if(! function_exists('profile_load')) {
function profile_load(&$a, $nickname, $profile = 0) {
- if(remote_user()) {
- $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
- intval($_SESSION['visitor_id']));
- if(count($r))
- $profile = $r[0]['profile-id'];
+
+ $user = q("select uid from user where nickname = '%s' limit 1",
+ dbesc($nickname)
+ );
+
+ if(! ($user && count($user))) {
+ logger('profile error: ' . $a->query_string, LOGGER_DEBUG);
+ notice( t('Requested account is not available.') . EOL );
+ $a->error = 404;
+ return;
+ }
+
+ if(remote_user() && count($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $user[0]['uid']) {
+ $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1",
+ intval($visitor['cid'])
+ );
+ if(count($r))
+ $profile = $r[0]['profile-id'];
+ break;
+ }
+ }
}
$r = null;
// don't show connect link to authenticated visitors either
- if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
- $connect = False;
+ if(remote_user() && count($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $profile['uid']) {
+ $connect = false;
+ break;
+ }
+ }
+ }
if(get_my_url() && $profile['unkmail'])
$wallmessage = t('Message');
$cid = $zcid = 0;
- if(can_write_wall($a,$profile_uid))
- $cid = remote_user();
- else {
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $profile_uid) {
+ $cid = $visitor['cid'];
+ break;
+ }
+ }
+ }
+
+ if(! $cid) {
if(get_my_url()) {
$r = q("select id from contact where nurl = '%s' and uid = %d limit 1",
dbesc(normalise_link(get_my_url())),
$edpost = array($a->get_baseurl($ssl_state)."/editpost/".$item['id'], t("Edit"));
else
$edpost = false;
- if((intval($item['contact-id']) && $item['contact-id'] == remote_user()) || ($item['uid'] == local_user()))
+
+ if($item['uid'] == local_user())
$dropping = true;
+ elseif(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['cid'] == $item['contact-id']) {
+ $dropping = true;
+ break;
+ }
+ }
+ }
$drop = array(
'dropping' => $dropping,
$owner = $item['uid'];
+ $cid = 0;
+
// check if logged in user is either the author or owner of this item
- if((local_user() == $item['uid']) || (remote_user() == $item['contact-id']) || (! $interactive)) {
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $item['uid'] && $visitor['cid'] == $item['contact-id']) {
+ $cid = $visitor['cid'];
+ break;
+ }
+ }
+ }
+
+
+ if((local_user() == $item['uid']) || ($cid) || (! $interactive)) {
logger('delete item: ' . $item['id'], LOGGER_DEBUG);
// delete the item
elseif($verified === 1)
return false;
else {
+ $cid = 0;
+
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $owner) {
+ $cid = $visitor['cid'];
+ break;
+ }
+ }
+ }
+
+ if(! $cid)
+ return false;
+
$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid`
WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
intval($owner),
- intval(remote_user()),
+ intval($cid),
intval(CONTACT_IS_SHARING),
intval(CONTACT_IS_FRIEND),
intval(PAGE_COMMUNITY)
if((int) $xml->status == 1) {
$_SESSION['authenticated'] = 1;
+ if(! x($_SESSION,'remote'))
+ $_SESSION['remote'] = array();
+
+ $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
+
$_SESSION['visitor_id'] = $r[0]['id'];
$_SESSION['visitor_home'] = $r[0]['url'];
$_SESSION['visitor_handle'] = $r[0]['addr'];
if(((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) {
$_SESSION['authenticated'] = 1;
+ if(! x($_SESSION,'remote'))
+ $_SESSION['remote'] = array();
+ $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
$_SESSION['visitor_id'] = $r[0]['id'];
$_SESSION['visitor_home'] = $r[0]['url'];
$_SESSION['visitor_visiting'] = $r[0]['uid'];
$contact = null;
$remote_contact = false;
- if(remote_user()) {
- $contact_id = $_SESSION['visitor_id'];
+ $contact_id = 0;
+
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $a->profile['uid']) {
+ $contact_id = $v['cid'];
+ break;
+ }
+ }
+ }
+
+ if($contact_id) {
$groups = init_groups_visitor($contact_id);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id),
$author = null;
$self = false;
+ $contact_id = 0;
if((local_user()) && (local_user() == $profile_uid)) {
$self = true;
);
}
elseif(remote_user()) {
- $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
- intval(remote_user())
- );
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $profile_uid) {
+ $contact_id = $v['cid'];
+ break;
+ }
+ }
+ }
+ if($contact_id) {
+ $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
+ intval($contact_id)
+ );
+ }
}
if(count($r)) {
$can_post = true;
else {
if($community_page && remote_user()) {
- $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
- intval(remote_user()),
- intval($page_owner_uid)
- );
- if(count($r)) {
- $can_post = true;
- $visitor = remote_user();
+ $cid = 0;
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $page_owner_uid) {
+ $cid = $v['cid'];
+ break;
+ }
+ }
+ }
+ if($cid) {
+
+ $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
+ intval($cid),
+ intval($page_owner_uid)
+ );
+ if(count($r)) {
+ $can_post = true;
+ $visitor = $cid;
+ }
}
}
}
$visitor = 0;
$contact = null;
$remote_contact = false;
+ $contact_id = 0;
$owner_uid = $a->data['user']['uid'];
$can_post = true;
else {
if($community_page && remote_user()) {
- $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
- intval(remote_user()),
- intval($owner_uid)
- );
- if(count($r)) {
- $can_post = true;
- $contact = $r[0];
- $remote_contact = true;
- $visitor = remote_user();
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $owner_uid) {
+ $contact_id = $v['cid'];
+ break;
+ }
+ }
+ }
+ if($contact_id) {
+
+ $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
+ intval($contact_id),
+ intval($owner_uid)
+ );
+ if(count($r)) {
+ $can_post = true;
+ $contact = $r[0];
+ $remote_contact = true;
+ $visitor = $cid;
+ }
}
}
}
// perhaps they're visiting - but not a community page, so they wouldn't have write access
if(remote_user() && (! $visitor)) {
- $contact_id = $_SESSION['visitor_id'];
- $groups = init_groups_visitor($contact_id);
- $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
- intval(remote_user()),
- intval($owner_uid)
- );
- if(count($r)) {
- $contact = $r[0];
- $remote_contact = true;
+ $contact_id = 0;
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $owner_uid) {
+ $contact_id = $v['cid'];
+ break;
+ }
+ }
+ }
+ if($contact_id) {
+ $groups = init_groups_visitor($contact_id);
+ $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
+ intval($contact_id),
+ intval($owner_uid)
+ );
+ if(count($r)) {
+ $contact = $r[0];
+ $remote_contact = true;
+ }
}
}
$drop = '';
- if(($item['contact-id'] == remote_user()) || ($item['uid'] == local_user()))
+ if(($item['contact-id'] == $contact_id) || ($item['uid'] == local_user()))
$drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
$contact = null;
$remote_contact = false;
- if(remote_user()) {
- $contact_id = $_SESSION['visitor_id'];
+ $contact_id = 0;
+
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $a->profile['profile_uid']) {
+ $contact_id = $v['cid'];
+ break;
+ }
+ }
+ }
+
+ if($contact_id) {
$groups = init_groups_visitor($contact_id);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id),
if(local_user() != $owner_uid)
return;
- if(remote_user()) {
- $r = q("select * from contact where id = %d AND `uid` = %d limit 1",
- intval(remote_user()),
- intval($item['uid'])
- );
- }
- else {
- $r = q("select * from contact where self = 1 and uid = %d limit 1",
- intval(local_user())
- );
- }
+ $r = q("select * from contact where self = 1 and uid = %d limit 1",
+ intval(local_user())
+ );
if(count($r))
$contact = $r[0];
else {
$can_post = true;
else {
if($community_page && remote_user()) {
- $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
- intval(remote_user()),
- intval($page_owner_uid)
- );
- if(count($r)) {
- $can_post = true;
- $visitor = remote_user();
+ $cid = 0;
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $page_owner_uid) {
+ $cid = $v['cid'];
+ break;
+ }
+ }
+ }
+ if($cid) {
+
+ $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
+ intval($cid),
+ intval($page_owner_uid)
+ );
+ if(count($r)) {
+ $can_post = true;
+ $visitor = $cid;
+ }
}
}
}
-
if(! $can_post) {
notice( t('Permission denied.') . EOL );
killme();
$can_post = true;
else {
if($community_page && remote_user()) {
- $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
- intval(remote_user()),
- intval($page_owner_uid)
- );
- if(count($r)) {
- $can_post = true;
- $visitor = remote_user();
- $default_cid = $visitor;
+ $cid = 0;
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $v) {
+ if($v['uid'] == $page_owner_uid) {
+ $cid = $v['cid'];
+ break;
+ }
+ }
+ }
+ if($cid) {
+
+ $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
+ intval($cid),
+ intval($page_owner_uid)
+ );
+ if(count($r)) {
+ $can_post = true;
+ $visitor = $cid;
+ }
}
}
}
projects / friendica.git / commitdiff