Merge pull request #418 from jmankiewicz/mod-profpicperm

Patch for Issue #410
2014-04-20 12:01:00 +10:00 · 2014-04-20 12:01:00 +10:00 · 170b5d95e0
commit 170b5d95e0
parent 4b17f74300 c946d92610
3 changed files with 133 additions and 10 deletions
--- a/mod/connedit.php
+++ b/mod/connedit.php
@ -1,5 +1,11 @@
 <?php
 /* @file connedit.php
 * @brief In this file the connection-editor form is generated and evaluated.
 *
 *
 */
 require_once('include/Contact.php');
 require_once('include/socgraph.php');
 require_once('include/contact_selectors.php');
@ -8,6 +14,11 @@ require_once('include/contact_widgets.php');
 require_once('include/zot.php');
 require_once('include/widgets.php');
 /* @brief Initialize the connection-editor
 *
 *
 */
 function connedit_init(&$a) {
 	if(! local_user())
@ -31,6 +42,10 @@ function connedit_init(&$a) {
 }
 /* @brief Evaluate posted values and set changes
 *
 */
 function connedit_post(&$a) {
 	if(! local_user())
@ -103,6 +118,15 @@ function connedit_post(&$a) {
 		intval(local_user())
 	);
 	if($orig_record[0]['abook_profile'] != $profile_id) { //Update profile photo permissions
                logger('As a new profile was assigned updateing profile photos');
                require_once('mod/profile_photo.php');
                profile_photo_set_profile_perms($profile_id);
        }
 	if($r)
 		info( t('Connection updated.') . EOL);
 	else
@ -158,6 +182,11 @@ function connedit_post(&$a) {
 }
 /* @brief Clone connection
 *
 *
 */
 function connedit_clone(&$a) {
 		if(! $a->poi)
@ -171,6 +200,10 @@ function connedit_clone(&$a) {
 		build_sync_packet(0 /* use the current local_user */, array('abook' => array($clone)));
 }
 /* @brief Generate content of connection edit page
 *
 *
 */
 function connedit_content(&$a) {
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@ -1,7 +1,65 @@
 <?php
 /* @file profile_photo.php
   @brief Module-file with functions for handling of profile-photos
 */
 require_once('include/photo/photo_driver.php');
 /* @brief Function for sync'ing  permissions of profile-photos and their profile
 *
 *  @param $profileid The id number of the profile to sync
 *  @return void
 */
 function profile_photo_set_profile_perms($profileid = '') {
 	$allowcid = '';
 	if (x($profileid)) {
 		$r = q("SELECT photo, profile_guid, id, is_default, uid  FROM profile WHERE profile.id = %d OR profile.profile_guid = '%s' LIMIT 1", intval($profileid), dbesc($profileid));
 	} else {
 		logger('Resetting permissions on default-profile-photo for user'.local_user());
 		$r = q("SELECT photo, profile_guid, id, is_default, uid  FROM profile WHERE profile.uid = %d AND is_default = 1 LIMIT 1", intval(local_user()) ); //If no profile is given, we update the default profile
 	}
 	$profile = $r[0];
 	if(x($profile['id']) && x($profile['photo'])) { 
 	       	preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
 	       	$resource_id = $resource_id[0];
 		if (intval($profile['is_default']) != 1) {
 			$r0 = q("SELECT channel_hash FROM channel WHERE channel_id = %d LIMIT 1", intval(local_user()) );
 			$r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = %d ", intval($profile['id'])); //Should not be needed in future. Catches old int-profile-ids.
 			$r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", dbesc($profile['profile_guid']));
 			$allowcid = "<" . $r0[0]['channel_hash'] . ">";
 			foreach ($r1 as $entry) {
 				$allowcid .= "<" . $entry['abook_xchan'] . ">"; 
 			}
 			foreach ($r2 as $entry) {
               	                $allowcid .= "<" . $entry['abook_xchan'] . ">";
 	                      	}
 			q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['uid']));
 		} else {
 			q("UPDATE `photo` SET allow_cid = '' WHERE profile = 1 AND uid = %d",intval($profile['uid'])); //Reset permissions on default profile picture to public
 		}
 	}
 	return;
 }
 /* @brief Initalize the profile-photo edit view
 *
 * @param $a Current application
 * @return void
 *
 */
 function profile_photo_init(&$a) {
 	if(! local_user()) {
@ -13,6 +71,12 @@ function profile_photo_init(&$a) {
 }
 /* @brief Evaluate posted values
 *
 * @param $a Current application
 * @return void
 *
 */
 function profile_photo_post(&$a) {
@ -142,6 +206,11 @@ function profile_photo_post(&$a) {
 				// Update directory in background
 				proc_run('php',"include/directory.php",$channel['channel_id']);
 				// Now copy profile-permissions to pictures, to prevent privacyleaks by automatically created folder 'Profile Pictures'
                                profile_photo_set_profile_perms($_REQUEST['profile']);
 			}
 			else
 				notice( t('Unable to process image') . EOL);
@ -179,6 +248,13 @@ function profile_photo_post(&$a) {
 }
 /* @brief Generate content of profile-photo view
 *
 * @param $a Current application
 * @return void
 *
 */
 if(! function_exists('profile_photo_content')) {
 function profile_photo_content(&$a) {
@ -249,6 +325,7 @@ function profile_photo_content(&$a) {
 				dbesc($channel['xchan_hash'])
 			);
 			profile_photo_set_profile_perms(); //Reset default photo permissions to public
 			proc_run('php','include/directory.php',local_user());
 			goaway($a->get_baseurl() . '/profiles');
 		}
@ -310,6 +387,14 @@ function profile_photo_content(&$a) {
 	return; // NOTREACHED
 }}
 /* @brief Generate the UI for photo-cropping
 *
 * @param $a Current application
 * @param $ph Photo-Factory
 * @return void
 *
 */
 if(! function_exists('profile_photo_crop_ui_head')) {
 function profile_photo_crop_ui_head(&$a, $ph){
--- a/mod/profperm.php
+++ b/mod/profperm.php
@ -89,6 +89,11 @@ function profperm_content(&$a) {
 			}
 			//Time to update the permissions on the profile-pictures as well
 			require_once('mod/profile_photo.php');
 			profile_photo_set_profile_perms($profile['id']);
 			$r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
 				intval(local_user()),
 				dbesc($profile['profile_guid'])