X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fevents.php;h=2bbf4e6a3b10de0422645d97968429d2083ee25a;hb=452ed8aa8c040f683547e2635af8c9f16c450bd6;hp=d82fbd818e4094058c6ab3d5bc383f74492e246f;hpb=c9c6eca8a60681360f1222739d0603e4ed99d663;p=friendica.git

diff --git a/mod/events.php b/mod/events.php
index d82fbd818e..2bbf4e6a3b 100644
--- a/mod/events.php
+++ b/mod/events.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -25,13 +25,16 @@ use Friendica\Content\Nav;
 use Friendica\Content\Widget\CalendarExport;
 use Friendica\Core\ACL;
 use Friendica\Core\Logger;
+use Friendica\Core\Protocol;
 use Friendica\Core\Renderer;
 use Friendica\Core\Theme;
 use Friendica\Core\Worker;
 use Friendica\Database\DBA;
 use Friendica\DI;
+use Friendica\Model\Conversation;
 use Friendica\Model\Event;
 use Friendica\Model\Item;
+use Friendica\Model\Post;
 use Friendica\Model\User;
 use Friendica\Module\BaseProfile;
 use Friendica\Module\Security\Login;
@@ -56,7 +59,7 @@ function events_init(App $a)
 		DI::page()['aside'] = '';
 	}
 
-	$cal_widget = CalendarExport::getHTML();
+	$cal_widget = CalendarExport::getHTML(local_user());
 
 	DI::page()['aside'] .= $cal_widget;
 
@@ -65,9 +68,7 @@ function events_init(App $a)
 
 function events_post(App $a)
 {
-
 	Logger::debug('post', ['request' => $_REQUEST]);
-
 	if (!local_user()) {
 		return;
 	}
@@ -82,6 +83,8 @@ function events_post(App $a)
 	$adjust   = intval($_POST['adjust'] ?? 0);
 	$nofinish = intval($_POST['nofinish'] ?? 0);
 
+	$share = intval($_POST['share'] ?? 0);
+
 	// The default setting for the `private` field in event_store() is false, so mirror that
 	$private_event = false;
 
@@ -129,7 +132,7 @@ function events_post(App $a)
 	];
 
 	$action = ($event_id == '') ? 'new' : 'event/' . $event_id;
-	$onerror_path = 'events/' . $action . '?' . http_build_query($params, null, null, PHP_QUERY_RFC3986);
+	$onerror_path = 'events/' . $action . '?' . http_build_query($params, '', '&', PHP_QUERY_RFC3986);
 
 	if (strcmp($finish, $start) < 0 && !$nofinish) {
 		notice(DI::l10n()->t('Event can not end before it has started.'));
@@ -149,45 +152,42 @@ function events_post(App $a)
 		DI::baseUrl()->redirect($onerror_path);
 	}
 
-	$share = intval($_POST['share'] ?? 0);
-
-	$c = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1",
-		intval(local_user())
-	);
-
-	if (DBA::isResult($c)) {
-		$self = $c[0]['id'];
-	} else {
-		$self = 0;
-	}
+	$self = \Friendica\Model\Contact::getPublicIdByUserId($uid);
 
+	$aclFormatter = DI::aclFormatter();
 
 	if ($share) {
-
-		$aclFormatter = DI::aclFormatter();
-
-		$str_group_allow   = $aclFormatter->toString($_POST['group_allow'] ?? '');
-		$str_contact_allow = $aclFormatter->toString($_POST['contact_allow'] ?? '');
-		$str_group_deny    = $aclFormatter->toString($_POST['group_deny'] ?? '');
-		$str_contact_deny  = $aclFormatter->toString($_POST['contact_deny'] ?? '');
-
-		// Undo the pseudo-contact of self, since there are real contacts now
-		if (strpos($str_contact_allow, '<' . $self . '>') !== false) {
-			$str_contact_allow = str_replace('<' . $self . '>', '', $str_contact_allow);
+		$user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
+		if (!DBA::isResult($user)) {
+			return;
 		}
-		// Make sure to set the `private` field as true. This is necessary to
-		// have the posts show up correctly in Diaspora if an event is created
-		// as visible only to self at first, but then edited to display to others.
-		if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) {
-			$private_event = true;
+
+		$str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
+		$str_group_allow   = isset($_REQUEST['group_allow'])   ? $aclFormatter->toString($_REQUEST['group_allow'])   : $user['allow_gid'] ?? '';
+		$str_contact_deny  = isset($_REQUEST['contact_deny'])  ? $aclFormatter->toString($_REQUEST['contact_deny'])  : $user['deny_cid']  ?? '';
+		$str_group_deny    = isset($_REQUEST['group_deny'])    ? $aclFormatter->toString($_REQUEST['group_deny'])    : $user['deny_gid']  ?? '';
+
+		$visibility = $_REQUEST['visibility'] ?? '';
+		if ($visibility === 'public') {
+			// The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected
+			$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+		} else if ($visibility === 'custom') {
+			// Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL
+			// case that would make it public. So we always append the author's contact id to the allowed contacts.
+			// See https://github.com/friendica/friendica/issues/9672
+			$str_contact_allow .= $aclFormatter->toString($self);
 		}
 	} else {
-		// Note: do not set `private` field for self-only events. It will
-		// keep even you from seeing them!
-		$str_contact_allow = '<' . $self . '>';
+		$str_contact_allow = $aclFormatter->toString($self);
 		$str_group_allow = $str_contact_deny = $str_group_deny = '';
 	}
 
+	// Make sure to set the `private` field as true. This is necessary to
+	// have the posts show up correctly in Diaspora if an event is created
+	// as visible only to self at first, but then edited to display to others.
+	if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) {
+		$private_event = true;
+	}
 
 	$datarray = [];
 	$datarray['start']     = $start;
@@ -206,6 +206,9 @@ function events_post(App $a)
 	$datarray['deny_gid']  = $str_group_deny;
 	$datarray['private']   = $private_event;
 	$datarray['id']        = $event_id;
+	$datarray['network']   = Protocol::DFRN;
+	$datarray['protocol']  = Conversation::PARCEL_DIRECT;
+	$datarray['direction'] = Conversation::PUSH;
 
 	if (intval($_REQUEST['preview'])) {
 		$html = Event::getHTML($datarray);
@@ -213,10 +216,10 @@ function events_post(App $a)
 		exit();
 	}
 
-	$item_id = Event::store($datarray);
+	$uri_id = Event::store($datarray);
 
 	if (!$cid) {
-		Worker::add(PRIORITY_HIGH, "Notifier", Delivery::POST, $item_id);
+		Worker::add(PRIORITY_HIGH, "Notifier", Delivery::POST, (int)$uri_id, (int)$uid);
 	}
 
 	DI::baseUrl()->redirect('events');
@@ -474,19 +477,19 @@ function events_content(App $a)
 		$t_orig = $orig_event['summary']  ?? '';
 		$d_orig = $orig_event['desc']     ?? '';
 		$l_orig = $orig_event['location'] ?? '';
-		$eid = !empty($orig_event) ? $orig_event['id']  : 0;
-		$cid = !empty($orig_event) ? $orig_event['cid'] : 0;
-		$uri = !empty($orig_event) ? $orig_event['uri'] : '';
+		$eid = $orig_event['id'] ?? 0;
+		$cid = $orig_event['cid'] ?? 0;
+		$uri = $orig_event['uri'] ?? '';
 
 		if ($cid || $mode === 'edit') {
 			$share_disabled = 'disabled="disabled"';
 		}
 
-		$sdt = !empty($orig_event) ? $orig_event['start']  : 'now';
-		$fdt = !empty($orig_event) ? $orig_event['finish'] : 'now';
+		$sdt = $orig_event['start'] ?? 'now';
+		$fdt = $orig_event['finish'] ?? 'now';
 
 		$tz = date_default_timezone_get();
-		if (!empty($orig_event)) {
+		if (isset($orig_event['adjust'])) {
 			$tz = ($orig_event['adjust'] ? date_default_timezone_get() : 'UTC');
 		}
 
@@ -587,7 +590,7 @@ function events_content(App $a)
 			Item::deleteForUser(['id' => $ev[0]['itemid']], local_user());
 		}
 
-		if (Item::exists(['id' => $ev[0]['itemid']])) {
+		if (Post::exists(['id' => $ev[0]['itemid']])) {
 			notice(DI::l10n()->t('Failed to remove event'));
 		}