redir links for permission controlled attachments

diff --git a/include/conversation.php b/include/conversation.php
index 6bf673b97fa658fb5faa76c37a3aad3c3dd1622c..dc574ddff8e899a0caa0f494d1e46dff0324565c 100644 (file)
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -174,6 +174,7 @@ function localize_item(&$item){
                }
        }
 
+
 }
 
 /**

diff --git a/include/text.php b/include/text.php
index e3c6833387858986c07f52c762933c8a965db92e..e93c24ef4c874c93ffc3c5cbe309359bc1a01f1c 100644 (file)
--- a/include/text.php
+++ b/include/text.php
@@ -901,24 +901,30 @@ function prepare_body($item,$attach = false) {
                foreach($arr as $r) {
                        $matches = false;
                        $icon = '';
-                       $cnt = preg_match('|\[attach\]href=\"(.*?)\" length=\"(.*?)\" type=\"(.*?)\" title=\"(.*?)\"\[\/attach\]|',$r,$matches);
+                       $cnt = preg_match_all('|\[attach\]href=\"(.*?)\" length=\"(.*?)\" type=\"(.*?)\" title=\"(.*?)\"\[\/attach\]|',$r,$matches, PREG_SET_ORDER);
                        if($cnt) {
-                               $icontype = strtolower(substr($matches[3],0,strpos($matches[3],'/')));
-                               switch($icontype) {
-                                       case 'video':
-                                       case 'audio':
-                                       case 'image':
-                                       case 'text':
-                                               $icon = '<div class="attachtype icon s22 type-' . $icontype . '"></div>';
-                                               break;
-                                       default:
-                                               $icon = '<div class="attachtype icon s22 type-unkn"></div>';
-                                               break;
+                               foreach($matches as $mtch) {
+                                       $icontype = strtolower(substr($mtch[3],0,strpos($mtch[3],'/')));
+                                       switch($icontype) {
+                                               case 'video':
+                                               case 'audio':
+                                               case 'image':
+                                               case 'text':
+                                                       $icon = '<div class="attachtype icon s22 type-' . $icontype . '"></div>';
+                                                       break;
+                                               default:
+                                                       $icon = '<div class="attachtype icon s22 type-unkn"></div>';
+                                                       break;
+                                       }
+                                       $title = ((strlen(trim($mtch[4]))) ? escape_tags(trim($mtch[4])) : escape_tags($mtch[1]));
+                                       $title .= ' ' . $mtch[2] . ' ' . t('bytes');
+                                       if((local_user() == $item['uid']) && $item['contact-id'] != $a->contact['id'])
+                                               $the_url = $a->get_baseurl() . '/redir/' . $item['contact-id'] . '?f=1&url=' . $mtch[1];
+                                       else
+                                               $the_url = $mtch[1];
+
+                                       $s .= '<a href="' . strip_tags($the_url) . '" title="' . $title . '" class="attachlink" target="external-link" >' . $icon . '</a>';
                                }
-                               $title = ((strlen(trim($matches[4]))) ? escape_tags(trim($matches[4])) : escape_tags($matches[1]));
-                               $title .= ' ' . $matches[2] . ' ' . t('bytes');
-
-                               $s .= '<a href="' . strip_tags($matches[1]) . '" title="' . $title . '" class="attachlink" target="external-link" >' . $icon . '</a>';
                        }
                }
                $s .= '<div class="clear"></div></div>';

diff --git a/mod/item.php b/mod/item.php
index 9f6b2aef434b5af3f199e1fa8ca42ef0cc546e4e..81dd553cdb795895dfd9a204d28ca49871a61de0 100644 (file)
--- a/mod/item.php
+++ b/mod/item.php
@@ -290,18 +290,16 @@ function item_post(&$a) {
        $author = null;
        $self   = false;
 
-       if(($_SESSION['uid']) && ($_SESSION['uid'] == $profile_uid)) {
+       if((local_user()) && (local_user() == $profile_uid)) {
                $self = true;
                $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
                        intval($_SESSION['uid'])
                );
        }
-       else {
-               if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) {
-                       $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
-                               intval($_SESSION['visitor_id'])
-                       );
-               }
+       elseif(remote_user()) {
+               $r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
+                       intval(remote_user())
+               );
        }
 
        if(count($r)) {
@@ -311,7 +309,7 @@ function item_post(&$a) {
 
        // get contact info for owner
        
-       if($profile_uid == $_SESSION['uid']) {
+       if($profile_uid == local_user()) {
                $contact_record = $author;
        }
        else {
@@ -322,8 +320,6 @@ function item_post(&$a) {
                        $contact_record = $r[0];
        }
 
-
-
        $post_type = notags(trim($_REQUEST['type']));
 
        if($post_type === 'net-comment') {

diff --git a/mod/redir.php b/mod/redir.php
index 9223e5483c0c5b816485e8c7dd62ac88402bf3ca..0f7b5cc23f0ff8899c63733df57aef8bdad4d084 100644 (file)
--- a/mod/redir.php
+++ b/mod/redir.php
@@ -6,7 +6,7 @@ function redir_init(&$a) {
 
        // traditional DFRN
 
-       if(local_user() && $a->argc == 2 && intval($a->argv[1])) {
+       if(local_user() && $a->argc > 1 && intval($a->argv[1])) {
 
                $cid = $a->argv[1];