mirror of
https://github.com/friendica/friendica
synced 2025-01-03 19:22:18 +00:00
much better solution to privacy on ajax wall photos
This commit is contained in:
parent
f057cc3a70
commit
15c81716e8
2 changed files with 29 additions and 30 deletions
53
mod/item.php
53
mod/item.php
|
@ -131,43 +131,42 @@ function item_post(&$a) {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* If a photo was uploaded into the message using the ajax uploader,
|
* When a photo was uploaded into the message using the (profile wall) ajax
|
||||||
* it can be seen by anybody. Set the permissions to match the message.
|
* uploader, The permissions are initially set to disallow anybody but the
|
||||||
* Ideally this should be done when the photo was uploaded, but the permissions
|
* owner from seeing it. This is because the permissions may not yet have been
|
||||||
* may not have been set at that time, and passing the permission arrays via
|
* set for the post. If it's private, the photo permissions should be set
|
||||||
* javascript to the ajax upload is going to be a challenge.
|
* appropriately. But we didn't know the final permissions on the post until
|
||||||
* This is a compromise. Granted there is a window of time when the photo
|
* now. So now we'll look for links of uploaded messages that are in the
|
||||||
* is public. You are welcome to suggest other ways to fix this.
|
* post and set them to the same permissions as the post itself.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
$match = null;
|
$match = null;
|
||||||
|
|
||||||
if($private) {
|
if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
|
||||||
if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
|
$images = $match[1];
|
||||||
$images = $match[1];
|
if(count($images)) {
|
||||||
if(count($images)) {
|
foreach($images as $image) {
|
||||||
foreach($images as $image) {
|
if(! stristr($image,$a->get_baseurl() . '/photo/'))
|
||||||
if(! stristr($image,$a->get_baseurl() . '/photo/'))
|
continue;
|
||||||
continue;
|
$image_uri = substr($image,strrpos($image,'/') + 1);
|
||||||
$image_uri = substr($image,strrpos($image,'/') + 1);
|
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
|
||||||
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
|
$r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'
|
||||||
$r = q("UPDATE `photo` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'
|
WHERE `resource-id` = '%s' AND `album` = '%s' ",
|
||||||
WHERE `resource-id` = '%s' AND `album` = '%s' ",
|
dbesc($str_contact_allow),
|
||||||
dbesc($str_contact_allow),
|
dbesc($str_group_allow),
|
||||||
dbesc($str_group_allow),
|
dbesc($str_contact_deny),
|
||||||
dbesc($str_contact_deny),
|
dbesc($str_group_deny),
|
||||||
dbesc($str_group_deny),
|
dbesc($image_uri),
|
||||||
dbesc($image_uri),
|
dbesc( t('Wall Photos'))
|
||||||
dbesc( t('Wall Photos'))
|
);
|
||||||
);
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Look for any tags and linkify them
|
* Look for any tags and linkify them
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -76,7 +76,7 @@ function wall_upload_post(&$a) {
|
||||||
|
|
||||||
$smallest = 0;
|
$smallest = 0;
|
||||||
|
|
||||||
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0 );
|
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, '<0>');
|
||||||
|
|
||||||
if(! $r) {
|
if(! $r) {
|
||||||
echo ( t('Image upload failed.') . EOL);
|
echo ( t('Image upload failed.') . EOL);
|
||||||
|
@ -85,14 +85,14 @@ function wall_upload_post(&$a) {
|
||||||
|
|
||||||
if($width > 640 || $height > 640) {
|
if($width > 640 || $height > 640) {
|
||||||
$ph->scaleImage(640);
|
$ph->scaleImage(640);
|
||||||
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1 );
|
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, '<0>');
|
||||||
if($r)
|
if($r)
|
||||||
$smallest = 1;
|
$smallest = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($width > 320 || $height > 320) {
|
if($width > 320 || $height > 320) {
|
||||||
$ph->scaleImage(320);
|
$ph->scaleImage(320);
|
||||||
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2 );
|
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, '<0>' );
|
||||||
if($r)
|
if($r)
|
||||||
$smallest = 2;
|
$smallest = 2;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue