X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=552d3e3b3c339b6091722e48aa098126b124dc60;hb=6d7b0182376d6ce0cfa2c4e01500ff321b9e9b51;hp=1584c7ddbdb939e945241af2e17345cb2ad789c2;hpb=aff4f63ff8e005bb3ce1d726405fd6d5d2dcfa60;p=friendica.git

diff --git a/mod/item.php b/mod/item.php
index 1584c7ddbd..552d3e3b3c 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -12,6 +12,8 @@ function item_post(&$a) {
 	require_once('include/security.php');
 
 	$uid = $_SESSION['uid'];
+
+
 	$parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0);
 
 	$parent_item = null;
@@ -91,34 +93,42 @@ function item_post(&$a) {
 	if(count($r))
 		$contact_record = $r[0];
 
+	$post_type == notags(trim($_POST['type']));
+
+	if($post_type == 'net-comment') {
+		if($parent_item !== null && $parent_item['type'] != 'remote')		
+			$post_type = 'wall-comment';
+	}
 
 	$notify_type = (($parent) ? 'comment-new' : 'wall-new' );
 
-	if(($_POST['type'] == 'wall') || ($_POST['type'] == 'wall-comment')) {
+	if(($_POST['type'] == 'wall') || ($_POST['type'] == 'wall-comment') || ($_POST['type'] == 'net-comment')) {
 
 		do {
 			$dups = false;
 			$hash = random_string();
-			$r = q("SELECT `id` FROM `item` WHERE `hash` = '%s' LIMIT 1",
-			dbesc($hash));
+
+			$uri = "urn:X-dfrn:" . $a->get_hostname() . ':' . $profile_uid . ':' . $hash;
+
+			$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1",
+			dbesc($uri));
 			if(count($r))
 				$dups = true;
 		} while($dups == true);
 
 
-		$r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `remote-id`, `created`,`edited`,`hash`,`body`,
-			`allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`)
-			VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
+		$r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `created`,
+			`edited`, `uri`, `body`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`)
+			VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
 			intval($profile_uid),
 			dbesc($_POST['type']),
 			intval($contact_id),
 			dbesc($contact_record['name']),
 			dbesc($contact_record['url']),
 			dbesc($contact_record['thumb']),
-			dbesc("urn:X-dfrn:" . $a->get_baseurl() . ':' . intval($profile_uid) . ':' . $hash),
 			datetime_convert(),
 			datetime_convert(),
-			dbesc($hash),
+			dbesc($uri),
 			dbesc(escape_tags(trim($_POST['body']))),
 			dbesc($str_contact_allow),
 			dbesc($str_group_allow),
@@ -126,8 +136,8 @@ function item_post(&$a) {
 			dbesc($str_group_deny)
 
 		);
-		$r = q("SELECT `id` FROM `item` WHERE `hash` = '%s' LIMIT 1",
-			dbesc($hash));
+		$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1",
+			dbesc($uri));
 		if(count($r)) {
 			$post_id = $r[0]['id'];
 
@@ -154,13 +164,15 @@ function item_post(&$a) {
 				$parent = $post_id;
 			}
 
-			$r = q("UPDATE `item` SET `parent` = %d, `last-child` = 1, `visible` = 1
+			$r = q("UPDATE `item` SET `parent` = %d, `parent-uri` = '%s', `last-child` = 1, `visible` = 1
 				WHERE `id` = %d LIMIT 1",
 				intval($parent),
-				intval($post_id));
+				dbesc(($parent == $post_id) ? $uri : $parent_item['uri']),
+				intval($post_id)
+			);
 		}
 
-		$url = bin2hex($a->get_baseurl());
+		$url = $a->get_baseurl();
 
 		proc_close(proc_open("php include/notifier.php \"$url\" \"$notify_type\" \"$post_id\" > notify.log &",
 			array(),$foo));
@@ -168,4 +180,68 @@ function item_post(&$a) {
 	}
 	goaway($a->get_baseurl() . "/" . $_POST['return'] );
 	return; // NOTREACHED
+}
+
+function item_content(&$a) {
+
+	if((! local_user()) && (! remote_user()))
+		return;
+
+	require_once('include/security.php');
+
+	$uid = $_SESSION['uid'];
+
+	if(($a->argc == 3) && ($a->argv[1] == 'drop') && intval($a->argv[2])) {
+
+		// locate item to be deleted
+
+		$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1",
+			intval($a->argv[2])
+		);
+
+		if(! count($r)) {
+			notice("Item not found." . EOL);
+			goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+		}
+		$item = $r[0];
+
+		// check if logged in user is either the author or owner of this item
+
+		if(($_SESSION['visitor_id'] == $item['contact-id']) || ($_SESSION['uid'] == $item['uid'])) {
+
+			// delete the item
+
+			$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' WHERE `id` = %d LIMIT 1",
+				dbesc(datetime_convert()),
+				intval($item['id'])
+			);
+
+			// If it's the parent of a comment thread, kill all the kids
+
+			if($item['uri'] == $item['parent-uri']) {
+				$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' 
+					WHERE `parent-uri` = '%s' AND `uid` = %d ",
+					dbesc(datetime_convert()),
+					dbesc($item['parent-uri']),
+					intval($item['uid'])
+				);
+			}
+
+			$url = $a->get_baseurl();
+			$drop_id = intval($item['id']);
+
+			// send the notification upstream/downstream as the case may be
+
+			proc_close(proc_open("php include/notifier.php \"$url\" \"drop\" \"$drop_id\" > notify.log &",
+				array(),$foo));
+
+			goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+			return; //NOTREACHED
+		}
+		else {
+			notice("Permission denied." . EOL);
+			goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
+			return; //NOTREACHED
+		}
+	}
 }
\ No newline at end of file