X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphotos.php;h=ce6d11340e8d114380455209d220b9eae43e73dd;hb=f329d5c067f0b981fb100fafdf5ad484e5b828f7;hp=107171f673184460fb21e2e53555812153d75334;hpb=9918fa3ec02f5e062ee85b95044c981ad7043632;p=friendica.git diff --git a/mod/photos.php b/mod/photos.php index 107171f673..ce6d11340e 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -1,6 +1,6 @@ $album) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($owner['uid']) && ($album['album'] == DI::l10n()->t('Profile Photos'))) - continue; $entry = [ 'text' => $album['album'], 'total' => $album['total'], @@ -195,17 +192,7 @@ function photos_post(App $a) } $album = hex2bin(DI::args()->getArgv()[3]); - if ($album === DI::l10n()->t('Profile Photos') || $album === Photo::CONTACT_PHOTOS || $album === DI::l10n()->t(Photo::CONTACT_PHOTOS)) { - DI::baseUrl()->redirect($_SESSION['photo_return']); - return; // NOTREACHED - } - - $r = q("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d", - DBA::escape($album), - intval($page_owner_uid) - ); - - if (!DBA::isResult($r)) { + if (!DBA::exists('photo', ['album' => $album, 'uid' => $page_owner_uid, 'photo-type' => Photo::DEFAULT])) { notice(DI::l10n()->t('Album not found.')); DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); return; // NOTREACHED @@ -217,13 +204,9 @@ function photos_post(App $a) } // RENAME photo album - $newalbum = Strings::escapeTags(trim($_POST['albumname'])); + $newalbum = trim($_POST['albumname'] ?? ''); if ($newalbum != $album) { - q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d", - DBA::escape($newalbum), - DBA::escape($album), - intval($page_owner_uid) - ); + Photo::update(['album' => $newalbum], ['album' => $album, 'uid' => $page_owner_uid]); // Update the photo albums cache Photo::clearAlbumCache($page_owner_uid); @@ -239,16 +222,16 @@ function photos_post(App $a) // get the list of photos we are about to delete if ($visitor) { - $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'", - intval($visitor), - intval($page_owner_uid), - DBA::escape($album) - ); + $r = DBA::toArray(DBA::p("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = ? AND `uid` = ? AND `album` = ?", + $visitor, + $page_owner_uid, + $album + )); } else { - $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'", - intval(local_user()), - DBA::escape($album) - ); + $r = DBA::toArray(DBA::p("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = ? AND `album` = ?", + local_user(), + $album + )); } if (DBA::isResult($r)) { @@ -308,11 +291,11 @@ function photos_post(App $a) } if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) { - $desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : ''; - $rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : ''; - $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; - $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; - $origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : ''; + $desc = !empty($_POST['desc']) ? trim($_POST['desc']) : ''; + $rawtags = !empty($_POST['newtag']) ? trim($_POST['newtag']) : ''; + $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; + $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; + $origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : ''; $resource_id = DI::args()->getArgv()[3]; @@ -321,7 +304,7 @@ function photos_post(App $a) } if (!empty($_POST['rotate']) && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) { - Logger::log('rotate'); + Logger::notice('rotate'); $photo = Photo::getPhotoForUser($page_owner_uid, $resource_id); @@ -621,9 +604,9 @@ function photos_post(App $a) * they acquire comments, likes, dislikes, and/or tags */ - $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR', $album, $page_owner_uid]); + $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > ?', $album, $page_owner_uid, DateTimeFormat::utc('now - 3 hours')]); - if (!DBA::isResult($r) || ($album == DI::l10n()->t('Profile Photos'))) { + if (!DBA::isResult($r) || ($album == DI::l10n()->t(Photo::PROFILE_PHOTOS))) { $visible = 1; } else { $visible = 0; @@ -681,7 +664,7 @@ function photos_post(App $a) $type = Images::getMimeTypeBySource($src, $filename, $type); - Logger::log('photos: upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', Logger::DEBUG); + Logger::info('photos: upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes'); $maximagesize = DI::config()->get('system', 'maximagesize'); @@ -701,14 +684,14 @@ function photos_post(App $a) return; } - Logger::log('mod/photos.php: photos_post(): loading the contents of ' . $src , Logger::DEBUG); + Logger::info('loading the contents of ' . $src); $imagedata = @file_get_contents($src); $image = new Image($imagedata, $type); if (!$image->isValid()) { - Logger::log('mod/photos.php: photos_post(): unable to process image' , Logger::DEBUG); + Logger::info('unable to process image'); notice(DI::l10n()->t('Unable to process image.')); @unlink($src); $foo = 0; @@ -720,9 +703,6 @@ function photos_post(App $a) @unlink($src); $max_length = DI::config()->get('system', 'max_image_length'); - if (!$max_length) { - $max_length = MAX_IMAGE_LENGTH; - } if ($max_length > 0) { $image->scaleDown($max_length); } @@ -734,23 +714,23 @@ function photos_post(App $a) $resource_id = Photo::newResource(); - $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); if (!$r) { - Logger::log('mod/photos.php: photos_post(): image store failed', Logger::DEBUG); + Logger::info('image store failed'); notice(DI::l10n()->t('Image upload failed.')); return; } if ($width > 640 || $height > 640) { $image->scaleDown(640); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 1; } if ($width > 320 || $height > 320) { $image->scaleDown(320); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 2; } @@ -926,7 +906,7 @@ function photos_content(App $a) $albums = Photo::getAlbums($owner_uid); if (!empty($albums)) { foreach ($albums as $album) { - if (($album['album'] === '') || ($album['album'] === Photo::CONTACT_PHOTOS) || ($album['album'] === DI::l10n()->t(Photo::CONTACT_PHOTOS))) { + if ($album['album'] === '') { continue; } $selected = (($selname === $album['album']) ? ' selected="selected" ' : ''); @@ -985,12 +965,16 @@ function photos_content(App $a) } $album = hex2bin($datum); + if ($can_post && !Photo::exists(['uid' => $owner_uid, 'album' => $album, 'photo-type' => Photo::DEFAULT])) { + $can_post = false; + } + $total = 0; - $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' + $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `album` = ? AND `scale` <= 4 $sql_extra GROUP BY `resource-id`", - intval($owner_uid), - DBA::escape($album) - ); + $owner_uid, + $album + )); if (DBA::isResult($r)) { $total = count($r); } @@ -1005,16 +989,16 @@ function photos_content(App $a) $order = 'DESC'; } - $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, + $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, max(`scale`) AS `scale`, ANY_VALUE(`desc`) as `desc`, ANY_VALUE(`created`) as `created` - FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT %d , %d", + FROM `photo` WHERE `uid` = ? AND `album` = ? + AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT ? , ?", intval($owner_uid), DBA::escape($album), $pager->getStart(), $pager->getItemsPerPage() - ); + )); if ($cmd === 'drop') { $drop_url = DI::args()->getQueryString(); @@ -1034,27 +1018,23 @@ function photos_content(App $a) // edit album name if ($cmd === 'edit') { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS))) { - if ($can_post) { - $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); - - $album_e = $album; - - $o .= Renderer::replaceMacros($edit_tpl,[ - '$nametext' => DI::l10n()->t('New album name: '), - '$nickname' => $user['nickname'], - '$album' => $album_e, - '$hexalbum' => bin2hex($album), - '$submit' => DI::l10n()->t('Submit'), - '$dropsubmit' => DI::l10n()->t('Delete Album') - ]); - } - } - } else { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS)) && $can_post) { - $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/edit']; - $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/drop']; + if ($can_post) { + $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); + + $album_e = $album; + + $o .= Renderer::replaceMacros($edit_tpl,[ + '$nametext' => DI::l10n()->t('New album name: '), + '$nickname' => $user['nickname'], + '$album' => $album_e, + '$hexalbum' => bin2hex($album), + '$submit' => DI::l10n()->t('Submit'), + '$dropsubmit' => DI::l10n()->t('Delete Album') + ]); } + } elseif ($can_post) { + $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/edit']; + $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/drop']; } if ($order_field === 'posted') { @@ -1110,11 +1090,7 @@ function photos_content(App $a) // Display one photo if ($datatype === 'image') { // fetch image, item containing image, then comments - $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' - $sql_extra ORDER BY `scale` ASC ", - intval($owner_uid), - DBA::escape($datum) - ); + $ph = Photo::selectToArray([], ["`uid` = ? AND `resource-id` = ? " . $sql_extra, $owner_uid, $datum], ['order' => ['scale' => true]]); if (!DBA::isResult($ph)) { if (DBA::exists('photo', ['resource-id' => $datum, 'uid' => $owner_uid])) { @@ -1158,11 +1134,7 @@ function photos_content(App $a) $order = 'DESC'; } - $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 - $sql_extra ORDER BY `created` $order ", - DBA::escape($ph[0]['album']), - intval($owner_uid) - ); + $prvnxt = Photo::selectToArray(['resource-id'], ["`album` = ? AND `uid` = ? AND `scale` = ?" . $sql_extra, $ph[0]['album'], $owner_uid, 0]); if (DBA::isResult($prvnxt)) { $prv = null; @@ -1262,14 +1234,7 @@ function photos_content(App $a) // The difference is that we won't be displaying the conversation head item // as a "post" but displaying instead the photo it is linked to - /// @todo Rewrite this query. To do so, $sql_extra must be changed - $linked_items = q("SELECT `id` FROM `post-user-view` WHERE `resource-id` = '%s' $sql_extra LIMIT 1", - DBA::escape($datum) - ); - if (DBA::isResult($linked_items)) { - // This is a workaround to not being forced to rewrite the while $sql_extra handling - $link_item = Post::selectFirst([], ['id' => $linked_items[0]['id']]); - } + $link_item = Post::selectFirst([], ["`resource-id` = ?" . $sql_extra, $datum]); if (!empty($link_item['parent']) && !empty($link_item['uid'])) { $condition = ["`parent` = ? AND `gravity` = ?", $link_item['parent'], GRAVITY_COMMENT]; @@ -1467,7 +1432,7 @@ function photos_content(App $a) ]; $title_e = $item['title']; - $body_e = BBCode::convert($item['body']); + $body_e = BBCode::convertForUriId($item['uri-id'], $item['body']); $comments .= Renderer::replaceMacros($template,[ '$id' => $item['id'], @@ -1570,40 +1535,33 @@ function photos_content(App $a) // Default - show recent photos with upload link (if applicable) //$o = ''; $total = 0; - $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' + $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `photo-type` = ? $sql_extra GROUP BY `resource-id`", - intval($user['uid']), - DBA::escape(Photo::CONTACT_PHOTOS), - DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS)) - ); + $user['uid'], + Photo::DEFAULT, + )); if (DBA::isResult($r)) { $total = count($r); } $pager = new Pager(DI::l10n(), DI::args()->getQueryString(), 20); - $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, + $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`, ANY_VALUE(`created`) AS `created` FROM `photo` - WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' - $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", - intval($user['uid']), - DBA::escape(Photo::CONTACT_PHOTOS), - DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS)), + WHERE `uid` = ? AND `photo-type` = ? + $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT ? , ?", + $user['uid'], + Photo::DEFAULT, $pager->getStart(), $pager->getItemsPerPage() - ); + )); $photos = []; if (DBA::isResult($r)) { // "Twist" is only used for the duepunto theme with style "slackr" $twist = false; foreach ($r as $rr) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($owner_uid) && ($rr['album'] == DI::l10n()->t('Profile Photos'))) { - continue; - } - $twist = !$twist; $ext = $phototypes[$rr['type']];