diff --git a/include/text.php b/include/text.php
index 26de709e3e..658c2cdd64 100644
--- a/include/text.php
+++ b/include/text.php
@@ -6,8 +6,8 @@ require_once("include/friendica_smarty.php");
if(! function_exists('replace_macros')) {
/**
* This is our template processor
- *
- * @param string|FriendicaSmarty $s the string requiring macro substitution,
+ *
+ * @param string|FriendicaSmarty $s the string requiring macro substitution,
* or an instance of FriendicaSmarty
* @param array $r key value pairs (search => replace)
* @return string substituted string
@@ -52,13 +52,13 @@ if(! function_exists('notags')) {
* The high bit hack only involved some old IE browser, forget which (IE5/Mac?)
* that had an XSS attack vector due to stripping the high-bit on an 8-bit character
* after cleansing, and angle chars with the high bit set could get through as markup.
- *
- * This is now disabled because it was interfering with some legitimate unicode sequences
- * and hopefully there aren't a lot of those browsers left.
+ *
+ * This is now disabled because it was interfering with some legitimate unicode sequences
+ * and hopefully there aren't a lot of those browsers left.
*
* Use this on any text input where angle chars are not valid or permitted
* They will be replaced with safer brackets. This may be filtered further
- * if these are not allowed either.
+ * if these are not allowed either.
*
* @param string $string Input string
* @return string Filtered string
@@ -86,12 +86,12 @@ function escape_tags($string) {
}}
-// generate a string that's random, but usually pronounceable.
+// generate a string that's random, but usually pronounceable.
// used to generate initial passwords
if(! function_exists('autoname')) {
/**
- * generate a string that's random, but usually pronounceable.
+ * generate a string that's random, but usually pronounceable.
* used to generate initial passwords
* @param int $len
* @return string
@@ -101,7 +101,7 @@ function autoname($len) {
if($len <= 0)
return '';
- $vowels = array('a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u');
+ $vowels = array('a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u');
if(mt_rand(0,5) == 4)
$vowels[] = 'y';
@@ -145,7 +145,7 @@ function autoname($len) {
for ($x = 0; $x < $len; $x ++) {
$r = mt_rand(0,count($table) - 1);
$word .= $table[$r];
-
+
if($table == $vowels)
$table = array_merge($cons,$midcons);
else
@@ -162,7 +162,7 @@ function autoname($len) {
}
}
if(substr($word,-1) == 'q')
- $word = substr($word,0,-1);
+ $word = substr($word,0,-1);
return $word;
}}
@@ -178,11 +178,11 @@ if(! function_exists('xmlify')) {
*/
function xmlify($str) {
/* $buffer = '';
-
+
$len = mb_strlen($str);
for($x = 0; $x < $len; $x ++) {
$char = mb_substr($str,$x,1);
-
+
switch( $char ) {
case "\r" :
@@ -208,7 +208,7 @@ function xmlify($str) {
default :
$buffer .= $char;
break;
- }
+ }
}*/
/*
$buffer = mb_ereg_replace("&", "&", $str);
@@ -219,7 +219,7 @@ function xmlify($str) {
*/
$buffer = htmlspecialchars($str, ENT_QUOTES);
$buffer = trim($buffer);
-
+
return($buffer);
}}
@@ -239,7 +239,7 @@ function unxmlify($s) {
$ret = mb_ereg_replace('>', ">", $ret);
*/
$ret = htmlspecialchars_decode($s, ENT_QUOTES);
- return $ret;
+ return $ret;
}}
if(! function_exists('hex2bin')) {
@@ -287,7 +287,7 @@ function paginate_data(&$a, $count=null) {
$data = array();
function _l(&$d, $name, $url, $text, $class="") {
- $d[$name] = array('url'=>$url, 'text'=>$text, 'class'=>$class);
+ $d[$name] = array('url'=>$url, 'text'=>$text, 'class'=>$class);
}
if (!is_null($count)){
@@ -355,9 +355,9 @@ if(! function_exists('paginate')) {
* Then call paginate($a) after the end of the display loop to insert the pager block on the page
* (assuming there are enough items to paginate).
* When using with SQL, the setting LIMIT %d, %d => $a->pager['start'],$a->pager['itemspage']
- * will limit the results to the correct items for the current page.
- * The actual page handling is then accomplished at the application layer.
- *
+ * will limit the results to the correct items for the current page.
+ * The actual page handling is then accomplished at the application layer.
+ *
* @param App $a App instance
* @return string html for pagination #FIXME remove html
*/
@@ -406,11 +406,11 @@ function expand_acl($s) {
}
}
return $ret;
-}}
+}}
if(! function_exists('sanitise_acl')) {
/**
- * Wrap ACL elements in angle brackets for storage
+ * Wrap ACL elements in angle brackets for storage
* @param string $item
*/
function sanitise_acl(&$item) {
@@ -424,10 +424,10 @@ function sanitise_acl(&$item) {
if(! function_exists('perms2str')) {
/**
* Convert an ACL array to a storable string
- *
+ *
* Normally ACL permissions will be an array.
* We'll also allow a comma-separated string.
- *
+ *
* @param string|array $p
* @return string
*/
@@ -450,7 +450,7 @@ if(! function_exists('item_new_uri')) {
/**
* generate a guaranteed unique (for this domain) item ID for ATOM
* safe from birthday paradox
- *
+ *
* @param string $hostname
* @param int $uid
* @return string
@@ -506,7 +506,7 @@ if(! function_exists('load_view_file')) {
* @global App $a
* @param string $s view name
* @return string
- */
+ */
function load_view_file($s) {
global $lang, $a;
if(! isset($lang))
@@ -539,7 +539,7 @@ if(! function_exists('get_intltext_template')) {
/**
* load a view template, checking for alternate
* languages before falling back to the default
- *
+ *
* @global string $lang
* @param string $s view path
* @return string
@@ -576,7 +576,7 @@ function get_intltext_template($s) {
if(! function_exists('get_markup_template')) {
/**
* load template $s
- *
+ *
* @param string $s
* @param string $root
* @return string
@@ -591,15 +591,15 @@ function get_markup_template($s, $root = '') {
} catch (Exception $e) {
echo "
".__function__.": ".$e->getMessage()."
"; killme();
}
-
+
$a->save_timestamp($stamp1, "file");
-
+
return $template;
}}
if(! function_exists("get_template_file")) {
/**
- *
+ *
* @param App $a
* @param string $filename
* @param string $root
@@ -636,11 +636,11 @@ if(! function_exists('attribute_contains')) {
* an attribute foobar="class1 class2 class3"
* and you want to find out if it contains 'class3'.
* you can't use a normal sub string search because you
- * might match 'notclass3' and a regex to do the job is
- * possible but a bit complicated.
- * pass the attribute string as $attr and the attribute you
+ * might match 'notclass3' and a regex to do the job is
+ * possible but a bit complicated.
+ * pass the attribute string as $attr and the attribute you
* are looking for as $s - returns true if found, otherwise false
- *
+ *
* @param string $attr attribute value
* @param string $s string to search
* @return boolean True if found, False otherwise
@@ -691,9 +691,9 @@ function logger($msg,$level = 0) {
if((! $debugging) || (! $logfile) || ($level > $loglevel))
return;
- $callers = debug_backtrace();
- $logline = sprintf("%s@%s\t[%s]:%s:%s:%s\t%s\n",
- datetime_convert(),
+ $callers = debug_backtrace();
+ $logline = sprintf("%s@%s\t[%s]:%s:%s:%s\t%s\n",
+ datetime_convert(),
session_id(),
$LOGGER_LEVELS[$level],
basename($callers[0]['file']),
@@ -701,7 +701,7 @@ function logger($msg,$level = 0) {
$callers[1]['function'],
$msg
);
-
+
$stamp1 = microtime(true);
@file_put_contents($logfile, $logline, FILE_APPEND);
$a->save_timestamp($stamp1, "file");
@@ -712,7 +712,7 @@ function logger($msg,$level = 0) {
if(! function_exists('activity_match')) {
/**
* Compare activity uri. Knows about activity namespace.
- *
+ *
* @param string $haystack
* @param string $needle
* @return boolean
@@ -727,12 +727,12 @@ function activity_match($haystack,$needle) {
if(! function_exists('get_tags')) {
/**
* Pull out all #hashtags and @person tags from $s;
- * We also get @person@domain.com - which would make
+ * We also get @person@domain.com - which would make
* the regex quite complicated as tags can also
* end a sentence. So we'll run through our results
* and strip the period from any tags which end with one.
* Returns array of tags found, or empty array.
- *
+ *
* @param string $s
* @return array
*/
@@ -788,18 +788,18 @@ function get_tags($s) {
}}
-//
+//
if(! function_exists('qp')) {
/**
* quick and dirty quoted_printable encoding
- *
+ *
* @param string $s
* @return string
- */
+ */
function qp($s) {
return str_replace ("%","=",rawurlencode($s));
-}}
+}}
@@ -827,7 +827,7 @@ function get_mentions($item) {
if(! function_exists('contact_block')) {
/**
* Get html for contact block.
- *
+ *
* @template contact_block.tpl
* @hook contact_block_end (contacts=>array, output=>string)
* @return string
@@ -853,7 +853,7 @@ function contact_block() {
if(! $total) {
$contacts = t('No contacts');
$micropro = Null;
-
+
} else {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 and `pending` = 0 AND `hidden` = 0 AND `archive` = 0 ORDER BY RAND() LIMIT %d",
intval($a->profile['uid']),
@@ -867,7 +867,7 @@ function contact_block() {
}
}
}
-
+
$tpl = get_markup_template('contact_block.tpl');
$o = replace_macros($tpl, array(
'$contacts' => $contacts,
@@ -885,7 +885,7 @@ function contact_block() {
if(! function_exists('micropro')) {
/**
- *
+ *
* @param array $contact
* @param boolean $redirect
* @param string $class
@@ -916,19 +916,19 @@ function micropro($contact, $redirect = false, $class = '', $textmode = false) {
if($click)
$url = '';
if($textmode) {
- return '
';
return $o;
}}
@@ -960,7 +960,7 @@ function search($s,$id='search-box',$url='/search',$save = false) {
if(! function_exists('valid_email')) {
/**
* Check if $x is a valid email string
- *
+ *
* @param string $x
* @return boolean
*/
@@ -996,7 +996,7 @@ function linkify($s) {
* @hook poke_verbs pokes array
*/
function get_poke_verbs() {
-
+
// index is present tense verb
// value is array containing past tense verb, translation of present, translation of past
@@ -1018,7 +1018,7 @@ function get_poke_verbs() {
* @hook mood_verbs moods array
*/
function get_mood_verbs() {
-
+
$arr = array(
'happy' => t('happy'),
'sad' => t('sad'),
@@ -1053,10 +1053,10 @@ if(! function_exists('smilies')) {
* Replaces text emoticons with graphical images
*
* It is expected that this function will be called using HTML text.
- * We will escape text between HTML pre and code blocks from being
- * processed.
- *
- * At a higher level, the bbcode [nosmile] tag can be used to prevent this
+ * We will escape text between HTML pre and code blocks from being
+ * processed.
+ *
+ * At a higher level, the bbcode [nosmile] tag can be used to prevent this
* function from being executed by the prepare_text() routine when preparing
* bbcode source for HTML display
*
@@ -1068,43 +1068,43 @@ if(! function_exists('smilies')) {
function smilies($s, $sample = false) {
$a = get_app();
- if(intval(get_config('system','no_smilies'))
+ if(intval(get_config('system','no_smilies'))
|| (local_user() && intval(get_pconfig(local_user(),'system','no_smilies'))))
return $s;
$s = preg_replace_callback('/
(.*?)<\/pre>/ism','smile_encode',$s);
$s = preg_replace_callback('/(.*?)<\/code>/ism','smile_encode',$s);
- $texts = array(
- '<3',
- '</3',
- '<\\3',
- ':-)',
- ';-)',
- ':-(',
- ':-P',
- ':-p',
- ':-"',
- ':-"',
- ':-x',
- ':-X',
- ':-D',
- '8-|',
- '8-O',
- ':-O',
- '\\o/',
- 'o.O',
- 'O.o',
- 'o_O',
- 'O_o',
- ":'(",
- ":-!",
- ":-/",
- ":-[",
+ $texts = array(
+ '<3',
+ '</3',
+ '<\\3',
+ ':-)',
+ ';-)',
+ ':-(',
+ ':-P',
+ ':-p',
+ ':-"',
+ ':-"',
+ ':-x',
+ ':-X',
+ ':-D',
+ '8-|',
+ '8-O',
+ ':-O',
+ '\\o/',
+ 'o.O',
+ 'O.o',
+ 'o_O',
+ 'O_o',
+ ":'(",
+ ":-!",
+ ":-/",
+ ":-[",
"8-)",
- ':beer',
- ':homebrew',
- ':coffee',
+ ':beer',
+ ':homebrew',
+ ':coffee',
':facepalm',
':like',
':dislike',
@@ -1129,7 +1129,7 @@ function smilies($s, $sample = false) {
'',
'',
'',
- '',
+ '',
'',
'',
'',
@@ -1182,7 +1182,7 @@ function smile_decode($m) {
/**
* expand <3333 to the correct number of hearts
- *
+ *
* @param string $x
* @return string
*/
@@ -1201,7 +1201,7 @@ function preg_heart($x) {
if(! function_exists('day_translate')) {
/**
* Translate days and months names
- *
+ *
* @param string $s
* @return string
*/
@@ -1221,7 +1221,7 @@ function day_translate($s) {
if(! function_exists('normalise_link')) {
/**
* Normalize url
- *
+ *
* @param string $url
* @return string
*/
@@ -1235,15 +1235,15 @@ function normalise_link($url) {
if(! function_exists('link_compare')) {
/**
* Compare two URLs to see if they are the same, but ignore
- * slight but hopefully insignificant differences such as if one
- * is https and the other isn't, or if one is www.something and
+ * slight but hopefully insignificant differences such as if one
+ * is https and the other isn't, or if one is www.something and
* the other isn't - and also ignore case differences.
*
* @param string $a first url
* @param string $b second url
* @return boolean True if the URLs match, otherwise False
*
- */
+ */
function link_compare($a,$b) {
if(strcasecmp(normalise_link($a),normalise_link($b)) === 0)
return true;
@@ -1254,7 +1254,7 @@ function link_compare($a,$b) {
if(! function_exists('redir_private_images')) {
/**
* Find any non-embedded images in private items and add redir links to them
- *
+ *
* @param App $a
* @param array $item
*/
@@ -1286,7 +1286,7 @@ if(! function_exists('prepare_body')) {
/**
* Given an item array, convert the body element from bbcode to html and add smilie icons.
* If attach is true, also add icons for item attachments
- *
+ *
* @param array $item
* @param boolean $attach
* @return string item body html
@@ -1471,6 +1471,13 @@ function prepare_body(&$item,$attach = false, $preview = false) {
$s = substr($s, 0, $pos).$authorreplace.substr($s, $pos+strlen($authorsearch));
}
+ // replace friendica image url size with theme preference
+ if (x($a->theme_info,'item_image_size')){
+ $ps = $a->theme_info['item_image_size'];
+
+ $s = preg_replace('|(]+src="[^"]+/photo/[0-9a-f]+)-[0-9]|',"$1-".$ps, $s);
+ }
+
$prep_arr = array('item' => $item, 'html' => $s);
call_hooks('prepare_body_final', $prep_arr);
@@ -1481,7 +1488,7 @@ function prepare_body(&$item,$attach = false, $preview = false) {
if(! function_exists('prepare_text')) {
/**
* Given a text string, convert from bbcode to html and add smilie icons.
- *
+ *
* @param string $text
* @return string
*/
@@ -1501,10 +1508,10 @@ function prepare_text($text) {
/**
* return array with details for categories and folders for an item
- *
+ *
* @param array $item
* @return array
- *
+ *
* [
* [ // categories array
* {
@@ -1522,7 +1529,7 @@ function prepare_text($text) {
* 'first': 'is the first in this array? true/false',
* 'last': 'is the last in this array? true/false',
* } ,
- * ....
+ * ....
* ]
* ]
*/
@@ -1547,7 +1554,7 @@ function get_cats_and_terms($item) {
}
}
if (count($categories)) $categories[count($categories)-1]['last'] = true;
-
+
if(local_user() == $item['uid']) {
$matches = false; $first = true;
@@ -1612,10 +1619,10 @@ function feed_salmonlinks($nick) {
$salmon = '' . "\n" ;
- // old style links that status.net still needed as of 12/2010
+ // old style links that status.net still needed as of 12/2010
- $salmon .= ' ' . "\n" ;
- $salmon .= ' ' . "\n" ;
+ $salmon .= ' ' . "\n" ;
+ $salmon .= ' ' . "\n" ;
return $salmon;
}}
@@ -1670,17 +1677,17 @@ if(! function_exists('lang_selector')) {
/**
* get html for language selector
* @global string $lang
- * @return string
+ * @return string
* @template lang_selector.tpl
*/
function lang_selector() {
global $lang;
-
+
$langs = glob('view/*/strings.php');
-
+
$lang_options = array();
$selected = "";
-
+
if(is_array($langs) && count($langs)) {
$langs[] = '';
if(! in_array('view/en/strings.php',$langs))
@@ -1698,11 +1705,11 @@ function lang_selector() {
}
}
- $tpl = get_markup_template("lang_selector.tpl");
+ $tpl = get_markup_template("lang_selector.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Select an alternate language'),
'$langs' => array($lang_options, $selected),
-
+
));
return $o;
}}
@@ -1790,7 +1797,7 @@ function base64url_decode($s) {
if (!function_exists('str_getcsv')) {
/**
* Parse csv string
- *
+ *
* @param string $input
* @param string $delimiter
* @param string $enclosure
@@ -1835,13 +1842,13 @@ if (!function_exists('str_getcsv')) {
}
} else {
$line = preg_split("/".$delimiter."/",$line);
-
+
/*
* Validating against pesky extra line breaks creating false rows.
*/
if (is_array($line) && !empty($line[0])) {
$output[$line_num] = $line;
- }
+ }
}
}
return $output;
@@ -1852,7 +1859,7 @@ if (!function_exists('str_getcsv')) {
return false;
}
}
-}
+}
/**
* return div element with class 'clear'
@@ -1876,7 +1883,7 @@ function bb_translate_video($s) {
$s = str_replace($mtch[0],'[vimeo]' . $mtch[1] . '[/vimeo]',$s);
}
}
- return $s;
+ return $s;
}
function html2bb_video($s) {
@@ -1907,7 +1914,7 @@ function array_xmlify($val){
/**
* transorm link href and img src from relative to absolute
- *
+ *
* @param string $text
* @param string $base base url
* @return string
@@ -1920,7 +1927,7 @@ function reltoabs($text, $base)
$base = rtrim($base,'/');
$base2 = $base . "/";
-
+
// Replace links
$pattern = "/]*) href=\"(?!http|https|\/)([^\"]*)\"/";
$replace = "','[',']'),array('%3c','%3e','%5b','%5d'),$s);
diff --git a/mod/photo.php b/mod/photo.php
index 434193f713..7783b6a256 100644
--- a/mod/photo.php
+++ b/mod/photo.php
@@ -101,7 +101,8 @@ function photo_init(&$a) {
$photo = substr($photo,0,-2);
}
- $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1",
+ // check if the photo exists and get the owner of the photo
+ $r = q("SELECT `uid` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
dbesc($photo),
intval($resolution)
);
@@ -111,7 +112,7 @@ function photo_init(&$a) {
// Now we'll see if we can access the photo
- $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d $sql_extra LIMIT 1",
+ $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` <= %d $sql_extra ORDER BY scale DESC LIMIT 1",
dbesc($photo),
intval($resolution)
);
@@ -119,28 +120,16 @@ function photo_init(&$a) {
$public = ($r[0]['allow_cid'] == '') AND ($r[0]['allow_gid'] == '') AND ($r[0]['deny_cid'] == '') AND ($r[0]['deny_gid'] == '');
if(count($r)) {
+ $resolution = $r[0]['scale'];
$data = $r[0]['data'];
$mimetype = $r[0]['type'];
}
else {
-
- // Does the picture exist? It may be a remote person with no credentials,
- // but who should otherwise be able to view it. Show a default image to let
- // them know permissions was denied. It may be possible to view the image
- // through an authenticated profile visit.
- // There won't be many completely unauthorised people seeing this because
- // they won't have the photo link, so there's a reasonable chance that the person
- // might be able to obtain permission to view it.
-
- $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1",
- dbesc($photo),
- intval($resolution)
- );
- if(count($r)) {
- $data = file_get_contents('images/nosign.jpg');
- $mimetype = 'image/jpeg';
- $prvcachecontrol = true;
- }
+ // The picure exists. We already checked with the first query.
+ // obviously, this is not an authorized viev!
+ $data = file_get_contents('images/nosign.jpg');
+ $mimetype = 'image/jpeg';
+ $prvcachecontrol = true;
}
}
}
 . '/images/smiley-laughing.gif)
',
' . '/images/smiley-surprised.gif)
',
' . '/images/smiley-thumbsup.gif)
',
' . '/images/smiley-Oo.gif)
',
'