diff --git a/include/api.php b/include/api.php index c2a77bdcd8..88736e1f0d 100644 --- a/include/api.php +++ b/include/api.php @@ -247,7 +247,7 @@ function api_login(App $a) */ Hook::callAll('authenticate', $addon_auth); - if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) { + if ($addon_auth['authenticated'] && !empty($addon_auth['user_record'])) { $record = $addon_auth['user_record']; } else { $user_id = User::authenticate(trim($user), trim($password), true); @@ -1021,7 +1021,7 @@ function api_statuses_mediap($type) $_REQUEST['profile_uid'] = api_user(); $_REQUEST['api_source'] = true; - $txt = requestdata('status'); + $txt = requestdata('status') ?? ''; /// @TODO old-lost code? //$txt = urldecode(requestdata('status')); @@ -1076,7 +1076,7 @@ function api_statuses_update($type) // convert $_POST array items to the form we use for web posts. if (requestdata('htmlstatus')) { - $txt = requestdata('htmlstatus'); + $txt = requestdata('htmlstatus') ?? ''; if ((strpos($txt, '<') !== false) || (strpos($txt, '>') !== false)) { $txt = HTML::toBBCodeVideo($txt); @@ -1157,30 +1157,56 @@ function api_statuses_update($type) } } - if (!empty($_FILES['media'])) { + if (requestdata('media_ids')) { + $ids = explode(',', requestdata('media_ids') ?? ''); + } elseif (!empty($_FILES['media'])) { // upload the image if we have one $picture = wall_upload_post($a, false); if (is_array($picture)) { - $_REQUEST['body'] .= "\n\n" . '[url=' . $picture["albumpage"] . '][img]' . $picture["preview"] . "[/img][/url]"; + $ids[] = $picture['id']; } } - if (requestdata('media_ids')) { - $ids = explode(',', requestdata('media_ids')); + $attachments = []; + $ressources = []; + + if (!empty($ids)) { foreach ($ids as $id) { - $r = q( - "SELECT `resource-id`, `scale`, `nickname`, `type`, `desc` FROM `photo` INNER JOIN `user` ON `user`.`uid` = `photo`.`uid` WHERE `resource-id` IN (SELECT `resource-id` FROM `photo` WHERE `id` = %d) AND `scale` > 0 AND `photo`.`uid` = %d ORDER BY `photo`.`width` DESC LIMIT 1", - intval($id), - api_user() - ); - if (DBA::isResult($r)) { + $media = DBA::toArray(DBA::p("SELECT `resource-id`, `scale`, `nickname`, `type`, `desc`, `filename`, `datasize`, `width`, `height` FROM `photo` + INNER JOIN `user` ON `user`.`uid` = `photo`.`uid` WHERE `resource-id` IN + (SELECT `resource-id` FROM `photo` WHERE `id` = ?) AND `photo`.`uid` = ? + ORDER BY `photo`.`width` DESC LIMIT 2", $id, api_user())); + + if (!empty($media)) { + $ressources[] = $media[0]['resource-id']; $phototypes = Images::supportedTypes(); - $ext = $phototypes[$r[0]['type']]; - $description = $r[0]['desc'] ?? ''; - $_REQUEST['body'] .= "\n\n" . '[url=' . DI::baseUrl() . '/photos/' . $r[0]['nickname'] . '/image/' . $r[0]['resource-id'] . ']'; - $_REQUEST['body'] .= '[img=' . DI::baseUrl() . '/photo/' . $r[0]['resource-id'] . '-' . $r[0]['scale'] . '.' . $ext . ']' . $description . '[/img][/url]'; + $ext = $phototypes[$media[0]['type']]; + + $attachment = ['type' => Post\Media::IMAGE, 'mimetype' => $media[0]['type'], + 'url' => DI::baseUrl() . '/photo/' . $media[0]['resource-id'] . '-' . $media[0]['scale'] . '.' . $ext, + 'size' => $media[0]['datasize'], + 'name' => $media[0]['filename'] ?: $media[0]['resource-id'], + 'description' => $media[0]['desc'] ?? '', + 'width' => $media[0]['width'], + 'height' => $media[0]['height']]; + + if (count($media) > 1) { + $attachment['preview'] = DI::baseUrl() . '/photo/' . $media[1]['resource-id'] . '-' . $media[1]['scale'] . '.' . $ext; + $attachment['preview-width'] = $media[1]['width']; + $attachment['preview-height'] = $media[1]['height']; + } + $attachments[] = $attachment; } } + + // We have to avoid that the post is rejected because of an empty body + if (empty($_REQUEST['body'])) { + $_REQUEST['body'] = '[hr]'; + } + } + + if (!empty($attachments)) { + $_REQUEST['attachments'] = $attachments; } // set this so that the item_post() function is quiet and doesn't redirect or emit json @@ -1194,6 +1220,13 @@ function api_statuses_update($type) // call out normal post function $item_id = item_post($a); + if (!empty($ressources) && !empty($item_id)) { + $item = Post::selectFirst(['uri-id', 'allow_cid', 'allow_gid', 'deny_cid', 'deny_gid'], ['id' => $item_id]); + foreach ($ressources as $ressource) { + Photo::setPermissionForRessource($ressource, api_user(), $item['allow_cid'], $item['allow_gid'], $item['deny_cid'], $item['deny_gid']); + } + } + // output the post that we just posted. return api_status_show($type, $item_id); } @@ -2534,7 +2567,7 @@ function api_convert_item($item) $statustext = mb_substr($statustext, 0, 1000) . "... \n" . ($item['plink'] ?? ''); } - $statushtml = BBCode::convert(BBCode::removeAttachment($body), false); + $statushtml = BBCode::convert(BBCode::removeAttachment($body), false, BBCode::API, true); // Workaround for clients with limited HTML parser functionality $search = ["
", "
", "
", @@ -2585,25 +2618,7 @@ function api_convert_item($item) */ function api_add_attachments_to_body(array $item) { - $body = $item['body']; - - foreach (Post\Media::getByURIId($item['uri-id'], [Post\Media::IMAGE, Post\Media::AUDIO, Post\Media::VIDEO]) as $media) { - if (Item::containsLink($item['body'], $media['url'])) { - continue; - } - - if ($media['type'] == Post\Media::IMAGE) { - if (!empty($media['description'])) { - $body .= "\n[img=" . $media['url'] . ']' . $media['description'] .'[/img]'; - } else { - $body .= "\n[img]" . $media['url'] .'[/img]'; - } - } elseif ($media['type'] == Post\Media::AUDIO) { - $body .= "\n[audio]" . $media['url'] . "[/audio]\n"; - } elseif ($media['type'] == Post\Media::VIDEO) { - $body .= "\n[video]" . $media['url'] . "[/video]\n"; - } - } + $body = Post\Media::addAttachmentsToBody($item['uri-id'], $item['body']); if (strpos($body, '[/img]') !== false) { return $body; diff --git a/mod/item.php b/mod/item.php index 04e7c7c39c..71793f14dc 100644 --- a/mod/item.php +++ b/mod/item.php @@ -614,7 +614,8 @@ function item_post(App $a) { $datarray['origin'] = $origin; $datarray['object'] = $object; - $datarray["uri-id"] = ItemURI::getIdByURI($datarray["uri"]); + $datarray['uri-id'] = ItemURI::getIdByURI($datarray['uri']); + $datarray['attachments'] = $_REQUEST['attachments'] ?? []; /* * These fields are for the convenience of addons... diff --git a/src/Model/Item.php b/src/Model/Item.php index 1d8742926d..859deacc3e 100644 --- a/src/Model/Item.php +++ b/src/Model/Item.php @@ -21,7 +21,6 @@ namespace Friendica\Model; -use Friendica\Content\PageInfo; use Friendica\Content\Text\BBCode; use Friendica\Content\Text\HTML; use Friendica\Core\Hook; @@ -960,7 +959,13 @@ class Item self::setOwnerforResharedItem($item); } - Post\Media::insertFromAttachmentData($item['uri-id'], $item['body']); + if (isset($item['attachments'])) { + foreach ($item['attachments'] as $attachment) { + $attachment['uri-id'] = $item['uri-id']; + Post\Media::insert($attachment); + } + unset($item['attachments']); + } // Remove all media attachments from the body and store them in the post-media table $item['raw-body'] = Post\Media::insertFromBody($item['uri-id'], $item['raw-body']); diff --git a/src/Model/Photo.php b/src/Model/Photo.php index 567a17d5b5..41b41fd6f5 100644 --- a/src/Model/Photo.php +++ b/src/Model/Photo.php @@ -726,18 +726,35 @@ class Photo * Then set the permissions to public. */ - $fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, - 'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny, - 'accessible' => DI::pConfig()->get($uid, 'system', 'accessible-photos', false)]; - - $condition = ['resource-id' => $image_rid, 'uid' => $uid]; - Logger::info('Set permissions', ['condition' => $condition, 'permissions' => $fields]); - Photo::update($fields, $condition); + self::setPermissionForRessource($image_rid, $uid, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny); } return true; } + /** + * Add permissions to photo ressource + * @todo mix with previous photo permissions + * + * @param string $image_rid + * @param integer $uid + * @param string $str_contact_allow + * @param string $str_group_allow + * @param string $str_contact_deny + * @param string $str_group_deny + * @return void + */ + public static function setPermissionForRessource(string $image_rid, int $uid, string $str_contact_allow, string $str_group_allow, string $str_contact_deny, string $str_group_deny) + { + $fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, + 'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny, + 'accessible' => DI::pConfig()->get($uid, 'system', 'accessible-photos', false)]; + + $condition = ['resource-id' => $image_rid, 'uid' => $uid]; + Logger::info('Set permissions', ['condition' => $condition, 'permissions' => $fields]); + Photo::update($fields, $condition); + } + /** * Strips known picture extensions from picture links * diff --git a/src/Model/Post/Delayed.php b/src/Model/Post/Delayed.php index 8182dfdd8e..2097f0f537 100644 --- a/src/Model/Post/Delayed.php +++ b/src/Model/Post/Delayed.php @@ -112,6 +112,10 @@ class Delayed */ public static function publish(array $item, int $notify = 0, array $taglist = [], array $attachments = [], bool $unprepared = false, string $uri = '') { + if (!empty($attachments)) { + $item['attachments'] = $attachments; + } + if ($unprepared) { $_SESSION['authenticated'] = true; $_SESSION['uid'] = $item['uid']; @@ -157,11 +161,6 @@ class Delayed foreach ($taglist as $tag) { Tag::store($feeditem['uri-id'], Tag::HASHTAG, $tag); } - - foreach ($attachments as $attachment) { - $attachment['uri-id'] = $feeditem['uri-id']; - Media::insert($attachment); - } } return $id; diff --git a/src/Protocol/Feed.php b/src/Protocol/Feed.php index 65af597f16..ebd6f5ed30 100644 --- a/src/Protocol/Feed.php +++ b/src/Protocol/Feed.php @@ -29,11 +29,9 @@ use Friendica\Content\Text\HTML; use Friendica\Core\Cache\Duration; use Friendica\Core\Logger; use Friendica\Core\Protocol; -use Friendica\Core\Worker; use Friendica\Database\DBA; use Friendica\DI; use Friendica\Model\Contact; -use Friendica\Model\Conversation; use Friendica\Model\Item; use Friendica\Model\Post; use Friendica\Model\Tag;