X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=99251a4a47dfaf11b7bfa38be49b78b434c0bbf9;hb=a16dba2941bb3507faa84a13df2001a61daa3e96;hp=69b5f52cdadbdb4d80d64a685554fdf00d6c914a;hpb=e6fb044e60e3c1df4a50c1a8b41ffbc18b4a9866;p=friendica.git

diff --git a/mod/item.php b/mod/item.php
index 69b5f52cda..99251a4a47 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -1,9 +1,22 @@
 <?php
 /**
- * @file mod/item.php
- */
-
-/*
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
  * This is the POST destination for most all locally posted
  * text stuff. This function handles status, wall-to-wall status,
  * local comments, and remote coments that are posted on this site
@@ -115,7 +128,7 @@ function item_post(App $a) {
 			$thread_parent_contact = Contact::getDetailsByURL($toplevel_item["author-link"]);
 
 			if ($toplevel_item['id'] != $toplevel_item['parent']) {
-				$toplevel_item = Item::selectFirst(Item::ITEM_FIELDLIST, ['id' => $toplevel_item['parent']]);
+				$toplevel_item = Item::selectFirst([], ['id' => $toplevel_item['parent']]);
 			}
 		}
 
@@ -248,33 +261,13 @@ function item_post(App $a) {
 		$network           = $orig_post['network'];
 		$guid              = $orig_post['guid'];
 		$extid             = $orig_post['extid'];
-
 	} else {
+		$aclFormatter = DI::aclFormatter();
 
-		/*
-		 * if coming from the API and no privacy settings are set,
-		 * use the user default permissions - as they won't have
-		 * been supplied via a form.
-		 */
-		if ($api_source
-			&& !array_key_exists('contact_allow', $_REQUEST)
-			&& !array_key_exists('group_allow', $_REQUEST)
-			&& !array_key_exists('contact_deny', $_REQUEST)
-			&& !array_key_exists('group_deny', $_REQUEST)) {
-			$str_group_allow   = $user['allow_gid'];
-			$str_contact_allow = $user['allow_cid'];
-			$str_group_deny    = $user['deny_gid'];
-			$str_contact_deny  = $user['deny_cid'];
-		} else {
-			// use the posted permissions
-
-			$aclFormatter = DI::aclFormatter();
-
-			$str_group_allow   = $aclFormatter->toString($_REQUEST['group_allow'] ?? '');
-			$str_contact_allow = $aclFormatter->toString($_REQUEST['contact_allow'] ?? '');
-			$str_group_deny    = $aclFormatter->toString($_REQUEST['group_deny'] ?? '');
-			$str_contact_deny  = $aclFormatter->toString($_REQUEST['contact_deny'] ?? '');
-		}
+		$str_group_allow   = isset($_REQUEST['group_allow'])   ? $aclFormatter->toString($_REQUEST['group_allow'])    : $user['allow_gid'] ?? '';
+		$str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact__allow']) : $user['allow_cid'] ?? '';
+		$str_group_deny    = isset($_REQUEST['group_deny'])    ? $aclFormatter->toString($_REQUEST['group_deny'])     : $user['deny_gid']  ?? '';
+		$str_contact_deny  = isset($_REQUEST['contact_deny'])  ? $aclFormatter->toString($_REQUEST['contact_deny'])   : $user['deny_cid']  ?? '';
 
 		$title             = Strings::escapeTags(trim($_REQUEST['title']    ?? ''));
 		$location          = Strings::escapeTags(trim($_REQUEST['location'] ?? ''));
@@ -287,7 +280,13 @@ function item_post(App $a) {
 
 		$postopts = $_REQUEST['postopts'] ?? '';
 
-		$private = ((strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) ? 1 : 0);
+		if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) {
+			$private = Item::PRIVATE;
+		} elseif (DI::pConfig()->get($profile_uid, 'system', 'unlisted')) {
+			$private = Item::UNLISTED;
+		} else {
+			$private = Item::PUBLIC;
+		}
 
 		// If this is a comment, set the permissions from the parent.
 
@@ -299,10 +298,10 @@ function item_post(App $a) {
 				$network = $toplevel_item['network'];
 			}
 
-			$str_contact_allow = $toplevel_item['allow_cid'];
-			$str_group_allow   = $toplevel_item['allow_gid'];
-			$str_contact_deny  = $toplevel_item['deny_cid'];
-			$str_group_deny    = $toplevel_item['deny_gid'];
+			$str_contact_allow = $toplevel_item['allow_cid'] ?? '';
+			$str_group_allow   = $toplevel_item['allow_gid'] ?? '';
+			$str_contact_deny  = $toplevel_item['deny_cid'] ?? '';
+			$str_group_deny    = $toplevel_item['deny_gid'] ?? '';
 			$private           = $toplevel_item['private'];
 
 			$wall              = $toplevel_item['wall'];
@@ -662,7 +661,7 @@ function item_post(App $a) {
 		$datarray["item_id"] = -1;
 		$datarray["author-network"] = Protocol::DFRN;
 
-		$o = conversation($a, [array_merge($contact_record, $datarray)], new Pager(DI::args()->getQueryString()), 'search', false, true);
+		$o = conversation($a, [array_merge($contact_record, $datarray)], 'search', false, true);
 
 		System::jsonExit(['preview' => $o]);
 	}