Merge pull request #5144 from annando/deleted-item
Fix for not being able to delete items you don't own
This commit is contained in:
commit
2e97cbe728
22 changed files with 123 additions and 78 deletions
2
boot.php
2
boot.php
|
@ -41,7 +41,7 @@ define('FRIENDICA_PLATFORM', 'Friendica');
|
|||
define('FRIENDICA_CODENAME', 'The Tazmans Flax-lily');
|
||||
define('FRIENDICA_VERSION', '2018.05-rc');
|
||||
define('DFRN_PROTOCOL_VERSION', '2.23');
|
||||
define('DB_UPDATE_VERSION', 1265);
|
||||
define('DB_UPDATE_VERSION', 1266);
|
||||
define('NEW_UPDATE_ROUTINE_VERSION', 1170);
|
||||
|
||||
/**
|
||||
|
|
12
database.sql
12
database.sql
|
@ -1,6 +1,6 @@
|
|||
-- ------------------------------------------
|
||||
-- Friendica 2018.05-rc (The Tazmans Flax-lily)
|
||||
-- DB_UPDATE_VERSION 1265
|
||||
-- DB_UPDATE_VERSION 1266
|
||||
-- ------------------------------------------
|
||||
|
||||
|
||||
|
@ -1076,6 +1076,16 @@ CREATE TABLE IF NOT EXISTS `userd` (
|
|||
INDEX `username` (`username`(32))
|
||||
) DEFAULT COLLATE utf8mb4_general_ci;
|
||||
|
||||
--
|
||||
-- TABLE user-item
|
||||
--
|
||||
CREATE TABLE IF NOT EXISTS `user-item` (
|
||||
`iid` int unsigned NOT NULL DEFAULT 0 COMMENT 'Item id',
|
||||
`uid` mediumint unsigned NOT NULL DEFAULT 0 COMMENT 'User id',
|
||||
`hidden` boolean NOT NULL DEFAULT '0' COMMENT 'Hidden marker',
|
||||
PRIMARY KEY(`uid`,`iid`)
|
||||
) DEFAULT COLLATE utf8mb4_general_ci;
|
||||
|
||||
--
|
||||
-- TABLE workerqueue
|
||||
--
|
||||
|
|
|
@ -1663,7 +1663,7 @@ function api_search($type)
|
|||
|
||||
$r = dba::p(
|
||||
"SELECT ".item_fieldlists()."
|
||||
FROM `item` ".item_joins()."
|
||||
FROM `item` ".item_joins(api_user())."
|
||||
WHERE ".item_condition()." AND (`item`.`uid` = 0 OR (`item`.`uid` = ? AND NOT `item`.`global`))
|
||||
AND `item`.`body` LIKE CONCAT('%',?,'%')
|
||||
$sql_extra
|
||||
|
@ -1827,7 +1827,7 @@ function api_statuses_public_timeline($type)
|
|||
"SELECT " . item_fieldlists() . "
|
||||
FROM `thread`
|
||||
STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
|
||||
" . item_joins() . "
|
||||
" . item_joins(api_user()) . "
|
||||
STRAIGHT_JOIN `user` ON `user`.`uid` = `thread`.`uid`
|
||||
AND NOT `user`.`hidewall`
|
||||
AND `verb` = ?
|
||||
|
@ -1856,7 +1856,7 @@ function api_statuses_public_timeline($type)
|
|||
$r = dba::p(
|
||||
"SELECT " . item_fieldlists() . "
|
||||
FROM `item`
|
||||
" . item_joins() . "
|
||||
" . item_joins(api_user()) . "
|
||||
STRAIGHT_JOIN `user` ON `user`.`uid` = `item`.`uid`
|
||||
AND NOT `user`.`hidewall`
|
||||
AND `verb` = ?
|
||||
|
@ -1930,7 +1930,7 @@ function api_statuses_networkpublic_timeline($type)
|
|||
"SELECT " . item_fieldlists() . "
|
||||
FROM `thread`
|
||||
STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
|
||||
" . item_joins() . "
|
||||
" . item_joins(api_user()) . "
|
||||
WHERE `thread`.`uid` = 0
|
||||
AND `verb` = ?
|
||||
AND NOT `thread`.`private`
|
||||
|
@ -2256,7 +2256,7 @@ function api_statuses_destroy($type)
|
|||
|
||||
$ret = api_statuses_show($type);
|
||||
|
||||
Item::deleteById($id);
|
||||
Item::deleteForUser(['id' => $id], api_user());
|
||||
|
||||
return $ret;
|
||||
}
|
||||
|
@ -4148,7 +4148,7 @@ function api_fr_photoalbum_delete($type)
|
|||
if (!DBM::is_result($photo_item)) {
|
||||
throw new InternalServerErrorException("problem with deleting items occured");
|
||||
}
|
||||
Item::deleteById($photo_item[0]['id']);
|
||||
Item::deleteForUser(['id' => $photo_item[0]['id']], api_user());
|
||||
}
|
||||
|
||||
// now let's delete all photos from the album
|
||||
|
@ -4441,7 +4441,7 @@ function api_fr_photo_delete($type)
|
|||
}
|
||||
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
|
||||
// to the user and the contacts of the users (drop_items() do all the necessary magic to avoid orphans in database and federate deletion)
|
||||
Item::deleteById($photo_item[0]['id']);
|
||||
Item::deleteForUser(['id' => $photo_item[0]['id']], api_user());
|
||||
|
||||
$answer = ['result' => 'deleted', 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.'];
|
||||
return api_format_data("photo_delete", $type, ['$result' => $answer]);
|
||||
|
|
|
@ -405,10 +405,12 @@ function visible_activity($item) {
|
|||
|
||||
/**
|
||||
* @brief SQL query for items
|
||||
*
|
||||
* @param int $uid user id
|
||||
*/
|
||||
function item_query() {
|
||||
function item_query($uid = 0) {
|
||||
return "SELECT " . item_fieldlists() . " FROM `item` " .
|
||||
item_joins() . " WHERE " . item_condition();
|
||||
item_joins($uid) . " WHERE " . item_condition();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -467,16 +469,19 @@ These Fields are not added below (yet). They are here to for bug search.
|
|||
|
||||
/**
|
||||
* @brief SQL join for contacts that are needed for displaying items
|
||||
*
|
||||
* @param int $uid user id
|
||||
*/
|
||||
function item_joins() {
|
||||
function item_joins($uid = 0) {
|
||||
return sprintf("STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
||||
AND NOT `contact`.`blocked`
|
||||
AND ((NOT `contact`.`readonly` AND NOT `contact`.`pending` AND (`contact`.`rel` IN (%s, %s)))
|
||||
OR `contact`.`self` OR (`item`.`id` != `item`.`parent`) OR `contact`.`uid` = 0)
|
||||
INNER JOIN `contact` AS `author` ON `author`.`id`=`item`.`author-id` AND NOT `author`.`blocked`
|
||||
INNER JOIN `contact` AS `owner` ON `owner`.`id`=`item`.`owner-id` AND NOT `owner`.`blocked`
|
||||
LEFT JOIN `user-item` ON `user-item`.`iid` = `item`.`id` AND `user-item`.`uid` = %d
|
||||
LEFT JOIN `event` ON `event-id` = `event`.`id`",
|
||||
CONTACT_IS_SHARING, CONTACT_IS_FRIEND
|
||||
CONTACT_IS_SHARING, CONTACT_IS_FRIEND, intval($uid)
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -484,7 +489,7 @@ function item_joins() {
|
|||
* @brief SQL condition for items that are needed for displaying items
|
||||
*/
|
||||
function item_condition() {
|
||||
return "`item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`";
|
||||
return "`item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated` AND (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`) ";
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -497,7 +502,7 @@ function item_condition() {
|
|||
* that are based on unique features of the calling module.
|
||||
*
|
||||
*/
|
||||
function conversation(App $a, $items, $mode, $update, $preview = false, $order = 'commented') {
|
||||
function conversation(App $a, $items, $mode, $update, $preview = false, $order = 'commented', $uid = 0) {
|
||||
require_once 'mod/proxy.php';
|
||||
|
||||
$ssl_state = ((local_user()) ? true : false);
|
||||
|
@ -521,7 +526,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order =
|
|||
$previewing = (($preview) ? ' preview ' : '');
|
||||
|
||||
if ($mode === 'network') {
|
||||
$items = conversation_add_children($items, false, $order);
|
||||
$items = conversation_add_children($items, false, $order, $uid);
|
||||
$profile_owner = local_user();
|
||||
if (!$update) {
|
||||
/*
|
||||
|
@ -582,7 +587,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order =
|
|||
. " var profile_page = 1; </script>";
|
||||
}
|
||||
} elseif ($mode === 'community') {
|
||||
$items = conversation_add_children($items, true, $order);
|
||||
$items = conversation_add_children($items, true, $order, $uid);
|
||||
$profile_owner = 0;
|
||||
if (!$update) {
|
||||
$live_update_div = '<div id="live-community"></div>' . "\r\n"
|
||||
|
@ -885,7 +890,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false, $order =
|
|||
*
|
||||
* @return array items with parents and comments
|
||||
*/
|
||||
function conversation_add_children($parents, $block_authors, $order) {
|
||||
function conversation_add_children($parents, $block_authors, $order, $uid) {
|
||||
$max_comments = Config::get('system', 'max_comments', 100);
|
||||
|
||||
if ($max_comments > 0) {
|
||||
|
@ -899,7 +904,7 @@ function conversation_add_children($parents, $block_authors, $order) {
|
|||
$block_sql = $block_authors ? "AND NOT `author`.`hidden` AND NOT `author`.`blocked`" : "";
|
||||
|
||||
foreach ($parents AS $parent) {
|
||||
$thread_items = dba::p(item_query()."AND `item`.`parent-uri` = ?
|
||||
$thread_items = dba::p(item_query(local_user())."AND `item`.`parent-uri` = ?
|
||||
AND `item`.`uid` IN (0, ?) $block_sql
|
||||
ORDER BY `item`.`uid` ASC, `item`.`commented` DESC" . $limit,
|
||||
$parent['uri'], local_user());
|
||||
|
|
|
@ -321,7 +321,7 @@ function drop_items($items) {
|
|||
|
||||
if (count($items)) {
|
||||
foreach ($items as $item) {
|
||||
$owner = Item::deleteById($item);
|
||||
$owner = Item::deleteForUser(['id' => $item], local_user());
|
||||
if ($owner && !$uid)
|
||||
$uid = $owner;
|
||||
}
|
||||
|
@ -393,7 +393,7 @@ function drop_item($id) {
|
|||
}
|
||||
|
||||
// delete the item
|
||||
Item::deleteById($item['id']);
|
||||
Item::deleteForUser(['id' => $item['id']], local_user());
|
||||
|
||||
goaway(System::baseUrl() . '/' . $_SESSION['return_url']);
|
||||
//NOTREACHED
|
||||
|
|
|
@ -555,14 +555,9 @@ function admin_page_deleteitem_post(App $a)
|
|||
if (strpos($guid, '/')) {
|
||||
$guid = substr($guid, strrpos($guid, '/') + 1);
|
||||
}
|
||||
// Now that we have the GUID get all IDs of the associated entries in the
|
||||
// item table of the DB and drop those items, which will also delete the
|
||||
// Now that we have the GUID, drop those items, which will also delete the
|
||||
// associated threads.
|
||||
$r = dba::select('item', ['id'], ['guid' => $guid]);
|
||||
while ($row = dba::fetch($r)) {
|
||||
Item::deleteById($row['id']);
|
||||
}
|
||||
dba::close($r);
|
||||
Item::delete(['guid' => $guid]);
|
||||
}
|
||||
|
||||
info(L10n::t('Item marked for deletion.') . EOL);
|
||||
|
|
|
@ -171,7 +171,7 @@ function community_content(App $a, $update = 0)
|
|||
$s = $r;
|
||||
}
|
||||
|
||||
$o .= conversation($a, $s, 'community', $update);
|
||||
$o .= conversation($a, $s, 'community', $update, false, 'commented', local_user());
|
||||
|
||||
if (!$update) {
|
||||
$o .= alt_pager($a, count($r));
|
||||
|
|
|
@ -346,7 +346,7 @@ function display_content(App $a, $update = false, $update_uid = 0) {
|
|||
return '';
|
||||
}
|
||||
|
||||
$r = dba::p(item_query()."AND `item`.`parent-uri` = (SELECT `parent-uri` FROM `item` WHERE `id` = ?)
|
||||
$r = dba::p(item_query(local_user())."AND `item`.`parent-uri` = (SELECT `parent-uri` FROM `item` WHERE `id` = ?)
|
||||
AND `item`.`uid` IN (0, ?) $sql_extra
|
||||
ORDER BY `item`.`uid` ASC, `parent` DESC, `gravity` ASC, `id` ASC",
|
||||
$item_id, local_user()
|
||||
|
@ -369,7 +369,7 @@ function display_content(App $a, $update = false, $update_uid = 0) {
|
|||
if (!$update) {
|
||||
$o .= "<script> var netargs = '?f=&item_id=" . $item_id . "'; </script>";
|
||||
}
|
||||
$o .= conversation($a, $items, 'display', $update_uid);
|
||||
$o .= conversation($a, $items, 'display', $update_uid, false, 'commented', local_user());
|
||||
|
||||
// Preparing the meta header
|
||||
$description = trim(HTML::toPlaintext(BBCode::convert($s[0]["body"], false), 0, true));
|
||||
|
|
|
@ -545,7 +545,7 @@ function events_content(App $a) {
|
|||
|
||||
// Delete only real events (no birthdays)
|
||||
if (DBM::is_result($ev) && $ev[0]['type'] == 'event') {
|
||||
$del = Item::deleteById($ev[0]['itemid']);
|
||||
$del = Item::deleteForUser(['id' => $ev[0]['itemid']], local_user());
|
||||
}
|
||||
|
||||
if ($del == 0) {
|
||||
|
|
|
@ -877,7 +877,7 @@ function item_content(App $a) {
|
|||
$o = '';
|
||||
if (($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
|
||||
if (is_ajax()) {
|
||||
$o = Item::deleteById($a->argv[2]);
|
||||
$o = Item::deleteForUser(['id' => $a->argv[2]], local_user());
|
||||
} else {
|
||||
$o = drop_item($a->argv[2]);
|
||||
}
|
||||
|
|
|
@ -345,7 +345,7 @@ function networkConversation($a, $items, $mode, $update, $ordering = '')
|
|||
// Set this so that the conversation function can find out contact info for our wall-wall items
|
||||
$a->page_contact = $a->contact;
|
||||
|
||||
$o = conversation($a, $items, $mode, $update, false, $ordering);
|
||||
$o = conversation($a, $items, $mode, $update, false, $ordering, local_user());
|
||||
|
||||
if (!$update) {
|
||||
if (PConfig::get(local_user(), 'system', 'infinite_scroll')) {
|
||||
|
@ -456,8 +456,8 @@ function networkFlatView(App $a, $update = 0)
|
|||
$items = q("SELECT %s FROM `item` $sql_post_table %s
|
||||
WHERE %s AND `item`.`uid` = %d
|
||||
ORDER BY `item`.`id` DESC $pager_sql ",
|
||||
item_fieldlists(), item_joins(), item_condition(),
|
||||
intval($_SESSION['uid'])
|
||||
item_fieldlists(), item_joins(local_user()), item_condition(),
|
||||
intval(local_user())
|
||||
);
|
||||
|
||||
$condition = ['unseen' => true, 'uid' => local_user()];
|
||||
|
@ -610,7 +610,7 @@ function networkThreadedView(App $a, $update, $parent)
|
|||
$sql_tag_nets = (($nets) ? sprintf(" AND `item`.`network` = '%s' ", dbesc($nets)) : '');
|
||||
|
||||
if ($gid) {
|
||||
$group = dba::selectFirst('group', ['name'], ['id' => $gid, 'uid' => $_SESSION['uid']]);
|
||||
$group = dba::selectFirst('group', ['name'], ['id' => $gid, 'uid' => local_user()]);
|
||||
if (!DBM::is_result($group)) {
|
||||
if ($update) {
|
||||
killme();
|
||||
|
@ -626,7 +626,7 @@ function networkThreadedView(App $a, $update, $parent)
|
|||
$contact_str_self = '';
|
||||
|
||||
$contact_str = implode(',', $contacts);
|
||||
$self = dba::selectFirst('contact', ['id'], ['uid' => $_SESSION['uid'], 'self' => true]);
|
||||
$self = dba::selectFirst('contact', ['id'], ['uid' => local_user(), 'self' => true]);
|
||||
if (DBM::is_result($self)) {
|
||||
$contact_str_self = $self['id'];
|
||||
}
|
||||
|
@ -774,12 +774,15 @@ function networkThreadedView(App $a, $update, $parent)
|
|||
AND (`item`.`parent-uri` != `item`.`uri`
|
||||
OR `contact`.`uid` = `item`.`uid` AND `contact`.`self`
|
||||
OR `contact`.`rel` IN (%d, %d) AND NOT `contact`.`readonly`)
|
||||
LEFT JOIN `user-item` ON `user-item`.`iid` = `item`.`id` AND `user-item`.`uid` = %d
|
||||
WHERE `item`.`uid` = %d AND `item`.`visible` AND NOT `item`.`deleted`
|
||||
AND (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`)
|
||||
AND NOT `item`.`moderated` AND $sql_extra4
|
||||
$sql_extra3 $sql_extra $sql_range $sql_nets
|
||||
ORDER BY `order_date` DESC LIMIT 100",
|
||||
intval(CONTACT_IS_SHARING),
|
||||
intval(CONTACT_IS_FRIEND),
|
||||
intval(local_user()),
|
||||
intval(local_user())
|
||||
);
|
||||
} else {
|
||||
|
@ -791,12 +794,15 @@ function networkThreadedView(App $a, $update, $parent)
|
|||
AND (`item`.`parent-uri` != `item`.`uri`
|
||||
OR `contact`.`uid` = `item`.`uid` AND `contact`.`self`
|
||||
OR `contact`.`rel` IN (%d, %d) AND NOT `contact`.`readonly`)
|
||||
LEFT JOIN `user-item` ON `user-item`.`iid` = `item`.`id` AND `user-item`.`uid` = %d
|
||||
WHERE `thread`.`uid` = %d AND `thread`.`visible` AND NOT `thread`.`deleted`
|
||||
AND NOT `thread`.`moderated`
|
||||
AND (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`)
|
||||
$sql_extra2 $sql_extra3 $sql_range $sql_extra $sql_nets
|
||||
ORDER BY `order_date` DESC $pager_sql",
|
||||
intval(CONTACT_IS_SHARING),
|
||||
intval(CONTACT_IS_FRIEND),
|
||||
intval(local_user()),
|
||||
intval(local_user())
|
||||
);
|
||||
}
|
||||
|
|
|
@ -82,7 +82,7 @@ function notes_content(App $a, $update = false)
|
|||
WHERE %s AND `item`.`uid` = %d AND `item`.`type` = 'note'
|
||||
AND `contact`.`self` AND `item`.`id` = `item`.`parent` AND NOT `item`.`wall`
|
||||
$sql_extra ",
|
||||
item_joins(),
|
||||
item_joins(local_user()),
|
||||
item_condition(),
|
||||
intval(local_user())
|
||||
);
|
||||
|
@ -97,7 +97,7 @@ function notes_content(App $a, $update = false)
|
|||
AND `item`.`id` = `item`.`parent` AND NOT `item`.`wall`
|
||||
$sql_extra
|
||||
ORDER BY `item`.`created` DESC LIMIT %d ,%d ",
|
||||
item_joins(),
|
||||
item_joins(local_user()),
|
||||
item_condition(),
|
||||
intval(local_user()),
|
||||
intval($a->pager['start']),
|
||||
|
@ -119,7 +119,7 @@ function notes_content(App $a, $update = false)
|
|||
$sql_extra
|
||||
ORDER BY `parent` DESC, `gravity` ASC, `item`.`id` ASC ",
|
||||
item_fieldlists(),
|
||||
item_joins(),
|
||||
item_joins(local_user()),
|
||||
item_condition(),
|
||||
intval(local_user()),
|
||||
dbesc($parents_str)
|
||||
|
|
|
@ -284,14 +284,7 @@ function photos_post(App $a)
|
|||
);
|
||||
|
||||
// find and delete the corresponding item with all the comments and likes/dislikes
|
||||
$r = q("SELECT `id` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
|
||||
intval($page_owner_uid)
|
||||
);
|
||||
if (DBM::is_result($r)) {
|
||||
foreach ($r as $rr) {
|
||||
Item::deleteById($rr['id']);
|
||||
}
|
||||
}
|
||||
Item::deleteForUser(['resource-id' => $res, 'uid' => $page_owner_uid], $page_owner_uid);
|
||||
|
||||
// Update the photo albums cache
|
||||
Photo::clearAlbumCache($page_owner_uid);
|
||||
|
@ -344,17 +337,12 @@ function photos_post(App $a)
|
|||
intval($page_owner_uid),
|
||||
dbesc($r[0]['resource-id'])
|
||||
);
|
||||
$i = q("SELECT `id` FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1",
|
||||
dbesc($r[0]['resource-id']),
|
||||
intval($page_owner_uid)
|
||||
);
|
||||
if (DBM::is_result($i)) {
|
||||
Item::deleteById($i[0]['id']);
|
||||
|
||||
Item::deleteForUser(['resource-id' => $r[0]['resource-id'], 'uid' => $page_owner_uid], $page_owner_uid);
|
||||
|
||||
// Update the photo albums cache
|
||||
Photo::clearAlbumCache($page_owner_uid);
|
||||
}
|
||||
}
|
||||
|
||||
goaway('photos/' . $a->data['user']['nickname']);
|
||||
return; // NOTREACHED
|
||||
|
|
|
@ -339,7 +339,7 @@ function profile_content(App $a, $update = 0)
|
|||
|
||||
$parents_str = implode(', ', $parents_arr);
|
||||
|
||||
$items = q(item_query() . " AND `item`.`uid` = %d
|
||||
$items = q(item_query($a->profile['profile_uid']) . " AND `item`.`uid` = %d
|
||||
AND `item`.`parent` IN (%s)
|
||||
$sql_extra ",
|
||||
intval($a->profile['profile_uid']),
|
||||
|
@ -365,7 +365,7 @@ function profile_content(App $a, $update = 0)
|
|||
}
|
||||
}
|
||||
|
||||
$o .= conversation($a, $items, 'profile', $update);
|
||||
$o .= conversation($a, $items, 'profile', $update, false, 'commented', local_user());
|
||||
|
||||
if (!$update) {
|
||||
$o .= alt_pager($a, count($items));
|
||||
|
|
|
@ -204,7 +204,7 @@ function search_content(App $a) {
|
|||
AND `term`.`otype` = %d AND `term`.`type` = %d AND `term`.`term` = '%s' AND `item`.`verb` = '%s'
|
||||
AND NOT `author`.`blocked` AND NOT `author`.`hidden`
|
||||
ORDER BY term.created DESC LIMIT %d , %d ",
|
||||
item_fieldlists(), item_joins(), item_condition(),
|
||||
item_fieldlists(), item_joins(local_user()), item_condition(),
|
||||
intval(local_user()),
|
||||
intval(TERM_OBJ_POST), intval(TERM_HASHTAG), dbesc(protect_sprintf($search)), dbesc(ACTIVITY_POST),
|
||||
intval($a->pager['start']), intval($a->pager['itemspage']));
|
||||
|
@ -219,7 +219,7 @@ function search_content(App $a) {
|
|||
AND NOT `author`.`blocked` AND NOT `author`.`hidden`
|
||||
$sql_extra
|
||||
GROUP BY `item`.`uri`, `item`.`id` ORDER BY `item`.`id` DESC LIMIT %d , %d",
|
||||
item_fieldlists(), item_joins(), item_condition(),
|
||||
item_fieldlists(), item_joins(local_user()), item_condition(),
|
||||
intval(local_user()),
|
||||
intval($a->pager['start']), intval($a->pager['itemspage']));
|
||||
}
|
||||
|
@ -241,7 +241,7 @@ function search_content(App $a) {
|
|||
]);
|
||||
|
||||
logger("Start Conversation for '".$search."'", LOGGER_DEBUG);
|
||||
$o .= conversation($a,$r,'search',false);
|
||||
$o .= conversation($a, $r, 'search', false, false, 'commented', local_user());
|
||||
|
||||
$o .= alt_pager($a,count($r));
|
||||
|
||||
|
|
|
@ -169,7 +169,7 @@ function videos_post(App $a) {
|
|||
);
|
||||
|
||||
if (DBM::is_result($i)) {
|
||||
Item::deleteById($i[0]['id']);
|
||||
Item::deleteForUser(['id' => $i[0]['id']], local_user());
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1786,6 +1786,17 @@ class DBStructure
|
|||
"username" => ["username(32)"],
|
||||
]
|
||||
];
|
||||
$database["user-item"] = [
|
||||
"comment" => "User specific item data",
|
||||
"fields" => [
|
||||
"iid" => ["type" => "int unsigned", "not null" => "1", "default" => "0", "primary" => "1", "relation" => ["item" => "id"], "comment" => "Item id"],
|
||||
"uid" => ["type" => "mediumint unsigned", "not null" => "1", "default" => "0", "primary" => "1", "relation" => ["user" => "uid"], "comment" => "User id"],
|
||||
"hidden" => ["type" => "boolean", "not null" => "1", "default" => "0", "comment" => "Marker to hide an item from the user"],
|
||||
],
|
||||
"indexes" => [
|
||||
"PRIMARY" => ["uid", "iid"],
|
||||
]
|
||||
];
|
||||
$database["workerqueue"] = [
|
||||
"comment" => "Background tasks queue entries",
|
||||
"fields" => [
|
||||
|
|
|
@ -1049,7 +1049,7 @@ class Contact extends BaseObject
|
|||
|
||||
$contact = ($r[0]["contact-type"] == ACCOUNT_TYPE_COMMUNITY ? 'owner-id' : 'author-id');
|
||||
|
||||
$r = q(item_query() . " AND `item`.`" . $contact . "` = %d AND " . $sql .
|
||||
$r = q(item_query(local_user()) . " AND `item`.`" . $contact . "` = %d AND " . $sql .
|
||||
" AND `item`.`verb` = '%s' ORDER BY `item`.`created` DESC LIMIT %d, %d",
|
||||
intval($author_id), intval(local_user()), dbesc(ACTIVITY_POST),
|
||||
intval($a->pager['start']), intval($a->pager['itemspage'])
|
||||
|
|
|
@ -102,6 +102,32 @@ class Item extends BaseObject
|
|||
dba::close($items);
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Delete an item for an user and notify others about it - if it was ours
|
||||
*
|
||||
* @param array $condition The condition for finding the item entries
|
||||
* @param integer $uid User who wants to delete this item
|
||||
*/
|
||||
public static function deleteForUser($condition, $uid)
|
||||
{
|
||||
if ($uid == 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
$items = dba::select('item', ['id', 'uid'], $condition);
|
||||
while ($item = dba::fetch($items)) {
|
||||
// "Deleting" global items just means hiding them
|
||||
if ($item['uid'] == 0) {
|
||||
dba::update('user-item', ['hidden' => true], ['iid' => $item['id'], 'uid' => $uid], true);
|
||||
} elseif ($item['uid'] == $uid) {
|
||||
self::deleteById($item['id'], PRIORITY_HIGH);
|
||||
} else {
|
||||
logger('Wrong ownership. Not deleting item ' . $item['id']);
|
||||
}
|
||||
}
|
||||
dba::close($items);
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Delete an item and notify others about it - if it was ours
|
||||
*
|
||||
|
@ -110,7 +136,7 @@ class Item extends BaseObject
|
|||
*
|
||||
* @return boolean success
|
||||
*/
|
||||
public static function deleteById($item_id, $priority = PRIORITY_HIGH)
|
||||
private static function deleteById($item_id, $priority = PRIORITY_HIGH)
|
||||
{
|
||||
// locate item to be deleted
|
||||
$fields = ['id', 'uri', 'uid', 'parent', 'parent-uri', 'origin',
|
||||
|
@ -201,6 +227,13 @@ class Item extends BaseObject
|
|||
|
||||
// send the notification upstream/downstream
|
||||
Worker::add(['priority' => $priority, 'dont_fork' => true], "Notifier", "drop", intval($item['id']));
|
||||
} elseif ($item['uid'] != 0) {
|
||||
|
||||
// When we delete just our local user copy of an item, we have to set a marker to hide it
|
||||
$global_item = dba::selectFirst('item', ['id'], ['uri' => $item['uri'], 'uid' => 0, 'deleted' => false]);
|
||||
if (DBM::is_result($global_item)) {
|
||||
dba::update('user-item', ['hidden' => true], ['iid' => $global_item['id'], 'uid' => $item['uid']], true);
|
||||
}
|
||||
}
|
||||
|
||||
logger('Item with ID ' . $item_id . " has been deleted.", LOGGER_DEBUG);
|
||||
|
|
|
@ -2807,15 +2807,13 @@ class DFRN
|
|||
}
|
||||
}
|
||||
|
||||
$entrytype = self::getEntryType($importer, $item);
|
||||
|
||||
if (!$item["deleted"]) {
|
||||
logger('deleting item '.$item["id"].' uri='.$uri, LOGGER_DEBUG);
|
||||
} else {
|
||||
if ($item["deleted"]) {
|
||||
return;
|
||||
}
|
||||
|
||||
Item::deleteById($item["id"]);
|
||||
logger('deleting item '.$item['id'].' uri='.$uri, LOGGER_DEBUG);
|
||||
|
||||
Item::delete(['id' => $item['id']]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -2785,7 +2785,7 @@ class Diaspora
|
|||
|
||||
while ($item = dba::fetch($r)) {
|
||||
// Fetch the parent item
|
||||
$parent = dba::selectFirst('item', ['author-link', 'origin'], ['id' => $item["parent"]]);
|
||||
$parent = dba::selectFirst('item', ['author-link'], ['id' => $item["parent"]]);
|
||||
|
||||
// Only delete it if the parent author really fits
|
||||
if (!link_compare($parent["author-link"], $contact["url"]) && !link_compare($item["author-link"], $contact["url"])) {
|
||||
|
@ -2793,7 +2793,7 @@ class Diaspora
|
|||
continue;
|
||||
}
|
||||
|
||||
Item::deleteById($item["id"]);
|
||||
Item::delete(['id' => $item['id']]);
|
||||
|
||||
logger("Deleted target ".$target_guid." (".$item["id"].") from user ".$item["uid"]." parent: ".$item["parent"], LOGGER_DEBUG);
|
||||
}
|
||||
|
|
|
@ -537,13 +537,12 @@ class OStatus
|
|||
private static function deleteNotice($item)
|
||||
{
|
||||
$condition = ['uid' => $item['uid'], 'author-link' => $item['author-link'], 'uri' => $item['uri']];
|
||||
$deleted = dba::selectFirst('item', ['id', 'parent-uri'], $condition);
|
||||
if (!DBM::is_result($deleted)) {
|
||||
if (!dba::exists('item', $condition)) {
|
||||
logger('Item from '.$item['author-link'].' with uri '.$item['uri'].' for user '.$item['uid']." wasn't found. We don't delete it.");
|
||||
return;
|
||||
}
|
||||
|
||||
Item::deleteById($deleted["id"]);
|
||||
Item::delete($condition);
|
||||
|
||||
logger('Deleted item with uri '.$item['uri'].' for user '.$item['uid']);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue