From: Zach Prezkuta Date: Sun, 7 Apr 2013 17:38:37 +0000 (-0600) Subject: allow visiting other people's display/ links if I have a copy of the post X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=2cc73dbef3da678a65cd395b90b39b5c8670144b;p=friendica.git allow visiting other people's display/ links if I have a copy of the post --- diff --git a/mod/display.php b/mod/display.php index bb2733e61b..24ce35791a 100644 --- a/mod/display.php +++ b/mod/display.php @@ -43,7 +43,7 @@ function display_content(&$a, $update = 0) { $a->profile = array('uid' => intval($update), 'profile_uid' => intval($update)); } else { - $item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0); + $item_id = (($a->argc > 2) ? $a->argv[2] : 0); } if(! $item_id) { @@ -142,16 +142,46 @@ function display_content(&$a, $update = 0) { WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' )) + AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' ) + AND uid = %d ) $sql_extra ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ", intval($a->profile['uid']), dbesc($item_id), - dbesc($item_id) + dbesc($item_id), + intval($a->profile['uid']) ); + if(!$r && local_user()) { + // Check if this is another person's link to a post that we have + $r = q("SELECT `item`.uri FROM `item` + WHERE (`item`.`id` = '%s' OR `item`.`uri` = '%s' ) + LIMIT 1", + dbesc($item_id), + dbesc($item_id) + ); + if($r) { + $item_uri = $r[0]['uri']; + + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, + `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` + FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` + WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + and `item`.`moderated` = 0 + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE `uri` = '%s' AND uid = %d ) + ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ", + intval(local_user()), + dbesc($item_uri), + intval(local_user()) + ); + } + } + - if(count($r)) { + if($r) { if((local_user()) && (local_user() == $a->profile['uid'])) { q("UPDATE `item` SET `unseen` = 0 @@ -171,15 +201,17 @@ function display_content(&$a, $update = 0) { require_once("include/html2plain.php"); $description = trim(html2plain(bbcode($r[0]["body"], false, false), 0, true)); $title = trim(html2plain(bbcode($r[0]["title"], false, false), 0, true)); + $author_name = $r[0]["author-name"]; + + if ($title == "") + $title = $author_name; $description = htmlspecialchars($description, ENT_COMPAT, 'UTF-8', true); // allow double encoding here $title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8', true); // allow double encoding here - - if ($title == "") - $title = $r[0]["author-name"]; + $author_name = htmlspecialchars($author_name, ENT_COMPAT, 'UTF-8', true); // allow double encoding here // - $a->page['htmlhead'] .= ''."\n"; + $a->page['htmlhead'] .= ''."\n"; $a->page['htmlhead'] .= ''."\n"; $a->page['htmlhead'] .= ''."\n"; $a->page['htmlhead'] .= ''."\n"; @@ -192,27 +224,26 @@ function display_content(&$a, $update = 0) { // $a->page['htmlhead'] .= ''."\n"; $a->page['htmlhead'] .= ''."\n"; - $a->page['htmlhead'] .= ''."\n"; + $a->page['htmlhead'] .= ''."\n"; // article:tag + return $o; } - else { - $r = q("SELECT `id`,`deleted` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1", - dbesc($item_id), - dbesc($item_id) - ); - if(count($r)) { - if($r[0]['deleted']) { - notice( t('Item has been removed.') . EOL ); - } - else { - notice( t('Permission denied.') . EOL ); - } + + $r = q("SELECT `id`,`deleted` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1", + dbesc($item_id), + dbesc($item_id) + ); + if($r) { + if($r[0]['deleted']) { + notice( t('Item has been removed.') . EOL ); } - else { - notice( t('Item not found.') . EOL ); + else { + notice( t('Permission denied.') . EOL ); } - + } + else { + notice( t('Item not found.') . EOL ); } return $o;