X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=552d3e3b3c339b6091722e48aa098126b124dc60;hb=6d7b0182376d6ce0cfa2c4e01500ff321b9e9b51;hp=4de9dc59f8e2df9b552a9309ad04c429cabd80e5;hpb=bbe53699f26bfa4e4d17da097fd8f2fc14da47dd;p=friendica.git diff --git a/mod/item.php b/mod/item.php index 4de9dc59f8..552d3e3b3c 100644 --- a/mod/item.php +++ b/mod/item.php @@ -5,13 +5,15 @@ function sanitise_acl(&$item) { } function item_post(&$a) { -dbg(3); + if((! local_user()) && (! remote_user())) return; require_once('include/security.php'); $uid = $_SESSION['uid']; + + $parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0); $parent_item = null; @@ -91,10 +93,16 @@ dbg(3); if(count($r)) $contact_record = $r[0]; + $post_type == notags(trim($_POST['type'])); + + if($post_type == 'net-comment') { + if($parent_item !== null && $parent_item['type'] != 'remote') + $post_type = 'wall-comment'; + } $notify_type = (($parent) ? 'comment-new' : 'wall-new' ); - if(($_POST['type'] == 'wall') || ($_POST['type'] == 'wall-comment')) { + if(($_POST['type'] == 'wall') || ($_POST['type'] == 'wall-comment') || ($_POST['type'] == 'net-comment')) { do { $dups = false; @@ -170,6 +178,70 @@ dbg(3); array(),$foo)); } -// goaway($a->get_baseurl() . "/" . $_POST['return'] ); + goaway($a->get_baseurl() . "/" . $_POST['return'] ); return; // NOTREACHED +} + +function item_content(&$a) { + + if((! local_user()) && (! remote_user())) + return; + + require_once('include/security.php'); + + $uid = $_SESSION['uid']; + + if(($a->argc == 3) && ($a->argv[1] == 'drop') && intval($a->argv[2])) { + + // locate item to be deleted + + $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", + intval($a->argv[2]) + ); + + if(! count($r)) { + notice("Item not found." . EOL); + goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); + } + $item = $r[0]; + + // check if logged in user is either the author or owner of this item + + if(($_SESSION['visitor_id'] == $item['contact-id']) || ($_SESSION['uid'] == $item['uid'])) { + + // delete the item + + $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' WHERE `id` = %d LIMIT 1", + dbesc(datetime_convert()), + intval($item['id']) + ); + + // If it's the parent of a comment thread, kill all the kids + + if($item['uri'] == $item['parent-uri']) { + $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' + WHERE `parent-uri` = '%s' AND `uid` = %d ", + dbesc(datetime_convert()), + dbesc($item['parent-uri']), + intval($item['uid']) + ); + } + + $url = $a->get_baseurl(); + $drop_id = intval($item['id']); + + // send the notification upstream/downstream as the case may be + + proc_close(proc_open("php include/notifier.php \"$url\" \"drop\" \"$drop_id\" > notify.log &", + array(),$foo)); + + goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); + return; //NOTREACHED + } + else { + notice("Permission denied." . EOL); + goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); + return; //NOTREACHED + } + } } \ No newline at end of file