Merge pull request #5144 from annando/deleted-item
Fix for not being able to delete items you don't own
This commit is contained in:
commit
2e97cbe728
22 changed files with 123 additions and 78 deletions
2
boot.php
2
boot.php
|
@ -41,7 +41,7 @@ define('FRIENDICA_PLATFORM', 'Friendica');
|
||||||
define('FRIENDICA_CODENAME', 'The Tazmans Flax-lily');
|
define('FRIENDICA_CODENAME', 'The Tazmans Flax-lily');
|
||||||
define('FRIENDICA_VERSION', '2018.05-rc');
|
define('FRIENDICA_VERSION', '2018.05-rc');
|
||||||
define('DFRN_PROTOCOL_VERSION', '2.23');
|
define('DFRN_PROTOCOL_VERSION', '2.23');
|
||||||
define('DB_UPDATE_VERSION', 1265);
|
define('DB_UPDATE_VERSION', 1266);
|
||||||
define('NEW_UPDATE_ROUTINE_VERSION', 1170);
|
define('NEW_UPDATE_ROUTINE_VERSION', 1170);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
12
database.sql
12
database.sql
|
@ -1,6 +1,6 @@
|
||||||
-- ------------------------------------------
|
-- ------------------------------------------
|
||||||
-- Friendica 2018.05-rc (The Tazmans Flax-lily)
|
-- Friendica 2018.05-rc (The Tazmans Flax-lily)
|
||||||
-- DB_UPDATE_VERSION 1265
|
-- DB_UPDATE_VERSION 1266
|
||||||
-- ------------------------------------------
|
-- ------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
@ -1076,6 +1076,16 @@ CREATE TABLE IF NOT EXISTS `userd` (
|
||||||
INDEX `username` (`username`(32))
|
INDEX `username` (`username`(32))
|
||||||
) DEFAULT COLLATE utf8mb4_general_ci;
|
) DEFAULT COLLATE utf8mb4_general_ci;
|
||||||
|
|
||||||
|
--
|
||||||
|
-- TABLE user-item
|
||||||
|
--
|
||||||
|
CREATE TABLE IF NOT EXISTS `user-item` (
|
||||||
|
`iid` int unsigned NOT NULL DEFAULT 0 COMMENT 'Item id',
|
||||||
|
`uid` mediumint unsigned NOT NULL DEFAULT 0 COMMENT 'User id',
|
||||||
|
`hidden` boolean NOT NULL DEFAULT '0' COMMENT 'Hidden marker',
|
||||||
|
PRIMARY KEY(`uid`,`iid`)
|
||||||
|
) DEFAULT COLLATE utf8mb4_general_ci;
|
||||||
|
|
||||||
--
|
--
|
||||||
-- TABLE workerqueue
|
-- TABLE workerqueue
|
||||||
--
|
--
|
||||||
|
|
|
@ -1663,7 +1663,7 @@ function api_search($type)
|
||||||
|
|
||||||
$r = dba::p(
|
$r = dba::p(
|
||||||
"SELECT ".item_fieldlists()."
|
"SELECT ".item_fieldlists()."
|
||||||
FROM `item` ".item_joins()."
|
FROM `item` ".item_joins(api_user())."
|
||||||
WHERE ".item_condition()." AND (`item`.`uid` = 0 OR (`item`.`uid` = ? AND NOT `item`.`global`))
|
WHERE ".item_condition()." AND (`item`.`uid` = 0 OR (`item`.`uid` = ? AND NOT `item`.`global`))
|
||||||
AND `item`.`body` LIKE CONCAT('%',?,'%')
|
AND `item`.`body` LIKE CONCAT('%',?,'%')
|
||||||
$sql_extra
|
$sql_extra
|
||||||
|
@ -1827,7 +1827,7 @@ function api_statuses_public_timeline($type)
|
||||||
"SELECT " . item_fieldlists() . "
|
"SELECT " . item_fieldlists() . "
|
||||||
FROM `thread`
|
FROM `thread`
|
||||||
STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
|
STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
|
||||||
" . item_joins() . "
|
" . item_joins(api_user()) . "
|
||||||
STRAIGHT_JOIN `user` ON `user`.`uid` = `thread`.`uid`
|
STRAIGHT_JOIN `user` ON `user`.`uid` = `thread`.`uid`
|
||||||
AND NOT `user`.`hidewall`
|
AND NOT `user`.`hidewall`
|
||||||
AND `verb` = ?
|
AND `verb` = ?
|
||||||
|
@ -1856,7 +1856,7 @@ function api_statuses_public_timeline($type)
|
||||||
$r = dba::p(
|
$r = dba::p(
|
||||||
"SELECT " . item_fieldlists() . "
|
"SELECT " . item_fieldlists() . "
|
||||||
FROM `item`
|
FROM `item`
|
||||||
" . item_joins() . "
|
" . item_joins(api_user()) . "
|
||||||
STRAIGHT_JOIN `user` ON `user`.`uid` = `item`.`uid`
|
STRAIGHT_JOIN `user` ON `user`.`uid` = `item`.`uid`
|
||||||
AND NOT `user`.`hidewall`
|
AND NOT `user`.`hidewall`
|
||||||
AND `verb` = ?
|
AND `verb` = ?
|
||||||
|
@ -1930,7 +1930,7 @@ function api_statuses_networkpublic_timeline($type)
|
||||||
"SELECT " . item_fieldlists() . "
|
"SELECT " . item_fieldlists() . "
|
||||||
FROM `thread`
|
FROM `thread`
|
||||||
STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
|
STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
|
||||||
" . item_joins() . "
|
" . item_joins(api_user()) . "
|
||||||
WHERE `thread`.`uid` = 0
|
WHERE `thread`.`uid` = 0
|
||||||
AND `verb` = ?
|
AND `verb` = ?
|
||||||
AND NOT `thread`.`private`
|
AND NOT `thread`.`private`
|
||||||
|
@ -2256,7 +2256,7 @@ function api_statuses_destroy($type)
|
||||||
|
|
||||||
$ret = api_statuses_show($type);
|
$ret = api_statuses_show($type);
|
||||||
|
|
||||||
Item::deleteById($id);
|
Item::deleteForUser(['id' => $id], api_user());
|
||||||
|
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
@ -4148,7 +4148,7 @@ function api_fr_photoalbum_delete($type)
|
||||||
if (!DBM::is_result($photo_item)) {
|
if (!DBM::is_result($photo_item)) {
|
||||||
throw new InternalServerErrorException("problem with deleting items occured");
|
throw new InternalServerErrorException("problem with deleting items occured");
|
||||||
}
|
}
|
||||||
Item::deleteById($photo_item[0]['id']);
|
Item::deleteForUser(['id' => $photo_item[0]['id']], api_user());
|
||||||
}
|
}
|
||||||
|
|
||||||
// now let's delete all photos from the album
|
// now let's delete all photos from the album
|
||||||
|
@ -4441,7 +4441,7 @@ function api_fr_photo_delete($type)
|
||||||
}
|
}
|
||||||
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
|
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
|
||||||
// to the user and the contacts of the users (drop_items() do all the necessary magic to avoid orphans in database and federate deletion)
|
// to the user and the contacts of the users (drop_items() do all the necessary magic to avoid orphans in database and federate deletion)
|
||||||
Item::deleteById($photo_item[0]['id']);
|
Item::deleteForUser(['id' => $photo_item[0]['id']], api_user());
|
||||||
|
|
||||||
$answer = ['result' => 'deleted', 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.'];
|
$answer = ['result' => 'deleted', 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.'];
|
||||||
return api_format_data("photo_delete", $type, ['$result' => $answer]);
|
return api_format_data("photo_delete", $type, ['$result' => $answer]);
|
||||||
|
|
|
@ -405,10 +405,12 @@ function visible_activity($item) {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief SQL query for items
|
* @brief SQL query for items
|
||||||
|
*
|
||||||
|
* @param int $uid user id
|
||||||
*/
|
*/
|
||||||
function item_query() {
|
function item_query($uid = 0) {
|
||||||
return "SELECT " . item_fieldlists() . " FROM `item` " .
|
return "SELECT " . item_fieldlists() . " FROM `item` " .
|
||||||
item_joins() . " WHERE " . item_condition();
|
item_joins($uid) . " WHERE " . item_condition();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -467,16 +469,19 @@ These Fields are not added below (yet). They are here to for bug search.
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief SQL join for contacts that are needed for displaying items
|
* @brief SQL join for contacts that are needed for displaying items
|
||||||
|
*
|
||||||
|
* @param int $uid user id
|
||||||
*/
|
*/
|
||||||
function item_joins() {
|
function item_joins($uid = 0) {
|
||||||
return sprintf("STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
return sprintf("STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
||||||
AND NOT `contact`.`blocked`
|
AND NOT `contact`.`blocked`
|
||||||
AND ((NOT `contact`.`readonly` AND NOT `contact`.`pending` AND (`contact`.`rel` IN (%s, %s)))
|
AND ((NOT `contact`.`readonly` AND NOT `contact`.`pending` AND (`contact`.`rel` IN (%s, %s)))
|
||||||
OR `contact`.`self` OR (`item`.`id` != `item`.`parent`) OR `contact`.`uid` = 0)
|
OR `contact`.`self` OR (`item`.`id` != `item`.`parent`) OR `contact`.`uid` = 0)
|
||||||
INNER JOIN `contact` AS `author` ON `author`.`id`=`item`.`author-id` AND NOT `author`.`blocked`
|
INNER JOIN `contact` AS `author` ON `author`.`id`=`item`.`author-id` AND NOT `author`.`blocked`
|
||||||
INNER JOIN `contact` AS `owner` ON `owner`.`id`=`item`.`owner-id` AND NOT `owner`.`blocked`
|
INNER JOIN `contact` AS `owner` ON `owner`.`id`=`item`.`owner-id` AND NOT `owner`.`blocked`
|
||||||
|
LEFT JOIN `user-item` ON `user-item`.`iid` = `item`.`id` AND `user-item`.`uid` = %d
|
||||||
LEFT JOIN `event` ON `event-id` = `event`.`id`",
|
LEFT JOIN `event` ON `event-id` = `event`.`id`",
|
||||||
CONTACT_IS_SHARING, CONTACT_IS_FRIEND
|
CONTACT_IS_SHARING, CONTACT_IS_FRIEND, intval($uid)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -484,7 +489,7 @@ function item_joins() {
|
||||||
* @brief SQL condition for items that are needed for displaying items
|
* @brief SQL condition for items that are needed for displaying items
|
||||||
*/
|
*/
|
||||||
function item_condition() {
|
function item_condition() {
|
||||||
return "`item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`";
|
return "`item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`) ";
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -497,7 +502,7 @@ function item_condition() {
|
||||||
* that are based on unique features of the calling module.
|
* that are based on unique features of the calling module.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
function conversation(App $a, $items, $mode, $update, $preview = false, $order = 'commented') {
|
function conversation(App $a, $items, $mode, $update, $preview = false, $order = 'commented', $uid = 0) {
|
||||||
require_once 'mod/proxy.php';
|
require_once 'mod/proxy.php';
|
||||||
|
|
||||||
$ssl_state = ((local_user()) ? true : false);
|
$ssl_state = ((local_user()) ? true : false);
|
||||||
|
@ -521,7 +526,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order =
|
||||||
$previewing = (($preview) ? ' preview ' : '');
|
$previewing = (($preview) ? ' preview ' : '');
|
||||||
|
|
||||||
if ($mode === 'network') {
|
if ($mode === 'network') {
|
||||||
$items = conversation_add_children($items, false, $order);
|
$items = conversation_add_children($items, false, $order, $uid);
|
||||||
$profile_owner = local_user();
|
$profile_owner = local_user();
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
/*
|
/*
|
||||||
|
@ -582,7 +587,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order =
|
||||||
. " var profile_page = 1; </script>";
|
. " var profile_page = 1; </script>";
|
||||||
}
|
}
|
||||||
} elseif ($mode === 'community') {
|
} elseif ($mode === 'community') {
|
||||||
$items = conversation_add_children($items, true, $order);
|
$items = conversation_add_children($items, true, $order, $uid);
|
||||||
$profile_owner = 0;
|
$profile_owner = 0;
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
$live_update_div = '<div id="live-community"></div>' . "\r\n"
|
$live_update_div = '<div id="live-community"></div>' . "\r\n"
|
||||||
|
@ -885,7 +890,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order =
|
||||||
*
|
*
|
||||||
* @return array items with parents and comments
|
* @return array items with parents and comments
|
||||||
*/
|
*/
|
||||||
function conversation_add_children($parents, $block_authors, $order) {
|
function conversation_add_children($parents, $block_authors, $order, $uid) {
|
||||||
$max_comments = Config::get('system', 'max_comments', 100);
|
$max_comments = Config::get('system', 'max_comments', 100);
|
||||||
|
|
||||||
if ($max_comments > 0) {
|
if ($max_comments > 0) {
|
||||||
|
@ -899,7 +904,7 @@ function conversation_add_children($parents, $block_authors, $order) {
|
||||||
$block_sql = $block_authors ? "AND NOT `author`.`hidden` AND NOT `author`.`blocked`" : "";
|
$block_sql = $block_authors ? "AND NOT `author`.`hidden` AND NOT `author`.`blocked`" : "";
|
||||||
|
|
||||||
foreach ($parents AS $parent) {
|
foreach ($parents AS $parent) {
|
||||||
$thread_items = dba::p(item_query()."AND `item`.`parent-uri` = ?
|
$thread_items = dba::p(item_query(local_user())."AND `item`.`parent-uri` = ?
|
||||||
AND `item`.`uid` IN (0, ?) $block_sql
|
AND `item`.`uid` IN (0, ?) $block_sql
|
||||||
ORDER BY `item`.`uid` ASC, `item`.`commented` DESC" . $limit,
|
ORDER BY `item`.`uid` ASC, `item`.`commented` DESC" . $limit,
|
||||||
$parent['uri'], local_user());
|
$parent['uri'], local_user());
|
||||||
|
|
|
@ -321,7 +321,7 @@ function drop_items($items) {
|
||||||
|
|
||||||
if (count($items)) {
|
if (count($items)) {
|
||||||
foreach ($items as $item) {
|
foreach ($items as $item) {
|
||||||
$owner = Item::deleteById($item);
|
$owner = Item::deleteForUser(['id' => $item], local_user());
|
||||||
if ($owner && !$uid)
|
if ($owner && !$uid)
|
||||||
$uid = $owner;
|
$uid = $owner;
|
||||||
}
|
}
|
||||||
|
@ -393,7 +393,7 @@ function drop_item($id) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// delete the item
|
// delete the item
|
||||||
Item::deleteById($item['id']);
|
Item::deleteForUser(['id' => $item['id']], local_user());
|
||||||
|
|
||||||
goaway(System::baseUrl() . '/' . $_SESSION['return_url']);
|
goaway(System::baseUrl() . '/' . $_SESSION['return_url']);
|
||||||
//NOTREACHED
|
//NOTREACHED
|
||||||
|
|
|
@ -555,14 +555,9 @@ function admin_page_deleteitem_post(App $a)
|
||||||
if (strpos($guid, '/')) {
|
if (strpos($guid, '/')) {
|
||||||
$guid = substr($guid, strrpos($guid, '/') + 1);
|
$guid = substr($guid, strrpos($guid, '/') + 1);
|
||||||
}
|
}
|
||||||
// Now that we have the GUID get all IDs of the associated entries in the
|
// Now that we have the GUID, drop those items, which will also delete the
|
||||||
// item table of the DB and drop those items, which will also delete the
|
|
||||||
// associated threads.
|
// associated threads.
|
||||||
$r = dba::select('item', ['id'], ['guid' => $guid]);
|
Item::delete(['guid' => $guid]);
|
||||||
while ($row = dba::fetch($r)) {
|
|
||||||
Item::deleteById($row['id']);
|
|
||||||
}
|
|
||||||
dba::close($r);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
info(L10n::t('Item marked for deletion.') . EOL);
|
info(L10n::t('Item marked for deletion.') . EOL);
|
||||||
|
|
|
@ -171,7 +171,7 @@ function community_content(App $a, $update = 0)
|
||||||
$s = $r;
|
$s = $r;
|
||||||
}
|
}
|
||||||
|
|
||||||
$o .= conversation($a, $s, 'community', $update);
|
$o .= conversation($a, $s, 'community', $update, false, 'commented', local_user());
|
||||||
|
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
$o .= alt_pager($a, count($r));
|
$o .= alt_pager($a, count($r));
|
||||||
|
|
|
@ -346,7 +346,7 @@ function display_content(App $a, $update = false, $update_uid = 0) {
|
||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
$r = dba::p(item_query()."AND `item`.`parent-uri` = (SELECT `parent-uri` FROM `item` WHERE `id` = ?)
|
$r = dba::p(item_query(local_user())."AND `item`.`parent-uri` = (SELECT `parent-uri` FROM `item` WHERE `id` = ?)
|
||||||
AND `item`.`uid` IN (0, ?) $sql_extra
|
AND `item`.`uid` IN (0, ?) $sql_extra
|
||||||
ORDER BY `item`.`uid` ASC, `parent` DESC, `gravity` ASC, `id` ASC",
|
ORDER BY `item`.`uid` ASC, `parent` DESC, `gravity` ASC, `id` ASC",
|
||||||
$item_id, local_user()
|
$item_id, local_user()
|
||||||
|
@ -369,7 +369,7 @@ function display_content(App $a, $update = false, $update_uid = 0) {
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
$o .= "<script> var netargs = '?f=&item_id=" . $item_id . "'; </script>";
|
$o .= "<script> var netargs = '?f=&item_id=" . $item_id . "'; </script>";
|
||||||
}
|
}
|
||||||
$o .= conversation($a, $items, 'display', $update_uid);
|
$o .= conversation($a, $items, 'display', $update_uid, false, 'commented', local_user());
|
||||||
|
|
||||||
// Preparing the meta header
|
// Preparing the meta header
|
||||||
$description = trim(HTML::toPlaintext(BBCode::convert($s[0]["body"], false), 0, true));
|
$description = trim(HTML::toPlaintext(BBCode::convert($s[0]["body"], false), 0, true));
|
||||||
|
|
|
@ -545,7 +545,7 @@ function events_content(App $a) {
|
||||||
|
|
||||||
// Delete only real events (no birthdays)
|
// Delete only real events (no birthdays)
|
||||||
if (DBM::is_result($ev) && $ev[0]['type'] == 'event') {
|
if (DBM::is_result($ev) && $ev[0]['type'] == 'event') {
|
||||||
$del = Item::deleteById($ev[0]['itemid']);
|
$del = Item::deleteForUser(['id' => $ev[0]['itemid']], local_user());
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($del == 0) {
|
if ($del == 0) {
|
||||||
|
|
|
@ -877,7 +877,7 @@ function item_content(App $a) {
|
||||||
$o = '';
|
$o = '';
|
||||||
if (($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
|
if (($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
|
||||||
if (is_ajax()) {
|
if (is_ajax()) {
|
||||||
$o = Item::deleteById($a->argv[2]);
|
$o = Item::deleteForUser(['id' => $a->argv[2]], local_user());
|
||||||
} else {
|
} else {
|
||||||
$o = drop_item($a->argv[2]);
|
$o = drop_item($a->argv[2]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -345,7 +345,7 @@ function networkConversation($a, $items, $mode, $update, $ordering = '')
|
||||||
// Set this so that the conversation function can find out contact info for our wall-wall items
|
// Set this so that the conversation function can find out contact info for our wall-wall items
|
||||||
$a->page_contact = $a->contact;
|
$a->page_contact = $a->contact;
|
||||||
|
|
||||||
$o = conversation($a, $items, $mode, $update, false, $ordering);
|
$o = conversation($a, $items, $mode, $update, false, $ordering, local_user());
|
||||||
|
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
if (PConfig::get(local_user(), 'system', 'infinite_scroll')) {
|
if (PConfig::get(local_user(), 'system', 'infinite_scroll')) {
|
||||||
|
@ -456,8 +456,8 @@ function networkFlatView(App $a, $update = 0)
|
||||||
$items = q("SELECT %s FROM `item` $sql_post_table %s
|
$items = q("SELECT %s FROM `item` $sql_post_table %s
|
||||||
WHERE %s AND `item`.`uid` = %d
|
WHERE %s AND `item`.`uid` = %d
|
||||||
ORDER BY `item`.`id` DESC $pager_sql ",
|
ORDER BY `item`.`id` DESC $pager_sql ",
|
||||||
item_fieldlists(), item_joins(), item_condition(),
|
item_fieldlists(), item_joins(local_user()), item_condition(),
|
||||||
intval($_SESSION['uid'])
|
intval(local_user())
|
||||||
);
|
);
|
||||||
|
|
||||||
$condition = ['unseen' => true, 'uid' => local_user()];
|
$condition = ['unseen' => true, 'uid' => local_user()];
|
||||||
|
@ -610,7 +610,7 @@ function networkThreadedView(App $a, $update, $parent)
|
||||||
$sql_tag_nets = (($nets) ? sprintf(" AND `item`.`network` = '%s' ", dbesc($nets)) : '');
|
$sql_tag_nets = (($nets) ? sprintf(" AND `item`.`network` = '%s' ", dbesc($nets)) : '');
|
||||||
|
|
||||||
if ($gid) {
|
if ($gid) {
|
||||||
$group = dba::selectFirst('group', ['name'], ['id' => $gid, 'uid' => $_SESSION['uid']]);
|
$group = dba::selectFirst('group', ['name'], ['id' => $gid, 'uid' => local_user()]);
|
||||||
if (!DBM::is_result($group)) {
|
if (!DBM::is_result($group)) {
|
||||||
if ($update) {
|
if ($update) {
|
||||||
killme();
|
killme();
|
||||||
|
@ -626,7 +626,7 @@ function networkThreadedView(App $a, $update, $parent)
|
||||||
$contact_str_self = '';
|
$contact_str_self = '';
|
||||||
|
|
||||||
$contact_str = implode(',', $contacts);
|
$contact_str = implode(',', $contacts);
|
||||||
$self = dba::selectFirst('contact', ['id'], ['uid' => $_SESSION['uid'], 'self' => true]);
|
$self = dba::selectFirst('contact', ['id'], ['uid' => local_user(), 'self' => true]);
|
||||||
if (DBM::is_result($self)) {
|
if (DBM::is_result($self)) {
|
||||||
$contact_str_self = $self['id'];
|
$contact_str_self = $self['id'];
|
||||||
}
|
}
|
||||||
|
@ -774,12 +774,15 @@ function networkThreadedView(App $a, $update, $parent)
|
||||||
AND (`item`.`parent-uri` != `item`.`uri`
|
AND (`item`.`parent-uri` != `item`.`uri`
|
||||||
OR `contact`.`uid` = `item`.`uid` AND `contact`.`self`
|
OR `contact`.`uid` = `item`.`uid` AND `contact`.`self`
|
||||||
OR `contact`.`rel` IN (%d, %d) AND NOT `contact`.`readonly`)
|
OR `contact`.`rel` IN (%d, %d) AND NOT `contact`.`readonly`)
|
||||||
|
LEFT JOIN `user-item` ON `user-item`.`iid` = `item`.`id` AND `user-item`.`uid` = %d
|
||||||
WHERE `item`.`uid` = %d AND `item`.`visible` AND NOT `item`.`deleted`
|
WHERE `item`.`uid` = %d AND `item`.`visible` AND NOT `item`.`deleted`
|
||||||
|
AND (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`)
|
||||||
AND NOT `item`.`moderated` AND $sql_extra4
|
AND NOT `item`.`moderated` AND $sql_extra4
|
||||||
$sql_extra3 $sql_extra $sql_range $sql_nets
|
$sql_extra3 $sql_extra $sql_range $sql_nets
|
||||||
ORDER BY `order_date` DESC LIMIT 100",
|
ORDER BY `order_date` DESC LIMIT 100",
|
||||||
intval(CONTACT_IS_SHARING),
|
intval(CONTACT_IS_SHARING),
|
||||||
intval(CONTACT_IS_FRIEND),
|
intval(CONTACT_IS_FRIEND),
|
||||||
|
intval(local_user()),
|
||||||
intval(local_user())
|
intval(local_user())
|
||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
|
@ -791,12 +794,15 @@ function networkThreadedView(App $a, $update, $parent)
|
||||||
AND (`item`.`parent-uri` != `item`.`uri`
|
AND (`item`.`parent-uri` != `item`.`uri`
|
||||||
OR `contact`.`uid` = `item`.`uid` AND `contact`.`self`
|
OR `contact`.`uid` = `item`.`uid` AND `contact`.`self`
|
||||||
OR `contact`.`rel` IN (%d, %d) AND NOT `contact`.`readonly`)
|
OR `contact`.`rel` IN (%d, %d) AND NOT `contact`.`readonly`)
|
||||||
|
LEFT JOIN `user-item` ON `user-item`.`iid` = `item`.`id` AND `user-item`.`uid` = %d
|
||||||
WHERE `thread`.`uid` = %d AND `thread`.`visible` AND NOT `thread`.`deleted`
|
WHERE `thread`.`uid` = %d AND `thread`.`visible` AND NOT `thread`.`deleted`
|
||||||
AND NOT `thread`.`moderated`
|
AND NOT `thread`.`moderated`
|
||||||
|
AND (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`)
|
||||||
$sql_extra2 $sql_extra3 $sql_range $sql_extra $sql_nets
|
$sql_extra2 $sql_extra3 $sql_range $sql_extra $sql_nets
|
||||||
ORDER BY `order_date` DESC $pager_sql",
|
ORDER BY `order_date` DESC $pager_sql",
|
||||||
intval(CONTACT_IS_SHARING),
|
intval(CONTACT_IS_SHARING),
|
||||||
intval(CONTACT_IS_FRIEND),
|
intval(CONTACT_IS_FRIEND),
|
||||||
|
intval(local_user()),
|
||||||
intval(local_user())
|
intval(local_user())
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -82,7 +82,7 @@ function notes_content(App $a, $update = false)
|
||||||
WHERE %s AND `item`.`uid` = %d AND `item`.`type` = 'note'
|
WHERE %s AND `item`.`uid` = %d AND `item`.`type` = 'note'
|
||||||
AND `contact`.`self` AND `item`.`id` = `item`.`parent` AND NOT `item`.`wall`
|
AND `contact`.`self` AND `item`.`id` = `item`.`parent` AND NOT `item`.`wall`
|
||||||
$sql_extra ",
|
$sql_extra ",
|
||||||
item_joins(),
|
item_joins(local_user()),
|
||||||
item_condition(),
|
item_condition(),
|
||||||
intval(local_user())
|
intval(local_user())
|
||||||
);
|
);
|
||||||
|
@ -97,7 +97,7 @@ function notes_content(App $a, $update = false)
|
||||||
AND `item`.`id` = `item`.`parent` AND NOT `item`.`wall`
|
AND `item`.`id` = `item`.`parent` AND NOT `item`.`wall`
|
||||||
$sql_extra
|
$sql_extra
|
||||||
ORDER BY `item`.`created` DESC LIMIT %d ,%d ",
|
ORDER BY `item`.`created` DESC LIMIT %d ,%d ",
|
||||||
item_joins(),
|
item_joins(local_user()),
|
||||||
item_condition(),
|
item_condition(),
|
||||||
intval(local_user()),
|
intval(local_user()),
|
||||||
intval($a->pager['start']),
|
intval($a->pager['start']),
|
||||||
|
@ -119,7 +119,7 @@ function notes_content(App $a, $update = false)
|
||||||
$sql_extra
|
$sql_extra
|
||||||
ORDER BY `parent` DESC, `gravity` ASC, `item`.`id` ASC ",
|
ORDER BY `parent` DESC, `gravity` ASC, `item`.`id` ASC ",
|
||||||
item_fieldlists(),
|
item_fieldlists(),
|
||||||
item_joins(),
|
item_joins(local_user()),
|
||||||
item_condition(),
|
item_condition(),
|
||||||
intval(local_user()),
|
intval(local_user()),
|
||||||
dbesc($parents_str)
|
dbesc($parents_str)
|
||||||
|
|
|
@ -284,14 +284,7 @@ function photos_post(App $a)
|
||||||
);
|
);
|
||||||
|
|
||||||
// find and delete the corresponding item with all the comments and likes/dislikes
|
// find and delete the corresponding item with all the comments and likes/dislikes
|
||||||
$r = q("SELECT `id` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
|
Item::deleteForUser(['resource-id' => $res, 'uid' => $page_owner_uid], $page_owner_uid);
|
||||||
intval($page_owner_uid)
|
|
||||||
);
|
|
||||||
if (DBM::is_result($r)) {
|
|
||||||
foreach ($r as $rr) {
|
|
||||||
Item::deleteById($rr['id']);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Update the photo albums cache
|
// Update the photo albums cache
|
||||||
Photo::clearAlbumCache($page_owner_uid);
|
Photo::clearAlbumCache($page_owner_uid);
|
||||||
|
@ -344,16 +337,11 @@ function photos_post(App $a)
|
||||||
intval($page_owner_uid),
|
intval($page_owner_uid),
|
||||||
dbesc($r[0]['resource-id'])
|
dbesc($r[0]['resource-id'])
|
||||||
);
|
);
|
||||||
$i = q("SELECT `id` FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1",
|
|
||||||
dbesc($r[0]['resource-id']),
|
|
||||||
intval($page_owner_uid)
|
|
||||||
);
|
|
||||||
if (DBM::is_result($i)) {
|
|
||||||
Item::deleteById($i[0]['id']);
|
|
||||||
|
|
||||||
// Update the photo albums cache
|
Item::deleteForUser(['resource-id' => $r[0]['resource-id'], 'uid' => $page_owner_uid], $page_owner_uid);
|
||||||
Photo::clearAlbumCache($page_owner_uid);
|
|
||||||
}
|
// Update the photo albums cache
|
||||||
|
Photo::clearAlbumCache($page_owner_uid);
|
||||||
}
|
}
|
||||||
|
|
||||||
goaway('photos/' . $a->data['user']['nickname']);
|
goaway('photos/' . $a->data['user']['nickname']);
|
||||||
|
|
|
@ -339,7 +339,7 @@ function profile_content(App $a, $update = 0)
|
||||||
|
|
||||||
$parents_str = implode(', ', $parents_arr);
|
$parents_str = implode(', ', $parents_arr);
|
||||||
|
|
||||||
$items = q(item_query() . " AND `item`.`uid` = %d
|
$items = q(item_query($a->profile['profile_uid']) . " AND `item`.`uid` = %d
|
||||||
AND `item`.`parent` IN (%s)
|
AND `item`.`parent` IN (%s)
|
||||||
$sql_extra ",
|
$sql_extra ",
|
||||||
intval($a->profile['profile_uid']),
|
intval($a->profile['profile_uid']),
|
||||||
|
@ -365,7 +365,7 @@ function profile_content(App $a, $update = 0)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$o .= conversation($a, $items, 'profile', $update);
|
$o .= conversation($a, $items, 'profile', $update, false, 'commented', local_user());
|
||||||
|
|
||||||
if (!$update) {
|
if (!$update) {
|
||||||
$o .= alt_pager($a, count($items));
|
$o .= alt_pager($a, count($items));
|
||||||
|
|
|
@ -204,7 +204,7 @@ function search_content(App $a) {
|
||||||
AND `term`.`otype` = %d AND `term`.`type` = %d AND `term`.`term` = '%s' AND `item`.`verb` = '%s'
|
AND `term`.`otype` = %d AND `term`.`type` = %d AND `term`.`term` = '%s' AND `item`.`verb` = '%s'
|
||||||
AND NOT `author`.`blocked` AND NOT `author`.`hidden`
|
AND NOT `author`.`blocked` AND NOT `author`.`hidden`
|
||||||
ORDER BY term.created DESC LIMIT %d , %d ",
|
ORDER BY term.created DESC LIMIT %d , %d ",
|
||||||
item_fieldlists(), item_joins(), item_condition(),
|
item_fieldlists(), item_joins(local_user()), item_condition(),
|
||||||
intval(local_user()),
|
intval(local_user()),
|
||||||
intval(TERM_OBJ_POST), intval(TERM_HASHTAG), dbesc(protect_sprintf($search)), dbesc(ACTIVITY_POST),
|
intval(TERM_OBJ_POST), intval(TERM_HASHTAG), dbesc(protect_sprintf($search)), dbesc(ACTIVITY_POST),
|
||||||
intval($a->pager['start']), intval($a->pager['itemspage']));
|
intval($a->pager['start']), intval($a->pager['itemspage']));
|
||||||
|
@ -219,7 +219,7 @@ function search_content(App $a) {
|
||||||
AND NOT `author`.`blocked` AND NOT `author`.`hidden`
|
AND NOT `author`.`blocked` AND NOT `author`.`hidden`
|
||||||
$sql_extra
|
$sql_extra
|
||||||
GROUP BY `item`.`uri`, `item`.`id` ORDER BY `item`.`id` DESC LIMIT %d , %d",
|
GROUP BY `item`.`uri`, `item`.`id` ORDER BY `item`.`id` DESC LIMIT %d , %d",
|
||||||
item_fieldlists(), item_joins(), item_condition(),
|
item_fieldlists(), item_joins(local_user()), item_condition(),
|
||||||
intval(local_user()),
|
intval(local_user()),
|
||||||
intval($a->pager['start']), intval($a->pager['itemspage']));
|
intval($a->pager['start']), intval($a->pager['itemspage']));
|
||||||
}
|
}
|
||||||
|
@ -241,7 +241,7 @@ function search_content(App $a) {
|
||||||
]);
|
]);
|
||||||
|
|
||||||
logger("Start Conversation for '".$search."'", LOGGER_DEBUG);
|
logger("Start Conversation for '".$search."'", LOGGER_DEBUG);
|
||||||
$o .= conversation($a,$r,'search',false);
|
$o .= conversation($a, $r, 'search', false, false, 'commented', local_user());
|
||||||
|
|
||||||
$o .= alt_pager($a,count($r));
|
$o .= alt_pager($a,count($r));
|
||||||
|
|
||||||
|
|
|
@ -169,7 +169,7 @@ function videos_post(App $a) {
|
||||||
);
|
);
|
||||||
|
|
||||||
if (DBM::is_result($i)) {
|
if (DBM::is_result($i)) {
|
||||||
Item::deleteById($i[0]['id']);
|
Item::deleteForUser(['id' => $i[0]['id']], local_user());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1786,6 +1786,17 @@ class DBStructure
|
||||||
"username" => ["username(32)"],
|
"username" => ["username(32)"],
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
|
$database["user-item"] = [
|
||||||
|
"comment" => "User specific item data",
|
||||||
|
"fields" => [
|
||||||
|
"iid" => ["type" => "int unsigned", "not null" => "1", "default" => "0", "primary" => "1", "relation" => ["item" => "id"], "comment" => "Item id"],
|
||||||
|
"uid" => ["type" => "mediumint unsigned", "not null" => "1", "default" => "0", "primary" => "1", "relation" => ["user" => "uid"], "comment" => "User id"],
|
||||||
|
"hidden" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => "Marker to hide an item from the user"],
|
||||||
|
],
|
||||||
|
"indexes" => [
|
||||||
|
"PRIMARY" => ["uid", "iid"],
|
||||||
|
]
|
||||||
|
];
|
||||||
$database["workerqueue"] = [
|
$database["workerqueue"] = [
|
||||||
"comment" => "Background tasks queue entries",
|
"comment" => "Background tasks queue entries",
|
||||||
"fields" => [
|
"fields" => [
|
||||||
|
|
|
@ -1049,7 +1049,7 @@ class Contact extends BaseObject
|
||||||
|
|
||||||
$contact = ($r[0]["contact-type"] == ACCOUNT_TYPE_COMMUNITY ? 'owner-id' : 'author-id');
|
$contact = ($r[0]["contact-type"] == ACCOUNT_TYPE_COMMUNITY ? 'owner-id' : 'author-id');
|
||||||
|
|
||||||
$r = q(item_query() . " AND `item`.`" . $contact . "` = %d AND " . $sql .
|
$r = q(item_query(local_user()) . " AND `item`.`" . $contact . "` = %d AND " . $sql .
|
||||||
" AND `item`.`verb` = '%s' ORDER BY `item`.`created` DESC LIMIT %d, %d",
|
" AND `item`.`verb` = '%s' ORDER BY `item`.`created` DESC LIMIT %d, %d",
|
||||||
intval($author_id), intval(local_user()), dbesc(ACTIVITY_POST),
|
intval($author_id), intval(local_user()), dbesc(ACTIVITY_POST),
|
||||||
intval($a->pager['start']), intval($a->pager['itemspage'])
|
intval($a->pager['start']), intval($a->pager['itemspage'])
|
||||||
|
|
|
@ -102,6 +102,32 @@ class Item extends BaseObject
|
||||||
dba::close($items);
|
dba::close($items);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief Delete an item for an user and notify others about it - if it was ours
|
||||||
|
*
|
||||||
|
* @param array $condition The condition for finding the item entries
|
||||||
|
* @param integer $uid User who wants to delete this item
|
||||||
|
*/
|
||||||
|
public static function deleteForUser($condition, $uid)
|
||||||
|
{
|
||||||
|
if ($uid == 0) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$items = dba::select('item', ['id', 'uid'], $condition);
|
||||||
|
while ($item = dba::fetch($items)) {
|
||||||
|
// "Deleting" global items just means hiding them
|
||||||
|
if ($item['uid'] == 0) {
|
||||||
|
dba::update('user-item', ['hidden' => true], ['iid' => $item['id'], 'uid' => $uid], true);
|
||||||
|
} elseif ($item['uid'] == $uid) {
|
||||||
|
self::deleteById($item['id'], PRIORITY_HIGH);
|
||||||
|
} else {
|
||||||
|
logger('Wrong ownership. Not deleting item ' . $item['id']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
dba::close($items);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Delete an item and notify others about it - if it was ours
|
* @brief Delete an item and notify others about it - if it was ours
|
||||||
*
|
*
|
||||||
|
@ -110,7 +136,7 @@ class Item extends BaseObject
|
||||||
*
|
*
|
||||||
* @return boolean success
|
* @return boolean success
|
||||||
*/
|
*/
|
||||||
public static function deleteById($item_id, $priority = PRIORITY_HIGH)
|
private static function deleteById($item_id, $priority = PRIORITY_HIGH)
|
||||||
{
|
{
|
||||||
// locate item to be deleted
|
// locate item to be deleted
|
||||||
$fields = ['id', 'uri', 'uid', 'parent', 'parent-uri', 'origin',
|
$fields = ['id', 'uri', 'uid', 'parent', 'parent-uri', 'origin',
|
||||||
|
@ -201,6 +227,13 @@ class Item extends BaseObject
|
||||||
|
|
||||||
// send the notification upstream/downstream
|
// send the notification upstream/downstream
|
||||||
Worker::add(['priority' => $priority, 'dont_fork' => true], "Notifier", "drop", intval($item['id']));
|
Worker::add(['priority' => $priority, 'dont_fork' => true], "Notifier", "drop", intval($item['id']));
|
||||||
|
} elseif ($item['uid'] != 0) {
|
||||||
|
|
||||||
|
// When we delete just our local user copy of an item, we have to set a marker to hide it
|
||||||
|
$global_item = dba::selectFirst('item', ['id'], ['uri' => $item['uri'], 'uid' => 0, 'deleted' => false]);
|
||||||
|
if (DBM::is_result($global_item)) {
|
||||||
|
dba::update('user-item', ['hidden' => true], ['iid' => $global_item['id'], 'uid' => $item['uid']], true);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
logger('Item with ID ' . $item_id . " has been deleted.", LOGGER_DEBUG);
|
logger('Item with ID ' . $item_id . " has been deleted.", LOGGER_DEBUG);
|
||||||
|
|
|
@ -2807,15 +2807,13 @@ class DFRN
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$entrytype = self::getEntryType($importer, $item);
|
if ($item["deleted"]) {
|
||||||
|
|
||||||
if (!$item["deleted"]) {
|
|
||||||
logger('deleting item '.$item["id"].' uri='.$uri, LOGGER_DEBUG);
|
|
||||||
} else {
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
Item::deleteById($item["id"]);
|
logger('deleting item '.$item['id'].' uri='.$uri, LOGGER_DEBUG);
|
||||||
|
|
||||||
|
Item::delete(['id' => $item['id']]);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -2785,7 +2785,7 @@ class Diaspora
|
||||||
|
|
||||||
while ($item = dba::fetch($r)) {
|
while ($item = dba::fetch($r)) {
|
||||||
// Fetch the parent item
|
// Fetch the parent item
|
||||||
$parent = dba::selectFirst('item', ['author-link', 'origin'], ['id' => $item["parent"]]);
|
$parent = dba::selectFirst('item', ['author-link'], ['id' => $item["parent"]]);
|
||||||
|
|
||||||
// Only delete it if the parent author really fits
|
// Only delete it if the parent author really fits
|
||||||
if (!link_compare($parent["author-link"], $contact["url"]) && !link_compare($item["author-link"], $contact["url"])) {
|
if (!link_compare($parent["author-link"], $contact["url"]) && !link_compare($item["author-link"], $contact["url"])) {
|
||||||
|
@ -2793,7 +2793,7 @@ class Diaspora
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
Item::deleteById($item["id"]);
|
Item::delete(['id' => $item['id']]);
|
||||||
|
|
||||||
logger("Deleted target ".$target_guid." (".$item["id"].") from user ".$item["uid"]." parent: ".$item["parent"], LOGGER_DEBUG);
|
logger("Deleted target ".$target_guid." (".$item["id"].") from user ".$item["uid"]." parent: ".$item["parent"], LOGGER_DEBUG);
|
||||||
}
|
}
|
||||||
|
|
|
@ -537,13 +537,12 @@ class OStatus
|
||||||
private static function deleteNotice($item)
|
private static function deleteNotice($item)
|
||||||
{
|
{
|
||||||
$condition = ['uid' => $item['uid'], 'author-link' => $item['author-link'], 'uri' => $item['uri']];
|
$condition = ['uid' => $item['uid'], 'author-link' => $item['author-link'], 'uri' => $item['uri']];
|
||||||
$deleted = dba::selectFirst('item', ['id', 'parent-uri'], $condition);
|
if (!dba::exists('item', $condition)) {
|
||||||
if (!DBM::is_result($deleted)) {
|
logger('Item from '.$item['author-link'].' with uri '.$item['uri'].' for user '.$item['uid']." wasn't found. We don't delete it.");
|
||||||
logger('Item from '.$item['author-link'].' with uri '.$item['uri'].' for user '.$item['uid']." wasn't found. We don't delete it. ");
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
Item::deleteById($deleted["id"]);
|
Item::delete($condition);
|
||||||
|
|
||||||
logger('Deleted item with uri '.$item['uri'].' for user '.$item['uid']);
|
logger('Deleted item with uri '.$item['uri'].' for user '.$item['uid']);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue