X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fnetwork.php;h=16739b434579753b947929a8fe0af41bf0766280;hb=cde888f7f87449d4f5a281b8a23abcf3234ce9b9;hp=59f826fd93d8e9f8f53aaa7245f05234ee9b7193;hpb=f4e634ad526198cc5c79e74d77b19c8a1b518942;p=friendica.git diff --git a/mod/network.php b/mod/network.php index 59f826fd93..16739b4345 100644 --- a/mod/network.php +++ b/mod/network.php @@ -2,75 +2,120 @@ function network_init(&$a) { + if(! local_user()) { + notice( t('Permission denied.') . EOL); + return; + } + + require_once('include/group.php'); - $a->page['aside'] .= group_side('network','network'); + if(! x($a->page,'aside')) + $a->page['aside'] = ''; + + $a->page['aside'] .= ''; + + $a->page['aside'] .= group_side('network','network',true); } -function network_content(&$a, $update = false) { +function network_content(&$a, $update = 0) { + + require_once('include/conversation.php'); if(! local_user()) - return; + return login(false); - require_once("include/bbcode.php"); + $o = ''; $contact_id = $a->cid; $group = 0; - if(! $update) { - // pull out the group here because the updater might have different args - if($a->argc > 1) + $nouveau = false; + require_once('include/acl_selectors.php'); + + $cid = ((x($_GET['cid'])) ? intval($_GET['cid']) : 0); + + if(($a->argc > 2) && $a->argv[2] === 'new') + $nouveau = true; + + if($a->argc > 1) { + if($a->argv[1] === 'new') + $nouveau = true; + else { $group = intval($a->argv[1]); + $def_acl = array('allow_gid' => '<' . $group . '>'); + } + } - $_SESSION['return_url'] = $a->cmd; + if($cid) + $def_acl = array('allow_cid' => '<' . intval($cid) . '>'); - $tpl = file_get_contents('view/jot-header.tpl'); - - $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl())); + if(! $update) { + if(group) { + if(($t = group_public_members($group)) && (! get_pconfig(local_user(),'system','nowarn_insecure'))) { + $plural_form = sprintf( tt('%d member', '%d members', $t), $t); + notice( sprintf( t('Warning: This group contains %s from an insecure network.'), $plural_form ) . EOL); + notice( t('Private messages to this group are at risk of public disclosure.') . EOL); + } + } - require_once('view/acl_selectors.php'); + $o .= ''; - $tpl = file_get_contents("view/jot.tpl"); + $_SESSION['return_url'] = $a->cmd; - $o .= replace_macros($tpl,array( - '$return_path' => $a->cmd, - '$baseurl' => $a->get_baseurl(), - '$visitor' => 'block', - '$lockstate' => 'unlock', - '$acl' => populate_acl($a->user), - '$profile_uid' => $_SESSION['uid'] - )); + $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false); + + $x = array( + 'is_owner' => true, + 'allow_location' => $a->user['allow_location'], + 'default_location' => $a->user['default_location'], + 'nickname' => $a->user['nickname'], + 'lockstate' => ((($group) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'), + 'acl' => populate_acl((($group || $cid) ? $def_acl : $a->user), $celeb), + 'bang' => (($group || $cid) ? '!' : ''), + 'visitor' => 'block', + 'profile_uid' => local_user() + ); + $o .= status_editor($a,$x); // The special div is needed for liveUpdate to kick in for this page. // We only launch liveUpdate if you are on the front page, you aren't // filtering by group and also you aren't writing a comment (the last // criteria is discovered in javascript). - if($a->pager['start'] == 0 && $a->argc == 1) $o .= '
' . "\r\n"; + $o .= "\r\n"; + } - // We aren't going to try and figure out at the item, group, and page level - // which items you've seen and which you haven't. You're looking at some - // subset of items, so just mark everything seen. + // We aren't going to try and figure out at the item, group, and page + // level which items you've seen and which you haven't. If you're looking + // at the top level network page just mark everything seen. - $r = q("UPDATE `item` SET `unseen` = 0 - WHERE `unseen` = 1 AND `uid` = %d", - intval($_SESSION['uid']) - ); + if((! $group) && (! $cid)) { + $r = q("UPDATE `item` SET `unseen` = 0 + WHERE `unseen` = 1 AND `uid` = %d", + intval($_SESSION['uid']) + ); + } // We don't have to deal with ACL's on this page. You're looking at everything // that belongs to you, hence you can see all of it. We will filter by group if // desired. - // TODO: Perhaps we should limit the group filter to those with the group in the ACL, - // rather than just the contact-id of the post. - // Otherwise we're not showing complete conversations, unless all the conversants - // happen to be in the group. - - $sql_extra = ''; + $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) "; if($group) { $r = q("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", @@ -78,157 +123,143 @@ function network_content(&$a, $update = false) { intval($_SESSION['uid']) ); if(! count($r)) { - notice("No such group"); + if($update) + killme(); + notice( t('No such group') . EOL ); goaway($a->get_baseurl() . '/network'); - return; // NOTREACHED + // NOTREACHED } $contacts = expand_groups(array($group)); - $contacts[] = $_SESSION['cid']; - $contact_str = implode(',',$contacts); - $sql_extra = dbesc(" AND `contact`.`id` IN ( $contact_str ) "); - $o = '

' . t('Group: ') . $r[0]['name'] . '

' . $o; + if((is_array($contacts)) && count($contacts)) { + $contact_str = implode(',',$contacts); + } + else { + $contact_str = ' 0 '; + notice( t('Group is empty')); + } + + $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` AND ( `contact-id` IN ( $contact_str ) OR `allow_gid` REGEXP '<" . intval($group) . ">' )) "; + $o = '

' . t('Group: ') . $r[0]['name'] . '

' . $o; + } + elseif($cid) { + + $r = q("SELECT `id`,`name`,`network`,`writable` FROM `contact` WHERE `id` = %d + AND `blocked` = 0 AND `pending` = 0 LIMIT 1", + intval($cid) + ); + if(count($r)) { + $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` AND `contact-id` IN ( " . intval($cid) . " )) "; + $o = '

' . t('Contact: ') . $r[0]['name'] . '

' . $o; + if($r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_FACEBOOK && $r[0]['writable'] && (! get_pconfig(local_user(),'system','nowarn_insecure'))) { + notice( t('Private messages to this person are at risk of public disclosure.') . EOL); + } + } + else { + notice( t('Invalid contact.') . EOL); + goaway($a->get_baseurl() . '/network'); + // NOTREACHED + } } + if((! $group) && (! $cid) && (! $update)) + $o .= get_birthdays(); + + $sql_extra2 = (($nouveau) ? '' : " AND `item`.`parent` = `item`.`id` "); + $r = q("SELECT COUNT(*) AS `total` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + $sql_extra2 $sql_extra ", intval($_SESSION['uid']) ); - if(count($r)) - $a->set_pager_total($r[0]['total']); - - $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, - `contact`.`name`, `contact`.`photo`, `contact`.`url`, - `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, - `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` - FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - $sql_extra - ORDER BY `parent` DESC, `created` ASC LIMIT %d ,%d ", - intval($_SESSION['uid']), - intval($a->pager['start']), - intval($a->pager['itemspage']) - ); - - - $cmnt_tpl = file_get_contents('view/comment_item.tpl'); - - $tpl = file_get_contents('view/wall_item.tpl'); - $wallwall = file_get_contents('view/wallwall_item.tpl'); - if(count($r)) { - foreach($r as $item) { - - $comment = ''; - $template = $tpl; - $commentww = ''; - - $profile_url = $item['url']; - $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ; - - - // Top-level wall post not written by the wall owner (wall-to-wall) - // First figure out who owns it. - - if(($item['parent'] == $item['item_id']) && (! $item['self'])) { - - if($item['type'] == 'wall') { - // I do. Put me on the left of the wall-to-wall notice. - $owner_url = $a->contact['url']; - $owner_photo = $a->contact['thumb']; - $owner_name = $a->contact['name']; - $template = $wallwall; - $commentww = 'ww'; - } - if($item['type'] == 'remote' && ($item['owner-link'] != $item['author-link'])) { - // Could be anybody. - $owner_url = $item['owner-link']; - $owner_photo = $item['owner-avatar']; - $owner_name = $item['owner-name']; - $template = $wallwall; - $commentww = 'ww'; - // If it is our contact, use a friendly redirect link - if($item['owner-link'] == $item['url']) - $owner_url = $redirect_url; - - } - } - - if($update) - $return_url = $_SESSION['return_url']; - else - $return_url = $_SESSION['return_url'] = $a->cmd; - - - if($item['last-child']) { - $comment = replace_macros($cmnt_tpl,array( - '$return_path' => $_SESSION['return_url'], - '$type' => 'net-comment', - '$id' => $item['item_id'], - '$parent' => $item['parent'], - '$profile_uid' => $_SESSION['uid'], - '$mylink' => $a->contact['url'], - '$mytitle' => t('Me'), - '$myphoto' => $a->contact['thumb'], - '$ww' => $commentww - )); - } + $a->set_pager_total($r[0]['total']); + $a->set_pager_itemspage(40); + } - $drop = replace_macros(file_get_contents('view/wall_item_drop.tpl'), array('$id' => $item['id'])); + if($nouveau) { + // "New Item View" - show all items unthreaded in reverse created date order - - if(($item['contact-uid'] == $_SESSION['uid']) && (strlen($item['dfrn-id'])) && (! $item['self'] )) - $profile_url = $redirect_url; - - $photo = $item['photo']; - $thumb = $item['thumb']; + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`, + `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` + FROM `item`, `contact` + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `contact`.`id` = `item`.`contact-id` + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + $sql_extra + ORDER BY `item`.`created` DESC LIMIT %d ,%d ", + intval($_SESSION['uid']), + intval($a->pager['start']), + intval($a->pager['itemspage']) + ); + + } + else { + + // Normal conversation view + // First fetch a known number of parent items + + $r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid` + FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `item`.`parent` = `item`.`id` + $sql_extra + ORDER BY `item`.`created` DESC LIMIT %d ,%d ", + intval(local_user()), + intval($a->pager['start']), + intval($a->pager['itemspage']) + ); - // Post was remotely authored. - $profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']); - $profile_avatar = ((strlen($item['author-avatar'])) ? $item['author-avatar'] : $thumb); + // Then fetch all the children of the parents that are on this page + + $parents_arr = array(); + $parents_str = ''; + + if(count($r)) { + foreach($r as $rr) + $parents_arr[] = $rr['item_id']; + $parents_str = implode(', ', $parents_arr); + + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`, + `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` + FROM `item`, (SELECT `p`.`id`,`p`.`created` FROM `item` AS `p` WHERE `p`.`parent`=`p`.`id`) as `parentitem`, `contact` + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `contact`.`id` = `item`.`contact-id` + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s ) + $sql_extra + ORDER BY `parentitem`.`created` DESC, `item`.`gravity` ASC, `item`.`created` ASC ", + intval(local_user()), + dbesc($parents_str) + ); + } + } - $profile_link = $profile_url; + // Set this so that the conversation function can find out contact info for our wall-wall items + $a->page_contact = $a->contact; - // Can we use our special contact URL for this author? + $mode = (($nouveau) ? 'network-new' : 'network'); - if(strlen($item['author-link'])) { - if($item['author-link'] == $item['url']) - $profile_link = $redirect_url; - else - $profile_link = $item['author-link']; - } + $o .= conversation($a,$r,$mode,$update); - // Build the HTML - - $o .= replace_macros($template,array( - '$id' => $item['item_id'], - '$profile_url' => $profile_link, - '$name' => $profile_name, - '$thumb' => $profile_avatar, - '$title' => $item['title'], - '$body' => bbcode($item['body']), - '$ago' => relative_date($item['created']), - '$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''), - '$owner_url' => $owner_url, - '$owner_photo' => $owner_photo, - '$owner_name' => $owner_name, - '$drop' => $drop, - '$comment' => $comment - )); - } - } + if(! $update) { - if(! $update) $o .= paginate($a); + $o .= '
' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
'; + } return $o; -} \ No newline at end of file +}