X-Git-Url: https://reisub.nsupdate.info/git/?a=blobdiff_plain;f=mod%2Fphotos.php;h=4ce44bedc9fe2472398402e6cc715a455db3dde8;hb=d4e8d82252bfe5d5c9968a783a96dd12b2c755bb;hp=1a16f68026ffd39b50bd499bde525fe2231070fc;hpb=c423fa29ee12b67ef4c804ec99fe80084ee436ce;p=friendica.git%2F.git

diff --git a/mod/photos.php b/mod/photos.php
index 1a16f68026..4ce44bedc9 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -36,6 +36,7 @@ use Friendica\DI;
 use Friendica\Model\Contact;
 use Friendica\Model\Item;
 use Friendica\Model\Photo;
+use Friendica\Model\Post;
 use Friendica\Model\Profile;
 use Friendica\Model\Tag;
 use Friendica\Model\User;
@@ -155,10 +156,6 @@ function photos_init(App $a) {
 
 function photos_post(App $a)
 {
-	Logger::log('mod-photos: photos_post: begin' , Logger::DEBUG);
-	Logger::log('mod_photos: REQUEST ' . print_r($_REQUEST, true), Logger::DATA);
-	Logger::log('mod_photos: FILES '   . print_r($_FILES, true), Logger::DATA);
-
 	$phototypes = Images::supportedTypes();
 
 	$can_post  = false;
@@ -184,10 +181,27 @@ function photos_post(App $a)
 
 	if (!$owner_record) {
 		notice(DI::l10n()->t('Contact information unavailable'));
-		Logger::log('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
+		DI::logger()->info('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
 		exit();
 	}
 
+	$aclFormatter = DI::aclFormatter();
+	$str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $owner_record['allow_cid'] ?? '';
+	$str_group_allow   = isset($_REQUEST['group_allow'])   ? $aclFormatter->toString($_REQUEST['group_allow'])   : $owner_record['allow_gid'] ?? '';
+	$str_contact_deny  = isset($_REQUEST['contact_deny'])  ? $aclFormatter->toString($_REQUEST['contact_deny'])  : $owner_record['deny_cid']  ?? '';
+	$str_group_deny    = isset($_REQUEST['group_deny'])    ? $aclFormatter->toString($_REQUEST['group_deny'])    : $owner_record['deny_gid']  ?? '';
+
+	$visibility = $_REQUEST['visibility'] ?? '';
+	if ($visibility === 'public') {
+		// The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected
+		$str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+	} else if ($visibility === 'custom') {
+		// Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL
+		// case that would make it public. So we always append the author's contact id to the allowed contacts.
+		// See https://github.com/friendica/friendica/issues/9672
+		$str_contact_allow .= $aclFormatter->toString(Contact::getPublicIdByUserId($page_owner_uid));
+	}
+
 	if ($a->argc > 3 && $a->argv[2] === 'album') {
 		if (!Strings::isHex($a->argv[3])) {
 			DI::baseUrl()->redirect('photos/' . $a->data['user']['nickname'] . '/album');
@@ -313,13 +327,6 @@ function photos_post(App $a)
 		$albname     = !empty($_POST['albname'])   ? trim($_POST['albname'])                        : '';
 		$origaname   = !empty($_POST['origaname']) ? Strings::escapeTags(trim($_POST['origaname'])) : '';
 
-		$aclFormatter = DI::aclFormatter();
-
-		$str_group_allow   = !empty($_POST['group_allow'])   ? $aclFormatter->toString($_POST['group_allow'])   : '';
-		$str_contact_allow = !empty($_POST['contact_allow']) ? $aclFormatter->toString($_POST['contact_allow']) : '';
-		$str_group_deny    = !empty($_POST['group_deny'])    ? $aclFormatter->toString($_POST['group_deny'])    : '';
-		$str_contact_deny  = !empty($_POST['contact_deny'])  ? $aclFormatter->toString($_POST['contact_deny'])  : '';
-
 		$resource_id = $a->argv[3];
 
 		if (!strlen($albname)) {
@@ -421,7 +428,7 @@ function photos_post(App $a)
 		}
 
 		if ($item_id) {
-			$item = Item::selectFirst(['tag', 'inform', 'uri-id'], ['id' => $item_id, 'uid' => $page_owner_uid]);
+			$item = Post::selectFirst(['tag', 'inform', 'uri-id'], ['id' => $item_id, 'uid' => $page_owner_uid]);
 
 			if (DBA::isResult($item)) {
 				$old_inform = $item['inform'];
@@ -639,18 +646,6 @@ function photos_post(App $a)
 		$visible = 0;
 	}
 
-	$group_allow   = $_REQUEST['group_allow']   ?? [];
-	$contact_allow = $_REQUEST['contact_allow'] ?? [];
-	$group_deny    = $_REQUEST['group_deny']    ?? [];
-	$contact_deny  = $_REQUEST['contact_deny']  ?? [];
-
-	$aclFormatter = DI::aclFormatter();
-
-	$str_group_allow   = $aclFormatter->toString(is_array($group_allow)   ? $group_allow   : explode(',', $group_allow));
-	$str_contact_allow = $aclFormatter->toString(is_array($contact_allow) ? $contact_allow : explode(',', $contact_allow));
-	$str_group_deny    = $aclFormatter->toString(is_array($group_deny)    ? $group_deny    : explode(',', $group_deny));
-	$str_contact_deny  = $aclFormatter->toString(is_array($contact_deny)  ? $contact_deny  : explode(',', $contact_deny));
-
 	$ret = ['src' => '', 'filename' => '', 'filesize' => 0, 'type' => ''];
 
 	Hook::callAll('photo_post_file', $ret);
@@ -1271,23 +1266,22 @@ function photos_content(App $a)
 		// as a "post" but displaying instead the photo it is linked to
 
 		/// @todo Rewrite this query. To do so, $sql_extra must be changed
-		$linked_items = q("SELECT `id` FROM `item` WHERE `resource-id` = '%s' $sql_extra LIMIT 1",
+		$linked_items = q("SELECT `id` FROM `post-user-view` WHERE `resource-id` = '%s' $sql_extra LIMIT 1",
 			DBA::escape($datum)
 		);
 		if (DBA::isResult($linked_items)) {
 			// This is a workaround to not being forced to rewrite the while $sql_extra handling
-			$link_item = Item::selectFirst([], ['id' => $linked_items[0]['id']]);
+			$link_item = Post::selectFirst([], ['id' => $linked_items[0]['id']]);
 		}
 
 		if (!empty($link_item['parent']) && !empty($link_item['uid'])) {
 			$condition = ["`parent` = ? AND `gravity` != ?",  $link_item['parent'], GRAVITY_PARENT];
-			$total = DBA::count('item', $condition);
+			$total = Post::count($condition);
 
 			$pager = new Pager(DI::l10n(), DI::args()->getQueryString());
 
 			$params = ['order' => ['id'], 'limit' => [$pager->getStart(), $pager->getItemsPerPage()]];
-			$result = Item::selectForUser($link_item['uid'], Item::ITEM_FIELDLIST, $condition, $params);
-			$items = Item::inArray($result);
+			$items = Post::toArray(Post::selectForUser($link_item['uid'], Item::ITEM_FIELDLIST, $condition, $params));
 
 			if (local_user() == $link_item['uid']) {
 				Item::update(['unseen' => false], ['parent' => $link_item['parent']]);
@@ -1460,7 +1454,9 @@ function photos_content(App $a)
 						continue;
 					}
 
-					$profile_url = Contact::magicLinkbyId($item['author-id']);
+					$author = ['uid' => 0, 'id' => $item['author-id'],
+						'network' => $item['author-network'], 'url' => $item['author-link']];
+					$profile_url = Contact::magicLinkByContact($author);
 					if (strpos($profile_url, 'redir/') === 0) {
 						$sparkle = ' sparkle';
 					} else {