X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphotos.php;h=8111fffa3079e1b01af8b794874413111ddbc1aa;hb=d8fe8b1e8b008ee0b8d87fda7467b1d058a07e75;hp=52ab42bf1f32001102a0c5c0d0f2e0ef185f87f1;hpb=6668591afecb314a59105b06a1712643f1616636;p=friendica.git diff --git a/mod/photos.php b/mod/photos.php index 52ab42bf1f..8111fffa30 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -1,6 +1,6 @@ get('system', 'block_public') && !Session::isAuthenticated()) { return; } @@ -65,7 +65,7 @@ function photos_init(App $a) { if (DI::args()->getArgc() > 1) { $owner = User::getOwnerDataByNick(DI::args()->getArgv()[1]); - if (!$owner) { + if (!isset($owner['account_removed']) || $owner['account_removed']) { throw new HTTPException\NotFoundException(DI::l10n()->t('User not found.')); } @@ -85,9 +85,6 @@ function photos_init(App $a) { $ret['albums'] = []; foreach ($albums as $k => $album) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($owner['uid']) && ($album['album'] == DI::l10n()->t('Profile Photos'))) - continue; $entry = [ 'text' => $album['album'], 'total' => $album['total'], @@ -160,16 +157,16 @@ function photos_post(App $a) } if (!$can_post) { - notice(DI::l10n()->t('Permission denied.')); - exit(); + DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.')); + System::exit(); } $owner_record = User::getOwnerDataById($page_owner_uid); if (!$owner_record) { - notice(DI::l10n()->t('Contact information unavailable')); + DI::sysmsg()->addNotice(DI::l10n()->t('Contact information unavailable')); DI::logger()->info('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid); - exit(); + System::exit(); } $aclFormatter = DI::aclFormatter(); @@ -190,18 +187,13 @@ function photos_post(App $a) } if (DI::args()->getArgc() > 3 && DI::args()->getArgv()[2] === 'album') { - if (!Strings::isHex(DI::args()->getArgv()[3])) { + if (!Strings::isHex(DI::args()->getArgv()[3] ?? '')) { DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); } $album = hex2bin(DI::args()->getArgv()[3]); - if ($album === DI::l10n()->t('Profile Photos') || $album === Photo::CONTACT_PHOTOS || $album === DI::l10n()->t(Photo::CONTACT_PHOTOS)) { - DI::baseUrl()->redirect($_SESSION['photo_return']); - return; // NOTREACHED - } - - if (!DBA::exists('photo', ['album' => $album, 'uid' => $page_owner_uid])) { - notice(DI::l10n()->t('Album not found.')); + if (!DBA::exists('photo', ['album' => $album, 'uid' => $page_owner_uid, 'photo-type' => Photo::DEFAULT])) { + DI::sysmsg()->addNotice(DI::l10n()->t('Album not found.')); DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); return; // NOTREACHED } @@ -212,7 +204,7 @@ function photos_post(App $a) } // RENAME photo album - $newalbum = Strings::escapeTags(trim($_POST['albumname'])); + $newalbum = trim($_POST['albumname'] ?? ''); if ($newalbum != $album) { Photo::update(['album' => $newalbum], ['album' => $album, 'uid' => $page_owner_uid]); // Update the photo albums cache @@ -230,16 +222,16 @@ function photos_post(App $a) // get the list of photos we are about to delete if ($visitor) { - $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'", - intval($visitor), - intval($page_owner_uid), - DBA::escape($album) - ); + $r = DBA::toArray(DBA::p("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = ? AND `uid` = ? AND `album` = ?", + $visitor, + $page_owner_uid, + $album + )); } else { - $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'", - intval(local_user()), - DBA::escape($album) - ); + $r = DBA::toArray(DBA::p("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = ? AND `album` = ?", + local_user(), + $album + )); } if (DBA::isResult($r)) { @@ -255,9 +247,9 @@ function photos_post(App $a) // Update the photo albums cache Photo::clearAlbumCache($page_owner_uid); - notice(DI::l10n()->t('Album successfully deleted')); + DI::sysmsg()->addNotice(DI::l10n()->t('Album successfully deleted')); } else { - notice(DI::l10n()->t('Album was empty.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Album was empty.')); } } @@ -289,7 +281,7 @@ function photos_post(App $a) // Update the photo albums cache Photo::clearAlbumCache($page_owner_uid); } else { - notice(DI::l10n()->t('Failed to delete the photo.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Failed to delete the photo.')); DI::baseUrl()->redirect('photos/' . DI::args()->getArgv()[1] . '/image/' . DI::args()->getArgv()[3]); } @@ -299,11 +291,11 @@ function photos_post(App $a) } if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) { - $desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : ''; - $rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : ''; - $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; - $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; - $origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : ''; + $desc = !empty($_POST['desc']) ? trim($_POST['desc']) : ''; + $rawtags = !empty($_POST['newtag']) ? trim($_POST['newtag']) : ''; + $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; + $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; + $origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : ''; $resource_id = DI::args()->getArgv()[3]; @@ -312,7 +304,7 @@ function photos_post(App $a) } if (!empty($_POST['rotate']) && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) { - Logger::notice('rotate'); + Logger::debug('rotate'); $photo = Photo::getPhotoForUser($page_owner_uid, $resource_id); @@ -363,18 +355,12 @@ function photos_post(App $a) if ($albname !== $origaname) { Photo::clearAlbumCache($page_owner_uid); } - /* Don't make the item visible if the only change was the album name */ - - $visibility = 0; - if ($photo['desc'] !== $desc || strlen($rawtags)) { - $visibility = 1; - } } if (DBA::isResult($photos) && !$item_id) { // Create item container $title = ''; - $uri = Item::newURI($page_owner_uid); + $uri = Item::newURI(); $arr = []; $arr['guid'] = System::createUUID(); @@ -395,7 +381,7 @@ function photos_post(App $a) $arr['allow_gid'] = $photo['allow_gid']; $arr['deny_cid'] = $photo['deny_cid']; $arr['deny_gid'] = $photo['deny_gid']; - $arr['visible'] = $visibility; + $arr['visible'] = 0; $arr['origin'] = 1; $arr['body'] = '[url=' . DI::baseUrl() . '/photos/' . $user['nickname'] . '/image/' . $photo['resource-id'] . ']' @@ -538,46 +524,42 @@ function photos_post(App $a) if (count($taginfo)) { foreach ($taginfo as $tagged) { - $uri = Item::newURI($page_owner_uid); - - $arr = []; - $arr['guid'] = System::createUUID(); - $arr['uid'] = $page_owner_uid; - $arr['uri'] = $uri; - $arr['wall'] = 1; - $arr['contact-id'] = $owner_record['id']; - $arr['owner-name'] = $owner_record['name']; - $arr['owner-link'] = $owner_record['url']; - $arr['owner-avatar'] = $owner_record['thumb']; - $arr['author-name'] = $owner_record['name']; - $arr['author-link'] = $owner_record['url']; - $arr['author-avatar'] = $owner_record['thumb']; - $arr['title'] = ''; - $arr['allow_cid'] = $photo['allow_cid']; - $arr['allow_gid'] = $photo['allow_gid']; - $arr['deny_cid'] = $photo['deny_cid']; - $arr['deny_gid'] = $photo['deny_gid']; - $arr['visible'] = 1; - $arr['verb'] = Activity::TAG; - $arr['gravity'] = GRAVITY_PARENT; - $arr['object-type'] = Activity\ObjectType::PERSON; - $arr['target-type'] = Activity\ObjectType::IMAGE; - $arr['inform'] = $tagged[2]; - $arr['origin'] = 1; - $arr['body'] = DI::l10n()->t('%1$s was tagged in %2$s by %3$s', '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . DI::l10n()->t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]') ; - $arr['body'] .= "\n\n" . '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . '[img]' . DI::baseUrl() . "/photo/" . $photo['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n" ; - - $arr['object'] = '' . Activity\ObjectType::PERSON . '' . $tagged[0] . '' . $tagged[1] . '/' . $tagged[0] . ''; - $arr['object'] .= '' . XML::escape('' . "\n"); + $uri = Item::newURI(); + + $arr = [ + 'guid' => System::createUUID(), + 'uid' => $page_owner_uid, + 'uri' => $uri, + 'wall' => 1, + 'contact-id' => $owner_record['id'], + 'owner-name' => $owner_record['name'], + 'owner-link' => $owner_record['url'], + 'owner-avatar' => $owner_record['thumb'], + 'author-name' => $owner_record['name'], + 'author-link' => $owner_record['url'], + 'author-avatar' => $owner_record['thumb'], + 'title' => '', + 'allow_cid' => $photo['allow_cid'], + 'allow_gid' => $photo['allow_gid'], + 'deny_cid' => $photo['deny_cid'], + 'deny_gid' => $photo['deny_gid'], + 'visible' => 0, + 'verb' => Activity::TAG, + 'gravity' => Item::GRAVITY_PARENT, + 'object-type' => Activity\ObjectType::PERSON, + 'target-type' => Activity\ObjectType::IMAGE, + 'inform' => $tagged[2], + 'origin' => 1, + 'body' => DI::l10n()->t('%1$s was tagged in %2$s by %3$s', '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . DI::l10n()->t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]') . "\n\n" . '[url=' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ']' . '[img]' . DI::baseUrl() . '/photo/' . $photo['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n", + 'object' => '' . Activity\ObjectType::PERSON . '' . $tagged[0] . '' . $tagged[1] . '/' . $tagged[0] . '' . XML::escape('' . "\n"), + 'target' => '' . Activity\ObjectType::IMAGE . '' . $photo['desc'] . '' . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . '' . XML::escape('' . "\n" . '') . '', + ]; + if ($tagged[3]) { $arr['object'] .= XML::escape('' . "\n"); } $arr['object'] .= '' . "\n"; - $arr['target'] = '' . Activity\ObjectType::IMAGE . '' . $photo['desc'] . '' - . DI::baseUrl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo['resource-id'] . ''; - $arr['target'] .= '' . XML::escape('' . "\n" . '') . ''; - Item::insert($arr); } } @@ -594,7 +576,7 @@ function photos_post(App $a) $album = trim($_REQUEST['album'] ?? ''); $newalbum = trim($_REQUEST['newalbum'] ?? ''); - Logger::info('album= ' . $album . ' newalbum= ' . $newalbum); + Logger::debug('album= ' . $album . ' newalbum= ' . $newalbum); if (!strlen($album)) { if (strlen($newalbum)) { @@ -612,9 +594,9 @@ function photos_post(App $a) * they acquire comments, likes, dislikes, and/or tags */ - $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR', $album, $page_owner_uid]); + $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > ?', $album, $page_owner_uid, DateTimeFormat::utc('now - 3 hours')]); - if (!DBA::isResult($r) || ($album == DI::l10n()->t('Profile Photos'))) { + if (!DBA::isResult($r) || ($album == DI::l10n()->t(Photo::PROFILE_PHOTOS))) { $visible = 1; } else { $visible = 0; @@ -647,21 +629,21 @@ function photos_post(App $a) if ($error !== UPLOAD_ERR_OK) { switch ($error) { case UPLOAD_ERR_INI_SIZE: - notice(DI::l10n()->t('Image exceeds size limit of %s', ini_get('upload_max_filesize'))); + DI::sysmsg()->addNotice(DI::l10n()->t('Image exceeds size limit of %s', ini_get('upload_max_filesize'))); break; case UPLOAD_ERR_FORM_SIZE: - notice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($_REQUEST['MAX_FILE_SIZE'] ?? 0))); + DI::sysmsg()->addNotice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($_REQUEST['MAX_FILE_SIZE'] ?? 0))); break; case UPLOAD_ERR_PARTIAL: - notice(DI::l10n()->t('Image upload didn\'t complete, please try again')); + DI::sysmsg()->addNotice(DI::l10n()->t('Image upload didn\'t complete, please try again')); break; case UPLOAD_ERR_NO_FILE: - notice(DI::l10n()->t('Image file is missing')); + DI::sysmsg()->addNotice(DI::l10n()->t('Image file is missing')); break; case UPLOAD_ERR_NO_TMP_DIR: case UPLOAD_ERR_CANT_WRITE: case UPLOAD_ERR_EXTENSION: - notice(DI::l10n()->t('Server can\'t accept new file upload at this time, please contact your administrator')); + DI::sysmsg()->addNotice(DI::l10n()->t('Server can\'t accept new file upload at this time, please contact your administrator')); break; } @unlink($src); @@ -677,7 +659,7 @@ function photos_post(App $a) $maximagesize = DI::config()->get('system', 'maximagesize'); if ($maximagesize && ($filesize > $maximagesize)) { - notice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($maximagesize))); + DI::sysmsg()->addNotice(DI::l10n()->t('Image exceeds size limit of %s', Strings::formatBytes($maximagesize))); @unlink($src); $foo = 0; Hook::callAll('photo_post_end', $foo); @@ -685,22 +667,22 @@ function photos_post(App $a) } if (!$filesize) { - notice(DI::l10n()->t('Image file is empty.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Image file is empty.')); @unlink($src); $foo = 0; Hook::callAll('photo_post_end', $foo); return; } - Logger::info('loading the contents of ' . $src); + Logger::debug('loading contents', ['src' => $src]); $imagedata = @file_get_contents($src); $image = new Image($imagedata, $type); if (!$image->isValid()) { - Logger::info('unable to process image'); - notice(DI::l10n()->t('Unable to process image.')); + Logger::notice('unable to process image'); + DI::sysmsg()->addNotice(DI::l10n()->t('Unable to process image.')); @unlink($src); $foo = 0; Hook::callAll('photo_post_end',$foo); @@ -711,9 +693,6 @@ function photos_post(App $a) @unlink($src); $max_length = DI::config()->get('system', 'max_image_length'); - if (!$max_length) { - $max_length = MAX_IMAGE_LENGTH; - } if ($max_length > 0) { $image->scaleDown($max_length); } @@ -725,27 +704,27 @@ function photos_post(App $a) $resource_id = Photo::newResource(); - $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); if (!$r) { - Logger::info('image store failed'); - notice(DI::l10n()->t('Image upload failed.')); + Logger::warning('image store failed'); + DI::sysmsg()->addNotice(DI::l10n()->t('Image upload failed.')); return; } if ($width > 640 || $height > 640) { $image->scaleDown(640); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 1; } if ($width > 320 || $height > 320) { $image->scaleDown(320); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 2; } - $uri = Item::newURI($page_owner_uid); + $uri = Item::newURI(); // Create item container $lat = $lon = null; @@ -816,12 +795,12 @@ function photos_content(App $a) } if (DI::config()->get('system', 'block_public') && !Session::isAuthenticated()) { - notice(DI::l10n()->t('Public access denied.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Public access denied.')); return; } if (empty($user)) { - notice(DI::l10n()->t('No photos selected')); + DI::sysmsg()->addNotice(DI::l10n()->t('No photos selected')); return; } @@ -890,7 +869,7 @@ function photos_content(App $a) } if ($user['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) { - notice(DI::l10n()->t('Access to this item is restricted.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Access to this item is restricted.')); return; } @@ -905,11 +884,11 @@ function photos_content(App $a) // Display upload form if ($datatype === 'upload') { if (!$can_post) { - notice(DI::l10n()->t('Permission denied.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.')); return; } - $selname = Strings::isHex($datum) ? hex2bin($datum) : ''; + $selname = (!is_null($datum) && Strings::isHex($datum)) ? hex2bin($datum) : ''; $albumselect = ''; @@ -917,7 +896,7 @@ function photos_content(App $a) $albums = Photo::getAlbums($owner_uid); if (!empty($albums)) { foreach ($albums as $album) { - if (($album['album'] === '') || ($album['album'] === Photo::CONTACT_PHOTOS) || ($album['album'] === DI::l10n()->t(Photo::CONTACT_PHOTOS))) { + if ($album['album'] === '') { continue; } $selected = (($selname === $album['album']) ? ' selected="selected" ' : ''); @@ -971,17 +950,21 @@ function photos_content(App $a) // Display a single photo album if ($datatype === 'album') { // if $datum is not a valid hex, redirect to the default page - if (!Strings::isHex($datum)) { + if (is_null($datum) || !Strings::isHex($datum)) { DI::baseUrl()->redirect('photos/' . $user['nickname']. '/album'); } $album = hex2bin($datum); + if ($can_post && !Photo::exists(['uid' => $owner_uid, 'album' => $album, 'photo-type' => Photo::DEFAULT])) { + $can_post = false; + } + $total = 0; - $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' + $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `album` = ? AND `scale` <= 4 $sql_extra GROUP BY `resource-id`", - intval($owner_uid), - DBA::escape($album) - ); + $owner_uid, + $album + )); if (DBA::isResult($r)) { $total = count($r); } @@ -990,22 +973,22 @@ function photos_content(App $a) /// @TODO I have seen this many times, maybe generalize it script-wide and encapsulate it? $order_field = $_GET['order'] ?? ''; - if ($order_field === 'posted') { + if ($order_field === 'created') { $order = 'ASC'; } else { $order = 'DESC'; } - $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, + $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, max(`scale`) AS `scale`, ANY_VALUE(`desc`) as `desc`, ANY_VALUE(`created`) as `created` - FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT %d , %d", + FROM `photo` WHERE `uid` = ? AND `album` = ? + AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT ? , ?", intval($owner_uid), DBA::escape($album), $pager->getStart(), $pager->getItemsPerPage() - ); + )); if ($cmd === 'drop') { $drop_url = DI::args()->getQueryString(); @@ -1025,33 +1008,29 @@ function photos_content(App $a) // edit album name if ($cmd === 'edit') { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS))) { - if ($can_post) { - $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); - - $album_e = $album; - - $o .= Renderer::replaceMacros($edit_tpl,[ - '$nametext' => DI::l10n()->t('New album name: '), - '$nickname' => $user['nickname'], - '$album' => $album_e, - '$hexalbum' => bin2hex($album), - '$submit' => DI::l10n()->t('Submit'), - '$dropsubmit' => DI::l10n()->t('Delete Album') - ]); - } - } - } else { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS)) && $can_post) { - $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/edit']; - $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/drop']; + if ($can_post) { + $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); + + $album_e = $album; + + $o .= Renderer::replaceMacros($edit_tpl,[ + '$nametext' => DI::l10n()->t('New album name: '), + '$nickname' => $user['nickname'], + '$album' => $album_e, + '$hexalbum' => bin2hex($album), + '$submit' => DI::l10n()->t('Submit'), + '$dropsubmit' => DI::l10n()->t('Delete Album') + ]); } + } elseif ($can_post) { + $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/edit']; + $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/drop']; } - if ($order_field === 'posted') { + if ($order_field === 'created') { $order = [DI::l10n()->t('Show Newest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album), 'oldest']; } else { - $order = [DI::l10n()->t('Show Oldest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '?order=posted', 'newest']; + $order = [DI::l10n()->t('Show Oldest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '?order=created', 'newest']; } $photos = []; @@ -1071,7 +1050,7 @@ function photos_content(App $a) 'id' => $rr['id'], 'twist' => ' ' . ($twist ? 'rotleft' : 'rotright') . rand(2,4), 'link' => 'photos/' . $user['nickname'] . '/image/' . $rr['resource-id'] - . ($order_field === 'posted' ? '?order=posted' : ''), + . ($order_field === 'created' ? '?order=created' : ''), 'title' => DI::l10n()->t('View Photo'), 'src' => 'photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.' .$ext, 'alt' => $imgalt_e, @@ -1101,17 +1080,13 @@ function photos_content(App $a) // Display one photo if ($datatype === 'image') { // fetch image, item containing image, then comments - $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' - $sql_extra ORDER BY `scale` ASC ", - intval($owner_uid), - DBA::escape($datum) - ); + $ph = Photo::selectToArray([], ["`uid` = ? AND `resource-id` = ? " . $sql_extra, $owner_uid, $datum], ['order' => ['scale']]); if (!DBA::isResult($ph)) { if (DBA::exists('photo', ['resource-id' => $datum, 'uid' => $owner_uid])) { - notice(DI::l10n()->t('Permission denied. Access to this item may be restricted.')); + DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied. Access to this item may be restricted.')); } else { - notice(DI::l10n()->t('Photo not available')); + DI::sysmsg()->addNotice(DI::l10n()->t('Photo not available')); } return; } @@ -1143,17 +1118,15 @@ function photos_content(App $a) if ($cmd === 'view' && !DI::config()->get('system', 'no_count', false)) { $order_field = $_GET['order'] ?? ''; - if ($order_field === 'posted') { - $order = 'ASC'; + if ($order_field === 'created') { + $params = ['order' => [$order_field]]; + } elseif (!empty($order_field)) { + $params = ['order' => [$order_field => true]]; } else { - $order = 'DESC'; + $params = []; } - $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 - $sql_extra ORDER BY `created` $order ", - DBA::escape($ph[0]['album']), - intval($owner_uid) - ); + $prvnxt = Photo::selectToArray(['resource-id'], ["`album` = ? AND `uid` = ? AND `scale` = ?" . $sql_extra, $ph[0]['album'], $owner_uid, 0], $params); if (DBA::isResult($prvnxt)) { $prv = null; @@ -1173,10 +1146,10 @@ function photos_content(App $a) } if (!is_null($prv)) { - $prevlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . ($order_field === 'posted' ? '?order=posted' : ''); + $prevlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . ($order_field === 'created' ? '?order=created' : ''); } if (!is_null($nxt)) { - $nextlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . ($order_field === 'posted' ? '?order=posted' : ''); + $nextlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . ($order_field === 'created' ? '?order=created' : ''); } $tpl = Renderer::getMarkupTemplate('photo_edit_head.tpl'); @@ -1253,17 +1226,10 @@ function photos_content(App $a) // The difference is that we won't be displaying the conversation head item // as a "post" but displaying instead the photo it is linked to - /// @todo Rewrite this query. To do so, $sql_extra must be changed - $linked_items = q("SELECT `id` FROM `post-user-view` WHERE `resource-id` = '%s' $sql_extra LIMIT 1", - DBA::escape($datum) - ); - if (DBA::isResult($linked_items)) { - // This is a workaround to not being forced to rewrite the while $sql_extra handling - $link_item = Post::selectFirst([], ['id' => $linked_items[0]['id']]); - } + $link_item = Post::selectFirst([], ["`resource-id` = ?" . $sql_extra, $datum]); if (!empty($link_item['parent']) && !empty($link_item['uid'])) { - $condition = ["`parent` = ? AND `gravity` = ?", $link_item['parent'], GRAVITY_COMMENT]; + $condition = ["`parent` = ? AND `gravity` = ?", $link_item['parent'], Item::GRAVITY_COMMENT]; $total = Post::count($condition); $pager = new Pager(DI::l10n(), DI::args()->getQueryString()); @@ -1283,14 +1249,12 @@ function photos_content(App $a) $tags = null; if (!empty($link_item['id'])) { - $tag_text = Tag::getCSVByURIId($link_item['uri-id']); - $arr = explode(',', $tag_text); // parse tags and add links $tag_arr = []; - foreach ($arr as $tag) { + foreach (Tag::getByURIId($link_item['uri-id']) as $tag) { $tag_arr[] = [ - 'name' => BBCode::convert($tag), - 'removeurl' => '/tagrm/' . $link_item['id'] . '/' . bin2hex($tag) + 'name' => $tag['name'], + 'removeurl' => '/tagrm/' . $link_item['id'] . '/' . bin2hex($tag['name']) ]; } $tags = ['title' => DI::l10n()->t('Tags: '), 'tags' => $tag_arr]; @@ -1436,7 +1400,7 @@ function photos_content(App $a) if (($activity->match($item['verb'], Activity::LIKE) || $activity->match($item['verb'], Activity::DISLIKE)) && - ($item['gravity'] != GRAVITY_PARENT)) { + ($item['gravity'] != Item::GRAVITY_PARENT)) { continue; } @@ -1453,25 +1417,25 @@ function photos_content(App $a) $drop = [ 'dropping' => $dropping, 'pagedrop' => false, - 'select' => DI::l10n()->t('Select'), - 'delete' => DI::l10n()->t('Delete'), + 'select' => DI::l10n()->t('Select'), + 'delete' => DI::l10n()->t('Delete'), ]; $title_e = $item['title']; - $body_e = BBCode::convert($item['body']); + $body_e = BBCode::convertForUriId($item['uri-id'], $item['body']); $comments .= Renderer::replaceMacros($template,[ - '$id' => $item['id'], + '$id' => $item['id'], '$profile_url' => $profile_url, - '$name' => $item['author-name'], - '$thumb' => $item['author-avatar'], - '$sparkle' => $sparkle, - '$title' => $title_e, - '$body' => $body_e, - '$ago' => Temporal::getRelativeDate($item['created']), - '$indent' => (($item['parent'] != $item['id']) ? ' comment' : ''), - '$drop' => $drop, - '$comment' => $comment + '$name' => $item['author-name'], + '$thumb' => $item['author-avatar'], + '$sparkle' => $sparkle, + '$title' => $title_e, + '$body' => $body_e, + '$ago' => Temporal::getRelativeDate($item['created']), + '$indent' => (($item['parent'] != $item['id']) ? ' comment' : ''), + '$drop' => $drop, + '$comment' => $comment ]); if (($can_post || Security::canWriteToUserWall($owner_uid))) { @@ -1561,40 +1525,33 @@ function photos_content(App $a) // Default - show recent photos with upload link (if applicable) //$o = ''; $total = 0; - $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' + $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `photo-type` = ? $sql_extra GROUP BY `resource-id`", - intval($user['uid']), - DBA::escape(Photo::CONTACT_PHOTOS), - DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS)) - ); + $user['uid'], + Photo::DEFAULT, + )); if (DBA::isResult($r)) { $total = count($r); } $pager = new Pager(DI::l10n(), DI::args()->getQueryString(), 20); - $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, + $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`, ANY_VALUE(`created`) AS `created` FROM `photo` - WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' - $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", - intval($user['uid']), - DBA::escape(Photo::CONTACT_PHOTOS), - DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS)), + WHERE `uid` = ? AND `photo-type` = ? + $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT ? , ?", + $user['uid'], + Photo::DEFAULT, $pager->getStart(), $pager->getItemsPerPage() - ); + )); $photos = []; if (DBA::isResult($r)) { // "Twist" is only used for the duepunto theme with style "slackr" $twist = false; foreach ($r as $rr) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($owner_uid) && ($rr['album'] == DI::l10n()->t('Profile Photos'))) { - continue; - } - $twist = !$twist; $ext = $phototypes[$rr['type']];