Move drop_items and drop_item out of include/items

- They were only used in mod/item
This commit is contained in:
Hypolite Petovan 2020-06-17 04:50:28 -04:00
parent 51925f2994
commit 3d55ef1546
2 changed files with 113 additions and 126 deletions

View file

@ -327,122 +327,3 @@ function subscribe_to_hub($url, array $importer, array $contact, $hubmode = 'sub
return; return;
} }
function drop_items(array $items)
{
$uid = 0;
if (!Session::isAuthenticated()) {
return;
}
if (!empty($items)) {
foreach ($items as $item) {
$owner = Item::deleteForUser(['id' => $item], local_user());
if ($owner && !$uid) {
$uid = $owner;
}
}
}
}
function drop_item($id, $return = '')
{
$a = DI::app();
// locate item to be deleted
$fields = ['id', 'uid', 'guid', 'contact-id', 'deleted', 'gravity', 'parent'];
$item = Item::selectFirstForUser(local_user(), $fields, ['id' => $id]);
if (!DBA::isResult($item)) {
notice(DI::l10n()->t('Item not found.') . EOL);
DI::baseUrl()->redirect('network');
}
if ($item['deleted']) {
return 0;
}
$contact_id = 0;
// check if logged in user is either the author or owner of this item
if (Session::getRemoteContactID($item['uid']) == $item['contact-id']) {
$contact_id = $item['contact-id'];
}
if ((local_user() == $item['uid']) || $contact_id) {
// Check if we should do HTML-based delete confirmation
if (!empty($_REQUEST['confirm'])) {
// <form> can't take arguments in its "action" parameter
// so add any arguments as hidden inputs
$query = explode_querystring(DI::args()->getQueryString());
$inputs = [];
foreach ($query['args'] as $arg) {
if (strpos($arg, 'confirm=') === false) {
$arg_parts = explode('=', $arg);
$inputs[] = ['name' => $arg_parts[0], 'value' => $arg_parts[1]];
}
}
return Renderer::replaceMacros(Renderer::getMarkupTemplate('confirm.tpl'), [
'$method' => 'get',
'$message' => DI::l10n()->t('Do you really want to delete this item?'),
'$extra_inputs' => $inputs,
'$confirm' => DI::l10n()->t('Yes'),
'$confirm_url' => $query['base'],
'$confirm_name' => 'confirmed',
'$cancel' => DI::l10n()->t('Cancel'),
]);
}
// Now check how the user responded to the confirmation query
if (!empty($_REQUEST['canceled'])) {
DI::baseUrl()->redirect('display/' . $item['guid']);
}
$is_comment = ($item['gravity'] == GRAVITY_COMMENT) ? true : false;
$parentitem = null;
if (!empty($item['parent'])){
$fields = ['guid'];
$parentitem = Item::selectFirstForUser(local_user(), $fields, ['id' => $item['parent']]);
}
// delete the item
Item::deleteForUser(['id' => $item['id']], local_user());
$return_url = hex2bin($return);
// removes update_* from return_url to ignore Ajax refresh
$return_url = str_replace("update_", "", $return_url);
// Check if delete a comment
if ($is_comment) {
// Return to parent guid
if (!empty($parentitem)) {
DI::baseUrl()->redirect('display/' . $parentitem['guid']);
//NOTREACHED
}
// In case something goes wrong
else {
DI::baseUrl()->redirect('network');
//NOTREACHED
}
}
else {
// if unknown location or deleting top level post called from display
if (empty($return_url) || strpos($return_url, 'display') !== false) {
DI::baseUrl()->redirect('network');
//NOTREACHED
} else {
DI::baseUrl()->redirect($return_url);
//NOTREACHED
}
}
} else {
notice(DI::l10n()->t('Permission denied.') . EOL);
DI::baseUrl()->redirect('display/' . $item['guid']);
//NOTREACHED
}
}

View file

@ -34,6 +34,7 @@ use Friendica\Content\Text\BBCode;
use Friendica\Core\Hook; use Friendica\Core\Hook;
use Friendica\Core\Logger; use Friendica\Core\Logger;
use Friendica\Core\Protocol; use Friendica\Core\Protocol;
use Friendica\Core\Renderer;
use Friendica\Core\Session; use Friendica\Core\Session;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Core\Worker; use Friendica\Core\Worker;
@ -67,7 +68,10 @@ function item_post(App $a) {
if (!empty($_REQUEST['dropitems'])) { if (!empty($_REQUEST['dropitems'])) {
$arr_drop = explode(',', $_REQUEST['dropitems']); $arr_drop = explode(',', $_REQUEST['dropitems']);
drop_items($arr_drop); foreach ($arr_drop as $item) {
Item::deleteForUser(['id' => $item], $uid);
}
$json = ['success' => 1]; $json = ['success' => 1];
System::jsonExit($json); System::jsonExit($json);
} }
@ -850,7 +854,9 @@ function item_content(App $a)
if (($a->argc >= 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) { if (($a->argc >= 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) {
if (DI::mode()->isAjax()) { if (DI::mode()->isAjax()) {
$o = Item::deleteForUser(['id' => $a->argv[2]], local_user()); Item::deleteForUser(['id' => $a->argv[2]], local_user());
// ajax return: [<item id>, 0 (no perm) | <owner id>]
System::jsonExit([intval($a->argv[2]), local_user()]);
} else { } else {
if (!empty($a->argv[3])) { if (!empty($a->argv[3])) {
$o = drop_item($a->argv[2], $a->argv[3]); $o = drop_item($a->argv[2], $a->argv[3]);
@ -859,12 +865,112 @@ function item_content(App $a)
$o = drop_item($a->argv[2]); $o = drop_item($a->argv[2]);
} }
} }
if (DI::mode()->isAjax()) {
// ajax return: [<item id>, 0 (no perm) | <owner id>]
System::jsonExit([intval($a->argv[2]), intval($o)]);
}
} }
return $o; return $o;
} }
/**
* @param int $id
* @param string $return
* @return string
* @throws HTTPException\InternalServerErrorException
*/
function drop_item(int $id, string $return = '')
{
// locate item to be deleted
$fields = ['id', 'uid', 'guid', 'contact-id', 'deleted', 'gravity', 'parent'];
$item = Item::selectFirstForUser(local_user(), $fields, ['id' => $id]);
if (!DBA::isResult($item)) {
notice(DI::l10n()->t('Item not found.') . EOL);
DI::baseUrl()->redirect('network');
}
if ($item['deleted']) {
return '';
}
$contact_id = 0;
// check if logged in user is either the author or owner of this item
if (Session::getRemoteContactID($item['uid']) == $item['contact-id']) {
$contact_id = $item['contact-id'];
}
if ((local_user() == $item['uid']) || $contact_id) {
// Check if we should do HTML-based delete confirmation
if (!empty($_REQUEST['confirm'])) {
// <form> can't take arguments in its "action" parameter
// so add any arguments as hidden inputs
$query = explode_querystring(DI::args()->getQueryString());
$inputs = [];
foreach ($query['args'] as $arg) {
if (strpos($arg, 'confirm=') === false) {
$arg_parts = explode('=', $arg);
$inputs[] = ['name' => $arg_parts[0], 'value' => $arg_parts[1]];
}
}
return Renderer::replaceMacros(Renderer::getMarkupTemplate('confirm.tpl'), [
'$method' => 'get',
'$message' => DI::l10n()->t('Do you really want to delete this item?'),
'$extra_inputs' => $inputs,
'$confirm' => DI::l10n()->t('Yes'),
'$confirm_url' => $query['base'],
'$confirm_name' => 'confirmed',
'$cancel' => DI::l10n()->t('Cancel'),
]);
}
// Now check how the user responded to the confirmation query
if (!empty($_REQUEST['canceled'])) {
DI::baseUrl()->redirect('display/' . $item['guid']);
}
$is_comment = ($item['gravity'] == GRAVITY_COMMENT) ? true : false;
$parentitem = null;
if (!empty($item['parent'])){
$fields = ['guid'];
$parentitem = Item::selectFirstForUser(local_user(), $fields, ['id' => $item['parent']]);
}
// delete the item
Item::deleteForUser(['id' => $item['id']], local_user());
$return_url = hex2bin($return);
// removes update_* from return_url to ignore Ajax refresh
$return_url = str_replace("update_", "", $return_url);
// Check if delete a comment
if ($is_comment) {
// Return to parent guid
if (!empty($parentitem)) {
DI::baseUrl()->redirect('display/' . $parentitem['guid']);
//NOTREACHED
}
// In case something goes wrong
else {
DI::baseUrl()->redirect('network');
//NOTREACHED
}
}
else {
// if unknown location or deleting top level post called from display
if (empty($return_url) || strpos($return_url, 'display') !== false) {
DI::baseUrl()->redirect('network');
//NOTREACHED
} else {
DI::baseUrl()->redirect($return_url);
//NOTREACHED
}
}
} else {
notice(DI::l10n()->t('Permission denied.'));
DI::baseUrl()->redirect('display/' . $item['guid']);
//NOTREACHED
}
return '';
}