X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=430500f99876906ef5d4fe1d48d05f31c3748e44;hb=9be5a7c750e2634a37529945ced226e0cb06c274;hp=acb97a062607ba32277341af8fafb60ec1f0a0ea;hpb=0a4c5a694dee12570814ae8950280810806786d9;p=friendica.git

diff --git a/mod/item.php b/mod/item.php
index acb97a0626..430500f998 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -1,5 +1,12 @@
 <?php
 
+// This is the POST destination for most all locally posted
+// text stuff. This function handles status, wall-to-wall status, 
+// local comments, and remote coments - that are posted on this site 
+// (as opposed to being delivered in a feed).
+// All of these become an "item" which is our basic unit of 
+// information. 
+
 function item_post(&$a) {
 
 	if((! local_user()) && (! remote_user()))
@@ -7,8 +14,7 @@ function item_post(&$a) {
 
 	require_once('include/security.php');
 
-	$uid = $_SESSION['uid'];
-
+	$uid = local_user();
 
 	$parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0);
 
@@ -27,41 +33,31 @@ function item_post(&$a) {
 
 	$profile_uid = ((x($_POST,'profile_uid')) ? intval($_POST['profile_uid']) : 0);
 
+
 	if(! can_write_wall($a,$profile_uid)) {
-		notice("Permission denied." . EOL) ;
+		notice( t('Permission denied.') . EOL) ;
 		return;
 	}
-	
-	$str_group_allow = '';
-	$group_allow = $_POST['group_allow'];
-	if(is_array($group_allow)) {
-		array_walk($group_allow,'sanitise_acl');
-		$str_group_allow = implode('',$group_allow);
-	}
 
-	$str_contact_allow = '';
-	$contact_allow = $_POST['contact_allow'];
-	if(is_array($contact_allow)) {
-		array_walk($contact_allow,'sanitise_acl');
-		$str_contact_allow = implode('',$contact_allow);
-	}
+	$user = null;
 
-	$str_group_deny = '';
-	$group_deny = $_POST['group_deny'];
-	if(is_array($group_deny)) {
-		array_walk($group_deny,'sanitise_acl');
-		$str_group_deny = implode('',$group_deny);
-	}
+	$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+		intval($profile_uid)
+	);
+	if(count($r))
+		$user = $r[0];
+	
 
-	$str_contact_deny = '';
-	$contact_deny = $_POST['contact_deny'];
-	if(is_array($contact_deny)) {
-		array_walk($contact_deny,'sanitise_acl');
-		$str_contact_deny = implode('',$contact_deny);
-	}
+	$str_group_allow   = perms2str($_POST['group_allow']);
+	$str_contact_allow = perms2str($_POST['contact_allow']);
+	$str_group_deny    = perms2str($_POST['group_deny']);
+	$str_contact_deny  = perms2str($_POST['contact_deny']);
 
-	$title = notags(trim($_POST['title']));
-	$body = escape_tags(trim($_POST['body']));
+	$title             = notags(trim($_POST['title']));
+	$body              = escape_tags(trim($_POST['body']));
+	$location          = notags(trim($_POST['location']));
+	$coord             = notags(trim($_POST['coord']));
+	$verb              = notags(trim($_POST['verb']));
 
 	if(! strlen($body)) {
 		notice( t('Empty post discarded.') . EOL );
@@ -71,64 +67,155 @@ function item_post(&$a) {
 
 	// get contact info for poster
 
-	if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) {
-		$contact_id = $_SESSION['visitor_id'];
+	$author = null;
+
+	if(($_SESSION['uid']) && ($_SESSION['uid'] == $profile_uid)) {
+		$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+			intval($_SESSION['uid'])
+		);
 	}
 	else {
-		$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-			intval($_SESSION['uid']));
-		if(count($r))
-			$contact_id = $r[0]['id'];
+		if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) {
+			$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
+				intval($_SESSION['visitor_id'])
+			);
+		}
+	}
+
+	if(count($r)) {
+		$author = $r[0];
+		$contact_id = $author['id'];
 	}
 
 	// get contact info for owner
 	
-	$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-		intval($profile_uid)
-	);
-	if(count($r))
-		$contact_record = $r[0];
+	if($profile_uid == $_SESSION['uid']) {
+		$contact_record = $author;
+	}
+	else {
+		$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+			intval($profile_uid)
+		);
+		if(count($r))
+			$contact_record = $r[0];
+	}
 
-	$post_type == notags(trim($_POST['type']));
+	$post_type = notags(trim($_POST['type']));
 
-	if($post_type == 'net-comment') {
+	if($post_type === 'net-comment') {
 		if($parent_item !== null) {
-			if($parent_item['type'] == 'remote')
+			if($parent_item['type'] === 'remote') {
 				$post_type = 'remote-comment';
-			else		
+			} 
+			else {		
 				$post_type = 'wall-comment';
+			}
 		}
 	}
 
-	$notify_type = (($parent) ? 'comment-new' : 'wall-new' );
+	$str_tags = '';
+	$inform   = '';
 
-	do {
-		$dups = false;
-		$hash = random_string();
+	$tags = get_tags($body);
 
-		$uri = "urn:X-dfrn:" . $a->get_hostname() . ':' . $profile_uid . ':' . $hash;
 
-		$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1",
-			dbesc($uri));
-		if(count($r))
-			$dups = true;
-	} while($dups == true);
+	if(count($tags)) {
+		foreach($tags as $tag) {
+			if(strpos($tag,'#') === 0) {
+				$basetag = substr($tag,1);
+				$body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?search=' . urlencode($basetag) . ']' . $basetag . '[/url]',$body);
+				continue;
+			}
+			if(strpos($tag,'@') === 0) {
+				$name = substr($tag,1);
+				if((strpos($name,'@')) || (strpos($name,'http://'))) {
+					$newname = $name;
+					$links = @lrdd($name);
+					if(count($links)) {
+						foreach($links as $link) {
+							if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
+                    			$profile = $link['@attributes']['href'];
+							if($link['@attributes']['rel'] === 'salmon') {
+								if(strlen($inform))
+									$inform .= ',';
+                    			$inform .= 'url:' . str_replace(',','%2c',$link['@attributes']['href']);
+							}
+						}
+					}
+				}
+				else {
+					$newname = $name;
+					if(strstr($name,'_')) {
+						$newname = str_replace('_',' ',$name);
+						$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
+							dbesc($newname),
+							intval($profile_uid)
+						);
+					}
+					else {
+						$r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1",
+							dbesc($name),
+							intval($profile_uid)
+						);
+					}
+					if(count($r)) {
+						$profile = $r[0]['url'];
+						$newname = $r[0]['name'];
+						if(strlen($inform))
+							$inform .= ',';
+						$inform .= 'cid:' . $r[0]['id'];
+					}
+				}
+				if($profile) {
+					$body = str_replace($name,'[url=' . $profile . ']' . $newname	. '[/url]', $body);
+					if(strlen($str_tags))
+						$str_tags .= ',';
+					$profile = str_replace(',','%2c',$profile);
+					$str_tags .= '@[url=' . $profile . ']' . $newname	. '[/url]';
+				}
+			}
+		}
+	}
+
+	$wall = 0;
+	if($post_type === 'wall' || $post_type === 'wall-comment')
+		$wall = 1;
 
+	if(! strlen($verb))
+		$verb = ACTIVITY_POST ;
 
-	$r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `created`,
-		`edited`, `uri`, `title`, `body`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`)
-		VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
+	$gravity = (($parent) ? 6 : 0 );
+ 
+	$notify_type = (($parent) ? 'comment-new' : 'wall-new' );
+
+	$uri = item_new_uri($a->get_hostname(),$profile_uid);
+
+	$r = q("INSERT INTO `item` (`uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, 
+		`author-name`, `author-link`, `author-avatar`, `created`, `edited`, `changed`, `uri`, `title`, `body`, `location`, `coord`, 
+		`tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`)
+		VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
 		intval($profile_uid),
 		dbesc($post_type),
+		intval($wall),
+		intval($gravity),
 		intval($contact_id),
 		dbesc($contact_record['name']),
 		dbesc($contact_record['url']),
 		dbesc($contact_record['thumb']),
-		datetime_convert(),
-		datetime_convert(),
+		dbesc($author['name']),
+		dbesc($author['url']),
+		dbesc($author['thumb']),
+		dbesc(datetime_convert()),
+		dbesc(datetime_convert()),
+		dbesc(datetime_convert()),
 		dbesc($uri),
 		dbesc($title),
 		dbesc($body),
+		dbesc($location),
+		dbesc($coord),
+		dbesc($str_tags),
+		dbesc($inform),
+		dbesc($verb),
 		dbesc($str_contact_allow),
 		dbesc($str_group_allow),
 		dbesc($str_contact_deny),
@@ -142,7 +229,8 @@ function item_post(&$a) {
 		if($parent) {
 
 			// This item is the last leaf and gets the comment box, clear any ancestors
-			$r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent` = %d ",
+			$r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent` = %d ",
+				dbesc(datetime_convert()),
 				intval($parent)
 			);
 
@@ -157,27 +245,72 @@ function item_post(&$a) {
 				dbesc($parent_item['deny_gid']),
 				intval($post_id)
 			);
+
+			// Send a notification email to the conversation owner, unless the owner is me and I wrote this item
+			if(($user['notify-flags'] & NOTIFY_COMMENT) && ($contact_record != $author)) {
+				require_once('bbcode.php');
+				$from = $author['name'];
+				$tpl = load_view_file('view/cmnt_received_eml.tpl');			
+				$email_tpl = replace_macros($tpl, array(
+					'$sitename' => $a->config['sitename'],
+					'$siteurl' =>  $a->get_baseurl(),
+					'$username' => $user['username'],
+					'$email' => $user['email'],
+					'$from' => $from,
+					'$display' => $a->get_baseurl() . '/display/' . $post_id,
+					'$body' => strip_tags(bbcode($body))
+				));
+
+				$res = mail($user['email'], $from . t(" commented on your item at ") . $a->config['sitename'],
+					$email_tpl,t("From: Administrator@") . $a->get_hostname() );
+			}
 		}
 		else {
 			$parent = $post_id;
+
+			// let me know if somebody did a wall-to-wall post on my profile
+
+			if(($user['notify-flags'] & NOTIFY_WALL) && ($contact_record != $author)) {
+				require_once('bbcode.php');
+				$from = $author['name'];
+				$tpl = load_view_file('view/wall_received_eml.tpl');			
+				$email_tpl = replace_macros($tpl, array(
+					'$sitename' => $a->config['sitename'],
+					'$siteurl' =>  $a->get_baseurl(),
+					'$username' => $user['username'],
+					'$email' => $user['email'],
+					'$from' => $from,
+					'$display' => $a->get_baseurl() . '/display/' . $post_id,
+					'$body' => strip_tags(bbcode($body))
+				));
+
+				$res = mail($user['email'], $from . t(" posted on your profile wall at ") . $a->config['sitename'],
+					$email_tpl,t("From: Administrator@") . $a->get_hostname() );
+			}
 		}
 
-		$r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `last-child` = 1, `visible` = 1
+		$r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `changed` = '%s', `last-child` = 1, `visible` = 1
 			WHERE `id` = %d LIMIT 1",
 			intval($parent),
 			dbesc(($parent == $post_id) ? $uri : $parent_item['uri']),
+			dbesc(datetime_convert()),
 			intval($post_id)
 		);
+
 		// photo comments turn the corresponding item visible to the profile wall
+		// This way we don't see every picture in your new photo album posted to your wall at once.
+		// They will show up as people comment on them.
+
 		if(! $parent_item['visible']) {
-			$r = q("UPDATE `item` SET `visible = 1 WHERE `id` = %d LIMIT 1",
+			$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d LIMIT 1",
 				intval($parent_item['id'])
 			);
 		}
 	}
-	$url = $a->get_baseurl();
 
-	proc_close(proc_open("php include/notifier.php \"$url\" \"$notify_type\" \"$post_id\" > notify.log &",
+	$php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
+
+	proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"$notify_type\" \"$post_id\" &",
 		array(),$foo));
 
 	goaway($a->get_baseurl() . "/" . $_POST['return'] );
@@ -193,7 +326,7 @@ function item_content(&$a) {
 
 	$uid = $_SESSION['uid'];
 
-	if(($a->argc == 3) && ($a->argv[1] == 'drop') && intval($a->argv[2])) {
+	if(($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
 
 		// locate item to be deleted
 
@@ -202,7 +335,7 @@ function item_content(&$a) {
 		);
 
 		if(! count($r)) {
-			notice("Item not found." . EOL);
+			notice( t('Item not found.') . EOL);
 			goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
 		}
 		$item = $r[0];
@@ -213,7 +346,8 @@ function item_content(&$a) {
 
 			// delete the item
 
-			$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' WHERE `id` = %d LIMIT 1",
+			$r = q("UPDATE `item` SET `deleted` = 1, `body` = '', `edited` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1",
+				dbesc(datetime_convert()),
 				dbesc(datetime_convert()),
 				intval($item['id'])
 			);
@@ -234,30 +368,48 @@ function item_content(&$a) {
 			// If it's the parent of a comment thread, kill all the kids
 
 			if($item['uri'] == $item['parent-uri']) {
-				$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' 
+				$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s', `body` = '' 
 					WHERE `parent-uri` = '%s' AND `uid` = %d ",
 					dbesc(datetime_convert()),
+					dbesc(datetime_convert()),
 					dbesc($item['parent-uri']),
 					intval($item['uid'])
 				);
 				// ignore the result
 			}
-
-			$url = $a->get_baseurl();
+			else {
+				// ensure that last-child is set in case the comment that had it just got wiped.
+				q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ",
+					dbesc(datetime_convert()),
+					dbesc($item['parent-uri']),
+					intval($item['uid'])
+				);
+				// who is the last child now? 
+				$r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d ORDER BY `edited` DESC LIMIT 1",
+					dbesc($item['parent-uri']),
+					intval($item['uid'])
+				);
+				if(count($r)) {
+					q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1",
+						intval($r[0]['id'])
+					);
+				}	
+			}
 			$drop_id = intval($item['id']);
-
+			$php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
+			
 			// send the notification upstream/downstream as the case may be
 
-			proc_close(proc_open("php include/notifier.php \"$url\" \"drop\" \"$drop_id\" > notify.log &",
-				array(),$foo));
+			proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"drop\" \"$drop_id\" &",
+				array(), $foo));
 
 			goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
 			return; //NOTREACHED
 		}
 		else {
-			notice("Permission denied." . EOL);
+			notice( t('Permission denied.') . EOL);
 			goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
-			return; //NOTREACHED
+			//NOTREACHED
 		}
 	}
 }
\ No newline at end of file