X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=src%2FObject%2FPost.php;h=5722582d2104fa67cd524267ae224906bb52e91d;hb=a65fbcebe785d33a8053645cb73dfd11d032a940;hp=089556a1fa038b361e430f93d1b74f1ce1cead02;hpb=09aa496387ae732a2a27ab8d963f2e24192082cd;p=friendica.git

diff --git a/src/Object/Post.php b/src/Object/Post.php
index 089556a1fa..5722582d21 100644
--- a/src/Object/Post.php
+++ b/src/Object/Post.php
@@ -125,6 +125,7 @@ class Post
 	 * Get data in a form usable by a conversation template
 	 *
 	 * @param array   $conv_responses conversation responses
+	 * @param string $formSecurityToken A security Token to avoid CSF attacks
 	 * @param integer $thread_level   default = 1
 	 *
 	 * @return mixed The data requested on success
@@ -132,7 +133,7 @@ class Post
 	 * @throws \Friendica\Network\HTTPException\InternalServerErrorException
 	 * @throws \ImagickException
 	 */
-	public function getTemplateData(array $conv_responses, $thread_level = 1)
+	public function getTemplateData(array $conv_responses, string $formSecurityToken, $thread_level = 1)
 	{
 		$a = DI::app();
 
@@ -187,7 +188,7 @@ class Post
 		$edpost = false;
 
 		if (local_user()) {
-			if (Strings::compareLink($a->contact['url'], $item['author-link'])) {
+			if (Strings::compareLink(Session::get('my_url'), $item['author-link'])) {
 				if ($item["event-id"] != 0) {
 					$edpost = ["events/event/" . $item['event-id'], DI::l10n()->t("Edit")];
 				} else {
@@ -236,7 +237,7 @@ class Post
 			];
 		}
 
-		$filer = (($conv->getProfileOwner() == local_user() && ($item['uid'] != 0)) ? DI::l10n()->t('Save to folder') : false);
+		$filer = local_user() ? DI::l10n()->t('Save to folder') : false;
 
 		$profile_name = $item['author-name'];
 		if (!empty($item['author-link']) && empty($item['author-name'])) {
@@ -296,7 +297,7 @@ class Post
 		$tagger = '';
 
 		if ($this->isToplevel()) {
-			if(local_user()) {
+			if (local_user()) {
 				$ignored = PostModel\ThreadUser::getIgnored($item['uri-id'], local_user());
 				if ($item['mention'] || $ignored) {
 					$ignore = [
@@ -309,6 +310,17 @@ class Post
 					];
 				}
 
+				$isstarred = (($item['starred']) ? "starred" : "unstarred");
+
+				$star = [
+					'do'        => DI::l10n()->t('Add star'),
+					'undo'      => DI::l10n()->t('Remove star'),
+					'toggle'    => DI::l10n()->t('Toggle star status'),
+					'classdo'   => $item['starred'] ? "hidden" : "",
+					'classundo' => $item['starred'] ? "" : "hidden",
+					'starred'   => DI::l10n()->t('Starred'),
+				];
+
 				if ($conv->getProfileOwner() == local_user() && ($item['uid'] != 0)) {
 					if ($origin) {
 						$ispinned = ($item['pinned'] ? 'pinned' : 'unpinned');
@@ -323,17 +335,6 @@ class Post
 						];
 					}
 
-					$isstarred = (($item['starred']) ? "starred" : "unstarred");
-
-					$star = [
-						'do'        => DI::l10n()->t('Add star'),
-						'undo'      => DI::l10n()->t('Remove star'),
-						'toggle'    => DI::l10n()->t('Toggle star status'),
-						'classdo'   => $item['starred'] ? "hidden" : "",
-						'classundo' => $item['starred'] ? "" : "hidden",
-						'starred'   => DI::l10n()->t('Starred'),
-					];
-
 					$tagger = [
 						'add'   => DI::l10n()->t('Add tag'),
 						'class' => "",
@@ -366,7 +367,7 @@ class Post
 
 		$body_html = Item::prepareBody($item, true);
 
-		list($categories, $folders) = DI::contentItem()->determineCategoriesTerms($item);
+		list($categories, $folders) = DI::contentItem()->determineCategoriesTerms($item, local_user());
 
 		if (!empty($item['content-warning']) && DI::pConfig()->get(local_user(), 'system', 'disable_cw', false)) {
 			$title = ucfirst($item['content-warning']);
@@ -458,7 +459,7 @@ class Post
 			'vwall'           => DI::l10n()->t('via Wall-To-Wall:'),
 			'profile_url'     => $profile_link,
 			'name'            => $profile_name,
-			'item_photo_menu_html' => item_photo_menu($item),
+			'item_photo_menu_html' => item_photo_menu($item, $formSecurityToken),
 			'thumb'           => DI::baseUrl()->remove(Contact::getAvatarUrlForUrl($item['author-link'], $item['uid'], Proxy::SIZE_THUMB)),
 			'osparkle'        => $osparkle,
 			'sparkle'         => $sparkle,
@@ -532,7 +533,7 @@ class Post
 		$nb_children = count($children);
 		if ($nb_children > 0) {
 			foreach ($children as $child) {
-				$result['children'][] = $child->getTemplateData($conv_responses, $thread_level + 1);
+				$result['children'][] = $child->getTemplateData($conv_responses, $formSecurityToken, $thread_level + 1);
 			}
 
 			// Collapse
@@ -870,7 +871,7 @@ class Post
 			return '';
 		}
 
-		$owner = User::getOwnerDataById($a->user['uid']);
+		$owner = User::getOwnerDataById($a->getLoggedInUserId());
 
 		if (!Feature::isEnabled(local_user(), 'explicit_mentions')) {
 			return '';
@@ -936,6 +937,8 @@ class Post
 			$uid = $conv->getProfileOwner();
 			$parent_uid = $this->getDataValue('uid');
 
+			$contact = Contact::getById($a->getContactId());
+
 			$default_text = $this->getDefaultText();
 
 			if (!is_null($parent_uid) && ($uid != $parent_uid)) {
@@ -953,9 +956,9 @@ class Post
 				'$qcomment'    => $qcomment,
 				'$default'     => $default_text,
 				'$profile_uid' => $uid,
-				'$mylink'      => DI::baseUrl()->remove($a->contact['url'] ?? ''),
+				'$mylink'      => DI::baseUrl()->remove($contact['url'] ?? ''),
 				'$mytitle'     => DI::l10n()->t('This is you'),
-				'$myphoto'     => DI::baseUrl()->remove($a->contact['thumb'] ?? ''),
+				'$myphoto'     => DI::baseUrl()->remove($contact['thumb'] ?? ''),
 				'$comment'     => DI::l10n()->t('Comment'),
 				'$submit'      => DI::l10n()->t('Submit'),
 				'$loading'     => DI::l10n()->t('Loading...'),
@@ -970,7 +973,6 @@ class Post
 				'$prompttext'  => DI::l10n()->t('Please enter a image/video/audio/webpage URL:'),
 				'$preview'     => DI::l10n()->t('Preview'),
 				'$indent'      => $indent,
-				'$sourceapp'   => DI::l10n()->t($a->sourcename),
 				'$rand_num'    => Crypto::randomDigits(12)
 			]);
 		}
@@ -1000,15 +1002,7 @@ class Post
 
 		if ($this->isToplevel()) {
 			if ($conv->getMode() !== 'profile') {
-				if ($this->getDataValue('wall') && !$this->getDataValue('self') && !empty($a->page_contact)) {
-					// On the network page, I am the owner. On the display page it will be the profile owner.
-					// This will have been stored in $a->page_contact by our calling page.
-					// Put this person as the wall owner of the wall-to-wall notice.
-
-					$this->owner_url = Contact::magicLinkByContact($a->page_contact);
-					$this->owner_name = $a->page_contact['name'];
-					$this->wall_to_wall = true;
-				} elseif ($this->getDataValue('owner-link')) {
+				if ($this->getDataValue('owner-link')) {
 					$owner_linkmatch = (($this->getDataValue('owner-link')) && Strings::compareLink($this->getDataValue('owner-link'), $this->getDataValue('author-link')));
 					$alias_linkmatch = (($this->getDataValue('alias')) && Strings::compareLink($this->getDataValue('alias'), $this->getDataValue('author-link')));
 					$owner_namematch = (($this->getDataValue('owner-name')) && $this->getDataValue('owner-name') == $this->getDataValue('author-name'));