X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphotos.php;h=2d7516be932a68cb88e530c9585831ca4c05cd37;hb=bf39b5a9484122cca0fb85565ef0e899b92cb01a;hp=0d8744055aaf5bd448d6a3a8fb5ebeef74033419;hpb=3972fe62fe8afb3791e9d6526e7665501a577b81;p=friendica.git diff --git a/mod/photos.php b/mod/photos.php index 0d8744055a..2d7516be93 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -1,6 +1,6 @@ get('system', 'block_public') && !Session::isAuthenticated()) { +function photos_init(App $a) +{ + if (DI::config()->get('system', 'block_public') && !DI::userSession()->isAuthenticated()) { return; } @@ -65,15 +64,15 @@ function photos_init(App $a) { if (DI::args()->getArgc() > 1) { $owner = User::getOwnerDataByNick(DI::args()->getArgv()[1]); - if (!$owner) { + if (!isset($owner['account_removed']) || $owner['account_removed']) { throw new HTTPException\NotFoundException(DI::l10n()->t('User not found.')); } - $is_owner = (local_user() && (local_user() == $owner['uid'])); + $is_owner = (DI::userSession()->getLocalUserId() && (DI::userSession()->getLocalUserId() == $owner['uid'])); $albums = Photo::getAlbums($owner['uid']); - $albums_visible = ((intval($owner['hidewall']) && !Session::isAuthenticated()) ? false : true); + $albums_visible = ((intval($owner['hidewall']) && !DI::userSession()->isAuthenticated()) ? false : true); // add various encodings to the array so we can just loop through and pick them out in a template $ret = ['success' => false]; @@ -85,9 +84,6 @@ function photos_init(App $a) { $ret['albums'] = []; foreach ($albums as $k => $album) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($owner['uid']) && ($album['album'] == DI::l10n()->t('Profile Photos'))) - continue; $entry = [ 'text' => $album['album'], 'total' => $album['total'], @@ -99,7 +95,7 @@ function photos_init(App $a) { } } - if (local_user() && $owner['uid'] == local_user()) { + if (DI::userSession()->getLocalUserId() && $owner['uid'] == DI::userSession()->getLocalUserId()) { $can_post = true; } else { $can_post = false; @@ -151,25 +147,25 @@ function photos_post(App $a) $page_owner_uid = intval($user['uid']); $community_page = $user['page-flags'] == User::PAGE_FLAGS_COMMUNITY; - if (local_user() && (local_user() == $page_owner_uid)) { + if (DI::userSession()->getLocalUserId() && (DI::userSession()->getLocalUserId() == $page_owner_uid)) { $can_post = true; - } elseif ($community_page && !empty(Session::getRemoteContactID($page_owner_uid))) { - $contact_id = Session::getRemoteContactID($page_owner_uid); + } elseif ($community_page && !empty(DI::userSession()->getRemoteContactID($page_owner_uid))) { + $contact_id = DI::userSession()->getRemoteContactID($page_owner_uid); $can_post = true; $visitor = $contact_id; } if (!$can_post) { - notice(DI::l10n()->t('Permission denied.')); - exit(); + DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.')); + System::exit(); } $owner_record = User::getOwnerDataById($page_owner_uid); if (!$owner_record) { - notice(DI::l10n()->t('Contact information unavailable')); + DI::sysmsg()->addNotice(DI::l10n()->t('Contact information unavailable')); DI::logger()->info('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid); - exit(); + System::exit(); } $aclFormatter = DI::aclFormatter(); @@ -190,18 +186,13 @@ function photos_post(App $a) } if (DI::args()->getArgc() > 3 && DI::args()->getArgv()[2] === 'album') { - if (!Strings::isHex(DI::args()->getArgv()[3])) { + if (!Strings::isHex(DI::args()->getArgv()[3] ?? '')) { DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); } $album = hex2bin(DI::args()->getArgv()[3]); - if ($album === DI::l10n()->t('Profile Photos') || $album === Photo::CONTACT_PHOTOS || $album === DI::l10n()->t(Photo::CONTACT_PHOTOS)) { - DI::baseUrl()->redirect($_SESSION['photo_return']); - return; // NOTREACHED - } - - if (!DBA::exists('photo', ['album' => $album, 'uid' => $page_owner_uid])) { - notice(DI::l10n()->t('Album not found.')); + if (!DBA::exists('photo', ['album' => $album, 'uid' => $page_owner_uid, 'photo-type' => Photo::DEFAULT])) { + DI::sysmsg()->addNotice(DI::l10n()->t('Album not found.')); DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); return; // NOTREACHED } @@ -212,7 +203,7 @@ function photos_post(App $a) } // RENAME photo album - $newalbum = Strings::escapeTags(trim($_POST['albumname'])); + $newalbum = trim($_POST['albumname'] ?? ''); if ($newalbum != $album) { Photo::update(['album' => $newalbum], ['album' => $album, 'uid' => $page_owner_uid]); // Update the photo albums cache @@ -237,7 +228,7 @@ function photos_post(App $a) )); } else { $r = DBA::toArray(DBA::p("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = ? AND `album` = ?", - local_user(), + DI::userSession()->getLocalUserId(), $album )); } @@ -255,9 +246,9 @@ function photos_post(App $a) // Update the photo albums cache Photo::clearAlbumCache($page_owner_uid); - notice(DI::l10n()->t('Album successfully deleted')); + DI::sysmsg()->addNotice(DI::l10n()->t('Album successfully deleted')); } else { - notice(DI::l10n()->t('Album was empty.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Album was empty.')); } } @@ -276,7 +267,7 @@ function photos_post(App $a) $condition = ['contact-id' => $visitor, 'uid' => $page_owner_uid, 'resource-id' => DI::args()->getArgv()[3]]; } else { - $condition = ['uid' => local_user(), 'resource-id' => DI::args()->getArgv()[3]]; + $condition = ['uid' => DI::userSession()->getLocalUserId(), 'resource-id' => DI::args()->getArgv()[3]]; } $photo = DBA::selectFirst('photo', ['resource-id'], $condition); @@ -289,7 +280,7 @@ function photos_post(App $a) // Update the photo albums cache Photo::clearAlbumCache($page_owner_uid); } else { - notice(DI::l10n()->t('Failed to delete the photo.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Failed to delete the photo.')); DI::baseUrl()->redirect('photos/' . DI::args()->getArgv()[1] . '/image/' . DI::args()->getArgv()[3]); } @@ -299,11 +290,11 @@ function photos_post(App $a) } if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) { - $desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : ''; - $rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : ''; - $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; - $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; - $origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : ''; + $desc = !empty($_POST['desc']) ? trim($_POST['desc']) : ''; + $rawtags = !empty($_POST['newtag']) ? trim($_POST['newtag']) : ''; + $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; + $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; + $origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : ''; $resource_id = DI::args()->getArgv()[3]; @@ -312,7 +303,7 @@ function photos_post(App $a) } if (!empty($_POST['rotate']) && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) { - Logger::notice('rotate'); + Logger::debug('rotate'); $photo = Photo::getPhotoForUser($page_owner_uid, $resource_id); @@ -363,18 +354,12 @@ function photos_post(App $a) if ($albname !== $origaname) { Photo::clearAlbumCache($page_owner_uid); } - /* Don't make the item visible if the only change was the album name */ - - $visibility = 0; - if ($photo['desc'] !== $desc || strlen($rawtags)) { - $visibility = 1; - } } if (DBA::isResult($photos) && !$item_id) { // Create item container $title = ''; - $uri = Item::newURI($page_owner_uid); + $uri = Item::newURI(); $arr = []; $arr['guid'] = System::createUUID(); @@ -395,7 +380,7 @@ function photos_post(App $a) $arr['allow_gid'] = $photo['allow_gid']; $arr['deny_cid'] = $photo['deny_cid']; $arr['deny_gid'] = $photo['deny_gid']; - $arr['visible'] = $visibility; + $arr['visible'] = 0; $arr['origin'] = 1; $arr['body'] = '[url=' . DI::baseUrl() . '/photos/' . $user['nickname'] . '/image/' . $photo['resource-id'] . ']' @@ -538,46 +523,42 @@ function photos_post(App $a) if (count($taginfo)) { foreach ($taginfo as $tagged) { - $uri = Item::newURI($page_owner_uid); - - $arr = []; - $arr['guid'] = System::createUUID(); - $arr['uid'] = $page_owner_uid; - $arr['uri'] = $uri; - $arr['wall'] = 1; - $arr['contact-id'] = $owner_record['id']; - $arr['owner-name'] = $owner_record['name']; - $arr['owner-link'] = $owner_record['url']; - $arr['owner-avatar'] = $owner_record['thumb']; - $arr['author-name'] = $owner_record['name']; - $arr['author-link'] = $owner_record['url']; - $arr['author-avatar'] = $owner_record['thumb']; - $arr['title'] = ''; - $arr['allow_cid'] = $photo['allow_cid']; - $arr['allow_gid'] = $photo['allow_gid']; - $arr['deny_cid'] = $photo['deny_cid']; - $arr['deny_gid'] = $photo['deny_gid']; - $arr['visible'] = 1; - $arr['verb'] = Activity::TAG; - $arr['gravity'] = GRAVITY_PARENT; - $arr['object-type'] = Activity\ObjectType::PERSON; - $arr['target-type'] = Activity\ObjectType::IMAGE; - $arr['inform'] = $tagged[2]; - $arr['origin'] = 1; - $arr['body'] = DI::l10n()->t('%1$s was tagged in %2$s by %3$s', '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . DI::l10n()->t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]') ; - $arr['body'] .= "\n\n" . '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . '[img]' . DI::baseUrl() . "/photo/" . $photo['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ; - - $arr['object'] = '' . Activity\ObjectType::PERSON . '' . $tagged[0] . '' . $tagged[1] . '/' . $tagged[0] . ''; - $arr['object'] .= '' . XML::escape('' . "\n"); + $uri = Item::newURI(); + + $arr = [ + 'guid' => System::createUUID(), + 'uid' => $page_owner_uid, + 'uri' => $uri, + 'wall' => 1, + 'contact-id' => $owner_record['id'], + 'owner-name' => $owner_record['name'], + 'owner-link' => $owner_record['url'], + 'owner-avatar' => $owner_record['thumb'], + 'author-name' => $owner_record['name'], + 'author-link' => $owner_record['url'], + 'author-avatar' => $owner_record['thumb'], + 'title' => '', + 'allow_cid' => $photo['allow_cid'], + 'allow_gid' => $photo['allow_gid'], + 'deny_cid' => $photo['deny_cid'], + 'deny_gid' => $photo['deny_gid'], + 'visible' => 0, + 'verb' => Activity::TAG, + 'gravity' => Item::GRAVITY_PARENT, + 'object-type' => Activity\ObjectType::PERSON, + 'target-type' => Activity\ObjectType::IMAGE, + 'inform' => $tagged[2], + 'origin' => 1, + 'body' => DI::l10n()->t('%1$s was tagged in %2$s by %3$s', '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . DI::l10n()->t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]') . "\n\n" . '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . '[img]' . DI::baseUrl() . '/photo/' . $photo['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n", + 'object' => '' . Activity\ObjectType::PERSON . '' . $tagged[0] . '' . $tagged[1] . '/' . $tagged[0] . '' . XML::escape('' . "\n"), + 'target' => '' . Activity\ObjectType::IMAGE . '' . $photo['desc'] . '' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . '' . XML::escape('' . "\n" . '') . '', + ]; + if ($tagged[3]) { $arr['object'] .= XML::escape('' . "\n"); } $arr['object'] .= '' . "\n"; - $arr['target'] = '' . Activity\ObjectType::IMAGE . '' . $photo['desc'] . '' - . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ''; - $arr['target'] .= '' . XML::escape('' . "\n" . '') . ''; - Item::insert($arr); } } @@ -594,7 +575,7 @@ function photos_post(App $a) $album = trim($_REQUEST['album'] ?? ''); $newalbum = trim($_REQUEST['newalbum'] ?? ''); - Logger::info('album= ' . $album . ' newalbum= ' . $newalbum); + Logger::debug('album= ' . $album . ' newalbum= ' . $newalbum); if (!strlen($album)) { if (strlen($newalbum)) { @@ -612,9 +593,9 @@ function photos_post(App $a) * they acquire comments, likes, dislikes, and/or tags */ - $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR', $album, $page_owner_uid]); + $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > ?', $album, $page_owner_uid, DateTimeFormat::utc('now - 3 hours')]); - if (!DBA::isResult($r) || ($album == DI::l10n()->t('Profile Photos'))) { + if (!DBA::isResult($r) || ($album == DI::l10n()->t(Photo::PROFILE_PHOTOS))) { $visible = 1; } else { $visible = 0; @@ -647,21 +628,21 @@ function photos_post(App $a) if ($error !== UPLOAD_ERR_OK) { switch ($error) { case UPLOAD_ERR_INI_SIZE: - notice(DI::l10n()->t('Image exceeds size limit of %s', ini_get('upload_max_filesize'))); + DI::sysmsg()->addNotice(DI::l10n()->t('Image exceeds size limit of %s', ini_get('upload_max_filesize'))); break; case UPLOAD_ERR_FORM_SIZE: - notice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($_REQUEST['MAX_FILE_SIZE'] ?? 0))); + DI::sysmsg()->addNotice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($_REQUEST['MAX_FILE_SIZE'] ?? 0))); break; case UPLOAD_ERR_PARTIAL: - notice(DI::l10n()->t('Image upload didn\'t complete, please try again')); + DI::sysmsg()->addNotice(DI::l10n()->t('Image upload didn\'t complete, please try again')); break; case UPLOAD_ERR_NO_FILE: - notice(DI::l10n()->t('Image file is missing')); + DI::sysmsg()->addNotice(DI::l10n()->t('Image file is missing')); break; case UPLOAD_ERR_NO_TMP_DIR: case UPLOAD_ERR_CANT_WRITE: case UPLOAD_ERR_EXTENSION: - notice(DI::l10n()->t('Server can\'t accept new file upload at this time, please contact your administrator')); + DI::sysmsg()->addNotice(DI::l10n()->t('Server can\'t accept new file upload at this time, please contact your administrator')); break; } @unlink($src); @@ -677,7 +658,7 @@ function photos_post(App $a) $maximagesize = DI::config()->get('system', 'maximagesize'); if ($maximagesize && ($filesize > $maximagesize)) { - notice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($maximagesize))); + DI::sysmsg()->addNotice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($maximagesize))); @unlink($src); $foo = 0; Hook::callAll('photo_post_end', $foo); @@ -685,22 +666,22 @@ function photos_post(App $a) } if (!$filesize) { - notice(DI::l10n()->t('Image file is empty.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Image file is empty.')); @unlink($src); $foo = 0; Hook::callAll('photo_post_end', $foo); return; } - Logger::info('loading the contents of ' . $src); + Logger::debug('loading contents', ['src' => $src]); $imagedata = @file_get_contents($src); $image = new Image($imagedata, $type); if (!$image->isValid()) { - Logger::info('unable to process image'); - notice(DI::l10n()->t('Unable to process image.')); + Logger::notice('unable to process image'); + DI::sysmsg()->addNotice(DI::l10n()->t('Unable to process image.')); @unlink($src); $foo = 0; Hook::callAll('photo_post_end',$foo); @@ -711,9 +692,6 @@ function photos_post(App $a) @unlink($src); $max_length = DI::config()->get('system', 'max_image_length'); - if (!$max_length) { - $max_length = MAX_IMAGE_LENGTH; - } if ($max_length > 0) { $image->scaleDown($max_length); } @@ -725,27 +703,27 @@ function photos_post(App $a) $resource_id = Photo::newResource(); - $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); if (!$r) { - Logger::info('image store failed'); - notice(DI::l10n()->t('Image upload failed.')); + Logger::warning('image store failed'); + DI::sysmsg()->addNotice(DI::l10n()->t('Image upload failed.')); return; } if ($width > 640 || $height > 640) { $image->scaleDown(640); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 1; } if ($width > 320 || $height > 320) { $image->scaleDown(320); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 2; } - $uri = Item::newURI($page_owner_uid); + $uri = Item::newURI(); // Create item container $lat = $lon = null; @@ -815,13 +793,13 @@ function photos_content(App $a) throw new HTTPException\NotFoundException(DI::l10n()->t('User not found.')); } - if (DI::config()->get('system', 'block_public') && !Session::isAuthenticated()) { - notice(DI::l10n()->t('Public access denied.')); + if (DI::config()->get('system', 'block_public') && !DI::userSession()->isAuthenticated()) { + DI::sysmsg()->addNotice(DI::l10n()->t('Public access denied.')); return; } if (empty($user)) { - notice(DI::l10n()->t('No photos selected')); + DI::sysmsg()->addNotice(DI::l10n()->t('No photos selected')); return; } @@ -861,10 +839,10 @@ function photos_content(App $a) $community_page = (($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY) ? true : false); - if (local_user() && (local_user() == $owner_uid)) { + if (DI::userSession()->getLocalUserId() && (DI::userSession()->getLocalUserId() == $owner_uid)) { $can_post = true; - } elseif ($community_page && !empty(Session::getRemoteContactID($owner_uid))) { - $contact_id = Session::getRemoteContactID($owner_uid); + } elseif ($community_page && !empty(DI::userSession()->getRemoteContactID($owner_uid))) { + $contact_id = DI::userSession()->getRemoteContactID($owner_uid); $contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]); if (DBA::isResult($contact)) { @@ -875,22 +853,22 @@ function photos_content(App $a) } // perhaps they're visiting - but not a community page, so they wouldn't have write access - if (!empty(Session::getRemoteContactID($owner_uid)) && !$visitor) { - $contact_id = Session::getRemoteContactID($owner_uid); + if (!empty(DI::userSession()->getRemoteContactID($owner_uid)) && !$visitor) { + $contact_id = DI::userSession()->getRemoteContactID($owner_uid); $contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]); $remote_contact = DBA::isResult($contact); } - if (!$remote_contact && local_user()) { + if (!$remote_contact && DI::userSession()->getLocalUserId()) { $contact_id = $_SESSION['cid']; $contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]); } - if ($user['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) { - notice(DI::l10n()->t('Access to this item is restricted.')); + if ($user['hidewall'] && (DI::userSession()->getLocalUserId() != $owner_uid) && !$remote_contact) { + DI::sysmsg()->addNotice(DI::l10n()->t('Access to this item is restricted.')); return; } @@ -899,17 +877,17 @@ function photos_content(App $a) $o = ""; // tabs - $is_owner = (local_user() && (local_user() == $owner_uid)); + $is_owner = (DI::userSession()->getLocalUserId() && (DI::userSession()->getLocalUserId() == $owner_uid)); $o .= BaseProfile::getTabsHTML($a, 'photos', $is_owner, $user['nickname'], $profile['hide-friends']); // Display upload form if ($datatype === 'upload') { if (!$can_post) { - notice(DI::l10n()->t('Permission denied.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.')); return; } - $selname = Strings::isHex($datum) ? hex2bin($datum) : ''; + $selname = (!is_null($datum) && Strings::isHex($datum)) ? hex2bin($datum) : ''; $albumselect = ''; @@ -917,7 +895,7 @@ function photos_content(App $a) $albums = Photo::getAlbums($owner_uid); if (!empty($albums)) { foreach ($albums as $album) { - if (($album['album'] === '') || ($album['album'] === Photo::CONTACT_PHOTOS) || ($album['album'] === DI::l10n()->t(Photo::CONTACT_PHOTOS))) { + if ($album['album'] === '') { continue; } $selected = (($selname === $album['album']) ? ' selected="selected" ' : ''); @@ -971,11 +949,15 @@ function photos_content(App $a) // Display a single photo album if ($datatype === 'album') { // if $datum is not a valid hex, redirect to the default page - if (!Strings::isHex($datum)) { + if (is_null($datum) || !Strings::isHex($datum)) { DI::baseUrl()->redirect('photos/' . $user['nickname']. '/album'); } $album = hex2bin($datum); + if ($can_post && !Photo::exists(['uid' => $owner_uid, 'album' => $album, 'photo-type' => Photo::DEFAULT])) { + $can_post = false; + } + $total = 0; $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `album` = ? AND `scale` <= 4 $sql_extra GROUP BY `resource-id`", @@ -990,7 +972,7 @@ function photos_content(App $a) /// @TODO I have seen this many times, maybe generalize it script-wide and encapsulate it? $order_field = $_GET['order'] ?? ''; - if ($order_field === 'posted') { + if ($order_field === 'created') { $order = 'ASC'; } else { $order = 'DESC'; @@ -1025,33 +1007,29 @@ function photos_content(App $a) // edit album name if ($cmd === 'edit') { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS))) { - if ($can_post) { - $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); - - $album_e = $album; - - $o .= Renderer::replaceMacros($edit_tpl,[ - '$nametext' => DI::l10n()->t('New album name: '), - '$nickname' => $user['nickname'], - '$album' => $album_e, - '$hexalbum' => bin2hex($album), - '$submit' => DI::l10n()->t('Submit'), - '$dropsubmit' => DI::l10n()->t('Delete Album') - ]); - } - } - } else { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS)) && $can_post) { - $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/edit']; - $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/drop']; + if ($can_post) { + $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); + + $album_e = $album; + + $o .= Renderer::replaceMacros($edit_tpl,[ + '$nametext' => DI::l10n()->t('New album name: '), + '$nickname' => $user['nickname'], + '$album' => $album_e, + '$hexalbum' => bin2hex($album), + '$submit' => DI::l10n()->t('Submit'), + '$dropsubmit' => DI::l10n()->t('Delete Album') + ]); } + } elseif ($can_post) { + $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/edit']; + $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/drop']; } - if ($order_field === 'posted') { + if ($order_field === 'created') { $order = [DI::l10n()->t('Show Newest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album), 'oldest']; } else { - $order = [DI::l10n()->t('Show Oldest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '?order=posted', 'newest']; + $order = [DI::l10n()->t('Show Oldest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '?order=created', 'newest']; } $photos = []; @@ -1071,7 +1049,7 @@ function photos_content(App $a) 'id' => $rr['id'], 'twist' => ' ' . ($twist ? 'rotleft' : 'rotright') . rand(2,4), 'link' => 'photos/' . $user['nickname'] . '/image/' . $rr['resource-id'] - . ($order_field === 'posted' ? '?order=posted' : ''), + . ($order_field === 'created' ? '?order=created' : ''), 'title' => DI::l10n()->t('View Photo'), 'src' => 'photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.' .$ext, 'alt' => $imgalt_e, @@ -1101,17 +1079,13 @@ function photos_content(App $a) // Display one photo if ($datatype === 'image') { // fetch image, item containing image, then comments - $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' - $sql_extra ORDER BY `scale` ASC ", - intval($owner_uid), - DBA::escape($datum) - ); + $ph = Photo::selectToArray([], ["`uid` = ? AND `resource-id` = ? " . $sql_extra, $owner_uid, $datum], ['order' => ['scale']]); if (!DBA::isResult($ph)) { if (DBA::exists('photo', ['resource-id' => $datum, 'uid' => $owner_uid])) { - notice(DI::l10n()->t('Permission denied. Access to this item may be restricted.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied. Access to this item may be restricted.')); } else { - notice(DI::l10n()->t('Photo not available')); + DI::sysmsg()->addNotice(DI::l10n()->t('Photo not available')); } return; } @@ -1143,17 +1117,15 @@ function photos_content(App $a) if ($cmd === 'view' && !DI::config()->get('system', 'no_count', false)) { $order_field = $_GET['order'] ?? ''; - if ($order_field === 'posted') { - $order = 'ASC'; + if ($order_field === 'created') { + $params = ['order' => [$order_field]]; + } elseif (!empty($order_field)) { + $params = ['order' => [$order_field => true]]; } else { - $order = 'DESC'; + $params = []; } - $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 - $sql_extra ORDER BY `created` $order ", - DBA::escape($ph[0]['album']), - intval($owner_uid) - ); + $prvnxt = Photo::selectToArray(['resource-id'], ["`album` = ? AND `uid` = ? AND `scale` = ?" . $sql_extra, $ph[0]['album'], $owner_uid, 0], $params); if (DBA::isResult($prvnxt)) { $prv = null; @@ -1173,10 +1145,10 @@ function photos_content(App $a) } if (!is_null($prv)) { - $prevlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . ($order_field === 'posted' ? '?order=posted' : ''); + $prevlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . ($order_field === 'created' ? '?order=created' : ''); } if (!is_null($nxt)) { - $nextlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . ($order_field === 'posted' ? '?order=posted' : ''); + $nextlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . ($order_field === 'created' ? '?order=created' : ''); } $tpl = Renderer::getMarkupTemplate('photo_edit_head.tpl'); @@ -1224,7 +1196,7 @@ function photos_content(App $a) } if ( - $ph[0]['uid'] == local_user() + $ph[0]['uid'] == DI::userSession()->getLocalUserId() && (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid']) || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) ) { $tools['lock'] = DI::l10n()->t('Private Photo'); @@ -1253,17 +1225,10 @@ function photos_content(App $a) // The difference is that we won't be displaying the conversation head item // as a "post" but displaying instead the photo it is linked to - /// @todo Rewrite this query. To do so, $sql_extra must be changed - $linked_items = q("SELECT `id` FROM `post-user-view` WHERE `resource-id` = '%s' $sql_extra LIMIT 1", - DBA::escape($datum) - ); - if (DBA::isResult($linked_items)) { - // This is a workaround to not being forced to rewrite the while $sql_extra handling - $link_item = Post::selectFirst([], ['id' => $linked_items[0]['id']]); - } + $link_item = Post::selectFirst([], ["`resource-id` = ?" . $sql_extra, $datum]); if (!empty($link_item['parent']) && !empty($link_item['uid'])) { - $condition = ["`parent` = ? AND `gravity` = ?", $link_item['parent'], GRAVITY_COMMENT]; + $condition = ["`parent` = ? AND `gravity` = ?", $link_item['parent'], Item::GRAVITY_COMMENT]; $total = Post::count($condition); $pager = new Pager(DI::l10n(), DI::args()->getQueryString()); @@ -1271,7 +1236,7 @@ function photos_content(App $a) $params = ['order' => ['id'], 'limit' => [$pager->getStart(), $pager->getItemsPerPage()]]; $items = Post::toArray(Post::selectForUser($link_item['uid'], Item::ITEM_FIELDLIST, $condition, $params)); - if (local_user() == $link_item['uid']) { + if (DI::userSession()->getLocalUserId() == $link_item['uid']) { Item::update(['unseen' => false], ['parent' => $link_item['parent']]); } } @@ -1283,14 +1248,12 @@ function photos_content(App $a) $tags = null; if (!empty($link_item['id'])) { - $tag_text = Tag::getCSVByURIId($link_item['uri-id']); - $arr = explode(',', $tag_text); // parse tags and add links $tag_arr = []; - foreach ($arr as $tag) { + foreach (Tag::getByURIId($link_item['uri-id']) as $tag) { $tag_arr[] = [ - 'name' => BBCode::convert($tag), - 'removeurl' => '/tagrm/' . $link_item['id'] . '/' . bin2hex($tag) + 'name' => $tag['name'], + 'removeurl' => '/tagrm/' . $link_item['id'] . '/' . bin2hex($tag['name']) ]; } $tags = ['title' => DI::l10n()->t('Tags: '), 'tags' => $tag_arr]; @@ -1351,7 +1314,7 @@ function photos_content(App $a) */ $qcomment = null; if (Addon::isEnabled('qcomment')) { - $words = DI::pConfig()->get(local_user(), 'qcomment', 'words'); + $words = DI::pConfig()->get(DI::userSession()->getLocalUserId(), 'qcomment', 'words'); $qcomment = $words ? explode("\n", $words) : []; } @@ -1382,7 +1345,7 @@ function photos_content(App $a) 'attendmaybe' => [] ]; - if (DI::pConfig()->get(local_user(), 'system', 'hide_dislike')) { + if (DI::pConfig()->get(DI::userSession()->getLocalUserId(), 'system', 'hide_dislike')) { unset($conv_responses['dislike']); } @@ -1407,7 +1370,7 @@ function photos_content(App $a) */ $qcomment = null; if (Addon::isEnabled('qcomment')) { - $words = DI::pConfig()->get(local_user(), 'qcomment', 'words'); + $words = DI::pConfig()->get(DI::userSession()->getLocalUserId(), 'qcomment', 'words'); $qcomment = $words ? explode("\n", $words) : []; } @@ -1436,7 +1399,7 @@ function photos_content(App $a) if (($activity->match($item['verb'], Activity::LIKE) || $activity->match($item['verb'], Activity::DISLIKE)) && - ($item['gravity'] != GRAVITY_PARENT)) { + ($item['gravity'] != Item::GRAVITY_PARENT)) { continue; } @@ -1449,29 +1412,29 @@ function photos_content(App $a) $sparkle = ''; } - $dropping = (($item['contact-id'] == $contact_id) || ($item['uid'] == local_user())); + $dropping = (($item['contact-id'] == $contact_id) || ($item['uid'] == DI::userSession()->getLocalUserId())); $drop = [ 'dropping' => $dropping, 'pagedrop' => false, - 'select' => DI::l10n()->t('Select'), - 'delete' => DI::l10n()->t('Delete'), + 'select' => DI::l10n()->t('Select'), + 'delete' => DI::l10n()->t('Delete'), ]; $title_e = $item['title']; - $body_e = BBCode::convert($item['body']); + $body_e = BBCode::convertForUriId($item['uri-id'], $item['body']); $comments .= Renderer::replaceMacros($template,[ - '$id' => $item['id'], + '$id' => $item['id'], '$profile_url' => $profile_url, - '$name' => $item['author-name'], - '$thumb' => $item['author-avatar'], - '$sparkle' => $sparkle, - '$title' => $title_e, - '$body' => $body_e, - '$ago' => Temporal::getRelativeDate($item['created']), - '$indent' => (($item['parent'] != $item['id']) ? ' comment' : ''), - '$drop' => $drop, - '$comment' => $comment + '$name' => $item['author-name'], + '$thumb' => $item['author-avatar'], + '$sparkle' => $sparkle, + '$title' => $title_e, + '$body' => $body_e, + '$ago' => Temporal::getRelativeDate($item['created']), + '$indent' => (($item['parent'] != $item['id']) ? ' comment' : ''), + '$drop' => $drop, + '$comment' => $comment ]); if (($can_post || Security::canWriteToUserWall($owner_uid))) { @@ -1481,7 +1444,7 @@ function photos_content(App $a) */ $qcomment = null; if (Addon::isEnabled('qcomment')) { - $words = DI::pConfig()->get(local_user(), 'qcomment', 'words'); + $words = DI::pConfig()->get(DI::userSession()->getLocalUserId(), 'qcomment', 'words'); $qcomment = $words ? explode("\n", $words) : []; } @@ -1520,7 +1483,7 @@ function photos_content(App $a) '$dislike' => DI::l10n()->t('Dislike'), '$wait' => DI::l10n()->t('Please wait'), '$dislike_title' => DI::l10n()->t('I don\'t like this (toggle)'), - '$hide_dislike' => DI::pConfig()->get(local_user(), 'system', 'hide_dislike'), + '$hide_dislike' => DI::pConfig()->get(DI::userSession()->getLocalUserId(), 'system', 'hide_dislike'), '$responses' => $responses, '$return_path' => DI::args()->getQueryString(), ]); @@ -1561,11 +1524,10 @@ function photos_content(App $a) // Default - show recent photos with upload link (if applicable) //$o = ''; $total = 0; - $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND NOT `album` IN (?, ?) + $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `photo-type` = ? $sql_extra GROUP BY `resource-id`", $user['uid'], - Photo::CONTACT_PHOTOS, - DI::l10n()->t(Photo::CONTACT_PHOTOS) + Photo::DEFAULT, )); if (DBA::isResult($r)) { $total = count($r); @@ -1576,11 +1538,10 @@ function photos_content(App $a) $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`, ANY_VALUE(`created`) AS `created` FROM `photo` - WHERE `uid` = ? AND NOT `album` IN (?, ?) + WHERE `uid` = ? AND `photo-type` = ? $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT ? , ?", $user['uid'], - Photo::CONTACT_PHOTOS, - DI::l10n()->t(Photo::CONTACT_PHOTOS), + Photo::DEFAULT, $pager->getStart(), $pager->getItemsPerPage() )); @@ -1590,11 +1551,6 @@ function photos_content(App $a) // "Twist" is only used for the duepunto theme with style "slackr" $twist = false; foreach ($r as $rr) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($owner_uid) && ($rr['album'] == DI::l10n()->t('Profile Photos'))) { - continue; - } - $twist = !$twist; $ext = $phototypes[$rr['type']];