setPagerItemsPage(20);
        }
 
        $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`,