X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdisplay.php;h=2a4d2abf43b6d1971db094cffcaba8a65e969f13;hb=d7d685ad6b06c398873e4e530f3d99b988319e5b;hp=2600dfd26d020e06d409b8d31a52faf7c2ea147e;hpb=19aecb952dcd627dfee9de8fff5a7ea35339ae78;p=friendica.git

diff --git a/mod/display.php b/mod/display.php
index 2600dfd26d..2a4d2abf43 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -4,22 +4,32 @@
  */
 
 use Friendica\App;
+use Friendica\Content\Pager;
 use Friendica\Content\Text\BBCode;
 use Friendica\Content\Text\HTML;
 use Friendica\Core\ACL;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
+use Friendica\Core\Logger;
 use Friendica\Core\Protocol;
+use Friendica\Core\Renderer;
 use Friendica\Core\System;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Model\Group;
 use Friendica\Model\Item;
 use Friendica\Model\Profile;
+use Friendica\Protocol\ActivityPub;
 use Friendica\Protocol\DFRN;
+use Friendica\Util\Strings;
+use Friendica\Module\Objects;
 
 function display_init(App $a)
 {
+	if (ActivityPub::isRequest()) {
+		Objects::rawContent();
+	}
+
 	if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
 		return;
 	}
@@ -42,8 +52,9 @@ function display_init(App $a)
 	}
 
 	$item = null;
+	$item_user = local_user();
 
-	$fields = ['id', 'parent', 'author-id', 'body', 'uid'];
+	$fields = ['id', 'parent', 'author-id', 'body', 'uid', 'guid'];
 
 	// If there is only one parameter, then check if this parameter could be a guid
 	if ($a->argc == 2) {
@@ -52,27 +63,35 @@ function display_init(App $a)
 		// Does the local user have this item?
 		if (local_user()) {
 			$item = Item::selectFirstForUser(local_user(), $fields, ['guid' => $a->argv[1], 'uid' => local_user()]);
-			if (DBM::is_result($item)) {
+			if (DBA::isResult($item)) {
 				$nick = $a->user["nickname"];
 			}
+		// Is this item private but could be visible to the remove visitor?
+		} elseif (remote_user()) {
+			$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
+			if (DBA::isResult($item)) {
+				if (!Contact::isFollower(remote_user(), $item['uid'])) {
+					$item = null;
+				} else {
+					$item_user = $item['uid'];
+				}
+			}
 		}
 
 		// Is it an item with uid=0?
-		if (!DBM::is_result($item)) {
+		if (!DBA::isResult($item)) {
 			$item = Item::selectFirstForUser(local_user(), $fields, ['guid' => $a->argv[1], 'private' => [0, 2], 'uid' => 0]);
 		}
 	} elseif (($a->argc == 3) && ($nick == 'feed-item')) {
 		$item = Item::selectFirstForUser(local_user(), $fields, ['id' => $a->argv[2], 'private' => [0, 2], 'uid' => 0]);
 	}
 
-	if (!DBM::is_result($item)) {
-		$a->error = 404;
-		notice(L10n::t('Item not found.') . EOL);
-		return;
+	if (!DBA::isResult($item)) {
+		System::httpExit(404);
 	}
 
 	if (!empty($_SERVER['HTTP_ACCEPT']) && strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) {
-		logger('Directly serving XML for id '.$item["id"], LOGGER_DEBUG);
+		Logger::log('Directly serving XML for id '.$item["id"], Logger::DEBUG);
 		displayShowFeed($item["id"], false);
 	}
 
@@ -82,19 +101,19 @@ function display_init(App $a)
 
 	$profiledata = display_fetchauthor($a, $item);
 
-	if (strstr(normalise_link($profiledata["url"]), normalise_link(System::baseUrl()))) {
-		$nickname = str_replace(normalise_link(System::baseUrl())."/profile/", "", normalise_link($profiledata["url"]));
+	if (strstr(Strings::normaliseLink($profiledata["url"]), Strings::normaliseLink(System::baseUrl()))) {
+		$nickname = str_replace(Strings::normaliseLink(System::baseUrl())."/profile/", "", Strings::normaliseLink($profiledata["url"]));
 
 		if (($nickname != $a->user["nickname"])) {
-			$profile = dba::fetch_first("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
+			$profile = DBA::fetchFirst("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
 				INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
 				WHERE `user`.`nickname` = ? AND `profile`.`is-default` AND `contact`.`self` LIMIT 1",
 				$nickname
 			);
-			if (DBM::is_result($profile)) {
+			if (DBA::isResult($profile)) {
 				$profiledata = $profile;
 			}
-			$profiledata["network"] = NETWORK_DFRN;
+			$profiledata["network"] = Protocol::DFRN;
 		} else {
 			$profiledata = [];
 		}
@@ -105,7 +124,7 @@ function display_init(App $a)
 
 function display_fetchauthor($a, $item)
 {
-	$author = dba::selectFirst('contact', ['name', 'nick', 'photo', 'network', 'url'], ['id' => $item['author-id']]);
+	$author = DBA::selectFirst('contact', ['name', 'nick', 'photo', 'network', 'url'], ['id' => $item['author-id']]);
 
 	$profiledata = [];
 	$profiledata['uid'] = -1;
@@ -177,10 +196,10 @@ function display_fetchauthor($a, $item)
 	$profiledata["photo"] = System::removedBaseUrl($profiledata["photo"]);
 
 	if (local_user()) {
-		if (in_array($profiledata["network"], [NETWORK_DFRN, NETWORK_DIASPORA, NETWORK_OSTATUS])) {
+		if (in_array($profiledata["network"], [Protocol::DFRN, Protocol::DIASPORA, Protocol::OSTATUS])) {
 			$profiledata["remoteconnect"] = System::baseUrl()."/follow?url=".urlencode($profiledata["url"]);
 		}
-	} elseif ($profiledata["network"] == NETWORK_DFRN) {
+	} elseif ($profiledata["network"] == Protocol::DFRN) {
 		$connect = str_replace("/profile/", "/dfrn_request/", $profiledata["url"]);
 		$profiledata["remoteconnect"] = $connect;
 	}
@@ -195,7 +214,6 @@ function display_content(App $a, $update = false, $update_uid = 0)
 		return;
 	}
 
-	require_once 'include/security.php';
 	require_once 'include/conversation.php';
 
 	$o = '';
@@ -216,12 +234,19 @@ function display_content(App $a, $update = false, $update_uid = 0)
 
 		if ($a->argc == 2) {
 			$item_parent = 0;
-			$fields = ['id', 'parent', 'parent-uri'];
+			$fields = ['id', 'parent', 'parent-uri', 'uid'];
 
 			if (local_user()) {
 				$condition = ['guid' => $a->argv[1], 'uid' => local_user()];
 				$item = Item::selectFirstForUser(local_user(), $fields, $condition);
-				if (DBM::is_result($item)) {
+				if (DBA::isResult($item)) {
+					$item_id = $item["id"];
+					$item_parent = $item["parent"];
+					$item_parent_uri = $item['parent-uri'];
+				}
+			} elseif (remote_user()) {
+				$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
+				if (DBA::isResult($item) && Contact::isFollower(remote_user(), $item['uid'])) {
 					$item_id = $item["id"];
 					$item_parent = $item["parent"];
 					$item_parent_uri = $item['parent-uri'];
@@ -231,7 +256,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
 			if ($item_parent == 0) {
 				$condition = ['private' => [0, 2], 'guid' => $a->argv[1], 'uid' => 0];
 				$item = Item::selectFirstForUser(local_user(), $fields, $condition);
-				if (DBM::is_result($item)) {
+				if (DBA::isResult($item)) {
 					$item_id = $item["id"];
 					$item_parent = $item["parent"];
 					$item_parent_uri = $item['parent-uri'];
@@ -241,13 +266,11 @@ function display_content(App $a, $update = false, $update_uid = 0)
 	}
 
 	if (!$item_id) {
-		$a->error = 404;
-		notice(L10n::t('Item not found.').EOL);
-		return;
+		System::httpExit(404);
 	}
 
 	// We are displaying an "alternate" link if that post was public. See issue 2864
-	$is_public = dba::exists('item', ['id' => $item_id, 'private' => [0, 2]]);
+	$is_public = Item::exists(['id' => $item_id, 'private' => [0, 2]]);
 	if ($is_public) {
 		// For the atom feed the nickname doesn't matter at all, we only need the item id.
 		$alternate = System::baseUrl().'/display/feed-item/'.$item_id.'.atom';
@@ -257,49 +280,38 @@ function display_content(App $a, $update = false, $update_uid = 0)
 		$conversation = '';
 	}
 
-	$a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'),
+	$a->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('display-head.tpl'),
 				['$alternate' => $alternate,
 					'$conversation' => $conversation]);
 
 	$groups = [];
-
-	$contact = null;
+	$remote_cid = null;
 	$is_remote_contact = false;
+	$item_uid = local_user();
 
-	$contact_id = 0;
-
-	if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
-		foreach ($_SESSION['remote'] as $v) {
-			if ($v['uid'] == $a->profile['uid']) {
-				$contact_id = $v['cid'];
-				break;
-			}
-		}
+	$parent = Item::selectFirst(['uid'], ['uri' => $item_parent_uri, 'wall' => true]);
+	if (DBA::isResult($parent)) {
+		$a->profile['uid'] = $parent['uid'];
+		$a->profile['profile_uid'] = $parent['uid'];
+		$is_remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']);
 	}
 
-	if ($contact_id) {
-		$groups = Group::getIdsByContactId($contact_id);
-		$remote_contact = dba::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $a->profile['uid']]);
-		if (DBM::is_result($remote_contact)) {
-			$contact = $remote_contact;
-			$is_remote_contact = true;
+	if ($is_remote_contact) {
+		$cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
+		if (!empty($cdata['user'])) {
+			$groups = Group::getIdsByContactId($cdata['user']);
+			$remote_cid = $cdata['user'];
+			$item_uid = $parent['uid'];
 		}
 	}
 
-	if (!$is_remote_contact) {
-		if (local_user()) {
-			$contact_id = $_SESSION['cid'];
-			$contact = $a->contact;
-		}
-	}
-
-	$page_contact = dba::selectFirst('contact', [], ['self' => true, 'uid' => $a->profile['uid']]);
-	if (DBM::is_result($page_contact)) {
+	$page_contact = DBA::selectFirst('contact', [], ['self' => true, 'uid' => $a->profile['uid']]);
+	if (DBA::isResult($page_contact)) {
 		$a->page_contact = $page_contact;
 	}
 	$is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
 
-	if (x($a->profile, 'hidewall') && !$is_owner && !$is_remote_contact) {
+	if (!empty($a->profile['hidewall']) && !$is_owner && !$is_remote_contact) {
 		notice(L10n::t('Access to this profile has been restricted.') . EOL);
 		return;
 	}
@@ -319,12 +331,11 @@ function display_content(App $a, $update = false, $update_uid = 0)
 		];
 		$o .= status_editor($a, $x, 0, true);
 	}
+	$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $is_remote_contact, $groups, $remote_cid);
 
-	$sql_extra = item_permissions_sql($a->profile['uid'], $is_remote_contact, $groups);
-
-	if (local_user() && (local_user() == $a->profile['uid'])) {
+	if (local_user() && (local_user() == $a->profile['profile_uid'])) {
 		$condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true];
-		$unseen = dba::exists('item', $condition);
+		$unseen = Item::exists($condition);
 	} else {
 		$unseen = false;
 	}
@@ -333,35 +344,33 @@ function display_content(App $a, $update = false, $update_uid = 0)
 		return '';
 	}
 
-	$condition = ["`item`.`parent-uri` = (SELECT `parent-uri` FROM `item` WHERE `id` = ?)
-		AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, local_user()];
-	$params = ['order' => ['uid', 'parent' => true, 'gravity', 'id']];
-	$items_obj = Item::selectForUser(local_user(), [], $condition, $params);
+	$condition = ["`id` = ? AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, $item_uid];
+	$fields = ['parent-uri', 'body', 'title', 'author-name', 'author-avatar', 'plink'];
+	$item = Item::selectFirstForUser(local_user(), $fields, $condition);
 
-	if (!DBM::is_result($items_obj)) {
-		notice(L10n::t('Item not found.') . EOL);
-		return $o;
+	if (!DBA::isResult($item)) {
+		System::httpExit(404);
 	}
 
+	$item['uri'] = $item['parent-uri'];
+
 	if ($unseen) {
 		$condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true];
 		Item::update(['unseen' => false], $condition);
 	}
 
-	$items = Item::inArray($items_obj);
-	$conversation_items = conv_sort($items, "`commented`");
-
 	if (!$update) {
 		$o .= "<script> var netargs = '?f=&item_id=" . $item_id . "'; </script>";
 	}
-	$o .= conversation($a, $conversation_items, 'display', $update_uid, false, 'commented', local_user());
+
+	$o .= conversation($a, [$item], new Pager($a->query_string), 'display', $update_uid, false, 'commented', $item_uid);
 
 	// Preparing the meta header
-	$description = trim(HTML::toPlaintext(BBCode::convert($items[0]["body"], false), 0, true));
-	$title = trim(HTML::toPlaintext(BBCode::convert($items[0]["title"], false), 0, true));
-	$author_name = $items[0]["author-name"];
+	$description = trim(HTML::toPlaintext(BBCode::convert($item["body"], false), 0, true));
+	$title = trim(HTML::toPlaintext(BBCode::convert($item["title"], false), 0, true));
+	$author_name = $item["author-name"];
 
-	$image = $a->remove_baseurl($items[0]["author-avatar"]);
+	$image = $a->removeBaseURL($item["author-avatar"]);
 
 	if ($title == "") {
 		$title = $author_name;
@@ -393,7 +402,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
 	$a->page['htmlhead'] .= '<meta name="twitter:title" content="'.$title.'" />'."\n";
 	$a->page['htmlhead'] .= '<meta name="twitter:description" content="'.$description.'" />'."\n";
 	$a->page['htmlhead'] .= '<meta name="twitter:image" content="'.System::baseUrl().'/'.$image.'" />'."\n";
-	$a->page['htmlhead'] .= '<meta name="twitter:url" content="'.$items[0]["plink"].'" />'."\n";
+	$a->page['htmlhead'] .= '<meta name="twitter:url" content="'.$item["plink"].'" />'."\n";
 
 	// Dublin Core
 	$a->page['htmlhead'] .= '<meta name="DC.title" content="'.$title.'" />'."\n";
@@ -403,7 +412,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
 	$a->page['htmlhead'] .= '<meta property="og:type" content="website" />'."\n";
 	$a->page['htmlhead'] .= '<meta property="og:title" content="'.$title.'" />'."\n";
 	$a->page['htmlhead'] .= '<meta property="og:image" content="'.System::baseUrl().'/'.$image.'" />'."\n";
-	$a->page['htmlhead'] .= '<meta property="og:url" content="'.$items[0]["plink"].'" />'."\n";
+	$a->page['htmlhead'] .= '<meta property="og:url" content="'.$item["plink"].'" />'."\n";
 	$a->page['htmlhead'] .= '<meta property="og:description" content="'.$description.'" />'."\n";
 	$a->page['htmlhead'] .= '<meta name="og:article:author" content="'.$author_name.'" />'."\n";
 	// article:tag