X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphotos.php;h=9f92c11370f54d09bba71e98628bc083b7bab2a1;hb=9718fffd71856f98815ecc8375afddd6b22b070c;hp=82f3c13ecc575806269e4e5aeba3fe8eeb6bb672;hpb=adce88e564f2e9a6c8487bf23762afe1413ed263;p=friendica.git diff --git a/mod/photos.php b/mod/photos.php index 82f3c13ecc..9f92c11370 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -1,10 +1,14 @@ argc > 1) { $nick = $a->argv[1]; $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", @@ -34,10 +38,12 @@ function photos_init(&$a) { } $o .= ''; } + + if(! x($a->page,'aside')) + $a->page['aside'] = ''; $a->page['aside'] .= $o; } - - + return; } @@ -46,17 +52,328 @@ function photos_init(&$a) { function photos_post(&$a) { - if(! local_user()) { - notice( t('Permission denied.') . EOL ); - killme(); - } + if(! local_user()) { + notice( t('Permission denied.') . EOL ); + killme(); + } - $r = q("SELECT * FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1", - intval($_SESSION['uid']) + $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` + WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1", + intval(local_user()) ); + if(! count($r)) { + notice( t('Contact information unavailable') . EOL); + logger('photos_post: unable to locate contact record for logged in user. uid=' . local_user()); + killme(); + } + $contact_record = $r[0]; + + if(($a->argc > 2) && ($a->argv[1] === 'album')) { + $album = hex2bin($a->argv[2]); + + if($album == t('Profile Photos') || $album == t('Contact Photos')) { + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + return; // NOTREACHED + } + + $r = q("SELECT count(*) FROM `photo` WHERE `album` = '%s' AND `uid` = %d", + dbesc($album), + intval(local_user()) + ); + if(! count($r)) { + notice( t('Album not found.') . EOL); + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + return; // NOTREACHED + } + + $newalbum = notags(trim($_POST['albumname'])); + if($newalbum != $album) { + q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d", + dbesc($newalbum), + dbesc($album), + intval(local_user()) + ); + $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']); + goaway($a->get_baseurl() . '/' . $newurl); + return; // NOTREACHED + } + + if($_POST['dropalbum'] == t('Delete Album')) { + + $res = array(); + $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'", + intval(local_user()), + dbesc($album) + ); + if(count($r)) { + foreach($r as $rr) { + $res[] = "'" . dbesc($rr['rid']) . "'" ; + } + } + else { + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + return; // NOTREACHED + } + $str_res = implode(',', $res); + + q("DELETE FROM `photo` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d", + intval(local_user()) + ); + $r = q("SELECT `parent-uri` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d", + intval(local_user()) + ); + if(count($r)) { + foreach($r as $rr) { + q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", + dbesc(datetime_convert()), + dbesc($rr['parent-uri']), + intval(local_user()) + ); + + $drop_id = intval($rr['id']); + $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php'); + $proc_debug = get_config('system','proc_debug'); + + // send the notification upstream/downstream as the case may be + + if($rr['visible']) + proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"drop\" \"$drop_id\" $proc_debug & ", + array(),$foo)); + + } + } + } + goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']); + return; // NOTREACHED + } + + if(($a->argc > 1) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) { + $r = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1", + intval(local_user()), + dbesc($a->argv[1]) + ); + if(count($r)) { + q("DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'", + intval(local_user()), + dbesc($r[0]['resource-id']) + ); + $i = q("SELECT * FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1", + dbesc($r[0]['resource-id']), + intval(local_user()) + ); + if(count($i)) { + q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", + dbesc(datetime_convert()), + dbesc(datetime_convert()), + dbesc($i[0]['uri']), + intval(local_user()) + ); + + $url = $a->get_baseurl(); + $drop_id = intval($i[0]['id']); + $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php'); + + $proc_debug = get_config('system','proc_debug'); + + // send the notification upstream/downstream as the case may be + + if($i[0]['visible']) + proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"drop\" \"$drop_id\" $proc_debug & ", + array(),$foo)); + } + } + + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + return; // NOTREACHED + } + + if(($a->argc > 1) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false))) { + + $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : ''); + $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : ''); + $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0); + $resource_id = $a->argv[1]; + + $p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC", + dbesc($resource_id), + intval(local_user()) + ); + if((count($p)) && ($p[0]['desc'] !== $desc)) { + $r = q("UPDATE `photo` SET `desc` = '%s' WHERE `resource-id` = '%s' AND `uid` = %d", + dbesc($desc), + dbesc($resource_id), + intval(local_user()) + ); + } + if(! $item_id) { + + // Create item container + + $title = ''; + $basename = basename($filename); + $uri = item_new_uri($a->get_hostname(),local_user()); + + $arr = array(); + + $arr['uid'] = local_user(); + $arr['uri'] = $uri; + $arr['parent-uri'] = $uri; + $arr['type'] = 'photo'; + $arr['wall'] = 1; + $arr['resource-id'] = $p[0]['resource-id']; + $arr['contact-id'] = $contact_record['id']; + $arr['owner-name'] = $contact_record['name']; + $arr['owner-link'] = $contact_record['url']; + $arr['owner-avatar'] = $contact_record['thumb']; + $arr['author-name'] = $contact_record['name']; + $arr['author-link'] = $contact_record['url']; + $arr['author-avatar'] = $contact_record['thumb']; + $arr['title'] = $title; + $arr['allow_cid'] = $p[0]['allow_cid']; + $arr['allow_gid'] = $p[0]['allow_gid']; + $arr['deny_cid'] = $p[0]['deny_cid']; + $arr['deny_gid'] = $p[0]['deny_gid']; + $arr['last-child'] = 1; + $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $p[0]['resource-id'] . ']' + . '[img]' . $a->get_baseurl() . '/photo/' . $p[0]['resource-id'] . '-' . $p[0]['scale'] . '.jpg' . '[/img]' + . '[/url]'; + + $item_id = item_store($arr); + + } + + if($item_id) { + $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", + intval($item_id), + intval(local_user()) + ); + } + if(count($r)) { + $old_tag = $r[0]['tag']; + $old_inform = $r[0]['inform']; + } + + if(strlen($rawtags)) { + + $str_tags = ''; + $inform = ''; + + // if the new tag doesn't have a namespace specifier (@foo or #foo) give it a hashtag + + $x = substr($rawtags,0,1); + if($x !== '@' && $x !== '#') + $rawtags = '#' . $rawtags; + + $taginfo = array(); + $tags = get_tags($rawtags); + + if(count($tags)) { + foreach($tags as $tag) { + if(strpos($tag,'@') === 0) { + $name = substr($tag,1); + if((strpos($name,'@')) || (strpos($name,'http://'))) { + $newname = $name; + $links = @lrdd($name); + if(count($links)) { + foreach($links as $link) { + if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') + $profile = $link['@attributes']['href']; + if($link['@attributes']['rel'] === 'salmon') { + $salmon = '$url:' . str_replace(',','%sc',$link['@attributes']['href']); + if(strlen($inform)) + $inform .= ','; + $inform .= $salmon; + } + } + } + $taginfo[] = array($newname,$profile,$salmon); + } + else { + $newname = $name; + if(strstr($name,'_')) { + $newname = str_replace('_',' ',$name); + $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", + dbesc($newname), + intval(local_user()) + ); + } + else { + $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1", + dbesc($name), + intval(local_user()) + ); + } + if(count($r)) { + $profile = $r[0]['url']; + $notify = 'cid:' . $r[0]['id']; + if(strlen($inform)) + $inform .= ','; + $inform .= $notify; + } + } + if($profile) { + $taginfo[] = array($newname,$profile,$notify); + if(strlen($str_tags)) + $str_tags .= ','; + $profile = str_replace(',','%2c',$profile); + $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]'; + } + } + } + } + + $newtag = $old_tag; + if(strlen($newtag) && strlen($str_tags)) + $newtag .= ','; + $newtag .= $str_tags; + + $newinform = $old_inform; + if(strlen($newinform) && strlen($inform)) + $newinform .= ','; + $newinform .= $inform; + + $r = q("UPDATE `item` SET `tag` = '%s', `inform` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", + dbesc($newtag), + dbesc($newinform), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($item_id), + intval(local_user()) + ); + + if(count($taginfo)) { + foreach($taginfo as $tagged) { +// $slap = create_photo_tag(local_user(),$item_id, $tagged); + + +// + } + // call notifier on new tag activity + } + +// $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php'); + +// $proc_debug = get_config('system','proc_debug'); + + // send the notification upstream/downstream as the case may be + +// if($i[0]['visible']) +// proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"drop\" \"$drop_id\" $proc_debug & ", +// array(),$foo)); + + + + } + goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); + return; // NOTREACHED + } + + + // default post action - upload a photo + if(! x($_FILES,'userfile')) killme(); @@ -75,43 +392,29 @@ function photos_post(&$a) { $album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y'); } - $str_group_allow = ''; - $group_allow = $_POST['group_allow']; - if(is_array($group_allow)) { - array_walk($group_allow,'sanitise_acl'); - $str_group_allow = implode('',$group_allow); - } - - $str_contact_allow = ''; - $contact_allow = $_POST['contact_allow']; - if(is_array($contact_allow)) { - array_walk($contact_allow,'sanitise_acl'); - $str_contact_allow = implode('',$contact_allow); - } - - $str_group_deny = ''; - $group_deny = $_POST['group_deny']; - if(is_array($group_deny)) { - array_walk($group_deny,'sanitise_acl'); - $str_group_deny = implode('',$group_deny); - } + $r = q("SELECT * FROM `photo` WHERE `album` = '%s' AND `uid` = %d", + dbesc($album), + intval(local_user()) + ); + if((! count($r)) || ($album == t('Profile Photos'))) + $visible = 1; + else + $visible = 0; - $str_contact_deny = ''; - $contact_deny = $_POST['contact_deny']; - if(is_array($contact_deny)) { - array_walk($contact_deny,'sanitise_acl'); - $str_contact_deny = implode('',$contact_deny); - } + $str_group_allow = perms2str($_POST['group_allow']); + $str_contact_allow = perms2str($_POST['contact_allow']); + $str_group_deny = perms2str($_POST['group_deny']); + $str_contact_deny = perms2str($_POST['contact_deny']); - $src = $_FILES['userfile']['tmp_name']; - $filename = basename($_FILES['userfile']['name']); - $filesize = intval($_FILES['userfile']['size']); + $src = $_FILES['userfile']['tmp_name']; + $filename = basename($_FILES['userfile']['name']); + $filesize = intval($_FILES['userfile']['size']); $imagedata = @file_get_contents($src); $ph = new Photo($imagedata); - if(! ($image = $ph->getImage())) { + if(! $ph->is_valid()) { notice( t('Unable to process image.') . EOL ); @unlink($src); killme(); @@ -124,9 +427,9 @@ function photos_post(&$a) { $smallest = 0; - $photo_hash = hash('md5',uniqid(mt_rand(),true)); - - $r = $ph->store($_SESSION['uid'], 0, $photo_hash, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + $photo_hash = photo_new_resource(); + + $r = $ph->store(local_user(), 0, $photo_hash, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); if(! $r) { notice( t('Image upload failed.') . EOL ); @@ -135,74 +438,49 @@ function photos_post(&$a) { if($width > 640 || $height > 640) { $ph->scaleImage(640); - $ph->store($_SESSION['uid'], 0, $photo_hash, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + $ph->store(local_user(), 0, $photo_hash, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 1; } if($width > 320 || $height > 320) { $ph->scaleImage(320); - $ph->store($_SESSION['uid'], 0, $photo_hash, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + $ph->store(local_user(), 0, $photo_hash, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 2; } $basename = basename($filename); + $uri = item_new_uri($a->get_hostname(), local_user()); // Create item container - $body = '[url=' . $a->get_baseurl() . '/photos/' . $contact_record['nickname'] . '/image/' . $photo_hash . ']' - . '[img]' . $a->get_baseurl() . "/photo/{$photo_hash}-{$smallest}.jpg" . '[/img]' - . '[/url]'; - - do { - $dups = false; - $item_hash = random_string(); - - $uri = "urn:X-dfrn:" . $a->get_hostname() . ':' . $profile_uid . ':' . $item_hash; - - $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1", - dbesc($uri)); - if(count($r)) - $dups = true; - } while($dups == true); - - - $r = q("INSERT INTO `item` (`uid`, `type`, `resource-id`, `contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `created`, - `edited`, `uri`, `parent-uri`, `title`, `body`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`) - VALUES( %d, '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", - intval($_SESSION['uid']), - dbesc('photo'), - dbesc($photo_hash), - intval($contact_record['id']), - dbesc($contact_record['name']), - dbesc($contact_record['url']), - dbesc($contact_record['thumb']), - datetime_convert(), - datetime_convert(), - dbesc($uri), - dbesc($uri), - dbesc($title), - dbesc($body), - dbesc($str_contact_allow), - dbesc($str_group_allow), - dbesc($str_contact_deny), - dbesc($str_group_deny) - - ); - if($r) { - - $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1", - dbesc($uri) - ); - if(count($r)) - q("UPDATE `item` SET `parent` = %d, `last-child` = 1 WHERE `id` = %d LIMIT 1", - intval($r[0]['id']), - intval($r[0]['id']) - ); - - } - - // if album has no featured photo, promote one. + $arr = array(); + + $arr['uid'] = local_user(); + $arr['uri'] = $uri; + $arr['parent-uri'] = $uri; + $arr['type'] = 'photo'; + $arr['wall'] = 1; + $arr['resource-id'] = $photo_hash; + $arr['contact-id'] = $contact_record['id']; + $arr['owner-name'] = $contact_record['name']; + $arr['owner-link'] = $contact_record['url']; + $arr['owner-avatar'] = $contact_record['thumb']; + $arr['author-name'] = $contact_record['name']; + $arr['author-link'] = $contact_record['url']; + $arr['author-avatar'] = $contact_record['thumb']; + $arr['title'] = ''; + $arr['allow_cid'] = $str_contact_allow; + $arr['allow_gid'] = $str_group_allow; + $arr['deny_cid'] = $str_contact_deny; + $arr['deny_gid'] = $str_group_deny; + $arr['last-child'] = 1; + $arr['visible'] = $visible; + $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $contact_record['nickname'] . '/image/' . $photo_hash . ']' + . '[img]' . $a->get_baseurl() . "/photo/{$photo_hash}-{$smallest}.jpg" . '[/img]' + . '[/url]'; + + $item_id = item_store($arr); if(! $java_upload) { goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']); @@ -223,10 +501,9 @@ function photos_content(&$a) { // photos/name/upload // photos/name/album/xxxxx // photos/name/album/xxxxx/edit - // photos/name/album/xxxxx/drop // photos/name/image/xxxxx // photos/name/image/xxxxx/edit - // photos/name/image/xxxxx/drop + if(! x($a->data,'user')) { notice( t('No photos selected') . EOL ); @@ -243,7 +520,7 @@ function photos_content(&$a) { $datatype = $a->argv[2]; $datum = $a->argv[3]; } - elseif(($a->argc > 2) && ($a->argv[2] == 'upload')) + elseif(($a->argc > 2) && ($a->argv[2] === 'upload')) $datatype = 'upload'; else $datatype = 'summary'; @@ -259,18 +536,39 @@ function photos_content(&$a) { $owner_uid = $a->data['user']['uid']; + + + $contact = null; + $remote_contact = false; + if(remote_user()) { $contact_id = $_SESSION['visitor_id']; $groups = init_groups_visitor($contact_id); + $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", + intval($contact_id), + intval($owner_uid) + ); + if(count($r)) { + $contact = $r[0]; + $remote_contact = true; + } } + if(! $remote_contact) { + if(local_user()) { + $contact_id = $_SESSION['cid']; + $contact = $a->contact; + } + } + + // default permissions - anonymous user $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' "; // Profile owner - everything is visible - if(local_user() && ($_SESSION['uid'] == $owner_uid)) { + if(local_user() && (local_user() == $owner_uid)) { $sql_extra = ''; } elseif(remote_user()) { @@ -298,8 +596,8 @@ function photos_content(&$a) { // - if($datatype == 'upload') { - if( ! (local_user() && ($_SESSION['uid'] == $a->data['user']['uid']))) { + if($datatype === 'upload') { + if( ! (local_user() && (local_user() == $a->data['user']['uid']))) { notice( t('Permission denied.')); return; } @@ -308,13 +606,16 @@ function photos_content(&$a) { $albumselect .= ''; if(count($a->data['albums'])) { foreach($a->data['albums'] as $album) { - if(($album['album'] == '') || ($album['album'] == t('Contact Photos'))) + if(($album['album'] === '') || ($album['album'] == t('Contact Photos'))) continue; $albumselect .= ''; } } + + $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false); + $albumselect .= ''; - $tpl = file_get_contents('view/photos_upload.tpl'); + $tpl = load_view_file('view/photos_upload.tpl'); $o .= replace_macros($tpl,array( '$pagename' => t('Upload Photos'), '$sessid' => session_id(), @@ -323,9 +624,9 @@ function photos_content(&$a) { '$filestext' => t('Select files to upload: '), '$albumselect' => $albumselect, '$permissions' => t('Permissions'), - '$aclselect' => populate_acl(), + '$aclselect' => populate_acl($a->user, $celeb), '$archive' => $a->get_baseurl() . '/jumploader_z.jar', - '$nojava' => t('Use the following controls only if the Java uploader (above) fails to launch.'), + '$nojava' => t('Use the following controls only if the Java uploader [above] fails to launch.'), '$uploadurl' => $a->get_baseurl() . '/photos', '$submit' => t('Submit') )); @@ -334,7 +635,7 @@ function photos_content(&$a) { } - if($datatype == 'album') { + if($datatype === 'album') { $album = hex2bin($datum); @@ -347,7 +648,7 @@ function photos_content(&$a) { $a->set_pager_total(count($r)); - $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' + $r = q("SELECT `resource-id`, `id`, `filename`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", intval($a->data['user']['uid']), dbesc($album), @@ -356,8 +657,31 @@ function photos_content(&$a) { ); $o .= '