Fix formatting and PHP notice in mod/photos

- Use x() and defaults() to fix undefined indexes.
- Add missing fields in SQL query in dropalbum
- Improve file upload error messaging
- Remove unused variables
- Add back undefined variables
- Simplify nested conditions
- Remove unused public/private code block in photo upload and photo edit
This commit is contained in:
Hypolite Petovan 2018-01-01 16:47:00 -05:00
parent 97bc54cf1b
commit 93ca0d79fe

View File

@ -54,12 +54,12 @@ function photos_init(App $a) {
$tpl = get_markup_template("vcard-widget.tpl"); $tpl = get_markup_template("vcard-widget.tpl");
$vcard_widget .= replace_macros($tpl, array( $vcard_widget = replace_macros($tpl, array(
'$name' => $profile['name'], '$name' => $profile['name'],
'$photo' => $profile['photo'], '$photo' => $profile['photo'],
'$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""), '$addr' => defaults($profile, 'addr', ''),
'$account_type' => $account_type, '$account_type' => $account_type,
'$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""), '$pdesc' => defaults($profile, 'pdesc', ''),
)); ));
$albums = photo_albums($a->data['user']['uid']); $albums = photo_albums($a->data['user']['uid']);
@ -91,18 +91,16 @@ function photos_init(App $a) {
} }
} }
$albums = $ret;
if (local_user() && $a->data['user']['uid'] == local_user()) { if (local_user() && $a->data['user']['uid'] == local_user()) {
$can_post = true; $can_post = true;
} }
if ($albums['success']) { if ($ret['success']) {
$photo_albums_widget = replace_macros(get_markup_template('photo_albums.tpl'), array( $photo_albums_widget = replace_macros(get_markup_template('photo_albums.tpl'), array(
'$nick' => $a->data['user']['nickname'], '$nick' => $a->data['user']['nickname'],
'$title' => t('Photo Albums'), '$title' => t('Photo Albums'),
'$recent' => t('Recent Photos'), '$recent' => t('Recent Photos'),
'$albums' => $albums['albums'], '$albums' => $ret['albums'],
'$baseurl' => System::baseUrl(), '$baseurl' => System::baseUrl(),
'$upload' => array(t('Upload New Photos'), 'photos/' . $a->data['user']['nickname'] . '/upload'), '$upload' => array(t('Upload New Photos'), 'photos/' . $a->data['user']['nickname'] . '/upload'),
'$can_post' => $can_post '$can_post' => $can_post
@ -116,26 +114,20 @@ function photos_init(App $a) {
$a->page['aside'] .= $vcard_widget; $a->page['aside'] .= $vcard_widget;
$a->page['aside'] .= $photo_albums_widget; $a->page['aside'] .= $photo_albums_widget;
$tpl = get_markup_template("photos_head.tpl"); $tpl = get_markup_template("photos_head.tpl");
$a->page['htmlhead'] .= replace_macros($tpl,array( $a->page['htmlhead'] .= replace_macros($tpl,array(
'$ispublic' => t('everybody') '$ispublic' => t('everybody')
)); ));
} }
return; return;
} }
function photos_post(App $a)
{
function photos_post(App $a) {
logger('mod-photos: photos_post: begin' , LOGGER_DEBUG); logger('mod-photos: photos_post: begin' , LOGGER_DEBUG);
logger('mod_photos: REQUEST ' . print_r($_REQUEST, true), LOGGER_DATA);
logger('mod_photos: FILES ' . print_r($_FILES, true), LOGGER_DATA);
logger('mod_photos: REQUEST ' . print_r($_REQUEST,true), LOGGER_DATA);
logger('mod_photos: FILES ' . print_r($_FILES,true), LOGGER_DATA);
$phototypes = Image::supportedTypes(); $phototypes = Image::supportedTypes();
@ -143,14 +135,14 @@ function photos_post(App $a) {
$visitor = 0; $visitor = 0;
$page_owner_uid = $a->data['user']['uid']; $page_owner_uid = $a->data['user']['uid'];
$community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false); $community_page = $a->data['user']['page-flags'] == PAGE_COMMUNITY;
if (local_user() && (local_user() == $page_owner_uid)) { if (local_user() && (local_user() == $page_owner_uid)) {
$can_post = true; $can_post = true;
} else { } else {
if ($community_page && remote_user()) { if ($community_page && remote_user()) {
$contact_id = 0; $contact_id = 0;
if (is_array($_SESSION['remote'])) { if (x($_SESSION, 'remote') && is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) { foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $page_owner_uid) { if ($v['uid'] == $page_owner_uid) {
$contact_id = $v['cid']; $contact_id = $v['cid'];
@ -159,7 +151,6 @@ function photos_post(App $a) {
} }
} }
if ($contact_id) { if ($contact_id) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
intval($contact_id), intval($contact_id),
intval($page_owner_uid) intval($page_owner_uid)
@ -190,8 +181,7 @@ function photos_post(App $a) {
$owner_record = $r[0]; $owner_record = $r[0];
if ($a->argc > 3 && $a->argv[2] === 'album') {
if (($a->argc > 3) && ($a->argv[2] === 'album')) {
$album = hex2bin($a->argv[3]); $album = hex2bin($a->argv[3]);
if ($album === t('Profile Photos') || $album === 'Contact Photos' || $album === t('Contact Photos')) { if ($album === t('Profile Photos') || $album === 'Contact Photos' || $album === t('Contact Photos')) {
@ -214,10 +204,7 @@ function photos_post(App $a) {
goaway($_SESSION['photo_return']); goaway($_SESSION['photo_return']);
} }
/* // RENAME photo album
* RENAME photo album
*/
$newalbum = notags(trim($_POST['albumname'])); $newalbum = notags(trim($_POST['albumname']));
if ($newalbum != $album) { if ($newalbum != $album) {
q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d", q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
@ -228,7 +215,7 @@ function photos_post(App $a) {
// Update the photo albums cache // Update the photo albums cache
photo_albums($page_owner_uid, true); photo_albums($page_owner_uid, true);
$newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']); $newurl = str_replace(bin2hex($album), bin2hex($newalbum), $_SESSION['photo_return']);
goaway($newurl); goaway($newurl);
return; // NOTREACHED return; // NOTREACHED
} }
@ -238,9 +225,8 @@ function photos_post(App $a) {
*/ */
if ($_POST['dropalbum'] == t('Delete Album')) { if ($_POST['dropalbum'] == t('Delete Album')) {
// Check if we should do HTML-based delete confirmation // Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) { if (x($_REQUEST, 'confirm')) {
$drop_url = $a->query_string; $drop_url = $a->query_string;
$extra_inputs = array( $extra_inputs = array(
array('name' => 'albumname', 'value' => $_POST['albumname']), array('name' => 'albumname', 'value' => $_POST['albumname']),
@ -286,14 +272,12 @@ function photos_post(App $a) {
$str_res = implode(',', $res); $str_res = implode(',', $res);
// remove the associated photos // remove the associated photos
q("DELETE FROM `photo` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d", q("DELETE FROM `photo` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
intval($page_owner_uid) intval($page_owner_uid)
); );
// find and delete the corresponding item with all the comments and likes/dislikes // find and delete the corresponding item with all the comments and likes/dislikes
$r = q("SELECT `id`, `parent-uri`, `visible` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
$r = q("SELECT `parent-uri` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
intval($page_owner_uid) intval($page_owner_uid)
); );
if (DBM::is_result($r)) { if (DBM::is_result($r)) {
@ -309,7 +293,6 @@ function photos_post(App $a) {
$drop_id = intval($rr['id']); $drop_id = intval($rr['id']);
// send the notification upstream/downstream as the case may be // send the notification upstream/downstream as the case may be
if ($rr['visible']) { if ($rr['visible']) {
Worker::add(PRIORITY_HIGH, "Notifier", "drop", $drop_id); Worker::add(PRIORITY_HIGH, "Notifier", "drop", $drop_id);
} }
@ -326,16 +309,16 @@ function photos_post(App $a) {
// Check if the user has responded to a delete confirmation query for a single photo // Check if the user has responded to a delete confirmation query for a single photo
if (($a->argc > 2) && $_REQUEST['canceled']) { if ($a->argc > 2 && x($_REQUEST, 'canceled')) {
goaway($_SESSION['photo_return']); goaway($_SESSION['photo_return']);
} }
if (($a->argc > 2) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) { if ($a->argc > 2 && defaults($_POST, 'delete', '') === t('Delete Photo')) {
// same as above but remove single photo // same as above but remove single photo
// Check if we should do HTML-based delete confirmation // Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) { if (x($_REQUEST, 'confirm')) {
$drop_url = $a->query_string; $drop_url = $a->query_string;
$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array( $a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array(
'$method' => 'post', '$method' => 'post',
@ -367,7 +350,7 @@ function photos_post(App $a) {
intval($page_owner_uid), intval($page_owner_uid),
dbesc($r[0]['resource-id']) dbesc($r[0]['resource-id'])
); );
$i = q("SELECT * FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1", $i = q("SELECT `id`, `uri`, `visible` FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1",
dbesc($r[0]['resource-id']), dbesc($r[0]['resource-id']),
intval($page_owner_uid) intval($page_owner_uid)
); );
@ -397,13 +380,12 @@ function photos_post(App $a) {
return; // NOTREACHED return; // NOTREACHED
} }
if (($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) { if ($a->argc > 2 && (x($_POST, 'desc') !== false || x($_POST, 'newtag') !== false || x($_POST, 'albname') !== false)) {
$desc = x($_POST, 'desc') ? notags(trim($_POST['desc'])) : '';
$desc = (x($_POST,'desc') ? notags(trim($_POST['desc'])) : ''); $rawtags = x($_POST, 'newtag') ? notags(trim($_POST['newtag'])) : '';
$rawtags = (x($_POST,'newtag') ? notags(trim($_POST['newtag'])) : ''); $item_id = x($_POST, 'item_id') ? intval($_POST['item_id']) : 0;
$item_id = (x($_POST,'item_id') ? intval($_POST['item_id']) : 0); $albname = x($_POST, 'albname') ? notags(trim($_POST['albname'])) : '';
$albname = (x($_POST,'albname') ? notags(trim($_POST['albname'])) : ''); $origaname = x($_POST, 'origaname') ? notags(trim($_POST['origaname'])) : '';
$origaname = (x($_POST,'origaname') ? notags(trim($_POST['origaname'])) : '');
$str_group_allow = perms2str($_POST['group_allow']); $str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']); $str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']); $str_group_deny = perms2str($_POST['group_deny']);
@ -415,9 +397,8 @@ function photos_post(App $a) {
$albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y'); $albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
} }
if (x($_POST,'rotate') !== false &&
if ((x($_POST,'rotate') !== false) && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) {
( (intval($_POST['rotate']) == 1) || (intval($_POST['rotate']) == 2) )) {
logger('rotate'); logger('rotate');
$r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = 0 LIMIT 1", $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = 0 LIMIT 1",
@ -503,9 +484,7 @@ function photos_post(App $a) {
} }
if (!$item_id) { if (!$item_id) {
// Create item container // Create item container
$title = ''; $title = '';
$uri = item_new_uri($a->get_hostname(),$page_owner_uid); $uri = item_new_uri($a->get_hostname(),$page_owner_uid);
@ -538,7 +517,6 @@ function photos_post(App $a) {
. '[/url]'; . '[/url]';
$item_id = item_store($arr); $item_id = item_store($arr);
} }
if ($item_id) { if ($item_id) {
@ -553,13 +531,11 @@ function photos_post(App $a) {
} }
if (strlen($rawtags)) { if (strlen($rawtags)) {
$str_tags = ''; $str_tags = '';
$inform = ''; $inform = '';
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a hashtag // if the new tag doesn't have a namespace specifier (@foo or #foo) give it a hashtag
$x = substr($rawtags, 0, 1);
$x = substr($rawtags,0,1);
if ($x !== '@' && $x !== '#') { if ($x !== '@' && $x !== '#') {
$rawtags = '#' . $rawtags; $rawtags = '#' . $rawtags;
} }
@ -569,10 +545,8 @@ function photos_post(App $a) {
if (count($tags)) { if (count($tags)) {
foreach ($tags as $tag) { foreach ($tags as $tag) {
if (isset($profile)) {
unset($profile);
}
if (strpos($tag, '@') === 0) { if (strpos($tag, '@') === 0) {
$profile = '';
$name = substr($tag,1); $name = substr($tag,1);
if ((strpos($name, '@')) || (strpos($name, 'http://'))) { if ((strpos($name, '@')) || (strpos($name, 'http://'))) {
$newname = $name; $newname = $name;
@ -690,8 +664,7 @@ function photos_post(App $a) {
if (count($taginfo)) { if (count($taginfo)) {
foreach ($taginfo as $tagged) { foreach ($taginfo as $tagged) {
$uri = item_new_uri($a->get_hostname(), $page_owner_uid);
$uri = item_new_uri($a->get_hostname(),$page_owner_uid);
$arr = array(); $arr = array();
$arr['guid'] = get_guid(32); $arr['guid'] = get_guid(32);
@ -746,18 +719,12 @@ function photos_post(App $a) {
} }
/** // default post action - upload a photo
* default post action - upload a photo
*/
call_hooks('photo_post_init', $_POST); call_hooks('photo_post_init', $_POST);
/** // Determine the album to use
* Determine the album to use $album = x($_REQUEST, 'album') ? notags(trim($_REQUEST['album'])) : '';
*/ $newalbum = x($_REQUEST, 'newalbum') ? notags(trim($_REQUEST['newalbum'])) : '';
$album = notags(trim($_REQUEST['album']));
$newalbum = notags(trim($_REQUEST['newalbum']));
logger('mod/photos.php: photos_post(): album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG); logger('mod/photos.php: photos_post(): album= ' . $album . ' newalbum= ' . $newalbum , LOGGER_DEBUG);
@ -787,51 +754,85 @@ function photos_post(App $a) {
$visible = 0; $visible = 0;
} }
if (intval($_REQUEST['not_visible']) || $_REQUEST['not_visible'] === 'true') { if (x($_REQUEST, 'not_visible') && $_REQUEST['not_visible'] !== 'false') {
$visible = 0; $visible = 0;
} }
$str_group_allow = perms2str((is_array($_REQUEST['group_allow']) ? $_REQUEST['group_allow'] : explode(',', $_REQUEST['group_allow']))); $group_allow = defaults($_REQUEST, 'group_allow' , []);
$str_contact_allow = perms2str((is_array($_REQUEST['contact_allow']) ? $_REQUEST['contact_allow'] : explode(',', $_REQUEST['contact_allow']))); $contact_allow = defaults($_REQUEST, 'contact_allow', []);
$str_group_deny = perms2str((is_array($_REQUEST['group_deny']) ? $_REQUEST['group_deny'] : explode(',', $_REQUEST['group_deny']))); $group_deny = defaults($_REQUEST, 'group_deny' , []);
$str_contact_deny = perms2str((is_array($_REQUEST['contact_deny']) ? $_REQUEST['contact_deny'] : explode(',', $_REQUEST['contact_deny']))); $contact_deny = defaults($_REQUEST, 'contact_deny' , []);
$str_group_allow = perms2str(is_array($group_allow) ? $group_allow : explode(',', $group_allow));
$str_contact_allow = perms2str(is_array($contact_allow) ? $contact_allow : explode(',', $contact_allow));
$str_group_deny = perms2str(is_array($group_deny) ? $group_deny : explode(',', $group_deny));
$str_contact_deny = perms2str(is_array($contact_deny) ? $contact_deny : explode(',', $contact_deny));
$ret = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => ''); $ret = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
call_hooks('photo_post_file',$ret); call_hooks('photo_post_file', $ret);
if (x($ret,'src') && x($ret,'filesize')) { if (x($ret, 'src') && x($ret, 'filesize')) {
$src = $ret['src']; $src = $ret['src'];
$filename = $ret['filename']; $filename = $ret['filename'];
$filesize = $ret['filesize']; $filesize = $ret['filesize'];
$type = $ret['type']; $type = $ret['type'];
$error = UPLOAD_ERR_OK;
} else { } else {
$src = $_FILES['userfile']['tmp_name']; $src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']); $filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']); $filesize = intval($_FILES['userfile']['size']);
$type = $_FILES['userfile']['type']; $type = $_FILES['userfile']['type'];
$error = $_FILES['userfile']['error'];
} }
if ($error !== UPLOAD_ERR_OK) {
switch ($error) {
case UPLOAD_ERR_INI_SIZE:
notice(t('Image exceeds size limit of %s', ini_get('upload_max_filesize')) . EOL);
break;
case UPLOAD_ERR_FORM_SIZE:
notice(t('Image exceeds size limit of %s', formatBytes(defaults($_REQUEST, 'MAX_FILE_SIZE', 0))) . EOL);
break;
case UPLOAD_ERR_PARTIAL:
notice(t('Image upload didn\'t complete, please try again') . EOL);
break;
case UPLOAD_ERR_NO_FILE:
notice(t('Image file is missing') . EOL);
break;
case UPLOAD_ERR_NO_TMP_DIR:
case UPLOAD_ERR_CANT_WRITE:
case UPLOAD_ERR_EXTENSION:
notice(t('Server can\'t accept new file upload at this time, please contact your administrator') . EOL);
break;
}
@unlink($src);
$foo = 0;
call_hooks('photo_post_end', $foo);
return;
}
if ($type == "") { if ($type == "") {
$type = Image::guessType($filename); $type = Image::guessType($filename);
} }
logger('photos: upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG); logger('photos: upload: received file: ' . $filename . ' as ' . $src . ' ('. $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
$maximagesize = Config::get('system','maximagesize'); $maximagesize = Config::get('system', 'maximagesize');
if ($maximagesize && ($filesize > $maximagesize)) { if ($maximagesize && ($filesize > $maximagesize)) {
notice( sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize)) . EOL); notice(t('Image exceeds size limit of %s', formatBytes($maximagesize)) . EOL);
@unlink($src); @unlink($src);
$foo = 0; $foo = 0;
call_hooks('photo_post_end',$foo); call_hooks('photo_post_end', $foo);
return; return;
} }
if (!$filesize) { if (!$filesize) {
notice( t('Image file is empty.') . EOL); notice(t('Image file is empty.') . EOL);
@unlink($src); @unlink($src);
$foo = 0; $foo = 0;
call_hooks('photo_post_end',$foo); call_hooks('photo_post_end', $foo);
return; return;
} }
@ -843,7 +844,7 @@ function photos_post(App $a) {
if (!$Image->isValid()) { if (!$Image->isValid()) {
logger('mod/photos.php: photos_post(): unable to process image' , LOGGER_DEBUG); logger('mod/photos.php: photos_post(): unable to process image' , LOGGER_DEBUG);
notice( t('Unable to process image.') . EOL ); notice(t('Unable to process image.') . EOL);
@unlink($src); @unlink($src);
$foo = 0; $foo = 0;
call_hooks('photo_post_end',$foo); call_hooks('photo_post_end',$foo);
@ -872,7 +873,7 @@ function photos_post(App $a) {
if (!$r) { if (!$r) {
logger('mod/photos.php: photos_post(): image store failed' , LOGGER_DEBUG); logger('mod/photos.php: photos_post(): image store failed' , LOGGER_DEBUG);
notice( t('Image upload failed.') . EOL ); notice(t('Image upload failed.') . EOL);
killme(); killme();
} }
@ -888,23 +889,16 @@ function photos_post(App $a) {
$smallest = 2; $smallest = 2;
} }
$basename = basename($filename);
$uri = item_new_uri($a->get_hostname(), $page_owner_uid); $uri = item_new_uri($a->get_hostname(), $page_owner_uid);
// Create item container // Create item container
$lat = $lon = null; $lat = $lon = null;
if ($exif && $exif['GPS'] && Feature::isEnabled($channel_id, 'photo_location')) {
/// @TODO merge these 2 if() into one?
if ($exif && $exif['GPS']) {
if (Feature::isEnabled($channel_id,'photo_location')) {
$lat = getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']); $lat = getGps($exif['GPS']['GPSLatitude'], $exif['GPS']['GPSLatitudeRef']);
$lon = getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']); $lon = getGps($exif['GPS']['GPSLongitude'], $exif['GPS']['GPSLongitudeRef']);
} }
}
$arr = array(); $arr = array();
if ($lat && $lon) { if ($lat && $lon) {
$arr['coord'] = $lat . ' ' . $lon; $arr['coord'] = $lat . ' ' . $lon;
} }
@ -946,17 +940,15 @@ function photos_post(App $a) {
call_hooks('photo_post_end',intval($item_id)); call_hooks('photo_post_end',intval($item_id));
/* // addon uploaders should call "killme()" [e.g. exit] within the photo_post_end hook
* addon uploaders should call "killme()" [e.g. exit] within the photo_post_end hook // if they do not wish to be redirected
* if they do not wish to be redirected
*/
goaway($_SESSION['photo_return']); goaway($_SESSION['photo_return']);
// NOTREACHED // NOTREACHED
} }
function photos_content(App $a) { function photos_content(App $a)
{
// URLs: // URLs:
// photos/name // photos/name
// photos/name/upload // photos/name/upload
@ -966,7 +958,6 @@ function photos_content(App $a) {
// photos/name/image/xxxxx // photos/name/image/xxxxx
// photos/name/image/xxxxx/edit // photos/name/image/xxxxx/edit
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
notice( t('Public access denied.') . EOL); notice( t('Public access denied.') . EOL);
return; return;
@ -985,10 +976,8 @@ function photos_content(App $a) {
$_SESSION['photo_return'] = $a->cmd; $_SESSION['photo_return'] = $a->cmd;
//
// Parse arguments // Parse arguments
// $datum = null;
if ($a->argc > 3) { if ($a->argc > 3) {
$datatype = $a->argv[2]; $datatype = $a->argv[2];
$datum = $a->argv[3]; $datum = $a->argv[3];
@ -1004,10 +993,7 @@ function photos_content(App $a) {
$cmd = 'view'; $cmd = 'view';
} }
//
// Setup permissions structures // Setup permissions structures
//
$can_post = false; $can_post = false;
$visitor = 0; $visitor = 0;
$contact = null; $contact = null;
@ -1046,8 +1032,9 @@ function photos_content(App $a) {
} }
} }
// perhaps they're visiting - but not a community page, so they wouldn't have write access $groups = [];
// perhaps they're visiting - but not a community page, so they wouldn't have write access
if (remote_user() && !$visitor) { if (remote_user() && !$visitor) {
$contact_id = 0; $contact_id = 0;
if (is_array($_SESSION['remote'])) { if (is_array($_SESSION['remote'])) {
@ -1071,20 +1058,17 @@ function photos_content(App $a) {
} }
} }
/// @TODO merge these 2 if() into one? if (!$remote_contact && local_user()) {
if (!$remote_contact) {
if (local_user()) {
$contact_id = $_SESSION['cid']; $contact_id = $_SESSION['cid'];
$contact = $a->contact; $contact = $a->contact;
} }
}
if ($a->data['user']['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) { if ($a->data['user']['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) {
notice( t('Access to this item is restricted.') . EOL); notice( t('Access to this item is restricted.') . EOL);
return; return;
} }
$sql_extra = permissions_sql($owner_uid,$remote_contact,$groups); $sql_extra = permissions_sql($owner_uid, $remote_contact, $groups);
$o = ""; $o = "";
@ -1092,23 +1076,17 @@ function photos_content(App $a) {
$is_owner = (local_user() && (local_user() == $owner_uid)); $is_owner = (local_user() && (local_user() == $owner_uid));
$o .= profile_tabs($a, $is_owner, $a->data['user']['nickname']); $o .= profile_tabs($a, $is_owner, $a->data['user']['nickname']);
/** // Display upload form
* Display upload form
*/
if ($datatype === 'upload') { if ($datatype === 'upload') {
if (!$can_post) { if (!$can_post) {
notice(t('Permission denied.')); notice(t('Permission denied.'));
return; return;
} }
$selname = $datum ? hex2bin($datum) : '';
$selname = ($datum ? hex2bin($datum) : '');
$albumselect = ''; $albumselect = '';
$albumselect .= '<option value="" ' . (!$selname ? ' selected="selected" ' : '') . '>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>'; $albumselect .= '<option value="" ' . (!$selname ? ' selected="selected" ' : '') . '>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</option>';
if (count($a->data['albums'])) { if (count($a->data['albums'])) {
foreach ($a->data['albums'] as $album) { foreach ($a->data['albums'] as $album) {
@ -1135,31 +1113,8 @@ function photos_content(App $a) {
$usage_message = ''; $usage_message = '';
// Private/public post links for the non-JS ACL form
$private_post = 1;
if ($_REQUEST['public']) {
$private_post = 0;
}
$query_str = $a->query_string;
if (strpos($query_str, 'public=1') !== false) {
$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
}
/*
* I think $a->query_string may never have ? in it, but I could be wrong
* It looks like it's from the index.php?q=[etc] rewrite that the web
* server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
*/
if (strpos($query_str, '?') === false) {
$public_post_link = '?public=1';
} else {
$public_post_link = '&public=1';
}
$tpl = get_markup_template('photos_upload.tpl'); $tpl = get_markup_template('photos_upload.tpl');
$albumselect_e = $albumselect;
$aclselect_e = ($visitor ? '' : populate_acl($a->user)); $aclselect_e = ($visitor ? '' : populate_acl($a->user));
$o .= replace_macros($tpl,array( $o .= replace_macros($tpl,array(
@ -1170,7 +1125,7 @@ function photos_content(App $a) {
'$newalbum' => t('New album name: '), '$newalbum' => t('New album name: '),
'$existalbumtext' => t('or existing album name: '), '$existalbumtext' => t('or existing album name: '),
'$nosharetext' => t('Do not show a status post for this upload'), '$nosharetext' => t('Do not show a status post for this upload'),
'$albumselect' => $albumselect_e, '$albumselect' => $albumselect,
'$permissions' => t('Permissions'), '$permissions' => t('Permissions'),
'$aclselect' => $aclselect_e, '$aclselect' => $aclselect_e,
'$alt_uploader' => $ret['addon_text'], '$alt_uploader' => $ret['addon_text'],
@ -1182,23 +1137,14 @@ function photos_content(App $a) {
'$acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector '$acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
'$group_perms' => t('Show to Groups'), '$group_perms' => t('Show to Groups'),
'$contact_perms' => t('Show to Contacts'), '$contact_perms' => t('Show to Contacts'),
'$private' => t('Private Photo'), '$return_path' => $a->query_string,
'$public' => t('Public Photo'),
'$is_private' => $private_post,
'$return_path' => $query_str,
'$public_link' => $public_post_link,
)); ));
return $o; return $o;
} }
/* // Display a single photo album
* Display a single photo album
*/
if ($datatype === 'album') { if ($datatype === 'album') {
$album = hex2bin($datum); $album = hex2bin($datum);
$r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s'
@ -1212,7 +1158,8 @@ function photos_content(App $a) {
} }
/// @TODO I have seen this many times, maybe generalize it script-wide and encapsulate it? /// @TODO I have seen this many times, maybe generalize it script-wide and encapsulate it?
if ($_GET['order'] === 'posted') { $order_field = defaults($_GET, 'order', '');
if ($order_field === 'posted') {
$order = 'ASC'; $order = 'ASC';
} else { } else {
$order = 'DESC'; $order = 'DESC';
@ -1253,7 +1200,7 @@ function photos_content(App $a) {
} }
} }
if ($_GET['order'] === 'posted') { if ($order_field === 'posted') {
$order = array(t('Show Newest First'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album)); $order = array(t('Show Newest First'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album));
} else { } else {
$order = array(t('Show Oldest First'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '?f=&order=posted'); $order = array(t('Show Oldest First'), 'photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($album) . '?f=&order=posted');
@ -1261,7 +1208,7 @@ function photos_content(App $a) {
$photos = array(); $photos = array();
if (DBM::is_result($r)) if (DBM::is_result($r)) {
// "Twist" is only used for the duepunto theme with style "slackr" // "Twist" is only used for the duepunto theme with style "slackr"
$twist = false; $twist = false;
foreach ($r as $rr) { foreach ($r as $rr) {
@ -1276,15 +1223,16 @@ function photos_content(App $a) {
'id' => $rr['id'], 'id' => $rr['id'],
'twist' => ' ' . ($twist ? 'rotleft' : 'rotright') . rand(2,4), 'twist' => ' ' . ($twist ? 'rotleft' : 'rotright') . rand(2,4),
'link' => 'photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'] 'link' => 'photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id']
. (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''), . ($order_field === 'posted' ? '?f=&order=posted' : ''),
'title' => t('View Photo'), 'title' => t('View Photo'),
'src' => 'photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.' .$ext, 'src' => 'photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.' .$ext,
'alt' => $imgalt_e, 'alt' => $imgalt_e,
'desc'=> $desc_e, 'desc'=> $desc_e,
'ext' => $ext, 'ext' => $ext,
'hash'=> $rr['resource_id'], 'hash'=> $rr['resource-id'],
); );
} }
}
$tpl = get_markup_template('photo_album.tpl'); $tpl = get_markup_template('photo_album.tpl');
$o .= replace_macros($tpl, array( $o .= replace_macros($tpl, array(
@ -1301,14 +1249,9 @@ function photos_content(App $a) {
} }
/* // Display one photo
* Display one photo
*/
if ($datatype === 'image') { if ($datatype === 'image') {
//$o = '';
// fetch image, item containing image, then comments // fetch image, item containing image, then comments
$ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' $ph = q("SELECT * FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'
$sql_extra ORDER BY `scale` ASC ", $sql_extra ORDER BY `scale` ASC ",
intval($owner_uid), intval($owner_uid),
@ -1336,7 +1279,8 @@ function photos_content(App $a) {
// The query leads to a really intense used index. // The query leads to a really intense used index.
// By now we hide it if someone wants to. // By now we hide it if someone wants to.
if (!Config::get('system', 'no_count', false)) { if (!Config::get('system', 'no_count', false)) {
if ($_GET['order'] === 'posted') { $order_field = defaults($_GET, 'order', '');
if ($order_field === 'posted') {
$order = 'ASC'; $order = 'ASC';
} else { } else {
$order = 'DESC'; $order = 'DESC';
@ -1363,8 +1307,8 @@ function photos_content(App $a) {
} }
} }
$edit_suffix = ((($cmd === 'edit') && $can_post) ? '/edit' : ''); $edit_suffix = ((($cmd === 'edit') && $can_post) ? '/edit' : '');
$prevlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); $prevlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$prv]['resource-id'] . $edit_suffix . ($order_field === 'posted' ? '?f=&order=posted' : '');
$nextlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix . (($_GET['order'] === 'posted') ? '?f=&order=posted' : ''); $nextlink = 'photos/' . $a->data['user']['nickname'] . '/image/' . $prvnxt[$nxt]['resource-id'] . $edit_suffix . ($order_field === 'posted' ? '?f=&order=posted' : '');
} }
} }
@ -1438,6 +1382,7 @@ function photos_content(App $a) {
); );
$map = null; $map = null;
$link_item = [];
if (DBM::is_result($linked_items)) { if (DBM::is_result($linked_items)) {
$link_item = $linked_items[0]; $link_item = $linked_items[0];
@ -1511,31 +1456,9 @@ function photos_content(App $a) {
$edit = Null; $edit = Null;
if (($cmd === 'edit') && $can_post) { if ($cmd === 'edit' && $can_post) {
$edit_tpl = get_markup_template('photo_edit.tpl'); $edit_tpl = get_markup_template('photo_edit.tpl');
// Private/public post links for the non-JS ACL form
$private_post = 1;
if ($_REQUEST['public']) {
$private_post = 0;
}
$query_str = $a->query_string;
if (strpos($query_str, 'public=1') !== false) {
$query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str);
}
/*
* I think $a->query_string may never have ? in it, but I could be wrong
* It looks like it's from the index.php?q=[etc] rewrite that the web
* server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61
*/
if (strpos($query_str, '?') === false) {
$public_post_link = '?public=1';
} else {
$public_post_link = '&public=1';
}
$album_e = $ph[0]['album']; $album_e = $ph[0]['album'];
$caption_e = $ph[0]['desc']; $caption_e = $ph[0]['desc'];
$aclselect_e = populate_acl($ph[0]); $aclselect_e = populate_acl($ph[0]);
@ -1554,7 +1477,7 @@ function photos_content(App $a) {
'$permissions' => t('Permissions'), '$permissions' => t('Permissions'),
'$aclselect' => $aclselect_e, '$aclselect' => $aclselect_e,
'$item_id' => (count($linked_items) ? $link_item['id'] : 0), '$item_id' => defaults($link_item, 'id', 0),
'$submit' => t('Submit'), '$submit' => t('Submit'),
'$delete' => t('Delete Photo'), '$delete' => t('Delete Photo'),
@ -1562,25 +1485,24 @@ function photos_content(App $a) {
'$acl_data' => construct_acl_data($a, $ph[0]), // For non-Javascript ACL selector '$acl_data' => construct_acl_data($a, $ph[0]), // For non-Javascript ACL selector
'$group_perms' => t('Show to Groups'), '$group_perms' => t('Show to Groups'),
'$contact_perms' => t('Show to Contacts'), '$contact_perms' => t('Show to Contacts'),
'$private' => t('Private photo'), '$return_path' => $a->query_string,
'$public' => t('Public photo'),
'$is_private' => $private_post,
'$return_path' => $query_str,
'$public_link' => $public_post_link,
)); ));
} }
if (count($linked_items)) { $like = '';
$dislike = '';
$likebuttons = '';
$comments = '';
$paginate = '';
$responses = '';
if (count($linked_items)) {
$cmnt_tpl = get_markup_template('comment_item.tpl'); $cmnt_tpl = get_markup_template('comment_item.tpl');
$tpl = get_markup_template('photo_item.tpl'); $tpl = get_markup_template('photo_item.tpl');
$return_url = $a->cmd; $return_url = $a->cmd;
$like_tpl = get_markup_template('like_noshare.tpl');
$likebuttons = '';
if ($can_post || can_write_wall($a, $owner_uid)) { if ($can_post || can_write_wall($a, $owner_uid)) {
$like_tpl = get_markup_template('like_noshare.tpl');
$likebuttons = replace_macros($like_tpl, array( $likebuttons = replace_macros($like_tpl, array(
'$id' => $link_item['id'], '$id' => $link_item['id'],
'$likethis' => t("I like this \x28toggle\x29"), '$likethis' => t("I like this \x28toggle\x29"),
@ -1590,7 +1512,6 @@ function photos_content(App $a) {
)); ));
} }
$comments = '';
if (!DBM::is_result($r)) { if (!DBM::is_result($r)) {
if (($can_post || can_write_wall($a, $owner_uid)) && $link_item['last-child']) { if (($can_post || can_write_wall($a, $owner_uid)) && $link_item['last-child']) {
$comments .= replace_macros($cmnt_tpl, array( $comments .= replace_macros($cmnt_tpl, array(
@ -1613,12 +1534,6 @@ function photos_content(App $a) {
} }
} }
$alike = array();
$dlike = array();
$like = '';
$dislike = '';
$conv_responses = array( $conv_responses = array(
'like' => array('title' => t('Likes','title')),'dislike' => array('title' => t('Dislikes','title')), 'like' => array('title' => t('Likes','title')),'dislike' => array('title' => t('Dislikes','title')),
'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title')) 'attendyes' => array('title' => t('Attending','title')), 'attendno' => array('title' => t('Not attending','title')), 'attendmaybe' => array('title' => t('Might attend','title'))
@ -1626,13 +1541,16 @@ function photos_content(App $a) {
// display comments // display comments
if (DBM::is_result($r)) { if (DBM::is_result($r)) {
foreach ($r as $item) { foreach ($r as $item) {
builtin_activity_puller($item, $conv_responses); builtin_activity_puller($item, $conv_responses);
} }
$like = (x($conv_responses['like'], $link_item['uri']) ? format_like($conv_responses['like'][$link_item['uri']], $conv_responses['like'][$link_item['uri'] . '-l'], 'like',$link_item['id']) : ''); if (x($conv_responses['like'], $link_item['uri'])) {
$dislike = (x($conv_responses['dislike'], $link_item['uri']) ? format_like($conv_responses['dislike'][$link_item['uri']], $conv_responses['dislike'][$link_item['uri'] . '-l'], 'dislike',$link_item['id']) : ''); $like = format_like($conv_responses['like'][$link_item['uri']], $conv_responses['like'][$link_item['uri'] . '-l'], 'like', $link_item['id']);
}
if (x($conv_responses['dislike'], $link_item['uri'])) {
$dislike = format_like($conv_responses['dislike'][$link_item['uri']], $conv_responses['dislike'][$link_item['uri'] . '-l'], 'dislike', $link_item['id']);
}
if (($can_post || can_write_wall($a, $owner_uid)) && $link_item['last-child']) { if (($can_post || can_write_wall($a, $owner_uid)) && $link_item['last-child']) {
$comments .= replace_macros($cmnt_tpl,array( $comments .= replace_macros($cmnt_tpl,array(
@ -1654,18 +1572,17 @@ function photos_content(App $a) {
)); ));
} }
foreach ($r as $item) { foreach ($r as $item) {
$comment = ''; $comment = '';
$template = $tpl; $template = $tpl;
$sparkle = ''; $sparkle = '';
if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && ($item['id'] != $item['parent'])) if ((activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) && ($item['id'] != $item['parent'])) {
continue; continue;
}
$redirect_url = 'redir/' . $item['cid']; $redirect_url = 'redir/' . $item['cid'];
if (local_user() && ($item['contact-uid'] == local_user()) if (local_user() && ($item['contact-uid'] == local_user())
&& ($item['network'] == NETWORK_DFRN) && !$item['self']) { && ($item['network'] == NETWORK_DFRN) && !$item['self']) {
$profile_url = $redirect_url; $profile_url = $redirect_url;
@ -1729,40 +1646,32 @@ function photos_content(App $a) {
} }
} }
} }
$paginate = paginate($a);
}
$response_verbs = array('like'); $response_verbs = array('like');
if (Feature::isEnabled($owner_uid, 'dislike')) { if (Feature::isEnabled($owner_uid, 'dislike')) {
$response_verbs[] = 'dislike'; $response_verbs[] = 'dislike';
} }
$responses = get_responses($conv_responses,$response_verbs, '', $link_item); $responses = get_responses($conv_responses, $response_verbs, '', $link_item);
$paginate = paginate($a);
}
$photo_tpl = get_markup_template('photo_view.tpl'); $photo_tpl = get_markup_template('photo_view.tpl');
$album_e = array($album_link, $ph[0]['album']);
$tags_e = $tags;
$like_e = $like;
$dislike_e = $dislike;
$o .= replace_macros($photo_tpl, array( $o .= replace_macros($photo_tpl, array(
'$id' => $ph[0]['id'], '$id' => $ph[0]['id'],
'$album' => $album_e, '$album' => [$album_link, $ph[0]['album']],
'$tools' => $tools, '$tools' => $tools,
'$lock' => $lock, '$lock' => $lock,
'$photo' => $photo, '$photo' => $photo,
'$prevlink' => $prevlink, '$prevlink' => $prevlink,
'$nextlink' => $nextlink, '$nextlink' => $nextlink,
'$desc' => $ph[0]['desc'], '$desc' => $ph[0]['desc'],
'$tags' => $tags_e, '$tags' => $tags,
'$edit' => $edit, '$edit' => $edit,
'$map' => $map, '$map' => $map,
'$map_text' => t('Map'), '$map_text' => t('Map'),
'$likebuttons' => $likebuttons, '$likebuttons' => $likebuttons,
'$like' => $like_e, '$like' => $like,
'$dislike' => $dikslike_e, '$dislike' => $dislike,
'responses' => $responses, 'responses' => $responses,
'$comments' => $comments, '$comments' => $comments,
'$paginate' => $paginate, '$paginate' => $paginate,