diff --git a/include/conversation.php b/include/conversation.php
index 5d64bcef7..ee68d8f5c 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -497,7 +497,6 @@ function conversation(App $a, $items, $mode, $update, $preview = false) {
$ssl_state = ((local_user()) ? true : false);
$profile_owner = 0;
- $page_writeable = false;
$live_update_div = '';
$arr_blocked = null;
@@ -517,7 +516,6 @@ function conversation(App $a, $items, $mode, $update, $preview = false) {
if ($mode === 'network') {
$profile_owner = local_user();
- $page_writeable = true;
if (!$update) {
/*
* The special div is needed for liveUpdate to kick in for this page.
@@ -545,7 +543,6 @@ function conversation(App $a, $items, $mode, $update, $preview = false) {
}
} elseif ($mode === 'profile') {
$profile_owner = $a->profile['profile_uid'];
- $page_writeable = can_write_wall($a,$profile_owner);
if (!$update) {
$tab = notags(trim($_GET['tab']));
@@ -563,7 +560,6 @@ function conversation(App $a, $items, $mode, $update, $preview = false) {
}
} elseif ($mode === 'notes') {
$profile_owner = local_user();
- $page_writeable = true;
if (!$update) {
$live_update_div = '' . "\r\n"
. "\r\n";
@@ -617,6 +611,12 @@ function conversation(App $a, $items, $mode, $update, $preview = false) {
$page_template = get_markup_template("conversation.tpl");
if ($items && count($items)) {
+ // Currently behind a config value. This allows the commenting and sharing of every public item.
+ if (Config::get('system', 'comment_public') && local_user()) {
+ $writable = ($items[0]['uid'] == 0) && in_array($items[0]['network'], array(NETWORK_OSTATUS, NETWORK_DIASPORA));
+ } else {
+ $writable = false;
+ }
if ($mode === 'network-new' || $mode === 'search' || $mode === 'community') {
@@ -832,7 +832,7 @@ function conversation(App $a, $items, $mode, $update, $preview = false) {
// Normal View
$page_template = get_markup_template("threaded_conversation.tpl");
- $conv = new Thread($mode, $preview);
+ $conv = new Thread($mode, $preview, $writable);
/*
* get all the topmost parents
diff --git a/mod/display.php b/mod/display.php
index 2d22637ec..12b10f36f 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -8,8 +8,7 @@ use Friendica\Model\Contact;
use Friendica\Protocol\DFRN;
function display_init(App $a) {
-
- if ((Config::get('system','block_public')) && (! local_user()) && (! remote_user())) {
+ if (Config::get('system','block_public') && !local_user() && !remote_user()) {
return;
}
@@ -30,10 +29,11 @@ function display_init(App $a) {
}
}
+ $r = false;
+
// If there is only one parameter, then check if this parameter could be a guid
if ($a->argc == 2) {
$nick = "";
- $itemuid = 0;
$r = false;
// Does the local user have this item?
@@ -44,7 +44,6 @@ function display_init(App $a) {
AND `guid` = ? AND `uid` = ? LIMIT 1", $a->argv[1], local_user());
if (DBM::is_result($r)) {
$nick = $a->user["nickname"];
- $itemuid = local_user();
}
}
@@ -53,68 +52,60 @@ function display_init(App $a) {
$r = dba::fetch_first("SELECT `id`, `parent`, `author-name`, `author-link`,
`author-avatar`, `network`, `body`, `uid`, `owner-link`
FROM `item` WHERE `visible` AND NOT `deleted` AND NOT `moderated`
- AND `allow_cid` = '' AND `allow_gid` = ''
- AND `deny_cid` = '' AND `deny_gid` = ''
AND NOT `private` AND `uid` = 0
AND `guid` = ? LIMIT 1", $a->argv[1]);
}
- // Or is it anywhere on the server?
if (!DBM::is_result($r)) {
- $r = dba::fetch_first("SELECT `item`.`id`, `item`.`parent`, `item`.`author-name`, `item`.`author-link`,
- `item`.`author-avatar`, `item`.`network`, `item`.`body`, `item`.`uid`, `item`.`owner-link`
- FROM `item` STRAIGHT_JOIN `user` ON `user`.`uid` = `item`.`uid`
- WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
- AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
- AND NOT `item`.`private` AND NOT `user`.`hidewall`
- AND `item`.`guid` = ? LIMIT 1", $a->argv[1]);
- }
-
- if (DBM::is_result($r)) {
-
- if (strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) {
- logger('Directly serving XML for id '.$r["id"], LOGGER_DEBUG);
- displayShowFeed($r["id"], false);
- }
-
- if ($r["id"] != $r["parent"]) {
- $r = dba::fetch_first("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item`
- WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
- AND `id` = ?", $r["parent"]);
- }
-
- $profiledata = display_fetchauthor($a, $r);
-
- if (strstr(normalise_link($profiledata["url"]), normalise_link(System::baseUrl()))) {
- $nickname = str_replace(normalise_link(System::baseUrl())."/profile/", "", normalise_link($profiledata["url"]));
-
- if (($nickname != $a->user["nickname"])) {
- $r = dba::fetch_first("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
- INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
- WHERE `user`.`nickname` = ? AND `profile`.`is-default` AND `contact`.`self` LIMIT 1",
- $nickname
- );
- if (DBM::is_result($r)) {
- $profiledata = $r;
- }
- $profiledata["network"] = NETWORK_DFRN;
- } else {
- $profiledata = array();
- }
- }
- } else {
$a->error = 404;
notice(t('Item not found.') . EOL);
return;
}
+ } elseif (($a->argc == 3) && ($nick == 'feed-item')) {
+ $r = dba::fetch_first("SELECT `id`, `parent`, `author-name`, `author-link`,
+ `author-avatar`, `network`, `body`, `uid`, `owner-link`
+ FROM `item` WHERE `visible` AND NOT `deleted` AND NOT `moderated`
+ AND NOT `private` AND `uid` = 0
+ AND `id` = ? LIMIT 1", $a->argv[2]);
+ }
+
+ if (DBM::is_result($r)) {
+ if (strstr($_SERVER['HTTP_ACCEPT'], 'application/atom+xml')) {
+ logger('Directly serving XML for id '.$r["id"], LOGGER_DEBUG);
+ displayShowFeed($r["id"], false);
+ }
+
+ if ($r["id"] != $r["parent"]) {
+ $r = dba::fetch_first("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid`, `owner-link` FROM `item`
+ WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
+ AND `id` = ?", $r["parent"]);
+ }
+
+ $profiledata = display_fetchauthor($a, $r);
+
+ if (strstr(normalise_link($profiledata["url"]), normalise_link(System::baseUrl()))) {
+ $nickname = str_replace(normalise_link(System::baseUrl())."/profile/", "", normalise_link($profiledata["url"]));
+
+ if (($nickname != $a->user["nickname"])) {
+ $r = dba::fetch_first("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
+ INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
+ WHERE `user`.`nickname` = ? AND `profile`.`is-default` AND `contact`.`self` LIMIT 1",
+ $nickname
+ );
+ if (DBM::is_result($r)) {
+ $profiledata = $r;
+ }
+ $profiledata["network"] = NETWORK_DFRN;
+ } else {
+ $profiledata = array();
+ }
+ }
}
profile_load($a, $nick, 0, $profiledata);
}
function display_fetchauthor($a, $item) {
-
$profiledata = array();
$profiledata["uid"] = -1;
$profiledata["nickname"] = $item["author-name"];
@@ -196,34 +187,27 @@ function display_fetchauthor($a, $item) {
return($profiledata);
}
-function display_content(App $a, $update = 0) {
-
- if ((Config::get('system','block_public')) && (! local_user()) && (! remote_user())) {
+function display_content(App $a, $update = false, $update_uid = 0) {
+ if (Config::get('system','block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
- require_once('include/security.php');
- require_once('include/conversation.php');
- require_once('include/acl_selectors.php');
-
+ require_once 'include/security.php';
+ require_once 'include/conversation.php';
+ require_once 'include/acl_selectors.php';
$o = '';
- if ($update) {
- $nick = $_REQUEST['nick'];
- } else {
- $nick = (($a->argc > 1) ? $a->argv[1] : '');
- }
-
if ($update) {
$item_id = $_REQUEST['item_id'];
- $a->profile = array('uid' => intval($update), 'profile_uid' => intval($update));
+ $item = dba::select('item', ['uid'], ['id' => $item_id], ['limit' => 1]);
+ $a->profile = array('uid' => intval($item['uid']), 'profile_uid' => intval($item['uid']));
} else {
$item_id = (($a->argc > 2) ? $a->argv[2] : 0);
if ($a->argc == 2) {
- $nick = "";
+ $item_parent = 0;
if (local_user()) {
$r = dba::fetch_first("SELECT `id`, `parent` FROM `item`
@@ -232,28 +216,12 @@ function display_content(App $a, $update = 0) {
if (DBM::is_result($r)) {
$item_id = $r["id"];
$item_parent = $r["parent"];
- $nick = $a->user["nickname"];
}
}
- if ($nick == "") {
- $r = dba::fetch_first("SELECT `user`.`nickname`, `item`.`id`, `item`.`parent` FROM `item` STRAIGHT_JOIN `user` ON `user`.`uid` = `item`.`uid`
- WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
- AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
- AND NOT `item`.`private` AND NOT `user`.`hidewall`
- AND `item`.`guid` = ?", $a->argv[1]);
- if (DBM::is_result($r)) {
- $item_id = $r["id"];
- $item_parent = $r["parent"];
- $nick = $r["nickname"];
- }
- }
- if ($nick == "") {
+ if ($item_parent == 0) {
$r = dba::fetch_first("SELECT `item`.`id`, `item`.`parent` FROM `item`
WHERE `item`.`visible` AND NOT `item`.`deleted` AND NOT `item`.`moderated`
- AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
AND NOT `item`.`private` AND `item`.`uid` = 0
AND `item`.`guid` = ?", $a->argv[1]);
if (DBM::is_result($r)) {
@@ -264,16 +232,6 @@ function display_content(App $a, $update = 0) {
}
}
- if ($item_id && !is_numeric($item_id)) {
- $r = dba::select('item', array('id', 'parent'), array('uri' => $item_id, 'uid' => $a->profile['uid']), array('limit' => 1));
- if (DBM::is_result($r)) {
- $item_id = $r["id"];
- $item_parent = $r["parent"];
- } else {
- $item_id = false;
- }
- }
-
if (!$item_id) {
$a->error = 404;
notice(t('Item not found.').EOL);
@@ -283,8 +241,9 @@ function display_content(App $a, $update = 0) {
// We are displaying an "alternate" link if that post was public. See issue 2864
$is_public = dba::exists('item', array('id' => $item_id, 'private' => false));
if ($is_public) {
- $alternate = System::baseUrl().'/display/'.$nick.'/'.$item_id.'.atom';
- $conversation = System::baseUrl().'/display/'.$nick.'/'.$item_parent.'/conversation.atom';
+ // For the atom feed the nickname doesn't matter at all, we only need the item id.
+ $alternate = System::baseUrl().'/display/feed-item/'.$item_id.'.atom';
+ $conversation = System::baseUrl().'/display/feed-item/'.$item_parent.'/conversation.atom';
} else {
$alternate = '';
$conversation = '';
@@ -333,22 +292,21 @@ function display_content(App $a, $update = 0) {
if (DBM::is_result($r)) {
$a->page_contact = $r;
}
- $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
+ $is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
- if ($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) {
+ if ($a->profile['hidewall'] && !$is_owner && !$remote_contact) {
notice(t('Access to this profile has been restricted.') . EOL);
return;
}
// We need the editor here to be able to reshare an item.
-
if ($is_owner) {
$x = array(
'is_owner' => true,
'allow_location' => $a->user['allow_location'],
'default_location' => $a->user['default-location'],
'nickname' => $a->user['nickname'],
- 'lockstate' => ( (is_array($a->user)) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))) ? 'lock' : 'unlock'),
+ 'lockstate' => (is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock'),
'acl' => populate_acl($a->user, true),
'bang' => '',
'visitor' => 'block',
@@ -358,13 +316,12 @@ function display_content(App $a, $update = 0) {
$o .= status_editor($a,$x,0,true);
}
- $sql_extra = item_permissions_sql($a->profile['uid'],$remote_contact,$groups);
+ $sql_extra = item_permissions_sql($a->profile['uid'], $remote_contact, $groups);
if ($update) {
- $r = dba::p("SELECT `id` FROM `item` WHERE `item`.`uid` = ?
- AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `id` = ?)
+ $r = dba::p("SELECT `id` FROM `item` WHERE
+ `item`.`parent` = (SELECT `parent` FROM `item` WHERE `id` = ?)
$sql_extra AND `unseen`",
- $a->profile['uid'],
$item_id
);
@@ -379,114 +336,81 @@ function display_content(App $a, $update = 0) {
$item_id
);
- if (!DBM::is_result($r) && local_user()) {
- // Check if this is another person's link to a post that we have
- $r = dba::fetch_first("SELECT `item`.uri FROM `item`
- WHERE (`item`.`id` = ? OR `item`.`uri` = ?)
- LIMIT 1",
- $item_id,
- $item_id
- );
- if (DBM::is_result($r)) {
- $item_uri = $r['uri'];
-
- $r = dba::p(item_query()." AND `item`.`uid` = ?
- AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `uri` = ? AND uid = ?)
- ORDER BY `parent` DESC, `gravity` ASC, `id` ASC",
- local_user(),
- $item_uri,
- local_user()
- );
- }
- }
-
- if (DBM::is_result($r)) {
- $s = dba::inArray($r);
-
- if ((local_user()) && (local_user() == $a->profile['uid'])) {
- $unseen = dba::select('item', array('id'), array('parent' => $s[0]['parent'], 'unseen' => true), array('limit' => 1));
- if (DBM::is_result($unseen)) {
- dba::update('item', array('unseen' => false), array('parent' => $s[0]['parent'], 'unseen' => true));
- }
- }
-
- $items = conv_sort($s, "`commented`");
-
- if (!$update) {
- $o .= "";
- }
- $o .= conversation($a, $items, 'display', $update);
-
- // Preparing the meta header
- require_once('include/bbcode.php');
- require_once("include/html2plain.php");
- $description = trim(html2plain(bbcode($s[0]["body"], false, false), 0, true));
- $title = trim(html2plain(bbcode($s[0]["title"], false, false), 0, true));
- $author_name = $s[0]["author-name"];
-
- $image = $a->remove_baseurl($s[0]["author-thumb"]);
-
- if ($title == "") {
- $title = $author_name;
- }
-
- // Limit the description to 160 characters
- if (strlen($description) > 160) {
- $description = substr($description, 0, 157) . '...';
- }
-
- $description = htmlspecialchars($description, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
- $title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
- $author_name = htmlspecialchars($author_name, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
-
- //
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
-
- // Schema.org microdata
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
-
- // Twitter cards
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
-
- // Dublin Core
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
-
- // Open Graph
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- $a->page['htmlhead'] .= ''."\n";
- // article:tag
-
+ if (!DBM::is_result($r)) {
+ notice(t('Item not found.') . EOL);
return $o;
}
- $r = dba::fetch_first("SELECT `id`,`deleted` FROM `item` WHERE `id` = ? OR `uri` = ? LIMIT 1",
- $item_id,
- $item_id
- );
- if (DBM::is_result($r)) {
- if ($r['deleted']) {
- notice(t('Item has been removed.') . EOL);
- } else {
- notice(t('Permission denied.') . EOL);
+
+ $s = dba::inArray($r);
+
+ if (local_user() && (local_user() == $a->profile['uid'])) {
+ $unseen = dba::select('item', array('id'), array('parent' => $s[0]['parent'], 'unseen' => true), array('limit' => 1));
+ if (DBM::is_result($unseen)) {
+ dba::update('item', array('unseen' => false), array('parent' => $s[0]['parent'], 'unseen' => true));
}
- } else {
- notice(t('Item not found.') . EOL);
}
+ $items = conv_sort($s, "`commented`");
+
+ if (!$update) {
+ $o .= "";
+ }
+ $o .= conversation($a, $items, 'display', $update_uid);
+
+ // Preparing the meta header
+ require_once 'include/bbcode.php';
+ require_once 'include/html2plain.php';
+ $description = trim(html2plain(bbcode($s[0]["body"], false, false), 0, true));
+ $title = trim(html2plain(bbcode($s[0]["title"], false, false), 0, true));
+ $author_name = $s[0]["author-name"];
+
+ $image = $a->remove_baseurl($s[0]["author-thumb"]);
+
+ if ($title == "") {
+ $title = $author_name;
+ }
+
+ // Limit the description to 160 characters
+ if (strlen($description) > 160) {
+ $description = substr($description, 0, 157) . '...';
+ }
+
+ $description = htmlspecialchars($description, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
+ $title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
+ $author_name = htmlspecialchars($author_name, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
+
+ //
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+
+ // Schema.org microdata
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+
+ // Twitter cards
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+
+ // Dublin Core
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+
+ // Open Graph
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ $a->page['htmlhead'] .= ''."\n";
+ // article:tag
+
return $o;
}
diff --git a/mod/item.php b/mod/item.php
index c35a48b7e..13877fb35 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -39,7 +39,7 @@ require_once 'include/items.php';
function item_post(App $a) {
- if ((! local_user()) && (! remote_user()) && (! x($_REQUEST, 'commenter'))) {
+ if (!local_user() && !remote_user() && !x($_REQUEST, 'commenter')) {
return;
}
@@ -81,8 +81,8 @@ function item_post(App $a) {
}
// Is this a reply to something?
- $parent = ((x($_REQUEST, 'parent')) ? intval($_REQUEST['parent']) : 0);
- $parent_uri = ((x($_REQUEST, 'parent_uri')) ? trim($_REQUEST['parent_uri']) : '');
+ $parent = (x($_REQUEST, 'parent') ? intval($_REQUEST['parent']) : 0);
+ $parent_uri = (x($_REQUEST, 'parent_uri') ? trim($_REQUEST['parent_uri']) : '');
$parent_item = null;
$parent_contact = null;
@@ -122,7 +122,7 @@ function item_post(App $a) {
}
}
- if (! DBM::is_result($r)) {
+ if (!DBM::is_result($r)) {
notice( t('Unable to locate original post.') . EOL);
if (x($_REQUEST, 'return')) {
goaway($return_path);
@@ -201,7 +201,7 @@ function item_post(App $a) {
// First check that the parent exists and it is a wall item.
- if ((x($_REQUEST, 'commenter')) && ((! $parent) || (! $parent_item['wall']))) {
+ if (x($_REQUEST, 'commenter') && (!$parent || !$parent_item['wall'])) {
notice(t('Permission denied.') . EOL) ;
if (x($_REQUEST, 'return')) {
goaway($return_path);
@@ -209,11 +209,14 @@ function item_post(App $a) {
killme();
}
+ // Allow commenting if it is an answer to a public post
+ $allow_comment = ($profile_uid == 0) && $parent && in_array($parent_item['network'], [NETWORK_OSTATUS, NETWORK_DIASPORA]);
+
/*
* Now check that it is a page_type of PAGE_BLOG, and that valid personal details
* have been provided, and run any anti-spam plugins
*/
- if ((! can_write_wall($a, $profile_uid)) && (! $allow_moderated)) {
+ if (!(can_write_wall($a, $profile_uid) || $allow_comment) && !$allow_moderated) {
notice(t('Permission denied.') . EOL) ;
if (x($_REQUEST, 'return')) {
goaway($return_path);
@@ -377,11 +380,11 @@ function item_post(App $a) {
$self = false;
$contact_id = 0;
- if ((local_user()) && (local_user() == $profile_uid)) {
+ if (local_user() && ((local_user() == $profile_uid) || $allow_comment)) {
$self = true;
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1",
intval($_SESSION['uid']));
- } elseif(remote_user()) {
+ } elseif (remote_user()) {
if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $profile_uid) {
@@ -404,10 +407,10 @@ function item_post(App $a) {
// get contact info for owner
- if ($profile_uid == local_user()) {
+ if ($profile_uid == local_user() || $allow_comment) {
$contact_record = $author;
} else {
- $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1",
intval($profile_uid)
);
if (DBM::is_result($r)) {
diff --git a/mod/share.php b/mod/share.php
index 864199f01..e97fa82dc 100644
--- a/mod/share.php
+++ b/mod/share.php
@@ -4,28 +4,26 @@ use Friendica\App;
use Friendica\Database\DBM;
function share_init(App $a) {
-
$post_id = (($a->argc > 1) ? intval($a->argv[1]) : 0);
- if((! $post_id) || (! local_user()))
+ if (!$post_id || !local_user()) {
killme();
+ }
$r = q("SELECT item.*, contact.network FROM `item`
- inner join contact on `item`.`contact-id` = `contact`.`id`
- WHERE `item`.`id` = %d AND `item`.`uid` = %d LIMIT 1",
-
- intval($post_id),
- intval(local_user())
+ INNER JOIN `contact` ON `item`.`contact-id` = `contact`.`id`
+ WHERE `item`.`id` = %d LIMIT 1",
+ intval($post_id)
);
- if(! DBM::is_result($r) || ($r[0]['private'] == 1))
+ if (!DBM::is_result($r) || ($r[0]['private'] == 1)) {
killme();
-
+ }
if (strpos($r[0]['body'], "[/share]") !== false) {
$pos = strpos($r[0]['body'], "[share");
$o = substr($r[0]['body'], $pos);
} else {
$o = share_header($r[0]['author-name'], $r[0]['author-link'], $r[0]['author-avatar'], $r[0]['guid'], $r[0]['created'], $r[0]['plink']);
- if($r[0]['title'])
+ if ($r[0]['title'])
$o .= '[b]'.$r[0]['title'].'[/b]'."\n";
$o .= $r[0]['body'];
$o.= "[/share]";
@@ -36,17 +34,17 @@ function share_init(App $a) {
}
function share_header($author, $profile, $avatar, $guid, $posted, $link) {
- $header = "[share author='".str_replace(array("'", "[", "]"), array("'", "[", "]"),$author).
- "' profile='".str_replace(array("'", "[", "]"), array("'", "[", "]"),$profile).
- "' avatar='".str_replace(array("'", "[", "]"), array("'", "[", "]"),$avatar);
+ $header = "[share author='".str_replace(array("'", "[", "]"), array("'", "[", "]"), $author).
+ "' profile='".str_replace(array("'", "[", "]"), array("'", "[", "]"), $profile).
+ "' avatar='".str_replace(array("'", "[", "]"), array("'", "[", "]"), $avatar);
- if ($guid)
- $header .= "' guid='".str_replace(array("'", "[", "]"), array("'", "[", "]"),$guid);
-
- if ($posted)
- $header .= "' posted='".str_replace(array("'", "[", "]"), array("'", "[", "]"),$posted);
-
- $header .= "' link='".str_replace(array("'", "[", "]"), array("'", "[", "]"),$link)."']";
+ if ($guid) {
+ $header .= "' guid='".str_replace(array("'", "[", "]"), array("'", "[", "]"), $guid);
+ }
+ if ($posted) {
+ $header .= "' posted='".str_replace(array("'", "[", "]"), array("'", "[", "]"), $posted);
+ }
+ $header .= "' link='".str_replace(array("'", "[", "]"), array("'", "[", "]"), $link)."']";
return $header;
}
diff --git a/mod/update_display.php b/mod/update_display.php
index 00109202e..0fbb3f942 100644
--- a/mod/update_display.php
+++ b/mod/update_display.php
@@ -15,7 +15,7 @@ function update_display_content(App $a)
echo "\r\n";
echo "";
- $text = display_content($a, $profile_uid);
+ $text = display_content($a, true, $profile_uid);
$pattern = "/]*) src=\"([^\"]*)\"/";
$replace = "getProfileOwner() == local_user()) && ($item['private'] != 1)) ? true : false);
+ $shareable = ((in_array($conv->getProfileOwner(), [0, local_user()]) && ($item['private'] != 1)) ? true : false);
+
if (local_user() && link_compare($a->contact['url'], $item['author-link'])) {
if ($item["event-id"] != 0) {
$edpost = array("events/event/".$item['event-id'], t("Edit"));
diff --git a/src/Object/Thread.php b/src/Object/Thread.php
index d159f41c9..2872fe4a0 100644
--- a/src/Object/Thread.php
+++ b/src/Object/Thread.php
@@ -27,11 +27,12 @@ class Thread extends BaseObject
* Constructor
*
* @param string $mode The mode
- * @param boolean $preview boolean value
+ * @param boolean $preview Are we in the preview mode?
+ * @param boolean $writable Override the writable check
*/
- public function __construct($mode, $preview)
+ public function __construct($mode, $preview, $writable = false)
{
- $this->setMode($mode);
+ $this->setMode($mode, $writable);
$this->preview = $preview;
}
@@ -39,10 +40,11 @@ class Thread extends BaseObject
* Set the mode we'll be displayed on
*
* @param string $mode The mode to set
+ * @param boolean $writable Override the writable check
*
* @return void
*/
- private function setMode($mode)
+ private function setMode($mode, $writable)
{
if ($this->getMode() == $mode) {
return;
@@ -62,7 +64,7 @@ class Thread extends BaseObject
break;
case 'display':
$this->profile_owner = $a->profile['uid'];
- $this->writable = can_write_wall($a, $this->profile_owner);
+ $this->writable = can_write_wall($a, $this->profile_owner) || $writable;
break;
default:
logger('[ERROR] Conversation::setMode : Unhandled mode ('. $mode .').', LOGGER_DEBUG);
diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php
index fd37a810c..eeedd6324 100644
--- a/src/Protocol/DFRN.php
+++ b/src/Protocol/DFRN.php
@@ -15,6 +15,7 @@ use Friendica\Database\DBM;
use Friendica\Model\Contact;
use Friendica\Model\GContact;
use Friendica\Model\Profile;
+use Friendica\Model\User;
use Friendica\Object\Image;
use Friendica\Protocol\OStatus;
use Friendica\Util\XML;
@@ -341,19 +342,15 @@ class DFRN
$items = $r;
$item = $r[0];
- $r = q(
- "SELECT `contact`.*, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`, `user`.`account-type`
- FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
- WHERE `contact`.`self` AND `user`.`uid` = %d LIMIT 1",
- intval($item['uid'])
- );
-
- if (!DBM::is_result($r)) {
- killme();
+ if ($item['uid'] != 0) {
+ $owner = User::getOwnerDataById($item['uid']);
+ if (!$owner) {
+ killme();
+ }
+ } else {
+ $owner = ['uid' => 0, 'nick' => 'feed-item'];
}
- $owner = $r[0];
-
$doc = new DOMDocument('1.0', 'utf-8');
$doc->formatOutput = true;
$type = 'html';
diff --git a/src/Worker/Delivery.php b/src/Worker/Delivery.php
index b3d3ecc14..192c5e815 100644
--- a/src/Worker/Delivery.php
+++ b/src/Worker/Delivery.php
@@ -14,6 +14,7 @@ use Friendica\Model\User;
use Friendica\Protocol\Diaspora;
use Friendica\Protocol\DFRN;
use Friendica\Protocol\Email;
+use dba;
require_once 'include/queue_fn.php';
require_once 'include/html2plain.php';
@@ -85,18 +86,17 @@ class Delivery {
$uid = $item_id;
} else {
// find ancestors
- $r = q("SELECT * FROM `item` WHERE `id` = %d AND visible = 1 AND moderated = 0 LIMIT 1",
- intval($item_id)
- );
+ $target_item = dba::fetch_first("SELECT `item`.*, `contact`.`uid` AS `cuid` FROM `item`
+ INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
+ WHERE `item`.`id` = ? AND `visible` AND NOT `moderated`", $item_id);
- if (!DBM::is_result($r) || !intval($r[0]['parent'])) {
+ if (!DBM::is_result($target_item) || !intval($target_item['parent'])) {
return;
}
- $target_item = $r[0];
- $parent_id = intval($r[0]['parent']);
- $uid = $r[0]['uid'];
- $updated = $r[0]['edited'];
+ $parent_id = intval($target_item['parent']);
+ $uid = $target_item['cuid'];
+ $updated = $target_item['edited'];
$items = q("SELECT `item`.*, `sign`.`signed_text`,`sign`.`signature`,`sign`.`signer`
FROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d AND visible = 1 AND moderated = 0 ORDER BY `id` ASC",
@@ -150,7 +150,7 @@ class Delivery {
$public_message = true;
- if (!($mail || $fsuggest || $relocate)) {
+ if (!$mail && !$fsuggest && !$relocate) {
$parent = $items[0];
// This is IMPORTANT!!!!
@@ -195,10 +195,10 @@ class Delivery {
$followup = true;
}
- if ((strlen($parent['allow_cid']))
- || (strlen($parent['allow_gid']))
- || (strlen($parent['deny_cid']))
- || (strlen($parent['deny_gid']))
+ if (strlen($parent['allow_cid'])
+ || strlen($parent['allow_gid'])
+ || strlen($parent['deny_cid'])
+ || strlen($parent['deny_gid'])
|| $parent["private"]) {
$public_message = false; // private recipients, not public
}
@@ -283,7 +283,6 @@ class Delivery {
// perform local delivery if we are on the same site
if (link_compare($basepath,System::baseUrl())) {
-
$nickname = basename($contact['url']);
if ($contact['issued-id']) {
$sql_extra = sprintf(" AND `dfrn-id` = '%s' ", dbesc($contact['issued-id']));
@@ -378,34 +377,35 @@ class Delivery {
}
if ($cmd === 'wall-new' || $cmd === 'comment-new') {
-
$it = null;
if ($cmd === 'wall-new') {
$it = $items[0];
} else {
- $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($item_id),
- intval($uid)
+ $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1",
+ intval($item_id)
);
- if (DBM::is_result($r))
+ if (DBM::is_result($r)) {
$it = $r[0];
+ }
}
- if (!$it)
+ if (!$it) {
break;
-
+ }
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($uid)
);
- if (!count($local_user))
+ if (!count($local_user)) {
break;
+ }
$reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
intval($uid)
);
- if ($r1 && $r1[0]['reply_to'])
+ if ($r1 && $r1[0]['reply_to']) {
$reply_to = $r1[0]['reply_to'];
+ }
$subject = (($it['title']) ? Email::encodeHeader($it['title'],'UTF-8') : t("\x28no subject\x29")) ;
@@ -435,8 +435,9 @@ class Delivery {
$headers .= "References: <".Email::iri2msgid($it["parent-uri"]).">";
// If Threading is enabled, write down the correct parent
- if (($it["thr-parent"] != "") && ($it["thr-parent"] != $it["parent-uri"]))
+ if (($it["thr-parent"] != "") && ($it["thr-parent"] != $it["parent-uri"])) {
$headers .= " <".Email::iri2msgid($it["thr-parent"]).">";
+ }
$headers .= "\n";
if (!$it['title']) {
@@ -451,39 +452,42 @@ class Delivery {
dbesc($it['parent-uri']),
intval($uid));
- if (DBM::is_result($r) && ($r[0]['title'] != ''))
+ if (DBM::is_result($r) && ($r[0]['title'] != '')) {
$subject = $r[0]['title'];
+ }
}
}
- if (strncasecmp($subject,'RE:',3))
+ if (strncasecmp($subject,'RE:',3)) {
$subject = 'Re: '.$subject;
+ }
}
Email::send($addr, $subject, $headers, $it);
}
break;
case NETWORK_DIASPORA:
- if ($public_message)
+ if ($public_message) {
$loc = 'public batch '.$contact['batch'];
- else
+ } else {
$loc = $contact['name'];
+ }
logger('delivery: diaspora batch deliver: '.$loc);
- if (Config::get('system','dfrn_only') || !Config::get('system','diaspora_enabled'))
+ if (Config::get('system','dfrn_only') || !Config::get('system','diaspora_enabled')) {
break;
-
+ }
if ($mail) {
Diaspora::sendMail($item,$owner,$contact);
break;
}
- if (!$normal_mode)
+ if (!$normal_mode) {
break;
-
- if (!$contact['pubkey'] && !$public_message)
+ }
+ if (!$contact['pubkey'] && !$public_message) {
break;
-
+ }
if (($target_item['deleted']) && (($target_item['uri'] === $target_item['parent-uri']) || $followup)) {
// top-level retraction
logger('diaspora retract: '.$loc);
diff --git a/src/Worker/Notifier.php b/src/Worker/Notifier.php
index e3eb6810a..e8dc25c5e 100644
--- a/src/Worker/Notifier.php
+++ b/src/Worker/Notifier.php
@@ -9,6 +9,7 @@ use Friendica\Core\Worker;
use Friendica\Database\DBM;
use Friendica\Model\Contact;
use Friendica\Model\Group;
+use Friendica\Model\User;
use Friendica\Network\Probe;
use Friendica\Protocol\Diaspora;
use Friendica\Protocol\OStatus;
@@ -76,7 +77,7 @@ class Notifier {
$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1",
intval($item_id)
);
- if (! count($message)) {
+ if (!count($message)) {
return;
}
$uid = $message[0]['uid'];
@@ -92,7 +93,7 @@ class Notifier {
);
$uid = $item_id;
$item_id = 0;
- if (! count($items)) {
+ if (!count($items)) {
return;
}
} elseif ($cmd === 'suggest') {
@@ -102,7 +103,7 @@ class Notifier {
$suggest = q("SELECT * FROM `fsuggest` WHERE `id` = %d LIMIT 1",
intval($item_id)
);
- if (! count($suggest)) {
+ if (!count($suggest)) {
return;
}
$uid = $suggest[0]['uid'];
@@ -115,9 +116,9 @@ class Notifier {
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `contact`.`uid` = %d AND `contact`.`self` LIMIT 1",
intval($item_id));
- if (!$r)
+ if (!$r) {
return;
-
+ }
$user = $r[0];
$r = q("SELECT * FROM `contact` WHERE NOT `self` AND `uid` = %d", intval($item_id));
@@ -137,30 +138,28 @@ class Notifier {
intval($uid), NETWORK_DFRN, NETWORK_DIASPORA);
} else {
// find ancestors
- $r = q("SELECT * FROM `item` WHERE `id` = %d AND visible = 1 AND moderated = 0 LIMIT 1",
- intval($item_id)
- );
+ $target_item = dba::fetch_first("SELECT `item`.*, `contact`.`uid` AS `cuid` FROM `item`
+ INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
+ WHERE `item`.`id` = ? AND `visible` AND NOT `moderated`", $item_id);
- if ((! DBM::is_result($r)) || (! intval($r[0]['parent']))) {
+ if (!DBM::is_result($target_item) || !intval($target_item['parent'])) {
return;
}
- $target_item = $r[0];
- $parent_id = intval($r[0]['parent']);
- $uid = $r[0]['uid'];
- $updated = $r[0]['edited'];
+ $parent_id = intval($target_item['parent']);
+ $uid = $target_item['cuid'];
+ $updated = $target_item['edited'];
$items = q("SELECT `item`.*, `sign`.`signed_text`,`sign`.`signature`,`sign`.`signer`
- FROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d AND visible = 1 AND moderated = 0 ORDER BY `id` ASC",
+ FROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d AND visible AND NOT moderated ORDER BY `id` ASC",
intval($parent_id)
);
- if (! count($items)) {
+ if (!count($items)) {
return;
}
// avoid race condition with deleting entries
-
if ($items[0]['deleted']) {
foreach ($items as $item) {
$item['deleted'] = 1;
@@ -171,24 +170,14 @@ class Notifier {
logger('notifier: top level post');
$top_level = true;
}
-
}
- $r = q("SELECT `contact`.*, `user`.`prvkey` AS `uprvkey`,
- `user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
- `user`.`page-flags`, `user`.`prvnets`, `user`.`account-type`
- FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
- WHERE `contact`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
- intval($uid)
- );
-
- if (! DBM::is_result($r)) {
+ $owner = User::getOwnerDataById($uid);
+ if (!$owner) {
return;
}
- $owner = $r[0];
-
- $walltowall = ((($top_level) && ($owner['id'] != $items[0]['contact-id'])) ? true : false);
+ $walltowall = ($top_level && ($owner['id'] != $items[0]['contact-id']) ? true : false);
// Should the post be transmitted to Diaspora?
$diaspora_delivery = true;
@@ -264,7 +253,7 @@ class Notifier {
// we will just use it as a fallback test
// later we will be able to use it as the primary test of whether or not to relay.
- if (! $target_item['origin']) {
+ if (!$target_item['origin']) {
$relay_to_owner = false;
}
if ($parent['origin']) {
@@ -306,7 +295,6 @@ class Notifier {
$push_notify = true;
if (($thr_parent && ($thr_parent[0]['network'] == NETWORK_OSTATUS)) || ($parent['network'] == NETWORK_OSTATUS)) {
-
$push_notify = true;
if ($parent["network"] == NETWORK_OSTATUS) {
@@ -336,15 +324,15 @@ class Notifier {
// don't send deletions onward for other people's stuff
- if ($target_item['deleted'] && (! intval($target_item['wall']))) {
+ if ($target_item['deleted'] && !intval($target_item['wall'])) {
logger('notifier: ignoring delete notification for non-wall item');
return;
}
- if ((strlen($parent['allow_cid']))
- || (strlen($parent['allow_gid']))
- || (strlen($parent['deny_cid']))
- || (strlen($parent['deny_gid']))) {
+ if (strlen($parent['allow_cid'])
+ || strlen($parent['allow_gid'])
+ || strlen($parent['deny_cid'])
+ || strlen($parent['deny_gid'])) {
$public_message = false; // private recipients, not public
}
@@ -356,7 +344,7 @@ class Notifier {
// if our parent is a public forum (forum_mode == 1), uplink to the origional author causing
// a delivery fork. private groups (forum_mode == 2) do not uplink
- if ((intval($parent['forum_mode']) == 1) && (! $top_level) && ($cmd !== 'uplink')) {
+ if ((intval($parent['forum_mode']) == 1) && !$top_level && ($cmd !== 'uplink')) {
Worker::add($a->queue['priority'], 'Notifier', 'uplink', $item_id);
}
@@ -379,12 +367,12 @@ class Notifier {
}
}
- if (count($url_recipients))
+ if (count($url_recipients)) {
logger('notifier: '.$target_item["guid"].' url_recipients ' . print_r($url_recipients,true));
+ }
$conversants = array_unique($conversants);
-
$recipients = array_unique(array_merge($recipients,$allow_people,$allow_groups));
$deny = array_unique(array_merge($deny_people,$deny_groups));
$recipients = array_diff($recipients,$deny);
@@ -395,7 +383,6 @@ class Notifier {
// If the thread parent is OStatus then do some magic to distribute the messages.
// We have not only to look at the parent, since it could be a Friendica thread.
if (($thr_parent && ($thr_parent[0]['network'] == NETWORK_OSTATUS)) || ($parent['network'] == NETWORK_OSTATUS)) {
-
$diaspora_delivery = false;
logger('Some parent is OStatus for '.$target_item["guid"]." - Author: ".$thr_parent[0]['author-link']." - Owner: ".$thr_parent[0]['owner-link'], LOGGER_DEBUG);
@@ -457,10 +444,10 @@ class Notifier {
$mail_disabled = ((function_exists('imap_open') && (!Config::get('system','imap_disabled'))) ? 0 : 1);
- if (! $mail_disabled) {
- if ((! strlen($target_item['allow_cid'])) && (! strlen($target_item['allow_gid']))
- && (! strlen($target_item['deny_cid'])) && (! strlen($target_item['deny_gid']))
- && (intval($target_item['pubmail']))) {
+ if (!$mail_disabled) {
+ if (!strlen($target_item['allow_cid']) && !strlen($target_item['allow_gid'])
+ && !strlen($target_item['deny_cid']) && !strlen($target_item['deny_gid'])
+ && intval($target_item['pubmail'])) {
$r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `network` = '%s'",
intval($uid),
dbesc(NETWORK_MAIL)
@@ -558,7 +545,7 @@ class Notifier {
continue;
}
- if ((! $mail) && (! $fsuggest) && (! $followup)) {
+ if (!$mail && !$fsuggest && !$followup) {
logger('notifier: delivery agent: '.$rr['name'].' '.$rr['id'].' '.$rr['network'].' '.$target_item["guid"]);
Worker::add(array('priority' => $a->queue['priority'], 'created' => $a->queue['created'], 'dont_fork' => true),
'Delivery', $cmd, $item_id, (int)$rr['id']);