From 57635e768473d30c5d2bd390027c9c043b4f31b8 Mon Sep 17 00:00:00 2001
From: Zach Prezkuta <fermion@gmx.com>
Date: Fri, 6 Jul 2012 17:09:23 -0600
Subject: [PATCH 1/4] add function to exclude embedded images when checking
 message length

---
 include/items.php | 116 ++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 112 insertions(+), 4 deletions(-)

diff --git a/include/items.php b/include/items.php
index cf903ac139..2cd0e61079 100755
--- a/include/items.php
+++ b/include/items.php
@@ -278,7 +278,116 @@ function construct_activity_target($item) {
 	}
 
 	return '';
-} 
+}
+
+/* limit_body_size()
+ *
+ *		The purpose of this function is to apply system message length limits to
+ *		imported messages without including any embedded photos in the length
+ *
+ *		How it works (other than when the body length is less than the max length at the outset):
+ *			1. When the text length without embedded images is less than the max length
+ *				a. The while() loop does run, since there are embedded images
+ *				b. 
+ *
+ *			2. When the text length exceeds the max length before the first embedded image
+ *
+ *			3. When the text length exceeds the max length in between embedded images
+ *
+ *			4. When the text length exceeds the max length after the last embedded image
+ *
+ *			5. When there are no embedded images
+ */
+if(! function_exists('limit_body_size')) {
+function limit_body_size($body) {
+
+	logger('limit_body_size: start', LOGGER_DEBUG);
+
+	$maxlen = get_max_import_size();
+
+	// If the length of the body, including the embedded images, is smaller
+	// than the maximum, then don't waste processing looking for the images
+	if($maxlen && (strlen($body) > $maxlen)) {
+
+		logger('limit_body_size: the body length exceeds the limit', LOGGER_DEBUG);
+
+		$img_pos = array();
+		$max_pos = 0;
+
+		$body_left = $body;
+		$cnt = 0;
+		$img_pos[$cnt] = array('start' => strpos($body_left, '[img]data:'));
+		while($img_pos[$cnt]['start'] !== false) {
+
+			// We're assuming that at this point, every opening '[img]data:' tag has a closing [/img] tag
+			$img_pos[$cnt]['end'] = strpos(substr($body_left, $img_pos[$cnt]['start'], strlen($body_left) - $img_pos[$cnt]['start']), '[/img]');
+			$img_pos[$cnt]['end'] += strlen('[/img]');
+			$img_pos[$cnt]['end'] += $img_pos[$cnt]['start'];
+
+			if(! $cnt) {
+				// This code should only run in the first loop
+				$textlen = $img_pos[$cnt]['start'];
+				if( ($maxlen - $textlen) <= 0 ) {
+					$maxpos = $maxlen;
+					$maxcnt = $cnt;
+				}
+			}
+			else {
+				$newlen = $img_pos[$cnt]['start'] - $img_pos[$cnt - 1]['end'];  // The length between the last embedded image and the next
+				if( (! $max_pos) && (($maxlen - ($textlen + $newlen)) <= 0) ) {
+					// $max_pos should be 0 until the message text exceeds the limit.
+					// If the limit has already been set, don't set it again
+					$len_left = $maxlen - $textlen;
+					$maxpos = $img_pos[$cnt - 1]['end'] + $len_left;  // We'll cut off the text at this position
+					$maxcnt = $cnt;
+				}
+
+				$textlen += $newlen;
+			}
+
+			$body_left = substr($body_left, $img_pos[$cnt]['end'], strlen($body_left) - $img_pos[$cnt]['end']);
+			$cnt++;
+			$img_pos[$cnt] = array('start' => strpos($body_left, '[img]data:') + $img_pos[$cnt - 1]['end']);
+		}
+
+		logger('limit_body_size: the while loop ran ' . $cnt . ' times', LOGGER_DEBUG);
+
+		if(! $cnt) {
+			// The while() loop never ran -- there are no embedded images
+			$maxpos = $maxlen;
+			$maxcnt = $cnt;
+			$textlen = strlen($body);
+		}
+		else {
+			// The while() loop did run. But the end of the last embedded image may not be the end of the body
+			// Check if the maximum length occurs between the end of the last embedded image and the end of the text
+			$newlen = strlen($body_left);
+			if( (! $max_pos) && (($maxlen - ($textlen + $newlen)) <= 0) ) {
+				$len_left = $maxlen - $textlen;
+				$maxpos = $img_pos[$cnt - 1]['end'] + $len_left;  // We'll cut off the text at this position
+				$maxcnt = $cnt;
+			}
+			$textlen += $newlen;
+		}
+
+
+		if($textlen > $maxlen) {
+			$newbody = substr($body, 0, $maxpos);  // Note: $maxpos is the position of the character AFTER the maximum length
+
+			// Now pile all the remaining embedded images onto the end
+			for($i = $maxcnt; $i < $cnt; $i++)
+				$newbody = $newbody . substr($body, $img_pos[$i]['start'], $img_pos[$i]['end'] - $img_pos[$i]['start']);
+
+			logger('limit_body_size: the text length (w/o embedded images) was ' . $textlen . ' and the limit was ' . $maxlen . '. Body truncated', LOGGER_DEBUG);
+
+			return $newbody;
+		}
+		else // When embedded images are excluded, the text length is less than the maximum, so we're good
+			return $body;
+	}
+	else
+		return $body;
+}}
 
 
 
@@ -414,9 +523,8 @@ function get_atom_elements($feed,$item) {
 		$res['body'] = notags(base64url_decode($res['body']));
 	}
 
-	$maxlen = get_max_import_size();
-	if($maxlen && (strlen($res['body']) > $maxlen))
-		$res['body'] = substr($res['body'],0, $maxlen);
+	
+	$res['body'] = limit_body_size($res['body']);
 
 	// It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust 
 	// the content type. Our own network only emits text normally, though it might have been converted to 

From 173b3a1b9ad926937ec152e41756c5b63f6c5951 Mon Sep 17 00:00:00 2001
From: Zach Prezkuta <fermion@gmx.com>
Date: Sat, 7 Jul 2012 16:20:24 -0600
Subject: [PATCH 2/4] allow more than one embedded private photo

---
 include/bbcode.php       |  88 ++++++++++++++----
 include/conversation.php |  95 +++++++++++++++-----
 include/items.php        | 189 ++++++++++++++++++++++-----------------
 mod/message.php          |  94 ++++++++++++++-----
 4 files changed, 327 insertions(+), 139 deletions(-)

diff --git a/include/bbcode.php b/include/bbcode.php
index 55a8794976..6a1c4b043b 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -47,6 +47,67 @@ function bb_unspacefy_and_trim($st) {
   return $unspacefied;
 }
 
+if(! function_exists('bb_extract_images')) {
+function bb_extract_images($body) {
+
+	$saved_image = array();
+	$orig_body = $body;
+	$new_body = '';
+
+	$cnt = 0;
+	$img_start = strpos($orig_body, '[img');
+	$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+	$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	while(($img_st_close !== false) && ($img_end !== false)) {
+
+		$img_st_close++; // make it point to AFTER the closing bracket
+		$img_end += $img_start;
+
+		if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
+			// This is an embedded image
+
+			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - $img_start);
+			$cnt++;
+
+			$new_body = $new_body . substr($orig_body, 0, $img_start) . '[$#saved_image' . $cnt . '#$]';
+		}
+		else
+			$new_body = $new_body . substr($orig_body, 0, $img_end + strlen('[/img]'));
+
+		$orig_body = substr($orig_body, $img_end + strlen('[/img]'));
+
+		if($orig_body === false) // in case the body ends on a closing image tag
+			$orig_body = '';
+
+		$img_start = strpos($orig_body, '[img');
+		$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+		$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	}
+
+	$new_body = $new_body . $orig_body;
+
+	return array('body' => $new_body, 'images' => $saved_image);
+}}
+
+if(! function_exists('bb_replace_images')) {
+function bb_replace_images($body, $images) {
+
+	$newbody = $body;
+
+	$cnt = 0;
+	foreach($images as $image) {
+		// We're depending on the property of 'foreach' (specified on the PHP website) that
+		// it loops over the array starting from the first element and going sequentially
+		// to the last element
+		$newbody = str_replace('[$#saved_image' . $cnt . '#$]', '<img src="' . $image .'" alt="' . t('Image/photo') . '" />', $newbody);
+		$cnt++;
+	}
+
+	return $newbody;
+}}
+
+
+
 	// BBcode 2 HTML was written by WAY2WEB.net
 	// extended to work with Mistpark/Friendica - Mike Macgirvin
 
@@ -54,29 +115,21 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
 
 	$a = get_app();
 
-	// Hide all [noparse] contained bbtags spacefying them
+	// Hide all [noparse] contained bbtags by spacefying them
+	// POSSIBLE BUG --> Will the 'preg' functions crash if there's an embedded image?
 
 	$Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_spacefy',$Text);
 	$Text = preg_replace_callback("/\[nobb\](.*?)\[\/nobb\]/ism", 'bb_spacefy',$Text);
 	$Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_spacefy',$Text);
 
 
-	// Extract a single private image which uses data url's since preg has issues with
-	// large data sizes. Stash it away while we do bbcode conversion, and then put it back
+	// Extract the private images which use data url's since preg has issues with
+	// large data sizes. Stash them away while we do bbcode conversion, and then put them back
 	// in after we've done all the regex matching. We cannot use any preg functions to do this.
 
-	$saved_image = '';
-	$img_start = strpos($Text,'[img]data:');
-	$img_end = strpos($Text,'[/img]');
-
-	if($img_start !== false && $img_end !== false && $img_end > $img_start) {
-		$start_fragment = substr($Text,0,$img_start);
-		$img_start += strlen('[img]');
-		$saved_image = substr($Text,$img_start,$img_end - $img_start);
-		$end_fragment = substr($Text,$img_end + strlen('[/img]'));
-//		logger('saved_image: ' . $saved_image,LOGGER_DEBUG);
-		$Text = $start_fragment . '[$#saved_image#$]' . $end_fragment;
-	}
+	$extracted = bb_extract_images($Text);
+	$Text = $extracted['body'];
+	$saved_image = $extracted['images'];
 
 	// If we find any event code, turn it into an event.
 	// After we're finished processing the bbcode we'll
@@ -333,8 +386,9 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
 
 	// fix any escaped ampersands that may have been converted into links
 	$Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text);
-	if(strlen($saved_image))
-		$Text = str_replace('[$#saved_image#$]','<img src="' . $saved_image .'" alt="' . t('Image/photo') . '" />',$Text);
+
+	if($saved_image)
+		$Text = bb_replace_images($Text, $saved_image);
 
 	call_hooks('bbcode',$Text);
 
diff --git a/include/conversation.php b/include/conversation.php
index bbb6a1f85b..4fea52c9c7 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -1,30 +1,85 @@
 <?php
 
+// Note: the code in 'item_extract_images' and 'item_redir_and_replace_images'
+// is identical to the code in mod/message.php for 'item_extract_images' and
+// 'item_redir_and_replace_images'
+if(! function_exists('item_extract_images')) {
+function item_extract_images($body) {
+
+	$saved_image = array();
+	$orig_body = $body;
+	$new_body = '';
+
+	$cnt = 0;
+	$img_start = strpos($orig_body, '[img');
+	$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+	$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	while(($img_st_close !== false) && ($img_end !== false)) {
+
+		$img_st_close++; // make it point to AFTER the closing bracket
+		$img_end += $img_start;
+
+		if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
+			// This is an embedded image
+
+			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - $img_start);
+			$cnt++;
+
+			$new_body = $new_body . substr($orig_body, 0, $img_start) . '[!#saved_image' . $cnt . '#!]';
+		}
+		else
+			$new_body = $new_body . substr($orig_body, 0, $img_end + strlen('[/img]'));
+
+		$orig_body = substr($orig_body, $img_end + strlen('[/img]'));
+
+		if($orig_body === false) // in case the body ends on a closing image tag
+			$orig_body = '';
+
+		$img_start = strpos($orig_body, '[img');
+		$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+		$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	}
+
+	$new_body = $new_body . $orig_body;
+
+	return array('body' => $new_body, 'images' => $saved_image);
+}}
+
+if(! function_exists('item_redir_and_replace_images')) {
+function item_redir_and_replace_images($body, $images, $cid) {
+
+	$newbody = $body;
+
+	for($i = 0; $i < count($images); $i++) {
+		$search = '/\[url\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/url\]' . '/is';
+		$replace = '[url=' . z_path() . '/redir/' . $cid 
+		           . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/url]' ;
+
+		$newbody = preg_replace($search, $replace, $newbody);
+	}
+
+	$cnt = 0;
+	foreach($images as $image) {
+		// We're depending on the property of 'foreach' (specified on the PHP website) that
+		// it loops over the array starting from the first element and going sequentially
+		// to the last element
+		$newbody = str_replace('[$#saved_image' . $cnt . '#$]', '[img]' . $image . '[/img]', $newbody);
+		$cnt++;
+	}
+
+	return $newbody;
+}}
+
+
+
 /**
  * Render actions localized
  */
 function localize_item(&$item){
 
-	$Text = $item['body'];
-	$saved_image = '';
-	$img_start = strpos($Text,'[img]data:');
-	$img_end = strpos($Text,'[/img]');
-
-	if($img_start !== false && $img_end !== false && $img_end > $img_start) {
-		$start_fragment = substr($Text,0,$img_start);
-		$img_start += strlen('[img]');
-		$saved_image = substr($Text,$img_start,$img_end - $img_start);
-		$end_fragment = substr($Text,$img_end + strlen('[/img]'));		
-		$Text = $start_fragment . '[!#saved_image#!]' . $end_fragment;
-		$search = '/\[url\=(.*?)\]\[!#saved_image#!\]\[\/url\]' . '/is';
-		$replace = '[url=' . z_path() . '/redir/' . $item['contact-id'] 
-			. '?f=1&url=' . '$1' . '][!#saved_image#!][/url]' ;
-
-		$Text = preg_replace($search,$replace,$Text);
-
-		if(strlen($saved_image))
-			$item['body'] = str_replace('[!#saved_image#!]', '[img]' . $saved_image . '[/img]',$Text);
-	}
+	$extracted = item_extract_images($item['body']);
+	if($extracted['images'])
+		$item['body'] = item_redir_and_replace_images($extracted['body'], $extracted['images'], $item['contact-id']);
 
 	$xmlhead="<"."?xml version='1.0' encoding='UTF-8' ?".">";
 	if ($item['verb']=== ACTIVITY_LIKE || $item['verb']=== ACTIVITY_DISLIKE){
diff --git a/include/items.php b/include/items.php
index 2cd0e61079..7bb33d9439 100755
--- a/include/items.php
+++ b/include/items.php
@@ -4,6 +4,8 @@ require_once('include/bbcode.php');
 require_once('include/oembed.php');
 require_once('include/salmon.php');
 require_once('include/crypto.php');
+require_once('include/Photo.php');
+
 
 function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {
 
@@ -284,19 +286,6 @@ function construct_activity_target($item) {
  *
  *		The purpose of this function is to apply system message length limits to
  *		imported messages without including any embedded photos in the length
- *
- *		How it works (other than when the body length is less than the max length at the outset):
- *			1. When the text length without embedded images is less than the max length
- *				a. The while() loop does run, since there are embedded images
- *				b. 
- *
- *			2. When the text length exceeds the max length before the first embedded image
- *
- *			3. When the text length exceeds the max length in between embedded images
- *
- *			4. When the text length exceeds the max length after the last embedded image
- *
- *			5. When there are no embedded images
  */
 if(! function_exists('limit_body_size')) {
 function limit_body_size($body) {
@@ -306,84 +295,80 @@ function limit_body_size($body) {
 	$maxlen = get_max_import_size();
 
 	// If the length of the body, including the embedded images, is smaller
-	// than the maximum, then don't waste processing looking for the images
+	// than the maximum, then don't waste time looking for the images
 	if($maxlen && (strlen($body) > $maxlen)) {
 
-		logger('limit_body_size: the body length exceeds the limit', LOGGER_DEBUG);
+		logger('limit_body_size: the total body length exceeds the limit', LOGGER_DEBUG);
 
-		$img_pos = array();
-		$max_pos = 0;
+		$orig_body = $body;
+		$new_body = '';
+		$textlen = 0;
+		$max_found = false;
 
-		$body_left = $body;
-		$cnt = 0;
-		$img_pos[$cnt] = array('start' => strpos($body_left, '[img]data:'));
-		while($img_pos[$cnt]['start'] !== false) {
+		$img_start = strpos($orig_body, '[img');
+		$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+		$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+		while(($img_st_close !== false) && ($img_end !== false)) {
 
-			// We're assuming that at this point, every opening '[img]data:' tag has a closing [/img] tag
-			$img_pos[$cnt]['end'] = strpos(substr($body_left, $img_pos[$cnt]['start'], strlen($body_left) - $img_pos[$cnt]['start']), '[/img]');
-			$img_pos[$cnt]['end'] += strlen('[/img]');
-			$img_pos[$cnt]['end'] += $img_pos[$cnt]['start'];
+			$img_st_close++; // make it point to AFTER the closing bracket
+			$img_end += $img_start;
+			$img_end += strlen('[/img]');
 
-			if(! $cnt) {
-				// This code should only run in the first loop
-				$textlen = $img_pos[$cnt]['start'];
-				if( ($maxlen - $textlen) <= 0 ) {
-					$maxpos = $maxlen;
-					$maxcnt = $cnt;
+			if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
+				// This is an embedded image
+
+				if( ($textlen + $img_start) > $maxlen ) {
+					if($textlen < $maxlen) {
+						logger('limit_body_size: the limit happens before an embedded image', LOGGER_DEBUG);
+						$new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
+						$textlen = $maxlen;
+					}
 				}
+				else {
+					$new_body = $new_body . substr($orig_body, 0, $img_start);
+					$textlen += $img_start
+				}
+
+				$new_body = $new_body . substr($orig_body, $img_start, $img_end - $img_start);
 			}
 			else {
-				$newlen = $img_pos[$cnt]['start'] - $img_pos[$cnt - 1]['end'];  // The length between the last embedded image and the next
-				if( (! $max_pos) && (($maxlen - ($textlen + $newlen)) <= 0) ) {
-					// $max_pos should be 0 until the message text exceeds the limit.
-					// If the limit has already been set, don't set it again
-					$len_left = $maxlen - $textlen;
-					$maxpos = $img_pos[$cnt - 1]['end'] + $len_left;  // We'll cut off the text at this position
-					$maxcnt = $cnt;
+
+				if( ($textlen + $img_end) > $maxlen ) {
+					if($textlen < $maxlen) {
+						logger('limit_body_size: the limit happens before the end of a non-embedded image', LOGGER_DEBUG);
+						$new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
+						$textlen = $maxlen;
+					}
+				}
+				else {
+					$new_body = $new_body . substr($orig_body, 0, $img_end);
+					$textlen += $img_end;
 				}
-
-				$textlen += $newlen;
 			}
+			$orig_body = substr($orig_body, $img_end);
 
-			$body_left = substr($body_left, $img_pos[$cnt]['end'], strlen($body_left) - $img_pos[$cnt]['end']);
-			$cnt++;
-			$img_pos[$cnt] = array('start' => strpos($body_left, '[img]data:') + $img_pos[$cnt - 1]['end']);
+			if($orig_body === false) // in case the body ends on a closing image tag
+				$orig_body = '';
+
+			$img_start = strpos($orig_body, '[img');
+			$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+			$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
 		}
 
-		logger('limit_body_size: the while loop ran ' . $cnt . ' times', LOGGER_DEBUG);
-
-		if(! $cnt) {
-			// The while() loop never ran -- there are no embedded images
-			$maxpos = $maxlen;
-			$maxcnt = $cnt;
-			$textlen = strlen($body);
+		if( ($textlen + strlen($orig_body)) > $maxlen) {
+			if($textlen < $maxlen) {
+				logger('limit_body_size: the limit happens after the end of the last image', LOGGER_DEBUG);
+				$new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
+				$textlen = $maxlen;
+			}
 		}
 		else {
-			// The while() loop did run. But the end of the last embedded image may not be the end of the body
-			// Check if the maximum length occurs between the end of the last embedded image and the end of the text
-			$newlen = strlen($body_left);
-			if( (! $max_pos) && (($maxlen - ($textlen + $newlen)) <= 0) ) {
-				$len_left = $maxlen - $textlen;
-				$maxpos = $img_pos[$cnt - 1]['end'] + $len_left;  // We'll cut off the text at this position
-				$maxcnt = $cnt;
-			}
-			$textlen += $newlen;
+			logger('limit_body_size: the text size with embedded images extracted did not violate the limit', LOGGER_DEBUG);
+			$new_body = $new_body . $orig_body;
+			$textlen += strlen($orig_body);
 		}
 
-
-		if($textlen > $maxlen) {
-			$newbody = substr($body, 0, $maxpos);  // Note: $maxpos is the position of the character AFTER the maximum length
-
-			// Now pile all the remaining embedded images onto the end
-			for($i = $maxcnt; $i < $cnt; $i++)
-				$newbody = $newbody . substr($body, $img_pos[$i]['start'], $img_pos[$i]['end'] - $img_pos[$i]['start']);
-
-			logger('limit_body_size: the text length (w/o embedded images) was ' . $textlen . ' and the limit was ' . $maxlen . '. Body truncated', LOGGER_DEBUG);
-
-			return $newbody;
-		}
-		else // When embedded images are excluded, the text length is less than the maximum, so we're good
-			return $body;
+		return $new_body;
 	}
 	else
 		return $body;
@@ -3196,20 +3181,33 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
 	return $o;
 }
 
-function fix_private_photos($s,$uid, $item = null, $cid = 0) {
+function fix_private_photos($s, $uid, $item = null, $cid = 0) {
 	$a = get_app();
 
 	logger('fix_private_photos', LOGGER_DEBUG);
 	$site = substr($a->get_baseurl(),strpos($a->get_baseurl(),'://'));
 
-	if(preg_match("/\[img(.*?)\](.*?)\[\/img\]/is",$s,$matches)) {
-		$image = $matches[2];
+	$orig_body = $s;
+	$new_body = '';
+
+	$img_start = strpos($orig_body, '[img');
+	$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+	$img_len = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	while( ($img_st_close !== false) && ($img_len !== false) ) {
+
+		$img_st_close++; // make it point to AFTER the closing bracket
+		$image = substr($orig_body, $img_start + $img_st_close, $img_len);
+
 		logger('fix_private_photos: found photo ' . $image, LOGGER_DEBUG);
+
+
 		if(stristr($image , $site . '/photo/')) {
+			// Only embed locally hosted photos
 			$replace = false;
 			$i = basename($image);
 			$i = str_replace(array('.jpg','.png'),array('',''),$i);
 			$x = strpos($i,'-');
+
 			if($x) {
 				$res = substr($i,$x+1);
 				$i = substr($i,0,$x);
@@ -3228,9 +3226,6 @@ function fix_private_photos($s,$uid, $item = null, $cid = 0) {
 					//    permissions, regardless of order but first check to see if they're an exact
 					//    match to save some processing overhead.
 				
-					// Currently we only embed one private photo per message so as not to hit import 
-					// size limits at the receiving end.
-
 					// To embed multiples, we would need to parse out the embedded photos on message
 					// receipt and limit size based only on the text component. Would also need to
 					// ignore all photos during bbcode translation and item localisation, as these
@@ -3249,15 +3244,45 @@ function fix_private_photos($s,$uid, $item = null, $cid = 0) {
 						}
 					}
 					if($replace) {
+						$data = $r[0]['data'];
+						$type = $r[0]['type'];
+
+						// If a custom width and height were specified, apply before embedding
+						if(preg_match("/\[img\=([0-9]*)x([0-9]*)\]/is", substr($orig_body, $img_start, $img_st_close), $match)) {
+							logger('fix_private_photos: scaling photo', LOGGER_DEBUG);
+
+							$width = intval($match[1]);
+							$height = intval($match[2]);
+
+							$ph = new Photo($data, $type);
+							if($ph->is_valid()) {
+								$ph->scaleImage(max($width, $height));
+								$data = $ph->imageString();
+								$type = $ph->getType();
+							}
+						}
+
 						logger('fix_private_photos: replacing photo', LOGGER_DEBUG);
-						$s = str_replace($image, 'data:' . $r[0]['type'] . ';base64,' . base64_encode($r[0]['data']), $s);
-						logger('fix_private_photos: replaced: ' . $s, LOGGER_DATA);
+						$image = 'data:' . $type . ';base64,' . base64_encode($data);
+						logger('fix_private_photos: replaced: ' . $image, LOGGER_DATA);
 					}
 				}
 			}
 		}	
+
+		$new_body = $new_body . substr($orig_body, 0, $img_start + $img_st_close) . $image . '[/img]';
+		$orig_body = substr($orig_body, $img_start + $img_st_close + $img_len + strlen('[/img]'));
+		if($orig_body === false)
+			$orig_body = '';
+
+		$img_start = strpos($orig_body, '[img');
+		$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+		$img_len = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
 	}
-	return($s);
+
+	$new_body = $new_body + $orig_body;
+
+	return($new_body);
 }
 
 
diff --git a/mod/message.php b/mod/message.php
index 80d2c6d99a..4ffdebb121 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -88,6 +88,77 @@ function message_post(&$a) {
 
 }
 
+// Note: the code in 'item_extract_images' and 'item_redir_and_replace_images'
+// is identical to the code in include/conversation.php
+if(! function_exists('item_extract_images')) {
+function item_extract_images($body) {
+
+	$saved_image = array();
+	$orig_body = $body;
+	$new_body = '';
+
+	$cnt = 0;
+	$img_start = strpos($orig_body, '[img');
+	$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+	$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	while(($img_st_close !== false) && ($img_end !== false)) {
+
+		$img_st_close++; // make it point to AFTER the closing bracket
+		$img_end += $img_start;
+
+		if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
+			// This is an embedded image
+
+			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - $img_start);
+			$cnt++;
+
+			$new_body = $new_body . substr($orig_body, 0, $img_start) . '[!#saved_image' . $cnt . '#!]';
+		}
+		else
+			$new_body = $new_body . substr($orig_body, 0, $img_end + strlen('[/img]'));
+
+		$orig_body = substr($orig_body, $img_end + strlen('[/img]'));
+
+		if($orig_body === false) // in case the body ends on a closing image tag
+			$orig_body = '';
+
+		$img_start = strpos($orig_body, '[img');
+		$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
+		$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	}
+
+	$new_body = $new_body . $orig_body;
+
+	return array('body' => $new_body, 'images' => $saved_image);
+}}
+
+if(! function_exists('item_redir_and_replace_images')) {
+function item_redir_and_replace_images($body, $images, $cid) {
+
+	$newbody = $body;
+
+	for($i = 0; $i < count($images); $i++) {
+		$search = '/\[url\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/url\]' . '/is';
+		$replace = '[url=' . z_path() . '/redir/' . $cid 
+		           . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/url]' ;
+
+		$newbody = preg_replace($search, $replace, $newbody);
+	}
+
+	$cnt = 0;
+	foreach($images as $image) {
+		// We're depending on the property of 'foreach' (specified on the PHP website) that
+		// it loops over the array starting from the first element and going sequentially
+		// to the last element
+		$newbody = str_replace('[$#saved_image' . $cnt . '#$]', '[img]' . $image . '[/img]', $newbody);
+		$cnt++;
+	}
+
+	return $newbody;
+}}
+
+
+
 function message_content(&$a) {
 
 	$o = '';
@@ -345,26 +416,9 @@ function message_content(&$a) {
 			}
 
 
-			$Text = $message['body'];
-			$saved_image = '';
-			$img_start = strpos($Text,'[img]data:');
-			$img_end = strpos($Text,'[/img]');
-
-			if($img_start !== false && $img_end !== false && $img_end > $img_start) {
-				$start_fragment = substr($Text,0,$img_start);
-				$img_start += strlen('[img]');
-				$saved_image = substr($Text,$img_start,$img_end - $img_start);
-				$end_fragment = substr($Text,$img_end + strlen('[/img]'));		
-				$Text = $start_fragment . '[!#saved_image#!]' . $end_fragment;
-				$search = '/\[url\=(.*?)\]\[!#saved_image#!\]\[\/url\]' . '/is';
-				$replace = '[url=' . z_path() . '/redir/' . $message['contact-id'] 
-					. '?f=1&url=' . '$1' . '][!#saved_image#!][/url]' ;
-
-				$Text = preg_replace($search,$replace,$Text);
-
-			if(strlen($saved_image))
-				$message['body'] = str_replace('[!#saved_image#!]', '[img]' . $saved_image . '[/img]',$Text);
-			}
+			$extracted = item_extract_images($message['body']);
+			if($extracted['images'])
+				$message['body'] = item_redir_and_replace_images($extracted['body'], $extracted['images'], $message['contact-id']);
 
 			$mails[] = array(
 				'id' => $message['id'],

From da2ccebed8f1c87b0481ba476b4d13e601ce5feb Mon Sep 17 00:00:00 2001
From: Zach Prezkuta <fermion@gmx.com>
Date: Sat, 7 Jul 2012 18:47:13 -0600
Subject: [PATCH 3/4] fix bugs

---
 include/bbcode.php       |  6 +++---
 include/conversation.php | 19 +++++++++++++------
 include/items.php        |  8 ++++----
 mod/message.php          | 19 +++++++++++++------
 4 files changed, 33 insertions(+), 19 deletions(-)

diff --git a/include/bbcode.php b/include/bbcode.php
index 6a1c4b043b..63dd9695e7 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -66,10 +66,10 @@ function bb_extract_images($body) {
 		if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
 			// This is an embedded image
 
-			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - $img_start);
-			$cnt++;
-
+			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - ($img_start + $img_st_close));
 			$new_body = $new_body . substr($orig_body, 0, $img_start) . '[$#saved_image' . $cnt . '#$]';
+
+			$cnt++;
 		}
 		else
 			$new_body = $new_body . substr($orig_body, 0, $img_end + strlen('[/img]'));
diff --git a/include/conversation.php b/include/conversation.php
index 4fea52c9c7..240cd374f3 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -22,10 +22,10 @@ function item_extract_images($body) {
 		if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
 			// This is an embedded image
 
-			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - $img_start);
-			$cnt++;
-
+			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - ($img_start + $img_st_close));
 			$new_body = $new_body . substr($orig_body, 0, $img_start) . '[!#saved_image' . $cnt . '#!]';
+
+			$cnt++;
 		}
 		else
 			$new_body = $new_body . substr($orig_body, 0, $img_end + strlen('[/img]'));
@@ -48,22 +48,29 @@ function item_extract_images($body) {
 if(! function_exists('item_redir_and_replace_images')) {
 function item_redir_and_replace_images($body, $images, $cid) {
 
-	$newbody = $body;
+	$origbody = $body;
+	$newbody = '';
 
 	for($i = 0; $i < count($images); $i++) {
 		$search = '/\[url\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/url\]' . '/is';
 		$replace = '[url=' . z_path() . '/redir/' . $cid 
 		           . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/url]' ;
 
-		$newbody = preg_replace($search, $replace, $newbody);
+		$img_end = strpos($origbody, '[!#saved_image' . $i . '#!][/url]') + strlen('[!#saved_image' . $i . '#!][/url]');
+		$process_part = substr($origbody, 0, $img_end);
+		$origbody = substr($origbody, $img_end);
+
+		$process_part = preg_replace($search, $replace, $process_part);
+		$newbody = $newbody . $process_part;
 	}
+	$newbody = $newbody . $origbody;
 
 	$cnt = 0;
 	foreach($images as $image) {
 		// We're depending on the property of 'foreach' (specified on the PHP website) that
 		// it loops over the array starting from the first element and going sequentially
 		// to the last element
-		$newbody = str_replace('[$#saved_image' . $cnt . '#$]', '[img]' . $image . '[/img]', $newbody);
+		$newbody = str_replace('[!#saved_image' . $cnt . '#!]', '[img]' . $image . '[/img]', $newbody);
 		$cnt++;
 	}
 
diff --git a/include/items.php b/include/items.php
index 7bb33d9439..eb3f27a166 100755
--- a/include/items.php
+++ b/include/items.php
@@ -326,7 +326,7 @@ function limit_body_size($body) {
 				}
 				else {
 					$new_body = $new_body . substr($orig_body, 0, $img_start);
-					$textlen += $img_start
+					$textlen += $img_start;
 				}
 
 				$new_body = $new_body . substr($orig_body, $img_start, $img_end - $img_start);
@@ -3192,7 +3192,7 @@ function fix_private_photos($s, $uid, $item = null, $cid = 0) {
 
 	$img_start = strpos($orig_body, '[img');
 	$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
-	$img_len = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+	$img_len = ($img_start !== false ? strpos(substr($orig_body, $img_start + $img_st_close + 1), '[/img]') : false);
 	while( ($img_st_close !== false) && ($img_len !== false) ) {
 
 		$img_st_close++; // make it point to AFTER the closing bracket
@@ -3277,10 +3277,10 @@ function fix_private_photos($s, $uid, $item = null, $cid = 0) {
 
 		$img_start = strpos($orig_body, '[img');
 		$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
-		$img_len = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
+		$img_len = ($img_start !== false ? strpos(substr($orig_body, $img_start + $img_st_close + 1), '[/img]') : false);
 	}
 
-	$new_body = $new_body + $orig_body;
+	$new_body = $new_body . $orig_body;
 
 	return($new_body);
 }
diff --git a/mod/message.php b/mod/message.php
index 4ffdebb121..1e9d731a45 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -109,10 +109,10 @@ function item_extract_images($body) {
 		if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
 			// This is an embedded image
 
-			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - $img_start);
-			$cnt++;
-
+			$saved_image[$cnt] = substr($orig_body, $img_start + $img_st_close, $img_end - ($img_start + $img_st_close));
 			$new_body = $new_body . substr($orig_body, 0, $img_start) . '[!#saved_image' . $cnt . '#!]';
+
+			$cnt++;
 		}
 		else
 			$new_body = $new_body . substr($orig_body, 0, $img_end + strlen('[/img]'));
@@ -135,22 +135,29 @@ function item_extract_images($body) {
 if(! function_exists('item_redir_and_replace_images')) {
 function item_redir_and_replace_images($body, $images, $cid) {
 
-	$newbody = $body;
+	$origbody = $body;
+	$newbody = '';
 
 	for($i = 0; $i < count($images); $i++) {
 		$search = '/\[url\=(.*?)\]\[!#saved_image' . $i . '#!\]\[\/url\]' . '/is';
 		$replace = '[url=' . z_path() . '/redir/' . $cid 
 		           . '?f=1&url=' . '$1' . '][!#saved_image' . $i . '#!][/url]' ;
 
-		$newbody = preg_replace($search, $replace, $newbody);
+		$img_end = strpos($origbody, '[!#saved_image' . $i . '#!][/url]') + strlen('[!#saved_image' . $i . '#!][/url]');
+		$process_part = substr($origbody, 0, $img_end);
+		$origbody = substr($origbody, $img_end);
+
+		$process_part = preg_replace($search, $replace, $process_part);
+		$newbody = $newbody . $process_part;
 	}
+	$newbody = $newbody . $origbody;
 
 	$cnt = 0;
 	foreach($images as $image) {
 		// We're depending on the property of 'foreach' (specified on the PHP website) that
 		// it loops over the array starting from the first element and going sequentially
 		// to the last element
-		$newbody = str_replace('[$#saved_image' . $cnt . '#$]', '[img]' . $image . '[/img]', $newbody);
+		$newbody = str_replace('[!#saved_image' . $cnt . '#!]', '[img]' . $image . '[/img]', $newbody);
 		$cnt++;
 	}
 

From 6d10374c17eb8932d36945532cc47a86628e63ea Mon Sep 17 00:00:00 2001
From: Zach Prezkuta <fermion@gmx.com>
Date: Sat, 7 Jul 2012 18:48:20 -0600
Subject: [PATCH 4/4] cleanup

---
 include/items.php | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/include/items.php b/include/items.php
index eb3f27a166..36a027eec5 100755
--- a/include/items.php
+++ b/include/items.php
@@ -3225,11 +3225,6 @@ function fix_private_photos($s, $uid, $item = null, $cid = 0) {
 					// 3. Otherwise, if we have an item, see if the item permissions match the photo
 					//    permissions, regardless of order but first check to see if they're an exact
 					//    match to save some processing overhead.
-				
-					// To embed multiples, we would need to parse out the embedded photos on message
-					// receipt and limit size based only on the text component. Would also need to
-					// ignore all photos during bbcode translation and item localisation, as these
-					// will hit internal regex backtrace limits.  
 
 					if(has_permissions($r[0])) {
 						if($cid) {