gnu-social/plugins/Autocomplete/actions/autocomplete.php

203 lines
6.5 KiB
PHP
Raw Normal View History

<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
/**
* List profiles and groups for autocompletion
*
* @category Plugin
* @package GNUsocial
* @author Craig Andrews <candrews@integralblue.com>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @copyright 2008-2009 StatusNet, Inc.
* @copyright 2009-2013 Free Software Foundation, Inc http://www.fsf.org
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
defined('GNUSOCIAL') || die();
/**
* List users for autocompletion
*
* This is the form for adding a new g
*
* @category Plugin
* @package GNUsocial
* @author Craig Andrews <candrews@integralblue.com>
* @author Mikael Nordfeldth <mmn@hethane.se>
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
*/
class AutocompleteAction extends Action
{
protected $needLogin = true;
private $result;
2009-09-24 18:48:38 +01:00
/**
* Last-modified date for page
*
* When was the content of this page last modified? Based on notice,
* profile, avatar.
*
* @return int last-modified date as unix timestamp
*/
public function lastModified()
2009-09-24 18:48:38 +01:00
{
$max = 0;
foreach ($this->profiles as $profile) {
$max = max($max, strtotime($profile->modified));
2009-09-24 18:48:38 +01:00
}
foreach ($this->groups as $group) {
$max = max($max, strtotime($group->modified));
2009-09-24 18:48:38 +01:00
}
// but maybe this file has been modified after that and could
// respond differently
return max($max, filemtime(__FILE__));
2009-09-24 18:48:38 +01:00
}
/**
* An entity tag for this page
*
* Shows the ETag for the page, based on the notice ID and timestamps
* for the notice, profile, and avatar. It's weak, since we change
* the date text "one hour ago", etc.
*
* @return string etag
*/
public function etag()
2009-09-24 18:48:38 +01:00
{
return '"' . implode(':', array($this->arg('action'),
common_user_cache_hash(),
// the actual string can have funny characters in we don't want
// showing up in the etag
crc32($this->arg('term')),
2009-09-24 18:48:38 +01:00
$this->arg('limit'),
$this->lastModified())) . '"';
}
protected function prepare(array $args=array())
{
// If we die, show short error messages.
GNUsocial::setApi(true);
parent::prepare($args);
$this->groups = [];
$this->profiles = [];
$term = $this->arg('term');
$limit = (int) $this->arg('limit');
// Prevent DOS attacks
if ($limit > 200) {
$limit = 200;
}
if (substr($term, 0, 1) === '@') {
//profile search
$term = substr($term, 1);
$user_table = common_database_tablename('user');
$profile = new Profile();
$profile->_join .= sprintf(
"\n" . <<<'END'
INNER JOIN (
SELECT id FROM %s
UNION
SELECT subscribed AS id FROM subscription WHERE subscriber = %d
) AS t1 USING (id)
END,
$user_table,
$this->scoped->id
);
$profile->whereAdd('nickname LIKE \'' . trim($profile->escape($term), '\'') . '%\'');
$profile->orderBy('created, id');
$profile->limit($limit);
if ($profile->find()) {
while ($profile->fetch()) {
$this->profiles[] = clone($profile);
}
}
} elseif (substr($term, 0, 1) === '!') {
//group search
$term = substr($term, 1);
$group = new User_group();
//Can't post to groups we're not subscribed to...:
$group->whereAdd(sprintf(
'id IN (SELECT group_id FROM group_member WHERE profile_id = %d)',
$this->scoped->id
));
$group->whereAdd('nickname LIKE \'' . trim($group->escape($term), '\'') . '%\'');
$group->orderBy('created, id');
$group->limit($limit);
if ($group->find()) {
while ($group->fetch()) {
$this->groups[] = clone($group);
}
}
}
return true;
}
protected function handle()
{
parent::handle();
2009-09-24 18:48:38 +01:00
$results = array();
foreach ($this->profiles as $profile) {
$avatarUrl = $profile->avatarUrl(AVATAR_MINI_SIZE);
$acct = $profile->getAcctUri();
$identifier = explode(':', $profile->getAcctUri(), 2)[1];
$results[] = array(
'value' => '@'.$identifier,
'nickname' => $profile->getNickname(),
'acct_uri' => $acct,
'label'=> "${identifier} (".$profile->getFullname().")",
'avatar' => $avatarUrl,
'type' => 'user'
);
2009-09-24 18:48:38 +01:00
}
foreach ($this->groups as $group) {
$profile = $group->getProfile();
// sigh.... encapsulate this upstream!
if ($group->mini_logo) {
$avatarUrl = $group->mini_logo;
} else {
$avatarUrl = User_group::defaultLogo(AVATAR_MINI_SIZE);
}
$acct = $profile->getAcctUri();
$identifier = explode(':', $profile->getAcctUri(), 2)[1];
$results[] = array(
'value' => '!'.$identifier,
'nickname' => $group->getNickname(),
'acct_uri' => $acct,
'label'=> "${identifier} (".$group->getFullname().")",
'avatar' => $avatarUrl,
'type' => 'group');
2009-09-24 18:48:38 +01:00
}
print json_encode($results);
}
/**
* Is this action read-only?
*
* @param array $args other arguments
*
* @return boolean is read only action?
*/
public function isReadOnly($args)
{
return true;
}
}