X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fitems.php;h=c55a557045c7affb8288b730a214078e4d16ee9d;hb=4cd8233f61647d805383f5786052ef034cebf4e1;hp=1a7aa6c4608d0dd57592ef97782c501750f2ae37;hpb=ecc9f4ba70fc1bf2fae89ead5772110df238de58;p=friendica.git
diff --git a/include/items.php b/include/items.php
index 1a7aa6c460..8039066af4 100755
--- a/include/items.php
+++ b/include/items.php
@@ -4,17 +4,16 @@ require_once('include/bbcode.php');
require_once('include/oembed.php');
require_once('include/salmon.php');
require_once('include/crypto.php');
+require_once('include/Photo.php');
-function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {
- // default permissions - anonymous user
+function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {
- if(! strlen($owner_nick))
- killme();
+ $sitefeed = ((strlen($owner_nick)) ? false : true); // not yet implemented, need to rewrite huge chunks of following logic
$public_feed = (($dfrn_id) ? false : true);
- $starred = false;
- $converse = false;
+ $starred = false; // not yet implemented, possible security issues
+ $converse = false;
if($public_feed && $a->argc > 2) {
for($x = 2; $x < $a->argc; $x++) {
@@ -22,13 +21,18 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
$converse = true;
if($a->argv[$x] == 'starred')
$starred = true;
+ if($a->argv[$x] === 'category' && $a->argc > ($x + 1) && strlen($a->argv[$x+1]))
+ $category = $a->argv[$x+1];
}
}
+
+
+ // default permissions - anonymous user
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";
- $r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`
+ $r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`
FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `contact`.`self` = 1 AND `user`.`nickname` = '%s' LIMIT 1",
dbesc($owner_nick)
@@ -103,6 +107,10 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
if(! strlen($last_update))
$last_update = 'now -30 days';
+ if(isset($category)) {
+ $sql_extra .= file_tag_file_query('item',$category,'category');
+ }
+
if($public_feed) {
if(! $converse)
$sql_extra .= " AND `contact`.`self` = 1 ";
@@ -111,7 +119,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
$check_date = datetime_convert('UTC','UTC',$last_update,'Y-m-d H:i:s');
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`,
+ `contact`.`name`, `contact`.`network`, `contact`.`photo`, `contact`.`url`,
`contact`.`name-date`, `contact`.`uri-date`, `contact`.`avatar-date`,
`contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `contact-id`, `contact`.`uid` AS `contact-uid`,
@@ -156,7 +164,8 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
'$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
'$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) ,
'$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) ,
- '$birthday' => ((strlen($birthday)) ? '' . xmlify($birthday) . '' : '')
+ '$birthday' => ((strlen($birthday)) ? '' . xmlify($birthday) . '' : ''),
+ '$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '1' : '')
));
call_hooks('atom_feed', $atom);
@@ -171,6 +180,10 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
foreach($items as $item) {
+ // prevent private email from leaking.
+ if($item['network'] === NETWORK_MAIL)
+ continue;
+
// public feeds get html, our own nodes use bbcode
if($public_feed) {
@@ -267,8 +280,123 @@ function construct_activity_target($item) {
}
return '';
-}
+}
+/* limit_body_size()
+ *
+ * The purpose of this function is to apply system message length limits to
+ * imported messages without including any embedded photos in the length
+ */
+if(! function_exists('limit_body_size')) {
+function limit_body_size($body) {
+
+ logger('limit_body_size: start', LOGGER_DEBUG);
+
+ $maxlen = get_max_import_size();
+
+ // If the length of the body, including the embedded images, is smaller
+ // than the maximum, then don't waste time looking for the images
+ if($maxlen && (strlen($body) > $maxlen)) {
+
+ logger('limit_body_size: the total body length exceeds the limit', LOGGER_DEBUG);
+
+ $orig_body = $body;
+ $new_body = '';
+ $textlen = 0;
+ $max_found = false;
+
+ $img_start = strpos($orig_body, '[img');
+ $img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+ $img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+ while(($img_st_close !== false) && ($img_end !== false)) {
+
+ $img_st_close++; // make it point to AFTER the closing bracket
+ $img_end += $img_start;
+ $img_end += strlen('[/img]');
+
+ if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
+ // This is an embedded image
+
+ if( ($textlen + $img_start) > $maxlen ) {
+ if($textlen < $maxlen) {
+ logger('limit_body_size: the limit happens before an embedded image', LOGGER_DEBUG);
+ $new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
+ $textlen = $maxlen;
+ }
+ }
+ else {
+ $new_body = $new_body . substr($orig_body, 0, $img_start);
+ $textlen += $img_start;
+ }
+
+ $new_body = $new_body . substr($orig_body, $img_start, $img_end - $img_start);
+ }
+ else {
+
+ if( ($textlen + $img_end) > $maxlen ) {
+ if($textlen < $maxlen) {
+ logger('limit_body_size: the limit happens before the end of a non-embedded image', LOGGER_DEBUG);
+ $new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
+ $textlen = $maxlen;
+ }
+ }
+ else {
+ $new_body = $new_body . substr($orig_body, 0, $img_end);
+ $textlen += $img_end;
+ }
+ }
+ $orig_body = substr($orig_body, $img_end);
+
+ if($orig_body === false) // in case the body ends on a closing image tag
+ $orig_body = '';
+
+ $img_start = strpos($orig_body, '[img');
+ $img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+ $img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+ }
+
+ if( ($textlen + strlen($orig_body)) > $maxlen) {
+ if($textlen < $maxlen) {
+ logger('limit_body_size: the limit happens after the end of the last image', LOGGER_DEBUG);
+ $new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
+ $textlen = $maxlen;
+ }
+ }
+ else {
+ logger('limit_body_size: the text size with embedded images extracted did not violate the limit', LOGGER_DEBUG);
+ $new_body = $new_body . $orig_body;
+ $textlen += strlen($orig_body);
+ }
+
+ return $new_body;
+ }
+ else
+ return $body;
+}}
+
+function title_is_body($title, $body) {
+
+ $title = strip_tags($title);
+ $title = trim($title);
+ $title = str_replace(array("\n", "\r", "\t", " "), array("","","",""), $title);
+
+ $body = strip_tags($body);
+ $body = trim($body);
+ $body = str_replace(array("\n", "\r", "\t", " "), array("","","",""), $body);
+
+ if (strlen($title) < strlen($body))
+ $body = substr($body, 0, strlen($title));
+
+ if (($title != $body) and (substr($title, -3) == "...")) {
+ $pos = strrpos($title, "...");
+ if ($pos > 0) {
+ $title = substr($title, 0, $pos);
+ $body = substr($body, 0, $pos);
+ }
+ }
+
+ return($title == $body);
+}
@@ -295,6 +423,11 @@ function get_atom_elements($feed,$item) {
$res['body'] = unxmlify($item->get_content());
$res['plink'] = unxmlify($item->get_link(0));
+ // removing the content of the title if its identically to the body
+ // This helps with auto generated titles e.g. from tumblr
+ if (title_is_body($res["title"], $res["body"]))
+ $res['title'] = "";
+
if($res['plink'])
$base_url = implode('/', array_slice(explode('/',$res['plink']),0,3));
else
@@ -313,7 +446,7 @@ function get_atom_elements($feed,$item) {
$res['author-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
- }
+ }
$rawactor = $item->get_item_tags(NAMESPACE_ACTIVITY, 'actor');
@@ -345,7 +478,7 @@ function get_atom_elements($feed,$item) {
$res['author-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
- }
+ }
$rawactor = $feed->get_feed_tags(NAMESPACE_ACTIVITY, 'subject');
@@ -370,7 +503,7 @@ function get_atom_elements($feed,$item) {
$res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source']));
if($res['app'] === 'web')
$res['app'] = 'OStatus';
- }
+ }
// base64 encoded json structure representing Diaspora signature
@@ -403,9 +536,8 @@ function get_atom_elements($feed,$item) {
$res['body'] = notags(base64url_decode($res['body']));
}
- $maxlen = get_max_import_size();
- if($maxlen && (strlen($res['body']) > $maxlen))
- $res['body'] = substr($res['body'],0, $maxlen);
+
+ $res['body'] = limit_body_size($res['body']);
// It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust
// the content type. Our own network only emits text normally, though it might have been converted to
@@ -417,7 +549,7 @@ function get_atom_elements($feed,$item) {
// the wild, by sanitising it and converting supported tags to bbcode before we rip out any remaining
// html.
- if((strpos($res['body'],'<') !== false) || (strpos($res['body'],'>') !== false)) {
+ if((strpos($res['body'],'<') !== false) && (strpos($res['body'],'>') !== false)) {
$res['body'] = reltoabs($res['body'],$base_url);
@@ -430,14 +562,25 @@ function get_atom_elements($feed,$item) {
// we shouldn't need a whitelist, because the bbcode converter
// will strip out any unsupported tags.
- // $config->set('HTML.Allowed', 'p,b,a[href],i');
$purifier = new HTMLPurifier($config);
$res['body'] = $purifier->purify($res['body']);
- $res['body'] = html2bbcode($res['body']);
+ $res['body'] = @html2bbcode($res['body']);
+
+
+ }
+ elseif(! $have_real_body) {
+
+ // it's not one of our messages and it has no tags
+ // so it's probably just text. We'll escape it just to be safe.
+
+ $res['body'] = escape_tags($res['body']);
}
+
+ // this tag is obsolete but we keep it for really old sites
+
$allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
if($allow && $allow[0]['data'] == 1)
$res['last-child'] = 1;
@@ -445,8 +588,8 @@ function get_atom_elements($feed,$item) {
$res['last-child'] = 0;
$private = $item->get_item_tags(NAMESPACE_DFRN,'private');
- if($private && $private[0]['data'] == 1)
- $res['private'] = 1;
+ if($private && intval($private[0]['data']) > 0)
+ $res['private'] = intval($private[0]['data']);
else
$res['private'] = 0;
@@ -504,7 +647,7 @@ function get_atom_elements($feed,$item) {
foreach($base as $link) {
if(!x($res, 'owner-avatar') || !$res['owner-avatar']) {
- if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
+ if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
$res['owner-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
@@ -571,20 +714,21 @@ function get_atom_elements($feed,$item) {
if($rawobj) {
$res['object'] = '