X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fphotos.php;h=ed73f05ded8953144cedb5e59ca6d80ccb121fa3;hb=805d6440e68233d75476c0d02d779987816a8439;hp=3b2fa0c3a8d80c40a8024253735248e1a168f674;hpb=a852455d0ed9824fb71c9374c9fffda28f95096f;p=friendica.git diff --git a/mod/photos.php b/mod/photos.php index 3b2fa0c3a8..ed73f05ded 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -1,6 +1,6 @@ argc > 1) { - $nick = $a->argv[1]; - $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]); - - if (!DBA::isResult($user)) { - return; + if (DI::args()->getArgc() > 1) { + $owner = User::getOwnerDataByNick(DI::args()->getArgv()[1]); + if (!isset($owner['account_removed']) || $owner['account_removed']) { + throw new HTTPException\NotFoundException(DI::l10n()->t('User not found.')); } - $a->data['user'] = $user; - $a->profile_uid = $user['uid']; - $is_owner = (local_user() && (local_user() == $a->profile_uid)); - - $profile = Profile::getByNickname($nick, $a->profile_uid); + $is_owner = (local_user() && (local_user() == $owner['uid'])); - $account_type = Contact::getAccountType($profile); + $albums = Photo::getAlbums($owner['uid']); - $tpl = Renderer::getMarkupTemplate('widget/vcard.tpl'); - - $vcard_widget = Renderer::replaceMacros($tpl, [ - '$name' => $profile['name'], - '$photo' => $profile['photo'], - '$addr' => $profile['addr'] ?? '', - '$account_type' => $account_type, - '$about' => BBCode::convert($profile['about']), - ]); - - $albums = Photo::getAlbums($a->data['user']['uid']); - - $albums_visible = ((intval($a->data['user']['hidewall']) && !Session::isAuthenticated()) ? false : true); + $albums_visible = ((intval($owner['hidewall']) && !Session::isAuthenticated()) ? false : true); // add various encodings to the array so we can just loop through and pick them out in a template $ret = ['success' => false]; if ($albums) { - $a->data['albums'] = $albums; - if ($albums_visible) { $ret['success'] = true; } $ret['albums'] = []; foreach ($albums as $k => $album) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($a->profile_uid) && ($album['album'] == DI::l10n()->t('Profile Photos'))) - continue; $entry = [ 'text' => $album['album'], 'total' => $album['total'], - 'url' => 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album['album']), + 'url' => 'photos/' . $owner['nickname'] . '/album/' . bin2hex($album['album']), 'urlencode' => urlencode($album['album']), 'bin2hex' => bin2hex($album['album']) ]; @@ -116,7 +96,7 @@ function photos_init(App $a) { } } - if (local_user() && $a->data['user']['uid'] == local_user()) { + if (local_user() && $owner['uid'] == local_user()) { $can_post = true; } else { $can_post = false; @@ -124,11 +104,11 @@ function photos_init(App $a) { if ($ret['success']) { $photo_albums_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate('photo_albums.tpl'), [ - '$nick' => $a->data['user']['nickname'], + '$nick' => $owner['nickname'], '$title' => DI::l10n()->t('Photo Albums'), '$recent' => DI::l10n()->t('Recent Photos'), '$albums' => $ret['albums'], - '$upload' => [DI::l10n()->t('Upload New Photos'), 'photos/' . $a->data['user']['nickname'] . '/upload'], + '$upload' => [DI::l10n()->t('Upload New Photos'), 'photos/' . $owner['nickname'] . '/upload'], '$can_post' => $can_post ]); } @@ -137,7 +117,7 @@ function photos_init(App $a) { DI::page()['aside'] = ''; } - DI::page()['aside'] .= $vcard_widget; + DI::page()['aside'] .= Widget\VCard::getHTML($owner); if (!empty($photo_albums_widget)) { DI::page()['aside'] .= $photo_albums_widget; @@ -155,17 +135,18 @@ function photos_init(App $a) { function photos_post(App $a) { - Logger::log('mod-photos: photos_post: begin' , Logger::DEBUG); - Logger::log('mod_photos: REQUEST ' . print_r($_REQUEST, true), Logger::DATA); - Logger::log('mod_photos: FILES ' . print_r($_FILES, true), Logger::DATA); + $user = User::getByNickname(DI::args()->getArgv()[1]); + if (!DBA::isResult($user)) { + throw new HTTPException\NotFoundException(DI::l10n()->t('User not found.')); + } $phototypes = Images::supportedTypes(); $can_post = false; $visitor = 0; - $page_owner_uid = intval($a->data['user']['uid']); - $community_page = $a->data['user']['page-flags'] == User::PAGE_FLAGS_COMMUNITY; + $page_owner_uid = intval($user['uid']); + $community_page = $user['page-flags'] == User::PAGE_FLAGS_COMMUNITY; if (local_user() && (local_user() == $page_owner_uid)) { $can_post = true; @@ -177,56 +158,59 @@ function photos_post(App $a) if (!$can_post) { notice(DI::l10n()->t('Permission denied.')); - exit(); + System::exit(); } $owner_record = User::getOwnerDataById($page_owner_uid); if (!$owner_record) { notice(DI::l10n()->t('Contact information unavailable')); - Logger::log('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid); - exit(); + DI::logger()->info('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid); + System::exit(); } - if ($a->argc > 3 && $a->argv[2] === 'album') { - if (!Strings::isHex($a->argv[3])) { - DI::baseUrl()->redirect('photos/' . $a->data['user']['nickname'] . '/album'); - } - $album = hex2bin($a->argv[3]); + $aclFormatter = DI::aclFormatter(); + $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $owner_record['allow_cid'] ?? ''; + $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $owner_record['allow_gid'] ?? ''; + $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $owner_record['deny_cid'] ?? ''; + $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $owner_record['deny_gid'] ?? ''; + + $visibility = $_REQUEST['visibility'] ?? ''; + if ($visibility === 'public') { + // The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected + $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = ''; + } else if ($visibility === 'custom') { + // Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL + // case that would make it public. So we always append the author's contact id to the allowed contacts. + // See https://github.com/friendica/friendica/issues/9672 + $str_contact_allow .= $aclFormatter->toString(Contact::getPublicIdByUserId($page_owner_uid)); + } - if ($album === DI::l10n()->t('Profile Photos') || $album === Photo::CONTACT_PHOTOS || $album === DI::l10n()->t(Photo::CONTACT_PHOTOS)) { - DI::baseUrl()->redirect($_SESSION['photo_return']); - return; // NOTREACHED + if (DI::args()->getArgc() > 3 && DI::args()->getArgv()[2] === 'album') { + if (!Strings::isHex(DI::args()->getArgv()[3] ?? '')) { + DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); } + $album = hex2bin(DI::args()->getArgv()[3]); - $r = q("SELECT `album` FROM `photo` WHERE `album` = '%s' AND `uid` = %d", - DBA::escape($album), - intval($page_owner_uid) - ); - - if (!DBA::isResult($r)) { + if (!DBA::exists('photo', ['album' => $album, 'uid' => $page_owner_uid, 'photo-type' => Photo::DEFAULT])) { notice(DI::l10n()->t('Album not found.')); - DI::baseUrl()->redirect('photos/' . $a->data['user']['nickname'] . '/album'); + DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); return; // NOTREACHED } // Check if the user has responded to a delete confirmation query if (!empty($_REQUEST['canceled'])) { - DI::baseUrl()->redirect('photos/' . $a->data['user']['nickname'] . '/album/' . $a->argv[3]); + DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album/' . DI::args()->getArgv()[3]); } // RENAME photo album - $newalbum = Strings::escapeTags(trim($_POST['albumname'])); + $newalbum = trim($_POST['albumname'] ?? ''); if ($newalbum != $album) { - q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d", - DBA::escape($newalbum), - DBA::escape($album), - intval($page_owner_uid) - ); + Photo::update(['album' => $newalbum], ['album' => $album, 'uid' => $page_owner_uid]); // Update the photo albums cache Photo::clearAlbumCache($page_owner_uid); - DI::baseUrl()->redirect('photos/' . $a->user['nickname'] . '/album/' . bin2hex($newalbum)); + DI::baseUrl()->redirect('photos/' . $a->getLoggedInUserNickname() . '/album/' . bin2hex($newalbum)); return; // NOTREACHED } @@ -238,16 +222,16 @@ function photos_post(App $a) // get the list of photos we are about to delete if ($visitor) { - $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'", - intval($visitor), - intval($page_owner_uid), - DBA::escape($album) - ); + $r = DBA::toArray(DBA::p("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = ? AND `uid` = ? AND `album` = ?", + $visitor, + $page_owner_uid, + $album + )); } else { - $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'", - intval(local_user()), - DBA::escape($album) - ); + $r = DBA::toArray(DBA::p("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = ? AND `album` = ?", + local_user(), + $album + )); } if (DBA::isResult($r)) { @@ -269,22 +253,22 @@ function photos_post(App $a) } } - DI::baseUrl()->redirect('photos/' . $a->data['user']['nickname'] . '/album'); + DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); } - if ($a->argc > 3 && $a->argv[2] === 'image') { + if (DI::args()->getArgc() > 3 && DI::args()->getArgv()[2] === 'image') { // Check if the user has responded to a delete confirmation query for a single photo if (!empty($_POST['canceled'])) { - DI::baseUrl()->redirect('photos/' . $a->argv[1] . '/image/' . $a->argv[3]); + DI::baseUrl()->redirect('photos/' . DI::args()->getArgv()[1] . '/image/' . DI::args()->getArgv()[3]); } if (!empty($_POST['delete'])) { // same as above but remove single photo if ($visitor) { - $condition = ['contact-id' => $visitor, 'uid' => $page_owner_uid, 'resource-id' => $a->argv[3]]; + $condition = ['contact-id' => $visitor, 'uid' => $page_owner_uid, 'resource-id' => DI::args()->getArgv()[3]]; } else { - $condition = ['uid' => local_user(), 'resource-id' => $a->argv[3]]; + $condition = ['uid' => local_user(), 'resource-id' => DI::args()->getArgv()[3]]; } $photo = DBA::selectFirst('photo', ['resource-id'], $condition); @@ -298,36 +282,29 @@ function photos_post(App $a) Photo::clearAlbumCache($page_owner_uid); } else { notice(DI::l10n()->t('Failed to delete the photo.')); - DI::baseUrl()->redirect('photos/' . $a->argv[1] . '/image/' . $a->argv[3]); + DI::baseUrl()->redirect('photos/' . DI::args()->getArgv()[1] . '/image/' . DI::args()->getArgv()[3]); } - DI::baseUrl()->redirect('photos/' . $a->argv[1]); + DI::baseUrl()->redirect('photos/' . DI::args()->getArgv()[1]); return; // NOTREACHED } } - if ($a->argc > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) { - $desc = !empty($_POST['desc']) ? Strings::escapeTags(trim($_POST['desc'])) : ''; - $rawtags = !empty($_POST['newtag']) ? Strings::escapeTags(trim($_POST['newtag'])) : ''; - $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; - $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; - $origaname = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : ''; - - $aclFormatter = DI::aclFormatter(); + if (DI::args()->getArgc() > 2 && (!empty($_POST['desc']) || !empty($_POST['newtag']) || isset($_POST['albname']))) { + $desc = !empty($_POST['desc']) ? trim($_POST['desc']) : ''; + $rawtags = !empty($_POST['newtag']) ? trim($_POST['newtag']) : ''; + $item_id = !empty($_POST['item_id']) ? intval($_POST['item_id']) : 0; + $albname = !empty($_POST['albname']) ? trim($_POST['albname']) : ''; + $origaname = !empty($_POST['origaname']) ? trim($_POST['origaname']) : ''; - $str_group_allow = !empty($_POST['group_allow']) ? $aclFormatter->toString($_POST['group_allow']) : ''; - $str_contact_allow = !empty($_POST['contact_allow']) ? $aclFormatter->toString($_POST['contact_allow']) : ''; - $str_group_deny = !empty($_POST['group_deny']) ? $aclFormatter->toString($_POST['group_deny']) : ''; - $str_contact_deny = !empty($_POST['contact_deny']) ? $aclFormatter->toString($_POST['contact_deny']) : ''; - - $resource_id = $a->argv[3]; + $resource_id = DI::args()->getArgv()[3]; if (!strlen($albname)) { $albname = DateTimeFormat::localNow('Y'); } if (!empty($_POST['rotate']) && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) { - Logger::log('rotate'); + Logger::notice('rotate'); $photo = Photo::getPhotoForUser($page_owner_uid, $resource_id); @@ -378,24 +355,17 @@ function photos_post(App $a) if ($albname !== $origaname) { Photo::clearAlbumCache($page_owner_uid); } - /* Don't make the item visible if the only change was the album name */ - - $visibility = 0; - if ($photo['desc'] !== $desc || strlen($rawtags)) { - $visibility = 1; - } } if (DBA::isResult($photos) && !$item_id) { // Create item container $title = ''; - $uri = Item::newURI($page_owner_uid); + $uri = Item::newURI(); $arr = []; $arr['guid'] = System::createUUID(); $arr['uid'] = $page_owner_uid; $arr['uri'] = $uri; - $arr['parent-uri'] = $uri; $arr['post-type'] = Item::PT_IMAGE; $arr['wall'] = 1; $arr['resource-id'] = $photo['resource-id']; @@ -411,10 +381,10 @@ function photos_post(App $a) $arr['allow_gid'] = $photo['allow_gid']; $arr['deny_cid'] = $photo['deny_cid']; $arr['deny_gid'] = $photo['deny_gid']; - $arr['visible'] = $visibility; + $arr['visible'] = 0; $arr['origin'] = 1; - $arr['body'] = '[url=' . DI::baseUrl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $photo['resource-id'] . ']' + $arr['body'] = '[url=' . DI::baseUrl() . '/photos/' . $user['nickname'] . '/image/' . $photo['resource-id'] . ']' . '[img]' . DI::baseUrl() . '/photo/' . $photo['resource-id'] . '-' . $photo['scale'] . '.'. $ext . '[/img]' . '[/url]'; @@ -422,7 +392,7 @@ function photos_post(App $a) } if ($item_id) { - $item = Item::selectFirst(['tag', 'inform', 'uri-id'], ['id' => $item_id, 'uid' => $page_owner_uid]); + $item = Post::selectFirst(['inform', 'uri-id'], ['id' => $item_id, 'uid' => $page_owner_uid]); if (DBA::isResult($item)) { $old_inform = $item['inform']; @@ -518,7 +488,7 @@ function photos_post(App $a) if (!empty($item['uri-id'])) { Tag::store($item['uri-id'], Tag::MENTION, $newname, $profile); - } + } } } elseif (strpos($tag, '#') === 0) { $tagname = substr($tag, 1); @@ -554,13 +524,12 @@ function photos_post(App $a) if (count($taginfo)) { foreach ($taginfo as $tagged) { - $uri = Item::newURI($page_owner_uid); + $uri = Item::newURI(); $arr = []; $arr['guid'] = System::createUUID(); $arr['uid'] = $page_owner_uid; $arr['uri'] = $uri; - $arr['parent-uri'] = $uri; $arr['wall'] = 1; $arr['contact-id'] = $owner_record['id']; $arr['owner-name'] = $owner_record['name']; @@ -574,7 +543,7 @@ function photos_post(App $a) $arr['allow_gid'] = $photo['allow_gid']; $arr['deny_cid'] = $photo['deny_cid']; $arr['deny_gid'] = $photo['deny_gid']; - $arr['visible'] = 1; + $arr['visible'] = 0; $arr['verb'] = Activity::TAG; $arr['gravity'] = GRAVITY_PARENT; $arr['object-type'] = Activity\ObjectType::PERSON; @@ -629,9 +598,9 @@ function photos_post(App $a) * they acquire comments, likes, dislikes, and/or tags */ - $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR', $album, $page_owner_uid]); + $r = Photo::selectToArray([], ['`album` = ? AND `uid` = ? AND `created` > ?', $album, $page_owner_uid, DateTimeFormat::utc('now - 3 hours')]); - if (!DBA::isResult($r) || ($album == DI::l10n()->t('Profile Photos'))) { + if (!DBA::isResult($r) || ($album == DI::l10n()->t(Photo::PROFILE_PHOTOS))) { $visible = 1; } else { $visible = 0; @@ -641,18 +610,6 @@ function photos_post(App $a) $visible = 0; } - $group_allow = $_REQUEST['group_allow'] ?? []; - $contact_allow = $_REQUEST['contact_allow'] ?? []; - $group_deny = $_REQUEST['group_deny'] ?? []; - $contact_deny = $_REQUEST['contact_deny'] ?? []; - - $aclFormatter = DI::aclFormatter(); - - $str_group_allow = $aclFormatter->toString(is_array($group_allow) ? $group_allow : explode(',', $group_allow)); - $str_contact_allow = $aclFormatter->toString(is_array($contact_allow) ? $contact_allow : explode(',', $contact_allow)); - $str_group_deny = $aclFormatter->toString(is_array($group_deny) ? $group_deny : explode(',', $group_deny)); - $str_contact_deny = $aclFormatter->toString(is_array($contact_deny) ? $contact_deny : explode(',', $contact_deny)); - $ret = ['src' => '', 'filename' => '', 'filesize' => 0, 'type' => '']; Hook::callAll('photo_post_file', $ret); @@ -701,7 +658,7 @@ function photos_post(App $a) $type = Images::getMimeTypeBySource($src, $filename, $type); - Logger::log('photos: upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', Logger::DEBUG); + Logger::info('photos: upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes'); $maximagesize = DI::config()->get('system', 'maximagesize'); @@ -721,14 +678,14 @@ function photos_post(App $a) return; } - Logger::log('mod/photos.php: photos_post(): loading the contents of ' . $src , Logger::DEBUG); + Logger::info('loading the contents of ' . $src); $imagedata = @file_get_contents($src); $image = new Image($imagedata, $type); if (!$image->isValid()) { - Logger::log('mod/photos.php: photos_post(): unable to process image' , Logger::DEBUG); + Logger::info('unable to process image'); notice(DI::l10n()->t('Unable to process image.')); @unlink($src); $foo = 0; @@ -740,9 +697,6 @@ function photos_post(App $a) @unlink($src); $max_length = DI::config()->get('system', 'max_image_length'); - if (!$max_length) { - $max_length = MAX_IMAGE_LENGTH; - } if ($max_length > 0) { $image->scaleDown($max_length); } @@ -754,27 +708,27 @@ function photos_post(App $a) $resource_id = Photo::newResource(); - $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + $r = Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 0 , Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); if (!$r) { - Logger::log('mod/photos.php: photos_post(): image store failed', Logger::DEBUG); + Logger::info('image store failed'); notice(DI::l10n()->t('Image upload failed.')); return; } if ($width > 640 || $height > 640) { $image->scaleDown(640); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 1, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 1; } if ($width > 320 || $height > 320) { $image->scaleDown(320); - Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); + Photo::store($image, $page_owner_uid, $visitor, $resource_id, $filename, $album, 2, Photo::DEFAULT, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); $smallest = 2; } - $uri = Item::newURI($page_owner_uid); + $uri = Item::newURI(); // Create item container $lat = $lon = null; @@ -791,8 +745,7 @@ function photos_post(App $a) $arr['guid'] = System::createUUID(); $arr['uid'] = $page_owner_uid; $arr['uri'] = $uri; - $arr['parent-uri'] = $uri; - $arr['type'] = 'photo'; + $arr['post-type'] = Item::PT_IMAGE; $arr['wall'] = 1; $arr['resource-id'] = $resource_id; $arr['contact-id'] = $owner_record['id']; @@ -840,33 +793,40 @@ function photos_content(App $a) // photos/name/image/xxxxx/edit // photos/name/image/xxxxx/drop + $user = User::getByNickname(DI::args()->getArgv()[1]); + if (!DBA::isResult($user)) { + throw new HTTPException\NotFoundException(DI::l10n()->t('User not found.')); + } + if (DI::config()->get('system', 'block_public') && !Session::isAuthenticated()) { notice(DI::l10n()->t('Public access denied.')); return; } - if (empty($a->data['user'])) { + if (empty($user)) { notice(DI::l10n()->t('No photos selected')); return; } + $profile = Profile::getByUID($user['uid']); + $phototypes = Images::supportedTypes(); $_SESSION['photo_return'] = DI::args()->getCommand(); // Parse arguments $datum = null; - if ($a->argc > 3) { - $datatype = $a->argv[2]; - $datum = $a->argv[3]; - } elseif (($a->argc > 2) && ($a->argv[2] === 'upload')) { + if (DI::args()->getArgc() > 3) { + $datatype = DI::args()->getArgv()[2]; + $datum = DI::args()->getArgv()[3]; + } elseif ((DI::args()->getArgc() > 2) && (DI::args()->getArgv()[2] === 'upload')) { $datatype = 'upload'; } else { $datatype = 'summary'; } - if ($a->argc > 4) { - $cmd = $a->argv[4]; + if (DI::args()->getArgc() > 4) { + $cmd = DI::args()->getArgv()[4]; } else { $cmd = 'view'; } @@ -880,9 +840,9 @@ function photos_content(App $a) $edit = ''; $drop = ''; - $owner_uid = $a->data['user']['uid']; + $owner_uid = $user['uid']; - $community_page = (($a->data['user']['page-flags'] == User::PAGE_FLAGS_COMMUNITY) ? true : false); + $community_page = (($user['page-flags'] == User::PAGE_FLAGS_COMMUNITY) ? true : false); if (local_user() && (local_user() == $owner_uid)) { $can_post = true; @@ -908,10 +868,11 @@ function photos_content(App $a) if (!$remote_contact && local_user()) { $contact_id = $_SESSION['cid']; - $contact = $a->contact; + + $contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]); } - if ($a->data['user']['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) { + if ($user['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) { notice(DI::l10n()->t('Access to this item is restricted.')); return; } @@ -922,7 +883,7 @@ function photos_content(App $a) // tabs $is_owner = (local_user() && (local_user() == $owner_uid)); - $o .= BaseProfile::getTabsHTML($a, 'photos', $is_owner, $a->data['user']['nickname']); + $o .= BaseProfile::getTabsHTML($a, 'photos', $is_owner, $user['nickname'], $profile['hide-friends']); // Display upload form if ($datatype === 'upload') { @@ -931,14 +892,15 @@ function photos_content(App $a) return; } - $selname = Strings::isHex($datum) ? hex2bin($datum) : ''; + $selname = (!is_null($datum) && Strings::isHex($datum)) ? hex2bin($datum) : ''; $albumselect = ''; $albumselect .= ''; - if (!empty($a->data['albums'])) { - foreach ($a->data['albums'] as $album) { - if (($album['album'] === '') || ($album['album'] === Photo::CONTACT_PHOTOS) || ($album['album'] === DI::l10n()->t(Photo::CONTACT_PHOTOS))) { + $albums = Photo::getAlbums($owner_uid); + if (!empty($albums)) { + foreach ($albums as $album) { + if ($album['album'] === '') { continue; } $selected = (($selname === $album['album']) ? ' selected="selected" ' : ''); @@ -948,7 +910,7 @@ function photos_content(App $a) $uploader = ''; - $ret = ['post_url' => 'photos/' . $a->data['user']['nickname'], + $ret = ['post_url' => 'photos/' . $user['nickname'], 'addon_text' => $uploader, 'default_upload' => true]; @@ -963,25 +925,20 @@ function photos_content(App $a) $tpl = Renderer::getMarkupTemplate('photos_upload.tpl'); - $aclselect_e = ($visitor ? '' : ACL::getFullSelectorHTML(DI::page(), $a->user)); + $aclselect_e = ($visitor ? '' : ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId())); $o .= Renderer::replaceMacros($tpl,[ '$pagename' => DI::l10n()->t('Upload Photos'), '$sessid' => session_id(), '$usage' => $usage_message, - '$nickname' => $a->data['user']['nickname'], + '$nickname' => $user['nickname'], '$newalbum' => DI::l10n()->t('New album name: '), '$existalbumtext' => DI::l10n()->t('or select existing album:'), '$nosharetext' => DI::l10n()->t('Do not show a status post for this upload'), '$albumselect' => $albumselect, '$permissions' => DI::l10n()->t('Permissions'), '$aclselect' => $aclselect_e, - '$lockstate' => is_array($a->user) - && (strlen($a->user['allow_cid']) - || strlen($a->user['allow_gid']) - || strlen($a->user['deny_cid']) - || strlen($a->user['deny_gid']) - ) ? 'lock' : 'unlock', + '$lockstate' => ACL::getLockstateForUserId($a->getLoggedInUserId()) ? 'lock' : 'unlock', '$alt_uploader' => $ret['addon_text'], '$default_upload_box' => ($ret['default_upload'] ? $default_upload_box : ''), '$default_upload_submit' => ($ret['default_upload'] ? $default_upload_submit : ''), @@ -997,17 +954,21 @@ function photos_content(App $a) // Display a single photo album if ($datatype === 'album') { // if $datum is not a valid hex, redirect to the default page - if (!Strings::isHex($datum)) { - DI::baseUrl()->redirect('photos/' . $a->data['user']['nickname']. '/album'); + if (is_null($datum) || !Strings::isHex($datum)) { + DI::baseUrl()->redirect('photos/' . $user['nickname']. '/album'); } $album = hex2bin($datum); + if ($can_post && !Photo::exists(['uid' => $owner_uid, 'album' => $album, 'photo-type' => Photo::DEFAULT])) { + $can_post = false; + } + $total = 0; - $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' + $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `album` = ? AND `scale` <= 4 $sql_extra GROUP BY `resource-id`", - intval($owner_uid), - DBA::escape($album) - ); + $owner_uid, + $album + )); if (DBA::isResult($r)) { $total = count($r); } @@ -1016,65 +977,64 @@ function photos_content(App $a) /// @TODO I have seen this many times, maybe generalize it script-wide and encapsulate it? $order_field = $_GET['order'] ?? ''; - if ($order_field === 'posted') { + if ($order_field === 'created') { $order = 'ASC'; } else { $order = 'DESC'; } - $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, + $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, max(`scale`) AS `scale`, ANY_VALUE(`desc`) as `desc`, ANY_VALUE(`created`) as `created` - FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT %d , %d", + FROM `photo` WHERE `uid` = ? AND `album` = ? + AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` $order LIMIT ? , ?", intval($owner_uid), DBA::escape($album), $pager->getStart(), $pager->getItemsPerPage() - ); + )); if ($cmd === 'drop') { $drop_url = DI::args()->getQueryString(); return Renderer::replaceMacros(Renderer::getMarkupTemplate('confirm.tpl'), [ - '$method' => 'post', - '$message' => DI::l10n()->t('Do you really want to delete this photo album and all its photos?'), - '$confirm' => DI::l10n()->t('Delete Album'), - '$confirm_url' => $drop_url, - '$confirm_name' => 'dropalbum', - '$cancel' => DI::l10n()->t('Cancel'), + '$l10n' => [ + 'message' => DI::l10n()->t('Do you really want to delete this photo album and all its photos?'), + 'confirm' => DI::l10n()->t('Delete Album'), + 'cancel' => DI::l10n()->t('Cancel'), + ], + '$method' => 'post', + '$confirm_url' => $drop_url, + '$confirm_name' => 'dropalbum', + '$confirm_value' => 'dropalbum', ]); } // edit album name if ($cmd === 'edit') { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS))) { - if ($can_post) { - $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); - - $album_e = $album; - - $o .= Renderer::replaceMacros($edit_tpl,[ - '$nametext' => DI::l10n()->t('New album name: '), - '$nickname' => $a->data['user']['nickname'], - '$album' => $album_e, - '$hexalbum' => bin2hex($album), - '$submit' => DI::l10n()->t('Submit'), - '$dropsubmit' => DI::l10n()->t('Delete Album') - ]); - } - } - } else { - if (($album !== DI::l10n()->t('Profile Photos')) && ($album !== Photo::CONTACT_PHOTOS) && ($album !== DI::l10n()->t(Photo::CONTACT_PHOTOS)) && $can_post) { - $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '/edit']; - $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '/drop']; + if ($can_post) { + $edit_tpl = Renderer::getMarkupTemplate('album_edit.tpl'); + + $album_e = $album; + + $o .= Renderer::replaceMacros($edit_tpl,[ + '$nametext' => DI::l10n()->t('New album name: '), + '$nickname' => $user['nickname'], + '$album' => $album_e, + '$hexalbum' => bin2hex($album), + '$submit' => DI::l10n()->t('Submit'), + '$dropsubmit' => DI::l10n()->t('Delete Album') + ]); } + } elseif ($can_post) { + $edit = [DI::l10n()->t('Edit Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/edit']; + $drop = [DI::l10n()->t('Drop Album'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '/drop']; } - if ($order_field === 'posted') { - $order = [DI::l10n()->t('Show Newest First'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album), 'oldest']; + if ($order_field === 'created') { + $order = [DI::l10n()->t('Show Newest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album), 'oldest']; } else { - $order = [DI::l10n()->t('Show Oldest First'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '?order=posted', 'newest']; + $order = [DI::l10n()->t('Show Oldest First'), 'photos/' . $user['nickname'] . '/album/' . bin2hex($album) . '?order=created', 'newest']; } $photos = []; @@ -1093,8 +1053,8 @@ function photos_content(App $a) $photos[] = [ 'id' => $rr['id'], 'twist' => ' ' . ($twist ? 'rotleft' : 'rotright') . rand(2,4), - 'link' => 'photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'] - . ($order_field === 'posted' ? '?order=posted' : ''), + 'link' => 'photos/' . $user['nickname'] . '/image/' . $rr['resource-id'] + . ($order_field === 'created' ? '?order=created' : ''), 'title' => DI::l10n()->t('View Photo'), 'src' => 'photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.' .$ext, 'alt' => $imgalt_e, @@ -1110,7 +1070,7 @@ function photos_content(App $a) '$photos' => $photos, '$album' => $album, '$can_post' => $can_post, - '$upload' => [DI::l10n()->t('Upload New Photos'), 'photos/' . $a->data['user']['nickname'] . '/upload/' . bin2hex($album)], + '$upload' => [DI::l10n()->t('Upload New Photos'), 'photos/' . $user['nickname'] . '/upload/' . bin2hex($album)], '$order' => $order, '$edit' => $edit, '$drop' => $drop, @@ -1124,11 +1084,7 @@ function photos_content(App $a) // Display one photo if ($datatype === 'image') { // fetch image, item containing image, then comments - $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' - $sql_extra ORDER BY `scale` ASC ", - intval($owner_uid), - DBA::escape($datum) - ); + $ph = Photo::selectToArray([], ["`uid` = ? AND `resource-id` = ? " . $sql_extra, $owner_uid, $datum], ['order' => ['scale']]); if (!DBA::isResult($ph)) { if (DBA::exists('photo', ['resource-id' => $datum, 'uid' => $owner_uid])) { @@ -1143,12 +1099,15 @@ function photos_content(App $a) $drop_url = DI::args()->getQueryString(); return Renderer::replaceMacros(Renderer::getMarkupTemplate('confirm.tpl'), [ - '$method' => 'post', - '$message' => DI::l10n()->t('Do you really want to delete this photo?'), - '$confirm' => DI::l10n()->t('Delete Photo'), - '$confirm_url' => $drop_url, - '$confirm_name' => 'delete', - '$cancel' => DI::l10n()->t('Cancel'), + '$l10n' => [ + 'message' => DI::l10n()->t('Do you really want to delete this photo?'), + 'confirm' => DI::l10n()->t('Delete Photo'), + 'cancel' => DI::l10n()->t('Cancel'), + ], + '$method' => 'post', + '$confirm_url' => $drop_url, + '$confirm_name' => 'delete', + '$confirm_value' => 'delete', ]); } @@ -1163,17 +1122,15 @@ function photos_content(App $a) if ($cmd === 'view' && !DI::config()->get('system', 'no_count', false)) { $order_field = $_GET['order'] ?? ''; - if ($order_field === 'posted') { - $order = 'ASC'; + if ($order_field === 'created') { + $params = ['order' => [$order_field]]; + } elseif (!empty($order_field)) { + $params = ['order' => [$order_field => true]]; } else { - $order = 'DESC'; + $params = []; } - $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0 - $sql_extra ORDER BY `created` $order ", - DBA::escape($ph[0]['album']), - intval($owner_uid) - ); + $prvnxt = Photo::selectToArray(['resource-id'], ["`album` = ? AND `uid` = ? AND `scale` = ?" . $sql_extra, $ph[0]['album'], $owner_uid, 0], $params); if (DBA::isResult($prvnxt)) { $prv = null; @@ -1193,10 +1150,10 @@ function photos_content(App $a) } if (!is_null($prv)) { - $prevlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . ($order_field === 'posted' ? '?order=posted' : ''); + $prevlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . ($order_field === 'created' ? '?order=created' : ''); } if (!is_null($nxt)) { - $nextlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . ($order_field === 'posted' ? '?order=posted' : ''); + $nextlink = 'photos/' . $user['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . ($order_field === 'created' ? '?order=created' : ''); } $tpl = Renderer::getMarkupTemplate('photo_edit_head.tpl'); @@ -1229,17 +1186,17 @@ function photos_content(App $a) } } - $album_link = 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($ph[0]['album']); + $album_link = 'photos/' . $user['nickname'] . '/album/' . bin2hex($ph[0]['album']); $tools = null; if ($can_post && ($ph[0]['uid'] == $owner_uid)) { $tools = []; if ($cmd === 'edit') { - $tools['view'] = ['photos/' . $a->data['user']['nickname'] . '/image/' . $datum, DI::l10n()->t('View photo')]; + $tools['view'] = ['photos/' . $user['nickname'] . '/image/' . $datum, DI::l10n()->t('View photo')]; } else { - $tools['edit'] = ['photos/' . $a->data['user']['nickname'] . '/image/' . $datum . '/edit', DI::l10n()->t('Edit photo')]; - $tools['delete'] = ['photos/' . $a->data['user']['nickname'] . '/image/' . $datum . '/drop', DI::l10n()->t('Delete photo')]; + $tools['edit'] = ['photos/' . $user['nickname'] . '/image/' . $datum . '/edit', DI::l10n()->t('Edit photo')]; + $tools['delete'] = ['photos/' . $user['nickname'] . '/image/' . $datum . '/drop', DI::l10n()->t('Delete photo')]; $tools['profile'] = ['settings/profile/photo/crop/' . $ph[0]['resource-id'], DI::l10n()->t('Use as profile photo')]; } @@ -1273,24 +1230,16 @@ function photos_content(App $a) // The difference is that we won't be displaying the conversation head item // as a "post" but displaying instead the photo it is linked to - /// @todo Rewrite this query. To do so, $sql_extra must be changed - $linked_items = q("SELECT `id` FROM `item` WHERE `resource-id` = '%s' $sql_extra LIMIT 1", - DBA::escape($datum) - ); - if (DBA::isResult($linked_items)) { - // This is a workaround to not being forced to rewrite the while $sql_extra handling - $link_item = Item::selectFirst([], ['id' => $linked_items[0]['id']]); - } + $link_item = Post::selectFirst([], ["`resource-id` = ?" . $sql_extra, $datum]); if (!empty($link_item['parent']) && !empty($link_item['uid'])) { - $condition = ["`parent` = ? AND `gravity` != ?", $link_item['parent'], GRAVITY_PARENT]; - $total = DBA::count('item', $condition); + $condition = ["`parent` = ? AND `gravity` = ?", $link_item['parent'], GRAVITY_COMMENT]; + $total = Post::count($condition); $pager = new Pager(DI::l10n(), DI::args()->getQueryString()); $params = ['order' => ['id'], 'limit' => [$pager->getStart(), $pager->getItemsPerPage()]]; - $result = Item::selectForUser($link_item['uid'], Item::ITEM_FIELDLIST, $condition, $params); - $items = Item::inArray($result); + $items = Post::toArray(Post::selectForUser($link_item['uid'], Item::ITEM_FIELDLIST, $condition, $params)); if (local_user() == $link_item['uid']) { Item::update(['unseen' => false], ['parent' => $link_item['parent']]); @@ -1304,14 +1253,12 @@ function photos_content(App $a) $tags = null; if (!empty($link_item['id'])) { - $tag_text = Tag::getCSVByURIId($link_item['uri-id']); - $arr = explode(',', $tag_text); // parse tags and add links $tag_arr = []; - foreach ($arr as $tag) { + foreach (Tag::getByURIId($link_item['uri-id']) as $tag) { $tag_arr[] = [ - 'name' => BBCode::convert($tag), - 'removeurl' => '/tagrm/' . $link_item['id'] . '/' . bin2hex($tag) + 'name' => $tag['name'], + 'removeurl' => '/tagrm/' . $link_item['id'] . '/' . bin2hex($tag['name']) ]; } $tags = ['title' => DI::l10n()->t('Tags: '), 'tags' => $tag_arr]; @@ -1328,7 +1275,7 @@ function photos_content(App $a) $album_e = $ph[0]['album']; $caption_e = $ph[0]['desc']; - $aclselect_e = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($ph[0])); + $aclselect_e = ACL::getFullSelectorHTML(DI::page(), $a->getLoggedInUserId(), false, ACL::getDefaultUserPermissions($ph[0])); $edit = Renderer::replaceMacros($edit_tpl, [ '$id' => $ph[0]['id'], @@ -1339,7 +1286,7 @@ function photos_content(App $a) '$rotate_cw' => ['rotate', DI::l10n()->t("Rotate CW \x28right\x29"),1,''], '$rotate_ccw' => ['rotate', DI::l10n()->t("Rotate CCW \x28left\x29"),2,''], - '$nickname' => $a->data['user']['nickname'], + '$nickname' => $user['nickname'], '$resource_id' => $ph[0]['resource-id'], '$permissions' => DI::l10n()->t('Permissions'), '$aclselect' => $aclselect_e, @@ -1364,17 +1311,6 @@ function photos_content(App $a) $tpl = Renderer::getMarkupTemplate('photo_item.tpl'); $return_path = DI::args()->getCommand(); - if ($cmd === 'view' && ($can_post || Security::canWriteToUserWall($owner_uid))) { - $like_tpl = Renderer::getMarkupTemplate('like_noshare.tpl'); - $likebuttons = Renderer::replaceMacros($like_tpl, [ - '$id' => $link_item['id'], - '$likethis' => DI::l10n()->t("I like this \x28toggle\x29"), - '$dislike' => DI::pConfig()->get(local_user(), 'system', 'hide_dislike') ? '' : DI::l10n()->t("I don't like this \x28toggle\x29"), - '$wait' => DI::l10n()->t('Please wait'), - '$return_path' => DI::args()->getQueryString(), - ]); - } - if (!DBA::isResult($items)) { if (($can_post || Security::canWriteToUserWall($owner_uid))) { /* @@ -1400,7 +1336,6 @@ function photos_content(App $a) '$submit' => DI::l10n()->t('Submit'), '$preview' => DI::l10n()->t('Preview'), '$loading' => DI::l10n()->t('Loading...'), - '$sourceapp' => DI::l10n()->t($a->sourcename), '$qcomment' => $qcomment, '$rand_num' => Crypto::randomDigits(12) ]); @@ -1422,15 +1357,15 @@ function photos_content(App $a) // display comments if (DBA::isResult($items)) { foreach ($items as $item) { - builtin_activity_puller($item, $conv_responses); + DI::conversation()->builtinActivityPuller($item, $conv_responses); } if (!empty($conv_responses['like'][$link_item['uri']])) { - $like = format_like($conv_responses['like'][$link_item['uri']], $conv_responses['like'][$link_item['uri'] . '-l'], 'like', $link_item['id']); + $like = DI::conversation()->formatActivity($conv_responses['like'][$link_item['uri']]['links'], 'like', $link_item['id']); } if (!empty($conv_responses['dislike'][$link_item['uri']])) { - $dislike = format_like($conv_responses['dislike'][$link_item['uri']], $conv_responses['dislike'][$link_item['uri'] . '-l'], 'dislike', $link_item['id']); + $dislike = DI::conversation()->formatActivity($conv_responses['dislike'][$link_item['uri']]['links'], 'dislike', $link_item['id']); } if (($can_post || Security::canWriteToUserWall($owner_uid))) { @@ -1456,7 +1391,6 @@ function photos_content(App $a) '$comment' => DI::l10n()->t('Comment'), '$submit' => DI::l10n()->t('Submit'), '$preview' => DI::l10n()->t('Preview'), - '$sourceapp' => DI::l10n()->t($a->sourcename), '$qcomment' => $qcomment, '$rand_num' => Crypto::randomDigits(12) ]); @@ -1474,7 +1408,9 @@ function photos_content(App $a) continue; } - $profile_url = Contact::magicLinkbyId($item['author-id']); + $author = ['uid' => 0, 'id' => $item['author-id'], + 'network' => $item['author-network'], 'url' => $item['author-link']]; + $profile_url = Contact::magicLinkByContact($author); if (strpos($profile_url, 'redir/') === 0) { $sparkle = ' sparkle'; } else { @@ -1490,7 +1426,7 @@ function photos_content(App $a) ]; $title_e = $item['title']; - $body_e = BBCode::convert($item['body']); + $body_e = BBCode::convertForUriId($item['uri-id'], $item['body']); $comments .= Renderer::replaceMacros($template,[ '$id' => $item['id'], @@ -1529,7 +1465,6 @@ function photos_content(App $a) '$comment' => DI::l10n()->t('Comment'), '$submit' => DI::l10n()->t('Submit'), '$preview' => DI::l10n()->t('Preview'), - '$sourceapp' => DI::l10n()->t($a->sourcename), '$qcomment' => $qcomment, '$rand_num' => Crypto::randomDigits(12) ]); @@ -1537,6 +1472,28 @@ function photos_content(App $a) } } + $responses = []; + foreach ($conv_responses as $verb => $activity) { + if (isset($activity[$link_item['uri']])) { + $responses[$verb] = $activity[$link_item['uri']]; + } + } + + if ($cmd === 'view' && ($can_post || Security::canWriteToUserWall($owner_uid))) { + $like_tpl = Renderer::getMarkupTemplate('like_noshare.tpl'); + $likebuttons = Renderer::replaceMacros($like_tpl, [ + '$id' => $link_item['id'], + '$like' => DI::l10n()->t('Like'), + '$like_title' => DI::l10n()->t('I like this (toggle)'), + '$dislike' => DI::l10n()->t('Dislike'), + '$wait' => DI::l10n()->t('Please wait'), + '$dislike_title' => DI::l10n()->t('I don\'t like this (toggle)'), + '$hide_dislike' => DI::pConfig()->get(local_user(), 'system', 'hide_dislike'), + '$responses' => $responses, + '$return_path' => DI::args()->getQueryString(), + ]); + } + $paginate = $pager->renderFull($total); } @@ -1572,40 +1529,33 @@ function photos_content(App $a) // Default - show recent photos with upload link (if applicable) //$o = ''; $total = 0; - $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' + $r = DBA::toArray(DBA::p("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = ? AND `photo-type` = ? $sql_extra GROUP BY `resource-id`", - intval($a->data['user']['uid']), - DBA::escape(Photo::CONTACT_PHOTOS), - DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS)) - ); + $user['uid'], + Photo::DEFAULT, + )); if (DBA::isResult($r)) { $total = count($r); } $pager = new Pager(DI::l10n(), DI::args()->getQueryString(), 20); - $r = q("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, + $r = DBA::toArray(DBA::p("SELECT `resource-id`, ANY_VALUE(`id`) AS `id`, ANY_VALUE(`filename`) AS `filename`, ANY_VALUE(`type`) AS `type`, ANY_VALUE(`album`) AS `album`, max(`scale`) AS `scale`, ANY_VALUE(`created`) AS `created` FROM `photo` - WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' - $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", - intval($a->data['user']['uid']), - DBA::escape(Photo::CONTACT_PHOTOS), - DBA::escape(DI::l10n()->t(Photo::CONTACT_PHOTOS)), + WHERE `uid` = ? AND `photo-type` = ? + $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT ? , ?", + $user['uid'], + Photo::DEFAULT, $pager->getStart(), $pager->getItemsPerPage() - ); + )); $photos = []; if (DBA::isResult($r)) { // "Twist" is only used for the duepunto theme with style "slackr" $twist = false; foreach ($r as $rr) { - //hide profile photos to others - if (!$is_owner && !Session::getRemoteContactID($owner_uid) && ($rr['album'] == DI::l10n()->t('Profile Photos'))) { - continue; - } - $twist = !$twist; $ext = $phototypes[$rr['type']]; @@ -1615,12 +1565,12 @@ function photos_content(App $a) $photos[] = [ 'id' => $rr['id'], 'twist' => ' ' . ($twist ? 'rotleft' : 'rotright') . rand(2,4), - 'link' => 'photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'], + 'link' => 'photos/' . $user['nickname'] . '/image/' . $rr['resource-id'], 'title' => DI::l10n()->t('View Photo'), 'src' => 'photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.' . $ext, 'alt' => $alt_e, 'album' => [ - 'link' => 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']), + 'link' => 'photos/' . $user['nickname'] . '/album/' . bin2hex($rr['album']), 'name' => $name_e, 'alt' => DI::l10n()->t('View Album'), ], @@ -1633,7 +1583,7 @@ function photos_content(App $a) $o .= Renderer::replaceMacros($tpl, [ '$title' => DI::l10n()->t('Recent Photos'), '$can_post' => $can_post, - '$upload' => [DI::l10n()->t('Upload New Photos'), 'photos/'.$a->data['user']['nickname'].'/upload'], + '$upload' => [DI::l10n()->t('Upload New Photos'), 'photos/' . $user['nickname'] . '/upload'], '$photos' => $photos, '$paginate' => $pager->renderFull($total), ]);