Stop Twitter gateway notices from leaking via user faves pages
This commit is contained in:
Zach Copley
parent
d9bebfd651
commit
31325f0995
|
|
@ -191,10 +191,21 @@ class ShowfavoritesAction extends CurrentUserDesignAction
|
||||||
|
|
||||||
function showContent()
|
function showContent()
|
||||||
{
|
{
|
||||||
$notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE,
|
$cur = common_current_user();
|
||||||
NOTICES_PER_PAGE + 1);
|
|
||||||
|
|
||||||
if (!$notice) {
|
if (!empty($cur) && $cur->id == $this->user->id) {
|
||||||
|
|
||||||
|
// Show imported/gateway notices as well as local if
|
||||||
|
// the user is looking at his own favorites
|
||||||
|
|
||||||
|
$notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE,
|
||||||
|
NOTICES_PER_PAGE + 1, true);
|
||||||
|
} else {
|
||||||
|
$notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE,
|
||||||
|
NOTICES_PER_PAGE + 1, false);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($notice)) {
|
||||||
$this->serverError(_('Could not retrieve favorite notices.'));
|
$this->serverError(_('Could not retrieve favorite notices.'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -37,51 +37,61 @@ class Fave extends Memcached_DataObject
|
||||||
return Memcached_DataObject::pkeyGet('Fave', $kv);
|
return Memcached_DataObject::pkeyGet('Fave', $kv);
|
||||||
}
|
}
|
||||||
|
|
||||||
function stream($user_id, $offset=0, $limit=NOTICES_PER_PAGE)
|
function stream($user_id, $offset=0, $limit=NOTICES_PER_PAGE, $own=false)
|
||||||
{
|
{
|
||||||
$ids = Notice::stream(array('Fave', '_streamDirect'),
|
$ids = Notice::stream(array('Fave', '_streamDirect'),
|
||||||
array($user_id),
|
array($user_id, $own),
|
||||||
'fave:ids_by_user:'.$user_id,
|
($own) ? 'fave:ids_by_user_own:'.$user_id :
|
||||||
|
'fave:by_user:'.$user_id,
|
||||||
$offset, $limit);
|
$offset, $limit);
|
||||||
return $ids;
|
return $ids;
|
||||||
}
|
}
|
||||||
|
|
||||||
function _streamDirect($user_id, $offset, $limit, $since_id, $max_id, $since)
|
function _streamDirect($user_id, $own, $offset, $limit, $since_id, $max_id, $since)
|
||||||
{
|
{
|
||||||
$fav = new Fave();
|
$fav = new Fave();
|
||||||
|
$qry = null;
|
||||||
|
|
||||||
$fav->user_id = $user_id;
|
if ($own) {
|
||||||
|
$qry = 'SELECT fave.* FROM fave ';
|
||||||
$fav->selectAdd();
|
$qry .= 'WHERE fave.user_id = ' . $user_id . ' ';
|
||||||
$fav->selectAdd('notice_id');
|
} else {
|
||||||
|
$qry = 'SELECT fave.* FROM fave ';
|
||||||
|
$qry .= 'INNER JOIN notice ON fave.notice_id = notice.id ';
|
||||||
|
$qry .= 'WHERE fave.user_id = ' . $user_id . ' ';
|
||||||
|
$qry .= 'AND notice.is_local != ' . NOTICE_GATEWAY . ' ';
|
||||||
|
}
|
||||||
|
|
||||||
if ($since_id != 0) {
|
if ($since_id != 0) {
|
||||||
$fav->whereAdd('notice_id > ' . $since_id);
|
$qry .= 'AND notice_id > ' . $since_id . ' ';
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($max_id != 0) {
|
if ($max_id != 0) {
|
||||||
$fav->whereAdd('notice_id <= ' . $max_id);
|
$qry .= 'AND notice_id <= ' . $max_id . ' ';
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_null($since)) {
|
if (!is_null($since)) {
|
||||||
$fav->whereAdd('modified > \'' . date('Y-m-d H:i:s', $since) . '\'');
|
$qry .= 'AND modified > \'' . date('Y-m-d H:i:s', $since) . '\' ';
|
||||||
}
|
}
|
||||||
|
|
||||||
// NOTE: we sort by fave time, not by notice time!
|
// NOTE: we sort by fave time, not by notice time!
|
||||||
|
|
||||||
$fav->orderBy('modified DESC');
|
$qry .= 'ORDER BY modified DESC ';
|
||||||
|
|
||||||
if (!is_null($offset)) {
|
if (!is_null($offset)) {
|
||||||
$fav->limit($offset, $limit);
|
$qry .= "LIMIT $offset, $limit";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$fav->query($qry);
|
||||||
|
|
||||||
$ids = array();
|
$ids = array();
|
||||||
|
|
||||||
if ($fav->find()) {
|
|
||||||
while ($fav->fetch()) {
|
while ($fav->fetch()) {
|
||||||
$ids[] = $fav->notice_id;
|
$ids[] = $fav->notice_id;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
$fav->free();
|
||||||
|
unset($fav);
|
||||||
|
|
||||||
return $ids;
|
return $ids;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -471,8 +471,10 @@ class Notice extends Memcached_DataObject
|
||||||
if ($fave->find()) {
|
if ($fave->find()) {
|
||||||
while ($fave->fetch()) {
|
while ($fave->fetch()) {
|
||||||
$cache->delete(common_cache_key('fave:ids_by_user:'.$fave->user_id));
|
$cache->delete(common_cache_key('fave:ids_by_user:'.$fave->user_id));
|
||||||
|
$cache->delete(common_cache_key('fave:by_user_own:'.$fave->user_id));
|
||||||
if ($blowLast) {
|
if ($blowLast) {
|
||||||
$cache->delete(common_cache_key('fave:ids_by_user:'.$fave->user_id.';last'));
|
$cache->delete(common_cache_key('fave:ids_by_user:'.$fave->user_id.';last'));
|
||||||
|
$cache->delete(common_cache_key('fave:by_user_own:'.$fave->user_id.';last'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -424,9 +424,9 @@ class User extends Memcached_DataObject
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function favoriteNotices($offset=0, $limit=NOTICES_PER_PAGE)
|
function favoriteNotices($offset=0, $limit=NOTICES_PER_PAGE, $own=false)
|
||||||
{
|
{
|
||||||
$ids = Fave::stream($this->id, $offset, $limit);
|
$ids = Fave::stream($this->id, $offset, $limit, $own);
|
||||||
return Notice::getStreamByIds($ids);
|
return Notice::getStreamByIds($ids);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue