Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

975 lines
28 KiB

11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
  1. <?php
  2. require_once('Photo.php');
  3. require_once('include/items.php');
  4. require_once('view/acl_selectors.php');
  5. require_once('include/bbcode.php');
  6. function photos_init(&$a) {
  7. if($a->argc > 1) {
  8. $nick = $a->argv[1];
  9. $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1",
  10. dbesc($nick)
  11. );
  12. if(! count($r))
  13. return;
  14. $a->data['user'] = $r[0];
  15. $albums = q("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = %d",
  16. intval($a->data['user']['uid'])
  17. );
  18. if(count($albums)) {
  19. $a->data['albums'] = $albums;
  20. $o .= '<h4><a href="' . $a->get_baseurl() . '/profile/' . $a->data['user']['nickname'] . '">' . $a->data['user']['username'] . '</a></h4>';
  21. $o .= '<h4>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '">' . t('Photo Albums') . '</a></h4>';
  22. $o .= '<ul>';
  23. foreach($albums as $album) {
  24. if((! strlen($album['album'])) || ($album['album'] == t('Contact Photos')))
  25. continue;
  26. $o .= '<li>' . '<a href="photos/' . $a->argv[1] . '/album/' . bin2hex($album['album']) . '" />' . $album['album'] . '</a></li>';
  27. }
  28. $o .= '</ul>';
  29. }
  30. $a->page['aside'] .= $o;
  31. }
  32. return;
  33. }
  34. function photos_post(&$a) {
  35. if(! local_user()) {
  36. notice( t('Permission denied.') . EOL );
  37. killme();
  38. }
  39. $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
  40. WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1",
  41. intval(local_user())
  42. );
  43. if(! count($r)) {
  44. notice( t('Contact information unavailable') . EOL);
  45. logger('photos_post: unable to locate contact record for logged in user. uid=' . local_user());
  46. killme();
  47. }
  48. $contact_record = $r[0];
  49. if(($a->argc > 2) && ($a->argv[1] === 'album')) {
  50. $album = hex2bin($a->argv[2]);
  51. if($album == t('Profile Photos') || $album == t('Contact Photos')) {
  52. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  53. return; // NOTREACHED
  54. }
  55. $r = q("SELECT count(*) FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
  56. dbesc($album),
  57. intval(local_user())
  58. );
  59. if(! count($r)) {
  60. notice( t('Album not found.') . EOL);
  61. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  62. return; // NOTREACHED
  63. }
  64. $newalbum = notags(trim($_POST['albumname']));
  65. if($newalbum != $album) {
  66. q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
  67. dbesc($newalbum),
  68. dbesc($album),
  69. intval(local_user())
  70. );
  71. $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
  72. goaway($a->get_baseurl() . '/' . $newurl);
  73. return; // NOTREACHED
  74. }
  75. if($_POST['dropalbum'] == t('Delete Album')) {
  76. $res = array();
  77. $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'",
  78. intval(local_user()),
  79. dbesc($album)
  80. );
  81. if(count($r)) {
  82. foreach($r as $rr) {
  83. $res[] = "'" . dbesc($rr['rid']) . "'" ;
  84. }
  85. }
  86. else {
  87. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  88. return; // NOTREACHED
  89. }
  90. $str_res = implode(',', $res);
  91. q("DELETE FROM `photo` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
  92. intval(local_user())
  93. );
  94. $r = q("SELECT `parent-uri` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
  95. intval(local_user())
  96. );
  97. if(count($r)) {
  98. foreach($r as $rr) {
  99. q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
  100. dbesc(datetime_convert()),
  101. dbesc($rr['parent-uri']),
  102. intval(local_user())
  103. );
  104. $drop_id = intval($rr['id']);
  105. $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  106. $proc_debug = get_config('system','proc_debug');
  107. // send the notification upstream/downstream as the case may be
  108. if($rr['visible'])
  109. proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"drop\" \"$drop_id\" $proc_debug & ",
  110. array(),$foo));
  111. }
  112. }
  113. }
  114. goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
  115. return; // NOTREACHED
  116. }
  117. if(($a->argc > 1) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) {
  118. $r = q("SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1",
  119. intval(local_user()),
  120. dbesc($a->argv[1])
  121. );
  122. if(count($r)) {
  123. q("DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'",
  124. intval(local_user()),
  125. dbesc($r[0]['resource-id'])
  126. );
  127. $i = q("SELECT * FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1",
  128. dbesc($r[0]['resource-id']),
  129. intval(local_user())
  130. );
  131. if(count($i)) {
  132. q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
  133. dbesc(datetime_convert()),
  134. dbesc(datetime_convert()),
  135. dbesc($i[0]['uri']),
  136. intval(local_user())
  137. );
  138. $url = $a->get_baseurl();
  139. $drop_id = intval($i[0]['id']);
  140. $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  141. $proc_debug = get_config('system','proc_debug');
  142. // send the notification upstream/downstream as the case may be
  143. if($i[0]['visible'])
  144. proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"drop\" \"$drop_id\" $proc_debug & ",
  145. array(),$foo));
  146. }
  147. }
  148. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  149. return; // NOTREACHED
  150. }
  151. if(($a->argc > 1) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false))) {
  152. $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : '');
  153. $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
  154. $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
  155. $resource_id = $a->argv[1];
  156. $p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC",
  157. dbesc($resource_id),
  158. intval(local_user())
  159. );
  160. if((count($p)) && ($p[0]['desc'] !== $desc)) {
  161. $r = q("UPDATE `photo` SET `desc` = '%s' WHERE `resource-id` = '%s' AND `uid` = %d",
  162. dbesc($desc),
  163. dbesc($resource_id),
  164. intval(local_user())
  165. );
  166. }
  167. if(! $item_id) {
  168. // Create item container
  169. $title = '';
  170. $basename = basename($filename);
  171. $uri = item_new_uri($a->get_hostname(),local_user());
  172. $arr = array();
  173. $arr['uid'] = local_user();
  174. $arr['uri'] = $uri;
  175. $arr['parent-uri'] = $uri;
  176. $arr['type'] = 'photo';
  177. $arr['wall'] = 1;
  178. $arr['resource-id'] = $p[0]['resource-id'];
  179. $arr['contact-id'] = $contact_record['id'];
  180. $arr['owner-name'] = $contact_record['name'];
  181. $arr['owner-link'] = $contact_record['url'];
  182. $arr['owner-avatar'] = $contact_record['thumb'];
  183. $arr['title'] = $title;
  184. $arr['allow_cid'] = $p[0]['allow_cid'];
  185. $arr['allow_gid'] = $p[0]['allow_gid'];
  186. $arr['deny_cid'] = $p[0]['deny_cid'];
  187. $arr['deny_gid'] = $p[0]['deny_gid'];
  188. $arr['last-child'] = 1;
  189. $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $p[0]['resource-id'] . ']'
  190. . '[img]' . $a->get_baseurl() . '/photo/' . $p[0]['resource-id'] . '-' . $p[0]['scale'] . '.jpg' . '[/img]'
  191. . '[/url]';
  192. $item_id = item_store($arr);
  193. }
  194. if($item_id) {
  195. $r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  196. intval($item_id),
  197. intval(local_user())
  198. );
  199. }
  200. if(count($r)) {
  201. $old_tag = $r[0]['tag'];
  202. $old_inform = $r[0]['inform'];
  203. }
  204. if(strlen($rawtags)) {
  205. $str_tags = '';
  206. $inform = '';
  207. // if the new tag doesn't have a namespace specifier (@foo or #foo) give it a hashtag
  208. $x = substr($rawtags,0,1);
  209. if($x !== '@' && $x !== '#')
  210. $rawtags = '#' . $rawtags;
  211. $taginfo = array();
  212. $tags = get_tags($rawtags);
  213. if(count($tags)) {
  214. foreach($tags as $tag) {
  215. if(strpos($tag,'@') === 0) {
  216. $name = substr($tag,1);
  217. if((strpos($name,'@')) || (strpos($name,'http://'))) {
  218. $newname = $name;
  219. $links = @lrdd($name);
  220. if(count($links)) {
  221. foreach($links as $link) {
  222. if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
  223. $profile = $link['@attributes']['href'];
  224. if($link['@attributes']['rel'] === 'salmon') {
  225. $salmon = '$url:' . str_replace(',','%sc',$link['@attributes']['href']);
  226. if(strlen($inform))
  227. $inform .= ',';
  228. $inform .= $salmon;
  229. }
  230. }
  231. }
  232. $taginfo[] = array($newname,$profile,$salmon);
  233. }
  234. else {
  235. $newname = $name;
  236. if(strstr($name,'_')) {
  237. $newname = str_replace('_',' ',$name);
  238. $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
  239. dbesc($newname),
  240. intval(local_user())
  241. );
  242. }
  243. else {
  244. $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1",
  245. dbesc($name),
  246. intval(local_user())
  247. );
  248. }
  249. if(count($r)) {
  250. $profile = $r[0]['url'];
  251. $notify = 'cid:' . $r[0]['id'];
  252. if(strlen($inform))
  253. $inform .= ',';
  254. $inform .= $notify;
  255. }
  256. }
  257. if($profile) {
  258. $taginfo[] = array($newname,$profile,$notify);
  259. if(strlen($str_tags))
  260. $str_tags .= ',';
  261. $profile = str_replace(',','%2c',$profile);
  262. $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]';
  263. }
  264. }
  265. }
  266. }
  267. $newtag = $old_tag;
  268. if(strlen($newtag) && strlen($str_tags))
  269. $newtag .= ',';
  270. $newtag .= $str_tags;
  271. $newinform = $old_inform;
  272. if(strlen($newinform) && strlen($inform))
  273. $newinform .= ',';
  274. $newinform .= $inform;
  275. $r = q("UPDATE `item` SET `tag` = '%s', `inform` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
  276. dbesc($newtag),
  277. dbesc($newinform),
  278. dbesc(datetime_convert()),
  279. dbesc(datetime_convert()),
  280. intval($item_id),
  281. intval(local_user())
  282. );
  283. if(count($taginfo)) {
  284. foreach($taginfo as $tagged) {
  285. // $slap = create_photo_tag(local_user(),$item_id, $tagged);
  286. //
  287. }
  288. // call notifier on new tag activity
  289. }
  290. // $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
  291. // $proc_debug = get_config('system','proc_debug');
  292. // send the notification upstream/downstream as the case may be
  293. // if($i[0]['visible'])
  294. // proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"drop\" \"$drop_id\" $proc_debug & ",
  295. // array(),$foo));
  296. }
  297. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  298. return; // NOTREACHED
  299. }
  300. // default post action - upload a photo
  301. if(! x($_FILES,'userfile'))
  302. killme();
  303. if($_POST['partitionCount'])
  304. $java_upload = true;
  305. else
  306. $java_upload = false;
  307. $album = notags(trim($_POST['album']));
  308. $newalbum = notags(trim($_POST['newalbum']));
  309. if(! strlen($album)) {
  310. if(strlen($newalbum))
  311. $album = $newalbum;
  312. else
  313. $album = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
  314. }
  315. $r = q("SELECT * FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
  316. dbesc($album),
  317. intval(local_user())
  318. );
  319. if((! count($r)) || ($album == t('Profile Photos')))
  320. $visible = 1;
  321. else
  322. $visibile = 0;
  323. $str_group_allow = perms2str($_POST['group_allow']);
  324. $str_contact_allow = perms2str($_POST['contact_allow']);
  325. $str_group_deny = perms2str($_POST['group_deny']);
  326. $str_contact_deny = perms2str($_POST['contact_deny']);
  327. $src = $_FILES['userfile']['tmp_name'];
  328. $filename = basename($_FILES['userfile']['name']);
  329. $filesize = intval($_FILES['userfile']['size']);
  330. $imagedata = @file_get_contents($src);
  331. $ph = new Photo($imagedata);
  332. if(! $ph->is_valid()) {
  333. notice( t('Unable to process image.') . EOL );
  334. @unlink($src);
  335. killme();
  336. }
  337. @unlink($src);
  338. $width = $ph->getWidth();
  339. $height = $ph->getHeight();
  340. $smallest = 0;
  341. $photo_hash = photo_new_resource();
  342. $r = $ph->store(local_user(), 0, $photo_hash, $filename, $album, 0 , 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
  343. if(! $r) {
  344. notice( t('Image upload failed.') . EOL );
  345. killme();
  346. }
  347. if($width > 640 || $height > 640) {
  348. $ph->scaleImage(640);
  349. $ph->store(local_user(), 0, $photo_hash, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
  350. $smallest = 1;
  351. }
  352. if($width > 320 || $height > 320) {
  353. $ph->scaleImage(320);
  354. $ph->store(local_user(), 0, $photo_hash, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
  355. $smallest = 2;
  356. }
  357. $basename = basename($filename);
  358. $uri = item_new_uri($a->get_hostname(), local_user());
  359. // Create item container
  360. $arr = array();
  361. $arr['uid'] = local_user();
  362. $arr['uri'] = $uri;
  363. $arr['parent-uri'] = $uri;
  364. $arr['type'] = 'photo';
  365. $arr['wall'] = 1;
  366. $arr['resource-id'] = $photo_hash;
  367. $arr['contact-id'] = $contact_record['id'];
  368. $arr['owner-name'] = $contact_record['name'];
  369. $arr['owner-link'] = $contact_record['url'];
  370. $arr['owner-avatar'] = $contact_record['thumb'];
  371. $arr['title'] = $title;
  372. $arr['allow_cid'] = $str_contact_allow;
  373. $arr['allow_gid'] = $str_group_allow;
  374. $arr['deny_cid'] = $str_contact_deny;
  375. $arr['deny_gid'] = $str_group_deny;
  376. $arr['last-child'] = 1;
  377. $arr['visible'] = $visible;
  378. $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $contact_record['nickname'] . '/image/' . $photo_hash . ']'
  379. . '[img]' . $a->get_baseurl() . "/photo/{$photo_hash}-{$smallest}.jpg" . '[/img]'
  380. . '[/url]';
  381. $item_id = item_store($arr);
  382. if(! $java_upload) {
  383. goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
  384. return; // NOTREACHED
  385. }
  386. killme();
  387. return; // NOTREACHED
  388. }
  389. function photos_content(&$a) {
  390. // URLs:
  391. // photos/name
  392. // photos/name/upload
  393. // photos/name/album/xxxxx
  394. // photos/name/album/xxxxx/edit
  395. // photos/name/image/xxxxx
  396. // photos/name/image/xxxxx/edit
  397. if(! x($a->data,'user')) {
  398. notice( t('No photos selected') . EOL );
  399. return;
  400. }
  401. $_SESSION['photo_return'] = $a->cmd;
  402. //
  403. // Parse arguments
  404. //
  405. if($a->argc > 3) {
  406. $datatype = $a->argv[2];
  407. $datum = $a->argv[3];
  408. }
  409. elseif(($a->argc > 2) && ($a->argv[2] === 'upload'))
  410. $datatype = 'upload';
  411. else
  412. $datatype = 'summary';
  413. if($a->argc > 4)
  414. $cmd = $a->argv[4];
  415. else
  416. $cmd = 'view';
  417. //
  418. // Setup permissions structures
  419. //
  420. $owner_uid = $a->data['user']['uid'];
  421. $contact = null;
  422. $remote_contact = false;
  423. if(remote_user()) {
  424. $contact_id = $_SESSION['visitor_id'];
  425. $groups = init_groups_visitor($contact_id);
  426. $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  427. intval($contact_id),
  428. intval($owner_uid)
  429. );
  430. if(count($r)) {
  431. $contact = $r[0];
  432. $remote_contact = true;
  433. }
  434. }
  435. if(! $remote_contact) {
  436. if(local_user()) {
  437. $contact_id = $_SESSION['cid'];
  438. $contact = $a->contact;
  439. }
  440. }
  441. // default permissions - anonymous user
  442. $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";
  443. // Profile owner - everything is visible
  444. if(local_user() && (local_user() == $owner_uid)) {
  445. $sql_extra = '';
  446. }
  447. elseif(remote_user()) {
  448. // authenticated visitor - here lie dragons
  449. $gs = '<<>>'; // should be impossible to match
  450. if(count($groups)) {
  451. foreach($groups as $g)
  452. $gs .= '|<' . intval($g) . '>';
  453. }
  454. $sql_extra = sprintf(
  455. " AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
  456. AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
  457. AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
  458. AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') ",
  459. intval($_SESSION['visitor_id']),
  460. intval($_SESSION['visitor_id']),
  461. dbesc($gs),
  462. dbesc($gs)
  463. );
  464. }
  465. //
  466. // dispatch request
  467. //
  468. if($datatype === 'upload') {
  469. if( ! (local_user() && (local_user() == $a->data['user']['uid']))) {
  470. notice( t('Permission denied.'));
  471. return;
  472. }
  473. $albumselect = '<select id="photos-upload-album-select" name="album" size="4">';
  474. $albumselect .= '<option value="" selected="selected" >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
  475. if(count($a->data['albums'])) {
  476. foreach($a->data['albums'] as $album) {
  477. if(($album['album'] === '') || ($album['album'] == t('Contact Photos')))
  478. continue;
  479. $albumselect .= '<option value="' . $album['album'] . '">' . $album['album'] . '</option>';
  480. }
  481. }
  482. $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
  483. $albumselect .= '</select>';
  484. $tpl = load_view_file('view/photos_upload.tpl');
  485. $o .= replace_macros($tpl,array(
  486. '$pagename' => t('Upload Photos'),
  487. '$sessid' => session_id(),
  488. '$newalbum' => t('New album name: '),
  489. '$existalbumtext' => t('or existing album name: '),
  490. '$filestext' => t('Select files to upload: '),
  491. '$albumselect' => $albumselect,
  492. '$permissions' => t('Permissions'),
  493. '$aclselect' => populate_acl($a->user, $celeb),
  494. '$archive' => $a->get_baseurl() . '/jumploader_z.jar',
  495. '$nojava' => t('Use the following controls only if the Java uploader [above] fails to launch.'),
  496. '$uploadurl' => $a->get_baseurl() . '/photos',
  497. '$submit' => t('Submit')
  498. ));
  499. return $o;
  500. }
  501. if($datatype === 'album') {
  502. $album = hex2bin($datum);
  503. $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
  504. $sql_extra GROUP BY `resource-id`",
  505. intval($a->data['user']['uid']),
  506. dbesc($album)
  507. );
  508. if(count($r))
  509. $a->set_pager_total(count($r));
  510. $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
  511. $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d",
  512. intval($a->data['user']['uid']),
  513. dbesc($album),
  514. intval($a->pager['start']),
  515. intval($a->pager['itemspage'])
  516. );
  517. $o .= '<h3>' . $album . '</h3>';
  518. if($cmd === 'edit') {
  519. if(($album != t('Profile Photos')) && ($album != t('Contact Photos'))) {
  520. if(local_user() && (local_user() == $a->data['user']['uid'])) {
  521. $edit_tpl = load_view_file('view/album_edit.tpl');
  522. $o .= replace_macros($edit_tpl,array(
  523. '$nametext' => t('New album name: '),
  524. '$album' => $album,
  525. '$hexalbum' => bin2hex($album),
  526. '$submit' => t('Submit'),
  527. '$dropsubmit' => t('Delete Album')
  528. ));
  529. }
  530. }
  531. }
  532. else {
  533. if(($album != t('Profile Photos')) && ($album != t('Contact Photos'))) {
  534. if(local_user() && (local_user() == $a->data['user']['uid'])) {
  535. $o .= '<div id="album-edit-link"><a href="'. $a->get_baseurl() . '/photos/'
  536. . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '/edit' . '">'
  537. . t('Edit Album') . '</a></div>';
  538. }
  539. }
  540. }
  541. $tpl = load_view_file('view/photo_album.tpl');
  542. if(count($r))
  543. foreach($r as $rr) {
  544. $o .= replace_macros($tpl,array(
  545. '$id' => $rr['id'],
  546. '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
  547. '$phototitle' => t('View Photo'),
  548. '$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
  549. '$imgalt' => $rr['filename']
  550. ));
  551. }
  552. $o .= '<div id="photo-album-end"></div>';
  553. return $o;
  554. }
  555. if($datatype === 'image') {
  556. require_once('security.php');
  557. require_once('bbcode.php');
  558. $o = '<div id="live-display"></div>' . "\r\n";
  559. // fetch image, item containing image, then comments
  560. $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'
  561. $sql_extra ORDER BY `scale` ASC ",
  562. intval($a->data['user']['uid']),
  563. dbesc($datum)
  564. );
  565. if(! count($ph)) {
  566. notice( t('Photo not available') . EOL );
  567. return;
  568. }
  569. if(count($ph) == 1)
  570. $hires = $lores = $ph[0];
  571. if(count($ph) > 1) {
  572. if($ph[1]['scale'] == 2) {
  573. // original is 640 or less, we can display it directly
  574. $hires = $lores = $ph[0];
  575. }
  576. else {
  577. $hires = $ph[0];
  578. $lores = $ph[1];
  579. }
  580. }
  581. $o .= '<h3>' . '<a href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($ph[0]['album']) . '">' . $ph[0]['album'] . '</a></h3>';
  582. if(local_user() && ($ph[0]['uid'] == local_user())) {
  583. $o .= '<div id="photo-edit-link-wrap" ><a id="photo-edit-link" href="' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $datum . '/edit' . '">' . t('Edit photo') . '</a></div>';
  584. }
  585. $o .= '<a href="' . $a->get_baseurl() . '/photo/'
  586. . $hires['resource-id'] . '-' . $hires['scale'] . '.jpg" title="'
  587. . t('View Full Size') . '" ><img src="' . $a->get_baseurl() . '/photo/'
  588. . $lores['resource-id'] . '-' . $lores['scale'] . '.jpg' . '" /></a>';
  589. // Do we have an item for this photo?
  590. $i1 = q("SELECT * FROM `item` WHERE `resource-id` = '%s' $sql_extra LIMIT 1",
  591. dbesc($datum)
  592. );
  593. if(count($i1)) {
  594. $r = q("SELECT COUNT(*) AS `total`
  595. FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
  596. WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0
  597. AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
  598. AND `item`.`uid` = %d
  599. $sql_extra ",
  600. dbesc($i1[0]['uri']),
  601. dbesc($i1[0]['uri']),
  602. intval($i1[0]['uid'])
  603. );
  604. if(count($r))
  605. $a->set_pager_total($r[0]['total']);
  606. $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
  607. `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`,
  608. `contact`.`rel`, `contact`.`thumb`, `contact`.`self`,
  609. `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
  610. FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
  611. WHERE `parent-uri` = '%s' AND `uri` != '%s' AND `item`.`deleted` = 0
  612. AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
  613. AND `item`.`uid` = %d
  614. $sql_extra
  615. ORDER BY `parent` DESC, `id` ASC LIMIT %d ,%d ",
  616. dbesc($i1[0]['uri']),
  617. dbesc($i1[0]['uri']),
  618. intval($i1[0]['uid']),
  619. intval($a->pager['start']),
  620. intval($a->pager['itemspage'])
  621. );
  622. }
  623. $o .= '<div id="photo-caption" >' . $ph[0]['desc'] . '</div>';
  624. if(count($i1) && strlen($i1[0]['tag'])) {
  625. $arr = explode(',',$i1[0]['tag']);
  626. // parse tags and add links
  627. $o .= '<div id="in-this-photo-text">' . t('Tags: ') . '</div>';
  628. $o .= '<div id="in-this-photo">';
  629. $tag_str = '';
  630. foreach($arr as $t) {
  631. if(strlen($tag_str))
  632. $tag_str .= ', ';
  633. $tag_str .= bbcode($t);
  634. }
  635. $o .= $tag_str . '</div>';
  636. }
  637. if($cmd === 'edit') {
  638. $edit_tpl = load_view_file('view/photo_edit.tpl');
  639. $o .= replace_macros($edit_tpl, array(
  640. '$id' => $ph[0]['id'],
  641. '$resource_id' => $ph[0]['resource-id'],
  642. '$capt_label' => t('Caption'),
  643. '$caption' => $ph[0]['desc'],
  644. '$tag_label' => t('Add a Tag'),
  645. '$tags' => $i1[0]['tag'],
  646. '$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'),
  647. '$item_id' => ((count($i1)) ? $i1[0]['id'] : 0),
  648. '$submit' => t('Submit'),
  649. '$delete' => t('Delete Photo')
  650. ));
  651. }
  652. if(count($i1)) {
  653. $cmnt_tpl = load_view_file('view/comment_item.tpl');
  654. $tpl = load_view_file('view/photo_item.tpl');
  655. $return_url = $a->cmd;
  656. $like_tpl = load_view_file('view/like.tpl');
  657. if(can_write_wall($a,$a->data['user']['uid'])) {
  658. if($i1[0]['last-child']) {
  659. $o .= replace_macros($cmnt_tpl,array(
  660. '$return_path' => $return_url,
  661. '$type' => 'wall-comment',
  662. '$id' => $i1[0]['id'],
  663. '$parent' => $i1[0]['id'],
  664. '$profile_uid' => $a->data['user']['uid'],
  665. '$mylink' => $contact['url'],
  666. '$mytitle' => t('This is you'),
  667. '$myphoto' => $contact['thumb'],
  668. '$ww' => ''
  669. ));
  670. }
  671. }
  672. $alike = array();
  673. $dlike = array();
  674. // display comments
  675. if(count($r)) {
  676. foreach($r as $item) {
  677. like_puller($a,$item,$alike,'like');
  678. like_puller($a,$item,$dlike,'dislike');
  679. }
  680. $likebuttons = '';
  681. if(can_write_wall($a,$a->data['user']['uid']))
  682. $likebuttons = replace_macros($like_tpl,array('$id' => $i1[0]['id']));
  683. $like = ((isset($alike[$i1[0]['id']])) ? format_like($alike[$i1[0]['id']],$alike[$i1[0]['id'] . '-l'],'like',$i1[0]['id']) : '');
  684. $dislike = ((isset($dlike[$i1[0]['id']])) ? format_like($dlike[$i1[0]['id']],$dlike[$i1[0]['id'] . '-l'],'dislike',$i1[0]['id']) : '');
  685. $o .= $likebuttons;
  686. $o .= $like;
  687. $o .= $dislike;
  688. foreach($r as $item) {
  689. $comment = '';
  690. $template = $tpl;
  691. $sparkle = '';
  692. if(((activity_match($item['verb'],ACTIVITY_LIKE)) || (activity_match($item['verb'],ACTIVITY_DISLIKE))) && ($item['id'] != $item['parent']))
  693. continue;
  694. $redirect_url = $a->get_baseurl() . '/redir/' . $item['cid'] ;
  695. if(can_write_wall($a,$a->data['user']['uid'])) {
  696. if($item['last-child']) {
  697. $comment = replace_macros($cmnt_tpl,array(
  698. '$return_path' => $return_url,
  699. '$type' => 'wall-comment',
  700. '$id' => $item['item_id'],
  701. '$parent' => $item['parent'],
  702. '$profile_uid' => $a->data['user']['uid'],
  703. '$mylink' => $contact['url'],
  704. '$mytitle' => t('This is you'),
  705. '$myphoto' => $contact['thumb'],
  706. '$ww' => ''
  707. ));
  708. }
  709. }
  710. if(local_user() && ($item['contact-uid'] == local_user())
  711. && ($item['network'] == 'dfrn') && (! $item['self'] )) {
  712. $profile_url = $redirect_url;
  713. $sparkle = ' sparkle';
  714. }
  715. else {
  716. $profile_url = $item['url'];
  717. $sparkle = '';
  718. }
  719. $profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']);
  720. $profile_avatar = ((strlen($item['author-avatar'])) ? $item['author-avatar'] : $item['thumb']);
  721. $profile_link = $profile_url;
  722. $drop = '';
  723. if(($item['contact-id'] == $_SESSION['visitor_id']) || ($item['uid'] == local_user()))
  724. $drop = replace_macros(load_view_file('view/wall_item_drop.tpl'), array('$id' => $item['id']));
  725. $o .= replace_macros($template,array(
  726. '$id' => $item['item_id'],
  727. '$profile_url' => $profile_link,
  728. '$name' => $profile_name,
  729. '$thumb' => $profile_avatar,
  730. '$sparkle' => $sparkle,
  731. '$title' => $item['title'],
  732. '$body' => bbcode($item['body']),
  733. '$ago' => relative_date($item['created']),
  734. '$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''),
  735. '$drop' => $drop,
  736. '$comment' => $comment
  737. ));
  738. }
  739. }
  740. $o .= paginate($a);
  741. }
  742. return $o;
  743. }
  744. // Default - show recent photos with upload link (if applicable)
  745. $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s'
  746. $sql_extra GROUP BY `resource-id`",
  747. intval($a->data['user']['uid']),
  748. dbesc( t('Contact Photos'))
  749. );
  750. if(count($r))
  751. $a->set_pager_total(count($r));
  752. $r = q("SELECT `resource-id`, `album`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s'
  753. $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d",
  754. intval($a->data['user']['uid']),
  755. dbesc( t('Contact Photos')),
  756. intval($a->pager['start']),
  757. intval($a->pager['itemspage'])
  758. );
  759. $o .= '<h3>' . t('Recent Photos') . '</h3>';
  760. if( local_user() && (local_user() == $a->data['user']['uid'])) {
  761. $o .= '<div id="photo-top-links"><a id="photo-top-upload-link" href="'. $a->get_baseurl() . '/photos/'
  762. . $a->data['user']['nickname'] . '/upload' . '">' . t('Upload New Photos') . '</a></div>';
  763. }
  764. $tpl = load_view_file('view/photo_top.tpl');
  765. if(count($r)) {
  766. foreach($r as $rr) {
  767. $o .= replace_macros($tpl,array(
  768. '$id' => $rr['id'],
  769. '$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname']
  770. . '/image/' . $rr['resource-id'],
  771. '$phototitle' => t('View Photo'),
  772. '$imgsrc' => $a->get_baseurl() . '/photo/'
  773. . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
  774. '$albumlink' => $a->get_baseurl . '/photos/'
  775. . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']),
  776. '$albumname' => $rr['album'],
  777. '$albumalt' => t('View Album'),
  778. '$imgalt' => $rr['filename']
  779. ));
  780. }
  781. $o .= '<div id="photo-top-end"></div>';
  782. }
  783. return $o;
  784. }