Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

276 lines
7.8 KiB

11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
  1. <?php
  2. function display_content(&$a) {
  3. require_once('mod/profile.php');
  4. profile_init($a);
  5. $item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0);
  6. if(! $item_id) {
  7. $a->error = 404;
  8. notice( t('Item not found.') . EOL);
  9. return;
  10. }
  11. require_once("include/bbcode.php");
  12. require_once('include/security.php');
  13. $groups = array();
  14. $tab = 'posts';
  15. $contact = null;
  16. $remote_contact = false;
  17. if(remote_user()) {
  18. $contact_id = $_SESSION['visitor_id'];
  19. $groups = init_groups_visitor($contact_id);
  20. $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  21. intval($contact_id),
  22. intval($a->profile['uid'])
  23. );
  24. if(count($r)) {
  25. $contact = $r[0];
  26. $remote_contact = true;
  27. }
  28. }
  29. if(! $remote_contact) {
  30. if(local_user()) {
  31. $contact_id = $_SESSION['cid'];
  32. $contact = $a->contact;
  33. }
  34. }
  35. $sql_extra = "
  36. AND `allow_cid` = ''
  37. AND `allow_gid` = ''
  38. AND `deny_cid` = ''
  39. AND `deny_gid` = ''
  40. ";
  41. // Profile owner - everything is visible
  42. if(local_user() && (get_uid() == $a->profile['uid'])) {
  43. $sql_extra = '';
  44. }
  45. // authenticated visitor - here lie dragons
  46. // If $remotecontact is true, we know that not only is this a remotely authenticated
  47. // person, but that it is *our* contact, which is important in multi-user mode.
  48. elseif($remote_contact) {
  49. $gs = '<<>>'; // should be impossible to match
  50. if(count($groups)) {
  51. foreach($groups as $g)
  52. $gs .= '|<' . intval($g) . '>';
  53. }
  54. $sql_extra = sprintf(
  55. " AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
  56. AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
  57. AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
  58. AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') ",
  59. intval($_SESSION['visitor_id']),
  60. intval($_SESSION['visitor_id']),
  61. dbesc($gs),
  62. dbesc($gs)
  63. );
  64. }
  65. $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
  66. `contact`.`name`, `contact`.`photo`, `contact`.`url`,
  67. `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
  68. `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
  69. FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
  70. WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
  71. AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
  72. AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' ))
  73. $sql_extra
  74. ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
  75. intval($a->profile['uid']),
  76. dbesc($item_id),
  77. dbesc($item_id)
  78. );
  79. $cmnt_tpl = load_view_file('view/comment_item.tpl');
  80. $like_tpl = load_view_file('view/like.tpl');
  81. $tpl = load_view_file('view/wall_item.tpl');
  82. $wallwall = load_view_file('view/wallwall_item.tpl');
  83. $return_url = $_SESSION['return_url'] = $a->cmd;
  84. $alike = array();
  85. $dlike = array();
  86. if(count($r)) {
  87. foreach($r as $item) {
  88. $sparkle = '';
  89. if(($item['verb'] == ACTIVITY_LIKE) && ($item['id'] != $item['parent'])) {
  90. $url = $item['url'];
  91. if(($item['rel'] == REL_VIP || $item['rel'] == REL_BUD) && (! $item['self'])) {
  92. $url = $a->get_baseurl() . '/redir/' . $item['contact-id'];
  93. $sparkle = ' class="sparkle"';
  94. }
  95. if(! is_array($alike[$item['parent'] . '-l']))
  96. $alike[$item['parent'] . '-l'] = array();
  97. $alike[$item['parent']] ++;
  98. $alike[$item['parent'] . '-l'][] = '<a href="'. $url . '"' . $sparkle . '>' . $item['name'] . '</a>';
  99. }
  100. if(($item['verb'] == ACTIVITY_DISLIKE) && ($item['id'] != $item['parent'])) {
  101. $url = $item['url'];
  102. if(($item['rel'] == REL_VIP || $item['rel'] == REL_BUD) && (! $item['self'])) {
  103. $url = $a->get_baseurl() . '/redir/' . $item['contact-id'];
  104. $sparkle = ' class="sparkle"';
  105. }
  106. if(! is_array($dlike[$item['parent'] . '-l']))
  107. $dlike[$item['parent'] . '-l'] = array();
  108. $dlike[$item['parent']] ++;
  109. $dlike[$item['parent'] . '-l'][] = '<a href="'. $url . '"' . $sparkle . '>' . $item['name'] . '</a>';
  110. }
  111. }
  112. foreach($r as $item) {
  113. $comment = '';
  114. $template = $tpl;
  115. $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ;
  116. if((($item['verb'] == ACTIVITY_LIKE) || ($item['verb'] == ACTIVITY_DISLIKE)) && ($item['id'] != $item['parent']))
  117. continue;
  118. if(can_write_wall($a,$a->profile['uid'])) {
  119. if($item['last-child']) {
  120. $comment = replace_macros($cmnt_tpl,array(
  121. '$return_path' => $_SESSION['return_url'],
  122. '$type' => 'wall-comment',
  123. '$id' => $item['item_id'],
  124. '$parent' => $item['parent'],
  125. '$profile_uid' => $a->profile['uid'],
  126. '$mylink' => $contact['url'],
  127. '$mytitle' => t('This is you'),
  128. '$myphoto' => $contact['thumb'],
  129. '$ww' => ''
  130. ));
  131. }
  132. }
  133. $profile_url = $item['url'];
  134. $sparkle = '';
  135. $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ;
  136. if(($item['rel'] == REL_VIP || $item['rel'] == REL_BUD) && (! $item['self'] )) {
  137. $profile_url = $redirect_url;
  138. $sparkle = ' sparkle';
  139. }
  140. // Top-level wall post not written by the wall owner (wall-to-wall)
  141. // First figure out who owns it.
  142. $osparkle = '';
  143. if(($item['parent'] == $item['item_id']) && (! $item['self'])) {
  144. if($item['type'] === 'wall') {
  145. // I do. Put me on the left of the wall-to-wall notice.
  146. $owner_url = $a->contact['url'];
  147. $owner_photo = $a->contact['thumb'];
  148. $owner_name = $a->contact['name'];
  149. $template = $wallwall;
  150. $commentww = 'ww';
  151. }
  152. if($item['type'] === 'remote' && ($item['owner-link'] != $item['author-link'])) {
  153. // Could be anybody.
  154. $owner_url = $item['owner-link'];
  155. $owner_photo = $item['owner-avatar'];
  156. $owner_name = $item['owner-name'];
  157. $template = $wallwall;
  158. $commentww = 'ww';
  159. // If it is our contact, use a friendly redirect link
  160. if(($item['owner-link'] == $item['url']) && ($item['rel'] == REL_VIP || $item['rel'] == REL_BUD)) {
  161. $owner_url = $redirect_url;
  162. $osparkle = ' sparkle';
  163. }
  164. }
  165. }
  166. $profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']);
  167. $profile_avatar = ((strlen($item['author-avatar'])) ? $item['author-avatar'] : $item['thumb']);
  168. $profile_link = $profile_url;
  169. $drop = '';
  170. if(($item['contact-id'] == $_SESSION['visitor_id']) || ($item['uid'] == get_uid()))
  171. $drop = replace_macros(load_view_file('view/wall_item_drop.tpl'), array('$id' => $item['id']));
  172. $like = (($alike[$item['id']]) ? format_like($alike[$item['id']],$alike[$item['id'] . '-l'],'like',$item['id']) : '');
  173. $dislike = (($dlike[$item['id']]) ? format_like($dlike[$item['id']],$dlike[$item['id'] . '-l'],'dislike',$item['id']) : '');
  174. $likebuttons = '';
  175. if($item['id'] == $item['parent']) {
  176. $likebuttons = replace_macros($like_tpl,array('$id' => $item['id']));
  177. }
  178. $o .= replace_macros($template,array(
  179. '$id' => $item['item_id'],
  180. '$profile_url' => $profile_link,
  181. '$name' => $profile_name,
  182. '$sparkle' => $sparkle,
  183. '$osparkle' => $osparkle,
  184. '$thumb' => $profile_avatar,
  185. '$title' => $item['title'],
  186. '$body' => bbcode($item['body']),
  187. '$ago' => relative_date($item['created']),
  188. '$location' => (($item['location']) ? '<a target="map" href="http://maps.google.com/?q=' . urlencode($item['location']) . '">' . $item['location'] . '</a>' : ''),
  189. '$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''),
  190. '$owner_url' => $owner_url,
  191. '$owner_photo' => $owner_photo,
  192. '$owner_name' => $owner_name,
  193. '$drop' => $drop,
  194. '$vote' => $likebuttons,
  195. '$like' => $like,
  196. '$dislike' => $dislike,
  197. '$comment' => $comment
  198. ));
  199. }
  200. }
  201. else {
  202. $r = q("SELECT `id` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1",
  203. dbesc($item_id),
  204. dbesc($item_id)
  205. );
  206. if(count($r)) {
  207. if($r[0]['deleted']) {
  208. notice( t('Item has been removed.') . EOL );
  209. }
  210. else {
  211. notice( t('Permission denied.') . EOL );
  212. }
  213. }
  214. else {
  215. notice( t('Item not found.') . EOL );
  216. }
  217. }
  218. return $o;
  219. }