X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=a531d40936a82b918d1f179c5174dd1e01edf37d;hb=720a43461d67ab229de0aecfc5008f22cc4c1c54;hp=00248df4306c40e5b86b2157278bab5eea36b79a;hpb=6d19ecfde071484737fdb21bc394a2df14e5fc24;p=friendica.git

diff --git a/mod/item.php b/mod/item.php
index 00248df430..a531d40936 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2021, the Friendica project
+ * @copyright Copyright (C) 2010-2022, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -177,10 +177,11 @@ function item_post(App $a) {
 	}
 
 	// Allow commenting if it is an answer to a public post
-	$allow_comment = local_user() && ($profile_uid == 0) && $toplevel_item_id && in_array($toplevel_item['network'], Protocol::FEDERATED);
+	$allow_comment = local_user() && $toplevel_item_id && in_array($toplevel_item['private'], [Item::PUBLIC, Item::UNLISTED]) && in_array($toplevel_item['network'], Protocol::FEDERATED);
 
 	// Now check that valid personal details have been provided
 	if (!Security::canWriteToUserWall($profile_uid) && !$allow_comment) {
+		Logger::notice('Permission denied.', ['local' => local_user(), 'profile_uid' => $profile_uid, 'toplevel_item_id' => $toplevel_item_id, 'network' => $toplevel_item['network']]);
 		notice(DI::l10n()->t('Permission denied.'));
 		if ($return_path) {
 			DI::baseUrl()->redirect($return_path);
@@ -351,7 +352,8 @@ function item_post(App $a) {
 		$filedas = FileTag::fileToArray($categories);
 	}
 
-	$categories = FileTag::listToFile(trim($_REQUEST['category'] ?? ''), 'category');
+	$list_array = explode(',', trim($_REQUEST['category'] ?? ''));
+	$categories = FileTag::arrayToFile($list_array, 'category');
 
 	if (!empty($filedas) && is_array($filedas)) {
 		// append the fileas stuff to the new categories list
@@ -685,7 +687,7 @@ function item_post(App $a) {
 	Hook::callAll('post_local',$datarray);
 
 	if (!empty($_REQUEST['scheduled_at'])) {
-		$scheduled_at = DateTimeFormat::convert($_REQUEST['scheduled_at'], 'UTC', $a->getTimezone());
+		$scheduled_at = DateTimeFormat::convert($_REQUEST['scheduled_at'], 'UTC', $a->getTimeZone());
 		if ($scheduled_at > DateTimeFormat::utcNow()) {
 			unset($datarray['created']);
 			unset($datarray['edited']);
@@ -776,7 +778,7 @@ function item_post(App $a) {
 	// These notifications are sent if someone else is commenting other your wall
 	if ($contact_record != $author) {
 		if ($toplevel_item_id) {
-			notification([
+			DI::notify()->createFromArray([
 				'type'  => Notification\Type::COMMENT,
 				'otype' => Notification\ObjectType::ITEM,
 				'verb'  => Activity::POST,
@@ -786,7 +788,7 @@ function item_post(App $a) {
 				'link'  => DI::baseUrl() . '/display/' . urlencode($datarray['guid']),
 			]);
 		} elseif (empty($forum_contact)) {
-			notification([
+			DI::notify()->createFromArray([
 				'type'  => Notification\Type::WALL,
 				'otype' => Notification\ObjectType::ITEM,
 				'verb'  => Activity::POST,
@@ -931,6 +933,7 @@ function drop_item(int $id, string $return = '')
 
 		item_redirect_after_action($item, $return);
 	} else {
+		Logger::notice('Permission denied.', ['local' => local_user(), 'uid' => $item['uid'], 'cid' => $contact_id]);
 		notice(DI::l10n()->t('Permission denied.'));
 		DI::baseUrl()->redirect('display/' . $item['guid']);
 		//NOTREACHED