2011-07-19 14:17:58 +00:00
< ? php
/* ACL selector json backend */
2012-06-06 03:33:11 +00:00
2011-07-19 14:17:58 +00:00
require_once ( " include/acl_selectors.php " );
function acl_init ( & $a ){
2013-01-19 09:07:35 +00:00
// logger('mod_acl: ' . print_r($_REQUEST,true));
2011-07-19 14:17:58 +00:00
2012-03-27 04:48:04 +00:00
$start = ( x ( $_REQUEST , 'start' ) ? $_REQUEST [ 'start' ] : 0 );
$count = ( x ( $_REQUEST , 'count' ) ? $_REQUEST [ 'count' ] : 100 );
$search = ( x ( $_REQUEST , 'search' ) ? $_REQUEST [ 'search' ] : " " );
$type = ( x ( $_REQUEST , 'type' ) ? $_REQUEST [ 'type' ] : " " );
2011-10-25 13:49:53 +00:00
2011-07-19 14:17:58 +00:00
2012-05-07 02:53:34 +00:00
// For use with jquery.autocomplete for private mail completion
if ( x ( $_REQUEST , 'query' ) && strlen ( $_REQUEST [ 'query' ])) {
2012-06-06 03:33:11 +00:00
if ( ! $type )
$type = 'm' ;
2012-05-07 02:53:34 +00:00
$search = $_REQUEST [ 'query' ];
}
2012-10-25 02:13:29 +00:00
2013-01-19 08:43:05 +00:00
if ( ! ( local_user ()))
if ( $type != 'x' )
killme ();
2012-10-25 02:13:29 +00:00
2013-01-19 08:43:05 +00:00
if ( $search != " " ) {
2012-12-07 03:18:38 +00:00
$sql_extra = " AND `name` LIKE " . protect_sprintf ( " '% " . dbesc ( $search ) . " %' " ) . " " ;
$sql_extra2 = " AND ( xchan_name LIKE " . protect_sprintf ( " '% " . dbesc ( $search ) . " %' " ) . " OR xchan_addr LIKE " . protect_sprintf ( " '% " . dbesc ( $search ) . " %' " ) . " ) " ;
2012-12-06 02:39:07 +00:00
$col = (( strpos ( $search , '@' ) !== false ) ? 'xchan_addr' : 'xchan_name' );
$sql_extra3 = " AND $col like " . protect_sprintf ( " '% " . dbesc ( $search ) . " %' " ) . " " ;
2012-02-26 20:40:41 +00:00
} else {
2012-10-25 02:13:29 +00:00
$sql_extra = $sql_extra2 = $sql_extra3 = " " ;
2011-07-19 14:17:58 +00:00
}
// count groups and contacts
2011-10-25 13:49:53 +00:00
if ( $type == '' || $type == 'g' ){
2013-12-23 02:37:39 +00:00
$r = q ( " SELECT COUNT(`id`) AS g FROM `groups` WHERE `deleted` = 0 AND `uid` = %d $sql_extra " ,
2011-10-25 13:49:53 +00:00
intval ( local_user ())
);
$group_count = ( int ) $r [ 0 ][ 'g' ];
} else {
$group_count = 0 ;
}
if ( $type == '' || $type == 'c' ){
2012-12-07 03:18:38 +00:00
$r = q ( " SELECT COUNT(abook_id) AS c FROM abook left join xchan on abook_xchan = xchan_hash
2013-12-26 07:14:13 +00:00
WHERE abook_channel = % d AND not ( abook_flags & % d ) and not ( xchan_flags & % d ) $sql_extra2 " ,
2012-12-07 03:18:38 +00:00
intval ( local_user ()),
2014-01-07 01:10:53 +00:00
intval ( ABOOK_FLAG_BLOCKED | ABOOK_FLAG_PENDING | ABOOK_FLAG_ARCHIVED ),
2013-12-26 07:14:13 +00:00
intval ( XCHAN_FLAGS_DELETED )
2011-10-25 13:49:53 +00:00
);
$contact_count = ( int ) $r [ 0 ][ 'c' ];
2014-04-16 01:35:22 +00:00
if ( intval ( get_config ( 'system' , 'taganyone' )) || intval ( get_pconfig ( local_user (), 'system' , 'taganyone' ))) {
if ((( ! $r ) || ( ! $r [ 0 ][ 'total' ])) && $type == 'c' ) {
$r = q ( " SELECT COUNT(xchan_hash) AS c FROM xchan
WHERE not ( xchan_flags & % d ) $sql_extra2 " ,
intval ( XCHAN_FLAGS_DELETED )
);
$contact_count = ( int ) $r [ 0 ][ 'c' ];
}
}
2012-04-24 01:28:33 +00:00
}
2012-12-07 03:18:38 +00:00
2012-04-24 01:28:33 +00:00
elseif ( $type == 'm' ) {
// autocomplete for Private Messages
2013-07-16 01:07:23 +00:00
2013-07-22 04:48:12 +00:00
$r = q ( " SELECT count(xchan_hash) as c
2013-07-16 01:07:23 +00:00
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = % d and ( ( abook_their_perms = null ) or ( abook_their_perms & % d ))
2013-12-26 07:14:13 +00:00
and not ( xchan_flags & % d )
2013-07-16 01:07:23 +00:00
$sql_extra2 " ,
2012-04-24 01:28:33 +00:00
intval ( local_user ()),
2013-12-26 07:14:13 +00:00
intval ( PERMS_W_MAIL ),
intval ( XCHAN_FLAGS_DELETED )
2012-04-24 01:28:33 +00:00
);
2013-07-16 01:07:23 +00:00
if ( $r )
$contact_count = ( int ) $r [ 0 ][ 'c' ];
2012-04-24 01:28:33 +00:00
2012-06-06 03:33:11 +00:00
}
elseif ( $type == 'a' ) {
// autocomplete for Contacts
2013-08-28 01:40:33 +00:00
$r = q ( " SELECT COUNT(abook_id) AS c FROM abook left join xchan on abook_xchan = xchan_hash
2013-12-26 07:14:13 +00:00
WHERE abook_channel = % d and not ( xchan_flags & % d ) $sql_extra2 " ,
intval ( local_user ()),
intval ( XCHAN_FLAGS_DELETED )
2012-06-06 03:33:11 +00:00
);
$contact_count = ( int ) $r [ 0 ][ 'c' ];
2011-10-25 13:49:53 +00:00
} else {
$contact_count = 0 ;
}
2011-07-19 14:17:58 +00:00
$tot = $group_count + $contact_count ;
$groups = array ();
$contacts = array ();
2011-10-25 13:49:53 +00:00
if ( $type == '' || $type == 'g' ){
2013-12-23 02:37:39 +00:00
$r = q ( " SELECT `groups`.`id`, `groups`.`hash`, `groups`.`name`,
2012-12-07 03:18:38 +00:00
GROUP_CONCAT ( DISTINCT `group_member` . `xchan` SEPARATOR ',' ) as uids
2013-12-23 02:37:39 +00:00
FROM `groups` , `group_member`
WHERE `groups` . `deleted` = 0 AND `groups` . `uid` = % d
AND `group_member` . `gid` = `groups` . `id`
2011-10-25 13:49:53 +00:00
$sql_extra
2013-12-23 02:37:39 +00:00
GROUP BY `groups` . `id`
ORDER BY `groups` . `name`
2011-10-25 13:49:53 +00:00
LIMIT % d , % d " ,
intval ( local_user ()),
intval ( $start ),
intval ( $count )
2011-07-19 14:17:58 +00:00
);
2011-10-25 13:49:53 +00:00
foreach ( $r as $g ){
2011-12-21 01:01:41 +00:00
// logger('acl: group: ' . $g['name'] . ' members: ' . $g['uids']);
2011-10-25 13:49:53 +00:00
$groups [] = array (
" type " => " g " ,
2012-01-11 05:09:38 +00:00
" photo " => " images/twopeople.png " ,
2011-10-25 13:49:53 +00:00
" name " => $g [ 'name' ],
2012-12-07 21:35:45 +00:00
" id " => $g [ 'id' ],
" xid " => $g [ 'hash' ],
2012-12-07 03:18:38 +00:00
" uids " => explode ( " , " , $g [ 'uids' ]),
2011-10-25 13:49:53 +00:00
" link " => ''
);
}
2011-07-19 14:17:58 +00:00
}
2013-12-26 07:14:13 +00:00
2012-12-07 03:18:38 +00:00
if ( $type == '' || $type == 'c' ) {
2014-01-07 01:10:53 +00:00
$r = q ( " SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, abook_their_perms, abook_flags
2012-12-07 03:18:38 +00:00
FROM abook left join xchan on abook_xchan = xchan_hash
2013-12-26 07:14:13 +00:00
WHERE abook_channel = % d AND not ( abook_flags & % d ) and not ( xchan_flags & % d ) $sql_extra2 order by xchan_name asc " ,
2012-12-07 03:18:38 +00:00
intval ( local_user ()),
2014-01-07 01:10:53 +00:00
intval ( ABOOK_FLAG_BLOCKED | ABOOK_FLAG_PENDING | ABOOK_FLAG_ARCHIVED ),
2013-12-26 07:14:13 +00:00
intval ( XCHAN_FLAGS_DELETED )
2011-07-19 14:17:58 +00:00
);
2014-04-16 01:35:22 +00:00
if ( intval ( get_config ( 'system' , 'taganyone' )) || intval ( get_pconfig ( local_user (), 'system' , 'taganyone' ))) {
if (( ! $r ) && $type == 'c' ) {
$r = q ( " SELECT substr(xchan_hash,1,18) as id, xchan_hash as hash, xchan_name as name, xchan_photo_s as micro, xchan_url as url, xchan_addr as nick, 0 as abook_their_perms, 0 as abook_flags
FROM xchan
WHERE not ( xchan_flags & % d ) $sql_extra2 order by xchan_name asc " ,
intval ( XCHAN_FLAGS_DELETED )
);
}
}
2012-04-24 01:28:33 +00:00
}
elseif ( $type == 'm' ) {
2012-12-07 03:18:38 +00:00
2012-12-06 02:39:07 +00:00
$r = q ( " SELECT xchan_hash as id, xchan_name as name, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url
FROM abook left join xchan on abook_xchan = xchan_hash
WHERE abook_channel = % d and ( ( abook_their_perms = null ) or ( abook_their_perms & % d ))
2013-12-26 07:14:13 +00:00
and not ( xchan_flags & % d )
2012-12-05 02:24:46 +00:00
$sql_extra3
ORDER BY `xchan_name` ASC " ,
2012-12-06 02:39:07 +00:00
intval ( local_user ()),
2013-12-26 07:14:13 +00:00
intval ( PERMS_W_MAIL ),
intval ( XCHAN_FLAGS_DELETED )
2012-04-24 01:28:33 +00:00
);
}
2012-06-06 03:33:11 +00:00
elseif ( $type == 'a' ) {
2013-06-16 07:03:22 +00:00
$r = q ( " SELECT abook_id as id, xchan_name as name, xchan_hash as hash, xchan_addr as nick, xchan_photo_s as micro, xchan_network as network, xchan_url as url, xchan_addr as attag , abook_their_perms FROM abook left join xchan on abook_xchan = xchan_hash
2012-11-13 10:57:15 +00:00
WHERE abook_channel = % d
2013-12-26 07:14:13 +00:00
and not ( xchan_flags & % d )
2012-11-13 10:57:15 +00:00
$sql_extra3
ORDER BY xchan_name ASC " ,
2013-12-26 07:14:13 +00:00
intval ( local_user ()),
intval ( XCHAN_FLAGS_DELETED )
2012-06-06 03:33:11 +00:00
);
}
2012-10-25 02:13:29 +00:00
elseif ( $type == 'x' ) {
2013-01-19 08:43:05 +00:00
$r = navbar_complete ( $a );
$x = array ();
$x [ 'query' ] = $search ;
$x [ 'photos' ] = array ();
$x [ 'links' ] = array ();
$x [ 'suggestions' ] = array ();
$x [ 'data' ] = array ();
if ( $r ) {
foreach ( $r as $g ) {
$x [ 'photos' ][] = $g [ 'photo' ];
$x [ 'links' ][] = $g [ 'url' ];
$x [ 'suggestions' ][] = '@' . $g [ 'name' ];
$x [ 'data' ][] = $g [ 'name' ];
}
}
echo json_encode ( $x );
killme ();
2012-10-25 02:13:29 +00:00
}
2012-04-24 01:28:33 +00:00
else
$r = array ();
2012-05-07 02:53:34 +00:00
2013-01-19 08:43:05 +00:00
if ( $type == 'm' || $type == 'a' ) {
2012-05-07 02:53:34 +00:00
$x = array ();
2012-11-13 10:57:15 +00:00
$x [ 'query' ] = $search ;
$x [ 'photos' ] = array ();
$x [ 'links' ] = array ();
2012-05-07 02:53:34 +00:00
$x [ 'suggestions' ] = array ();
2012-11-13 10:57:15 +00:00
$x [ 'data' ] = array ();
2012-05-07 02:53:34 +00:00
if ( count ( $r )) {
foreach ( $r as $g ) {
2012-11-13 10:57:15 +00:00
$x [ 'photos' ][] = $g [ 'micro' ];
$x [ 'links' ][] = $g [ 'url' ];
2013-01-19 09:07:35 +00:00
$x [ 'suggestions' ][] = $g [ 'name' ];
2012-12-05 02:24:46 +00:00
$x [ 'data' ][] = $g [ 'id' ];
2012-05-07 02:53:34 +00:00
}
}
echo json_encode ( $x );
killme ();
}
2012-04-24 01:28:33 +00:00
if ( count ( $r )) {
2011-10-25 13:49:53 +00:00
foreach ( $r as $g ){
2014-09-04 05:15:44 +00:00
// remove RSS feeds from ACLs - they are inaccessible
if ( strpos ( $g [ 'hash' ], '/' ))
continue ;
2014-04-14 01:07:19 +00:00
if (( $g [ 'abook_their_perms' ] & PERMS_W_TAGWALL ) && $type == 'c' ) {
2014-04-12 03:12:40 +00:00
$contacts [] = array (
" type " => " c " ,
2014-04-12 07:41:36 +00:00
" photo " => " images/twopeople.png " ,
2014-04-12 06:54:11 +00:00
" name " => $g [ 'name' ] . '+' ,
2014-04-12 03:12:40 +00:00
" id " => $g [ 'id' ] . '+' ,
" xid " => $g [ 'hash' ],
" link " => $g [ 'nick' ],
2014-04-12 06:54:11 +00:00
" nick " => substr ( $g [ 'nick' ], 0 , strpos ( $g [ 'nick' ], '@' )),
2014-04-12 03:12:40 +00:00
" self " => (( $g [ 'abook_flags' ] & ABOOK_FLAG_SELF ) ? 'abook-self' : '' ),
2014-04-12 07:41:36 +00:00
" taggable " => 'taggable' ,
" label " => t ( 'network' )
2014-04-12 03:12:40 +00:00
);
}
2011-10-25 13:49:53 +00:00
$contacts [] = array (
2013-06-16 07:03:22 +00:00
" type " => " c " ,
" photo " => $g [ 'micro' ],
" name " => $g [ 'name' ],
" id " => $g [ 'id' ],
" xid " => $g [ 'hash' ],
" link " => $g [ 'nick' ],
" nick " => substr ( $g [ 'nick' ], 0 , strpos ( $g [ 'nick' ], '@' )),
2014-01-07 01:10:53 +00:00
" self " => (( $g [ 'abook_flags' ] & ABOOK_FLAG_SELF ) ? 'abook-self' : '' ),
2014-04-12 07:41:36 +00:00
" taggable " => '' ,
" label " => '' ,
2011-10-25 13:49:53 +00:00
);
2012-04-24 01:28:33 +00:00
}
2011-07-19 14:17:58 +00:00
}
2012-04-24 01:28:33 +00:00
2011-07-19 14:17:58 +00:00
$items = array_merge ( $groups , $contacts );
$o = array (
'tot' => $tot ,
'start' => $start ,
'count' => $count ,
'items' => $items ,
);
echo json_encode ( $o );
killme ();
}
2013-01-19 08:43:05 +00:00
function navbar_complete ( & $a ) {
2013-01-19 09:07:35 +00:00
// logger('navbar_complete');
2013-01-19 08:43:05 +00:00
2013-11-09 16:56:19 +00:00
if (( get_config ( 'system' , 'block_public' )) && ( ! local_user ()) && ( ! remote_user ())) {
2013-11-09 17:32:59 +00:00
return ;
2013-11-09 16:56:19 +00:00
}
2013-01-19 08:43:05 +00:00
$dirmode = intval ( get_config ( 'system' , 'directory_mode' ));
$search = (( x ( $_REQUEST , 'query' )) ? htmlentities ( $_REQUEST [ 'query' ], ENT_COMPAT , 'UTF-8' , false ) : '' );
if ( ! $search || mb_strlen ( $search ) < 2 )
return array ();
$star = false ;
$address = false ;
if ( substr ( $search , 0 , 1 ) === '@' )
$search = substr ( $search , 1 );
if ( substr ( $search , 0 , 1 ) === '*' ) {
$star = true ;
$search = substr ( $search , 1 );
}
if ( strpos ( $search , '@' ) !== false ) {
$address = true ;
}
if (( $dirmode == DIRECTORY_MODE_PRIMARY ) || ( $dirmode == DIRECTORY_MODE_STANDALONE )) {
$url = z_root () . '/dirsearch' ;
}
if ( ! $url ) {
2013-06-09 17:16:02 +00:00
require_once ( " include/dir_fns.php " );
2013-01-19 08:43:05 +00:00
$directory = find_upstream_directory ( $dirmode );
2014-04-26 01:10:23 +00:00
$url = $directory [ 'url' ] . '/dirsearch' ;
2013-01-19 08:43:05 +00:00
}
if ( $url ) {
$query = $url . '?f=' ;
$query .= '&name=' . urlencode ( $search ) . '&limit=50' . (( $address ) ? '&address=' . urlencode ( $search ) : '' );
$x = z_fetch_url ( $query );
if ( $x [ 'success' ]) {
$t = 0 ;
$j = json_decode ( $x [ 'body' ], true );
if ( $j && $j [ 'results' ]) {
return $j [ 'results' ];
}
}
}
return array ();
2013-11-09 16:56:19 +00:00
}