X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdisplay.php;h=02f080a790587c1ffc36deeb03abd762511854b4;hb=a76a497d924a16b8b07b126408db21655aac3bd6;hp=3215ae90a04958352fac8b7eb3e74298e731e7fa;hpb=4198efe03570606b35f3aba6cdf7f80de20384f4;p=friendica.git diff --git a/mod/display.php b/mod/display.php old mode 100644 new mode 100755 index 3215ae90a0..02f080a790 --- a/mod/display.php +++ b/mod/display.php @@ -3,8 +3,21 @@ function display_content(&$a) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + + require_once("include/bbcode.php"); + require_once('include/security.php'); + require_once('include/conversation.php'); + + $o = '
' . "\r\n"; + $a->page['htmlhead'] .= ''; + + $nick = (($a->argc > 1) ? $a->argv[1] : ''); profile_load($a,$nick); @@ -16,15 +29,8 @@ function display_content(&$a) { return; } - require_once("include/bbcode.php"); - require_once('include/security.php'); - - $groups = array(); - $tab = 'posts'; - - $contact = null; $remote_contact = false; @@ -48,50 +54,28 @@ function display_content(&$a) { } } + $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", + intval($a->profile['uid']) + ); + if(count($r)) + $a->page_contact = $r[0]; - $sql_extra = " - AND `allow_cid` = '' - AND `allow_gid` = '' - AND `deny_cid` = '' - AND `deny_gid` = '' - "; - - - // Profile owner - everything is visible + $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false); - if(local_user() && (local_user() == $a->profile['uid'])) { - $sql_extra = ''; + if($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) { + notice( t('Access to this profile has been restricted.') . EOL); + return; } - // authenticated visitor - here lie dragons - // If $remotecontact is true, we know that not only is this a remotely authenticated - // person, but that it is *our* contact, which is important in multi-user mode. - - elseif($remote_contact) { - $gs = '<<>>'; // should be impossible to match - if(count($groups)) { - foreach($groups as $g) - $gs .= '|<' . intval($g) . '>'; - } - $sql_extra = sprintf( - " AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' ) - AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' ) - AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' ) - AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') ", - - intval($_SESSION['visitor_id']), - intval($_SESSION['visitor_id']), - dbesc($gs), - dbesc($gs) - ); - } + $sql_extra = permissions_sql($a->profile['uid'],$remote_contact,$groups); $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, - `contact`.`network`, `contact`.`thumb`, `contact`.`self`, + `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + and `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' )) $sql_extra @@ -102,17 +86,6 @@ function display_content(&$a) { ); - - $cmnt_tpl = load_view_file('view/comment_item.tpl'); - $like_tpl = load_view_file('view/like.tpl'); - $tpl = load_view_file('view/wall_item.tpl'); - $wallwall = load_view_file('view/wallwall_item.tpl'); - - $return_url = $_SESSION['return_url'] = $a->cmd; - - $alike = array(); - $dlike = array(); - if(count($r)) { if((local_user()) && (local_user() == $a->profile['uid'])) { @@ -122,170 +95,9 @@ function display_content(&$a) { ); } - foreach($r as $item) { - like_puller($a,$item,$alike,'like'); - like_puller($a,$item,$dlike,'dislike'); - } - - foreach($r as $item) { - $template = $tpl; - - $comment = ''; - $owner_url = ''; - $owner_photo = ''; - $owner_name = ''; - - $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ; - - if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) - && ($item['id'] != $item['parent'])) - continue; - - $lock = ((($item['private']) || (($item['uid'] == local_user()) && (strlen($item['allow_cid']) || strlen($item['allow_gid']) - || strlen($item['deny_cid']) || strlen($item['deny_gid'])))) - ? '
' . t('Private Message') . '
' - : '
'); - - if(can_write_wall($a,$a->profile['uid'])) { - if($item['id'] == $item['parent']) { - $likebuttons = replace_macros($like_tpl,array('$id' => $item['id'])); - } - if($item['last-child']) { - $comment = replace_macros($cmnt_tpl,array( - '$return_path' => $_SESSION['return_url'], - '$type' => 'wall-comment', - '$id' => $item['item_id'], - '$parent' => $item['parent'], - '$profile_uid' => $a->profile['uid'], - '$mylink' => $contact['url'], - '$mytitle' => t('This is you'), - '$myphoto' => $contact['thumb'], - '$ww' => '' - )); - } - } + $o .= conversation($a,$r,'display', false); - - $profile_url = $item['url']; - $sparkle = ''; - - - $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ; - - // I think this is redundant now but too chicken to remove it unless - // I've had six cups of coffee and tested it completely - - if(($item['network'] === 'dfrn') && (! $item['self'] )) { - $profile_url = $redirect_url; - $sparkle = ' sparkle'; - } - - - // Top-level wall post not written by the wall owner (wall-to-wall) - // First figure out who owns it. - - $osparkle = ''; - - if(($item['parent'] == $item['item_id']) && (! $item['self'])) { - - if($item['type'] === 'wall') { - // I do. Put me on the left of the wall-to-wall notice. - $owner_url = $a->contact['url']; - $owner_photo = $a->contact['thumb']; - $owner_name = $a->contact['name']; - $template = $wallwall; - $commentww = 'ww'; - } - if($item['type'] === 'remote' && ($item['owner-link'] != $item['author-link'])) { - // Could be anybody. - $owner_url = $item['owner-link']; - $owner_photo = $item['owner-avatar']; - $owner_name = $item['owner-name']; - $template = $wallwall; - $commentww = 'ww'; - // If it is our contact, use a friendly redirect link - if((link_compare($item['owner-link'],$item['url'])) && ($item['network'] === 'dfrn')) { - $owner_url = $redirect_url; - $osparkle = ' sparkle'; - } - - - } - } - - $diff_author = ((link_compare($item['url'],$item['author-link'])) ? false : true); - - $profile_name = (((strlen($item['author-name'])) && $diff_author) ? $item['author-name'] : $item['name']); - $profile_avatar = (((strlen($item['author-avatar'])) && $diff_author) ? $item['author-avatar'] : $item['thumb']); - - // Can we use our special contact URL for this author? - - if(strlen($item['author-link'])) { - if((link_compare($item['author-link'],$item['url'])) && ($item['network'] === 'dfrn') && (! $item['self'])) { - $profile_link = $redirect_url; - $sparkle = ' sparkle'; - } - else { - $profile_link = $item['author-link']; - $sparkle = ''; - } - } - - if(($item['contact-id'] == remote_user()) || ($item['uid'] == local_user())) - $drop = replace_macros(load_view_file('view/wall_item_drop.tpl'), array('$id' => $item['id'])); - else - $drop = replace_macros(load_view_file('view/wall_fake_drop.tpl'), array('$id' => $item['id'])); - - $like = ((isset($alike[$item['id']])) ? format_like($alike[$item['id']],$alike[$item['id'] . '-l'],'like',$item['id']) : ''); - $dislike = ((isset($dlike[$item['id']])) ? format_like($dlike[$item['id']],$dlike[$item['id'] . '-l'],'dislike',$item['id']) : ''); - - $location = (($item['location']) ? '' . $item['location'] . '' : ''); - $coord = (($item['coord']) ? '' . $item['coord'] . '' : ''); - if($coord) { - if($location) - $location .= '
(' . $coord . ')'; - else - $location = '' . $coord . ''; - } - - $indent = (($item['parent'] != $item['item_id']) ? ' comment' : ''); - - if(strcmp(datetime_convert('UTC','UTC',$item['created']),datetime_convert('UTC','UTC','now - 12 hours')) > 0) - $indent .= ' shiny'; - - - $tmp_item = replace_macros($template,array( - '$id' => $item['item_id'], - '$title' => t('View $name\'s profile'), - '$profile_url' => $profile_link, - '$name' => $profile_name, - '$sparkle' => $sparkle, - '$osparkle' => $osparkle, - '$thumb' => $profile_avatar, - '$title' => $item['title'], - '$body' => smilies(bbcode($item['body'])), - '$ago' => relative_date($item['created']), - '$lock' => $lock, - '$location' => $location, - '$indent' => $indent, - '$owner_url' => $owner_url, - '$owner_photo' => $owner_photo, - '$owner_name' => $owner_name, - '$drop' => $drop, - '$vote' => $likebuttons, - '$like' => $like, - '$dislike' => $dislike, - '$comment' => $comment - )); - - $arr = array('item' => $item, 'output' => $tmp_item); - call_hooks('display_item', $arr); - - $o .= $arr['output']; - - - } } else { $r = q("SELECT `id` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1", @@ -306,8 +118,6 @@ function display_content(&$a) { } - $o .= '
' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
'; - return $o; }