X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdisplay.php;h=a616fc8cc343022dcdbe7b0240f14795157cf8c5;hb=4f5fb402024699ecb121d1978b54531b215a113e;hp=38cdfe41d35d90c7f7fc8b399433482a119b02da;hpb=d00ddc01afdef3e626ae0e711e52f830cbdf923a;p=friendica.git diff --git a/mod/display.php b/mod/display.php index 38cdfe41d3..a616fc8cc3 100644 --- a/mod/display.php +++ b/mod/display.php @@ -4,24 +4,32 @@ */ use Friendica\App; +use Friendica\Content\Pager; use Friendica\Content\Text\BBCode; use Friendica\Content\Text\HTML; use Friendica\Core\ACL; use Friendica\Core\Config; use Friendica\Core\L10n; +use Friendica\Core\Logger; use Friendica\Core\Protocol; +use Friendica\Core\Renderer; use Friendica\Core\System; use Friendica\Database\DBA; use Friendica\Model\Contact; use Friendica\Model\Group; use Friendica\Model\Item; use Friendica\Model\Profile; -use Friendica\Protocol\DFRN; use Friendica\Protocol\ActivityPub; -use Friendica\Util\Security; +use Friendica\Protocol\DFRN; +use Friendica\Util\Strings; +use Friendica\Module\Objects; function display_init(App $a) { + if (ActivityPub::isRequest()) { + Objects::rawContent(); + } + if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { return; } @@ -44,6 +52,7 @@ function display_init(App $a) } $item = null; + $item_user = local_user(); $fields = ['id', 'parent', 'author-id', 'body', 'uid', 'guid']; @@ -57,6 +66,16 @@ function display_init(App $a) if (DBA::isResult($item)) { $nick = $a->user["nickname"]; } + // Is this item private but could be visible to the remove visitor? + } elseif (remote_user()) { + $item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]); + if (DBA::isResult($item)) { + if (!Contact::isFollower(remote_user(), $item['uid'])) { + $item = null; + } else { + $item_user = $item['uid']; + } + } } // Is it an item with uid=0? @@ -68,28 +87,22 @@ function display_init(App $a) } if (!DBA::isResult($item)) { - $a->error = 404; - notice(L10n::t('Item not found.') . EOL); - return; + System::httpExit(404); } if (!empty($_SERVER['HTTP_ACCEPT']) && strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) { - logger('Directly serving XML for id '.$item["id"], LOGGER_DEBUG); + Logger::log('Directly serving XML for id '.$item["id"], Logger::DEBUG); displayShowFeed($item["id"], false); } - if (ActivityPub::isRequest()) { - $a->internalRedirect(str_replace('display/', 'objects/', $a->query_string)); - } - if ($item["id"] != $item["parent"]) { $item = Item::selectFirstForUser(local_user(), $fields, ['id' => $item["parent"]]); } $profiledata = display_fetchauthor($a, $item); - if (strstr(normalise_link($profiledata["url"]), normalise_link(System::baseUrl()))) { - $nickname = str_replace(normalise_link(System::baseUrl())."/profile/", "", normalise_link($profiledata["url"])); + if (strstr(Strings::normaliseLink($profiledata["url"]), Strings::normaliseLink(System::baseUrl()))) { + $nickname = str_replace(Strings::normaliseLink(System::baseUrl())."/profile/", "", Strings::normaliseLink($profiledata["url"])); if (($nickname != $a->user["nickname"])) { $profile = DBA::fetchFirst("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile` @@ -201,8 +214,6 @@ function display_content(App $a, $update = false, $update_uid = 0) return; } - require_once 'include/conversation.php'; - $o = ''; if ($update) { @@ -221,7 +232,7 @@ function display_content(App $a, $update = false, $update_uid = 0) if ($a->argc == 2) { $item_parent = 0; - $fields = ['id', 'parent', 'parent-uri']; + $fields = ['id', 'parent', 'parent-uri', 'uid']; if (local_user()) { $condition = ['guid' => $a->argv[1], 'uid' => local_user()]; @@ -231,6 +242,13 @@ function display_content(App $a, $update = false, $update_uid = 0) $item_parent = $item["parent"]; $item_parent_uri = $item['parent-uri']; } + } elseif (remote_user()) { + $item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]); + if (DBA::isResult($item) && Contact::isFollower(remote_user(), $item['uid'])) { + $item_id = $item["id"]; + $item_parent = $item["parent"]; + $item_parent_uri = $item['parent-uri']; + } } if ($item_parent == 0) { @@ -246,9 +264,7 @@ function display_content(App $a, $update = false, $update_uid = 0) } if (!$item_id) { - $a->error = 404; - notice(L10n::t('Item not found.').EOL); - return; + System::httpExit(404); } // We are displaying an "alternate" link if that post was public. See issue 2864 @@ -262,39 +278,28 @@ function display_content(App $a, $update = false, $update_uid = 0) $conversation = ''; } - $a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), + $a->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('display-head.tpl'), ['$alternate' => $alternate, '$conversation' => $conversation]); $groups = []; - - $contact = null; + $remote_cid = null; $is_remote_contact = false; + $item_uid = local_user(); - $contact_id = 0; - - if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) { - foreach ($_SESSION['remote'] as $v) { - if ($v['uid'] == $a->profile['uid']) { - $contact_id = $v['cid']; - break; - } - } - } - - if ($contact_id) { - $groups = Group::getIdsByContactId($contact_id); - $remote_contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $a->profile['uid']]); - if (DBA::isResult($remote_contact)) { - $contact = $remote_contact; - $is_remote_contact = true; - } + $parent = Item::selectFirst(['uid'], ['uri' => $item_parent_uri, 'wall' => true]); + if (DBA::isResult($parent)) { + $a->profile['uid'] = defaults($a->profile, 'uid', $parent['uid']); + $a->profile['profile_uid'] = defaults($a->profile, 'profile_uid', $parent['uid']); + $is_remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']); } - if (!$is_remote_contact) { - if (local_user()) { - $contact_id = $_SESSION['cid']; - $contact = $a->contact; + if ($is_remote_contact) { + $cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']); + if (!empty($cdata['user'])) { + $groups = Group::getIdsByContactId($cdata['user']); + $remote_cid = $cdata['user']; + $item_uid = $parent['uid']; } } @@ -304,7 +309,7 @@ function display_content(App $a, $update = false, $update_uid = 0) } $is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false); - if (x($a->profile, 'hidewall') && !$is_owner && !$is_remote_contact) { + if (!empty($a->profile['hidewall']) && !$is_owner && !$is_remote_contact) { notice(L10n::t('Access to this profile has been restricted.') . EOL); return; } @@ -324,10 +329,9 @@ function display_content(App $a, $update = false, $update_uid = 0) ]; $o .= status_editor($a, $x, 0, true); } + $sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $is_remote_contact, $groups, $remote_cid); - $sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid'], $is_remote_contact, $groups); - - if (local_user() && (local_user() == $a->profile['uid'])) { + if (local_user() && (local_user() == $a->profile['profile_uid'])) { $condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true]; $unseen = Item::exists($condition); } else { @@ -338,13 +342,12 @@ function display_content(App $a, $update = false, $update_uid = 0) return ''; } - $condition = ["`id` = ? AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, local_user()]; + $condition = ["`id` = ? AND `item`.`uid` IN (0, ?) " . $sql_extra, $item_id, $item_uid]; $fields = ['parent-uri', 'body', 'title', 'author-name', 'author-avatar', 'plink']; $item = Item::selectFirstForUser(local_user(), $fields, $condition); if (!DBA::isResult($item)) { - notice(L10n::t('Item not found.') . EOL); - return $o; + System::httpExit(404); } $item['uri'] = $item['parent-uri']; @@ -358,7 +361,7 @@ function display_content(App $a, $update = false, $update_uid = 0) $o .= ""; } - $o .= conversation($a, [$item], 'display', $update_uid, false, 'commented', local_user()); + $o .= conversation($a, [$item], new Pager($a->query_string), 'display', $update_uid, false, 'commented', $item_uid); // Preparing the meta header $description = trim(HTML::toPlaintext(BBCode::convert($item["body"], false), 0, true));