Merge pull request #7893 from annando/api-attachments

[friendica.git] / mod / subthread.php

diff --git a/mod/subthread.php b/mod/subthread.php
index e05aa5fec83588de0155dfabbe406cc91042f539..aa65b86218dfc99af5425267d8d47b8c9c941281 100644 (file)
--- a/mod/subthread.php
+++ b/mod/subthread.php
@@ -2,37 +2,41 @@
 /**
  * @file mod/subthread.php
  */
+
 use Friendica\App;
-use Friendica\Core\Addon;
+use Friendica\Core\Hook;
 use Friendica\Core\L10n;
+use Friendica\Core\Logger;
+use Friendica\Core\Session;
 use Friendica\Core\System;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
 use Friendica\Model\Item;
-
-require_once 'include/security.php';
-require_once 'include/items.php';
+use Friendica\Protocol\Activity;
+use Friendica\Util\Security;
+use Friendica\Util\Strings;
+use Friendica\Util\XML;
 
 function subthread_content(App $a) {
 
-       if (!local_user() && !remote_user()) {
+       if (!Session::isAuthenticated()) {
                return;
        }
 
-       $activity = ACTIVITY_FOLLOW;
+       $activity = Activity::FOLLOW;
 
-       $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
+       $item_id = (($a->argc > 1) ? Strings::escapeTags(trim($a->argv[1])) : 0);
 
        $condition = ["`parent` = ? OR `parent-uri` = ? AND `parent` = `id`", $item_id, $item_id];
        $item = Item::selectFirst([], $condition);
 
-       if (empty($item_id) || !DBM::is_result($item)) {
-               logger('subthread: no item ' . $item_id);
+       if (empty($item_id) || !DBA::isResult($item)) {
+               Logger::log('subthread: no item ' . $item_id);
                return;
        }
 
        $owner_uid = $item['uid'];
 
-       if (!can_write_wall($owner_uid)) {
+       if (!Security::canWriteToUserWall($owner_uid)) {
                return;
        }
 
@@ -40,15 +44,12 @@ function subthread_content(App $a) {
 
        if (!$item['wall']) {
                // The top level post may have been written by somebody on another system
-               $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
-                       intval($item['contact-id']),
-                       intval($item['uid'])
-               );
-               if (!DBM::is_result($r)) {
+               $contact = DBA::selectFirst('contact', [], ['id' => $item['contact-id'], 'uid' => $item['uid']]);
+               if (!DBA::isResult($contact)) {
                        return;
                }
-               if (!$r[0]['self']) {
-                       $remote_owner = $r[0];
+               if (!$contact['self']) {
+                       $remote_owner = $contact;
                }
        }
 
@@ -60,12 +61,12 @@ function subthread_content(App $a) {
                intval($owner_uid)
        );
 
-       if (DBM::is_result($r)) {
+       if (DBA::isResult($r)) {
                $owner = $r[0];
        }
 
        if (!$owner) {
-               logger('like: no owner');
+               Logger::log('like: no owner');
                return;
        }
 
@@ -79,24 +80,17 @@ function subthread_content(App $a) {
        if (local_user() && (local_user() == $owner_uid)) {
                $contact = $owner;
        } else {
-               $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
-                       intval($_SESSION['visitor_id']),
-                       intval($owner_uid)
-               );
-
-               if (DBM::is_result($r)) {
-                       $contact = $r[0];
+               $contact = DBA::selectFirst('contact', [], ['id' => $_SESSION['visitor_id'], 'uid' => $owner_uid]);
+               if (!DBA::isResult($contact)) {
+                       return;
                }
        }
-       if (!$contact) {
-               return;
-       }
 
        $uri = Item::newURI($owner_uid);
 
        $post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
-       $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
-       $link = xmlify('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
+       $objtype = (($item['resource-id']) ? Activity\ObjectType::IMAGE : Activity\ObjectType::NOTE );
+       $link = XML::escape('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $item['guid'] . '" />' . "\n");
        $body = $item['body'];
 
        $obj = <<< EOT
@@ -118,11 +112,10 @@ EOT;
 
        $arr = [];
 
-       $arr['guid'] = get_guid(32);
+       $arr['guid'] = System::createUUID();
        $arr['uri'] = $uri;
        $arr['uid'] = $owner_uid;
        $arr['contact-id'] = $contact['id'];
-       $arr['type'] = 'activity';
        $arr['wall'] = $item['wall'];
        $arr['origin'] = 1;
        $arr['gravity'] = GRAVITY_ACTIVITY;
@@ -138,7 +131,7 @@ EOT;
 
        $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
        $alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
-       $plink = '[url=' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]';
+       $plink = '[url=' . System::baseUrl() . '/display/' . $item['guid'] . ']' . $post_type . '[/url]';
        $arr['body'] =  sprintf( $bodyverb, $ulink, $alink, $plink );
 
        $arr['verb'] = $activity;
@@ -159,8 +152,8 @@ EOT;
 
        $arr['id'] = $post_id;
 
-       Addon::callHooks('post_local_end', $arr);
+       Hook::callAll('post_local_end', $arr);
 
-       killme();
+       exit();
 
 }