From 018728370966f703e504e2b3bdeeea62a549ac65 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sun, 3 Mar 2013 09:44:41 -0700 Subject: [PATCH] allow admin to prevent private image embedding on hub --- include/items.php | 6 +++- include/text.php | 33 +++++++++++++++++-- mod/admin.php | 5 ++- view/admin_site.tpl | 1 + view/smarty3/admin_site.tpl | 1 + view/theme/decaf-mobile/admin_site.tpl | 3 +- .../theme/decaf-mobile/smarty3/admin_site.tpl | 3 +- view/theme/frost-mobile/admin_site.tpl | 3 +- .../theme/frost-mobile/smarty3/admin_site.tpl | 3 +- view/theme/frost/admin_site.tpl | 3 +- view/theme/frost/smarty3/admin_site.tpl | 3 +- 11 files changed, 54 insertions(+), 10 deletions(-) diff --git a/include/items.php b/include/items.php index b7be27932f..29f4d7256f 100755 --- a/include/items.php +++ b/include/items.php @@ -3644,9 +3644,13 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { } function fix_private_photos($s, $uid, $item = null, $cid = 0) { + + if(get_config('system','disable_embedded')) + return $s; + $a = get_app(); - logger('fix_private_photos', LOGGER_DEBUG); + logger('fix_private_photos: check for photos', LOGGER_DEBUG); $site = substr($a->get_baseurl(),strpos($a->get_baseurl(),'://')); $orig_body = $s; diff --git a/include/text.php b/include/text.php index 97cf6ac203..9dc90ac50a 100644 --- a/include/text.php +++ b/include/text.php @@ -1047,10 +1047,34 @@ function link_compare($a,$b) { return false; }} + +// Find any non-embedded images in private items and add redir links to them + +if(! function_exists('redir_private_images')) { +function redir_private_images($a, &$item) { + + $matches = false; + $cnt = preg_match_all('|\[img\](http[^\[]*?/photo/[a-fA-F0-9]+?(-[0-9]\.[\w]+?)?)\[\/img\]|', $item['body'], $matches, PREG_SET_ORDER); + if($cnt) { + //logger("redir_private_images: matches = " . print_r($matches, true)); + foreach($matches as $mtch) { + if(strpos($mtch[1], '/redir') !== false) + continue; + + if((local_user() == $item['uid']) && ($item['private'] != 0) && ($item['contact-id'] != $a->contact['id']) && ($item['network'] == NETWORK_DFRN)) { + //logger("redir_private_images: redir"); + $img_url = $a->get_baseurl() . '/redir?f=1&quiet=1&url=' . $mtch[1] . '&conurl=' . $item['author-link']; + $item['body'] = str_replace($mtch[0], "[img]".$img_url."[/img]", $item['body']); + } + } + } + +}} + + // Given an item array, convert the body element from bbcode to html and add smilie icons. // If attach is true, also add icons for item attachments - if(! function_exists('prepare_body')) { function prepare_body($item,$attach = false) { @@ -1066,14 +1090,19 @@ function prepare_body($item,$attach = false) { $s = file_get_contents($cachefile); $a->save_timestamp($stamp1, "file"); } else { + redir_private_images($a, $item); $s = prepare_text($item['body']); + $stamp1 = microtime(true); file_put_contents($cachefile, $s); $a->save_timestamp($stamp1, "file"); + logger('prepare_body: put item '.$item["id"].' into cachefile '.$cachefile); } - } else + } else { + redir_private_images($a, $item); $s = prepare_text($item['body']); + } $prep_arr = array('item' => $item, 'html' => $s); diff --git a/mod/admin.php b/mod/admin.php index 48cc4b1510..e4677b29c8 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -256,7 +256,8 @@ function admin_page_site_post(&$a){ $thread_allow = ((x($_POST,'thread_allow')) ? True : False); $newuser_private = ((x($_POST,'newuser_private')) ? True : False); $enotify_no_content = ((x($_POST,'enotify_no_content')) ? True : False); - $private_addons = ((x($_POST,'private_addons')) ? True : False); + $private_addons = ((x($_POST,'private_addons')) ? True : False); + $disable_embedded = ((x($_POST,'disable_embedded')) ? True : False); $no_multi_reg = ((x($_POST,'no_multi_reg')) ? True : False); $no_openid = !((x($_POST,'no_openid')) ? True : False); @@ -374,6 +375,7 @@ function admin_page_site_post(&$a){ set_config('system','thread_allow', $thread_allow); set_config('system','newuser_private', $newuser_private); set_config('system','enotify_no_content', $enotify_no_content); + set_config('system','disable_embedded', $disable_embedded); set_config('system','block_extended_register', $no_multi_reg); set_config('system','no_openid', $no_openid); @@ -510,6 +512,7 @@ function admin_page_site(&$a) { '$newuser_private' => array('newuser_private', t("Private posts by default for new users"), get_config('system','newuser_private'), t("Set default post permissions for all new members to the default privacy group rather than public.")), '$enotify_no_content' => array('enotify_no_content', t("Don't include post content in email notifications"), get_config('system','enotify_no_content'), t("Don't include the content of a post/comment/private message/etc. in the email notifications that are sent out from this site, as a privacy measure.")), '$private_addons' => array('private_addons', t("Disallow public access to addons listed in the apps menu."), get_config('config','private_addons'), t("Checking this box will restrict addons listed in the apps menu to members only.")), + '$disable_embedded' => array('disable_embedded', t("Don't embed private images in posts"), get_config('system','disable_embedded'), t("Don't replace locally-hosted private photos in posts with an embedded copy of the image. This means that contacts who receive posts containing private photos won't be able to see them unless they first visit the owner's profile page, or unless they have the redir_private_img plugin enabled.")), '$no_multi_reg' => array('no_multi_reg', t("Block multiple registrations"), get_config('system','block_extended_register'), t("Disallow users to register additional accounts for use as pages.")), '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), t("OpenID support for registration and logins.")), diff --git a/view/admin_site.tpl b/view/admin_site.tpl index 0d3d451b1c..f66d31cdcc 100644 --- a/view/admin_site.tpl +++ b/view/admin_site.tpl @@ -86,6 +86,7 @@ {{ inc field_checkbox.tpl with $field=$newuser_private }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$enotify_no_content }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$private_addons }}{{ endinc }} + {{ inc field_checkbox.tpl with $field=$disable_embedded }}{{ endinc }}

$advanced

diff --git a/view/smarty3/admin_site.tpl b/view/smarty3/admin_site.tpl index 30678f1bf2..8d5b72a46e 100644 --- a/view/smarty3/admin_site.tpl +++ b/view/smarty3/admin_site.tpl @@ -91,6 +91,7 @@ {{include file="field_checkbox.tpl" field=$newuser_private}} {{include file="field_checkbox.tpl" field=$enotify_no_content}} {{include file="field_checkbox.tpl" field=$private_addons}} + {{include file="field_checkbox.tpl" field=$disable_embedded}}

{{$advanced}}

diff --git a/view/theme/decaf-mobile/admin_site.tpl b/view/theme/decaf-mobile/admin_site.tpl index a419cd9a57..349c8e5a99 100644 --- a/view/theme/decaf-mobile/admin_site.tpl +++ b/view/theme/decaf-mobile/admin_site.tpl @@ -42,7 +42,8 @@ {{ inc field_checkbox.tpl with $field=$thread_allow }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$newuser_private }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$enotify_no_content }}{{ endinc }} - + {{ inc field_checkbox.tpl with $field=$private_addons }}{{ endinc }} + {{ inc field_checkbox.tpl with $field=$disable_embedded }}{{ endinc }}

$advanced

diff --git a/view/theme/decaf-mobile/smarty3/admin_site.tpl b/view/theme/decaf-mobile/smarty3/admin_site.tpl index 40580c4860..5856d9792e 100644 --- a/view/theme/decaf-mobile/smarty3/admin_site.tpl +++ b/view/theme/decaf-mobile/smarty3/admin_site.tpl @@ -47,7 +47,8 @@ {{include file="field_checkbox.tpl" field=$thread_allow}} {{include file="field_checkbox.tpl" field=$newuser_private}} {{include file="field_checkbox.tpl" field=$enotify_no_content}} - + {{include file="field_checkbox.tpl" field=$private_addons}} + {{include file="field_checkbox.tpl" field=$disable_embedded}}

{{$advanced}}

diff --git a/view/theme/frost-mobile/admin_site.tpl b/view/theme/frost-mobile/admin_site.tpl index a419cd9a57..349c8e5a99 100644 --- a/view/theme/frost-mobile/admin_site.tpl +++ b/view/theme/frost-mobile/admin_site.tpl @@ -42,7 +42,8 @@ {{ inc field_checkbox.tpl with $field=$thread_allow }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$newuser_private }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$enotify_no_content }}{{ endinc }} - + {{ inc field_checkbox.tpl with $field=$private_addons }}{{ endinc }} + {{ inc field_checkbox.tpl with $field=$disable_embedded }}{{ endinc }}

$advanced

diff --git a/view/theme/frost-mobile/smarty3/admin_site.tpl b/view/theme/frost-mobile/smarty3/admin_site.tpl index 40580c4860..5856d9792e 100644 --- a/view/theme/frost-mobile/smarty3/admin_site.tpl +++ b/view/theme/frost-mobile/smarty3/admin_site.tpl @@ -47,7 +47,8 @@ {{include file="field_checkbox.tpl" field=$thread_allow}} {{include file="field_checkbox.tpl" field=$newuser_private}} {{include file="field_checkbox.tpl" field=$enotify_no_content}} - + {{include file="field_checkbox.tpl" field=$private_addons}} + {{include file="field_checkbox.tpl" field=$disable_embedded}}

{{$advanced}}

diff --git a/view/theme/frost/admin_site.tpl b/view/theme/frost/admin_site.tpl index c57c14569c..38cbdb3ce7 100644 --- a/view/theme/frost/admin_site.tpl +++ b/view/theme/frost/admin_site.tpl @@ -44,7 +44,8 @@ {{ inc field_checkbox.tpl with $field=$thread_allow }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$newuser_private }}{{ endinc }} {{ inc field_checkbox.tpl with $field=$enotify_no_content }}{{ endinc }} - + {{ inc field_checkbox.tpl with $field=$private_addons }}{{ endinc }} + {{ inc field_checkbox.tpl with $field=$disable_embedded }}{{ endinc }}

$advanced

diff --git a/view/theme/frost/smarty3/admin_site.tpl b/view/theme/frost/smarty3/admin_site.tpl index 2f51173591..247972712b 100644 --- a/view/theme/frost/smarty3/admin_site.tpl +++ b/view/theme/frost/smarty3/admin_site.tpl @@ -49,7 +49,8 @@ {{include file="field_checkbox.tpl" field=$thread_allow}} {{include file="field_checkbox.tpl" field=$newuser_private}} {{include file="field_checkbox.tpl" field=$enotify_no_content}} - + {{include file="field_checkbox.tpl" field=$private_addons}} + {{include file="field_checkbox.tpl" field=$disable_embedded}}

{{$advanced}}

-- 2.39.5