X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Facl_selectors.php;h=69181b7359bcb1ab68af4e84892782156771bf8c;hb=810843763dcde2a004f992dc23c928a45ab8184b;hp=8b03a1312cd2b5aa0307cbde49bd3c6a1b2b8bc5;hpb=28f0e9a2de449232c6a1eb031f7ba056f9ae11eb;p=friendica.git

diff --git a/include/acl_selectors.php b/include/acl_selectors.php
index 8b03a1312c..69181b7359 100644
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once("include/contact_selectors.php");
+require_once("include/contact_widgets.php");
 require_once("include/features.php");
 require_once("mod/proxy.php");
 
@@ -19,7 +20,7 @@ function group_select($selname,$selclass,$preselected = false,$size = 4) {
 
 	$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" >\r\n";
 
-	$r = q("SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d ORDER BY `name` ASC",
+	$r = q("SELECT `id`, `name` FROM `group` WHERE NOT `deleted` AND `uid` = %d ORDER BY `name` ASC",
 		intval(local_user())
 	);
 
@@ -190,8 +191,14 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 
 	$tabindex = ($tabindex > 0 ? "tabindex=\"$tabindex\"" : "");
 
+	if ($privmail AND $preselected) {
+		$sql_extra .= " AND `id` IN (".implode(",", $preselected).")";
+		$hidepreselected = ' style="display: none;"';
+	} else
+		$hidepreselected = "";
+
 	if($privmail)
-		$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n";
+		$o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex $hidepreselected>\r\n";
 	else
 		$o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex >\r\n";
 
@@ -209,6 +216,8 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 
 	call_hooks($a->module . '_pre_' . $selname, $arr);
 
+	$receiverlist = array();
+
 	if(count($r)) {
 		foreach($r as $rr) {
 			if((is_array($preselected)) && in_array($rr['id'], $preselected))
@@ -221,6 +230,8 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 			else
 				$trimmed = mb_substr($rr['name'],0,20);
 
+			$receiverlist[] = $trimmed;
+
 			$o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}|{$rr['url']}\" >$trimmed</option>\r\n";
 		}
 
@@ -228,6 +239,9 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 
 	$o .= "</select>\r\n";
 
+	if ($privmail AND $preselected)
+		$o .= implode(", ", $receiverlist);
+
 	call_hooks($a->module . '_post_' . $selname, $o);
 
 	return $o;
@@ -295,7 +309,7 @@ function populate_acl($user = null, $show_jotnets = false) {
 		$pubmail_enabled = false;
 
 		if(! $mail_disabled) {
-			$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
+			$r = q("SELECT `pubmail` FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
 				intval(local_user())
 			);
 			if(count($r)) {
@@ -379,7 +393,6 @@ function acl_lookup(&$a, $out_type = 'json') {
 	if(!local_user())
 		return "";
 
-
 	$start = (x($_REQUEST,'start')?$_REQUEST['start']:0);
 	$count = (x($_REQUEST,'count')?$_REQUEST['count']:100);
 	$search = (x($_REQUEST,'search')?$_REQUEST['search']:"");
@@ -394,7 +407,7 @@ function acl_lookup(&$a, $out_type = 'json') {
 		$search = $_REQUEST['query'];
 	}
 
-//	logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
+	logger("Searching for ".$search." - type ".$type, LOGGER_DEBUG);
 
 	if ($search!=""){
 		$sql_extra = "AND `name` LIKE '%%".dbesc($search)."%%'";
@@ -413,6 +426,8 @@ function acl_lookup(&$a, $out_type = 'json') {
 		$group_count = 0;
 	}
 
+	$sql_extra2 .= " ".unavailable_networks();
+
 	if ($type=='' || $type=='c'){
 		$r = q("SELECT COUNT(*) AS c FROM `contact`
 				WHERE `uid` = %d AND `self` = 0
@@ -479,7 +494,7 @@ function acl_lookup(&$a, $out_type = 'json') {
 			$groups[] = array(
 				"type"  => "g",
 				"photo" => "images/twopeople.png",
-				"name"  => $g['name'],
+				"name"  => htmlentities($g['name']),
 				"id"	=> intval($g['id']),
 				"uids"  => array_map("intval", explode(",",$g['uids'])),
 				"link"  => '',
@@ -488,7 +503,7 @@ function acl_lookup(&$a, $out_type = 'json') {
 		}
 	}
 
-	if ($type=='' || $type=='c'){
+	if ($type==''){
 
 		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, forum FROM `contact`
 			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
@@ -499,6 +514,17 @@ function acl_lookup(&$a, $out_type = 'json') {
 			dbesc(NETWORK_OSTATUS), dbesc(NETWORK_STATUSNET)
 		);
 	}
+	elseif ($type=='c'){
+
+		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag`, forum FROM `contact`
+			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0 AND `notify` != ''
+			AND NOT (`network` IN ('%s'))
+			$sql_extra2
+			ORDER BY `name` ASC ",
+			intval(local_user()),
+			dbesc(NETWORK_STATUSNET)
+		);
+	}
 	elseif($type == 'm') {
 		$r = q("SELECT `id`, `name`, `nick`, `micro`, `network`, `url`, `attag` FROM `contact`
 			WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0
@@ -532,9 +558,9 @@ function acl_lookup(&$a, $out_type = 'json') {
 		$x['data'] = array();
 		if(count($r)) {
 			foreach($r as $g) {
-				$x['photos'][] = proxy_url($g['micro']);
+				$x['photos'][] = proxy_url($g['micro'], false, PROXY_SIZE_MICRO);
 				$x['links'][] = $g['url'];
-				$x['suggestions'][] = $g['name'];
+				$x['suggestions'][] = htmlentities($g['name']);
 				$x['data'][] = intval($g['id']);
 			}
 		}
@@ -546,12 +572,12 @@ function acl_lookup(&$a, $out_type = 'json') {
 		foreach($r as $g){
 			$contacts[] = array(
 				"type"  => "c",
-				"photo" => proxy_url($g['micro']),
-				"name"  => $g['name'],
+				"photo" => proxy_url($g['micro'], false, PROXY_SIZE_MICRO),
+				"name"  => htmlentities($g['name']),
 				"id"	=> intval($g['id']),
 				"network" => $g['network'],
 				"link" => $g['url'],
-				"nick" => ($g['attag']) ? $g['attag'] : $g['nick'],
+				"nick" => htmlentities(($g['attag']) ? $g['attag'] : $g['nick']),
 				"forum" => $g['forum']
 			);
 		}
@@ -591,12 +617,12 @@ function acl_lookup(&$a, $out_type = 'json') {
 				// /nickname
 				$unknow_contacts[] = array(
 					"type"  => "c",
-					"photo" => proxy_url($row['author-avatar']),
-					"name"  => $row['author-name'],
+					"photo" => proxy_url($row['author-avatar'], false, PROXY_SIZE_MICRO),
+					"name"  => htmlentities($row['author-name']),
 					"id"	=> '',
 					"network" => "unknown",
 					"link" => $row['author-link'],
-					"nick" => $nick,
+					"nick" => htmlentities($nick),
 					"forum" => false
 				);
 			}