2012-10-30 00:14:02 +00:00
|
|
|
<?php
|
|
|
|
|
|
2013-12-04 08:19:29 +00:00
|
|
|
require_once('include/contact_widgets.php');
|
|
|
|
|
require_once('include/items.php');
|
|
|
|
|
require_once("include/bbcode.php");
|
|
|
|
|
require_once('include/security.php');
|
|
|
|
|
require_once('include/conversation.php');
|
|
|
|
|
require_once('include/acl_selectors.php');
|
|
|
|
|
require_once('include/permissions.php');
|
|
|
|
|
|
|
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
function channel_init(&$a) {
|
|
|
|
|
|
2013-08-04 08:04:05 +00:00
|
|
|
$which = null;
|
2012-10-30 00:14:02 +00:00
|
|
|
if(argc() > 1)
|
|
|
|
|
$which = argv(1);
|
2013-08-04 08:04:05 +00:00
|
|
|
if(! $which) {
|
2015-01-29 04:56:04 +00:00
|
|
|
if(local_channel()) {
|
2013-08-04 08:04:05 +00:00
|
|
|
$channel = $a->get_channel();
|
|
|
|
|
if($channel && $channel['channel_address'])
|
|
|
|
|
$which = $channel['channel_address'];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if(! $which) {
|
|
|
|
|
notice( t('You must be logged in to see this page.') . EOL );
|
2012-10-30 00:14:02 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$profile = 0;
|
|
|
|
|
$channel = $a->get_channel();
|
|
|
|
|
|
2015-01-29 04:56:04 +00:00
|
|
|
if((local_channel()) && (argc() > 2) && (argv(2) === 'view')) {
|
2012-10-30 00:14:02 +00:00
|
|
|
$which = $channel['channel_address'];
|
|
|
|
|
$profile = argv(1);
|
|
|
|
|
}
|
|
|
|
|
|
2013-01-06 21:42:51 +00:00
|
|
|
$a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which .'" />' . "\r\n" ;
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2015-03-15 23:48:45 +00:00
|
|
|
|
|
|
|
|
// Not yet ready for prime time
|
|
|
|
|
// $a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->get_baseurl() . '/id/' . $which .'?f=" />' . "\r\n" ;
|
2015-03-17 00:08:50 +00:00
|
|
|
// $a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $a->get_baseurl() . '/channel/' . $which .'" />' . "\r\n" ;
|
2015-03-15 23:48:45 +00:00
|
|
|
|
2013-01-06 21:42:51 +00:00
|
|
|
// Run profile_load() here to make sure the theme is set before
|
|
|
|
|
// we start loading content
|
2013-01-24 22:31:57 +00:00
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
profile_load($a,$which,$profile);
|
|
|
|
|
|
2013-01-06 21:42:51 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-16 08:44:38 +00:00
|
|
|
function channel_content(&$a, $update = 0, $load = false) {
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2015-03-21 23:46:28 +00:00
|
|
|
|
|
|
|
|
if($load)
|
|
|
|
|
$_SESSION['loadtime'] = datetime_convert();
|
|
|
|
|
|
|
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
$category = $datequery = $datequery2 = '';
|
|
|
|
|
|
2014-12-16 08:25:41 +00:00
|
|
|
$mid = ((x($_REQUEST,'mid')) ? $_REQUEST['mid'] : '');
|
2014-01-08 15:03:59 +00:00
|
|
|
|
2013-09-15 01:18:18 +00:00
|
|
|
$datequery = ((x($_GET,'dend') && is_a_date_arg($_GET['dend'])) ? notags($_GET['dend']) : '');
|
|
|
|
|
$datequery2 = ((x($_GET,'dbegin') && is_a_date_arg($_GET['dbegin'])) ? notags($_GET['dbegin']) : '');
|
2012-12-10 02:07:36 +00:00
|
|
|
|
2015-01-29 04:58:59 +00:00
|
|
|
if(get_config('system','block_public') && (! get_account_id()) && (! remote_channel())) {
|
2012-10-30 00:14:02 +00:00
|
|
|
return login();
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-04 03:58:46 +00:00
|
|
|
$category = ((x($_REQUEST,'cat')) ? $_REQUEST['cat'] : '');
|
2014-12-15 22:37:31 +00:00
|
|
|
$hashtags = ((x($_REQUEST,'tag')) ? $_REQUEST['tag'] : '');
|
2013-09-04 03:58:46 +00:00
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
$groups = array();
|
|
|
|
|
|
|
|
|
|
$o = '';
|
|
|
|
|
|
|
|
|
|
if($update) {
|
|
|
|
|
// Ensure we've got a profile owner if updating.
|
2014-10-21 03:10:23 +00:00
|
|
|
$a->profile['profile_uid'] = $a->profile_uid = $update;
|
2012-10-30 00:14:02 +00:00
|
|
|
}
|
|
|
|
|
else {
|
2015-01-29 04:56:04 +00:00
|
|
|
if($a->profile['profile_uid'] == local_channel()) {
|
2012-10-30 00:14:02 +00:00
|
|
|
nav_set_selected('home');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-29 04:56:04 +00:00
|
|
|
$is_owner = (((local_channel()) && ($a->profile['profile_uid'] == local_channel())) ? true : false);
|
2013-01-06 00:37:32 +00:00
|
|
|
|
2014-04-11 22:51:25 +00:00
|
|
|
$channel = $a->get_channel();
|
2012-12-10 02:07:36 +00:00
|
|
|
$observer = $a->get_observer();
|
|
|
|
|
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2012-12-10 02:07:36 +00:00
|
|
|
$perms = get_all_perms($a->profile['profile_uid'],$ob_hash);
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2012-12-10 02:07:36 +00:00
|
|
|
if(! $perms['view_stream']) {
|
2013-10-04 14:57:48 +00:00
|
|
|
// We may want to make the target of this redirect configurable
|
|
|
|
|
if($perms['view_profile']) {
|
|
|
|
|
notice( t('Insufficient permissions. Request redirected to profile page.') . EOL);
|
|
|
|
|
goaway (z_root() . "/profile/" . $a->profile['channel_address']);
|
|
|
|
|
}
|
2012-12-10 02:07:36 +00:00
|
|
|
notice( t('Permission denied.') . EOL);
|
2012-10-30 00:14:02 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-10 02:07:36 +00:00
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
if(! $update) {
|
|
|
|
|
|
|
|
|
|
$o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
|
|
|
|
|
|
|
|
|
|
$o .= common_friends_visitor_widget($a->profile['profile_uid']);
|
|
|
|
|
|
2014-04-11 22:51:25 +00:00
|
|
|
if($channel && $is_owner) {
|
|
|
|
|
$channel_acl = array(
|
|
|
|
|
'allow_cid' => $channel['channel_allow_cid'],
|
|
|
|
|
'allow_gid' => $channel['channel_allow_gid'],
|
|
|
|
|
'deny_cid' => $channel['channel_deny_cid'],
|
|
|
|
|
'deny_gid' => $channel['channel_deny_gid']
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
$channel_acl = array();
|
2013-11-29 22:08:37 +00:00
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2014-01-09 23:45:17 +00:00
|
|
|
if($perms['post_wall']) {
|
2012-10-30 00:14:02 +00:00
|
|
|
|
|
|
|
|
$x = array(
|
|
|
|
|
'is_owner' => $is_owner,
|
2013-05-29 00:16:16 +00:00
|
|
|
'allow_location' => ((($is_owner || $observer) && (intval(get_pconfig($a->profile['profile_uid'],'system','use_browser_location')))) ? true : false),
|
|
|
|
|
'default_location' => (($is_owner) ? $a->profile['channel_location'] : ''),
|
2012-10-30 00:14:02 +00:00
|
|
|
'nickname' => $a->profile['channel_address'],
|
|
|
|
|
'lockstate' => (((strlen($a->profile['channel_allow_cid'])) || (strlen($a->profile['channel_allow_gid'])) || (strlen($a->profile['channel_deny_cid'])) || (strlen($a->profile['channel_deny_gid']))) ? 'lock' : 'unlock'),
|
2013-11-29 22:08:37 +00:00
|
|
|
'acl' => (($is_owner) ? populate_acl($channel_acl) : ''),
|
2013-03-06 23:13:54 +00:00
|
|
|
'showacl' => (($is_owner) ? 'yes' : ''),
|
2012-10-30 00:14:02 +00:00
|
|
|
'bang' => '',
|
2014-04-08 20:07:06 +00:00
|
|
|
'visitor' => (($is_owner || $observer) ? true : false),
|
2012-10-30 00:14:02 +00:00
|
|
|
'profile_uid' => $a->profile['profile_uid']
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$o .= status_editor($a,$x);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
|
|
|
|
|
*/
|
|
|
|
|
|
2015-06-10 23:59:04 +00:00
|
|
|
$item_normal = item_normal();
|
2015-05-21 01:46:23 +00:00
|
|
|
$sql_extra = item_permissions_sql($a->profile['profile_uid']);
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2014-12-16 08:25:41 +00:00
|
|
|
if(get_pconfig($a->profile['profile_uid'],'system','channel_list_mode') && (! $mid))
|
2014-11-17 23:43:03 +00:00
|
|
|
$page_mode = 'list';
|
|
|
|
|
else
|
|
|
|
|
$page_mode = 'client';
|
|
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2015-03-19 02:06:05 +00:00
|
|
|
$abook_uids = " and abook.abook_channel = " . intval($a->profile['profile_uid']) . " ";
|
|
|
|
|
|
2015-03-21 23:46:28 +00:00
|
|
|
$simple_update = (($update) ? " AND item_unseen = 1 " : '');
|
|
|
|
|
|
|
|
|
|
if($update && $_SESSION['loadtime'])
|
2015-03-22 22:00:41 +00:00
|
|
|
$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
|
2015-03-21 23:46:28 +00:00
|
|
|
if($load)
|
|
|
|
|
$simple_update = '';
|
|
|
|
|
|
2012-12-16 08:44:38 +00:00
|
|
|
if(($update) && (! $load)) {
|
2014-01-08 15:03:59 +00:00
|
|
|
if ($mid) {
|
2015-06-10 23:59:04 +00:00
|
|
|
$r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d $item_normal
|
2015-01-23 01:41:16 +00:00
|
|
|
AND item_wall = 1 AND item_unseen = 1 $sql_extra limit 1",
|
2015-03-19 02:06:05 +00:00
|
|
|
dbesc($mid . '%'),
|
2015-01-23 01:41:16 +00:00
|
|
|
intval($a->profile['profile_uid'])
|
2014-01-08 15:03:59 +00:00
|
|
|
);
|
|
|
|
|
} else {
|
PostgreSQL support initial commit
There were 11 main types of changes:
- UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but
it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just
copied from Friendica. All of these instances, the LIMIT 1 was simply removed.
- Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit
integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice
to boot). Proper explicit boolean conversions were added. New queries should use proper conventions.
- MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_
func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There
were no true toggles (XOR). New queries should refrain from using XOR when not necessary.
- There are several fields which the schema has marked as NOT NULL, but the inserts don't specify
them. The reason this works is because mysql totally ignores the constraint and adds an empty text
default automatically. Again, non-compliant, obviously. In these cases a default of empty text was
added.
- Several statements rely on a non-standard MySQL feature
(http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten
to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run
a zillion times faster, even on MySQL.
- A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG,
UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_
- INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes
around the value -- assist functions added in the dba_
- NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such
thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are
handled in Zot/item packets automagically by quoting all dates with dbescdate().
- char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the
code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works
better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype
for all text fields in the postgres schema. varchar was used in a couple of places where it actually
seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code
actually validates data, new bugs might come out from under the rug.
- postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted.
bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function
was added to handle this transparently.
- postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax.
Statements were updated to be standard.
These changes require corresponding changes in the coding standards. Please review those before
adding any code going forward.
Still on my TODO list:
- remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting
- Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
|
|
|
$r = q("SELECT distinct parent AS `item_id`, created from item
|
2015-03-19 02:06:05 +00:00
|
|
|
left join abook on ( item.owner_xchan = abook.abook_xchan $abook_uids )
|
2015-06-10 23:59:04 +00:00
|
|
|
WHERE uid = %d $item_normal
|
2015-01-23 01:41:16 +00:00
|
|
|
AND item_wall = 1 AND item_unseen = 1
|
2015-07-16 01:41:50 +00:00
|
|
|
AND (abook.abook_blocked = 0 or abook.abook_flags is null)
|
2014-01-08 15:03:59 +00:00
|
|
|
$sql_extra
|
|
|
|
|
ORDER BY created DESC",
|
2015-06-15 04:08:00 +00:00
|
|
|
intval($a->profile['profile_uid'])
|
2014-01-08 15:03:59 +00:00
|
|
|
);
|
2015-03-22 19:55:13 +00:00
|
|
|
$_SESSION['loadtime'] = datetime_convert();
|
2014-01-08 15:03:59 +00:00
|
|
|
}
|
2012-10-30 00:14:02 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
|
|
|
|
|
if(x($category)) {
|
2013-09-04 03:58:46 +00:00
|
|
|
$sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY));
|
2012-10-30 00:14:02 +00:00
|
|
|
}
|
2014-12-15 22:37:31 +00:00
|
|
|
if(x($hashtags)) {
|
|
|
|
|
$sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG));
|
|
|
|
|
}
|
2012-10-30 00:14:02 +00:00
|
|
|
|
|
|
|
|
if($datequery) {
|
|
|
|
|
$sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
|
|
|
|
|
}
|
|
|
|
|
if($datequery2) {
|
|
|
|
|
$sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-29 04:56:04 +00:00
|
|
|
$itemspage = get_pconfig(local_channel(),'system','itemspage');
|
2013-09-10 19:52:13 +00:00
|
|
|
$a->set_pager_itemspage(((intval($itemspage)) ? $itemspage : 20));
|
PostgreSQL support initial commit
There were 11 main types of changes:
- UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but
it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just
copied from Friendica. All of these instances, the LIMIT 1 was simply removed.
- Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit
integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice
to boot). Proper explicit boolean conversions were added. New queries should use proper conventions.
- MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_
func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There
were no true toggles (XOR). New queries should refrain from using XOR when not necessary.
- There are several fields which the schema has marked as NOT NULL, but the inserts don't specify
them. The reason this works is because mysql totally ignores the constraint and adds an empty text
default automatically. Again, non-compliant, obviously. In these cases a default of empty text was
added.
- Several statements rely on a non-standard MySQL feature
(http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten
to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run
a zillion times faster, even on MySQL.
- A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG,
UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_
- INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes
around the value -- assist functions added in the dba_
- NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such
thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are
handled in Zot/item packets automagically by quoting all dates with dbescdate().
- char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the
code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works
better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype
for all text fields in the postgres schema. varchar was used in a couple of places where it actually
seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code
actually validates data, new bugs might come out from under the rug.
- postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted.
bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function
was added to handle this transparently.
- postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax.
Statements were updated to be standard.
These changes require corresponding changes in the coding standards. Please review those before
adding any code going forward.
Still on my TODO list:
- remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting
- Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
|
|
|
$pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval($a->pager['itemspage']), intval($a->pager['start']));
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2013-12-09 12:30:35 +00:00
|
|
|
if($load || ($_COOKIE['jsAvailable'] != 1)) {
|
2014-01-08 15:03:59 +00:00
|
|
|
if ($mid) {
|
2015-06-10 23:59:04 +00:00
|
|
|
$r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d $item_normal
|
2015-01-23 01:41:16 +00:00
|
|
|
AND item_wall = 1 $sql_extra limit 1",
|
2014-01-10 12:38:38 +00:00
|
|
|
dbesc($mid),
|
2015-01-23 01:41:16 +00:00
|
|
|
intval($a->profile['profile_uid'])
|
2014-01-08 15:03:59 +00:00
|
|
|
);
|
2014-01-09 16:06:28 +00:00
|
|
|
if (! $r) {
|
2014-01-10 12:38:38 +00:00
|
|
|
notice( t('Permission denied.') . EOL);
|
2014-01-09 16:06:28 +00:00
|
|
|
}
|
|
|
|
|
|
2014-01-08 15:03:59 +00:00
|
|
|
} else {
|
PostgreSQL support initial commit
There were 11 main types of changes:
- UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but
it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just
copied from Friendica. All of these instances, the LIMIT 1 was simply removed.
- Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit
integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice
to boot). Proper explicit boolean conversions were added. New queries should use proper conventions.
- MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_
func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There
were no true toggles (XOR). New queries should refrain from using XOR when not necessary.
- There are several fields which the schema has marked as NOT NULL, but the inserts don't specify
them. The reason this works is because mysql totally ignores the constraint and adds an empty text
default automatically. Again, non-compliant, obviously. In these cases a default of empty text was
added.
- Several statements rely on a non-standard MySQL feature
(http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten
to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run
a zillion times faster, even on MySQL.
- A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG,
UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_
- INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes
around the value -- assist functions added in the dba_
- NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such
thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are
handled in Zot/item packets automagically by quoting all dates with dbescdate().
- char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the
code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works
better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype
for all text fields in the postgres schema. varchar was used in a couple of places where it actually
seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code
actually validates data, new bugs might come out from under the rug.
- postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted.
bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function
was added to handle this transparently.
- postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax.
Statements were updated to be standard.
These changes require corresponding changes in the coding standards. Please review those before
adding any code going forward.
Still on my TODO list:
- remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting
- Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
|
|
|
$r = q("SELECT distinct id AS item_id, created FROM item
|
2014-01-08 15:03:59 +00:00
|
|
|
left join abook on item.author_xchan = abook.abook_xchan
|
2015-06-10 23:59:04 +00:00
|
|
|
WHERE uid = %d $item_normal
|
2015-01-23 01:41:16 +00:00
|
|
|
AND item_wall = 1 and item_thread_top = 1
|
2015-06-15 04:08:00 +00:00
|
|
|
AND (abook_blocked = 0 or abook.abook_flags is null)
|
2014-01-08 15:03:59 +00:00
|
|
|
$sql_extra $sql_extra2
|
|
|
|
|
ORDER BY created DESC $pager_sql ",
|
2015-06-15 04:08:00 +00:00
|
|
|
intval($a->profile['profile_uid'])
|
2014-01-08 15:03:59 +00:00
|
|
|
);
|
|
|
|
|
}
|
2012-12-16 08:44:38 +00:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$r = array();
|
|
|
|
|
}
|
2012-10-30 00:14:02 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-10 02:07:36 +00:00
|
|
|
if($r) {
|
2012-10-30 00:14:02 +00:00
|
|
|
|
|
|
|
|
$parents_str = ids_to_querystr($r,'item_id');
|
|
|
|
|
|
|
|
|
|
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`
|
|
|
|
|
FROM `item`
|
2015-06-10 23:59:04 +00:00
|
|
|
WHERE `item`.`uid` = %d $item_normal
|
2012-10-30 00:14:02 +00:00
|
|
|
AND `item`.`parent` IN ( %s )
|
|
|
|
|
$sql_extra ",
|
|
|
|
|
intval($a->profile['profile_uid']),
|
|
|
|
|
dbesc($parents_str)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
xchan_query($items);
|
2013-02-11 08:20:14 +00:00
|
|
|
$items = fetch_post_tags($items, true);
|
2012-10-30 00:14:02 +00:00
|
|
|
$items = conv_sort($items,'created');
|
|
|
|
|
|
2014-01-09 16:06:28 +00:00
|
|
|
if ($load && $mid && (! count($items))) {
|
|
|
|
|
// This will happen if we don't have sufficient permissions
|
|
|
|
|
// to view the parent item (or the item itself if it is toplevel)
|
|
|
|
|
notice( t('Permission denied.') . EOL);
|
2014-01-08 15:03:59 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
} else {
|
|
|
|
|
$items = array();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-03-21 23:46:28 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2012-12-16 08:44:38 +00:00
|
|
|
if((! $update) && (! $load)) {
|
2012-10-30 00:14:02 +00:00
|
|
|
|
|
|
|
|
// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
|
|
|
|
|
// because browser prefetching might change it on us. We have to deliver it with the page.
|
|
|
|
|
|
2014-11-18 07:48:03 +00:00
|
|
|
$maxheight = get_pconfig($a->profile['profile_uid'],'system','channel_divmore_height');
|
|
|
|
|
if(! $maxheight)
|
|
|
|
|
$maxheight = 400;
|
|
|
|
|
|
2012-12-16 08:44:38 +00:00
|
|
|
$o .= '<div id="live-channel"></div>' . "\r\n";
|
2012-10-30 00:14:02 +00:00
|
|
|
$o .= "<script> var profile_uid = " . $a->profile['profile_uid']
|
2014-11-18 07:48:03 +00:00
|
|
|
. "; var netargs = '?f='; var profile_page = " . $a->pager['page']
|
|
|
|
|
. "; divmore_height = " . intval($maxheight) . "; </script>\r\n";
|
2012-12-16 08:44:38 +00:00
|
|
|
|
|
|
|
|
$a->page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"),array(
|
|
|
|
|
'$baseurl' => z_root(),
|
|
|
|
|
'$pgtype' => 'channel',
|
2012-12-29 03:56:01 +00:00
|
|
|
'$uid' => (($a->profile['profile_uid']) ? $a->profile['profile_uid'] : '0'),
|
2012-12-16 08:44:38 +00:00
|
|
|
'$gid' => '0',
|
|
|
|
|
'$cid' => '0',
|
|
|
|
|
'$cmin' => '0',
|
|
|
|
|
'$cmax' => '0',
|
|
|
|
|
'$star' => '0',
|
|
|
|
|
'$liked' => '0',
|
|
|
|
|
'$conv' => '0',
|
|
|
|
|
'$spam' => '0',
|
|
|
|
|
'$nouveau' => '0',
|
|
|
|
|
'$wall' => '1',
|
2014-03-27 07:35:46 +00:00
|
|
|
'$fh' => '0',
|
2012-12-16 08:44:38 +00:00
|
|
|
'$page' => (($a->pager['page'] != 1) ? $a->pager['page'] : 1),
|
|
|
|
|
'$search' => '',
|
|
|
|
|
'$order' => '',
|
2014-01-08 23:20:12 +00:00
|
|
|
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
|
2012-12-16 08:44:38 +00:00
|
|
|
'$file' => '',
|
|
|
|
|
'$cats' => (($category) ? $category : ''),
|
2014-12-15 22:37:31 +00:00
|
|
|
'$tags' => (($hashtags) ? $hashtags : ''),
|
2014-01-08 15:03:59 +00:00
|
|
|
'$mid' => $mid,
|
2015-01-13 22:42:54 +00:00
|
|
|
'$verb' => '',
|
2012-12-16 08:44:38 +00:00
|
|
|
'$dend' => $datequery,
|
|
|
|
|
'$dbegin' => $datequery2
|
|
|
|
|
));
|
|
|
|
|
|
|
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
}
|
|
|
|
|
|
2014-11-17 23:43:03 +00:00
|
|
|
$update_unseen = '';
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2014-11-17 23:43:03 +00:00
|
|
|
if($page_mode === 'list') {
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2014-11-17 23:43:03 +00:00
|
|
|
/**
|
|
|
|
|
* in "list mode", only mark the parent item and any like activities as "seen".
|
|
|
|
|
* We won't distinguish between comment likes and post likes. The important thing
|
|
|
|
|
* is that the number of unseen comments will be accurate. The SQL to separate the
|
|
|
|
|
* comment likes could also get somewhat hairy.
|
|
|
|
|
*/
|
2013-01-06 00:40:45 +00:00
|
|
|
|
2014-11-17 23:43:03 +00:00
|
|
|
if($parents_str) {
|
|
|
|
|
$update_unseen = " AND ( id IN ( " . dbesc($parents_str) . " )";
|
|
|
|
|
$update_unseen .= " OR ( parent IN ( " . dbesc($parents_str) . " ) AND verb in ( '" . dbesc(ACTIVITY_LIKE) . "','" . dbesc(ACTIVITY_DISLIKE) . "' ))) ";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if($parents_str) {
|
|
|
|
|
$update_unseen = " AND parent IN ( " . dbesc($parents_str) . " )";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($is_owner && $update_unseen) {
|
2015-01-23 01:41:16 +00:00
|
|
|
$r = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 and item_wall = 1 AND uid = %d $update_unseen",
|
2015-01-29 04:56:04 +00:00
|
|
|
intval(local_channel())
|
2012-10-30 00:14:02 +00:00
|
|
|
);
|
|
|
|
|
}
|
2013-01-06 00:40:45 +00:00
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2013-12-09 12:30:35 +00:00
|
|
|
if($_COOKIE['jsAvailable'] == 1) {
|
2014-11-17 00:19:24 +00:00
|
|
|
$o .= conversation($a,$items,'channel',$update,$page_mode);
|
2013-12-09 12:30:35 +00:00
|
|
|
} else {
|
|
|
|
|
$o .= conversation($a,$items,'channel',$update,'traditional');
|
|
|
|
|
}
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2015-02-20 13:07:56 +00:00
|
|
|
if((! $update) || ($_COOKIE['jsAvailable'] != 1)) {
|
2012-10-30 00:14:02 +00:00
|
|
|
$o .= alt_pager($a,count($items));
|
2015-02-20 13:07:56 +00:00
|
|
|
if ($mid && $items[0]['title'])
|
|
|
|
|
$a->page['title'] = $items[0]['title'] . " - " . $a->page['title'];
|
|
|
|
|
}
|
2012-10-30 00:14:02 +00:00
|
|
|
|
2014-01-21 01:45:02 +00:00
|
|
|
if($mid)
|
|
|
|
|
$o .= '<div id="content-complete"></div>';
|
|
|
|
|
|
2012-10-30 00:14:02 +00:00
|
|
|
return $o;
|
|
|
|
|
}
|
