X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fnetwork.php;h=e59839ccc1ea615e2b1e11af66d8fd3e651191fd;hb=db5fe142411ffb75aab31f7b4fe20bfaba5e77b0;hp=861b5ab73d9e1cadc985b098532ab3542601bc68;hpb=8a85914e1d46bb97da7571f1d3fdd377594320f9;p=friendica.git

diff --git a/mod/network.php b/mod/network.php
old mode 100755
new mode 100644
index 861b5ab73d..e59839ccc1
--- a/mod/network.php
+++ b/mod/network.php
@@ -44,13 +44,16 @@ function network_init(&$a) {
 	}
 	
 	$a->page['aside'] .= group_side('network','network',true,$group_id);
-	$a->page['aside'] .= networks_widget($a->get_baseurl() . '/network',(($_GET['nets']) ? $_GET['nets'] : ''));
+	$a->page['aside'] .= networks_widget($a->get_baseurl(true) . '/network',(x($_GET, 'nets') ? $_GET['nets'] : ''));
 	$a->page['aside'] .= saved_searches($search);
+	$a->page['aside'] .= fileas_widget($a->get_baseurl(true) . '/network',(x($_GET, 'file') ? $_GET['file'] : ''));
 
 }
 
 function saved_searches($search) {
 
+	$a = get_app();
+
 	$srchurl = '/network?f=' 
 		. ((x($_GET,'cid'))   ? '&cid='   . $_GET['cid']   : '') 
 		. ((x($_GET,'star'))  ? '&star='  . $_GET['star']  : '')
@@ -132,15 +135,15 @@ function network_content(&$a, $update = 0) {
 		$starred_active = 'active';
 	}
 	
-	if($_GET['bmark']) {
+	if(x($_GET,'bmark')) {
 		$bookmarked_active = 'active';
 	}
 
-	if($_GET['conv']) {
+	if(x($_GET,'conv')) {
 		$conv_active = 'active';
 	}
 
-	if($_GET['spam']) {
+	if(x($_GET,'spam')) {
 		$spam_active = 'active';
 	}
 
@@ -166,45 +169,56 @@ function network_content(&$a, $update = 0) {
 	$tabs = array(
 		array(
 			'label' => t('Commented Order'),
-			'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?f=&cid=' . $_GET['cid'] : ''), 
+			'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '?f=&cid=' . $_GET['cid'] : ''), 
 			'sel'=>$all_active,
+			'title'=> t('Sort by Comment Date'),
 		),
 		array(
 			'label' => t('Posted Order'),
-			'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), 
+			'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . ((x($_GET,'cid')) ? '&cid=' . $_GET['cid'] : ''), 
 			'sel'=>$postord_active,
+			'title' => t('Sort by Post Date'),
 		),
 
 		array(
 			'label' => t('Personal'),
-			'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1',
+			'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1',
 			'sel' => $conv_active,
+			'title' => t('Posts that mention or involve you'),
 		),
 		array(
 			'label' => t('New'),
-			'url' => $a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''),
+			'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '/new' . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : ''),
 			'sel' => $new_active,
+			'title' => t('Activity Stream - by date'),
 		),
 		array(
 			'label' => t('Starred'),
-			'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
+			'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1',
 			'sel'=>$starred_active,
+			'title' => t('Favourite Posts'),
 		),
 		array(
-			'label' => t('Bookmarks'),
-			'url'=>$a->get_baseurl() . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1',
+			'label' => t('Shared Links'),
+			'url'=>$a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . ((x($_GET,'cid')) ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1',
 			'sel'=>$bookmarked_active,
+			'title'=> t('Interesting Links'),
 		),	
 //		array(
 //			'label' => t('Spam'),
-//			'url'=>$a->get_baseurl() . '/network?f=&spam=1'
+//			'url'=>$a->get_baseurl(true) . '/network?f=&spam=1'
 //			'sel'=> $spam_active,
+//			'title' => t('Posts flagged as SPAM'),
 //		),	
 
 
 	);
-	$tpl = get_markup_template('common_tabs.tpl');
-	$o .= replace_macros($tpl, array('$tabs'=>$tabs));
+
+	$arr = array('tabs' => $tabs);
+	call_hooks('network_tabs', $arr);
+
+	$o .= replace_macros(get_markup_template('common_tabs.tpl'), array('$tabs'=> $arr['tabs']));
+
 	// --- end item filter tabs
 
 
@@ -247,8 +261,22 @@ function network_content(&$a, $update = 0) {
 	if($cid)
 		$def_acl = array('allow_cid' => '<' . intval($cid) . '>');
 
+	if($nets) {
+		$r = q("select id from contact where uid = %d and network = '%s' and self = 0",
+			intval(local_user()),
+			dbesc($nets)
+		);
+
+		$str = '';
+		if(count($r))
+			foreach($r as $rr)
+				$str .= '<' . $rr['id'] . '>';
+		if(strlen($str))
+			$def_acl = array('allow_cid' => $str);
+	}
+
 	if(! $update) {
-		if(group) {
+		if($group) {
 			if(($t = group_public_members($group)) && (! get_pconfig(local_user(),'system','nowarn_insecure'))) {
 				notice( sprintf( tt('Warning: This group contains %s member from an insecure network.',
 									'Warning: This group contains %s members from an insecure network.',
@@ -266,9 +294,9 @@ function network_content(&$a, $update = 0) {
 			'allow_location' => $a->user['allow_location'],
 			'default_location' => $a->user['default-location'],
 			'nickname' => $a->user['nickname'],
-			'lockstate' => ((($group) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
-			'acl' => populate_acl((($group || $cid) ? $def_acl : $a->user), $celeb),
-			'bang' => (($group || $cid) ? '!' : ''),
+			'lockstate' => ((($group) || ($cid) || ($nets) || (is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
+			'acl' => populate_acl((($group || $cid || $nets) ? $def_acl : $a->user), $celeb),
+			'bang' => (($group || $cid || $nets) ? '!' : ''),
 			'visitor' => 'block',
 			'profile_uid' => local_user()
 		);
@@ -299,7 +327,7 @@ function network_content(&$a, $update = 0) {
 			if($update)
 				killme();
 			notice( t('No such group') . EOL );
-			goaway($a->get_baseurl() . '/network');
+			goaway($a->get_baseurl(true) . '/network');
 			// NOTREACHED
 		}
 
@@ -312,7 +340,7 @@ function network_content(&$a, $update = 0) {
 				info( t('Group is empty'));
 		}
 
-		$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND ( `contact-id` IN ( $contact_str ) OR `allow_gid` REGEXP '<" . intval($group) . ">' ) and deleted = 0 ) ";
+		$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND ( `contact-id` IN ( $contact_str ) OR `allow_gid` like '" . protect_sprintf('%<' . intval($group) . '>%') . "' ) and deleted = 0 ) ";
 		$o = '<h2>' . t('Group: ') . $r[0]['name'] . '</h2>' . $o;
 	}
 	elseif($cid) {
@@ -331,7 +359,7 @@ function network_content(&$a, $update = 0) {
 		}
 		else {
 			notice( t('Invalid contact.') . EOL);
-			goaway($a->get_baseurl() . '/network');
+			goaway($a->get_baseurl(true) . '/network');
 			// NOTREACHED
 		}
 	}
@@ -370,13 +398,13 @@ function network_content(&$a, $update = 0) {
 
 	if(x($_GET,'search')) {
 		$search = escape_tags($_GET['search']);
-		$sql_extra .= sprintf(" AND ( `item`.`body` REGEXP '%s' OR `item`.`tag` REGEXP '%s' ) ",
-			dbesc(preg_quote($search)),
-			dbesc('\\]' . preg_quote($search) . '\\[')
+		$sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ",
+			dbesc(protect_sprintf('%' . $search . '%')),
+			dbesc(protect_sprintf('%]' . $search . '[%'))
 		);
 	}
 	if(strlen($file)) {
-		$sql_extra .= file_tag_file_query('item',$file);
+		$sql_extra .= file_tag_file_query('item',unxmlify($file));
 	}
 
 	if($conv) {
@@ -384,10 +412,10 @@ function network_content(&$a, $update = 0) {
 		$myurl = substr($myurl,strpos($myurl,'://')+3);
 		$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
 		$diasp_url = str_replace('/profile/','/u/',$myurl);
-		$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` regexp '%s' or `tag` regexp '%s' or tag regexp '%s' )) ",
-			dbesc($myurl . '$'),
-			dbesc($myurl . '\\]'),
-			dbesc($diasp_url . '\\]')
+		$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
+			dbesc(protect_sprintf('%s' . $myurl)),
+			dbesc(protect_sprintf('%' . $myurl . '\\]%')),
+			dbesc(protect_sprintf('%' . $diasp_url . '\\]%'))
 		);
 	}
 
@@ -498,7 +526,9 @@ function network_content(&$a, $update = 0) {
 
 			$items = conv_sort($items,$ordering);
 
-		}	
+		} else {
+			$items = array();
+		}
 	}