harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

further baby steps on the photos API

Browse Source
This commit is contained in:
friendica
2013-01-25 23:32:44 -08:00
parent 93af193218
commit 70aa8421b3
3 changed files with 35 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
include/photos.php
View File

@@ -224,3 +224,27 @@ function photo_upload($channel, $observer, $args) {
return $ret; return $ret;
} }
function photos_albums_list($channel,$observer) {
$channel_id = $channel['channel_id'];
$observer_xchan = (($observer) ? $observer['xchan_hash'] : '');
if(! perm_is_allowed($channel_id,$observer_xchan,'view_photos'))
return false;
// FIXME - create a permissions SQL which works on arbitrary observers and channels, regardless of login or web status
$sql_extra = permissions_sql($channel_id);
$albums = q("SELECT distinct album from photo where uid = %d $sql_extra order by created desc",
intval($channel_id)
);
return $albums;
}

2
include/security.php
View File

@@ -166,6 +166,8 @@ function change_channel($change_channel) {
} }
function permissions_sql($owner_id,$remote_verified = false,$groups = null) { function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
$local_user = local_user(); $local_user = local_user();

19
mod/photos.php
View File

@@ -5,6 +5,7 @@ require_once('include/items.php');
require_once('include/acl_selectors.php'); require_once('include/acl_selectors.php');
require_once('include/bbcode.php'); require_once('include/bbcode.php');
require_once('include/security.php'); require_once('include/security.php');
require_once('include/Contact.php');
function photos_init(&$a) { function photos_init(&$a) {
@@ -17,7 +18,7 @@ function photos_init(&$a) {
if(argc() > 1) { if(argc() > 1) {
$nick = argv(1); $nick = argv(1);
$r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", $r = q("SELECT * FROM channel left join xchan on channel_hash = xchan_hash WHERE channel_address = '%s' LIMIT 1",
dbesc($nick) dbesc($nick)
); );
@@ -27,21 +28,17 @@ function photos_init(&$a) {
$a->data['channel'] = $r[0]; $a->data['channel'] = $r[0];
$observer = $a->get_observer(); $observer = $a->get_observer();
$a->data['perms'] = get_all_perms($r[0]['channel_id'],(($observer) ? $observer['xchan_hash'] : '')); $a->data['observer'] = $observer;
$o .= '<div class="vcard">'; $observer_xchan = (($observer) ? $observer['xchan_hash'] : '');
$o .= '<div class="fn">' . $a->data['channel']['channel_name'] . '</div>';
$o .= '<div id="profile-photo-wrapper"><img class="photo" style="width: 175px; height: 175px;" src="' . $a->get_baseurl() . '/photo/profile/l/' . $a->data['channel']['channel_id'] . '" alt="' . $a->data['channel']['channel_name'] . '" /></div>';
$o .= '</div>';
$a->data['perms'] = get_all_perms($r[0]['channel_id'],$observer_xchan);
$sql_extra = permissions_sql($a->data['channel']['channel_id']); $o .= vcard_from_xchan($a->data['channel'],$observer_xchan);
$albums = q("SELECT distinct(`album`) AS `album` FROM `photo` WHERE `uid` = %d $sql_extra order by created desc", $albums = photos_albums_list($a->data['channel'],$observer);
intval($a->data['channel']['channel_id'])
);
if(count($albums)) { if($albums) {
$a->data['albums'] = $albums; $a->data['albums'] = $albums;
// FIXME // FIXME
$albums_visible = ((intval($a->data['user']['hidewall']) && (! local_user()) && (! remote_user())) ? false : true); $albums_visible = ((intval($a->data['user']['hidewall']) && (! local_user()) && (! remote_user())) ? false : true);