set permissions of uploaded wall photo to match those of the
associated status post.
This commit is contained in:
parent
7ae8486b36
commit
20cc007655
44
mod/item.php
44
mod/item.php
|
@ -128,6 +128,50 @@ function item_post(&$a) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* If a photo was uploaded into the message using the ajax uploader,
|
||||||
|
* it can be seen by anybody. Set the permissions to match the message.
|
||||||
|
* Ideally this should be done when the photo was uploaded, but the permissions
|
||||||
|
* may not have been set at that time, and passing the permission arrays via
|
||||||
|
* javascript to the ajax upload is going to be a challenge.
|
||||||
|
* This is a compromise. Granted there is a window of time when the photo
|
||||||
|
* is public. You are welcome to suggest other ways to fix this.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
$match = null;
|
||||||
|
|
||||||
|
if($private) {
|
||||||
|
if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
|
||||||
|
$images = $match[1];
|
||||||
|
if(count($images)) {
|
||||||
|
foreach($images as $image) {
|
||||||
|
if(! stristr($image,$a->get_baseurl() . '/photo/'))
|
||||||
|
continue;
|
||||||
|
$image_uri = substr($image,strrpos($image,'/') + 1);
|
||||||
|
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
|
||||||
|
$r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'
|
||||||
|
WHERE `resource-id` = '%s' AND `album` = '%s' ",
|
||||||
|
dbesc($str_contact_allow),
|
||||||
|
dbesc($str_group_allow),
|
||||||
|
dbesc($str_contact_deny),
|
||||||
|
dbesc($str_group_deny),
|
||||||
|
dbesc($image_uri),
|
||||||
|
dbesc( t('Wall Photos'))
|
||||||
|
);
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Look for any tags and linkify them
|
||||||
|
*/
|
||||||
|
|
||||||
$str_tags = '';
|
$str_tags = '';
|
||||||
$inform = '';
|
$inform = '';
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user