harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2024-08-19. You can view files and clone it, but cannot push or open issues or pull requests.
Files
17f1d39fcf973ac35f14a36faa2b92867fbb11e9
core/Zotlabs/Module/Lockview.php
redmatrix 4e07b4c0e8 even more backslashes
2016-10-03 22:01:14 -07:00

153 lines
3.8 KiB
PHP
Raw Blame History

<?php
namespace Zotlabs\Module;
require_once('include/security.php');
class Lockview extends \Zotlabs\Web\Controller {
function get() {
$atokens = array();
if(local_channel()) {
$at = q("select * from atoken where atoken_uid = %d",
intval(local_channel())
);
if($at) {
foreach($at as $t) {
$atokens[] = atoken_xchan($t);
}
}
}
$type = ((argc() > 1) ? argv(1) : 0);
if (is_numeric($type)) {
$item_id = intval($type);
$type='item';
}
else {
$item_id = ((argc() > 2) ? intval(argv(2)) : 0);
}
if(! $item_id)
killme();
if (!in_array($type, array('item','photo','event', 'menu_item', 'chatroom')))
killme();
//we have different naming in in menu_item table and chatroom table
switch($type) {
case 'menu_item':
$id = 'mitem_id';
break;
case 'chatroom':
$id = 'cr_id';
break;
default:
$id = 'id';
break;
}
$r = q("SELECT * FROM %s WHERE $id = %d LIMIT 1",
dbesc($type),
intval($item_id)
);
if(! $r)
killme();
$item = $r[0];
//we have different naming in in menu_item table and chatroom table
switch($type) {
case 'menu_item':
$uid = $item['mitem_channel_id'];
break;
case 'chatroom':
$uid = $item['cr_uid'];
break;
default:
$uid = $item['uid'];
break;
}
if($uid != local_channel()) {
echo '<li>' . t('Remote privacy information not available.') . '</li>';
killme();
}
if(($item['item_private'] == 1) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid']))
&& (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) {
// if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any
// specific recipients, we're the recipient of a post with "bcc" or targeted recipients; so we'll just show it
// as unknown specific recipients. The sender will have the visibility list and will fall through to the
// next section.
echo '<li>' . translate_scope((! $item['public_policy']) ? 'specific' : $item['public_policy']) . '</li>';
killme();
}
$allowed_users = expand_acl($item['allow_cid']);
$allowed_groups = expand_acl($item['allow_gid']);
$deny_users = expand_acl($item['deny_cid']);
$deny_groups = expand_acl($item['deny_gid']);
$o = '<li>' . t('Visible to:') . '</li>';
$l = array();
stringify_array_elms($allowed_groups,true);
stringify_array_elms($allowed_users,true);
stringify_array_elms($deny_groups,true);
stringify_array_elms($deny_users,true);
if(count($allowed_groups)) {
$r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $allowed_groups) . " )");
if($r)
foreach($r as $rr)
$l[] = '<li><b>' . $rr['gname'] . '</b></li>';
}
if(count($allowed_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )");
if($r)
foreach($r as $rr)
$l[] = '<li>' . $rr['xchan_name'] . '</li>';
if($atokens) {
foreach($atokens as $at) {
if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) {
$l[] = '<li>' . $at['xchan_name'] . '</li>';
}
}
}
}
if(count($deny_groups)) {
$r = q("SELECT gname FROM groups WHERE hash IN ( " . implode(', ', $deny_groups) . " )");
if($r)
foreach($r as $rr)
$l[] = '<li><b><strike>' . $rr['gname'] . '</strike></b></li>';
}
if(count($deny_users)) {
$r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )");
if($r)
foreach($r as $rr)
$l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>';
if($atokens) {
foreach($atokens as $at) {
if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) {
$l[] = '<li><strike>' . $at['xchan_name'] . '</strike></li>';
}
}
}
}
echo $o . implode($l);
killme();
}
}
Reference in New Issue View Git Blame Copy Permalink