Removed obsolete code
This commit is contained in:
parent
3dd94355b7
commit
1ddd2df4b8
9 changed files with 28 additions and 219 deletions
|
@ -26,10 +26,6 @@ use Friendica\Util\Temporal;
|
|||
|
||||
function cal_init(App $a)
|
||||
{
|
||||
if ($a->argc > 1) {
|
||||
DFRN::autoRedir($a, $a->argv[1]);
|
||||
}
|
||||
|
||||
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
|
||||
throw new \Friendica\Network\HTTPException\ForbiddenException(L10n::t('Access denied.'));
|
||||
}
|
||||
|
@ -117,9 +113,7 @@ function cal_content(App $a)
|
|||
$contact_id = remote_user($a->profile['profile_uid']);
|
||||
}
|
||||
|
||||
$groups = [];
|
||||
if ($contact_id) {
|
||||
$groups = Group::getIdsByContactId($contact_id);
|
||||
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
|
||||
intval($contact_id),
|
||||
intval($a->profile['profile_uid'])
|
||||
|
@ -137,7 +131,7 @@ function cal_content(App $a)
|
|||
}
|
||||
|
||||
// get the permissions
|
||||
$sql_perms = Item::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
|
||||
$sql_perms = Item::getPermissionsSQLByUserId($owner_uid);
|
||||
// we only want to have the events of the profile owner
|
||||
$sql_extra = " AND `event`.`cid` = 0 " . $sql_perms;
|
||||
|
||||
|
|
|
@ -53,16 +53,12 @@ function display_init(App $a)
|
|||
$nick = $a->user["nickname"];
|
||||
}
|
||||
// Is this item private but could be visible to the remove visitor?
|
||||
} elseif (remote_user()) {
|
||||
} elseif (remote_user($item['uid'])) {
|
||||
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
|
||||
if (DBA::isResult($item)) {
|
||||
if (!Contact::isFollower(remote_user(), $item['uid'])) {
|
||||
$item = null;
|
||||
} else {
|
||||
$item_user = $item['uid'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Is it an item with uid=0?
|
||||
if (!DBA::isResult($item)) {
|
||||
|
@ -229,9 +225,9 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
|||
$item_parent = $item["parent"];
|
||||
$item_parent_uri = $item['parent-uri'];
|
||||
}
|
||||
} elseif (remote_user()) {
|
||||
} elseif (remote_user($item['uid'])) {
|
||||
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
|
||||
if (DBA::isResult($item) && Contact::isFollower(remote_user(), $item['uid'])) {
|
||||
if (DBA::isResult($item)) {
|
||||
$item_id = $item["id"];
|
||||
$item_parent = $item["parent"];
|
||||
$item_parent_uri = $item['parent-uri'];
|
||||
|
@ -269,8 +265,6 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
|||
['$alternate' => $alternate,
|
||||
'$conversation' => $conversation]);
|
||||
|
||||
$groups = [];
|
||||
$remote_cid = null;
|
||||
$is_remote_contact = false;
|
||||
$item_uid = local_user();
|
||||
|
||||
|
@ -279,24 +273,19 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
|||
if (DBA::isResult($parent)) {
|
||||
$a->profile['uid'] = defaults($a->profile, 'uid', $parent['uid']);
|
||||
$a->profile['profile_uid'] = defaults($a->profile, 'profile_uid', $parent['uid']);
|
||||
$is_remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']);
|
||||
|
||||
$is_remote_contact = remote_user($a->profile['profile_uid']);
|
||||
if ($is_remote_contact) {
|
||||
$cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
|
||||
if (!empty($cdata['user'])) {
|
||||
$groups = Group::getIdsByContactId($cdata['user']);
|
||||
$remote_cid = $cdata['user'];
|
||||
$item_uid = $parent['uid'];
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$page_contact = DBA::selectFirst('contact', [], ['self' => true, 'uid' => $a->profile['uid']]);
|
||||
if (DBA::isResult($page_contact)) {
|
||||
$a->page_contact = $page_contact;
|
||||
}
|
||||
|
||||
$is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
|
||||
|
||||
if (!empty($a->profile['hidewall']) && !$is_owner && !$is_remote_contact) {
|
||||
|
@ -318,7 +307,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
|||
];
|
||||
$o .= status_editor($a, $x, 0, true);
|
||||
}
|
||||
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $is_remote_contact, $groups, $remote_cid);
|
||||
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid']);
|
||||
|
||||
if (local_user() && (local_user() == $a->profile['profile_uid'])) {
|
||||
$condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true];
|
||||
|
|
|
@ -35,10 +35,6 @@ use Friendica\Util\XML;
|
|||
|
||||
function photos_init(App $a) {
|
||||
|
||||
if ($a->argc > 1) {
|
||||
DFRN::autoRedir($a, $a->argv[1]);
|
||||
}
|
||||
|
||||
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
|
||||
return;
|
||||
}
|
||||
|
@ -156,12 +152,9 @@ function photos_post(App $a)
|
|||
$can_post = true;
|
||||
} elseif ($community_page && !empty(remote_user($page_owner_uid))) {
|
||||
$contact_id = remote_user($page_owner_uid);
|
||||
|
||||
if (DBA::exists('contact', ['id' => $contact_id, 'uid' => $page_owner_uid, 'blocked' => false, 'pending' => false])) {
|
||||
$can_post = true;
|
||||
$visitor = $contact_id;
|
||||
}
|
||||
}
|
||||
|
||||
if (!$can_post) {
|
||||
notice(L10n::t('Permission denied.') . EOL);
|
||||
|
@ -892,12 +885,9 @@ function photos_content(App $a)
|
|||
}
|
||||
}
|
||||
|
||||
$groups = [];
|
||||
|
||||
// perhaps they're visiting - but not a community page, so they wouldn't have write access
|
||||
if (!empty(remote_user($owner_uid)) && !$visitor) {
|
||||
$contact_id = remote_user($owner_uid);
|
||||
$groups = Group::getIdsByContactId($contact_id);
|
||||
|
||||
$contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]);
|
||||
|
||||
|
@ -914,7 +904,7 @@ function photos_content(App $a)
|
|||
return;
|
||||
}
|
||||
|
||||
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
|
||||
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid, $remote_contact);
|
||||
|
||||
$o = "";
|
||||
|
||||
|
|
|
@ -22,10 +22,6 @@ use Friendica\Util\Security;
|
|||
|
||||
function videos_init(App $a)
|
||||
{
|
||||
if ($a->argc > 1) {
|
||||
DFRN::autoRedir($a, $a->argv[1]);
|
||||
}
|
||||
|
||||
if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) {
|
||||
return;
|
||||
}
|
||||
|
@ -156,44 +152,23 @@ function videos_content(App $a)
|
|||
$can_post = true;
|
||||
} elseif ($community_page && !empty(remote_user($owner_uid))) {
|
||||
$contact_id = remote_user($owner_uid);
|
||||
|
||||
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
|
||||
intval($contact_id),
|
||||
intval($owner_uid)
|
||||
);
|
||||
|
||||
if (DBA::isResult($r)) {
|
||||
$can_post = true;
|
||||
$remote_contact = true;
|
||||
$visitor = $contact_id;
|
||||
}
|
||||
}
|
||||
|
||||
$groups = [];
|
||||
|
||||
// perhaps they're visiting - but not a community page, so they wouldn't have write access
|
||||
if (!empty(remote_user($owner_uid)) && !$visitor) {
|
||||
$contact_id = remote_user($owner_uid);
|
||||
|
||||
if ($contact_id > 0) {
|
||||
$groups = Group::getIdsByContactId($contact_id);
|
||||
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
|
||||
intval($contact_id),
|
||||
intval($owner_uid)
|
||||
);
|
||||
|
||||
if (DBA::isResult($r)) {
|
||||
$remote_contact = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($a->data['user']['hidewall'] && (local_user() != $owner_uid) && (!$remote_contact)) {
|
||||
if ($a->data['user']['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) {
|
||||
notice(L10n::t('Access to this item is restricted.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
|
||||
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid);
|
||||
|
||||
$o = "";
|
||||
|
||||
|
|
|
@ -3260,15 +3260,11 @@ class Item extends BaseObject
|
|||
}
|
||||
}
|
||||
|
||||
public static function getPermissionsSQLByUserId($owner_id, $remote_verified = false, $groups = null, $remote_cid = null)
|
||||
public static function getPermissionsSQLByUserId($owner_id)
|
||||
{
|
||||
$local_user = local_user();
|
||||
$remote_user = remote_user($owner_id);
|
||||
|
||||
if (is_null($remote_cid)) {
|
||||
$remote_cid = $remote_user;
|
||||
}
|
||||
|
||||
/*
|
||||
* Construct permissions
|
||||
*
|
||||
|
@ -3287,7 +3283,7 @@ class Item extends BaseObject
|
|||
* If pre-verified, the caller is expected to have already
|
||||
* done this and passed the groups into this function.
|
||||
*/
|
||||
$set = PermissionSet::get($owner_id, $remote_cid, $groups);
|
||||
$set = PermissionSet::get($owner_id, $remote_user);
|
||||
|
||||
if (!empty($set)) {
|
||||
$sql_set = " OR (`item`.`private` IN (1,2) AND `item`.`wall` AND `item`.`psid` IN (" . implode(',', $set) . "))";
|
||||
|
|
|
@ -67,21 +67,20 @@ class PermissionSet extends BaseObject
|
|||
*
|
||||
* @param integer $uid User id whom the items belong
|
||||
* @param integer $contact_id Contact id of the visitor
|
||||
* @param array $groups Possibly previously fetched group ids for that contact
|
||||
*
|
||||
* @return array of permission set ids.
|
||||
* @throws \Exception
|
||||
*/
|
||||
|
||||
static public function get($uid, $contact_id, $groups = null)
|
||||
static public function get($uid, $contact_id)
|
||||
{
|
||||
if (empty($groups) && DBA::exists('contact', ['id' => $contact_id, 'uid' => $uid, 'blocked' => false])) {
|
||||
if (DBA::exists('contact', ['id' => $contact_id, 'uid' => $uid, 'blocked' => false])) {
|
||||
$groups = Group::getIdsByContactId($contact_id);
|
||||
}
|
||||
|
||||
if (empty($groups) || !is_array($groups)) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$group_str = '<<>>'; // should be impossible to match
|
||||
|
||||
foreach ($groups as $g) {
|
||||
|
|
|
@ -131,31 +131,17 @@ class Photo extends BaseObject
|
|||
*/
|
||||
public static function getPhoto($resourceid, $scale = 0)
|
||||
{
|
||||
$r = self::selectFirst(["uid", "allow_cid", "allow_gid", "deny_cid", "deny_gid"], ["resource-id" => $resourceid]);
|
||||
if ($r === false) {
|
||||
$r = self::selectFirst(["uid"], ["resource-id" => $resourceid]);
|
||||
if (!DBA::isResult($r)) {
|
||||
return false;
|
||||
}
|
||||
$uid = $r["uid"];
|
||||
|
||||
// This is the first place, when retrieving just a photo, that we know who owns the photo.
|
||||
// Check if the photo is public (empty allow and deny means public), if so, skip auth attempt, if not
|
||||
// make sure that the requester's session is appropriately authenticated to that user
|
||||
// otherwise permissions checks done by getPermissionsSQLByUserId() won't work correctly
|
||||
if (!empty($r["allow_cid"]) || !empty($r["allow_gid"]) || !empty($r["deny_cid"]) || !empty($r["deny_gid"])) {
|
||||
$r = DBA::selectFirst("user", ["nickname"], ["uid" => $uid], []);
|
||||
// this will either just return (if auth all ok) or will redirect and exit (starting over)
|
||||
DFRN::autoRedir(self::getApp(), $r["nickname"]);
|
||||
}
|
||||
$uid = $r["uid"];
|
||||
|
||||
$sql_acl = Security::getPermissionsSQLByUserId($uid);
|
||||
|
||||
$conditions = [
|
||||
"`resource-id` = ? AND `scale` <= ? " . $sql_acl,
|
||||
$resourceid, $scale
|
||||
];
|
||||
|
||||
$conditions = ["`resource-id` = ? AND `scale` <= ? " . $sql_acl, $resourceid, $scale];
|
||||
$params = ["order" => ["scale" => true]];
|
||||
|
||||
$photo = self::selectFirst([], $conditions, $params);
|
||||
|
||||
return $photo;
|
||||
|
|
|
@ -48,8 +48,6 @@ class Profile extends BaseModule
|
|||
if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') {
|
||||
self::$which = $a->user['nickname'];
|
||||
self::$profile = filter_var($a->argv[1], FILTER_SANITIZE_NUMBER_INT);
|
||||
} else {
|
||||
DFRN::autoRedir($a, self::$which);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -157,9 +155,6 @@ class Profile extends BaseModule
|
|||
return Login::form();
|
||||
}
|
||||
|
||||
$groups = [];
|
||||
$remote_cid = null;
|
||||
|
||||
$o = '';
|
||||
|
||||
if ($update) {
|
||||
|
@ -173,14 +168,6 @@ class Profile extends BaseModule
|
|||
$is_owner = local_user() == $a->profile['profile_uid'];
|
||||
$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . $remote_contact;
|
||||
|
||||
if ($remote_contact) {
|
||||
$cdata = ContactModel::getPublicAndUserContacID($remote_contact, $a->profile['profile_uid']);
|
||||
if (!empty($cdata['user'])) {
|
||||
$groups = Group::getIdsByContactId($cdata['user']);
|
||||
$remote_cid = $cdata['user'];
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) {
|
||||
notice(L10n::t('Access to this profile has been restricted.') . EOL);
|
||||
return '';
|
||||
|
@ -229,7 +216,7 @@ class Profile extends BaseModule
|
|||
}
|
||||
|
||||
// Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
|
||||
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $remote_contact, $groups, $remote_cid);
|
||||
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid']);
|
||||
$sql_extra2 = '';
|
||||
|
||||
$last_updated_array = Session::get('last_updated', []);
|
||||
|
|
|
@ -2849,113 +2849,6 @@ class DFRN
|
|||
return 200;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param App $a App
|
||||
* @param string $contact_nick contact nickname
|
||||
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
|
||||
*/
|
||||
public static function autoRedir(App $a, $contact_nick)
|
||||
{
|
||||
// prevent looping
|
||||
if (!empty($_REQUEST['redir'])) {
|
||||
Logger::log('autoRedir might be looping because redirect has been redirected', Logger::DEBUG);
|
||||
// looping prevention also appears to sometimes prevent authentication for images
|
||||
// because browser may have multiple connections open and load an image on a connection
|
||||
// whose session wasn't updated when a previous redirect authenticated
|
||||
// Leaving commented in case looping reappears
|
||||
// return;
|
||||
}
|
||||
|
||||
if ((! $contact_nick) || ($contact_nick === $a->user['nickname'])) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (local_user()) {
|
||||
// We need to find out if $contact_nick is a user on this hub, and if so, if I
|
||||
// am a contact of that user. However, that user may have other contacts with the
|
||||
// same nickname as me on other hubs or other networks. Exclude these by requiring
|
||||
// that the contact have a local URL. I will be the only person with my nickname at
|
||||
// this URL, so if a result is found, then I am a contact of the $contact_nick user.
|
||||
//
|
||||
// We also have to make sure that I'm a legitimate contact--I'm not blocked or pending.
|
||||
|
||||
$baseurl = System::baseUrl();
|
||||
$domain_st = strpos($baseurl, "://");
|
||||
if ($domain_st === false) {
|
||||
return;
|
||||
}
|
||||
$baseurl = substr($baseurl, $domain_st + 3);
|
||||
$nurl = Strings::normaliseLink($baseurl);
|
||||
|
||||
$r = User::getByNickname($contact_nick, ["uid"]);
|
||||
$contact_uid = $r["uid"];
|
||||
|
||||
/// @todo Why is there a query for "url" *and* "nurl"? Especially this normalising is strange.
|
||||
$r = q("SELECT `id` FROM `contact` WHERE `uid` = (SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1)
|
||||
AND `nick` = '%s' AND NOT `self` AND (`url` LIKE '%%%s%%' OR `nurl` LIKE '%%%s%%') AND NOT `blocked` AND NOT `pending` LIMIT 1",
|
||||
DBA::escape($contact_nick),
|
||||
DBA::escape($a->user['nickname']),
|
||||
DBA::escape($baseurl),
|
||||
DBA::escape($nurl)
|
||||
);
|
||||
if ((! DBA::isResult($r))) {
|
||||
return;
|
||||
}
|
||||
// test if redirect authentication already succeeded
|
||||
// Note that "contact" in the sense used in the $contact_nick argument to this function
|
||||
// and the sense in the $remote[]["cid"] in the session are opposite.
|
||||
// In the session variable the user currently fetching is the contact
|
||||
// while $contact_nick is the nick of tho user who owns the stuff being fetched.
|
||||
if (Session::getVisitorContactIDForUserID($contact_uid) == $r[0]['id']) {
|
||||
return;
|
||||
}
|
||||
|
||||
$r = q("SELECT * FROM contact WHERE nick = '%s'
|
||||
AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1",
|
||||
DBA::escape($contact_nick),
|
||||
DBA::escape(Protocol::DFRN),
|
||||
intval(local_user()),
|
||||
DBA::escape($baseurl)
|
||||
);
|
||||
if (! DBA::isResult($r)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$cid = $r[0]['id'];
|
||||
|
||||
$dfrn_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']);
|
||||
|
||||
if ($r[0]['duplex'] && $r[0]['issued-id']) {
|
||||
$orig_id = $r[0]['issued-id'];
|
||||
$dfrn_id = '1:' . $orig_id;
|
||||
}
|
||||
if ($r[0]['duplex'] && $r[0]['dfrn-id']) {
|
||||
$orig_id = $r[0]['dfrn-id'];
|
||||
$dfrn_id = '0:' . $orig_id;
|
||||
}
|
||||
|
||||
// ensure that we've got a valid ID. There may be some edge cases with forums and non-duplex mode
|
||||
// that may have triggered some of the "went to {profile/intro} and got an RSS feed" issues
|
||||
|
||||
if (strlen($dfrn_id) < 3) {
|
||||
return;
|
||||
}
|
||||
|
||||
$sec = Strings::getRandomHex();
|
||||
|
||||
DBA::insert('profile_check', ['uid' => local_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, 'sec' => $sec, 'expire' => time() + 45]);
|
||||
|
||||
$url = curPageURL();
|
||||
|
||||
Logger::log('auto_redir: ' . $r[0]['name'] . ' ' . $sec, Logger::DEBUG);
|
||||
$dest = (($url) ? '&destination_url=' . $url : '');
|
||||
System::externalRedirect($r[0]['poll'] . '?dfrn_id=' . $dfrn_id
|
||||
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest);
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Returns the activity verb
|
||||
*
|
||||
|
|
Loading…
Reference in a new issue