X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fitem.php;h=b77e725756b11f9cf1c1af41b7236dc997b90399;hb=e076998ffe7ed9e29c01463c10a0b36a49659e9d;hp=6b9905132861c6116bc5b882cadbc37619888d9f;hpb=df03b19a9d27a2b37419038fb15af7d03059edd4;p=friendica.git diff --git a/mod/item.php b/mod/item.php index 6b99051328..b77e725756 100644 --- a/mod/item.php +++ b/mod/item.php @@ -30,10 +30,12 @@ use Friendica\App; use Friendica\Content\Item as ItemHelper; +use Friendica\Content\PageInfo; use Friendica\Content\Text\BBCode; use Friendica\Core\Hook; use Friendica\Core\Logger; use Friendica\Core\Protocol; +use Friendica\Core\Renderer; use Friendica\Core\Session; use Friendica\Core\System; use Friendica\Core\Worker; @@ -52,12 +54,10 @@ use Friendica\Object\EMail\ItemCCEMail; use Friendica\Protocol\Activity; use Friendica\Protocol\Diaspora; use Friendica\Util\DateTimeFormat; -use Friendica\Util\Security; +use Friendica\Security\Security; use Friendica\Util\Strings; use Friendica\Worker\Delivery; -require_once __DIR__ . '/../include/items.php'; - function item_post(App $a) { if (!Session::isAuthenticated()) { throw new HTTPException\ForbiddenException(); @@ -67,7 +67,10 @@ function item_post(App $a) { if (!empty($_REQUEST['dropitems'])) { $arr_drop = explode(',', $_REQUEST['dropitems']); - drop_items($arr_drop); + foreach ($arr_drop as $item) { + Item::deleteForUser(['id' => $item], $uid); + } + $json = ['success' => 1]; System::jsonExit($json); } @@ -133,6 +136,16 @@ function item_post(App $a) { throw new HTTPException\NotFoundException(DI::l10n()->t('Unable to locate original post.')); } + // When commenting on a public post then store the post for the current user + // This enables interaction like starring and saving into folders + if ($toplevel_item['uid'] == 0) { + $stored = Item::storeForUserByUriId($toplevel_item['uri-id'], local_user()); + Logger::info('Public item stored for user', ['uri-id' => $toplevel_item['uri-id'], 'uid' => $uid, 'stored' => $stored]); + if ($stored) { + $toplevel_item = Item::selectFirst([], ['id' => $stored]); + } + } + $toplevel_item_id = $toplevel_item['id']; $parent_user = $toplevel_item['uid']; @@ -229,7 +242,7 @@ function item_post(App $a) { ]; } - $att_bbcode = add_page_info_data($attachment); + $att_bbcode = "\n" . PageInfo::getFooterFromData($attachment); $body .= $att_bbcode; } @@ -247,7 +260,7 @@ function item_post(App $a) { $objecttype = $orig_post['object-type']; $app = $orig_post['app']; $categories = $orig_post['file'] ?? ''; - $title = Strings::escapeTags(trim($_REQUEST['title'])); + $title = trim($_REQUEST['title'] ?? ''); $body = trim($body); $private = $orig_post['private']; $pubmail_enabled = $orig_post['pubmail']; @@ -268,13 +281,13 @@ function item_post(App $a) { $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? ''; } - $title = Strings::escapeTags(trim($_REQUEST['title'] ?? '')); - $location = Strings::escapeTags(trim($_REQUEST['location'] ?? '')); - $coord = Strings::escapeTags(trim($_REQUEST['coord'] ?? '')); - $verb = Strings::escapeTags(trim($_REQUEST['verb'] ?? '')); - $emailcc = Strings::escapeTags(trim($_REQUEST['emailcc'] ?? '')); + $title = trim($_REQUEST['title'] ?? ''); + $location = trim($_REQUEST['location'] ?? ''); + $coord = trim($_REQUEST['coord'] ?? ''); + $verb = trim($_REQUEST['verb'] ?? ''); + $emailcc = trim($_REQUEST['emailcc'] ?? ''); $body = trim($body); - $network = Strings::escapeTags(trim(($_REQUEST['network'] ?? '') ?: Protocol::DFRN)); + $network = trim(($_REQUEST['network'] ?? '') ?: Protocol::DFRN); $guid = System::createUUID(); $postopts = $_REQUEST['postopts'] ?? ''; @@ -320,7 +333,7 @@ function item_post(App $a) { System::jsonExit(['preview' => '']); } - info(DI::l10n()->t('Empty post discarded.')); + notice(DI::l10n()->t('Empty post discarded.')); if ($return_path) { DI::baseUrl()->redirect($return_path); } @@ -363,9 +376,9 @@ function item_post(App $a) { // get contact info for owner if ($profile_uid == local_user() || $allow_comment) { - $contact_record = $author; + $contact_record = $author ?: []; } else { - $contact_record = DBA::selectFirst('contact', [], ['uid' => $profile_uid, 'self' => true]); + $contact_record = DBA::selectFirst('contact', [], ['uid' => $profile_uid, 'self' => true]) ?: []; } // Look for any tags and linkify them @@ -419,7 +432,7 @@ function item_post(App $a) { $original_contact_id = $contact_id; - if (!$toplevel_item_id && count($forum_contact) && ($private_forum || $only_to_forum)) { + if (!$toplevel_item_id && !empty($forum_contact) && ($private_forum || $only_to_forum)) { // we tagged a forum in a top level post. Now we change the post $private = $private_forum; @@ -560,9 +573,9 @@ function item_post(App $a) { $datarray['gravity'] = $gravity; $datarray['network'] = $network; $datarray['contact-id'] = $contact_id; - $datarray['owner-name'] = $contact_record['name']; - $datarray['owner-link'] = $contact_record['url']; - $datarray['owner-avatar'] = $contact_record['thumb']; + $datarray['owner-name'] = $contact_record['name'] ?? ''; + $datarray['owner-link'] = $contact_record['url'] ?? ''; + $datarray['owner-avatar'] = $contact_record['thumb'] ?? ''; $datarray['owner-id'] = Contact::getIdForURL($datarray['owner-link']); $datarray['author-name'] = $author['name']; $datarray['author-link'] = $author['url']; @@ -690,7 +703,6 @@ function item_post(App $a) { // update filetags in pconfig FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category'); - info(DI::l10n()->t('Post updated.')); if ($return_path) { DI::baseUrl()->redirect($return_path); } @@ -712,7 +724,7 @@ function item_post(App $a) { $post_id = Item::insert($datarray); if (!$post_id) { - info(DI::l10n()->t('Item wasn\'t stored.')); + notice(DI::l10n()->t('Item wasn\'t stored.')); if ($return_path) { DI::baseUrl()->redirect($return_path); } @@ -741,8 +753,8 @@ function item_post(App $a) { FileTag::updatePconfig($uid, $categories_old, $categories_new, 'category'); // These notifications are sent if someone else is commenting other your wall - if ($toplevel_item_id) { - if ($contact_record != $author) { + if ($contact_record != $author) { + if ($toplevel_item_id) { notification([ 'type' => Type::COMMENT, 'notify_flags' => $user['notify-flags'], @@ -760,9 +772,7 @@ function item_post(App $a) { 'parent' => $toplevel_item_id, 'parent_uri' => $toplevel_item['uri'] ]); - } - } else { - if (($contact_record != $author) && !count($forum_contact)) { + } elseif (empty($forum_contact)) { notification([ 'type' => Type::WALL, 'notify_flags' => $user['notify-flags'], @@ -815,7 +825,6 @@ function item_post(App $a) { return $post_id; } - info(DI::l10n()->t('Post published.')); item_post_return(DI::baseUrl(), $api_source, $return_path); // NOTREACHED } @@ -850,7 +859,9 @@ function item_content(App $a) if (($a->argc >= 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) { if (DI::mode()->isAjax()) { - $o = Item::deleteForUser(['id' => $a->argv[2]], local_user()); + Item::deleteForUser(['id' => $a->argv[2]], local_user()); + // ajax return: [, 0 (no perm) | ] + System::jsonExit([intval($a->argv[2]), local_user()]); } else { if (!empty($a->argv[3])) { $o = drop_item($a->argv[2], $a->argv[3]); @@ -859,12 +870,78 @@ function item_content(App $a) $o = drop_item($a->argv[2]); } } + } - if (DI::mode()->isAjax()) { - // ajax return: [, 0 (no perm) | ] - System::jsonExit([intval($a->argv[2]), intval($o)]); + return $o; +} + +/** + * @param int $id + * @param string $return + * @return string + * @throws HTTPException\InternalServerErrorException + */ +function drop_item(int $id, string $return = '') +{ + // locate item to be deleted + $fields = ['id', 'uid', 'guid', 'contact-id', 'deleted', 'gravity', 'parent']; + $item = Item::selectFirstForUser(local_user(), $fields, ['id' => $id]); + + if (!DBA::isResult($item)) { + notice(DI::l10n()->t('Item not found.')); + DI::baseUrl()->redirect('network'); + } + + if ($item['deleted']) { + return ''; + } + + $contact_id = 0; + + // check if logged in user is either the author or owner of this item + if (Session::getRemoteContactID($item['uid']) == $item['contact-id']) { + $contact_id = $item['contact-id']; + } + + if ((local_user() == $item['uid']) || $contact_id) { + if (!empty($item['parent'])) { + $parentitem = Item::selectFirstForUser(local_user(), ['guid'], ['id' => $item['parent']]); + } + + // delete the item + Item::deleteForUser(['id' => $item['id']], local_user()); + + $return_url = hex2bin($return); + + // removes update_* from return_url to ignore Ajax refresh + $return_url = str_replace("update_", "", $return_url); + + // Check if delete a comment + if ($item['gravity'] == GRAVITY_COMMENT) { + // Return to parent guid + if (!empty($parentitem)) { + DI::baseUrl()->redirect('display/' . $parentitem['guid']); + //NOTREACHED + } // In case something goes wrong + else { + DI::baseUrl()->redirect('network'); + //NOTREACHED + } + } else { + // if unknown location or deleting top level post called from display + if (empty($return_url) || strpos($return_url, 'display') !== false) { + DI::baseUrl()->redirect('network'); + //NOTREACHED + } else { + DI::baseUrl()->redirect($return_url); + //NOTREACHED + } } + } else { + notice(DI::l10n()->t('Permission denied.')); + DI::baseUrl()->redirect('display/' . $item['guid']); + //NOTREACHED } - return $o; + return ''; }