X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdisplay.php;h=6d1f417e710ad8b861ebd9f99dda8f9633b4d92c;hb=1eae40592ca67868a29acf9684f6c47c7ad10755;hp=60dfdeff2bf0772b92c8ae7c54abb5bdffaab5c8;hpb=8cca849c2e9694ba9bab2e0a6173cd4f5aa2cbdc;p=friendica.git diff --git a/mod/display.php b/mod/display.php index 60dfdeff2b..6d1f417e71 100644 --- a/mod/display.php +++ b/mod/display.php @@ -18,7 +18,7 @@ function display_init(&$a) { if (local_user()) { $r = q("SELECT `id`, `parent`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid` FROM `item` WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 - AND `guid` = '%s' AND `uid` = %d", $a->argv[1], local_user()); + AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user()); if (count($r)) { $nick = $a->user["nickname"]; $itemuid = local_user(); @@ -34,7 +34,7 @@ function display_init(&$a) { AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND NOT `user`.`hidewall` - AND `item`.`guid` = '%s'", $a->argv[1]); + AND `item`.`guid` = '%s'", dbesc($a->argv[1])); // AND `item`.`private` = 0 AND `item`.`wall` = 1 if (count($r)) { $nick = $r[0]["nickname"]; @@ -50,7 +50,7 @@ function display_init(&$a) { AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `item`.`uid` = 0 - AND `item`.`guid` = '%s'", $a->argv[1]); + AND `item`.`guid` = '%s'", dbesc($a->argv[1])); // AND `item`.`private` = 0 AND `item`.`wall` = 1 } if (count($r)) { @@ -89,51 +89,16 @@ function display_init(&$a) { } function display_fetchauthor($a, $item) { - require_once("mod/proxy.php"); - require_once("include/bbcode.php"); $profiledata = array(); $profiledata["uid"] = -1; $profiledata["nickname"] = $item["author-name"]; $profiledata["name"] = $item["author-name"]; $profiledata["picdate"] = ""; - $profiledata["photo"] = proxy_url($item["author-avatar"]); + $profiledata["photo"] = $item["author-avatar"]; $profiledata["url"] = $item["author-link"]; $profiledata["network"] = $item["network"]; - // Fetching further contact data from the contact table - $r = q("SELECT `photo`, `nick`, `location`, `about` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `network` = '%s'", - dbesc(normalise_link($profiledata["url"])), intval($item["uid"]), dbesc($item["network"])); - - if (!count($r)) - $r = q("SELECT `photo`, `nick`, `location`, `about` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d", - dbesc(normalise_link($profiledata["url"])), intval($item["uid"])); - - if (!count($r)) - $r = q("SELECT `photo`, `nick`, `location`, `about` FROM `contact` WHERE `nurl` = '%s' AND `uid` = 0", - dbesc(normalise_link($profiledata["url"]))); - - if (count($r)) { - $profiledata["photo"] = proxy_url($r[0]["photo"]); - $profiledata["address"] = proxy_parse_html(bbcode($r[0]["location"])); - $profiledata["about"] = proxy_parse_html(bbcode($r[0]["about"])); - if ($r[0]["nick"] != "") - $profiledata["nickname"] = $r[0]["nick"]; - } - - // Fetching profile data from unique contacts - $r = q("SELECT `avatar`, `nick`, `location`, `about` FROM `unique_contacts` WHERE `url` = '%s'", dbesc(normalise_link($profiledata["url"]))); - if (count($r)) { - if ($profiledata["photo"] == "") - $profiledata["photo"] = proxy_url($r[0]["avatar"]); - if ($profiledata["address"] == "") - $profiledata["address"] = proxy_parse_html(bbcode($r[0]["location"])); - if ($profiledata["about"] == "") - $profiledata["about"] = proxy_parse_html(bbcode($r[0]["about"])); - if (($profiledata["nickname"] == "") AND ($r[0]["nick"] != "")) - $profiledata["nickname"] = $r[0]["nick"]; - } - // Check for a repeated message $skip = false; $body = trim($item["body"]); @@ -187,28 +152,49 @@ function display_fetchauthor($a, $item) { $profiledata["address"] = ""; $profiledata["about"] = ""; + } - // Fetching profile data from unique contacts - if ($profiledata["url"] != "") { - $r = q("SELECT `avatar`, `nick`, `location`, `about` FROM `unique_contacts` WHERE `url` = '%s'", dbesc(normalise_link($profiledata["url"]))); - if (count($r)) { - $profiledata["photo"] = proxy_url($r[0]["avatar"]); - $profiledata["address"] = proxy_parse_html(bbcode($r[0]["location"])); - $profiledata["about"] = proxy_parse_html(bbcode($r[0]["about"])); - if ($r[0]["nick"] != "") - $profiledata["nickname"] = $r[0]["nick"]; - } + // Fetching further contact data from the contact table + $r = q("SELECT `uid`, `network`, `photo`, `nick`, `location`, `about` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `network` = '%s'", + dbesc(normalise_link($profiledata["url"])), intval($item["uid"]), dbesc($item["network"])); + + if (!count($r)) + $r = q("SELECT `uid`, `network`, `photo`, `nick`, `location`, `about` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d", + dbesc(normalise_link($profiledata["url"])), intval($item["uid"])); + + if (!count($r)) + $r = q("SELECT `uid`, `network`, `photo`, `nick`, `location`, `about` FROM `contact` WHERE `nurl` = '%s' AND `uid` = 0", + dbesc(normalise_link($profiledata["url"]))); + + if (count($r)) { + if ((($r[0]["uid"] != local_user()) OR !local_user()) AND ($profiledata["network"] == NETWORK_DIASPORA)) { + $r[0]["location"] = ""; + $r[0]["about"] = ""; } + + $profiledata["photo"] = $r[0]["photo"]; + $profiledata["address"] = $r[0]["location"]; + $profiledata["about"] = $r[0]["about"]; + if ($r[0]["nick"] != "") + $profiledata["nickname"] = $r[0]["nick"]; + } + + // Fetching profile data from unique contacts + $r = q("SELECT `avatar`, `nick`, `location`, `about` FROM `unique_contacts` WHERE `url` = '%s'", dbesc(normalise_link($profiledata["url"]))); + if (count($r)) { + if ($profiledata["photo"] == "") + $profiledata["photo"] = $r[0]["avatar"]; + if (($profiledata["address"] == "") AND ($profiledata["network"] != NETWORK_DIASPORA)) + $profiledata["address"] = $r[0]["location"]; + if (($profiledata["about"] == "") AND ($profiledata["network"] != NETWORK_DIASPORA)) + $profiledata["about"] = $r[0]["about"]; + if (($profiledata["nickname"] == "") AND ($r[0]["nick"] != "")) + $profiledata["nickname"] = $r[0]["nick"]; } if (local_user()) { if (in_array($profiledata["network"], array(NETWORK_DFRN, NETWORK_DIASPORA, NETWORK_OSTATUS))) $profiledata["remoteconnect"] = $a->get_baseurl()."/follow?url=".urlencode($profiledata["url"]); - //if ($profiledata["network"] == NETWORK_DFRN) { - // $connect = str_replace("/profile/", "/dfrn_request/", $profiledata["url"])."&addr=".bin2hex($a->get_baseurl()."/profile/".$a->user["nickname"]); - // $profiledata["remoteconnect"] = $connect; - //} elseif ($profiledata["network"] == NETWORK_DIASPORA) - // $profiledata["remoteconnect"] = $a->get_baseurl()."/contacts?add=".GetProfileUsername($profiledata["url"], "", true); } elseif ($profiledata["network"] == NETWORK_DFRN) { $connect = str_replace("/profile/", "/dfrn_request/", $profiledata["url"]); $profiledata["remoteconnect"] = $connect; @@ -224,7 +210,6 @@ function display_content(&$a, $update = 0) { return; } - require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); require_once('include/acl_selectors.php'); @@ -255,7 +240,7 @@ function display_content(&$a, $update = 0) { if (local_user()) { $r = q("SELECT `id` FROM `item` WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 - AND `guid` = '%s' AND `uid` = %d", $a->argv[1], local_user()); + AND `guid` = '%s' AND `uid` = %d", dbesc($a->argv[1]), local_user()); if (count($r)) { $item_id = $r[0]["id"]; $nick = $a->user["nickname"]; @@ -268,7 +253,7 @@ function display_content(&$a, $update = 0) { AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND NOT `user`.`hidewall` - AND `item`.`guid` = '%s'", $a->argv[1]); + AND `item`.`guid` = '%s'", dbesc($a->argv[1])); // AND `item`.`private` = 0 AND `item`.`wall` = 1 if (count($r)) { $item_id = $r[0]["id"]; @@ -281,7 +266,7 @@ function display_content(&$a, $update = 0) { AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' AND `item`.`private` = 0 AND `item`.`uid` = 0 - AND `item`.`guid` = '%s'", $a->argv[1]); + AND `item`.`guid` = '%s'", dbesc($a->argv[1])); // AND `item`.`private` = 0 AND `item`.`wall` = 1 if (count($r)) { $item_id = $r[0]["id"]; @@ -351,7 +336,7 @@ function display_content(&$a, $update = 0) { 'default_location' => $a->user['default-location'], 'nickname' => $a->user['nickname'], 'lockstate' => ( (is_array($a->user)) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))) ? 'lock' : 'unlock'), - 'acl' => populate_acl($a->user), + 'acl' => populate_acl($a->user, true), 'bang' => '', 'visitor' => 'block', 'profile_uid' => local_user(), @@ -412,7 +397,7 @@ function display_content(&$a, $update = 0) { $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, - `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, + `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0