2010-09-08 23:14:17 -04:00
< ? php
function display_content ( & $a ) {
2011-04-21 20:29:47 -04:00
if (( get_config ( 'system' , 'block_public' )) && ( ! local_user ()) && ( ! remote_user ())) {
notice ( t ( 'Public access denied.' ) . EOL );
return ;
}
2011-04-12 20:58:16 -04:00
require_once ( " include/bbcode.php " );
require_once ( 'include/security.php' );
require_once ( 'include/conversation.php' );
2010-11-03 01:21:49 -04:00
$o = '<div id="live-display"></div>' . " \r \n " ;
2010-12-12 17:33:04 -05:00
$nick = (( $a -> argc > 1 ) ? $a -> argv [ 1 ] : '' );
profile_load ( $a , $nick );
2010-09-08 23:14:17 -04:00
$item_id = (( $a -> argc > 2 ) ? intval ( $a -> argv [ 2 ]) : 0 );
if ( ! $item_id ) {
$a -> error = 404 ;
notice ( t ( 'Item not found.' ) . EOL );
return ;
}
$groups = array ();
$contact = null ;
$remote_contact = false ;
if ( remote_user ()) {
$contact_id = $_SESSION [ 'visitor_id' ];
$groups = init_groups_visitor ( $contact_id );
$r = q ( " SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1 " ,
intval ( $contact_id ),
intval ( $a -> profile [ 'uid' ])
);
if ( count ( $r )) {
$contact = $r [ 0 ];
$remote_contact = true ;
}
}
if ( ! $remote_contact ) {
if ( local_user ()) {
$contact_id = $_SESSION [ 'cid' ];
$contact = $a -> contact ;
}
}
2011-04-11 19:42:41 -04:00
$r = q ( " SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1 " ,
intval ( $a -> profile [ 'uid' ])
);
if ( count ( $r ))
$a -> page_contact = $r [ 0 ];
2010-09-08 23:14:17 -04:00
$sql_extra = "
AND `allow_cid` = ''
AND `allow_gid` = ''
AND `deny_cid` = ''
AND `deny_gid` = ''
" ;
// Profile owner - everything is visible
2010-10-18 17:34:59 -04:00
if ( local_user () && ( local_user () == $a -> profile [ 'uid' ])) {
2010-09-08 23:14:17 -04:00
$sql_extra = '' ;
}
// authenticated visitor - here lie dragons
// If $remotecontact is true, we know that not only is this a remotely authenticated
// person, but that it is *our* contact, which is important in multi-user mode.
elseif ( $remote_contact ) {
$gs = '<<>>' ; // should be impossible to match
if ( count ( $groups )) {
foreach ( $groups as $g )
$gs .= '|<' . intval ( $g ) . '>' ;
}
$sql_extra = sprintf (
" AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
2010-09-09 21:49:19 -04:00
AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s' ) " ,
2010-09-08 23:14:17 -04:00
intval ( $_SESSION [ 'visitor_id' ]),
intval ( $_SESSION [ 'visitor_id' ]),
dbesc ( $gs ),
dbesc ( $gs )
);
}
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`,
2010-09-29 01:12:27 -04:00
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
2011-04-11 06:22:09 -04:00
`contact` . `network` , `contact` . `thumb` , `contact` . `self` , `contact` . `writable` ,
2010-09-08 23:14:17 -04:00
`contact` . `id` AS `cid` , `contact` . `uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact` . `id` = `item` . `contact-id`
WHERE `item` . `uid` = % d AND `item` . `visible` = 1 AND `item` . `deleted` = 0
AND `contact` . `blocked` = 0 AND `contact` . `pending` = 0
2011-01-19 17:19:40 -05:00
AND `item` . `parent` = ( SELECT `parent` FROM `item` WHERE ( `id` = '%s' OR `uri` = '%s' ))
2010-09-08 23:14:17 -04:00
$sql_extra
2010-09-17 06:10:19 -04:00
ORDER BY `parent` DESC , `gravity` ASC , `id` ASC " ,
2010-09-08 23:14:17 -04:00
intval ( $a -> profile [ 'uid' ]),
2010-09-09 21:49:19 -04:00
dbesc ( $item_id ),
dbesc ( $item_id )
2010-09-08 23:14:17 -04:00
);
if ( count ( $r )) {
2010-09-17 06:10:19 -04:00
2010-11-03 01:21:49 -04:00
if (( local_user ()) && ( local_user () == $a -> profile [ 'uid' ])) {
q ( " UPDATE `item` SET `unseen` = 0
WHERE `parent` = % d AND `unseen` = 1 " ,
intval ( $r [ 0 ][ 'parent' ])
);
}
2010-09-27 22:48:45 -04:00
2011-04-11 04:31:04 -04:00
$o .= conversation ( $a , $r , 'display' , false );
2010-09-08 23:14:17 -04:00
}
2010-09-17 06:10:19 -04:00
else {
$r = q ( " SELECT `id` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1 " ,
dbesc ( $item_id ),
dbesc ( $item_id )
);
if ( count ( $r )) {
if ( $r [ 0 ][ 'deleted' ]) {
notice ( t ( 'Item has been removed.' ) . EOL );
}
else {
notice ( t ( 'Permission denied.' ) . EOL );
}
}
else {
notice ( t ( 'Item not found.' ) . EOL );
}
}
2011-01-23 17:56:14 -05:00
$o .= '<div class="cc-license">' . t ( 'Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.' ) . '</div>' ;
2010-09-08 23:14:17 -04:00
return $o ;
2010-09-17 06:10:19 -04:00
}