Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1446 lines
44 KiB

10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
10 years ago
11 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
10 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
10 years ago
11 years ago
11 years ago
10 years ago
10 years ago
10 years ago
  1. <?php
  2. require_once('include/Photo.php');
  3. require_once('include/items.php');
  4. require_once('include/acl_selectors.php');
  5. require_once('include/bbcode.php');
  6. require_once('include/security.php');
  7. function photos_init(&$a) {
  8. if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
  9. return;
  10. }
  11. $o = '';
  12. if($a->argc > 1) {
  13. $nick = $a->argv[1];
  14. $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
  15. dbesc($nick)
  16. );
  17. if(! count($r))
  18. return;
  19. $a->data['user'] = $r[0];
  20. $sql_extra = permissions_sql($a->data['user']['uid']);
  21. $albums = q("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = %d $sql_extra ",
  22. intval($a->data['user']['uid'])
  23. );
  24. if(count($albums)) {
  25. $a->data['albums'] = $albums;
  26. $o .= '<div class="vcard">';
  27. $o .= '<div class="fn">' . $a->data['user']['username'] . '</div>';
  28. $o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_baseurl() . '/photo/profile/' . $a->data['user']['uid'] . '.jpg" alt="' . $a->data['user']['username'] . '" /></div>';
  29. $o .= '</div>';
  30. if(! intval($a->data['user']['hidewall'])) {
  31. $o .= '<div id="side-bar-photos-albums" class="widget">';
  32. $o .= '<h3>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h3>';
  33. $o .= '<ul>';
  34. foreach($albums as $album) {
  35. // don't show contact photos. We once translated this name, but then you could still access it under
  36. // a different language setting. Now we store the name in English and check in English (and translated for legacy albums).
  37. if((! strlen($album['album'])) || ($album['album'] === 'Contact Photos') || ($album['album'] === t('Contact Photos')))
  38. continue;
  39. $o .= '<li>' . '<a href="photos/' . $a->argv[1] . '/album/' . bin2hex($album['album']) . '" >' . $album['album'] . '</a></li>';
  40. }
  41. $o .= '</ul>';
  42. }
  43. if(local_user() && $a->data['user']['uid'] == local_user()) {
  44. $o .= '<div id="photo-albums-upload-link"><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/upload" >' .t('Upload New Photos') . '</a></div>';
  45. }
  46. $o .= '</div>';
  47. }
  48. if(! x($a->page,'aside'))
  49. $a->page['aside'] = '';
  50. $a->page['aside'] .= $o;
  51. $a->page['htmlhead'] .= "<script> var ispublic = '" . t('everybody') . "';" ;
  52. $a->page['htmlhead'] .= <<< EOT
  53. $(document).ready(function() {
  54. $('#contact_allow, #contact_deny, #group_allow, #group_deny').change(function() {
  55. var selstr;
  56. $('#contact_allow option:selected, #contact_deny option:selected, #group_allow option:selected, #group_deny option:selected').each( function() {
  57. selstr = $(this).text();
  58. $('#jot-perms-icon').removeClass('unlock').addClass('lock');
  59. $('#jot-public').hide();
  60. });
  61. if(selstr == null) {
  62. $('#jot-perms-icon').removeClass('lock').addClass('unlock');
  63. $('#jot-public').show();
  64. }
  65. }).trigger('change');
  66. });
  67. </script>
  68. EOT;
  69. }
  70. return;
  71. }
  72. function photos_post(&$a) {
  73. logger('mod-photos: photos_post: begin' , LOGGER_DEBUG);
  74. logger('mod_photos: REQUEST ' . print_r($_REQUEST,true), LOGGER_DATA);
  75. logger('mod_photos: FILES ' . print_r($_FILES,true), LOGGER_DATA);
  76. $can_post = false;
  77. $visitor = 0;
  78. $page_owner_uid = $a->data['user']['uid'];
  79. $community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false);
  80. if((local_user()) && (local_user() == $page_owner_uid))
  81. $can_post = true;
  82. else {
  83. if($community_page && remote_user()) {
  84. $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
  85. intval(remote_user()),
  86. intval($page_owner_uid)
  87. );
  88. if(count($r)) {
  89. $can_post = true;
  90. $visitor = remote_user();
  91. }
  92. }
  93. }
  94. if(! $can_post) {
  95. notice( t('Permission denied.') . EOL );
  96. killme();
  97. }
  98. $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
  99. WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1",
  100. intval($page_owner_uid)
  101. );
  102. if(! count($r)) {
  103. notice( t('Contact information unavailable') . EOL);
  104. logger('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
  105. killme();
  106. }
  107. $owner_record = $r[0];
  108. if(($a->argc > 3) && ($a->argv[2] === 'album')) {
  109. $album = hex2bin($a->argv[3]);
  110. if($album === t('Profile Photos') || $album === 'Contact Photos' || $album === t('Contact Photos')) {
  111. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  112. return; // NOTREACHED
  113. }
  114. $r = q("SELECT count(*) FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
  115. dbesc($album),
  116. intval($page_owner_uid)
  117. );
  118. if(! count($r)) {
  119. notice( t('Album not found.') . EOL);
  120. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  121. return; // NOTREACHED
  122. }
  123. $newalbum = notags(trim($_POST['albumname']));
  124. if($newalbum != $album) {
  125. q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
  126. dbesc($newalbum),
  127. dbesc($album),
  128. intval($page_owner_uid)
  129. );
  130. $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
  131. goaway($a->get_baseurl() . '/' . $newurl);
  132. return; // NOTREACHED
  133. }
  134. if($_POST['dropalbum'] == t('Delete Album')) {
  135. $res = array();
  136. // get the list of photos we are about to delete
  137. if($visitor) {
  138. $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'",
  139. intval($visitor),
  140. intval($page_owner_uid),
  141. dbesc($album)
  142. );
  143. }
  144. else {
  145. $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'",
  146. intval(local_user()),
  147. dbesc($album)
  148. );
  149. }
  150. if(count($r)) {
  151. foreach($r as $rr) {
  152. $res[] = "'" . dbesc($rr['rid']) . "'" ;
  153. }
  154. }
  155. else {
  156. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  157. return; // NOTREACHED
  158. }
  159. $str_res = implode(',', $res);
  160. // remove the associated photos
  161. q("DELETE FROM `photo` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
  162. intval($page_owner_uid)
  163. );
  164. // find and delete the corresponding item with all the comments and likes/dislikes
  165. $r = q("SELECT `parent-uri` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
  166. intval($page_owner_uid)
  167. );
  168. if(count($r)) {
  169. foreach($r as $rr) {
  170. q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
  171. dbesc(datetime_convert()),
  172. dbesc($rr['parent-uri']),
  173. intval($page_owner_uid)
  174. );
  175. $drop_id = intval($rr['id']);
  176. // send the notification upstream/downstream as the case may be
  177. if($rr['visible'])
  178. proc_run('php',"include/notifier.php","drop","$drop_id");
  179. }
  180. }
  181. }
  182. goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
  183. return; // NOTREACHED
  184. }
  185. if(($a->argc > 2) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) {
  186. // same as above but remove single photo
  187. if($visitor) {
  188. $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1",
  189. intval($visitor),
  190. intval($page_owner_uid),
  191. dbesc($a->argv[2])
  192. );
  193. }
  194. else {
  195. $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1",
  196. intval(local_user()),
  197. dbesc($a->argv[2])
  198. );
  199. }
  200. if(count($r)) {
  201. q("DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'",
  202. intval($page_owner_uid),
  203. dbesc($r[0]['resource-id'])
  204. );
  205. $i = q("SELECT * FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1",
  206. dbesc($r[0]['resource-id']),
  207. intval($page_owner_uid)
  208. );
  209. if(count($i)) {
  210. q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
  211. dbesc(datetime_convert()),
  212. dbesc(datetime_convert()),
  213. dbesc($i[0]['uri']),
  214. intval($page_owner_uid)
  215. );
  216. $url = $a->get_baseurl();
  217. $drop_id = intval($i[0]['id']);
  218. if($i[0]['visible'])
  219. proc_run('php',"include/notifier.php","drop","$drop_id");
  220. }
  221. }
  222. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  223. return; // NOTREACHED
  224. }
  225. if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
  226. $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : '');
  227. $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
  228. $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
  229. $albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
  230. $str_group_allow = perms2str($_POST['group_allow']);
  231. $str_contact_allow = perms2str($_POST['contact_allow']);
  232. $str_group_deny = perms2str($_POST['group_deny']);
  233. $str_contact_deny = perms2str($_POST['contact_deny']);
  234. $resource_id = $a->argv[2];
  235. if(! strlen($albname))
  236. $albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
  237. $p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC",
  238. dbesc($resource_id),
  239. intval($page_owner_uid)
  240. );
  241. if(count($p)) {
  242. $r = q("UPDATE `photo` SET `desc` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource-id` = '%s' AND `uid` = %d",
  243. dbesc($desc),
  244. dbesc($albname),
  245. dbesc($str_contact_allow),
  246. dbesc($str_group_allow),
  247. dbesc($str_contact_deny),
  248. dbesc($str_group_deny),
  249. dbesc($resource_id),
  250. intval($page_owner_uid)
  251. );
  252. }
  253. /* Don't make the item visible if the only change was the album name */
  254. $visibility = 0;
  255. if($p[0]['desc'] !== $desc || strlen($rawtags))
  256. $visibility = 1;
  257. if(! $item_id) {
  258. // Create item container
  259. $title = '';
  260. $uri = item_new_uri($a->get_hostname(),$page_owner_uid);
  261. $arr = array();
  262. $arr['uid'] = $page_owner_uid;
  263. $arr['uri'] = $uri;
  264. $arr['parent-uri'] = $uri;
  265. $arr['type'] = 'photo';
  266. $arr['wall'] = 1;
  267. $arr['resource-id'] = $p[0]['resource-id'];
  268. $arr['contact-id'] = $owner_record['id'];
  269. $arr['owner-name'] = $owner_record['name'];
  270. $arr['owner-link'] = $owner_record['url'];
  271. $arr['owner-avatar'] = $owner_record['thumb'];
  272. $arr['author-name'] = $owner_record['name'];
  273. $arr['author-link'] = $owner_record['url'];
  274. $arr['author-avatar'] = $owner_record['thumb'];
  275. $arr['title'] = $title;
  276. $arr['allow_cid'] = $p[0]['allow_cid'];
  277. $arr['allow_gid'] = $p[0]['allow_gid'];
  278. $arr['deny_cid'] = $p[0]['deny_cid'];
  279. $arr['deny_gid'] = $p[0]['deny_gid'];
  280. $arr['last-child'] = 1;
  281. $arr['visible'] = $visibility;
  282. $arr['origin'] = 1;
  283. $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $p[0]['resource-id'] . ']'
  284. . '[img]' . $a->get_baseurl() . '/photo/' . $p[0]['resource-id'] . '-' . $p[0]['scale'] . '.jpg' . '[/img]'
  285. . '[/url]';
  286. $item_id = item_store($arr);
  287. }
  288. if($item_id) {
  289. $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  290. intval($item_id),
  291. intval($page_owner_uid)
  292. );
  293. }
  294. if(count($r)) {
  295. $old_tag = $r[0]['tag'];
  296. $old_inform = $r[0]['inform'];
  297. }
  298. if(strlen($rawtags)) {
  299. $str_tags = '';
  300. $inform = '';
  301. // if the new tag doesn't have a namespace specifier (@foo or #foo) give it a hashtag
  302. $x = substr($rawtags,0,1);
  303. if($x !== '@' && $x !== '#')
  304. $rawtags = '#' . $rawtags;
  305. $taginfo = array();
  306. $tags = get_tags($rawtags);
  307. if(count($tags)) {
  308. foreach($tags as $tag) {
  309. if(isset($profile))
  310. unset($profile);
  311. if(strpos($tag,'@') === 0) {
  312. $name = substr($tag,1);
  313. if((strpos($name,'@')) || (strpos($name,'http://'))) {
  314. $newname = $name;
  315. $links = @lrdd($name);
  316. if(count($links)) {
  317. foreach($links as $link) {
  318. if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
  319. $profile = $link['@attributes']['href'];
  320. if($link['@attributes']['rel'] === 'salmon') {
  321. $salmon = '$url:' . str_replace(',','%sc',$link['@attributes']['href']);
  322. if(strlen($inform))
  323. $inform .= ',';
  324. $inform .= $salmon;
  325. }
  326. }
  327. }
  328. $taginfo[] = array($newname,$profile,$salmon);
  329. }
  330. else {
  331. $newname = $name;
  332. $alias = '';
  333. $tagcid = 0;
  334. if(strrpos($newname,'+'))
  335. $tagcid = intval(substr($newname,strrpos($newname,'+') + 1));
  336. if($tagcid) {
  337. $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  338. intval($tagcid),
  339. intval($profile_uid)
  340. );
  341. }
  342. elseif(strstr($name,'_') || strstr($name,' ')) {
  343. $newname = str_replace('_',' ',$name);
  344. $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
  345. dbesc($newname),
  346. intval($page_owner_uid)
  347. );
  348. }
  349. else {
  350. $r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
  351. dbesc($name),
  352. dbesc($name),
  353. intval($page_owner_uid)
  354. );
  355. }
  356. if(count($r)) {
  357. $newname = $r[0]['name'];
  358. $profile = $r[0]['url'];
  359. $notify = 'cid:' . $r[0]['id'];
  360. if(strlen($inform))
  361. $inform .= ',';
  362. $inform .= $notify;
  363. }
  364. }
  365. if($profile) {
  366. if(substr($notify,0,4) === 'cid:')
  367. $taginfo[] = array($newname,$profile,$notify,$r[0],'@[url=' . str_replace(',','%2c',$profile) . ']' . $newname . '[/url]');
  368. else
  369. $taginfo[] = array($newname,$profile,$notify,null,$str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]');
  370. if(strlen($str_tags))
  371. $str_tags .= ',';
  372. $profile = str_replace(',','%2c',$profile);
  373. $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]';
  374. }
  375. }
  376. }
  377. }
  378. $newtag = $old_tag;
  379. if(strlen($newtag) && strlen($str_tags))
  380. $newtag .= ',';
  381. $newtag .= $str_tags;
  382. $newinform = $old_inform;
  383. if(strlen($newinform) && strlen($inform))
  384. $newinform .= ',';
  385. $newinform .= $inform;
  386. $r = q("UPDATE `item` SET `tag` = '%s', `inform` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
  387. dbesc($newtag),
  388. dbesc($newinform),
  389. dbesc(datetime_convert()),
  390. dbesc(datetime_convert()),
  391. intval($item_id),
  392. intval($page_owner_uid)
  393. );
  394. $best = 0;
  395. foreach($p as $scales) {
  396. if(intval($scales['scale']) == 2) {
  397. $best = 2;
  398. break;
  399. }
  400. if(intval($scales['scale']) == 4) {
  401. $best = 4;
  402. break;
  403. }
  404. }
  405. if(count($taginfo)) {
  406. foreach($taginfo as $tagged) {
  407. $uri = item_new_uri($a->get_hostname(),$page_owner_uid);
  408. $arr = array();
  409. $arr['uid'] = $page_owner_uid;
  410. $arr['uri'] = $uri;
  411. $arr['parent-uri'] = $uri;
  412. $arr['type'] = 'activity';
  413. $arr['wall'] = 1;
  414. $arr['contact-id'] = $owner_record['id'];
  415. $arr['owner-name'] = $owner_record['name'];
  416. $arr['owner-link'] = $owner_record['url'];
  417. $arr['owner-avatar'] = $owner_record['thumb'];
  418. $arr['author-name'] = $owner_record['name'];
  419. $arr['author-link'] = $owner_record['url'];
  420. $arr['author-avatar'] = $owner_record['thumb'];
  421. $arr['title'] = '';
  422. $arr['allow_cid'] = $p[0]['allow_cid'];
  423. $arr['allow_gid'] = $p[0]['allow_gid'];
  424. $arr['deny_cid'] = $p[0]['deny_cid'];
  425. $arr['deny_gid'] = $p[0]['deny_gid'];
  426. $arr['last-child'] = 1;
  427. $arr['visible'] = 1;
  428. $arr['verb'] = ACTIVITY_TAG;
  429. $arr['object-type'] = ACTIVITY_OBJ_PERSON;
  430. $arr['target-type'] = ACTIVITY_OBJ_PHOTO;
  431. $arr['tag'] = $tagged[4];
  432. $arr['inform'] = $tagged[2];
  433. $arr['origin'] = 1;
  434. $arr['body'] = '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]' . ' ' . t('was tagged in a') . ' ' . '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . t('photo') . '[/url]' . ' ' . t('by') . ' ' . '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]' ;
  435. $arr['body'] .= "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . $a->get_baseurl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.jpg' . '[/img][/url]' . "\n" ;
  436. $arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>';
  437. $arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n");
  438. if($tagged[3])
  439. $arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $tagged[3]['photo'] . '" />' . "\n");
  440. $arr['object'] .= '</link></object>' . "\n";
  441. $arr['target'] = '<target><type>' . ACTIVITY_OBJ_PHOTO . '</type><title>' . $p[0]['desc'] . '</title><id>'
  442. . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '</id>';
  443. $arr['target'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '" />' . "\n" . '<link rel="preview" type="image/jpeg" href="' . $a->get_baseurl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.jpg' . '" />') . '</link></target>';
  444. $item_id = item_store($arr);
  445. if($item_id) {
  446. q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
  447. dbesc($a->get_baseurl() . '/display/' . $owner_record['nickname'] . '/' . $item_id),
  448. intval($page_owner_uid),
  449. intval($item_id)
  450. );
  451. proc_run('php',"include/notifier.php","tag","$item_id");
  452. }
  453. }
  454. }
  455. }
  456. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  457. return; // NOTREACHED
  458. }
  459. /**
  460. * default post action - upload a photo
  461. */
  462. call_hooks('photo_post_init', $_POST);
  463. /**
  464. * Determine the album to use
  465. */
  466. $album = notags(trim($_REQUEST['album']));
  467. $newalbum = notags(trim($_REQUEST['newalbum']));
  468. logger('mod/photos.php: photos_post(): album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG);
  469. if(! strlen($album)) {
  470. if(strlen($newalbum))
  471. $album = $newalbum;
  472. else
  473. $album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
  474. }
  475. /**
  476. *
  477. * We create a wall item for every photo, but we don't want to
  478. * overwhelm the data stream with a hundred newly uploaded photos.
  479. * So we will make the first photo uploaded to this album in the last several hours
  480. * visible by default, the rest will become visible over time when and if
  481. * they acquire comments, likes, dislikes, and/or tags
  482. *
  483. */
  484. $r = q("SELECT * FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR ",
  485. dbesc($album),
  486. intval($page_owner_uid)
  487. );
  488. if((! count($r)) || ($album == t('Profile Photos')))
  489. $visible = 1;
  490. else
  491. $visible = 0;
  492. if(intval($_REQUEST['not_visible']) || $_REQUEST['not_visible'] === 'true')
  493. $visible = 0;
  494. $str_group_allow = perms2str(((is_array($_REQUEST['group_allow'])) ? $_REQUEST['group_allow'] : explode(',',$_REQUEST['group_allow'])));
  495. $str_contact_allow = perms2str(((is_array($_REQUEST['contact_allow'])) ? $_REQUEST['contact_allow'] : explode(',',$_REQUEST['contact_allow'])));
  496. $str_group_deny = perms2str(((is_array($_REQUEST['group_deny'])) ? $_REQUEST['group_deny'] : explode(',',$_REQUEST['group_deny'])));
  497. $str_contact_deny = perms2str(((is_array($_REQUEST['contact_deny'])) ? $_REQUEST['contact_deny'] : explode(',',$_REQUEST['contact_deny'])));
  498. $ret = array('src' => '', 'filename' => '', 'filesize' => 0);
  499. call_hooks('photo_post_file',$ret);
  500. if(x($ret,'src') && x($ret,'filesize')) {
  501. $src = $ret['src'];
  502. $filename = $ret['filename'];
  503. $filesize = $ret['filesize'];
  504. }
  505. else {
  506. $src = $_FILES['userfile']['tmp_name'];
  507. $filename = basename($_FILES['userfile']['name']);
  508. $filesize = intval($_FILES['userfile']['size']);
  509. }
  510. logger('photos: upload: received file: ' . $filename . ' as ' . $src . ' ' . $filesize . ' bytes', LOGGER_DEBUG);
  511. $maximagesize = get_config('system','maximagesize');
  512. if(($maximagesize) && ($filesize > $maximagesize)) {
  513. notice( t('Image exceeds size limit of ') . $maximagesize . EOL);
  514. @unlink($src);
  515. $foo = 0;
  516. call_hooks('photo_post_end',$foo);
  517. return;
  518. }
  519. if(! $filesize) {
  520. notice( t('Image file is empty.') . EOL);
  521. @unlink($src);
  522. $foo = 0;
  523. call_hooks('photo_post_end',$foo);
  524. return;
  525. }
  526. logger('mod/photos.php: photos_post(): loading the contents of ' . $src , LOGGER_DEBUG);
  527. $imagedata = @file_get_contents($src);
  528. $ph = new Photo($imagedata);
  529. if(! $ph->is_valid()) {
  530. logger('mod/photos.php: photos_post(): unable to process image' , LOGGER_DEBUG);
  531. notice( t('Unable to process image.') . EOL );
  532. @unlink($src);
  533. $foo = 0;
  534. call_hooks('photo_post_end',$foo);
  535. killme();
  536. }
  537. @unlink($src);
  538. $width = $ph->getWidth();
  539. $height = $ph->getHeight();
  540. $smallest = 0;
  541. $photo_hash = photo_new_resource();
  542. $r = $ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
  543. if(! $r) {
  544. logger('mod/photos.php: photos_post(): image store failed' , LOGGER_DEBUG);
  545. notice( t('Image upload failed.') . EOL );
  546. killme();
  547. }
  548. if($width > 640 || $height > 640) {
  549. $ph->scaleImage(640);
  550. $ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
  551. $smallest = 1;
  552. }
  553. if($width > 320 || $height > 320) {
  554. $ph->scaleImage(320);
  555. $ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
  556. $smallest = 2;
  557. }
  558. $basename = basename($filename);
  559. $uri = item_new_uri($a->get_hostname(), $page_owner_uid);
  560. // Create item container
  561. $arr = array();
  562. $arr['uid'] = $page_owner_uid;
  563. $arr['uri'] = $uri;
  564. $arr['parent-uri'] = $uri;
  565. $arr['type'] = 'photo';
  566. $arr['wall'] = 1;
  567. $arr['resource-id'] = $photo_hash;
  568. $arr['contact-id'] = $owner_record['id'];
  569. $arr['owner-name'] = $owner_record['name'];
  570. $arr['owner-link'] = $owner_record['url'];
  571. $arr['owner-avatar'] = $owner_record['thumb'];
  572. $arr['author-name'] = $owner_record['name'];
  573. $arr['author-link'] = $owner_record['url'];
  574. $arr['author-avatar'] = $owner_record['thumb'];
  575. $arr['title'] = '';
  576. $arr['allow_cid'] = $str_contact_allow;
  577. $arr['allow_gid'] = $str_group_allow;
  578. $arr['deny_cid'] = $str_contact_deny;
  579. $arr['deny_gid'] = $str_group_deny;
  580. $arr['last-child'] = 1;
  581. $arr['visible'] = $visible;
  582. $arr['origin'] = 1;
  583. $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo_hash . ']'
  584. . '[img]' . $a->get_baseurl() . "/photo/{$photo_hash}-{$smallest}.jpg" . '[/img]'
  585. . '[/url]';
  586. $item_id = item_store($arr);
  587. if($item_id) {
  588. q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
  589. dbesc($a->get_baseurl() . '/display/' . $owner_record['nickname'] . '/' . $item_id),
  590. intval($page_owner_uid),
  591. intval($item_id)
  592. );
  593. }
  594. if($visible)
  595. proc_run('php', "include/notifier.php", 'wall-new', $item_id);
  596. call_hooks('photo_post_end',intval($item_id));
  597. // addon uploaders should call "killme()" [e.g. exit] within the photo_post_end hook
  598. // if they do not wish to be redirected
  599. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  600. // NOTREACHED
  601. }
  602. function photos_content(&$a) {
  603. // URLs:
  604. // photos/name
  605. // photos/name/upload
  606. // photos/name/upload/xxxxx (xxxxx is album name)
  607. // photos/name/album/xxxxx
  608. // photos/name/album/xxxxx/edit
  609. // photos/name/image/xxxxx
  610. // photos/name/image/xxxxx/edit
  611. if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
  612. notice( t('Public access denied.') . EOL);
  613. return;
  614. }
  615. require_once('include/bbcode.php');
  616. require_once('include/security.php');
  617. require_once('include/conversation.php');
  618. if(! x($a->data,'user')) {
  619. notice( t('No photos selected') . EOL );
  620. return;
  621. }
  622. $_SESSION['photo_return'] = $a->cmd;
  623. //
  624. // Parse arguments
  625. //
  626. if($a->argc > 3) {
  627. $datatype = $a->argv[2];
  628. $datum = $a->argv[3];
  629. }
  630. elseif(($a->argc > 2) && ($a->argv[2] === 'upload'))
  631. $datatype = 'upload';
  632. else
  633. $datatype = 'summary';
  634. if($a->argc > 4)
  635. $cmd = $a->argv[4];
  636. else
  637. $cmd = 'view';
  638. //
  639. // Setup permissions structures
  640. //
  641. $can_post = false;
  642. $visitor = 0;
  643. $contact = null;
  644. $remote_contact = false;
  645. $owner_uid = $a->data['user']['uid'];
  646. $community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false);
  647. if((local_user()) && (local_user() == $owner_uid))
  648. $can_post = true;
  649. else {
  650. if($community_page && remote_user()) {
  651. $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
  652. intval(remote_user()),
  653. intval($owner_uid)
  654. );
  655. if(count($r)) {
  656. $can_post = true;
  657. $contact = $r[0];
  658. $remote_contact = true;
  659. $visitor = remote_user();
  660. }
  661. }
  662. }
  663. // perhaps they're visiting - but not a community page, so they wouldn't have write access
  664. if(remote_user() && (! $visitor)) {
  665. $contact_id = $_SESSION['visitor_id'];
  666. $groups = init_groups_visitor($contact_id);
  667. $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
  668. intval(remote_user()),
  669. intval($owner_uid)
  670. );
  671. if(count($r)) {
  672. $contact = $r[0];
  673. $remote_contact = true;
  674. }
  675. }
  676. if(! $remote_contact) {
  677. if(local_user()) {
  678. $contact_id = $_SESSION['cid'];
  679. $contact = $a->contact;
  680. }
  681. }
  682. if($a->data['user']['hidewall'] && (local_user() != $owner_uid) && (! $remote_contact)) {
  683. notice( t('Access to this item is restricted.') . EOL);
  684. return;
  685. }
  686. $sql_extra = permissions_sql($owner_uid,$remote_contact,$groups);
  687. $o = "";
  688. // tabs
  689. $_is_owner = (local_user() && (local_user() == $owner_uid));
  690. $o .= profile_tabs($a,$_is_owner, $a->data['user']['nickname']);
  691. //
  692. // dispatch request
  693. //
  694. if($datatype === 'upload') {
  695. if(! ($can_post)) {
  696. notice( t('Permission denied.'));
  697. return;
  698. }
  699. $selname = (($datum) ? hex2bin($datum) : '');
  700. $albumselect = '<select id="photos-upload-album-select" name="album" size="4">';
  701. $albumselect .= '<option value="" ' . ((! $selname) ? ' selected="selected" ' : '') . '>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
  702. if(count($a->data['albums'])) {
  703. foreach($a->data['albums'] as $album) {
  704. if(($album['album'] === '') || ($album['album'] === 'Contact Photos') || ($album['album'] === t('Contact Photos')))
  705. continue;
  706. $selected = (($selname === $album['album']) ? ' selected="selected" ' : '');
  707. $albumselect .= '<option value="' . $album['album'] . '"' . $selected . '>' . $album['album'] . '</option>';
  708. }
  709. }
  710. $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
  711. $albumselect .= '</select>';
  712. $uploader = '';
  713. $ret = array('post_url' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'],
  714. 'addon_text' => $uploader,
  715. 'default_upload' => true);
  716. call_hooks('photo_upload_form',$ret);
  717. $default_upload = '<input type="file" name="userfile" /> <div class="photos-upload-submit-wrapper" >
  718. <input type="submit" name="submit" value="' . t('Submit') . '" id="photos-upload-submit" /> </div>';
  719. $tpl = get_markup_template('photos_upload.tpl');
  720. $o .= replace_macros($tpl,array(
  721. '$pagename' => t('Upload Photos'),
  722. '$sessid' => session_id(),
  723. '$nickname' => $a->data['user']['nickname'],
  724. '$newalbum' => t('New album name: '),
  725. '$existalbumtext' => t('or existing album name: '),
  726. '$nosharetext' => t('Do not show a status post for this upload'),
  727. '$albumselect' => template_escape($albumselect),
  728. '$permissions' => t('Permissions'),
  729. '$aclselect' => (($visitor) ? '' : template_escape(populate_acl($a->user, $celeb))),
  730. '$uploader' => $ret['addon_text'],
  731. '$default' => (($ret['default_upload']) ? $default_upload : ''),
  732. '$uploadurl' => $ret['post_url']
  733. ));
  734. return $o;
  735. }
  736. if($datatype === 'album') {
  737. $album = hex2bin($datum);
  738. $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
  739. AND `scale` <= 4 $sql_extra GROUP BY `resource-id`",
  740. intval($owner_uid),
  741. dbesc($album)
  742. );
  743. if(count($r)) {
  744. $a->set_pager_total(count($r));
  745. $a->set_pager_itemspage(20);
  746. }
  747. $r = q("SELECT `resource-id`, `id`, `filename`, max(`scale`) AS `scale`, `desc` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
  748. AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d",
  749. intval($owner_uid),
  750. dbesc($album),
  751. intval($a->pager['start']),
  752. intval($a->pager['itemspage'])
  753. );
  754. $o .= '<h3>' . $album . '</h3>';
  755. if($cmd === 'edit') {
  756. if(($album !== t('Profile Photos')) && ($album !== 'Contact Photos') && ($album !== t('Contact Photos'))) {
  757. if($can_post) {
  758. $edit_tpl = get_markup_template('album_edit.tpl');
  759. $o .= replace_macros($edit_tpl,array(
  760. '$nametext' => t('New album name: '),
  761. '$nickname' => $a->data['user']['nickname'],
  762. '$album' => template_escape($album),
  763. '$hexalbum' => bin2hex($album),
  764. '$submit' => t('Submit'),
  765. '$dropsubmit' => t('Delete Album')
  766. ));
  767. }
  768. }
  769. }
  770. else {
  771. if(($album !== t('Profile Photos')) && ($album !== 'Contact Photos') && ($album !== t('Contact Photos'))) {
  772. if($can_post) {
  773. $o .= '<div id="album-edit-link"><a href="'. $a->get_baseurl() . '/photos/'
  774. . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '/edit' . '">'
  775. . t('Edit Album') . '</a></div>';
  776. }
  777. }
  778. }
  779. if($can_post) {
  780. $o .= '<div class="photos-upload-link" ><a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/upload/' . bin2hex($album) . '" >' . t('Upload New Photos') . '</a></div>';
  781. }
  782. $tpl = get_markup_template('photo_album.tpl');
  783. if(count($r))
  784. $twist = 'rotright';
  785. foreach($r as $rr) {
  786. if($twist == 'rotright')
  787. $twist = 'rotleft';
  788. else
  789. $twist = 'rotright';
  790. $o .= replace_macros($tpl,array(
  791. '$id' => $rr['id'],
  792. '$twist' => ' ' . $twist . rand(2,4),
  793. '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
  794. '$phototitle' => t('View Photo'),
  795. '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
  796. '$imgalt' => template_escape($rr['filename']),
  797. '$desc'=> template_escape($rr['desc'])
  798. ));
  799. }
  800. $o .= '<div id="photo-album-end"></div>';
  801. $o .= paginate($a);
  802. return $o;
  803. }
  804. if($datatype === 'image') {
  805. //$o = '';
  806. // fetch image, item containing image, then comments
  807. $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'
  808. $sql_extra ORDER BY `scale` ASC ",
  809. intval($owner_uid),
  810. dbesc($datum)
  811. );
  812. if(! count($ph)) {
  813. $ph = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'
  814. LIMIT 1",
  815. intval($owner_uid),
  816. dbesc($datum)
  817. );
  818. if(count($ph))
  819. notice( t('Permission denied. Access to this item may be restricted.'));
  820. else
  821. notice( t('Photo not available') . EOL );
  822. return;
  823. }
  824. $prevlink = '';
  825. $nextlink = '';
  826. $prvnxt = q("SELECT `resource-id` FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `scale` = 0
  827. $sql_extra ORDER BY `created` DESC ",
  828. dbesc($ph[0]['album']),
  829. intval($owner_uid)
  830. );
  831. if(count($prvnxt)) {
  832. for($z = 0; $z < count($prvnxt); $z++) {
  833. if($prvnxt[$z]['resource-id'] == $ph[0]['resource-id']) {
  834. $prv = $z - 1;
  835. $nxt = $z + 1;
  836. if($prv < 0)
  837. $prv = count($prvnxt) - 1;
  838. if($nxt >= count($prvnxt))
  839. $nxt = 0;
  840. break;
  841. }
  842. }
  843. $edit_suffix = ((($cmd === 'edit') && ($can_post)) ? '/edit' : '');
  844. $prevlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix;
  845. $nextlink = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix;
  846. }
  847. if(count($ph) == 1)
  848. $hires = $lores = $ph[0];
  849. if(count($ph) > 1) {
  850. if($ph[1]['scale'] == 2) {
  851. // original is 640 or less, we can display it directly
  852. $hires = $lores = $ph[0];
  853. }
  854. else {
  855. $hires = $ph[0];
  856. $lores = $ph[1];
  857. }
  858. }
  859. $album_link = $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($ph[0]['album']);
  860. $tools = Null;
  861. $lock = Null;
  862. if($can_post && ($ph[0]['uid'] == $owner_uid)) {
  863. $tools = array(
  864. 'edit' => array($a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . (($cmd === 'edit') ? '' : '/edit'), (($cmd === 'edit') ? t('View photo') : t('Edit photo'))),
  865. 'profile'=>array($a->get_baseurl() . '/profile_photo/use/'.$ph[0]['resource-id'], t('Use as profile photo')),
  866. );
  867. // lock
  868. $lock = ( ( ($ph[0]['uid'] == local_user()) && (strlen($ph[0]['allow_cid']) || strlen($ph[0]['allow_gid'])
  869. || strlen($ph[0]['deny_cid']) || strlen($ph[0]['deny_gid'])) )
  870. ? t('Private Message')
  871. : Null);
  872. }
  873. if(! $cmd !== 'edit') {
  874. $a->page['htmlhead'] .= '<script>
  875. $(document).keydown(function(event) {' . "\n";
  876. if($prevlink)
  877. $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 37) { event.preventDefault(); window.location.href = \'' . $prevlink . '\'; }' . "\n";
  878. if($nextlink)
  879. $a->page['htmlhead'] .= 'if(event.ctrlKey && event.keyCode == 39) { event.preventDefault(); window.location.href = \'' . $nextlink . '\'; }' . "\n";
  880. $a->page['htmlhead'] .= '});</script>';
  881. }
  882. if($prevlink)
  883. $prevlink = array($prevlink, '<div class="icon prev"></div>') ;
  884. $photo = array(
  885. 'href' => $a->get_baseurl() . '/photo/' . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg',
  886. 'title'=> t('View Full Size'),
  887. 'src' => $a->get_baseurl() . '/photo/' . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg'
  888. );
  889. if($nextlink)
  890. $nextlink = array($nextlink, '<div class="icon next"></div>');
  891. // Do we have an item for this photo?
  892. $linked_items = q("SELECT * FROM `item` WHERE `resource-id` = '%s' $sql_extra LIMIT 1",
  893. dbesc($datum)
  894. );
  895. if(count($linked_items)) {
  896. $link_item = $linked_items[0];
  897. $r = q("SELECT COUNT(*) AS `total`
  898. FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
  899. WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0
  900. AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
  901. AND `item`.`uid` = %d
  902. $sql_extra ",
  903. dbesc($link_item['uri']),
  904. dbesc($link_item['uri']),
  905. intval($link_item['uid'])
  906. );
  907. if(count($r))
  908. $a->set_pager_total($r[0]['total']);
  909. $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
  910. `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`,
  911. `contact`.`rel`, `contact`.`thumb`, `contact`.`self`,
  912. `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
  913. FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
  914. WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0 and `item`.`moderated` = 0
  915. AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
  916. AND `item`.`uid` = %d
  917. $sql_extra
  918. ORDER BY `parent` DESC, `id` ASC LIMIT %d ,%d ",
  919. dbesc($link_item['uri']),
  920. dbesc($link_item['uri']),
  921. intval($link_item['uid']),
  922. intval($a->pager['start']),
  923. intval($a->pager['itemspage'])
  924. );
  925. if((local_user()) && (local_user() == $link_item['uid'])) {
  926. q("UPDATE `item` SET `unseen` = 0 WHERE `parent` = %d and `uid` = %d",
  927. intval($link_item['parent']),
  928. intval(local_user())
  929. );
  930. }
  931. }
  932. $tags=Null;
  933. if(count($linked_items) && strlen($link_item['tag'])) {
  934. $arr = explode(',',$link_item['tag']);
  935. // parse tags and add links
  936. $tag_str = '';
  937. foreach($arr as $t) {
  938. if(strlen($tag_str))
  939. $tag_str .= ', ';
  940. $tag_str .= bbcode($t);
  941. }
  942. $tags = array(t('Tags: '), $tag_str);
  943. if($cmd === 'edit') {
  944. $tags[] = $a->get_baseurl() . '/tagrm/' . $link_item['id'];
  945. $tags[] = t('[Remove any tag]');
  946. }
  947. }
  948. $edit = Null;
  949. if(($cmd === 'edit') && ($can_post)) {
  950. $edit_tpl = get_markup_template('photo_edit.tpl');
  951. $edit = replace_macros($edit_tpl, array(
  952. '$id' => $ph[0]['id'],
  953. '$album' => template_escape($ph[0]['album']),
  954. '$newalbum' => t('New album name'),
  955. '$nickname' => $a->data['user']['nickname'],
  956. '$resource_id' => $ph[0]['resource-id'],
  957. '$capt_label' => t('Caption'),
  958. '$caption' => template_escape($ph[0]['desc']),
  959. '$tag_label' => t('Add a Tag'),
  960. '$tags' => $link_item['tag'],
  961. '$permissions' => t('Permissions'),
  962. '$aclselect' => template_escape(populate_acl($ph[0])),
  963. '$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'),
  964. '$item_id' => ((count($linked_items)) ? $link_item['id'] : 0),
  965. '$submit' => t('Submit'),
  966. '$delete' => t('Delete Photo')
  967. ));
  968. }
  969. if(count($linked_items)) {
  970. $cmnt_tpl = get_markup_template('comment_item.tpl');
  971. $tpl = get_markup_template('photo_item.tpl');
  972. $return_url = $a->cmd;
  973. $like_tpl = get_markup_template('like_noshare.tpl');
  974. $likebuttons = '';
  975. if($can_post || can_write_wall($a,$owner_uid)) {
  976. $likebuttons = replace_macros($like_tpl,array(
  977. '$id' => $link_item['id'],
  978. '$likethis' => t("I like this \x28toggle\x29"),
  979. '$nolike' => t("I don't like this \x28toggle\x29"),
  980. '$share' => t('Share'),
  981. '$wait' => t('Please wait')
  982. ));
  983. }
  984. $comments = '';
  985. if(! count($r)) {
  986. if($can_post || can_write_wall($a,$owner_uid)) {
  987. if($link_item['last-child']) {
  988. $comments .= replace_macros($cmnt_tpl,array(
  989. '$return_path' => '',
  990. '$jsreload' => $return_url,
  991. '$type' => 'wall-comment',
  992. '$id' => $link_item['id'],
  993. '$parent' => $link_item['id'],
  994. '$profile_uid' => $owner_uid,
  995. '$mylink' => $contact['url'],
  996. '$mytitle' => t('This is you'),
  997. '$myphoto' => $contact['thumb'],
  998. '$comment' => t('Comment'),
  999. '$submit' => t('Submit'),
  1000. '$preview' => t('Preview'),
  1001. '$ww' => ''
  1002. ));
  1003. }
  1004. }
  1005. }
  1006. $alike = array();
  1007. $dlike = array();
  1008. $like = '';
  1009. $dislike = '';
  1010. // display comments
  1011. if(count($r)) {
  1012. foreach($r as $item) {
  1013. like_puller($a,$item,$alike,'like');
  1014. like_puller($a,$item,$dlike,'dislike');
  1015. }
  1016. $like = ((isset($alike[$link_item['id']])) ? format_like($alike[$link_item['id']],$alike[$link_item['id'] . '-l'],'like',$link_item['id']) : '');
  1017. $dislike = ((isset($dlike[$link_item['id']])) ? format_like($dlike[$link_item['id']],$dlike[$link_item['id'] . '-l'],'dislike',$link_item['id']) : '');
  1018. if($can_post || can_write_wall($a,$owner_uid)) {
  1019. if($link_item['last-child']) {
  1020. $comments .= replace_macros($cmnt_tpl,array(
  1021. '$return_path' => '',
  1022. '$jsreload' => $return_url,
  1023. '$type' => 'wall-comment',
  1024. '$id' => $link_item['id'],
  1025. '$parent' => $link_item['id'],
  1026. '$profile_uid' => $owner_uid,
  1027. '$mylink' => $contact['url'],
  1028. '$mytitle' => t('This is you'),
  1029. '$myphoto' => $contact['thumb'],
  1030. '$comment' => t('Comment'),
  1031. '$submit' => t('Submit'),
  1032. '$ww' => ''
  1033. ));
  1034. }
  1035. }
  1036. foreach($r as $item) {
  1037. $comment = '';
  1038. $template = $tpl;
  1039. $sparkle = '';
  1040. if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent']))
  1041. continue;
  1042. $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ;
  1043. if($can_post || can_write_wall($a,$owner_uid)) {
  1044. if($item['last-child']) {
  1045. $comments .= replace_macros($cmnt_tpl,array(
  1046. '$return_path' => '',
  1047. '$jsreload' => $return_url,
  1048. '$type' => 'wall-comment',
  1049. '$id' => $item['item_id'],
  1050. '$parent' => $item['parent'],
  1051. '$profile_uid' => $owner_uid,
  1052. '$mylink' => $contact['url'],
  1053. '$mytitle' => t('This is you'),
  1054. '$myphoto' => $contact['thumb'],
  1055. '$comment' => t('Comment'),
  1056. '$submit' => t('Submit'),
  1057. '$ww' => ''
  1058. ));
  1059. }
  1060. }
  1061. if(local_user() && ($item['contact-uid'] == local_user())
  1062. && ($item['network'] == 'dfrn') && (! $item['self'] )) {
  1063. $profile_url = $redirect_url;
  1064. $sparkle = ' sparkle';
  1065. }
  1066. else {
  1067. $profile_url = $item['url'];
  1068. $sparkle = '';
  1069. }
  1070. $diff_author = (($item['url'] !== $item['author-link']) ? true : false);
  1071. $profile_name = (((strlen($item['author-name'])) && $diff_author) ? $item['author-name'] : $item['name']);
  1072. $profile_avatar = (((strlen($item['author-avatar'])) && $diff_author) ? $item['author-avatar'] : $item['thumb']);
  1073. $profile_link = $profile_url;
  1074. $drop = '';
  1075. if(($item['contact-id'] == remote_user()) || ($item['uid'] == local_user()))
  1076. $drop = replace_macros(get_markup_template('photo_drop.tpl'), array('$id' => $item['id'], '$delete' => t('Delete')));
  1077. $comments .= replace_macros($template,array(
  1078. '$id' => $item['item_id'],
  1079. '$profile_url' => $profile_link,
  1080. '$name' => template_escape($profile_name),
  1081. '$thumb' => $profile_avatar,
  1082. '$sparkle' => $sparkle,
  1083. '$title' => template_escape($item['title']),
  1084. '$body' => template_escape(bbcode($item['body'])),
  1085. '$ago' => relative_date($item['created']),
  1086. '$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''),
  1087. '$drop' => $drop,
  1088. '$comment' => $comment
  1089. ));
  1090. }
  1091. }
  1092. $paginate = paginate($a);
  1093. }
  1094. $photo_tpl = get_markup_template('photo_view.tpl');
  1095. $o .= replace_macros($photo_tpl, array(
  1096. '$id' => $ph[0]['id'],
  1097. '$album' => array($album_link,template_escape($ph[0]['album'])),
  1098. '$tools' => $tools,
  1099. '$lock' => $lock,
  1100. '$photo' => $photo,
  1101. '$prevlink' => $prevlink,
  1102. '$nextlink' => $nextlink,
  1103. '$desc' => $ph[0]['desc'],
  1104. '$tags' => template_escape($tags),
  1105. '$edit' => $edit,
  1106. '$likebuttons' => $likebuttons,
  1107. '$like' => template_escape($like),
  1108. '$dislike' => template_escape($dislike),
  1109. '$comments' => $comments,
  1110. '$paginate' => $paginate,
  1111. ));
  1112. return $o;
  1113. }
  1114. // Default - show recent photos with upload link (if applicable)
  1115. //$o = '';
  1116. $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
  1117. $sql_extra GROUP BY `resource-id`",
  1118. intval($a->data['user']['uid']),
  1119. dbesc('Contact Photos'),
  1120. dbesc( t('Contact Photos'))
  1121. );
  1122. if(count($r)) {
  1123. $a->set_pager_total(count($r));
  1124. $a->set_pager_itemspage(20);
  1125. }
  1126. $r = q("SELECT `resource-id`, `id`, `filename`, `album`, max(`scale`) AS `scale` FROM `photo`
  1127. WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s'
  1128. $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d",
  1129. intval($a->data['user']['uid']),
  1130. dbesc('Contact Photos'),
  1131. dbesc( t('Contact Photos')),
  1132. intval($a->pager['start']),
  1133. intval($a->pager['itemspage'])
  1134. );
  1135. $photos = array();
  1136. if(count($r)) {
  1137. $twist = 'rotright';
  1138. foreach($r as $rr) {
  1139. if($twist == 'rotright')
  1140. $twist = 'rotleft';
  1141. else
  1142. $twist = 'rotright';
  1143. $photos[] = array(
  1144. 'id' => $rr['id'],
  1145. 'twist' => ' ' . $twist . rand(2,4),
  1146. 'link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
  1147. 'title' => t('View Photo'),
  1148. 'src' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg',
  1149. 'alt' => template_escape($rr['filename']),
  1150. 'album' => array(
  1151. 'link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']),
  1152. 'name' => template_escape($rr['album']),
  1153. 'alt' => t('View Album'),
  1154. ),
  1155. );
  1156. }
  1157. }
  1158. $tpl = get_markup_template('photos_recent.tpl');
  1159. $o .= replace_macros($tpl,array(
  1160. '$title' => t('Recent Photos'),
  1161. '$can_post' => $can_post,
  1162. '$upload' => array(t('Upload New Photos'), $a->get_baseurl().'/photos/'.$a->data['user']['nickname'].'/upload'),
  1163. '$photos' => $photos,
  1164. ));
  1165. $o .= paginate($a);
  1166. return $o;
  1167. }