X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=0473c74c5234ed97cfc215a25cee1e5fbc117d51;hb=063f0e9cb06bb09d06c2630d4b6cecc5eb381fdc;hp=0466c46d9d407e642cc56e76d05b226b03fc76f3;hpb=ecea7425f8ad11ace4af39d476919e3203bff44f;p=friendica.git
diff --git a/mod/item.php b/mod/item.php
index 0466c46d9d..0473c74c52 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -16,20 +16,27 @@
*/
use Friendica\App;
+use Friendica\Content\Pager;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Text\HTML;
use Friendica\Core\Addon;
use Friendica\Core\Config;
use Friendica\Core\L10n;
+use Friendica\Core\Logger;
+use Friendica\Core\Protocol;
use Friendica\Core\System;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\Model\Contact;
+use Friendica\Model\Conversation;
+use Friendica\Model\FileTag;
use Friendica\Model\Item;
use Friendica\Protocol\Diaspora;
use Friendica\Protocol\Email;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Emailer;
+use Friendica\Util\Security;
+use Friendica\Util\Strings;
require_once 'include/enotify.php';
require_once 'include/text.php';
@@ -37,14 +44,12 @@ require_once 'include/items.php';
function item_post(App $a) {
if (!local_user() && !remote_user()) {
- return;
+ return 0;
}
- require_once 'include/security.php';
-
$uid = local_user();
- if (x($_REQUEST, 'dropitems')) {
+ if (!empty($_REQUEST['dropitems'])) {
$arr_drop = explode(',', $_REQUEST['dropitems']);
drop_items($arr_drop);
$json = ['success' => 1];
@@ -54,11 +59,11 @@ function item_post(App $a) {
Addon::callHooks('post_local_start', $_REQUEST);
- logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
+ Logger::log('postvars ' . print_r($_REQUEST, true), Logger::DATA);
$api_source = defaults($_REQUEST, 'api_source', false);
- $message_id = ((x($_REQUEST, 'message_id') && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
+ $message_id = ((!empty($_REQUEST['message_id']) && $api_source) ? strip_tags($_REQUEST['message_id']) : '');
$return_path = defaults($_REQUEST, 'return', '');
$preview = intval(defaults($_REQUEST, 'preview', 0));
@@ -68,9 +73,9 @@ function item_post(App $a) {
* Note that we have to ignore previews, otherwise nothing will post
* after it's been previewed
*/
- if (!$preview && x($_REQUEST, 'post_id_random')) {
- if (x($_SESSION, 'post-random') && $_SESSION['post-random'] == $_REQUEST['post_id_random']) {
- logger("item post: duplicate post", LOGGER_DEBUG);
+ if (!$preview && !empty($_REQUEST['post_id_random'])) {
+ if (!empty($_SESSION['post-random']) && $_SESSION['post-random'] == $_REQUEST['post_id_random']) {
+ Logger::log("item post: duplicate post", Logger::DEBUG);
item_post_return(System::baseUrl(), $api_source, $return_path);
} else {
$_SESSION['post-random'] = $_REQUEST['post_id_random'];
@@ -102,7 +107,6 @@ function item_post(App $a) {
// if this isn't the real parent of the conversation, find it
if (DBA::isResult($parent_item)) {
-
// The URI and the contact is taken from the direct parent which needn't to be the top parent
$thr_parent_uri = $parent_item['uri'];
$thr_parent_contact = Contact::getDetailsByURL($parent_item["author-link"]);
@@ -114,8 +118,8 @@ function item_post(App $a) {
if (!DBA::isResult($parent_item)) {
notice(L10n::t('Unable to locate original post.') . EOL);
- if (x($_REQUEST, 'return')) {
- goaway($return_path);
+ if (!empty($_REQUEST['return'])) {
+ $a->internalRedirect($return_path);
}
killme();
}
@@ -129,14 +133,20 @@ function item_post(App $a) {
}
if ($parent) {
- logger('mod_item: item_post parent=' . $parent);
+ Logger::log('mod_item: item_post parent=' . $parent);
}
$post_id = intval(defaults($_REQUEST, 'post_id', 0));
$app = strip_tags(defaults($_REQUEST, 'source', ''));
$extid = strip_tags(defaults($_REQUEST, 'extid', ''));
$object = defaults($_REQUEST, 'object', '');
- $wall = intval(defaults($_REQUEST, 'wall', 1));
+
+ // Don't use "defaults" here. It would turn 0 to 1
+ if (!isset($_REQUEST['wall'])) {
+ $wall = 1;
+ } else {
+ $wall = $_REQUEST['wall'];
+ }
// Ensure that the user id in a thread always stay the same
if (!is_null($parent_user) && in_array($parent_user, [local_user(), 0])) {
@@ -145,21 +155,21 @@ function item_post(App $a) {
// Check for multiple posts with the same message id (when the post was created via API)
if (($message_id != '') && ($profile_uid != 0)) {
- if (DBA::exists('item', ['uri' => $message_id, 'uid' => $profile_uid])) {
- logger("Message with URI ".$message_id." already exists for user ".$profile_uid, LOGGER_DEBUG);
- return;
+ if (Item::exists(['uri' => $message_id, 'uid' => $profile_uid])) {
+ Logger::log("Message with URI ".$message_id." already exists for user ".$profile_uid, Logger::DEBUG);
+ return 0;
}
}
// Allow commenting if it is an answer to a public post
- $allow_comment = local_user() && ($profile_uid == 0) && $parent && in_array($parent_item['network'], [NETWORK_OSTATUS, NETWORK_DIASPORA, NETWORK_DFRN]);
+ $allow_comment = local_user() && ($profile_uid == 0) && $parent && in_array($parent_item['network'], [Protocol::ACTIVITYPUB, Protocol::OSTATUS, Protocol::DIASPORA, Protocol::DFRN]);
// Now check that valid personal details have been provided
- if (!can_write_wall($profile_uid) && !$allow_comment) {
+ if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
notice(L10n::t('Permission denied.') . EOL) ;
- if (x($_REQUEST, 'return')) {
- goaway($return_path);
+ if (!empty($_REQUEST['return'])) {
+ $a->internalRedirect($return_path);
}
killme();
@@ -176,7 +186,7 @@ function item_post(App $a) {
$user = DBA::selectFirst('user', [], ['uid' => $profile_uid]);
if (!DBA::isResult($user) && !$parent) {
- return;
+ return 0;
}
$categories = '';
@@ -194,8 +204,8 @@ function item_post(App $a) {
$objecttype = $orig_post['object-type'];
$app = $orig_post['app'];
$categories = $orig_post['file'];
- $title = notags(trim($_REQUEST['title']));
- $body = escape_tags(trim($_REQUEST['body']));
+ $title = Strings::removeTags(trim($_REQUEST['title']));
+ $body = Strings::escapeHtml(trim($_REQUEST['body']));
$private = $orig_post['private'];
$pubmail_enabled = $orig_post['pubmail'];
$network = $orig_post['network'];
@@ -226,14 +236,14 @@ function item_post(App $a) {
$str_contact_deny = perms2str(defaults($_REQUEST, 'contact_deny', ''));
}
- $title = notags(trim(defaults($_REQUEST, 'title' , '')));
- $location = notags(trim(defaults($_REQUEST, 'location', '')));
- $coord = notags(trim(defaults($_REQUEST, 'coord' , '')));
- $verb = notags(trim(defaults($_REQUEST, 'verb' , '')));
- $emailcc = notags(trim(defaults($_REQUEST, 'emailcc' , '')));
- $body = escape_tags(trim(defaults($_REQUEST, 'body' , '')));
- $network = notags(trim(defaults($_REQUEST, 'network' , NETWORK_DFRN)));
- $guid = System::createGUID(32);
+ $title = Strings::removeTags(trim(defaults($_REQUEST, 'title' , '')));
+ $location = Strings::removeTags(trim(defaults($_REQUEST, 'location', '')));
+ $coord = Strings::removeTags(trim(defaults($_REQUEST, 'coord' , '')));
+ $verb = Strings::removeTags(trim(defaults($_REQUEST, 'verb' , '')));
+ $emailcc = Strings::removeTags(trim(defaults($_REQUEST, 'emailcc' , '')));
+ $body = Strings::escapeHtml(trim(defaults($_REQUEST, 'body' , '')));
+ $network = Strings::removeTags(trim(defaults($_REQUEST, 'network' , Protocol::DFRN)));
+ $guid = System::createUUID();
$postopts = defaults($_REQUEST, 'postopts', '');
@@ -247,8 +257,8 @@ function item_post(App $a) {
if ($parent_item) {
// for non native networks use the network of the original post as network of the item
- if (($parent_item['network'] != NETWORK_DIASPORA)
- && ($parent_item['network'] != NETWORK_OSTATUS)
+ if (($parent_item['network'] != Protocol::DIASPORA)
+ && ($parent_item['network'] != Protocol::OSTATUS)
&& ($network == "")) {
$network = $parent_item['network'];
}
@@ -276,24 +286,28 @@ function item_post(App $a) {
killme();
}
info(L10n::t('Empty post discarded.') . EOL);
- if (x($_REQUEST, 'return')) {
- goaway($return_path);
+ if (!empty($_REQUEST['return'])) {
+ $a->internalRedirect($return_path);
}
killme();
}
}
- if (!empty($categories)) {
+ if (!empty($categories))
+ {
// get the "fileas" tags for this post
- $filedas = file_tag_file_to_list($categories, 'file');
+ $filedas = FileTag::fileToList($categories, 'file');
}
+
// save old and new categories, so we can determine what needs to be deleted from pconfig
$categories_old = $categories;
- $categories = file_tag_list_to_file(trim(defaults($_REQUEST, 'category', '')), 'category');
+ $categories = FileTag::listToFile(trim(defaults($_REQUEST, 'category', '')), 'category');
$categories_new = $categories;
- if (!empty($filedas)) {
+
+ if (!empty($filedas))
+ {
// append the fileas stuff to the new categories list
- $categories .= file_tag_list_to_file($filedas, 'file');
+ $categories .= FileTag::listToFile($filedas, 'file');
}
// get contact info for poster
@@ -306,7 +320,7 @@ function item_post(App $a) {
$self = true;
$author = DBA::selectFirst('contact', [], ['uid' => local_user(), 'self' => true]);
} elseif (remote_user()) {
- if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
+ if (!empty($_SESSION['remote']) && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $profile_uid) {
$contact_id = $v['cid'];
@@ -334,22 +348,13 @@ function item_post(App $a) {
$str_tags = '';
$inform = '';
- $tags = get_tags($body);
-
- // Add a tag if the parent contact is from OStatus (This will notify them during delivery)
- if ($parent) {
- if ($thr_parent_contact['network'] == NETWORK_OSTATUS) {
- $contact = '@[url=' . $thr_parent_contact['url'] . ']' . $thr_parent_contact['nick'] . '[/url]';
- if (!stripos(implode($tags), '[url=' . $thr_parent_contact['url'] . ']')) {
- $tags[] = $contact;
- }
- }
+ $tags = BBCode::getTags($body);
- if ($parent_contact['network'] == NETWORK_OSTATUS) {
- $contact = '@[url=' . $parent_contact['url'] . ']' . $parent_contact['nick'] . '[/url]';
- if (!stripos(implode($tags), '[url=' . $parent_contact['url'] . ']')) {
- $tags[] = $contact;
- }
+ // Add a tag if the parent contact is from ActivityPub or OStatus (This will notify them)
+ if ($parent && in_array($thr_parent_contact['network'], [Protocol::OSTATUS, Protocol::ACTIVITYPUB])) {
+ $contact = '@[url=' . $thr_parent_contact['url'] . ']' . $thr_parent_contact['nick'] . '[/url]';
+ if (!stripos(implode($tags), '[url=' . $thr_parent_contact['url'] . ']')) {
+ $tags[] = $contact;
}
}
@@ -388,12 +393,12 @@ function item_post(App $a) {
$tagged[] = $tag;
}
// When the forum is private or the forum is addressed with a "!" make the post private
- if (is_array($success['contact']) && ($success['contact']['prv'] || ($tag_type == '!'))) {
+ if (is_array($success['contact']) && (!empty($success['contact']['prv']) || ($tag_type == '!'))) {
$private_forum = $success['contact']['prv'];
$only_to_forum = ($tag_type == '!');
$private_id = $success['contact']['id'];
$forum_contact = $success['contact'];
- } elseif (is_array($success['contact']) && $success['contact']['forum'] &&
+ } elseif (is_array($success['contact']) && !empty($success['contact']['forum']) &&
($str_contact_allow == '<' . $success['contact']['id'] . '>')) {
$private_forum = false;
$only_to_forum = true;
@@ -553,7 +558,7 @@ function item_post(App $a) {
}
if ($network == "") {
- $network = NETWORK_DFRN;
+ $network = Protocol::DFRN;
}
$gravity = ($parent ? GRAVITY_COMMENT : GRAVITY_PARENT);
@@ -561,7 +566,12 @@ function item_post(App $a) {
// even if the post arrived via API we are considering that it
// originated on this site by default for determining relayability.
- $origin = intval(defaults($_REQUEST, 'origin', 1));
+ // Don't use "defaults" here. It would turn 0 to 1
+ if (!isset($_REQUEST['origin'])) {
+ $origin = 1;
+ } else {
+ $origin = $_REQUEST['origin'];
+ }
$notify_type = ($parent ? 'comment-new' : 'wall-new');
@@ -633,7 +643,7 @@ function item_post(App $a) {
$datarray['api_source'] = $api_source;
// This field is for storing the raw conversation data
- $datarray['protocol'] = PROTOCOL_DFRN;
+ $datarray['protocol'] = Conversation::PARCEL_DFRN;
$conversation = DBA::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $datarray['parent-uri']]);
if (DBA::isResult($conversation)) {
@@ -663,24 +673,24 @@ function item_post(App $a) {
// doesn't have an ID.
$datarray["id"] = -1;
$datarray["item_id"] = -1;
- $datarray["author-network"] = NETWORK_DFRN;
+ $datarray["author-network"] = Protocol::DFRN;
- $o = conversation($a,[array_merge($contact_record,$datarray)],'search', false, true);
- logger('preview: ' . $o);
+ $o = conversation($a, [array_merge($contact_record, $datarray)], new Pager($a->query_string), 'search', false, true);
+ Logger::log('preview: ' . $o);
echo json_encode(['preview' => $o]);
- killme();
+ exit();
}
Addon::callHooks('post_local',$datarray);
- if (x($datarray, 'cancel')) {
- logger('mod_item: post cancelled by addon.');
+ if (!empty($datarray['cancel'])) {
+ Logger::log('mod_item: post cancelled by addon.');
if ($return_path) {
- goaway($return_path);
+ $a->internalRedirect($return_path);
}
$json = ['cancel' => 1];
- if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) {
+ if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
$json['reload'] = System::baseUrl() . '/' . $_REQUEST['jsreload'];
}
@@ -688,11 +698,10 @@ function item_post(App $a) {
killme();
}
- if ($orig_post) {
-
+ if ($orig_post) {
// Fill the cache field
// This could be done in Item::update as well - but we have to check for the existance of some fields.
- put_item_in_cache($datarray);
+ Item::putInCache($datarray);
$fields = [
'title' => $datarray['title'],
@@ -708,11 +717,11 @@ function item_post(App $a) {
Item::update($fields, ['id' => $post_id]);
// update filetags in pconfig
- file_tag_update_pconfig($uid,$categories_old,$categories_new,'category');
+ FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category');
- if (x($_REQUEST, 'return') && strlen($return_path)) {
- logger('return: ' . $return_path);
- goaway($return_path);
+ if (!empty($_REQUEST['return']) && strlen($return_path)) {
+ Logger::log('return: ' . $return_path);
+ $a->internalRedirect($return_path);
}
killme();
} else {
@@ -723,22 +732,29 @@ function item_post(App $a) {
unset($datarray['self']);
unset($datarray['api_source']);
+ if ($origin) {
+ $signed = Diaspora::createCommentSignature($uid, $datarray);
+ if (!empty($signed)) {
+ $datarray['diaspora_signed_text'] = json_encode($signed);
+ }
+ }
+
$post_id = Item::insert($datarray);
if (!$post_id) {
- logger("Item wasn't stored.");
- goaway($return_path);
+ Logger::log("Item wasn't stored.");
+ $a->internalRedirect($return_path);
}
$datarray = Item::selectFirst(Item::ITEM_FIELDLIST, ['id' => $post_id]);
if (!DBA::isResult($datarray)) {
- logger("Item with id ".$post_id." couldn't be fetched.");
- goaway($return_path);
+ Logger::log("Item with id ".$post_id." couldn't be fetched.");
+ $a->internalRedirect($return_path);
}
// update filetags in pconfig
- file_tag_update_pconfig($uid, $categories_old, $categories_new, 'category');
+ FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category');
// These notifications are sent if someone else is commenting other your wall
if ($parent) {
@@ -761,9 +777,6 @@ function item_post(App $a) {
'parent_uri' => $parent_item['uri']
]);
}
-
- // Store the comment signature information in case we need to relay to Diaspora
- Diaspora::storeCommentSignature($datarray, $author, ($self ? $user['prvkey'] : false), $post_id);
} else {
if (($contact_record != $author) && !count($forum_contact)) {
notification([
@@ -804,7 +817,7 @@ function item_post(App $a) {
$subject = Email::encodeHeader('[Friendica]' . ' ' . L10n::t('%s posted an update.', $a->user['username']), 'UTF-8');
}
$link = '![' . $a->user['username'] . '](' . $author['thumb'] . ')
';
- $html = prepare_body($datarray);
+ $html = Item::prepareBody($datarray);
$message = '' . $link . $html . $disclaimer . '';
$params = [
'fromName' => $a->user['username'],
@@ -826,60 +839,73 @@ function item_post(App $a) {
// We don't fork a new process since this is done anyway with the following command
Worker::add(['priority' => PRIORITY_HIGH, 'dont_fork' => true], "CreateShadowEntry", $post_id);
- // Call the background process that is delivering the item to the receivers
- Worker::add(PRIORITY_HIGH, "Notifier", $notify_type, $post_id);
+ // When we are doing some forum posting via ! we have to start the notifier manually.
+ // These kind of posts don't initiate the notifier call in the item class.
+ if ($only_to_forum) {
+ Worker::add(PRIORITY_HIGH, "Notifier", $notify_type, $post_id);
+ }
+
+ Logger::log('post_complete');
- logger('post_complete');
+ if ($api_source) {
+ return $post_id;
+ }
item_post_return(System::baseUrl(), $api_source, $return_path);
// NOTREACHED
}
-function item_post_return($baseurl, $api_source, $return_path) {
+function item_post_return($baseurl, $api_source, $return_path)
+{
// figure out how to return, depending on from whence we came
+ $a = get_app();
if ($api_source) {
return;
}
if ($return_path) {
- goaway($return_path);
+ $a->internalRedirect($return_path);
}
$json = ['success' => 1];
- if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) {
+ if (!empty($_REQUEST['jsreload']) && strlen($_REQUEST['jsreload'])) {
$json['reload'] = $baseurl . '/' . $_REQUEST['jsreload'];
}
- logger('post_json: ' . print_r($json,true), LOGGER_DEBUG);
+ Logger::log('post_json: ' . print_r($json, true), Logger::DEBUG);
echo json_encode($json);
killme();
}
-
-
-function item_content(App $a) {
-
+function item_content(App $a)
+{
if (!local_user() && !remote_user()) {
return;
}
- require_once 'include/security.php';
-
$o = '';
- if (($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
- if (is_ajax()) {
+
+ if (($a->argc >= 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
+ if ($a->isAjax()) {
$o = Item::deleteForUser(['id' => $a->argv[2]], local_user());
} else {
- $o = drop_item($a->argv[2]);
+ if (!empty($a->argv[3])) {
+ $o = drop_item($a->argv[2], $a->argv[3]);
+ }
+ else {
+ $o = drop_item($a->argv[2]);
+ }
}
- if (is_ajax()) {
+
+ if ($a->isAjax()) {
// ajax return: [- , 0 (no perm) | ]
echo json_encode([intval($a->argv[2]), intval($o)]);
killme();
}
}
+
return $o;
}
@@ -920,12 +946,15 @@ function handle_tag(App $a, &$body, &$inform, &$str_tags, $profile_uid, $tag, $n
$pattern = "/[@!]\[url\=(.*?)\](.*?)\[\/url\]/ism";
if (preg_match($pattern, $tag, $matches)) {
$data = Contact::getDetailsByURL($matches[1]);
+
if ($data["alias"] != "") {
$newtag = '@[url=' . $data["alias"] . ']' . $data["nick"] . '[/url]';
+
if (!stripos($str_tags, '[url=' . $data["alias"] . ']')) {
if (strlen($str_tags)) {
$str_tags .= ',';
}
+
$str_tags .= $newtag;
}
}
@@ -933,6 +962,7 @@ function handle_tag(App $a, &$body, &$inform, &$str_tags, $profile_uid, $tag, $n
return $replaced;
}
+
$stat = false;
//get the person's name
$name = substr($tag, 1);
@@ -954,7 +984,7 @@ function handle_tag(App $a, &$body, &$inform, &$str_tags, $profile_uid, $tag, $n
$contact = Contact::getDetailsByAddr($name);
} else {
$contact = false;
- $fields = ['id', 'url', 'nick', 'name', 'alias', 'network'];
+ $fields = ['id', 'url', 'nick', 'name', 'alias', 'network', 'forum', 'prv'];
if (strrpos($name, '+')) {
// Is it in format @nick+number?
@@ -988,7 +1018,8 @@ function handle_tag(App $a, &$body, &$inform, &$str_tags, $profile_uid, $tag, $n
}
}
- if ($contact) {
+ // Check if $contact has been successfully loaded
+ if (DBA::isResult($contact)) {
if (strlen($inform) && (isset($contact["notify"]) || isset($contact["id"]))) {
$inform .= ',';
}
@@ -1001,11 +1032,7 @@ function handle_tag(App $a, &$body, &$inform, &$str_tags, $profile_uid, $tag, $n
$profile = $contact["url"];
$alias = $contact["alias"];
- $newname = $contact["nick"];
- if (($newname == "") || (($contact["network"] != NETWORK_OSTATUS) && ($contact["network"] != NETWORK_TWITTER)
- && ($contact["network"] != NETWORK_STATUSNET) && ($contact["network"] != NETWORK_APPNET))) {
- $newname = $contact["name"];
- }
+ $newname = defaults($contact, "name", $contact["nick"]);
}
//if there is an url for this persons profile