本文整理汇总了PHP中expand_acl函数的典型用法代码示例。如果您正苦于以下问题:PHP expand_acl函数的具体用法?PHP expand_acl怎么用?PHP expand_acl使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了expand_acl函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: post
function post()
{
// logger('file upload: ' . print_r($_REQUEST,true));
$channel = $_REQUEST['channick'] ? get_channel_by_nick($_REQUEST['channick']) : null;
if (!$channel) {
logger('channel not found');
killme();
}
$_REQUEST['source'] = 'file_upload';
if ($channel['channel_id'] != local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
if ($_REQUEST['filename']) {
$_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']);
$_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']);
$_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']);
$_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']);
$r = attach_mkdir($channel, get_observer_hash(), $_REQUEST);
} else {
$r = attach_store($channel, get_observer_hash(), '', $_REQUEST);
}
goaway(z_root() . '/' . $_REQUEST['return_url']);
}
示例2: notifier_run
//.........这里部分代码省略.........
if (!$top_level && $parent['wall'] == 0 && !$expire && stristr($target_item['uri'], $localhost)) {
$relay_to_owner = true;
}
if ($cmd === 'uplink' && intval($parent['forum_mode']) && !$top_level) {
$relay_to_owner = true;
}
// until the 'origin' flag has been in use for several months
// we will just use it as a fallback test
// later we will be able to use it as the primary test of whether or not to relay.
if (!$target_item['origin']) {
$relay_to_owner = false;
}
if ($parent['origin']) {
$relay_to_owner = false;
}
if ($relay_to_owner) {
logger('notifier: followup', LOGGER_DEBUG);
// local followup to remote post
$followup = true;
$public_message = false;
// not public
$conversant_str = dbesc($parent['contact-id']);
} else {
$followup = false;
// don't send deletions onward for other people's stuff
if ($target_item['deleted'] && !intval($target_item['wall'])) {
logger('notifier: ignoring delete notification for non-wall item');
return;
}
if (strlen($parent['allow_cid']) || strlen($parent['allow_gid']) || strlen($parent['deny_cid']) || strlen($parent['deny_gid'])) {
$public_message = false;
// private recipients, not public
}
$allow_people = expand_acl($parent['allow_cid']);
$allow_groups = expand_groups(expand_acl($parent['allow_gid']));
$deny_people = expand_acl($parent['deny_cid']);
$deny_groups = expand_groups(expand_acl($parent['deny_gid']));
// if our parent is a forum, uplink to the origonal author causing
// a delivery fork
if (intval($parent['forum_mode']) && !$top_level && $cmd !== 'uplink') {
proc_run('php', 'include/notifier', 'uplink', $item_id);
}
$conversants = array();
foreach ($items as $item) {
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
// pull out additional tagged people to notify (if public message)
if ($public_message && strlen($item['inform'])) {
$people = explode(',', $item['inform']);
foreach ($people as $person) {
if (substr($person, 0, 4) === 'cid:') {
$recipients[] = intval(substr($person, 4));
$conversants[] = intval(substr($person, 4));
} else {
$url_recipients[] = substr($person, 4);
}
}
}
}
logger('notifier: url_recipients' . print_r($url_recipients, true));
$conversants = array_unique($conversants);
$recipients = array_unique(array_merge($recipients, $allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$recipients = array_diff($recipients, $deny);
$conversant_str = dbesc(implode(', ', $conversants));
}
示例3: recursive_activity_recipients
/**
* @brief Returns array of channels which have recursive permission for a file
*
* @param $arr_allow_cid
* @param $arr_allow_gid
* @param $arr_deny_cid
* @param $arr_deny_gid
* @param $folder_hash
*/
function recursive_activity_recipients($arr_allow_cid, $arr_allow_gid, $arr_deny_cid, $arr_deny_gid, $folder_hash)
{
$ret = array();
$parent_arr = array();
$count_values = array();
$poster = get_app()->get_observer();
//turn allow_gid into allow_cid's
foreach ($arr_allow_gid as $gid) {
$in_group = in_group($gid);
$arr_allow_cid = array_unique(array_merge($arr_allow_cid, $in_group));
}
$count = 0;
while ($folder_hash) {
$x = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid, folder FROM attach WHERE hash = '%s' LIMIT 1", dbesc($folder_hash));
//only process private folders
if ($x[0]['allow_cid'] || $x[0]['allow_gid'] || $x[0]['deny_cid'] || $x[0]['deny_gid']) {
$parent_arr['allow_cid'][] = expand_acl($x[0]['allow_cid']);
$parent_arr['allow_gid'][] = expand_acl($x[0]['allow_gid']);
/**
* @TODO should find a much better solution for the allow_cid <-> allow_gid problem.
* Do not use allow_gid for now. Instead lookup the members of the group directly and add them to allow_cid.
* */
if ($parent_arr['allow_gid']) {
foreach ($parent_arr['allow_gid'][$count] as $gid) {
$in_group = in_group($gid);
$parent_arr['allow_cid'][$count] = array_unique(array_merge($parent_arr['allow_cid'][$count], $in_group));
}
}
$parent_arr['deny_cid'][] = expand_acl($x[0]['deny_cid']);
$parent_arr['deny_gid'][] = expand_acl($x[0]['deny_gid']);
$count++;
}
$folder_hash = $x[0]['folder'];
}
//if none of the parent folders is private just return file perms
if (!$parent_arr['allow_cid'] && !$parent_arr['allow_gid'] && !$parent_arr['deny_cid'] && !$parent_arr['deny_gid']) {
$ret['allow_gid'] = $arr_allow_gid;
$ret['allow_cid'] = $arr_allow_cid;
$ret['deny_gid'] = $arr_deny_gid;
$ret['deny_cid'] = $arr_deny_cid;
return $ret;
}
//if there are no perms on the file we get them from the first parent folder
if (!$arr_allow_cid && !$arr_allow_gid && !$arr_deny_cid && !$arr_deny_gid) {
$arr_allow_cid = $parent_arr['allow_cid'][0];
$arr_allow_gid = $parent_arr['allow_gid'][0];
$arr_deny_cid = $parent_arr['deny_cid'][0];
$arr_deny_gid = $parent_arr['deny_gid'][0];
}
//allow_cid
$r_arr_allow_cid = false;
foreach ($parent_arr['allow_cid'] as $folder_arr_allow_cid) {
foreach ($folder_arr_allow_cid as $ac_hash) {
$count_values[$ac_hash]++;
}
}
foreach ($arr_allow_cid as $fac_hash) {
if ($count_values[$fac_hash] == $count) {
$r_arr_allow_cid[] = $fac_hash;
}
}
//allow_gid
$r_arr_allow_gid = false;
foreach ($parent_arr['allow_gid'] as $folder_arr_allow_gid) {
foreach ($folder_arr_allow_gid as $ag_hash) {
$count_values[$ag_hash]++;
}
}
foreach ($arr_allow_gid as $fag_hash) {
if ($count_values[$fag_hash] == $count) {
$r_arr_allow_gid[] = $fag_hash;
}
}
//deny_gid
foreach ($parent_arr['deny_gid'] as $folder_arr_deny_gid) {
$r_arr_deny_gid = array_merge($arr_deny_gid, $folder_arr_deny_gid);
}
$r_arr_deny_gid = array_unique($r_arr_deny_gid);
//deny_cid
foreach ($parent_arr['deny_cid'] as $folder_arr_deny_cid) {
$r_arr_deny_cid = array_merge($arr_deny_cid, $folder_arr_deny_cid);
}
$r_arr_deny_cid = array_unique($r_arr_deny_cid);
//if none is allowed restrict to self
if ($r_arr_allow_gid === false && $r_arr_allow_cid === false) {
$ret['allow_cid'] = $poster['xchan_hash'];
} else {
$ret['allow_gid'] = $r_arr_allow_gid;
$ret['allow_cid'] = $r_arr_allow_cid;
$ret['deny_gid'] = $r_arr_deny_gid;
$ret['deny_cid'] = $r_arr_deny_cid;
//.........这里部分代码省略.........
示例4: lockview_content
function lockview_content(&$a)
{
$type = argc() > 1 ? argv(1) : 0;
if (is_numeric($type)) {
$item_id = intval($type);
$type = 'item';
} else {
$item_id = argc() > 2 ? intval(argv(2)) : 0;
}
if (!$item_id) {
killme();
}
if (!in_array($type, array('item', 'photo', 'event'))) {
killme();
}
$r = q("SELECT * FROM %s WHERE id = %d LIMIT 1", dbesc($type), intval($item_id));
if (!$r) {
killme();
}
$item = $r[0];
if ($item['uid'] != local_user()) {
echo '<li>' . t('Remote privacy information not available.') . '</li>';
killme();
}
if ($item['item_private'] == 1 && !strlen($item['allow_cid']) && !strlen($item['allow_gid']) && !strlen($item['deny_cid']) && !strlen($item['deny_gid'])) {
// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any
// specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it
// as unknown specific recipients. The sender will have the visibility list and will fall through to the
// next section.
echo '<li>' . translate_scope(!$item['public_policy'] ? 'specific' : $item['public_policy']) . '</li>';
killme();
}
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
$o = '<li>' . t('Visible to:') . '</li>';
$l = array();
stringify_array_elms($allowed_groups, true);
stringify_array_elms($allowed_users, true);
stringify_array_elms($deny_groups, true);
stringify_array_elms($deny_users, true);
if (count($allowed_groups)) {
$r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><b>' . $rr['name'] . '</b></li>';
}
}
}
if (count($allowed_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $allowed_users) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li>' . $rr['xchan_name'] . '</li>';
}
}
}
if (count($deny_groups)) {
$r = q("SELECT name FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><b><strike>' . $rr['name'] . '</strike></b></li>';
}
}
}
if (count($deny_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>';
}
}
}
echo $o . implode($l);
killme();
}
示例5: fbpost_post_hook
/**
* @param App $a
* @param object $b
* @return mixed
*/
function fbpost_post_hook(&$a, &$b)
{
logger('fbpost_post_hook: Facebook post invoked', LOGGER_DEBUG);
if ($b['deleted'] || $b['created'] !== $b['edited']) {
return;
}
logger('fbpost_post_hook: Facebook post first check successful', LOGGER_DEBUG);
// if post comes from facebook don't send it back
if ($b['extid'] == NETWORK_FACEBOOK) {
return;
}
if ($b['app'] == "Facebook" and $b['verb'] != ACTIVITY_LIKE) {
return;
}
logger('fbpost_post_hook: Facebook post accepted', LOGGER_DEBUG);
/**
* Post to Facebook stream
*/
require_once 'include/group.php';
require_once 'include/html2plain.php';
$reply = false;
$likes = false;
$deny_arr = array();
$allow_arr = array();
$toplevel = $b['id'] == $b['parent'] ? true : false;
$linking = get_pconfig($b['uid'], 'facebook', 'no_linking') ? 0 : 1;
if (!$toplevel && $linking) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($b['parent']), intval($b['uid']));
//$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
// dbesc($b['parent-uri']),
// intval($b['uid'])
//);
// is it a reply to a facebook post?
// A reply to a toplevel post is only allowed for "real" facebook posts
if (count($r) && substr($r[0]['uri'], 0, 4) === 'fb::') {
$reply = substr($r[0]['uri'], 4);
} elseif (count($r) && substr($r[0]['extid'], 0, 4) === 'fb::' and $r[0]['id'] != $r[0]['parent']) {
$reply = substr($r[0]['extid'], 4);
} else {
return;
}
$u = q("SELECT * FROM user where uid = %d limit 1", intval($b['uid']));
if (!count($u)) {
return;
}
// only accept comments from the item owner. Other contacts are unknown to FB.
if (!link_compare($b['author-link'], $a->get_baseurl() . '/profile/' . $u[0]['nickname'])) {
return;
}
logger('fbpost_post_hook: facebook reply id=' . $reply);
}
if (strstr($b['postopts'], 'facebook') || $b['private'] || $reply) {
if ($b['private'] && $reply === false) {
$allow_people = expand_acl($b['allow_cid']);
$allow_groups = expand_groups(expand_acl($b['allow_gid']));
$deny_people = expand_acl($b['deny_cid']);
$deny_groups = expand_groups(expand_acl($b['deny_gid']));
$recipients = array_unique(array_merge($allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$allow_str = dbesc(implode(', ', $recipients));
if ($allow_str) {
logger("fbpost_post_hook: private post to: " . $allow_str, LOGGER_DEBUG);
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$allow_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$allow_arr[] = $rr['notify'];
}
}
}
$deny_str = dbesc(implode(', ', $deny));
if ($deny_str) {
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$deny_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$deny_arr[] = $rr['notify'];
}
}
}
if (count($deny_arr) && !count($allow_arr)) {
// One or more FB folks were denied access but nobody on FB was specifically allowed access.
// This might cause the post to be open to public on Facebook, but only to selected members
// on another network. Since this could potentially leak a post to somebody who was denied,
// we will skip posting it to Facebook with a slightly vague but relevant message that will
// hopefully lead somebody to this code comment for a better explanation of what went wrong.
notice(t('Post to Facebook cancelled because of multi-network access permission conflict.') . EOL);
return;
}
// if it's a private message but no Facebook members are allowed or denied, skip Facebook post
if (!count($allow_arr) && !count($deny_arr)) {
return;
}
}
if ($b['verb'] == ACTIVITY_LIKE) {
$likes = true;
logger('fbpost_post_hook: liking ' . print_r($b, true), LOGGER_DEBUG);
//.........这里部分代码省略.........
示例6: notifier_run
//.........这里部分代码省略.........
if (!$target_item['private'] and $target_item['wall'] and strlen($target_item['allow_cid'] . $target_item['allow_gid'] . $target_item['deny_cid'] . $target_item['deny_gid']) == 0) {
$push_notify = true;
}
// We notify Friendica users in the thread when it is an OStatus thread.
// Hopefully this transfers the messages to the other Friendica servers. (Untested)
if ($thr_parent and $thr_parent[0]['network'] == NETWORK_OSTATUS or $parent['network'] == NETWORK_OSTATUS) {
$push_notify = true;
if ($parent["network"] == NETWORK_OSTATUS) {
$r = q("SELECT `author-link` FROM `item` WHERE `parent` = %d AND `author-link` != '%s'", intval($target_item["parent"]), dbesc($owner['url']));
foreach ($r as $parent_item) {
$probed_contact = probe_url($parent_item["author-link"]);
if ($probed_contact["notify"] != "" and $probed_contact["network"] == NETWORK_DFRN) {
logger('Notify Friendica user ' . $probed_contact["url"] . ': ' . $probed_contact["notify"]);
$url_recipients[$probed_contact["notify"]] = $probed_contact["notify"];
}
}
}
if (count($url_recipients)) {
logger("url_recipients " . print_r($url_recipients, true));
}
}
} else {
$followup = false;
logger('Distributing directly ' . $target_item["guid"], LOGGER_DEBUG);
// don't send deletions onward for other people's stuff
if ($target_item['deleted'] && !intval($target_item['wall'])) {
logger('notifier: ignoring delete notification for non-wall item');
return;
}
if (strlen($parent['allow_cid']) || strlen($parent['allow_gid']) || strlen($parent['deny_cid']) || strlen($parent['deny_gid'])) {
$public_message = false;
// private recipients, not public
}
$allow_people = expand_acl($parent['allow_cid']);
$allow_groups = expand_groups(expand_acl($parent['allow_gid']), true);
$deny_people = expand_acl($parent['deny_cid']);
$deny_groups = expand_groups(expand_acl($parent['deny_gid']));
// if our parent is a public forum (forum_mode == 1), uplink to the origional author causing
// a delivery fork. private groups (forum_mode == 2) do not uplink
if (intval($parent['forum_mode']) == 1 && !$top_level && $cmd !== 'uplink') {
proc_run('php', 'include/notifier.php', 'uplink', $item_id);
}
$conversants = array();
foreach ($items as $item) {
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
// pull out additional tagged people to notify (if public message)
if ($public_message && strlen($item['inform'])) {
$people = explode(',', $item['inform']);
foreach ($people as $person) {
if (substr($person, 0, 4) === 'cid:') {
$recipients[] = intval(substr($person, 4));
$conversants[] = intval(substr($person, 4));
} else {
$url_recipients[] = substr($person, 4);
}
}
}
}
if (count($url_recipients)) {
logger('notifier: ' . $target_item["guid"] . ' url_recipients ' . print_r($url_recipients, true));
}
$conversants = array_unique($conversants);
$recipients = array_unique(array_merge($recipients, $allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$recipients = array_diff($recipients, $deny);
示例7: chess_create_game
/**
* @brief Create a new game by generating a new item table record as a standard
* post. This will propagate to the other player and provide a link to begin playing
*
* @return array Status and parameters of the new game post
*/
function chess_create_game($channel, $color, $acl)
{
$resource_type = 'chess';
// Generate unique resource_id using the same method as item_message_id()
do {
$dups = false;
$resource_id = random_string(5);
$r = q("SELECT mid FROM item WHERE resource_id = '%s' AND resource_type = '%s' AND uid = %d LIMIT 1", dbesc($resource_id), dbesc($resource_type), intval($channel['channel_id']));
if (count($r)) {
$dups = true;
}
} while ($dups == true);
$ac = $acl->get();
$mid = item_message_id();
$arr = array();
// Initialize the array of parameters for the post
$objtype = ACTIVITY_OBJ_CHESSGAME;
$perms = $acl->get();
$allow_cid = expand_acl($perms['allow_cid']);
$player2 = null;
if (count($allow_cid)) {
foreach ($allow_cid as $allow) {
if ($allow === $channel['channel_hash']) {
continue;
}
$player2 = $allow;
}
}
$players = array($channel['channel_hash'], $player2);
$object = json_encode(array('id' => z_root() . '/chess/game/' . $resource_id, 'players' => $players, 'colors' => array($color, $color === 'white' ? 'black' : 'white'), 'active' => $color === 'white' ? $players[0] : $players[1], 'position' => 'start', 'version' => chess_get_version()));
$item_hidden = 0;
// TODO: Allow form creator to send post to ACL about new game automatically
$game_url = z_root() . '/chess/' . $channel['channel_address'] . '/' . $resource_id;
$arr['aid'] = $channel['channel_account_id'];
$arr['uid'] = $channel['channel_id'];
$arr['mid'] = $mid;
$arr['parent_mid'] = $mid;
$arr['item_hidden'] = $item_hidden;
$arr['resource_type'] = $resource_type;
$arr['resource_id'] = $resource_id;
$arr['owner_xchan'] = $channel['channel_hash'];
$arr['author_xchan'] = $channel['channel_hash'];
// Store info about the type of chess item using the "title" field
// Other types include 'move' for children items but may in the future include
// additional types that will determine how the "object" field is interpreted
$arr['title'] = 'game';
$arr['allow_cid'] = $ac['allow_cid'];
$arr['item_wall'] = 1;
$arr['item_origin'] = 1;
$arr['item_thread_top'] = 1;
$arr['item_private'] = intval($acl->is_private());
$arr['verb'] = ACTIVITY_POST;
$arr['obj_type'] = $objtype;
$arr['obj'] = $object;
$arr['body'] = '[table][tr][td][h1]New Chess Game[/h1][/td][/tr][tr][td][zrl=' . $game_url . ']Click here to play[/zrl][/td][/tr][/table]';
$post = item_store($arr);
$item_id = $post['item_id'];
if ($item_id) {
Zotlabs\Daemon\Master::Summon(['Notifier', 'activity', $item_id]);
return array('item' => $arr, 'status' => true);
} else {
return array('item' => null, 'status' => false);
}
}
示例8: acl2json
function acl2json($s)
{
$s = expand_acl($s);
$s = json_encode($s);
return $s;
}
示例9: remote_permissions_content
function remote_permissions_content($a, $item_copy)
{
if ($item_copy['uid'] != local_user()) {
return;
}
if (get_config('remote_perms', 'global') == 0) {
// Admin has set Individual choice. We need to find
// the original poster. First, get the contact's info
$r = q("SELECT nick, url FROM contact WHERE id = %d LIMIT 1", intval($item_copy['contact-id']));
if (!$r) {
return;
}
// Find out if the contact lives here
$baseurl = $a->get_baseurl();
$baseurl = substr($baseurl, strpos($baseurl, '://') + 3);
if (strpos($r[0]['url'], $baseurl) === false) {
return;
}
// The contact lives here. Get his/her user info
$nick = $r[0]['nick'];
$r = q("SELECT uid FROM user WHERE nickname = '%s' LIMIT 1", dbesc($nick));
if (!$r) {
return;
}
if (get_pconfig($r[0]['uid'], 'remote_perms', 'show') == 0) {
return;
}
}
if ($item_copy['private'] == 1 && !strlen($item_copy['allow_cid']) && !strlen($item_copy['allow_gid']) && !strlen($item_copy['deny_cid']) && !strlen($item_copy['deny_gid'])) {
$allow_names = array();
// Check for the original post here -- that's the only way
// to definitely get all of the recipients
if ($item_copy['uri'] === $item_copy['parent-uri']) {
// Lockview for a top-level post
$r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s' AND type = 'wall' LIMIT 1", dbesc($item_copy['uri']));
} else {
// Lockview for a comment
$r = q("SELECT allow_cid, allow_gid, deny_cid, deny_gid FROM item WHERE uri = '%s'\n\t\t\t AND parent = ( SELECT id FROM item WHERE uri = '%s' AND type = 'wall' ) LIMIT 1", dbesc($item_copy['uri']), dbesc($item_copy['parent-uri']));
}
if ($r) {
$item = $r[0];
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
$o = t('Visible to:') . '<br />';
$allow = array();
$deny = array();
if (count($allowed_groups)) {
$r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )", dbesc(implode(', ', $allowed_groups)));
foreach ($r as $rr) {
$allow[] = $rr['contact-id'];
}
}
$allow = array_unique($allow + $allowed_users);
if (count($deny_groups)) {
$r = q("SELECT DISTINCT `contact-id` FROM group_member WHERE gid IN ( %s )", dbesc(implode(', ', $deny_groups)));
foreach ($r as $rr) {
$deny[] = $rr['contact-id'];
}
}
$deny = $deny + $deny_users;
if ($allow) {
$r = q("SELECT name FROM contact WHERE id IN ( %s )", dbesc(implode(', ', array_diff($allow, $deny))));
foreach ($r as $rr) {
$allow_names[] = $rr['name'];
}
}
} else {
// We don't have the original post. Let's try for the next best thing:
// checking who else has the post on our own server. Note that comments
// that were sent to Diaspora and were relayed to others on our server
// will have different URIs than the original. We can match the GUID for
// those
$r = q("SELECT `uid` FROM item WHERE uri = '%s' OR guid = '%s'", dbesc($item_copy['uri']), dbesc($item_copy['guid']));
if (!$r) {
return;
}
$allow = array();
foreach ($r as $rr) {
$allow[] = $rr['uid'];
}
$r = q("SELECT username FROM user WHERE uid IN ( %s )", dbesc(implode(', ', $allow)));
if (!$r) {
return;
}
$o = t('Visible to') . ' (' . t('may only be a partial list') . '):<br />';
foreach ($r as $rr) {
$allow_names[] = $rr['username'];
}
}
// Sort the names alphabetically, case-insensitive
natcasesort($allow_names);
echo $o . implode(', ', $allow_names);
killme();
}
return;
}
示例10: get
function get()
{
$atokens = array();
if (local_channel()) {
$at = q("select * from atoken where atoken_uid = %d", intval(local_channel()));
if ($at) {
foreach ($at as $t) {
$atokens[] = atoken_xchan($t);
}
}
}
$type = argc() > 1 ? argv(1) : 0;
if (is_numeric($type)) {
$item_id = intval($type);
$type = 'item';
} else {
$item_id = argc() > 2 ? intval(argv(2)) : 0;
}
if (!$item_id) {
killme();
}
if (!in_array($type, array('item', 'photo', 'event', 'menu_item', 'chatroom'))) {
killme();
}
//we have different naming in in menu_item table and chatroom table
switch ($type) {
case 'menu_item':
$id = 'mitem_id';
break;
case 'chatroom':
$id = 'cr_id';
break;
default:
$id = 'id';
break;
}
$r = q("SELECT * FROM %s WHERE {$id} = %d LIMIT 1", dbesc($type), intval($item_id));
if (!$r) {
killme();
}
$item = $r[0];
//we have different naming in in menu_item table and chatroom table
switch ($type) {
case 'menu_item':
$uid = $item['mitem_channel_id'];
break;
case 'chatroom':
$uid = $item['cr_uid'];
break;
default:
$uid = $item['uid'];
break;
}
if ($uid != local_channel()) {
echo '<li>' . t('Remote privacy information not available.') . '</li>';
killme();
}
if ($item['item_private'] == 1 && !strlen($item['allow_cid']) && !strlen($item['allow_gid']) && !strlen($item['deny_cid']) && !strlen($item['deny_gid'])) {
// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any
// specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it
// as unknown specific recipients. The sender will have the visibility list and will fall through to the
// next section.
echo '<li>' . translate_scope(!$item['public_policy'] ? 'specific' : $item['public_policy']) . '</li>';
killme();
}
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
$o = '<li>' . t('Visible to:') . '</li>';
$l = array();
stringify_array_elms($allowed_groups, true);
stringify_array_elms($allowed_users, true);
stringify_array_elms($deny_groups, true);
stringify_array_elms($deny_users, true);
if (count($allowed_groups)) {
$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li><b>' . $rr['gname'] . '</b></li>';
}
}
}
if (count($allowed_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $allowed_users) . " )");
if ($r) {
foreach ($r as $rr) {
$l[] = '<li>' . $rr['xchan_name'] . '</li>';
}
}
if ($atokens) {
foreach ($atokens as $at) {
if (in_array("'" . $at['xchan_hash'] . "'", $allowed_users)) {
$l[] = '<li>' . $at['xchan_name'] . '</li>';
}
}
}
}
if (count($deny_groups)) {
$r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
//.........这里部分代码省略.........
示例11: killme
} else {
killme();
}
if ($cmd != 'mail') {
require_once 'include/group.php';
$parent = $items[0];
if ($parent['type'] == 'remote') {
// local followup to remote post
$followup = true;
$conversant_str = dbesc($parent['contact-id']);
} else {
$followup = false;
$allow_people = expand_acl($parent['allow_cid']);
$allow_groups = expand_groups(expand_acl($parent['allow_gid']));
$deny_people = expand_acl($parent['deny_cid']);
$deny_groups = expand_groups(expand_acl($parent['deny_gid']));
$conversants = array();
foreach ($items as $item) {
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
}
$conversants = array_unique($conversants, SORT_NUMERIC);
$recipients = array_unique(array_merge($recipients, $allow_people, $allow_groups), SORT_NUMERIC);
$deny = array_unique(array_merge($deny_people, $deny_groups), SORT_NUMERIC);
$recipients = array_diff($recipients, $deny);
$conversant_str = dbesc(implode(', ', $conversants));
}
$r = q("SELECT * FROM `contact` WHERE `id` IN ( {$conversant_str} ) AND `blocked` = 0 AND `pending` = 0");
if (!count($r)) {
killme();
}
示例12: facebook_post_hook
/**
* @param App $a
* @param object $b
* @return mixed
*/
function facebook_post_hook(&$a, &$b)
{
if ($b['deleted'] || $b['created'] !== $b['edited']) {
return;
}
/**
* Post to Facebook stream
*/
require_once 'include/group.php';
require_once 'include/html2plain.php';
logger('Facebook post');
$reply = false;
$likes = false;
$deny_arr = array();
$allow_arr = array();
$toplevel = $b['id'] == $b['parent'] ? true : false;
$linking = get_pconfig($b['uid'], 'facebook', 'no_linking') ? 0 : 1;
if (!$toplevel && $linking) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($b['parent']), intval($b['uid']));
if (count($r) && substr($r[0]['uri'], 0, 4) === 'fb::') {
$reply = substr($r[0]['uri'], 4);
} elseif (count($r) && substr($r[0]['extid'], 0, 4) === 'fb::') {
$reply = substr($r[0]['extid'], 4);
} else {
return;
}
$u = q("SELECT * FROM user where uid = %d limit 1", intval($b['uid']));
if (!count($u)) {
return;
}
// only accept comments from the item owner. Other contacts are unknown to FB.
if (!link_compare($b['author-link'], $a->get_baseurl() . '/profile/' . $u[0]['nickname'])) {
return;
}
logger('facebook reply id=' . $reply);
}
if (strstr($b['postopts'], 'facebook') || $b['private'] || $reply) {
if ($b['private'] && $reply === false) {
$allow_people = expand_acl($b['allow_cid']);
$allow_groups = expand_groups(expand_acl($b['allow_gid']));
$deny_people = expand_acl($b['deny_cid']);
$deny_groups = expand_groups(expand_acl($b['deny_gid']));
$recipients = array_unique(array_merge($allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$allow_str = dbesc(implode(', ', $recipients));
if ($allow_str) {
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$allow_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$allow_arr[] = $rr['notify'];
}
}
}
$deny_str = dbesc(implode(', ', $deny));
if ($deny_str) {
$r = q("SELECT `notify` FROM `contact` WHERE `id` IN ( {$deny_str} ) AND `network` = 'face'");
if (count($r)) {
foreach ($r as $rr) {
$deny_arr[] = $rr['notify'];
}
}
}
if (count($deny_arr) && !count($allow_arr)) {
// One or more FB folks were denied access but nobody on FB was specifically allowed access.
// This might cause the post to be open to public on Facebook, but only to selected members
// on another network. Since this could potentially leak a post to somebody who was denied,
// we will skip posting it to Facebook with a slightly vague but relevant message that will
// hopefully lead somebody to this code comment for a better explanation of what went wrong.
notice(t('Post to Facebook cancelled because of multi-network access permission conflict.') . EOL);
return;
}
// if it's a private message but no Facebook members are allowed or denied, skip Facebook post
if (!count($allow_arr) && !count($deny_arr)) {
return;
}
}
if ($b['verb'] == ACTIVITY_LIKE) {
$likes = true;
}
$appid = get_config('facebook', 'appid');
$secret = get_config('facebook', 'appsecret');
if ($appid && $secret) {
logger('facebook: have appid+secret');
$fb_token = get_pconfig($b['uid'], 'facebook', 'access_token');
// post to facebook if it's a public post and we've ticked the 'post to Facebook' box,
// or it's a private message with facebook participants
// or it's a reply or likes action to an existing facebook post
if ($fb_token && ($toplevel || $b['private'] || $reply)) {
logger('facebook: able to post');
require_once 'library/facebook.php';
require_once 'include/bbcode.php';
$msg = $b['body'];
logger('Facebook post: original msg=' . $msg, LOGGER_DATA);
// make links readable before we strip the code
// unless it's a dislike - just send the text as a comment
//.........这里部分代码省略.........
示例13: testExpandAclEmptyMatch
/**
* test invalid input, empty <>
*
* TODO: should there be an exception? Or array(1, 3)
* (This should be array(1,3) - mike)
*/
public function testExpandAclEmptyMatch()
{
$text = "<1><><3>";
$this->assertEquals(array(1, 3), expand_acl($text));
}
示例14: photos_post
//.........这里部分代码省略.........
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 2", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 3", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
}
}
$p = q("SELECT type, is_nsfw, description, resource_id, scale, allow_cid, allow_gid, deny_cid, deny_gid FROM photo WHERE resource_id = '%s' AND uid = %d ORDER BY scale DESC", dbesc($resource_id), intval($page_owner_uid));
if ($p) {
$ext = $phototypes[$p[0]['type']];
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
}
$item_private = $str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny ? true : false;
$old_is_nsfw = $p[0]['is_nsfw'];
if ($old_is_nsfw != $is_nsfw) {
$r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d", intval($is_nsfw), dbesc($resource_id), intval($page_owner_uid));
}
/* Don't make the item visible if the only change was the album name */
$visibility = 0;
if ($p[0]['description'] !== $desc || strlen($rawtags)) {
$visibility = 1;
}
if (!$item_id) {
$item_id = photos_create_item($a->data['channel'], get_observer_hash(), $p[0], $visibility);
}
if ($item_id) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$old_tag = $r[0]['tag'];
$old_inform = $r[0]['inform'];
}
}
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d\n\t\t\twhere id = %d", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), intval($acl->is_private()), intval($item_id));
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
if (strlen($rawtags)) {
$str_tags = '';
$inform = '';
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention
$x = substr($rawtags, 0, 1);
if ($x !== '@' && $x !== '#') {
$rawtags = '@' . $rawtags;
}
require_once 'include/text.php';
$profile_uid = $a->profile['profile_uid'];
$results = linkify_tags($a, $rawtags, local_channel() ? local_channel() : $profile_uid);
$success = $results['success'];
$post_tags = array();
foreach ($results as $result) {
$success = $result['success'];
if ($success['replaced']) {
$post_tags[] = array('uid' => $profile_uid, 'type' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url']);
}
}
$r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$r = fetch_post_tags($r, true);
$datarray = $r[0];
if ($post_tags) {
if (!array_key_exists('term', $datarray) || !is_array($datarray['term'])) {
$datarray['term'] = $post_tags;
} else {
$datarray['term'] = array_merge($datarray['term'], $post_tags);
}
}
item_store_update($datarray, $execflag);
}
}
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
/**
* default post action - upload a photo
*/
$channel = $a->data['channel'];
$observer = $a->data['observer'];
$_REQUEST['source'] = 'photos';
require_once 'include/attach.php';
if (!local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($a->channel, get_observer_hash(), '', $_REQUEST);
if (!$r['success']) {
notice($r['message'] . EOL);
}
if ($_REQUEST['newalbum']) {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex($_REQUEST['newalbum']));
} else {
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address'] . '/album/' . bin2hex(datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y')));
}
}
示例15: post
//.........这里部分代码省略.........
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set content = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and imgscale = 3", dbescbin($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
}
}
$p = q("SELECT mimetype, is_nsfw, description, resource_id, imgscale, allow_cid, allow_gid, deny_cid, deny_gid FROM photo WHERE resource_id = '%s' AND uid = %d ORDER BY imgscale DESC", dbesc($resource_id), intval($page_owner_uid));
if ($p) {
$ext = $phototypes[$p[0]['mimetype']];
$r = q("UPDATE `photo` SET `description` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
}
$item_private = $str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny ? true : false;
$old_is_nsfw = $p[0]['is_nsfw'];
if ($old_is_nsfw != $is_nsfw) {
$r = q("update photo set is_nsfw = %d where resource_id = '%s' and uid = %d", intval($is_nsfw), dbesc($resource_id), intval($page_owner_uid));
}
/* Don't make the item visible if the only change was the album name */
$visibility = 0;
if ($p[0]['description'] !== $desc || strlen($rawtags)) {
$visibility = 1;
}
if (!$item_id) {
$item_id = photos_create_item(\App::$data['channel'], get_observer_hash(), $p[0], $visibility);
}
if ($item_id) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$old_tag = $r[0]['tag'];
$old_inform = $r[0]['inform'];
}
}
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d\n\t\t\t\twhere id = %d", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), intval($acl->is_private()), intval($item_id));
// make sure the attach has the same permissions as the photo regardless of any other changes
$x = q("update attach set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where hash = '%s' and uid = %d and is_photo = 1", dbesc($perm['allow_cid']), dbesc($perm['allow_gid']), dbesc($perm['deny_cid']), dbesc($perm['deny_gid']), dbesc($resource_id), intval($page_owner_uid));
if (strlen($rawtags)) {
$str_tags = '';
$inform = '';
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention
$x = substr($rawtags, 0, 1);
if ($x !== '@' && $x !== '#') {
$rawtags = '@' . $rawtags;
}
require_once 'include/text.php';
$profile_uid = \App::$profile['profile_uid'];
$results = linkify_tags($a, $rawtags, local_channel() ? local_channel() : $profile_uid);
$success = $results['success'];
$post_tags = array();
foreach ($results as $result) {
$success = $result['success'];
if ($success['replaced']) {
$post_tags[] = array('uid' => $profile_uid, 'ttype' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url']);
}
}
$r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$r = fetch_post_tags($r, true);
$datarray = $r[0];
if ($post_tags) {
if (!array_key_exists('term', $datarray) || !is_array($datarray['term'])) {
$datarray['term'] = $post_tags;
} else {
$datarray['term'] = array_merge($datarray['term'], $post_tags);
}
}
item_store_update($datarray, $execflag);
}
}
$sync = attach_export_data(\App::$data['channel'], $resource_id);
if ($sync) {
build_sync_packet($page_owner_uid, array('file' => array($sync)));
}
goaway(z_root() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
/**
* default post action - upload a photo
*/
$channel = \App::$data['channel'];
$observer = \App::$data['observer'];
$_REQUEST['source'] = 'photos';
require_once 'include/attach.php';
if (!local_channel()) {
$_REQUEST['contact_allow'] = expand_acl($channel['channel_allow_cid']);
$_REQUEST['group_allow'] = expand_acl($channel['channel_allow_gid']);
$_REQUEST['contact_deny'] = expand_acl($channel['channel_deny_cid']);
$_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']);
}
$r = attach_store($channel, get_observer_hash(), '', $_REQUEST);
if (!$r['success']) {
notice($r['message'] . EOL);
}
if ($_REQUEST['newalbum']) {
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . bin2hex($_REQUEST['newalbum']));
} else {
goaway(z_root() . '/photos/' . \App::$data['channel']['channel_address'] . '/album/' . bin2hex(datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y')));
}
}