allow visiting other people's display/ links if I have a copy of the post

This commit is contained in:
Zach Prezkuta 2013-04-07 11:38:37 -06:00
parent 61bff09ecd
commit 2cc73dbef3

View file

@ -43,7 +43,7 @@ function display_content(&$a, $update = 0) {
$a->profile = array('uid' => intval($update), 'profile_uid' => intval($update)); $a->profile = array('uid' => intval($update), 'profile_uid' => intval($update));
} }
else { else {
$item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0); $item_id = (($a->argc > 2) ? $a->argv[2] : 0);
} }
if(! $item_id) { if(! $item_id) {
@ -142,16 +142,46 @@ function display_content(&$a, $update = 0) {
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
and `item`.`moderated` = 0 and `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' )) AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' )
AND uid = %d )
$sql_extra $sql_extra
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ", ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
intval($a->profile['uid']), intval($a->profile['uid']),
dbesc($item_id), dbesc($item_id),
dbesc($item_id) dbesc($item_id),
intval($a->profile['uid'])
); );
if(!$r && local_user()) {
// Check if this is another person's link to a post that we have
$r = q("SELECT `item`.uri FROM `item`
WHERE (`item`.`id` = '%s' OR `item`.`uri` = '%s' )
LIMIT 1",
dbesc($item_id),
dbesc($item_id)
);
if($r) {
$item_uri = $r[0]['uri'];
if(count($r)) { $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
and `item`.`moderated` = 0
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `item`.`parent` = ( SELECT `parent` FROM `item` WHERE `uri` = '%s' AND uid = %d )
ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
intval(local_user()),
dbesc($item_uri),
intval(local_user())
);
}
}
if($r) {
if((local_user()) && (local_user() == $a->profile['uid'])) { if((local_user()) && (local_user() == $a->profile['uid'])) {
q("UPDATE `item` SET `unseen` = 0 q("UPDATE `item` SET `unseen` = 0
@ -171,15 +201,17 @@ function display_content(&$a, $update = 0) {
require_once("include/html2plain.php"); require_once("include/html2plain.php");
$description = trim(html2plain(bbcode($r[0]["body"], false, false), 0, true)); $description = trim(html2plain(bbcode($r[0]["body"], false, false), 0, true));
$title = trim(html2plain(bbcode($r[0]["title"], false, false), 0, true)); $title = trim(html2plain(bbcode($r[0]["title"], false, false), 0, true));
$author_name = $r[0]["author-name"];
if ($title == "")
$title = $author_name;
$description = htmlspecialchars($description, ENT_COMPAT, 'UTF-8', true); // allow double encoding here $description = htmlspecialchars($description, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
$title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8', true); // allow double encoding here $title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
$author_name = htmlspecialchars($author_name, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
if ($title == "")
$title = $r[0]["author-name"];
//<meta name="keywords" content=""> //<meta name="keywords" content="">
$a->page['htmlhead'] .= '<meta name="author" content="'.$r[0]["author-name"].'" />'."\n"; $a->page['htmlhead'] .= '<meta name="author" content="'.$author_name.'" />'."\n";
$a->page['htmlhead'] .= '<meta name="title" content="'.$title.'" />'."\n"; $a->page['htmlhead'] .= '<meta name="title" content="'.$title.'" />'."\n";
$a->page['htmlhead'] .= '<meta name="fulltitle" content="'.$title.'" />'."\n"; $a->page['htmlhead'] .= '<meta name="fulltitle" content="'.$title.'" />'."\n";
$a->page['htmlhead'] .= '<meta name="description" content="'.$description.'" />'."\n"; $a->page['htmlhead'] .= '<meta name="description" content="'.$description.'" />'."\n";
@ -192,27 +224,26 @@ function display_content(&$a, $update = 0) {
//<meta property="og:image" content="" /> //<meta property="og:image" content="" />
$a->page['htmlhead'] .= '<meta property="og:url" content="'.$r[0]["plink"].'" />'."\n"; $a->page['htmlhead'] .= '<meta property="og:url" content="'.$r[0]["plink"].'" />'."\n";
$a->page['htmlhead'] .= '<meta property="og:description" content="'.$description.'" />'."\n"; $a->page['htmlhead'] .= '<meta property="og:description" content="'.$description.'" />'."\n";
$a->page['htmlhead'] .= '<meta name="og:article:author" content="'.$r[0]["author-name"].'" />'."\n"; $a->page['htmlhead'] .= '<meta name="og:article:author" content="'.$author_name.'" />'."\n";
// article:tag // article:tag
return $o;
}
$r = q("SELECT `id`,`deleted` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1",
dbesc($item_id),
dbesc($item_id)
);
if($r) {
if($r[0]['deleted']) {
notice( t('Item has been removed.') . EOL );
}
else {
notice( t('Permission denied.') . EOL );
}
} }
else { else {
$r = q("SELECT `id`,`deleted` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1", notice( t('Item not found.') . EOL );
dbesc($item_id),
dbesc($item_id)
);
if(count($r)) {
if($r[0]['deleted']) {
notice( t('Item has been removed.') . EOL );
}
else {
notice( t('Permission denied.') . EOL );
}
}
else {
notice( t('Item not found.') . EOL );
}
} }
return $o; return $o;