Lanmikeman/openvk
Lanmikeman/openvk
1
1
Fork 0
mirror of https://github.com/openvk/openvk synced 2025-01-08 00:39:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

perezaliv2

Browse source
This commit is contained in:
lalka2016 2023-07-05 18:06:15 +03:00
parent 2e76ca16df
commit dafd1d46de
67 changed files with 2007 additions and 594 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
ServiceAPI/Search.php
View file

@ -46,31 +46,36 @@ class Search implements Handler
break;
}
$res = $repo->find($query, ["doNotSearchMe" => $this->user->getId()], $sort);
$res = $repo->find($query, ["doNotSearchMe" => $this->user->getId(), "doNotShowDeleted" => true, "doNotShowPrivate" => true], $sort);
$results = array_slice(iterator_to_array($res), 0, 5);
$count = sizeof($results);
$results = array_slice(iterator_to_array($res), 0, 7);
$arr = [
"count" => $count,
"items" => []
];
$items = [];
$count = 0;
if(sizeof($results) < 1) {
$reject(2, "No results");
}
foreach($results as $res) {
if(!$res->canBeViewedBy($this->user)) continue;
foreach($results as $res) {
$arr["items"][] = [
$items[] = [
"id" => $res->getId(),
"name" => $type == "users" ? $res->getCanonicalName() : $res->getName(),
"avatar" => $type != "videos" ? $res->getAvatarUrl() : $res->getThumbnailURL(),
"url" => $type != "videos" ? $res->getUrl() : "/video".$res->getPrettyId(),
"description" => ovk_proc_strtr($res->getDescription() ?? "...", 40)
];
$count+=1;
}
if($count < 1) {
$reject(2, "No results");
}
$arr = [
"count" => $count,
"items" => $items
];
$resolve($arr);
}
}

8
ServiceAPI/Wall.php
View file

@ -22,6 +22,14 @@ class Wall implements Handler
$post = $this->posts->get($id);
if(!$post || $post->isDeleted())
$reject("No post with id=$id");
if(!$post->canBeViewedBy($this->user ?? NULL)) {
$reject(1, "Access denied");
}
if($post->getWallOwner()->isDeleted()) {
$reject(2, "Access denied: wall owner was deleted or banned");
}
$res = (object) [];
$res->id = $post->getId();

56
VKAPI/Handlers/Board.php
View file

@ -22,6 +22,10 @@ final class Board extends VKAPIRequestHandler
$this->fail(403, "Invalid club");
}
if($club->isDeleted()) {
$this->fail(43, "Club was deleted");
}
if(!$club->canBeModifiedBy($this->getUser()) && !$club->isEveryoneCanCreateTopics()) {
$this->fail(403, "Access to club denied");
}
@ -111,6 +115,10 @@ final class Board extends VKAPIRequestHandler
return 0;
}
if($topic->getClub()->isDeleted()) {
$this->fail(43, "Club was deleted");
}
if(!$topic->isClosed()) {
$topic->setClosed(1);
$topic->save();
@ -130,8 +138,16 @@ final class Board extends VKAPIRequestHandler
$topic = (new TopicsRepo)->getTopicById($group_id, $topic_id);
if(!$topic || $topic->isDeleted() || $topic->isClosed()) {
$this->fail(100, "Topic is deleted, closed or invalid.");
if(!$topic || $topic->isClosed()) {
$this->fail(100, "Topic is deleted or invalid.");
}
if(!$topic->getClub() || $topic->getClub()->isDeleted()) {
$this->fail(43, "Club was deleted");
}
if(!$topic->canBeViewedBy($this->getUser())) {
$this->fail(8, "Access denied");
}
$flags = 0;
@ -224,6 +240,10 @@ final class Board extends VKAPIRequestHandler
return 0;
}
if($topic->getClub()->isDeleted()) {
return 0;
}
$topic->deleteTopic();
return 1;
@ -258,6 +278,10 @@ final class Board extends VKAPIRequestHandler
return 0;
}
if($topic->getClub()->isDeleted()) {
return 0;
}
$topic->setTitle(ovk_proc_strtr($title, 127));
$topic->save();
@ -276,6 +300,10 @@ final class Board extends VKAPIRequestHandler
return 0;
}
if($topic->getClub()->isDeleted()) {
return 0;
}
$topic->setPinned(1);
$topic->save();
@ -295,6 +323,14 @@ final class Board extends VKAPIRequestHandler
$this->fail(5, "Invalid topic");
}
if(!$topic->canBeViewedBy($this->getUser())) {
$this->fail(8, "Access denied");
}
if(!$topic->getClub() || $topic->getClub()->isDeleted()) {
$this->fail(666, "Club was deleted or banned");
}
$arr = [
"items" => []
];
@ -326,6 +362,14 @@ final class Board extends VKAPIRequestHandler
$arr = [];
$club = (new ClubsRepo)->get($group_id);
if(!$club || $club->isDeleted()) {
$this->fail(666, "Club was deleted or banned");
}
if(!$club->canBeViewedBy($this->getUser())) {
$this->fail(8, "Access denied");
}
$topics = array_slice(iterator_to_array((new TopicsRepo)->getClubTopics($club, 1, $count + $offset)), $offset);
$arr["count"] = (new TopicsRepo)->getClubTopicsCount($club);
$arr["items"] = [];
@ -365,6 +409,10 @@ final class Board extends VKAPIRequestHandler
return 0;
}
if(!$topic->getClub() || $topic->getClub()->isDeleted()) {
$this->fail(666, "Club was deleted or banned");
}
if($topic->isClosed()) {
$topic->setClosed(0);
$topic->save();
@ -389,6 +437,10 @@ final class Board extends VKAPIRequestHandler
return 0;
}
if(!$topic->getClub() || $topic->getClub()->isDeleted()) {
$this->fail(666, "Club was deleted or banned");
}
if($topic->isPinned()) {
$topic->setClosed(0);
$topic->save();

260
VKAPI/Handlers/Friends.php
View file

@ -4,164 +4,184 @@ use openvk\Web\Models\Repositories\Users as UsersRepo;
final class Friends extends VKAPIRequestHandler
{
function get(int $user_id, string $fields = "", int $offset = 0, int $count = 100): object
{
$i = 0;
$offset++;
$friends = [];
function get(int $user_id, string $fields = "", int $offset = 0, int $count = 100): object
{
$i = 0;
$offset++;
$friends = [];
$users = new UsersRepo;
$users = new UsersRepo;
$this->requireUser();
foreach($users->get($user_id)->getFriends($offset, $count) as $friend) {
$friends[$i] = $friend->getId();
$i++;
}
$uzver = $users->get($user_id);
$response = $friends;
$this->requireUser();
$usersApi = new Users($this->getUser());
if(!$uzver || $uzver->isDeleted()) {
$this->fail(10, "Invalid user");
}
if(!is_null($fields))
$response = $usersApi->get(implode(',', $friends), $fields, 0, $count); # FIXME
if(!$uzver->getPrivacyPermission('friends.read', $this->getUser() ?? NULL)) {
$this->fail(7, "Access denied: this user chose to hide his friends");
}
if(!$uzver->canBeViewedBy($this->getUser())) {
$this->fail(8, "Access denied");
}
foreach($uzver->getFriends($offset, $count) as $friend) {
$friends[$i] = $friend->getId();
$i++;
}
return (object) [
"count" => $users->get($user_id)->getFriendsCount(),
"items" => $response
];
}
$response = $friends;
function getLists(): object
{
$this->requireUser();
$usersApi = new Users($this->getUser());
return (object) [
"count" => 0,
"items" => (array)[]
];
}
if(!is_null($fields))
$response = $usersApi->get(implode(',', $friends), $fields, 0, $count); # FIXME
function deleteList(): int
{
$this->requireUser();
return (object) [
"count" => $users->get($user_id)->getFriendsCount(),
"items" => $response
];
}
return 1;
}
function getLists(): object
{
$this->requireUser();
function edit(): int
{
$this->requireUser();
return (object) [
"count" => 0,
"items" => (array)[]
];
}
return 1;
}
function deleteList(): int
{
$this->requireUser();
function editList(): int
{
$this->requireUser();
return 1;
}
return 1;
}
function edit(): int
{
$this->requireUser();
function add(string $user_id): int
{
$this->requireUser();
return 1;
}
function editList(): int
{
$this->requireUser();
return 1;
}
function add(string $user_id): int
{
$this->requireUser();
$this->willExecuteWriteAction();
$users = new UsersRepo;
$user = $users->get(intval($user_id));
if(is_null($user)) {
$this->fail(177, "Cannot add this user to friends as user not found");
} else if($user->getId() == $this->getUser()->getId()) {
$this->fail(174, "Cannot add user himself as friend");
}
$users = new UsersRepo;
$user = $users->get((int)$user_id);
switch($user->getSubscriptionStatus($this->getUser())) {
case 0:
$user->toggleSubscription($this->getUser());
return 1;
if(!$user || $user->isDeleted()) {
$this->fail(177, "Invalid user");
}
if($user->getId() == $this->getUser()->getId()) {
$this->fail(174, "Cannot add user himself as friend");
}
case 1:
$user->toggleSubscription($this->getUser());
return 2;
switch($user->getSubscriptionStatus($this->getUser())) {
case 0:
$user->toggleSubscription($this->getUser());
return 1;
case 3:
return 2;
default:
return 1;
}
}
case 1:
$user->toggleSubscription($this->getUser());
return 2;
function delete(string $user_id): int
{
$this->requireUser();
case 3:
return 2;
default:
return 1;
}
}
function delete(string $user_id): int
{
$this->requireUser();
$this->willExecuteWriteAction();
$users = new UsersRepo;
$users = new UsersRepo;
$user = $users->get(intval($user_id));
$user = $users->get((int)$user_id);
switch($user->getSubscriptionStatus($this->getUser())) {
case 3:
$user->toggleSubscription($this->getUser());
return 1;
default:
$this->fail(15, "Access denied: No friend or friend request found.");
}
}
if(!$user || $user->isDeleted()) {
$this->fail(8, "Invalid user");
}
switch($user->getSubscriptionStatus($this->getUser())) {
case 3:
$user->toggleSubscription($this->getUser());
return 1;
default:
$this->fail(15, "Access denied: No friend or friend request found.");
}
}
function areFriends(string $user_ids): array
{
$this->requireUser();
function areFriends(string $user_ids): array
{
$this->requireUser();
$users = new UsersRepo;
$users = new UsersRepo;
$friends = explode(',', $user_ids);
$friends = explode(',', $user_ids);
$response = [];
$response = [];
for($i=0; $i < sizeof($friends); $i++) {
$friend = $users->get(intval($friends[$i]));
for($i=0; $i < sizeof($friends); $i++) {
$friend = $users->get((int)$friends[$i]);
$response[] = (object)[
"friend_status" => $friend->getSubscriptionStatus($this->getUser()),
"user_id" => $friend->getId()
];
}
$response[] = (object)[
"friend_status" => $friend->getSubscriptionStatus($this->getUser()),
"user_id" => $friend->getId()
];
}
return $response;
}
return $response;
}
function getRequests(string $fields = "", int $offset = 0, int $count = 100, int $extended = 0): object
{
if ($count >= 1000)
$this->fail(100, "One of the required parameters was not passed or is invalid.");
function getRequests(string $fields = "", int $offset = 0, int $count = 100, int $extended = 0): object
{
if ($count >= 1000)
$this->fail(100, "One of the required parameters was not passed or is invalid.");
$this->requireUser();
$this->requireUser();
$i = 0;
$offset++;
$followers = [];
$i = 0;
$offset++;
$followers = [];
foreach($this->getUser()->getFollowers($offset, $count) as $follower) {
$followers[$i] = $follower->getId();
$i++;
}
foreach($this->getUser()->getFollowers($offset, $count) as $follower) {
$followers[$i] = $follower->getId();
$i++;
}
$response = $followers;
$usersApi = new Users($this->getUser());
$response = $followers;
$usersApi = new Users($this->getUser());
$response = $usersApi->get(implode(',', $followers), $fields, 0, $count);
$response = $usersApi->get(implode(',', $followers), $fields, 0, $count);
foreach($response as $user)
$user->user_id = $user->id;
foreach($response as $user)
$user->user_id = $user->id;
return (object) [
"count" => $this->getUser()->getFollowersCount(),
"items" => $response
];
}
return (object) [
"count" => $this->getUser()->getFollowersCount(),
"items" => $response
];
}
}

11
VKAPI/Handlers/Gifts.php
View file

@ -16,8 +16,13 @@ final class Gifts extends VKAPIRequestHandler
$user = (new UsersRepo)->get($user_id);
if(!$user || $user->isDeleted())
if(!$user || $user->isDeleted()) {
$this->fail(177, "Invalid user");
}
if(!$user->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$gift_item = [];
@ -62,6 +67,10 @@ final class Gifts extends VKAPIRequestHandler
if(!$user || $user->isDeleted())
$this->fail(177, "Invalid user");
if(!$user->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$gift = (new GiftsRepo)->get($gift_id);
if(!$gift)

213
VKAPI/Handlers/Groups.php
View file

@ -11,20 +11,28 @@ final class Groups extends VKAPIRequestHandler
$this->requireUser();
if($user_id == 0) {
foreach($this->getUser()->getClubs($offset, false, $count, true) as $club)
$clbs[] = $club;
$clbsCount = $this->getUser()->getClubCount();
foreach($this->getUser()->getClubs($offset, false, $count, true) as $club)
$clbs[] = $club;
$clbsCount = $this->getUser()->getClubCount();
} else {
$users = new UsersRepo;
$user = $users->get($user_id);
$users = new UsersRepo;
$user = $users->get($user_id);
if(is_null($user))
$this->fail(15, "Access denied");
if(is_null($user) || $user->isDeleted() || $user->isBanned())
$this->fail(15, "Invalid user");
foreach($user->getClubs($offset, false, $count, true) as $club)
$clbs[] = $club;
if($user->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$this->fail(8, "Access denied: this user chose to hide his groups.");
}
$clbsCount = $user->getClubCount();
if(!$user->canBeViewedBy($this->getUser())) {
$this->fail(8, "Access denied");
}
foreach($user->getClubs($offset, false, $count, true) as $club)
$clbs[] = $club;
$clbsCount = $user->getClubCount();
}
$rClubs;
@ -36,7 +44,7 @@ final class Groups extends VKAPIRequestHandler
if(!empty($clbs)) {
for($i=0; $i < $ic; $i++) {
$usr = $clbs[$i];
if(is_null($usr)) {
if(is_null($usr) || $usr->isDeleted()) {
} else {
$rClubs[$i] = (object) [
@ -90,8 +98,8 @@ final class Groups extends VKAPIRequestHandler
}
return (object) [
"count" => $clbsCount,
"items" => $rClubs
"count" => $clbsCount,
"items" => $rClubs
];
}
@ -101,20 +109,20 @@ final class Groups extends VKAPIRequestHandler
not in your app or script, since it's not oficially documented by VK */
$clubs = new ClubsRepo;
if(empty($group_ids) && !empty($group_id))
$group_ids = $group_id;
if(empty($group_ids) && empty($group_id))
$this->fail(100, "One of the parameters specified was missing or invalid: group_ids is undefined");
$clbs = explode(',', $group_ids);
$response = array();
$ic = sizeof($clbs);
if(sizeof($clbs) > $count)
$ic = $count;
$ic = $count;
$clbs = array_slice($clbs, $offset * $count);
@ -135,6 +143,23 @@ final class Groups extends VKAPIRequestHandler
"type" => "group",
"description" => "This group was deleted or it doesn't exist"
];
} else if($clb->isBanned()) {
$response[$i] = (object)[
"id" => (int)($clbs[$i]),
"name" => $clb->getName(),
"screen_name" => "club".(int)($clbs[$i]),
"type" => "group",
"description" => "This group was banned",
"reason" => $clb->getBanReason()
];
} else if($clb->isDeleted()) {
$response[$i] = (object)[
"id" => (int)($clbs[$i]),
"name" => $clb->getName(),
"screen_name" => "club".(int)($clbs[$i]),
"type" => "group",
"description" => "This group was deleted"
];
} else if($clbs[$i] == NULL) {
} else {
@ -152,18 +177,18 @@ final class Groups extends VKAPIRequestHandler
foreach($flds as $field) {
switch($field) {
case "verified":
$response[$i]->verified = intval($clb->isVerified());
break;
case "has_photo":
$response[$i]->has_photo = is_null($clb->getAvatarPhoto()) ? 0 : 1;
break;
case "photo_max_orig":
$response[$i]->photo_max_orig = $clb->getAvatarURL();
break;
case "photo_max":
$response[$i]->photo_max = $clb->getAvatarURL();
break;
case "verified":
$response[$i]->verified = intval($clb->isVerified());
break;
case "has_photo":
$response[$i]->has_photo = is_null($clb->getAvatarPhoto()) ? 0 : 1;
break;
case "photo_max_orig":
$response[$i]->photo_max_orig = $clb->getAvatarURL();
break;
case "photo_max":
$response[$i]->photo_max = $clb->getAvatarURL();
break;
case "photo_50":
$response[$i]->photo_50 = $clb->getAvatarURL();
break;
@ -179,16 +204,16 @@ final class Groups extends VKAPIRequestHandler
case "photo_400_orig":
$response[$i]->photo_400_orig = $clb->getAvatarURL("normal");
break;
case "members_count":
$response[$i]->members_count = $clb->getFollowersCount();
break;
case "site":
$response[$i]->site = $clb->getWebsite();
break;
case "description":
$response[$i]->description = $clb->getDescription();
case "members_count":
$response[$i]->members_count = $clb->getFollowersCount();
break;
case "contacts":
case "site":
$response[$i]->site = $clb->getWebsite();
break;
case "description":
$response[$i]->description = $clb->getDescription();
break;
case "contacts":
$contacts;
$contactTmp = $clb->getManagers(1, true);
@ -198,8 +223,8 @@ final class Groups extends VKAPIRequestHandler
"desc" => $contact->getComment()
);
$response[$i]->contacts = $contacts;
break;
$response[$i]->contacts = $contacts;
break;
case "can_post":
if(!is_null($this->getUser()))
if($clb->canBeModifiedBy($this->getUser()))
@ -220,14 +245,14 @@ final class Groups extends VKAPIRequestHandler
$clubs = new ClubsRepo;
$array = [];
$find = $clubs->find($q);
$find = $clubs->find($q, ["doNotShowDeleted" => true]);
foreach ($find as $group)
$array[] = $group->getId();
return (object) [
"count" => $find->size(),
"items" => $this->getById(implode(',', $array), "", "is_admin,is_member,is_advertiser,photo_50,photo_100,photo_200", $offset, $count)
"count" => $find->size(),
"items" => $this->getById(implode(',', $array), "", "is_admin,is_member,is_advertiser,photo_50,photo_100,photo_200", $offset, $count)
/*
* As there is no thing as "fields" by the original documentation
* i'll just bake this param by the example shown here: https://dev.vk.com/method/groups.search
@ -241,6 +266,8 @@ final class Groups extends VKAPIRequestHandler
$this->willExecuteWriteAction();
$club = (new ClubsRepo)->get($group_id);
if(!$club || $club->isDeleted()) $this->fail(23, "You can't subscribe to deleted club");
$isMember = !is_null($this->getUser()) ? (int) $club->getSubscriptionStatus($this->getUser()) : 0;
@ -300,6 +327,8 @@ final class Groups extends VKAPIRequestHandler
$club = (new ClubsRepo)->get($group_id);
if(!$club) $this->fail(203, "Club not found");
if($club->isDeleted()) $this->fail(23, "Club was deleted");
if(!$club || !$club->canBeModifiedBy($this->getUser())) $this->fail(15, "You can't modify this group.");
if(!empty($screen_name) && !$club->setShortcode($screen_name)) $this->fail(103, "Invalid shortcode.");
@ -322,8 +351,12 @@ final class Groups extends VKAPIRequestHandler
{
# bdate,can_post,can_see_all_posts,can_see_audio,can_write_private_message,city,common_count,connections,contacts,country,domain,education,has_mobile,last_seen,lists,online,online_mobile,photo_100,photo_200,photo_200_orig,photo_400_orig,photo_50,photo_max,photo_max_orig,relation,relatives,schools,sex,site,status,universities
$club = (new ClubsRepo)->get((int) $group_id);
if(!$club)
$this->fail(125, "Invalid group id");
if(!$club || $club->isDeleted())
$this->fail(125, "Invalid club");
if(!$club->canBeViewedBy($this->getUser() ?? NULL))
$this->fail(8, "Access denied");
$sorter = "follower ASC";
@ -342,7 +375,7 @@ final class Groups extends VKAPIRequestHandler
$members = array_slice(iterator_to_array($club->getFollowers(1, $count, $sorter)), $offset);
$arr = (object) [
"count" => count($members),
"items" => array()];
"items" => []];
$filds = explode(",", $fields);
@ -361,7 +394,12 @@ final class Groups extends VKAPIRequestHandler
foreach($filds as $fild) {
switch($fild) {
case "bdate":
$arr->items[$i]->bdate = $member->getBirthday()->format('%e.%m.%Y');
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->bdate = !is_null($member->getBirthday()) ? $member->getBirthday()->format('%e.%m.%Y') : NULL;
} else {
$arr->items[$i]->bdate = "secret";
}
break;
case "can_post":
$arr->items[$i]->can_post = $club->canBeModifiedBy($member);
@ -382,19 +420,44 @@ final class Groups extends VKAPIRequestHandler
$arr->items[$i]->connections = 1;
break;
case "contacts":
$arr->items[$i]->contacts = $member->getContactEmail();
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->contacts = $member->getContactEmail();
} else {
$arr->items[$i]->contacts = "secret";
}
break;
case "country":
$arr->items[$i]->country = 1;
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->country = 1;
} else {
$arr->items[$i]->country = "secret";
}
break;
case "domain":
$arr->items[$i]->domain = "";
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->domain = "";
} else {
$arr->items[$i]->domain = "secret";
}
break;
case "education":
$arr->items[$i]->education = "";
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->education = "";
} else {
$arr->items[$i]->education = "secret";
}
break;
case "has_mobile":
$arr->items[$i]->has_mobile = false;
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->has_mobile = false;
} else {
$arr->items[$i]->has_mobile = "secret";
}
break;
case "last_seen":
$arr->items[$i]->last_seen = $member->getOnline()->timestamp();
@ -427,25 +490,50 @@ final class Groups extends VKAPIRequestHandler
$arr->items[$i]->photo_max_orig = $member->getAvatarURL();
break;
case "relation":
$arr->items[$i]->relation = $member->getMaritalStatus();
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->relation = $member->getMaritalStatus();
} else {
$arr->items[$i]->relation = "secret";
}
break;
case "relatives":
$arr->items[$i]->relatives = 0;
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->relatives = 0;
} else {
$arr->items[$i]->relatives = "secret";
}
break;
case "schools":
$arr->items[$i]->schools = 0;
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->schools = 0;
} else {
$arr->items[$i]->schools = "secret";
}
break;
case "sex":
$arr->items[$i]->sex = $member->isFemale() ? 1 : 2;
break;
case "site":
$arr->items[$i]->site = $member->getWebsite();
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->site = $member->getWebsite();
} else {
$arr->items[$i]->site = "secret";
}
break;
case "status":
$arr->items[$i]->status = $member->getStatus();
break;
case "universities":
$arr->items[$i]->universities = 0;
if($member->canBeViewedBy($this->getUser() ?? NULL) && $member->getPrivacyPermission("page.info.read", $this->getUser() ?? NULL)) {
$arr->items[$i]->universities = 0;
} else {
$arr->items[$i]->universities = "secret";
}
break;
}
}
@ -459,7 +547,7 @@ final class Groups extends VKAPIRequestHandler
$this->requireUser();
$club = (new ClubsRepo)->get((int)$group_id);
if(!$club || !$club->canBeModifiedBy($this->getUser()))
if(!$club || $club->isDeleted() || !$club->canBeModifiedBy($this->getUser()))
$this->fail(15, "You can't get settings of this group.");
$arr = (object) [
@ -471,6 +559,8 @@ final class Groups extends VKAPIRequestHandler
"video" => 0,
"audio" => 0,
"docs" => 0,
"hide_from_global_feed" => (int)$club->isHideFromGlobalFeedEnabled(),
"administrators_list" => (int)$club->getAdministratorsListDisplay(),
"topics" => $club->isEveryoneCanCreateTopics() == true ? 1 : 0,
"wiki" => 0,
"messages" => 0,
@ -509,9 +599,18 @@ final class Groups extends VKAPIRequestHandler
if(!$club || $group_id == 0)
$this->fail(203, "Invalid club");
if($club->isDeleted())
$this->fail(25, "Access denied: club was banned or deleted");
if(!$club->canBeViewedBy($this->getUser() ?? NULL))
$this->fail(25, "Access denied");
if(!$usver || $usver->isDeleted() || $user_id == 0)
$this->fail(30, "Invalid user");
if(!$usver->canBeViewedBy($this->getUser() ?? NULL))
$this->fail(25, "Access denied");
if($extended == false) {
return $club->getSubscriptionStatus($usver) ? 1 : 0;
} else {

59
VKAPI/Handlers/Likes.php
View file

@ -5,17 +5,26 @@ use openvk\Web\Models\Repositories\Posts as PostsRepo;
final class Likes extends VKAPIRequestHandler
{
function add(string $type, int $owner_id, int $item_id): object
{
$this->requireUser();
function add(string $type, int $owner_id, int $item_id): object
{
$this->requireUser();
$this->willExecuteWriteAction();
switch($type) {
case "post":
$post = (new PostsRepo)->getPostById($owner_id, $item_id);
if(is_null($post))
if(is_null($post) || $post->isDeleted())
$this->fail(100, "One of the parameters specified was missing or invalid: object not found");
if($post->getWallOwner()->isDeleted()) {
$this->fail(665, "Error: Wall owner is deleted or not exist");
}
if(!$post->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(2, "Access denied: you can't view this post.");
}
$post->setLike(true, $this->getUser());
return (object) [
@ -24,19 +33,27 @@ final class Likes extends VKAPIRequestHandler
default:
$this->fail(100, "One of the parameters specified was missing or invalid: incorrect type");
}
}
}
function delete(string $type, int $owner_id, int $item_id): object
{
$this->requireUser();
function delete(string $type, int $owner_id, int $item_id): object
{
$this->requireUser();
$this->willExecuteWriteAction();
switch($type) {
case "post":
$post = (new PostsRepo)->getPostById($owner_id, $item_id);
if (is_null($post))
if(is_null($post) || $post->isDeleted())
$this->fail(100, "One of the parameters specified was missing or invalid: object not found");
if($post->getWallOwner()->isDeleted()) {
$this->fail(665, "Error: Wall owner is deleted or not exist");
}
if(!$post->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(2, "Access denied: you can't view this post.");
}
$post->setLike(false, $this->getUser());
return (object) [
"likes" => $post->getLikesCount()
@ -44,11 +61,11 @@ final class Likes extends VKAPIRequestHandler
default:
$this->fail(100, "One of the parameters specified was missing or invalid: incorrect type");
}
}
}
function isLiked(int $user_id, string $type, int $owner_id, int $item_id): object
{
$this->requireUser();
{
$this->requireUser();
switch($type) {
case "post":
@ -60,6 +77,20 @@ final class Likes extends VKAPIRequestHandler
if (is_null($post))
$this->fail(100, "One of the parameters specified was missing or invalid: object not found");
if($post->getWallOwner()->isDeleted()) {
$this->fail(665, "Error: Wall owner is deleted or not exist");
}
if(!$post->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(2, "Access denied: you can't view this post.");
}
if($post->getWallOwner()->isDeleted()) {
return (object) [
"liked" => 0,
];
}
return (object) [
"liked" => (int) $post->hasLikeFrom($user),
"copied" => 0 # TODO: handle this
@ -67,5 +98,5 @@ final class Likes extends VKAPIRequestHandler
default:
$this->fail(100, "One of the parameters specified was missing or invalid: incorrect type");
}
}
}
}

3
VKAPI/Handlers/Newsfeed.php
View file

@ -51,7 +51,8 @@ final class Newsfeed extends VKAPIRequestHandler
{
$this->requireUser();
$queryBase = "FROM `posts` LEFT JOIN `groups` ON GREATEST(`posts`.`wall`, 0) = 0 AND `groups`.`id` = ABS(`posts`.`wall`) WHERE (`groups`.`hide_from_global_feed` = 0 OR `groups`.`name` IS NULL) AND `posts`.`deleted` = 0";
$queryBase = "FROM `posts` JOIN `profiles` ON `profiles`.`id` = ABS(`posts`.`wall`) LEFT JOIN `groups` ON GREATEST(`posts`.`wall`, 0) = 0 AND `groups`.`id` = ABS(`posts`.`wall`)";
$queryBase .= "WHERE (`profiles`.`profile_type` = 0 OR `profiles`.`first_name` IS NULL) AND (`groups`.`hide_from_global_feed` = 0 OR `groups`.`name` IS NULL) AND `posts`.`deleted` = 0";
if($this->getUser()->getNsfwTolerance() === User::NSFW_INTOLERANT)
$queryBase .= " AND `nsfw` = 0";

29
VKAPI/Handlers/Notes.php
View file

@ -38,10 +38,11 @@ final class Notes extends VKAPIRequestHandler
$this->fail(189, "Note is deleted");
if($note->getOwner()->isDeleted())
$this->fail(403, "Owner is deleted");
$this->fail(403, "Access denied: Owner is deleted");
if(!$note->getOwner()->getPrivacyPermission('notes.read', $this->getUser()))
$this->fail(43, "No access");
if(!$note->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
if(empty($message) && empty($attachments))
$this->fail(100, "Required parameter 'message' missing.");
@ -147,7 +148,7 @@ final class Notes extends VKAPIRequestHandler
$this->fail(189, "Note is deleted");
if(!$note->canBeModifiedBy($this->getUser()))
$this->fail(403, "No access");
$this->fail(403, "Access denied");
!empty($title) ? $note->setName($title) : NULL;
!empty($text) ? $note->setSource($text) : NULL;
@ -189,6 +190,10 @@ final class Notes extends VKAPIRequestHandler
if(!$user->getPrivacyPermission('notes.read', $this->getUser()))
$this->fail(43, "Access denied: this user chose to hide his notes");
if(!$user->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
if(empty($note_ids)) {
$notes = array_slice(iterator_to_array((new NotesRepo)->getUserNotes($user, 1, $count + $offset, $sort == 0 ? "ASC" : "DESC")), $offset);
$nodez = (object) [
@ -231,12 +236,13 @@ final class Notes extends VKAPIRequestHandler
if($note->isDeleted())
$this->fail(189, "Note is deleted");
if(!$note->getOwner() || $note->getOwner()->isDeleted())
$this->fail(177, "Owner does not exists");
if(!$note->getOwner()->getPrivacyPermission('notes.read', $this->getUser()))
$this->fail(40, "Access denied: this user chose to hide his notes");
if(!$note->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
return $note->toVkApiStruct();
}
@ -253,11 +259,12 @@ final class Notes extends VKAPIRequestHandler
if($note->isDeleted())
$this->fail(189, "Note is deleted");
if(!$note->getOwner())
$this->fail(177, "Owner does not exists");
if(!$note->getOwner() || $note->getOwner()->isDeleted())
$this->fail(177, "Error: Owner of note is deleted");
if(!$note->getOwner()->getPrivacyPermission('notes.read', $this->getUser()))
$this->fail(14, "No access");
if(!$note->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$arr = (object) [
"count" => $note->getCommentsCount(),

112
VKAPI/Handlers/Photos.php
View file

@ -3,7 +3,7 @@ namespace openvk\VKAPI\Handlers;
use Nette\InvalidStateException;
use Nette\Utils\ImageException;
use openvk\Web\Models\Entities\{Photo, Album, Comment};
use openvk\Web\Models\Entities\{Photo, Album, Comment, Club};
use openvk\Web\Models\Repositories\Albums;
use openvk\Web\Models\Repositories\Photos as PhotosRepo;
use openvk\Web\Models\Repositories\Clubs;
@ -54,7 +54,7 @@ final class Photos extends VKAPIRequestHandler
if($owner_id < 0) {
$club = (new Clubs)->get(abs($owner_id));
if(!$club)
if(!$club || $club->isDeleted())
$this->fail(0404, "Club not found");
else if(!$club->canBeModifiedBy($this->getUser()))
$this->fail(200, "Access: Club can't be 'written' by user");
@ -106,7 +106,7 @@ final class Photos extends VKAPIRequestHandler
$album = NULL;
if(!is_null($group_id)) {
$club = (new Clubs)->get(abs($group_id));
if(!$club)
if(!$club || $club->isDeleted())
$this->fail(0404, "Club not found");
else if(!$club->canBeModifiedBy($this->getUser()))
$this->fail(200, "Access: Club can't be 'written' by user");
@ -239,7 +239,7 @@ final class Photos extends VKAPIRequestHandler
if($group_id != 0) {
$club = (new Clubs)->get((int) $group_id);
if(!$club || !$club->canBeModifiedBy($this->getUser())) {
if(!$club || !$club->canBeModifiedBy($this->getUser()) || $club->isDeleted()) {
$this->fail(20, "Invalid club");
}
}
@ -273,6 +273,10 @@ final class Photos extends VKAPIRequestHandler
$this->fail(40, "You can't change system album");
}
if($album->getOwner()->isDeleted()) {
$this->fail(24, "User or club was deleted");
}
if(!$album->canBeModifiedBy($this->getUser())) {
$this->fail(2, "Access to album denied");
}
@ -301,12 +305,18 @@ final class Photos extends VKAPIRequestHandler
"items" => []
];
if(!$user || $user->isDeleted())
if(!$user)
$this->fail(2, "Invalid user");
if($user->isDeleted()) {
$this->fail(66, "User was deleted");
}
if(!$user->canBeViewedBy($this->getUser() ?? NULL))
$this->fail(8, "Access denied");
if(!$user->getPrivacyPermission('photos.read', $this->getUser()))
$this->fail(21, "This user chose to hide his albums.");
$this->fail(21, "Access denied: This user chose to hide his albums.");
$albums = array_slice(iterator_to_array((new Albums)->getUserAlbums($user, 1, $count + $offset)), $offset);
@ -326,6 +336,10 @@ final class Photos extends VKAPIRequestHandler
if(!$club)
$this->fail(2, "Invalid club");
if($club->isDeleted()) {
$this->fail(66, "Club was deleted");
}
$albums = array_slice(iterator_to_array((new Albums)->getClubAlbums($club, 1, $count + $offset)), $offset);
@ -348,6 +362,9 @@ final class Photos extends VKAPIRequestHandler
$id = explode("_", $album);
$album = (new Albums)->getAlbumByOwnerAndId((int)$id[0], (int)$id[1]);
if($album->getOwner()->isDeleted()) continue;
if($album && !$album->isDeleted()) {
if(!$need_system && $album->isCreatedBySystem()) continue;
$res["items"][] = $album->toVkApiStruct($this->getUser(), $need_covers, $photo_sizes);
@ -370,12 +387,16 @@ final class Photos extends VKAPIRequestHandler
if($user_id > 0) {
$us = (new UsersRepo)->get($user_id);
if(!$us || $us->isDeleted()) {
$this->fail(21, "Invalid user");
}
if(!$us->canBeViewedBy($this->getUser() ?? NULL))
$this->fail(8, "Access denied");
if(!$us->getPrivacyPermission('photos.read', $this->getUser())) {
$this->fail(21, "This user chose to hide his albums.");
$this->fail(21, "Access denied: This user chose to hide his albums.");
}
return (new Albums)->getUserAlbumsCount($us);
@ -384,12 +405,17 @@ final class Photos extends VKAPIRequestHandler
if($group_id > 0)
{
$cl = (new Clubs)->get($group_id);
if(!$cl) {
if(!$cl || $cl->isDeleted()) {
$this->fail(21, "Invalid club");
}
return (new Albums)->getClubAlbumsCount($cl);
}
if($group_id < 0) {
$this->fail(88, "Remove - bruh");
}
}
function getById(string $photos, bool $extended = false, bool $photo_sizes = false)
@ -416,6 +442,10 @@ final class Photos extends VKAPIRequestHandler
$this->fail(21, "This user chose to hide his photos.");
}
if(!$photo->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$res[] = $photo->toVkApiStruct($photo_sizes, $extended);
}
@ -432,12 +462,16 @@ final class Photos extends VKAPIRequestHandler
if(empty($photo_ids)) {
$album = (new Albums)->getAlbumByOwnerAndId($owner_id, $album_id);
if(!$album || $album->isDeleted()) {
$this->fail(21, "Invalid album");
}
if(!$album->getOwner()->getPrivacyPermission('photos.read', $this->getUser())) {
$this->fail(21, "This user chose to hide his albums.");
}
if(!$album || $album->isDeleted()) {
$this->fail(21, "Invalid album");
if(!$album->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$photos = array_slice(iterator_to_array($album->getPhotos(1, $count + $offset)), $offset);
@ -451,20 +485,29 @@ final class Photos extends VKAPIRequestHandler
} else {
$photos = explode(',', $photo_ids);
$res = [
"count" => sizeof($photos),
"items" => []
];
$items = [];
$count = 0;
foreach($photos as $photo)
{
$id = explode("_", $photo);
$phot = (new PhotosRepo)->getByOwnerAndVID((int)$id[0], (int)$id[1]);
if($phot && !$phot->isDeleted()) {
$res["items"][] = $phot->toVkApiStruct($photo_sizes, $extended);
if(!$phot->canBeViewedBy($this->getUser() ?? NULL)) {
continue;
}
$count += 1;
$items[] = $phot->toVkApiStruct($photo_sizes, $extended);
}
}
$res = [
"count" => $count,
"items" => $items
];
}
return $res;
@ -485,6 +528,10 @@ final class Photos extends VKAPIRequestHandler
$this->fail(22, "Album already deleted");
}
if($album->getOwner()->isDeleted()) {
$this->fail(1, "No escape");
}
$album->delete();
return 1;
@ -505,6 +552,10 @@ final class Photos extends VKAPIRequestHandler
$this->fail(21, "Photo is deleted");
}
if($photo->getAlbum() && $photo->getAlbum()->getOwner()->isDeleted()) {
$this->fail(2, "Owner is deleted");
}
if(!empty($caption)) {
$photo->setDescription($caption);
$photo->save();
@ -601,7 +652,7 @@ final class Photos extends VKAPIRequestHandler
$photo = (new PhotosRepo)->getByOwnerAndVID($owner_id, $photo_id);
if(!$photo->getAlbum()->getOwner()->getPrivacyPermission('photos.read', $this->getUser())) {
if($photo->getAlbum() && $photo->getAlbum()->getOwner() instanceof User && !$photo->getOwner()->getPrivacyPermission('photos.read', $this->getUser())) {
$this->fail(21, "This user chose to hide his albums.");
}
@ -609,6 +660,14 @@ final class Photos extends VKAPIRequestHandler
$this->fail(180, "Photo not found");
if($photo->isDeleted())
$this->fail(189, "Photo is deleted");
if(!$photo->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
if($photo->getAlbum() && $photo->getAlbum()->getOwner()->isDeleted()) {
$this->fail(18, "Owner is deleted");
}
$comment = new Comment;
$comment->setOwner($this->getUser()->getId());
@ -683,11 +742,15 @@ final class Photos extends VKAPIRequestHandler
$this->fail(21, "This user chose to hide his albums.");
}
if(!$user->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$photos = array_slice(iterator_to_array((new PhotosRepo)->getEveryUserPhoto($user, 1, $count + $offset)), $offset);
$res = [];
foreach($photos as $photo) {
if(!$photo || $photo->isDeleted()) continue;
if(!$photo || $photo->isDeleted() || $photo->isAnonymous()) continue;
$res["items"][] = $photo->toVkApiStruct($photo_sizes, $extended);
}
@ -700,13 +763,14 @@ final class Photos extends VKAPIRequestHandler
$this->willExecuteWriteAction();
$photo = (new PhotosRepo)->getByOwnerAndVID($owner_id, $photo_id);
$comms = array_slice(iterator_to_array($photo->getComments(1, $offset + $count)), $offset);
if(!$photo) {
$this->fail(4, "Invalid photo");
}
if(!$photo->getAlbum()->getOwner()->getPrivacyPermission('photos.read', $this->getUser())) {
$comms = array_slice(iterator_to_array($photo->getComments(1, $offset + $count)), $offset);
if(!$photo->getOwner()->getPrivacyPermission('photos.read', $this->getUser())) {
$this->fail(21, "This user chose to hide his photos.");
}
@ -714,6 +778,14 @@ final class Photos extends VKAPIRequestHandler
$this->fail(4, "Photo is deleted");
}
if($photo->getOwner()->isDeleted()) {
$this->fail(4, "Owner is deleted");
}
if(!$photo->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$res = [
"count" => sizeof($comms),
"items" => []

342
VKAPI/Handlers/Users.php
View file

@ -7,170 +7,205 @@ final class Users extends VKAPIRequestHandler
{
function get(string $user_ids = "0", string $fields = "", int $offset = 0, int $count = 100, User $authuser = null /* костыль(( */): array
{
if($authuser == NULL) $authuser = $this->getUser();
if($authuser == NULL) $authuser = $this->getUser();
$users = new UsersRepo;
if($user_ids == "0")
$user_ids = (string) $authuser->getId();
if($user_ids == "0")
$user_ids = (string) $authuser->getId();
$usrs = explode(',', $user_ids);
$response = array();
$ic = sizeof($usrs);
if(sizeof($usrs) > $count)
$ic = $count;
$ic = $count;
$usrs = array_slice($usrs, $offset * $count);
for($i=0; $i < $ic; $i++) {
if($usrs[$i] != 0) {
$usr = $users->get((int) $usrs[$i]);
if(is_null($usr) || $usr->isDeleted()) {
$response[$i] = (object)[
"id" => (int) $usrs[$i],
"first_name" => "DELETED",
"last_name" => "",
"deactivated" => "deleted"
];
} else if($usr->isBanned()) {
$response[$i] = (object)[
"id" => $usr->getId(),
"first_name" => $usr->getFirstName(),
"last_name" => $usr->getLastName(),
"deactivated" => "banned",
"ban_reason" => $usr->getBanReason()
];
} else if($usrs[$i] == NULL) {
if($usrs[$i] != 0) {
$usr = $users->get((int) $usrs[$i]);
if(is_null($usr) || $usr->isDeleted()) {
$response[$i] = (object)[
"id" => (int) $usrs[$i],
"first_name" => "DELETED",
"last_name" => "",
"deactivated" => "deleted"
];
} else if($usr->isBanned()) {
$response[$i] = (object)[
"id" => $usr->getId(),
"first_name" => $usr->getFirstName(),
"last_name" => $usr->getLastName(),
"deactivated" => "banned",
"ban_reason" => $usr->getBanReason()
];
} else if($usrs[$i] == NULL) {
} else {
$response[$i] = (object)[
"id" => $usr->getId(),
"first_name" => $usr->getFirstName(),
"last_name" => $usr->getLastName(),
"is_closed" => false,
"can_access_closed" => true,
];
} else {
$response[$i] = (object)[
"id" => $usr->getId(),
"first_name" => $usr->getFirstName(),
"last_name" => $usr->getLastName(),
"is_closed" => $usr->isClosed(),
"can_access_closed" => $usr->canBeViewedBy($authuser),
];
$flds = explode(',', $fields);
$flds = explode(',', $fields);
foreach($flds as $field) {
switch($field) {
case "verified":
$response[$i]->verified = intval($usr->isVerified());
break;
case "sex":
$response[$i]->sex = $usr->isFemale() ? 1 : 2;
break;
case "has_photo":
$response[$i]->has_photo = is_null($usr->getAvatarPhoto()) ? 0 : 1;
break;
case "photo_max_orig":
$response[$i]->photo_max_orig = $usr->getAvatarURL();
break;
case "photo_max":
$response[$i]->photo_max = $usr->getAvatarURL("original");
break;
case "photo_50":
$response[$i]->photo_50 = $usr->getAvatarURL();
break;
case "photo_100":
$response[$i]->photo_100 = $usr->getAvatarURL("tiny");
break;
case "photo_200":
$response[$i]->photo_200 = $usr->getAvatarURL("normal");
break;
case "photo_200_orig": # вообще не ебу к чему эта строка ну пусть будет кек
$response[$i]->photo_200_orig = $usr->getAvatarURL("normal");
break;
case "photo_400_orig":
$response[$i]->photo_400_orig = $usr->getAvatarURL("normal");
break;
# Она хочет быть выебанной видя матан
# Покайфу когда ты Виет а вокруг лишь дискриминант
foreach($flds as $field) {
switch($field) {
case "verified":
$response[$i]->verified = intval($usr->isVerified());
break;
case "sex":
$response[$i]->sex = $usr->isFemale() ? 1 : 2;
break;
case "has_photo":
$response[$i]->has_photo = is_null($usr->getAvatarPhoto()) ? 0 : 1;
break;
case "photo_max_orig":
$response[$i]->photo_max_orig = $usr->getAvatarURL();
break;
case "photo_max":
$response[$i]->photo_max = $usr->getAvatarURL("original");
break;
case "photo_50":
$response[$i]->photo_50 = $usr->getAvatarURL();
break;
case "photo_100":
$response[$i]->photo_100 = $usr->getAvatarURL("tiny");
break;
case "photo_200":
$response[$i]->photo_200 = $usr->getAvatarURL("normal");
break;
case "photo_200_orig": # вообще не ебу к чему эта строка ну пусть будет кек
$response[$i]->photo_200_orig = $usr->getAvatarURL("normal");
break;
case "photo_400_orig":
$response[$i]->photo_400_orig = $usr->getAvatarURL("normal");
break;
# Она хочет быть выебанной видя матан
# Покайфу когда ты Виет а вокруг лишь дискриминант
# ору а когда я это успел написать
# вова кстати не матерись в коде мамка же спалит азщазаззазщазазаззазазазх
case "status":
if($usr->getStatus() != NULL)
$response[$i]->status = $usr->getStatus();
break;
case "screen_name":
if($usr->getShortCode() != NULL)
$response[$i]->screen_name = $usr->getShortCode();
break;
case "friend_status":
switch($usr->getSubscriptionStatus($authuser)) {
case 3:
# NOTICE falling through
case 0:
$response[$i]->friend_status = $usr->getSubscriptionStatus($authuser);
break;
case 1:
$response[$i]->friend_status = 2;
break;
case 2:
$response[$i]->friend_status = 1;
break;
}
break;
case "last_seen":
if ($usr->onlineStatus() == 0) {
$platform = $usr->getOnlinePlatform(true);
switch ($platform) {
case 'iphone':
$platform = 2;
break;
# ору а когда я это успел написать
# вова кстати не матерись в коде мамка же спалит азщазаззазщазазаззазазазх
case "status":
if($usr->getStatus() != NULL)
$response[$i]->status = $usr->getStatus();
break;
case "screen_name":
if($usr->getShortCode() != NULL)
$response[$i]->screen_name = $usr->getShortCode();
break;
case "friend_status":
switch($usr->getSubscriptionStatus($authuser)) {
case 3:
# NOTICE falling through
case 0:
$response[$i]->friend_status = $usr->getSubscriptionStatus($authuser);
break;
case 1:
$response[$i]->friend_status = 2;
break;
case 2:
$response[$i]->friend_status = 1;
break;
}
break;
case "last_seen":
if ($usr->onlineStatus() == 0) {
$platform = $usr->getOnlinePlatform(true);
switch ($platform) {
case 'iphone':
$platform = 2;
break;
case 'android':
$platform = 4;
break;
case 'android':
$platform = 4;
break;
case NULL:
$platform = 7;
break;
default:
$platform = 1;
break;
}
case NULL:
$platform = 7;
break;
default:
$platform = 1;
break;
}
$response[$i]->last_seen = (object) [
"platform" => $platform,
"time" => $usr->getOnline()->timestamp()
];
}
case "music":
$response[$i]->music = $usr->getFavoriteMusic();
break;
case "movies":
$response[$i]->movies = $usr->getFavoriteFilms();
break;
case "tv":
$response[$i]->tv = $usr->getFavoriteShows();
break;
case "books":
$response[$i]->books = $usr->getFavoriteBooks();
break;
case "city":
$response[$i]->city = $usr->getCity();
break;
case "interests":
$response[$i]->interests = $usr->getInterests();
break;
case "rating":
$response[$i]->rating = $usr->getRating();
break;
}
}
$response[$i]->last_seen = (object) [
"platform" => $platform,
"time" => $usr->getOnline()->timestamp()
];
}
case "music":
if($usr->canBeViewedBy($authuser) && $usr->getPrivacyPermission("page.info.read", $authuser)) {
$response[$i]->music = $usr->getFavoriteMusic();
} else {
$response[$i]->music = "secret";
}
break;
case "movies":
if($usr->canBeViewedBy($authuser) && $usr->getPrivacyPermission("page.info.read", $authuser)) {
$response[$i]->movies = $usr->getFavoriteFilms();
} else {
$response[$i]->movies = "secret";
}
if($usr->getOnline()->timestamp() + 300 > time())
$response[$i]->online = 1;
else
$response[$i]->online = 0;
}
}
break;
case "tv":
if($usr->canBeViewedBy($authuser) && $usr->getPrivacyPermission("page.info.read", $authuser)) {
$response[$i]->tv = $usr->getFavoriteShows();
} else {
$response[$i]->tv = "secret";
}
break;
case "books":
if($usr->canBeViewedBy($authuser) && $usr->getPrivacyPermission("page.info.read", $authuser)) {
$response[$i]->books = $usr->getFavoriteBooks();
} else {
$response[$i]->books = "secret";
}
break;
case "city":
if($usr->canBeViewedBy($authuser) && $usr->getPrivacyPermission("page.info.read", $authuser)) {
$response[$i]->city = $usr->getCity();
} else {
$response[$i]->city = "secret";
}
break;
case "interests":
if($usr->canBeViewedBy($authuser) && $usr->getPrivacyPermission("page.info.read", $authuser)) {
$response[$i]->interests = $usr->getInterests();
} else {
$response[$i]->interests = "secret";
}
break;
case "rating":
if($usr->canBeViewedBy($authuser)) {
$response[$i]->rating = $usr->getRating();
} else {
$response[$i]->rating = "secret";
}
break;
}
}
if($usr->getOnline()->timestamp() + 300 > time())
$response[$i]->online = 1;
else
$response[$i]->online = 0;
}
}
}
return $response;
@ -184,14 +219,24 @@ final class Users extends VKAPIRequestHandler
$users = new UsersRepo;
$this->requireUser();
$user = $users->get($user_id);
foreach($users->get($user_id)->getFollowers($offset, $count) as $follower)
if(!$user || $user->isDeleted()) {
$this->fail(4, "User deleted");
}
if(!$user->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
foreach($user->getFollowers($offset, $count) as $follower)
$followers[] = $follower->getId();
$response = $followers;
if(!is_null($fields))
$response = $this->get(implode(',', $followers), $fields, 0, $count);
$response = $this->get(implode(',', $followers), $fields, 0, $count);
return (object) [
"count" => $users->get($user_id)->getFollowersCount(),
@ -277,6 +322,7 @@ final class Users extends VKAPIRequestHandler
"fav_shows" => !empty($fav_shows) ? $fav_shows : NULL,
"fav_books" => !empty($fav_books) ? $fav_books : NULL,
"fav_quotes" => !empty($fav_quotes) ? $fav_quotes : NULL,
"doNotShowPrivate" => true
];
$find = $users->find($q, $parameters, $sortg);
@ -285,8 +331,8 @@ final class Users extends VKAPIRequestHandler
$array[] = $user->getId();
return (object) [
"count" => $find->size(),
"items" => $this->get(implode(',', $array), $nfilds, $offset, $count)
"count" => $find->size(),
"items" => $this->get(implode(',', $array), $nfilds, $offset, $count)
];
}
}

20
VKAPI/Handlers/Video.php
View file

@ -11,11 +11,11 @@ use openvk\Web\Models\Repositories\Comments as CommentsRepo;
final class Video extends VKAPIRequestHandler
{
function get(int $owner_id, string $videos, int $offset = 0, int $count = 30, int $extended = 0): object
function get(int $owner_id, string $videos = "", int $offset = 0, int $count = 30, int $extended = 0): object
{
$this->requireUser();
if ($videos) {
if(!empty($videos)) {
$vids = explode(',', $videos);
foreach($vids as $vid)
@ -26,6 +26,10 @@ final class Video extends VKAPIRequestHandler
$video = (new VideosRepo)->getByOwnerAndVID(intval($id[0]), intval($id[1]));
if($video) {
if(!$video->canBeViewedBy($this->getUser() ?? NULL)) {
continue;
}
$items[] = $video->getApiStructure();
}
}
@ -36,15 +40,23 @@ final class Video extends VKAPIRequestHandler
];
} else {
if ($owner_id > 0)
$user = (new UsersRepo)->get($owner_id);
$user = (new UsersRepo)->get($owner_id);
else
$this->fail(1, "Not implemented");
$this->fail(1, "Not implemented");
if(!$user->getPrivacyPermission('videos.read', $this->getUser())) {
$this->fail(20, "Access denied: this user chose to hide his videos");
}
$videos = (new VideosRepo)->getByUser($user, $offset + 1, $count);
$videosCount = (new VideosRepo)->getUserVideosCount($user);
$items = [];
foreach ($videos as $video) {
if(!$video->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$items[] = $video->getApiStructure();
}

115
VKAPI/Handlers/Wall.php
View file

@ -30,16 +30,16 @@ final class Wall extends VKAPIRequestHandler
$cnt = $posts->getPostCountOnUserWall($owner_id);
if ($owner_id > 0)
$wallOnwer = (new UsersRepo)->get($owner_id);
$wallOwner = (new UsersRepo)->get($owner_id);
else
$wallOnwer = (new ClubsRepo)->get($owner_id * -1);
$wallOwner = (new ClubsRepo)->get($owner_id * -1);
if(!$wallOwner || $wallOwner->isDeleted())
$this->fail(18, "User or club was deleted or banned");
if ($owner_id > 0)
if(!$wallOnwer || $wallOnwer->isDeleted())
$this->fail(18, "User was deleted or banned");
else
if(!$wallOnwer)
$this->fail(15, "Access denied: wall is disabled"); // Don't search for logic here pls
if(!$wallOwner->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(2, "Access denied");
}
foreach($posts->getPostsFromUsersWall($owner_id, 1, $count, $offset) as $post) {
$from_id = get_class($post->getOwner()) == "openvk\Web\Models\Entities\Club" ? $post->getOwner()->getId() * (-1) : $post->getOwner()->getId();
@ -61,6 +61,14 @@ final class Wall extends VKAPIRequestHandler
} else if ($attachment instanceof \openvk\Web\Models\Entities\Post) {
$repostAttachments = [];
if(!$attachment->canBeViewedBy($this->getUser())) {
$repost[] = [
"err" => "Access to attachment denied"
];
continue;
}
foreach($attachment->getChildren() as $repostAttachment) {
if($repostAttachment instanceof \openvk\Web\Models\Entities\Photo) {
if($repostAttachment->isDeleted())
@ -164,8 +172,8 @@ final class Wall extends VKAPIRequestHandler
"first_name" => $user->getFirstName(),
"id" => $user->getId(),
"last_name" => $user->getLastName(),
"can_access_closed" => false,
"is_closed" => false,
"can_access_closed" => $user->canBeViewedBy($this->getUser()),
"is_closed" => $user->isClosed(),
"sex" => $user->isFemale() ? 1 : 2,
"screen_name" => $user->getShortCode(),
"photo_50" => $user->getAvatarUrl(),
@ -182,6 +190,8 @@ final class Wall extends VKAPIRequestHandler
"name" => $group->getName(),
"screen_name" => $group->getShortCode(),
"is_closed" => 0,
"is_deleted" => $group->isDeleted(),
"is_banned" => $group->isBanned(),
"type" => "group",
"photo_50" => $group->getAvatarUrl(),
"photo_100" => $group->getAvatarUrl(),
@ -219,7 +229,13 @@ final class Wall extends VKAPIRequestHandler
foreach($psts as $pst) {
$id = explode("_", $pst);
$post = (new PostsRepo)->getPostById(intval($id[0]), intval($id[1]));
if($post && !$post->isDeleted()) {
if(!$post || $post->getWallOwner()->isDeleted()) continue;
if(!$post->canBeViewedBy($this->getUser() ?? NULL)) {
continue;
}
if(!$post->isDeleted()) {
$from_id = get_class($post->getOwner()) == "openvk\Web\Models\Entities\Club" ? $post->getOwner()->getId() * (-1) : $post->getOwner()->getId();
$attachments = [];
$repost = []; // чел высрал семь сигарет 😳 помянем 🕯
@ -235,6 +251,14 @@ final class Wall extends VKAPIRequestHandler
} else if ($attachment instanceof \openvk\Web\Models\Entities\Post) {
$repostAttachments = [];
if(!$attachment->canBeViewedBy($this->getUser())) {
$repost[] = [
"err" => "Access to attachment denied"
];
continue;
}
foreach($attachment->getChildren() as $repostAttachment) {
if($repostAttachment instanceof \openvk\Web\Models\Entities\Photo) {
if($attachment->isDeleted())
@ -340,8 +364,8 @@ final class Wall extends VKAPIRequestHandler
"first_name" => $user->getFirstName(),
"id" => $user->getId(),
"last_name" => $user->getLastName(),
"can_access_closed" => false,
"is_closed" => false,
"can_access_closed" => $user->canBeViewedBy($this->getUser()),
"is_closed" => $user->isClosed(),
"sex" => $user->isFemale() ? 1 : 2,
"screen_name" => $user->getShortCode(),
"photo_50" => $user->getAvatarUrl(),
@ -359,6 +383,8 @@ final class Wall extends VKAPIRequestHandler
"screen_name" => $group->getShortCode(),
"is_closed" => 0,
"type" => "group",
"is_deleted" => (int)$group->isDeleted(),
"is_banned" => (int)$group->isBanned(),
"photo_50" => $group->getAvatarUrl(),
"photo_100" => $group->getAvatarUrl(),
"photo_200" => $group->getAvatarUrl(),
@ -387,12 +413,16 @@ final class Wall extends VKAPIRequestHandler
$wallOwner = ($owner_id > 0 ? (new UsersRepo)->get($owner_id) : (new ClubsRepo)->get($owner_id * -1))
?? $this->fail(18, "User was deleted or banned");
if($owner_id > 0)
$canPost = $wallOwner->getPrivacyPermission("wall.write", $this->getUser());
$canPost = $wallOwner->getPrivacyPermission("wall.write", $this->getUser()) && $wallOwner->canBeViewedBy($this->getUser() ?? NULL);
else if($owner_id < 0)
if($wallOwner->canBeModifiedBy($this->getUser()))
$canPost = true;
else
$canPost = $wallOwner->canPost();
if(!$wallOwner->isDeleted()) {
if($wallOwner->canBeModifiedBy($this->getUser()))
$canPost = true;
else
$canPost = $wallOwner->canPost();
} else {
$canPost = false;
}
else
$canPost = false;
@ -506,12 +536,16 @@ final class Wall extends VKAPIRequestHandler
$post = (new PostsRepo)->getPostById((int) $postArray[1], (int) $postArray[2]);
if(!$post || $post->isDeleted()) $this->fail(100, "One of the parameters specified was missing or invalid");
if(!$post->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(12, "Access denied");
}
$nPost = new Post;
$nPost->setOwner($this->user->getId());
if($group_id > 0) {
$club = (new ClubsRepo)->get($group_id);
if(!$club)
if(!$club || $club->isDeleted())
$this->fail(42, "Invalid group");
if(!$club->canBeModifiedBy($this->user))
@ -544,6 +578,14 @@ final class Wall extends VKAPIRequestHandler
$post = (new PostsRepo)->getPostById($owner_id, $post_id);
if(!$post || $post->isDeleted()) $this->fail(100, "One of the parameters specified was missing or invalid");
if($post->getWallOwner()->isDeleted()) {
$this->fail(10, "Owner was deleted");
}
if(!$post->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$comments = (new CommentsRepo)->getCommentsByTarget($post, $offset+1, $count, $sort == "desc" ? "DESC" : "ASC");
@ -551,6 +593,8 @@ final class Wall extends VKAPIRequestHandler
$profiles = [];
foreach($comments as $comment) {
if(!$comment || $comment->isDeleted()) continue;
$owner = $comment->getOwner();
$oid = $owner->getId();
if($owner instanceof Club)
@ -561,6 +605,8 @@ final class Wall extends VKAPIRequestHandler
foreach($comment->getChildren() as $attachment) {
if($attachment instanceof \openvk\Web\Models\Entities\Photo) {
$attachments[] = $this->getApiPhoto($attachment);
} elseif($attachment instanceof \openvk\Web\Models\Entities\Video) {
$attachments[] = $attachment->toVkApiStruct();
} elseif($attachment instanceof \openvk\Web\Models\Entities\Note) {
$attachments[] = $attachment->toVkApiStruct();
}
@ -622,6 +668,18 @@ final class Wall extends VKAPIRequestHandler
$comment = (new CommentsRepo)->get($comment_id); # один хуй айди всех комментов общий
if(!$comment || $comment->isDeleted()) {
$this->fail(1, "Comment does not exists");
}
if($comment->getTarget()->getWallOwner()->isDeleted()) {
$this->fail(10, "Target's owner was deleted or banned");
}
if(!$comment->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
$profiles = [];
$attachments = [];
@ -629,6 +687,10 @@ final class Wall extends VKAPIRequestHandler
foreach($comment->getChildren() as $attachment) {
if($attachment instanceof \openvk\Web\Models\Entities\Photo) {
$attachments[] = $this->getApiPhoto($attachment);
} elseif($attachment instanceof \openvk\Web\Models\Entities\Video) {
$attachments[] = $attachment->toVkApiStruct();
} elseif($attachment instanceof \openvk\Web\Models\Entities\Note) {
$attachments[] = $attachment->toVkApiStruct();
}
}
@ -683,6 +745,14 @@ final class Wall extends VKAPIRequestHandler
$post = (new PostsRepo)->getPostById($owner_id, $post_id);
if(!$post || $post->isDeleted()) $this->fail(100, "Invalid post");
if($post->getWallOwner()->isDeleted()) {
$this->fail(10, "Owner was deleted or banned");
}
if(!$post->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
if($post->getTargetWall() < 0)
$club = (new ClubsRepo)->get(abs($post->getTargetWall()));
@ -765,7 +835,12 @@ final class Wall extends VKAPIRequestHandler
$this->willExecuteWriteAction();
$comment = (new CommentsRepo)->get($comment_id);
if(!$comment) $this->fail(100, "One of the parameters specified was missing or invalid");;
if(!$comment) $this->fail(100, "One of the parameters specified was missing or invalid");
if(!$comment->getTarget()->getWallOwner()->canBeViewedBy($this->getUser() ?? NULL)) {
$this->fail(8, "Access denied");
}
if(!$comment->canBeDeletedBy($this->user))
$this->fail(7, "Access denied");

15
Web/Models/Entities/Album.php
View file

@ -93,4 +93,19 @@ class Album extends MediaCollection
return $res;
}
function canBeViewedBy(?User $user = NULL): bool
{
if($this->isDeleted()) {
return false;
}
$owner = $this->getOwner();
if(get_class($owner) == "openvk\\Web\\Models\\Entities\\User") {
return $owner->canBeViewedBy($user) && $owner->getPrivacyPermission('photos.read', $user);
} else {
return $owner->canBeViewedBy($user);
}
}
}

47
Web/Models/Entities/Club.php
View file

@ -43,7 +43,15 @@ class Club extends RowModel
$serverUrl = ovk_scheme(true) . $_SERVER["HTTP_HOST"];
$avPhoto = $this->getAvatarPhoto();
return is_null($avPhoto) ? "$serverUrl/assets/packages/static/openvk/img/camera_200.png" : $avPhoto->getURLBySizeId($size);
if($this->isBanned()) {
return "$serverUrl/assets/packages/static/openvk/img/banned_club_200.png";
}
if($this->isDeleted()) {
return "$serverUrl/assets/packages/static/openvk/img/deleted_club_200.png";
}
return is_null($avPhoto) ? "$serverUrl/assets/packages/static/openvk/img/club_200.png" : $avPhoto->getURLBySizeId($size);
}
function getAvatarLink(): string
@ -143,11 +151,30 @@ class Club extends RowModel
return (bool) $this->getRecord()->hide_from_global_feed;
}
function isDeleted(): bool
{
return (bool) $this->getRecord()->deleted;
}
function isClosed(): bool
{
return false;
}
function getType(): int
{
return $this->getRecord()->type;
}
function canBeViewedBy(?User $user = NULL)
{
if($this->isDeleted()) {
return false;
} else {
return true;
}
}
function isVerified(): bool
{
return (bool) $this->getRecord()->verified;
@ -155,12 +182,17 @@ class Club extends RowModel
function isBanned(): bool
{
return !is_null($this->getBanReason());
return $this->isDeleted() && $this->hasBlockReason();
}
function hasBlockReason(): bool
{
return !is_null($this->getBanReason()) && !empty($this->getBanReason());
}
function canPost(): bool
{
return (bool) $this->getRecord()->wall;
return (bool) $this->getRecord()->wall;
}
@ -351,9 +383,9 @@ class Club extends RowModel
}
function getWebsite(): ?string
{
return $this->getRecord()->website;
}
{
return $this->getRecord()->website;
}
function getAlert(): ?string
{
@ -386,6 +418,9 @@ class Club extends RowModel
$res->can_post = $this->canBeModifiedBy($user) ? 1 : $this->canPost() ? 1 : 0;
$res->is_deleted = (int)$this->isDeleted();
$res->is_banned = (int)$this->isBanned();
return (object) $res;
}

10
Web/Models/Entities/Comment.php
View file

@ -85,4 +85,14 @@ class Comment extends Post
}
return $res;
}
function canBeViewedBy(?User $user = NULL): bool
{
# по понятным причинам не проверяем удалённость овнера
if($this->isDeleted() || $this->getTarget()->isDeleted()) {
return false;
}
return $this->getTarget()->canBeViewedBy($user);
}
}

9
Web/Models/Entities/Note.php
View file

@ -138,4 +138,13 @@ class Note extends Postable
return $res;
}
function canBeViewedBy(?User $user = NULL): bool
{
if($this->isDeleted() || $this->getOwner()->isDeleted()) {
return false;
}
return $this->getOwner()->getPrivacyPermission('notes.read', $user) && $this->getOwner()->canBeViewedBy($user);
}
}

13
Web/Models/Entities/Photo.php
View file

@ -347,4 +347,17 @@ class Photo extends Media
return $photo;
}
function canBeViewedBy(?User $user = NULL): bool
{
if($this->isDeleted() || $this->getOwner()->isDeleted()) {
return false;
}
if(!is_null($this->getAlbum())) {
return $this->getAlbum()->canBeViewedBy($user);
} else {
return $this->getOwner()->canBeViewedBy($user);
}
}
}

5
Web/Models/Entities/Poll.php
View file

@ -292,4 +292,9 @@ class Poll extends Attachable
]);
}
}
function canBeViewedBy(?User $user): bool
{
return true;
}
}

10
Web/Models/Entities/Post.php
View file

@ -245,6 +245,16 @@ class Post extends Postable
$this->unwire();
$this->save();
}
function canBeViewedBy(?User $user = NULL): bool
{
if($this->isDeleted()) {
return false;
}
# родительский контроль в openvk
return $this->getWallOwner()->canBeViewedBy($user);
}
use Traits\TRichText;
}

9
Web/Models/Entities/Topic.php
View file

@ -90,6 +90,15 @@ class Topic extends Postable
$this->save();
}
function canBeViewedBy(?User $user = NULL): bool
{
if($this->isDeleted() || $this->getClub()->isDeleted()) {
return false;
}
return true;
}
function toVkApiStruct(int $preview = 0, int $preview_length = 90): object
{
$res = (object)[];

9
Web/Models/Entities/Traits/TOwnable.php
View file

@ -4,6 +4,15 @@ use openvk\Web\Models\Entities\User;
trait TOwnable
{
function canBeViewedBy(?User $user = NULL): bool
{
if($this->isDeleted()) {
return false;
}
return true;
}
function canBeModifiedBy(User $user): bool
{
if(method_exists($this, "isCreatedBySystem"))

77
Web/Models/Entities/User.php
View file

@ -148,7 +148,7 @@ class User extends RowModel
function getFirstName(bool $pristine = false): string
{
$name = ($this->isDeleted() && !$this->isDeactivated() ? "DELETED" : mb_convert_case($this->getRecord()->first_name, MB_CASE_TITLE));
$tsn = tr("__transNames");
$tsn = tr("__transNames");
if(( $tsn !== "@__transNames" && !empty($tsn) ) && !$pristine)
return mb_convert_case(transliterator_transliterate($tsn, $name), MB_CASE_TITLE);
else
@ -158,7 +158,7 @@ class User extends RowModel
function getLastName(bool $pristine = false): string
{
$name = ($this->isDeleted() && !$this->isDeactivated() ? "DELETED" : mb_convert_case($this->getRecord()->last_name, MB_CASE_TITLE));
$tsn = tr("__transNames");
$tsn = tr("__transNames");
if(( $tsn !== "@__transNames" && !empty($tsn) ) && !$pristine)
return mb_convert_case(transliterator_transliterate($tsn, $name), MB_CASE_TITLE);
else
@ -377,6 +377,12 @@ class User extends RowModel
return $this->getRecord()->birthday_privacy;
}
function getProfileType(): int
{
# 0 — открытый профиль, 1 — закрытый
return $this->getRecord()->profile_type;
}
function getAge(): ?int
{
return (int)floor((time() - $this->getBirthday()->timestamp()) / YEAR);
@ -392,6 +398,47 @@ class User extends RowModel
return !is_null($this->get2faSecret());
}
function canBeViewedBy(?User $user = NULL): bool
{
if(!is_null($user)) {
if($this->getId() == $user->getId()) {
return true;
}
if($user->getChandlerUser()->can("access")->model("admin")->whichBelongsTo(NULL)) {
return true;
}
if($this->getProfileType() == 0) {
return true;
} else {
if($user->getSubscriptionStatus($this) == User::SUBSCRIPTION_MUTUAL) {
return true;
} else {
return false;
}
}
} else {
if($this->getProfileType() == 0) {
if($this->getPrivacySetting("page.read") == 3) {
return true;
} else {
return false;
}
} else {
return false;
}
}
return true;
}
function isClosed()
{
return (bool) $this->getProfileType();
}
function updateNotificationOffset(): void
{
$this->stateChanges("notification_offset", time());
@ -480,10 +527,10 @@ class User extends RowModel
$total = max(100 - $incompleteness + $this->getRating(), 0);
if(ovkGetQuirk("profile.rating-bar-behaviour") === 0)
if ($total >= 100)
if ($total >= 100)
$percent = round(($total / 10**strlen(strval($total))) * 100, 0);
else
$percent = min($total, 100);
$percent = min($total, 100);
return (object) [
"total" => $total,
@ -904,9 +951,9 @@ class User extends RowModel
{
if(!empty($lastName))
{
$lastName = mb_convert_case($lastName, MB_CASE_TITLE);
if(!preg_match('%^[\p{Lu}\p{Lo}]\p{Mn}?([\p{L&}\p{Lo}]\p{Mn}?){1,16}(\-\g<1>+)?$%u', $lastName))
throw new InvalidUserNameException;
$lastName = mb_convert_case($lastName, MB_CASE_TITLE);
if(!preg_match('%^[\p{Lu}\p{Lo}]\p{Mn}?([\p{L&}\p{Lo}]\p{Mn}?){1,16}(\-\g<1>+)?$%u', $lastName))
throw new InvalidUserNameException;
}
$this->stateChanges("last_name", $lastName);
@ -1083,10 +1130,10 @@ class User extends RowModel
}
}
function getWebsite(): ?string
{
return $this->getRecord()->website;
}
function getWebsite(): ?string
{
return $this->getRecord()->website;
}
# ты устрица
function isActivated(): bool
@ -1110,7 +1157,7 @@ class User extends RowModel
return true;
}
function toVkApiStruct(): object
function toVkApiStruct(?User $user = NULL): object
{
$res = (object) [];
@ -1122,6 +1169,12 @@ class User extends RowModel
$res->photo_100 = $this->getAvatarURL("tiny");
$res->photo_200 = $this->getAvatarURL("normal");
$res->photo_id = !is_null($this->getAvatarPhoto()) ? $this->getAvatarPhoto()->getPrettyId() : NULL;
$res->is_closed = $this->isClosed();
if(!is_null($user)) {
$res->can_access_closed = (bool)$this->canBeViewedBy($user);
}
# TODO: Perenesti syuda vsyo ostalnoyie
return $res;

16
Web/Models/Entities/Video.php
View file

@ -148,7 +148,7 @@ class Video extends Media
"is_favorite" => false,
"player" => !$fromYoutube ? $this->getURL() : $this->getVideoDriver()->getURL(),
"files" => !$fromYoutube ? [
"mp4_480" => $this->getURL()
"mp4_480" => $this->getURL()
] : NULL,
"platform" => $fromYoutube ? "youtube" : NULL,
"added" => 0,
@ -219,4 +219,18 @@ class Video extends Media
return $video;
}
function canBeViewedBy(?User $user = NULL): bool
{
if($this->isDeleted() || $this->getOwner()->isDeleted()) {
return false;
}
if(get_class($this->getOwner()) == "openvk\\Web\\Models\\Entities\\User") {
return $this->getOwner()->canBeViewedBy($user) && $this->getOwner()->getPrivacyPermission('videos.read', $user);
} else {
# когда у видосов появятся группы
return true;
}
}
}

27
Web/Models/Repositories/Clubs.php
View file

@ -43,11 +43,32 @@ class Clubs
return $this->toClub($this->clubs->get($id));
}
function find(string $query, array $pars = [], string $sort = "id DESC", int $page = 1, ?int $perPage = NULL): \Traversable
function find(string $query, array $pars = [], string $sort = "id DESC"): \Traversable
{
$query = "%$query%";
$result = $this->clubs->where("name LIKE ? OR about LIKE ?", $query, $query);
$notNullParams = [];
$nnparamsCount = 0;
foreach($pars as $paramName => $paramValue)
if($paramName != "before" && $paramName != "after" && $paramName != "gender" && $paramName != "maritalstatus" && $paramName != "politViews" && $paramName != "doNotSearchMe")
$paramValue != NULL ? $notNullParams += ["$paramName" => "%$paramValue%"] : NULL;
else
$paramValue != NULL ? $notNullParams += ["$paramName" => "$paramValue"] : NULL;
$nnparamsCount = sizeof($notNullParams);
if($nnparamsCount > 0) {
foreach($notNullParams as $paramName => $paramValue) {
switch($paramName) {
case "doNotShowDeleted":
$result->where("deleted", 0);
break;
}
}
}
return new Util\EntityStream("Club", $result->order($sort));
}
@ -75,7 +96,7 @@ class Clubs
function getWriteableClubs(int $id): \Traversable
{
$result = $this->clubs->where("owner", $id);
$result = $this->clubs->where("owner", $id)->where("deleted", 0);
$coadmins = $this->coadmins->where("user", $id);
foreach($result as $entry) {
@ -90,7 +111,7 @@ class Clubs
function getWriteableClubsCount(int $id): int
{
return sizeof($this->clubs->where("owner", $id)) + sizeof($this->coadmins->where("user", $id));
return sizeof($this->clubs->where("owner", $id)->where("deleted", 0)) + sizeof($this->coadmins->where("user", $id));
}
use \Nette\SmartObject;

3
Web/Models/Repositories/Users.php
View file

@ -128,6 +128,9 @@ class Users
case "doNotSearchMe":
$result->where("id !=", $paramValue);
break;
case "doNotShowPrivate":
$result->where("profile_type", 0);
break;
}
}
}

75
Web/Presenters/AdminPresenter.php
View file

@ -1,7 +1,7 @@
<?php declare(strict_types=1);
namespace openvk\Web\Presenters;
use openvk\Web\Models\Entities\{Voucher, Gift, GiftCategory, User, BannedLink};
use openvk\Web\Models\Repositories\{ChandlerGroups, ChandlerUsers, Users, Clubs, Vouchers, Gifts, BannedLinks};
use openvk\Web\Models\Repositories\{ChandlerGroups, ChandlerUsers, Users, Clubs, Vouchers, Gifts, BannedLinks, Posts};
use Chandler\Database\DatabaseConnection;
final class AdminPresenter extends OpenVKPresenter
@ -122,6 +122,7 @@ final class AdminPresenter extends OpenVKPresenter
$club->setShortCode($this->postParam("shortcode"));
$club->setVerified(empty($this->postParam("verify") ? 0 : 1));
$club->setHide_From_Global_Feed(empty($this->postParam("hide_from_global_feed") ? 0 : 1));
$club->setDeleted(empty($this->postParam("deleted") ? 0 : 1));
$club->save();
break;
case "ban":
@ -547,4 +548,76 @@ final class AdminPresenter extends OpenVKPresenter
$this->redirect("/admin/users/id" . $user->getId());
}
function renderBanClub(int $id)
{
if($_SERVER["REQUEST_METHOD"] !== "POST")
$this->notFound();
$this->assertNoCSRF();
$club = $this->clubs->get($id);
if(!$club)
exit(json_encode([ "error" => "Club does not exist" ]));
$club->setDeleted(1);
$club->setHide_From_Global_Feed(1);
$club->setShortcode(NULL);
$club->setBlock_reason(!empty($this->postParam("block_reason")) && !is_null($this->postParam("block_reason")) ? $this->postParam("block_reason") : "хз");
if($this->postParam("delete_every_post") != "false") {
$count = (new Posts)->getPostCountOnUserWall($club->getId() * -1);
$posts = (new Posts)->getPostsFromUsersWall($club->getId() * -1, 1, $count);
foreach($posts as $post) {
$post->unwire();
$post->delete();
}
}
if($this->postParam("unsub_everyone") != "false") {
$followers = $club->getFollowers(1, $club->getFollowersCount());
foreach($followers as $follower) {
$club->toggleSubscription($follower);
}
}
/*
if($this->postParam("warn_owner_club") != "false") {
if($club->getOwner() && !$club->getOwner()->isDeleted()) {
$club->getOwner()->adminNotify("⚠️ " . tr("your_club_was_banned", $club->getName(), $this->postParam("block_reason")));
}*/
$club->save();
exit(json_encode([ "success" => true, "reason" => $this->queryParam("block_reason") ]));
}
function renderUnbanClub(int $id)
{
if($_SERVER["REQUEST_METHOD"] !== "POST")
$this->notFound();
$this->assertNoCSRF();
$club = $this->clubs->get($id);
if(!$club)
exit(json_encode([ "error" => "Club does not exist" ]));
/*
if($club->hasBlockReason()) {
if($club->getOwner() && !$club->getOwner()->isDeleted()) {
$club->getOwner()->adminNotify("⚠️ " . tr("your_club_was_unbanned", $club->getName()));
}
}*/
$club->setDeleted(0);
$club->setHide_From_Global_Feed(0);
$club->setBlock_reason(NULL);
$club->save();
exit(json_encode([ "success" => true]));
}
}

4
Web/Presenters/CommentPresenter.php
View file

@ -40,6 +40,10 @@ final class CommentPresenter extends OpenVKPresenter
$entity = $repo->get($eId);
if(!$entity) $this->notFound();
if(!$entity->canBeViewedBy($this->user->identity)) {
$this->flashFail("err", tr("error"), tr("forbidden"));
}
if($entity instanceof Topic && $entity->isClosed())
$this->notFound();

25
Web/Presenters/GiftsPresenter.php
View file

@ -20,9 +20,14 @@ final class GiftsPresenter extends OpenVKPresenter
$this->assertUserLoggedIn();
$user = $this->users->get($user);
if(!$user)
if(!$user || $user->isDeleted())
$this->notFound();
if(!$user->canBeViewedBy($this->user->identity ?? NULL)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
$this->redirect($user->getURL());
}
$this->template->user = $user;
$this->template->page = $page = (int) ($this->queryParam("p") ?? 1);
$this->template->count = $user->getGiftCount();
@ -33,9 +38,13 @@ final class GiftsPresenter extends OpenVKPresenter
function renderGiftMenu(): void
{
$user = $this->users->get((int) ($this->queryParam("user") ?? 0));
if(!$user)
if(!$user || $user->isDeleted())
$this->notFound();
if(!$user->canBeViewedBy($this->user->identity ?? NULL)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
$this->template->page = $page = (int) ($this->queryParam("p") ?? 1);
$cats = $this->gifts->getCategories($page, NULL, $this->template->count);
@ -48,9 +57,13 @@ final class GiftsPresenter extends OpenVKPresenter
{
$user = $this->users->get((int) ($this->queryParam("user") ?? 0));
$cat = $this->gifts->getCat((int) ($this->queryParam("pack") ?? 0));
if(!$user || !$cat)
if(!$user || $user->isDeleted() || !$cat)
$this->flashFail("err", "Не удалось подарить", "Пользователь или набор не существуют.");
if(!$user->canBeViewedBy($this->user->identity ?? NULL)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
$this->template->page = $page = (int) ($this->queryParam("p") ?? 1);
$gifts = $cat->getGifts($page, null, $this->template->count);
@ -65,12 +78,16 @@ final class GiftsPresenter extends OpenVKPresenter
$user = $this->users->get((int) ($this->queryParam("user") ?? 0));
$gift = $this->gifts->get((int) ($this->queryParam("elid") ?? 0));
$cat = $this->gifts->getCat((int) ($this->queryParam("pack") ?? 0));
if(!$user || !$cat || !$gift || !$cat->hasGift($gift))
if(!$user || $user->isDeleted() || !$cat || !$gift || !$cat->hasGift($gift))
$this->flashFail("err", "Не удалось подарить", "Не удалось подтвердить права на подарок.");
if(!$gift->canUse($this->user->identity))
$this->flashFail("err", "Не удалось подарить", "У вас больше не осталось таких подарков.");
if(!$user->canBeViewedBy($this->user->identity ?? NULL)) {
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
$coinsLeft = $this->user->identity->getCoins() - $gift->getPrice();
if($coinsLeft < 0)
$this->flashFail("err", "Не удалось подарить", "Ору нищ не пук.");

82
Web/Presenters/GroupPresenter.php
View file

@ -82,7 +82,12 @@ final class GroupPresenter extends OpenVKPresenter
{
$this->assertUserLoggedIn();
$this->template->club = $this->clubs->get($id);
$club = $this->clubs->get($id);
if(!$club || $club->isDeleted()) {
$this->notFound();
}
$this->template->club = $club;
$this->template->onlyShowManagers = $this->queryParam("onlyAdmins") == "1";
if($this->template->onlyShowManagers) {
$this->template->followers = NULL;
@ -192,20 +197,20 @@ final class GroupPresenter extends OpenVKPresenter
$this->willExecuteWriteAction();
$club = $this->clubs->get($id);
if(!$club || !$club->canBeModifiedBy($this->user->identity))
if(!$club || !$club->canBeModifiedBy($this->user->identity) || $club->isDeleted())
$this->notFound();
else
$this->template->club = $club;
if($_SERVER["REQUEST_METHOD"] === "POST") {
if(!$club->setShortcode( empty($this->postParam("shortcode")) ? NULL : $this->postParam("shortcode") ))
if(!$club->setShortcode( empty($this->postParam("shortcode")) ? NULL : $this->postParam("shortcode") ))
$this->flashFail("err", tr("error"), tr("error_shorturl_incorrect"));
$club->setName(empty($this->postParam("name")) ? $club->getName() : $this->postParam("name"));
$club->setAbout(empty($this->postParam("about")) ? NULL : $this->postParam("about"));
$club->setWall(empty($this->postParam("wall")) ? 0 : 1);
$club->setWall(empty($this->postParam("wall")) ? 0 : 1);
$club->setAdministrators_List_Display(empty($this->postParam("administrators_list_display")) ? 0 : $this->postParam("administrators_list_display"));
$club->setEveryone_Can_Create_Topics(empty($this->postParam("everyone_can_create_topics")) ? 0 : 1);
$club->setEveryone_Can_Create_Topics(empty($this->postParam("everyone_can_create_topics")) ? 0 : 1);
$club->setDisplay_Topics_Above_Wall(empty($this->postParam("display_topics_above_wall")) ? 0 : 1);
$club->setHide_From_Global_Feed(empty($this->postParam("hide_from_global_feed")) ? 0 : 1);
@ -300,7 +305,7 @@ final class GroupPresenter extends OpenVKPresenter
$this->willExecuteWriteAction();
$club = $this->clubs->get($id);
if(!$club || !$club->canBeModifiedBy($this->user->identity))
if(!$club || !$club->canBeModifiedBy($this->user->identity) || $club->isDeleted())
$this->notFound();
else
$this->template->club = $club;
@ -341,7 +346,7 @@ final class GroupPresenter extends OpenVKPresenter
$this->flashFail("err", "Ошибка подключения", "Не удалось подключится к службе телеметрии.");
$club = $this->clubs->get($id);
if(!$club->canBeModifiedBy($this->user->identity))
if(!$club->canBeModifiedBy($this->user->identity) || $club->isDeleted())
$this->notFound();
else
$this->template->club = $club;
@ -396,4 +401,67 @@ final class GroupPresenter extends OpenVKPresenter
$this->flashFail("succ", tr("information_-1"), tr("group_owner_setted", $newOwner->getCanonicalName(), $club->getName()));
}
function renderDelete(int $id)
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$this->assertNoCSRF();
if($_SERVER['REQUEST_METHOD'] !== "POST")
$this->redirect("/club" . $id);
$club = $this->clubs->get($id);
if(!$club || $club->isDeleted()) {
$this->flashFail("err", tr("error"), "Invalid club");
}
if(!Authenticator::verifyHash($this->postParam("password"), $club->getOwner()->getChandlerUser()->getRaw()->passwordHash)) {
$this->flashFail("err", tr("error"), tr("incorrect_password"));
}
if($club->getOwner()->getId() != $this->user->id) {
$this->flashFail("err", tr("error"), tr("owners_delete"));
}
$club->setDeleted(1);
$club->setShortcode(NULL);
$club->setHide_From_Global_Feed(1);
$club->save();
$this->redirect("/club".$club->getId());
}
function renderRestore(int $id)
{
$this->assertUserLoggedIn();
$this->willExecuteWriteAction();
$this->assertNoCSRF();
if($_SERVER['REQUEST_METHOD'] !== "POST")
$this->redirect("/club" . $id);
$club = $this->clubs->get($id);
if(!$club || !$club->isDeleted()) {
$this->flashFail("err", tr("error"), "Invalid club");
}
if($club->getOwner()->getId() != $this->user->id) {
$this->flashFail("err", tr("error"), tr("owners_restore"));
}
if($club->isBanned()) {
$this->flashFail("err", tr("error"));
}
$club->setDeleted(0);
$club->setHide_From_Global_Feed(0);
$club->save();
$this->redirect("/club".$club->getId());
}
}

4
Web/Presenters/NotesPresenter.php
View file

@ -19,7 +19,7 @@ final class NotesPresenter extends OpenVKPresenter
{
$user = (new Users)->get($owner);
if(!$user) $this->notFound();
if(!$user->getPrivacyPermission('notes.read', $this->user->identity ?? NULL))
if(!$user->getPrivacyPermission('notes.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
$this->template->notes = $this->notes->getUserNotes($user, (int)($this->queryParam("p") ?? 1));
@ -38,7 +38,7 @@ final class NotesPresenter extends OpenVKPresenter
$note = $this->notes->getNoteById($owner, $note_id);
if(!$note || $note->getOwner()->getId() !== $owner || $note->isDeleted())
$this->notFound();
if(!$note->getOwner()->getPrivacyPermission('notes.read', $this->user->identity ?? NULL))
if(!$note->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
$this->template->cCount = $note->getCommentsCount();

35
Web/Presenters/PhotosPresenter.php
View file

@ -25,7 +25,7 @@ final class PhotosPresenter extends OpenVKPresenter
if($owner > 0) {
$user = $this->users->get($owner);
if(!$user) $this->notFound();
if (!$user->getPrivacyPermission('photos.read', $this->user->identity ?? NULL))
if (!$user->getPrivacyPermission('photos.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
$this->template->albums = $this->albums->getUserAlbums($user, $this->queryParam("p") ?? 1);
$this->template->count = $this->albums->getUserAlbumsCount($user);
@ -35,7 +35,7 @@ final class PhotosPresenter extends OpenVKPresenter
$this->template->canEdit = $this->user->id === $user->getId();
} else {
$club = (new Clubs)->get(abs($owner));
if(!$club) $this->notFound();
if(!$club || $club->isDeleted()) $this->notFound();
$this->template->albums = $this->albums->getClubAlbums($club, $this->queryParam("p") ?? 1);
$this->template->count = $this->albums->getClubAlbumsCount($club);
$this->template->owner = $club;
@ -59,7 +59,7 @@ final class PhotosPresenter extends OpenVKPresenter
if(!is_null($gpid = $this->queryParam("gpid"))) {
$club = (new Clubs)->get((int) $gpid);
if(!$club->canBeModifiedBy($this->user->identity))
if(!$club->canBeModifiedBy($this->user->identity) || $club->isDeleted())
$this->notFound();
$this->template->club = $club;
@ -91,7 +91,7 @@ final class PhotosPresenter extends OpenVKPresenter
$this->willExecuteWriteAction();
$album = $this->albums->get($id);
if(!$album) $this->notFound();
if(!$album || $album->isDeleted() || $album->getOwner()->isDeleted()) $this->notFound();
if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) $this->notFound();
if(is_null($this->user) || !$album->canBeModifiedBy($this->user->identity) || $album->isDeleted())
$this->flashFail("err", "Ошибка доступа", "Недостаточно прав для модификации данного ресурса.");
@ -117,7 +117,7 @@ final class PhotosPresenter extends OpenVKPresenter
$this->assertNoCSRF();
$album = $this->albums->get($id);
if(!$album) $this->notFound();
if(!$album || $album->getOwner()->isDeleted()) $this->notFound();
if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) $this->notFound();
if(is_null($this->user) || !$album->canBeModifiedBy($this->user->identity))
$this->flashFail("err", "Ошибка доступа", "Недостаточно прав для модификации данного ресурса.");
@ -134,13 +134,14 @@ final class PhotosPresenter extends OpenVKPresenter
{
$album = $this->albums->get($id);
if(!$album) $this->notFound();
if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted())
if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted() || $album->getOwner()->isDeleted())
$this->notFound();
if(!$album->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
if($owner > 0 /* bc we currently don't have perms for clubs */) {
$ownerObject = (new Users)->get($owner);
if(!$ownerObject->getPrivacyPermission('photos.read', $this->user->identity ?? NULL))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
}
$this->template->album = $album;
@ -157,8 +158,15 @@ final class PhotosPresenter extends OpenVKPresenter
function renderPhoto(int $ownerId, int $photoId): void
{
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
if(!$photo || $photo->isDeleted()) $this->notFound();
if(!$photo || $photo->isDeleted() || $photo->getOwner()->isDeleted()) $this->notFound();
if($ownerId > 0) {
$ownerObject = (new Users)->get($ownerId);
}
if(!$photo->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
if(!is_null($this->queryParam("from"))) {
if(preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) {
$album = $this->albums->get((int) $matches[1]);
@ -178,6 +186,7 @@ final class PhotosPresenter extends OpenVKPresenter
{
$id = (int) base_convert((string) $id, 32, 10);
$photo = $this->photos->get($id);
if(!$photo || $photo->isDeleted())
$this->notFound();
@ -203,7 +212,7 @@ final class PhotosPresenter extends OpenVKPresenter
$this->willExecuteWriteAction();
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
if(!$photo) $this->notFound();
if(!$photo || $photo->getOwner()->isDeleted()) $this->notFound();
if(is_null($this->user) || $this->user->id != $ownerId)
$this->flashFail("err", "Ошибка доступа", "Недостаточно прав для модификации данного ресурса.");
@ -228,7 +237,7 @@ final class PhotosPresenter extends OpenVKPresenter
[$owner, $id] = explode("_", $this->queryParam("album"));
$album = $this->albums->get((int) $id);
if(!$album)
if(!$album || $album->getOwner()->isDeleted())
$this->flashFail("err", "Неизвестная ошибка", "Не удалось сохранить фотографию в <b>DELETED</b>.");
if(is_null($this->user) || !$album->canBeModifiedBy($this->user->identity))
$this->flashFail("err", "Ошибка доступа", "Недостаточно прав для модификации данного ресурса.");
@ -266,7 +275,7 @@ final class PhotosPresenter extends OpenVKPresenter
$album = $this->albums->get($albumId);
$photo = $this->photos->get($photoId);
if(!$album || !$photo) $this->notFound();
if(!$album || !$photo || $album->getOwner()->isDeleted()) $this->notFound();
if(!$album->hasPhoto($photo)) $this->notFound();
if(is_null($this->user) || !$album->canBeModifiedBy($this->user->identity))
$this->flashFail("err", "Ошибка доступа", "Недостаточно прав для модификации данного ресурса.");

4
Web/Presenters/SearchPresenter.php
View file

@ -86,7 +86,9 @@ final class SearchPresenter extends OpenVKPresenter
"hometown" => $this->queryParam("hometown") != "" ? $this->queryParam("hometown") : NULL,
"before" => $this->queryParam("datebefore") != "" ? strtotime($this->queryParam("datebefore")) : NULL,
"after" => $this->queryParam("dateafter") != "" ? strtotime($this->queryParam("dateafter")) : NULL,
"gender" => $this->queryParam("gender") != "" && $this->queryParam("gender") != 2 ? $this->queryParam("gender") : NULL
"gender" => $this->queryParam("gender") != "" && $this->queryParam("gender") != 2 ? $this->queryParam("gender") : NULL,
"doNotShowDeleted" => true,
"doNotShowPrivate" => true
];
$repo = $repos[$type] or $this->throwError(400, "Bad Request", "Invalid search entity $type.");

10
Web/Presenters/TopicsPresenter.php
View file

@ -22,7 +22,7 @@ final class TopicsPresenter extends OpenVKPresenter
$this->assertUserLoggedIn();
$club = $this->clubs->get($id);
if(!$club)
if(!$club || $club->isDeleted())
$this->notFound();
$this->template->club = $club;
@ -51,7 +51,7 @@ final class TopicsPresenter extends OpenVKPresenter
$this->assertUserLoggedIn();
$topic = $this->topics->getTopicById($clubId, $topicId);
if(!$topic)
if(!$topic || $topic->getClub()->isDeleted())
$this->notFound();
$this->template->topic = $topic;
@ -66,7 +66,7 @@ final class TopicsPresenter extends OpenVKPresenter
$this->assertUserLoggedIn();
$club = $this->clubs->get($clubId);
if(!$club)
if(!$club || $club->isDeleted())
$this->notFound();
if(!$club->isEveryoneCanCreateTopics() && !$club->canBeModifiedBy($this->user->identity))
@ -149,7 +149,7 @@ final class TopicsPresenter extends OpenVKPresenter
$this->assertUserLoggedIn();
$topic = $this->topics->getTopicById($clubId, $topicId);
if(!$topic)
if(!$topic || $topic->getClub()->isDeleted())
$this->notFound();
if(!$topic->canBeModifiedBy($this->user->identity))
@ -184,7 +184,7 @@ final class TopicsPresenter extends OpenVKPresenter
$this->assertNoCSRF();
$topic = $this->topics->getTopicById($clubId, $topicId);
if(!$topic)
if(!$topic || $topic->getClub()->isDeleted())
$this->notFound();
if(!$topic->canBeModifiedBy($this->user->identity))

8
Web/Presenters/UserPresenter.php
View file

@ -58,7 +58,7 @@ final class UserPresenter extends OpenVKPresenter
$page = abs($this->queryParam("p") ?? 1);
if(!$user)
$this->notFound();
elseif (!$user->getPrivacyPermission('friends.read', $this->user->identity ?? NULL))
elseif (!$user->getPrivacyPermission('friends.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
else
$this->template->user = $user;
@ -86,7 +86,7 @@ final class UserPresenter extends OpenVKPresenter
$user = $this->users->get($id);
if(!$user)
$this->notFound();
elseif (!$user->getPrivacyPermission('groups.read', $this->user->identity ?? NULL))
elseif (!$user->getPrivacyPermission('groups.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
else {
if($this->queryParam("act") === "managed" && $this->user->id !== $user->getId())
@ -435,6 +435,10 @@ final class UserPresenter extends OpenVKPresenter
$input = $this->postParam(str_replace(".", "_", $setting));
$user->setPrivacySetting($setting, min(3, abs($input ?? $user->getPrivacySetting($setting))));
}
$prof = $this->postParam("profile_type") == 1 || $this->postParam("profile_type") == 0 ? (int)$this->postParam("profile_type") : 0;
$user->setProfile_type($prof);
$user->save();
} else if($_GET['act'] === "finance.top-up") {
$token = $this->postParam("key0") . $this->postParam("key1") . $this->postParam("key2") . $this->postParam("key3");
$voucher = (new Vouchers)->getByToken($token);

15
Web/Presenters/VideosPresenter.php
View file

@ -22,7 +22,7 @@ final class VideosPresenter extends OpenVKPresenter
{
$user = $this->users->get($id);
if(!$user) $this->notFound();
if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL))
if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL) || !$user->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
$this->template->user = $user;
@ -39,14 +39,17 @@ final class VideosPresenter extends OpenVKPresenter
function renderView(int $owner, int $vId): void
{
$user = $this->users->get($owner);
if(!$user) $this->notFound();
if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
if(!$user || $user->isDeleted()) $this->notFound();
if($this->videos->getByOwnerAndVID($owner, $vId)->isDeleted()) $this->notFound();
$video = $this->videos->getByOwnerAndVID($owner, $vId);
if(!$video || $video->isDeleted()) $this->notFound();
if(!$video->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
$this->template->user = $user;
$this->template->video = $this->videos->getByOwnerAndVID($owner, $vId);
$this->template->video = $video;
$this->template->cCount = $this->template->video->getCommentsCount();
$this->template->cPage = (int) ($this->queryParam("p") ?? 1);
$this->template->comments = iterator_to_array($this->template->video->getComments($this->template->cPage));

69
Web/Presenters/WallPresenter.php
View file

@ -46,6 +46,12 @@ final class WallPresenter extends OpenVKPresenter
function renderWall(int $user, bool $embedded = false): void
{
$owner = ($user < 0 ? (new Clubs) : (new Users))->get(abs($user));
if(!$owner->canBeViewedBy($this->user->identity)) {
$this->flashFail("err", tr("error"), tr("forbidden"));
$this->redirect("/");
}
if(is_null($this->user)) {
$canPost = false;
} else if($user > 0) {
@ -61,6 +67,10 @@ final class WallPresenter extends OpenVKPresenter
} else {
$canPost = false;
}
if($owner->isDeleted()) {
$this->notFound();
}
if ($embedded == true) $this->template->_template = "components/wall.xml";
$this->template->oObj = $owner;
@ -98,7 +108,7 @@ final class WallPresenter extends OpenVKPresenter
else
$this->flashFail("err", tr("error"), tr("forbidden"));
} else if($user < 0) {
if($owner->canBeModifiedBy($this->user->identity))
if($owner->canBeModifiedBy($this->user->identity) && $owner->canBeViewedBy($this->user->identity))
$canPost = true;
else
$canPost = $owner->canPost();
@ -167,8 +177,9 @@ final class WallPresenter extends OpenVKPresenter
$page = (int) ($_GET["p"] ?? 1);
$pPage = min((int) ($_GET["posts"] ?? OPENVK_DEFAULT_PER_PAGE), 50);
$queryBase = "FROM `posts` LEFT JOIN `groups` ON GREATEST(`posts`.`wall`, 0) = 0 AND `groups`.`id` = ABS(`posts`.`wall`) WHERE (`groups`.`hide_from_global_feed` = 0 OR `groups`.`name` IS NULL) AND `posts`.`deleted` = 0";
$queryBase = "FROM `posts` JOIN `profiles` ON `profiles`.`id` = ABS(`posts`.`wall`) LEFT JOIN `groups` ON GREATEST(`posts`.`wall`, 0) = 0 AND `groups`.`id` = ABS(`posts`.`wall`)";
$queryBase .= "WHERE (`profiles`.`profile_type` = 0 OR `profiles`.`first_name` IS NULL) AND (`groups`.`hide_from_global_feed` = 0 OR `groups`.`name` IS NULL) AND `posts`.`deleted` = 0";
if($this->user->identity->getNsfwTolerance() === User::NSFW_INTOLERANT)
$queryBase .= " AND `nsfw` = 0";
@ -213,15 +224,20 @@ final class WallPresenter extends OpenVKPresenter
$wallOwner = ($wall > 0 ? (new Users)->get($wall) : (new Clubs)->get($wall * -1))
?? $this->flashFail("err", tr("failed_to_publish_post"), tr("error_4"));
if($wall > 0) {
if(!$wallOwner->isBanned())
if(!$wallOwner->isBanned() && !$wallOwner->isDeleted() && $wallOwner->canBeViewedBy($this->user->identity))
$canPost = $wallOwner->getPrivacyPermission("wall.write", $this->user->identity);
else
$this->flashFail("err", tr("not_enough_permissions"), tr("not_enough_permissions_comment"));
} else if($wall < 0) {
if($wallOwner->canBeModifiedBy($this->user->identity))
$canPost = true;
else
$canPost = $wallOwner->canPost();
if(!$wallOwner->isDeleted()) {
if($wallOwner->canBeModifiedBy($this->user->identity))
$canPost = true;
else
$canPost = $wallOwner->canPost();
} else {
$canPost = false;
}
} else {
$canPost = false;
}
@ -340,21 +356,24 @@ final class WallPresenter extends OpenVKPresenter
function renderPost(int $wall, int $post_id): void
{
$post = $this->posts->getPostById($wall, $post_id);
if(!$post || $post->isDeleted())
if(!$post || $post->isDeleted() || $post->getWallOwner()->isDeleted())
$this->notFound();
if(!$post->canBeViewedBy($this->user->identity))
$this->flashFail("err", tr("error"), tr("forbidden"));
$this->logPostView($post, $wall);
$this->template->post = $post;
if ($post->getTargetWall() > 0) {
$this->template->wallOwner = (new Users)->get($post->getTargetWall());
$this->template->isWallOfGroup = false;
if($this->template->wallOwner->isBanned())
$this->template->wallOwner = (new Users)->get($post->getTargetWall());
$this->template->isWallOfGroup = false;
if($this->template->wallOwner->isBanned() || $this->template->wallOwner->isDeleted())
$this->flashFail("err", tr("error"), tr("forbidden"));
} else {
$this->template->wallOwner = (new Clubs)->get(abs($post->getTargetWall()));
$this->template->isWallOfGroup = true;
}
} else {
$this->template->wallOwner = (new Clubs)->get(abs($post->getTargetWall()));
$this->template->isWallOfGroup = true;
}
$this->template->cCount = $post->getCommentsCount();
$this->template->cPage = (int) ($_GET["p"] ?? 1);
$this->template->comments = iterator_to_array($post->getComments($this->template->cPage));
@ -367,8 +386,12 @@ final class WallPresenter extends OpenVKPresenter
$this->assertNoCSRF();
$post = $this->posts->getPostById($wall, $post_id);
if(!$post || $post->isDeleted()) $this->notFound();
if(!$post || $post->isDeleted() || $post->getWallOwner()->isDeleted()) $this->notFound();
if(!$post->canBeViewedBy($this->user->identity)) {
$this->flashFail("err", tr("error"), tr("forbidden"));
}
if(!is_null($this->user)) {
$post->toggleLike($this->user->identity);
}
@ -384,9 +407,17 @@ final class WallPresenter extends OpenVKPresenter
$post = $this->posts->getPostById($wall, $post_id);
if(!$post || $post->isDeleted())
if(!$post || $post->isDeleted() || $post->getWallOwner()->isDeleted())
$this->notFound();
if(!$post->canBeViewedBy($this->user->identity)) {
$this->returnJson([
"error" => "forbidden"
]);
}
$where = $this->postParam("type") ?? "wall";
$groupId = NULL;
$flags = 0;
@ -425,7 +456,7 @@ final class WallPresenter extends OpenVKPresenter
if($post->getOwner(false)->getId() !== $this->user->identity->getId() && !($post->getOwner() instanceof Club))
(new RepostNotification($post->getOwner(false), $post, $this->user->identity))->emit();
};
$this->returnJson([
"wall_owner" => $where == "wall" ? $this->user->identity->getId() : $groupId * -1
]);

1
Web/Presenters/templates/About/Tour.xml
View file

@ -83,6 +83,7 @@
<ul class="listing">
<li><span>{_tour_section_2_text_2_1|noescape}</span></li>
<li><span>{_tour_section_2_text_2_2|noescape}</span></li>
<li><span>{_tour_section_2_text_2_4|noescape}</span></li>
<li><span>{_tour_section_2_text_2_3|noescape}</span></li>
</ul>
<img src="assets/packages/static/openvk/img/tour/privacy.png" width="440">

4
Web/Presenters/templates/Admin/Club.xml
View file

@ -65,6 +65,10 @@
<input class="toggle-large" type="checkbox" id="hide_from_global_feed" name="hide_from_global_feed" value="1" {if $club->isHideFromGlobalFeedEnabled()} checked {/if} />
<label for="hide_from_global_feed">{_admin_club_excludeglobalfeed}</label>
</div>
<div class="group">
<input class="toggle-large" type="checkbox" id="deleted" name="deleted" value="1" {if $club->isDeleted()} checked {/if} />
<label for="deleted">{_deleted_f}</label>
</div>
<hr/>
<div class="buttons-container">
<div class="buttons">

33
Web/Presenters/templates/Group/Edit.xml
View file

@ -72,7 +72,7 @@
<div id="filename" style="margin-top: 10px;"></div>
</td>
</tr>
<tr>
<tr>
<td width="120" valign="top">
<span class="nobold">{_wall}: </span>
</td>
@ -102,6 +102,37 @@
</td>
</tr>
<tr n:if="$club->getOwner()->getId() == $thisUser->getId()">
<script>
function showGroupDeleteDialog()
{
let id = {$club->getId()}
let body = `
<form action="/club` + id + `/delete" id="grpDeactivation" method="POST">` +
tr("trying_delete_group") + `
<input type="password" id="password" name="password" required />
<input type="hidden" name="hash" value="` + u("meta[name=csrf]").attr("value") + `" />
</form>
`
MessageBox(tr("group_deletion"), body, [tr("delete"), tr("cancel")], [
() => {
$("#grpDeactivation").submit();
},
Function.noop
]);
document.querySelector(".ovk-diag-body").style.padding = "10px"
}
</script>
<td width="120" valign="top">
</td>
<td>
<span><a href="javascript:showGroupDeleteDialog()">{_delete_group}</a></span>
</td>
</tr>
<tr>
<td>

121
Web/Presenters/templates/Group/View.xml
View file

@ -1,5 +1,11 @@
{extends "../@layout.xml"}
{var $backdrops = $club->getBackDropPictureURLs()}
{var $backdrops = !$club->isDeleted() ? $club->getBackDropPictureURLs() : NULL}
{block headIncludes}
{if $club->isDeleted()}
<meta name="robots" content="noindex, noarchive">
{/if}
{/block}
{block title}{$club->getName()}{/block}
@ -14,6 +20,7 @@
{/block}
{block content}
{if !$club->isDeleted()}
<div class="left_big_block">
<div n:if="!is_null($alert = $club->getAlert())" class="group-alert">{strpos($alert, "@") === 0 ? tr(substr($alert, 1)) : $alert}</div>
@ -45,7 +52,7 @@
</div>
<div n:if="$club->getFollowersCount() > 0">
{var $followersCount = $club->getFollowersCount()}
<div class="content_title_expanded" onclick="hidePanel(this, {$followersCount});">
{_participants}
</div>
@ -90,14 +97,14 @@
</div>
</div>
</div>
{presenter "openvk!Wall->wallEmbedded", -$club->getId()}
</div>
<div class="right_small_block">
{var $avatarPhoto = $club->getAvatarPhoto()}
{var $avatarLink = ((is_null($avatarPhoto) ? FALSE : $avatarPhoto->isAnonymous()) ? "/photo" . ("s/" . base_convert((string) $avatarPhoto->getId(), 10, 32)) : $club->getAvatarLink())}
<div class="avatar_block" style="position:relative;">
{var $hasAvatar = !str_contains($club->getAvatarUrl('miniscule'), "/assets/packages/static/openvk/img/camera_200.png")}
{var $hasAvatar = !str_contains($club->getAvatarUrl('miniscule'), "/assets/packages/static/openvk/img/club_200.png")}
{if !is_null($thisUser) && $hasAvatar == false && $club->canBeModifiedBy($thisUser)}
<a href="javascript:addAvatarImage(true, {$club->getId()})" class="text_add_image">{_add_image_group}</a>
{elseif !is_null($thisUser) && $hasAvatar == true && $club->canBeModifiedBy($thisUser)}
@ -122,8 +129,43 @@
<a href="/club{$club->getId()}/edit" id="profile_link">{_edit_group}</a>
<a href="/club{$club->getId()}/stats" id="profile_link">{_statistics}</a>
{/if}
{if $thisUser->getChandlerUser()->can("access")->model("admin")->whichBelongsTo(NULL)}
<script>
function banClub() {
let name = {$club->getName()}
let body = tr("ban_group_desc", {$club->getName()})
let cool = tr("come_up_with_something_cool")
let num = {$club->getId()}
body += `
<br>
<input type="text" id="block_reason" name="block_reason" placeholder="` + cool + `">
<input type="checkbox" value="1" id="delete_every_post" name="delete_every_post">` + tr('delete_every_post') +
`<br><input type="checkbox" value="1" id="unsub_everyone" name="unsub_everyone">` + tr('unsubscribe_everyoune')
MessageBox({_ban_group} + " " + {$club->getName()}, body, [{_ok}, {_cancel}], [
(function() {
let xhr = new XMLHttpRequest()
xhr.open("POST", "/admin/clubs/id" + num + "/ban" + "?hash=" + {rawurlencode($csrfToken)}, true);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.onload = () => {
if(xhr.responseText.indexOf("success") === -1)
MessageBox(tr("error"), tr("cant_ban_group"), ["OK"], [Function.noop]);
else
location.reload()
}
xhr.send("block_reason="+block_reason.value+"&delete_every_post="+delete_every_post.checked+"&unsub_everyone="+unsub_everyone.checked);
}),
Function.noop
]);
document.querySelector(".ovk-diag-body").style.padding = "10px"
}
</script>
<a href="/id{$club->getOwner()->getId()}" id="profile_link">{_go_to_owner}</a>
<a href="/admin/clubs/id{$club->getId()}" id="profile_link">{_manage_group_action}</a>
<a href="javascript:banClub()" id="profile_link">{_ban_group}</a>
{/if}
{if $club->getSubscriptionStatus($thisUser) == false}
<form action="/setSub/club" method="post">
@ -226,7 +268,7 @@
<div class="ovk-album" style="display: inline-block;" n:foreach="$albums as $album">
<div style="text-align: center;float: left;height: 54pt;width: 100px;">
{var $cover = $album->getCoverPhoto()}
<img
src="{is_null($cover)?'/assets/packages/static/openvk/img/camera_200.png':$cover->getURL()}"
style="max-width: 80px; max-height: 54pt;" />
@ -260,6 +302,75 @@
</div>
</div>
{else}
<div class="left_big_block">
<div class="content_title_expanded">
{_information}
</div>
<div class="page_info">
<table class="ugc-table">
<tbody>
<tr>
<td><span class="nobold">{_name_group}:</span></td>
<td><b>{$club->getName()}</b></td>
</tr>
</tbody>
</table>
</div>
{if !$club->isBanned()}
<p style="text-align:center;margin-top:20%;font-size: 13px;">{_group_was_deleted}</p>
{else}
<p style="text-align:center;margin-top:20%;font-size: 13px;">{_group_was_blocked}</p>
<p style="text-align:center;font-size: 13px;">{_ban_reason_g}: {$club->getBanReason()}</p>
{/if}
</div>
<div class="right_small_block">
<div class="avatar_block" style="position:relative;">
<a href="javascript:void(0)">
<img src="{$club->getAvatarUrl()}" style="width: 100%; image-rendering: -webkit-optimize-contrast;" />
</a>
</div>
<div n:ifset="$thisUser" id="profile_links">
{if !is_null($thisUser) && $club->getOwner()->getId() == $thisUser->getId() && !$club->isBanned()}
<form action="/club{$club->getId()}/restore" method="POST">
<input type="hidden" name="hash" value="{$csrfToken}" />
<input type="submit" id="profile_link" value="{_restore_group}" />
</form>
{/if}
{if !is_null($thisUser) && $thisUser->getChandlerUser()->can("access")->model("admin")->whichBelongsTo(NULL)}
<script>
function unbanClub() {
let num = {$club->getId()}
let xhr = new XMLHttpRequest()
xhr.open("POST", "/admin/clubs/id" + num + "/unban" + "?hash=" + {rawurlencode($csrfToken)}, true);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.onload = () => {
location.reload()
}
xhr.send();
}
</script>
<a href="/id{$club->getOwner()->getId()}" id="profile_link">{_go_to_owner}</a>
<a href="/admin/clubs/id{$club->getId()}" id="profile_link">{_manage_group_action}</a>
{if $club->isBanned()}
<a href="javascript:unbanClub()" id="profile_link">{_unban_group}</a>
{else}
<a href="javascript:unbanClub()" id="profile_link">{_restore_group}</a>
{/if}
{/if}
{if !is_null($thisUser) && $club->getSubscriptionStatus($thisUser)}
<form action="/setSub/club" method="post">
<input type="hidden" name="act" value="rem" />
<input type="hidden" name="id" value="{$club->getId()}" />
<input type="hidden" name="hash" value="{$csrfToken}" />
<input type="submit" id="profile_link" value="{_leave_community}" />
</form>
{/if}
</div>
</div>
{/if}
{/block}
{block bodyScripts}

16
Web/Presenters/templates/Search/Index.xml
View file

@ -188,25 +188,29 @@
</div>
{elseif $type == "posts"}
<div n:foreach="$data as $dat" class="content">
{if !$dat || $dat->getTargetWall() < 0 && $dat->getWallOwner()->isHideFromGlobalFeedEnabled()}
{_closed_group_post}.
{if !$dat->canBeViewedBy($thisUser ?? NULL) || $dat->getTargetWall() < 0 && $dat->getOwner()->isHideFromGlobalFeedEnabled()}
{_dont_need_to_see_post}
{else}
{include "../components/post.xml", post => $dat, commentSection => true, onWallOf => true}
{/if}
</div>
{elseif $type == "comments"}
<div n:foreach="$data as $dat" class="content">
{if !$dat->getTarget() || $dat->getTarget()->isDeleted()}
{_deleted_target_comment}.
{if !$dat->canBeViewedBy($thisUser ?? NULL)}
{_dont_need_to_see_comment}
{else}
{include "../components/comment.xml", comment => $dat, linkW => true}
{/if}
</div>
{elseif $type == "videos"}
{foreach $data as $dat}
<div class="content">
<div class="content">
{if !$dat->canBeViewedBy($thisUser ?? NULL)}
{_dont_need_to_see_video}
{else}
{include "../components/video.xml", video => $dat}
</div>
{/if}
</div>
{/foreach}
{elseif $type == "audios"}
хуй

13
Web/Presenters/templates/User/Settings.xml
View file

@ -266,8 +266,6 @@
<select name="page.read" style="width: 164px;">
<option value="3" {if $user->getPrivacySetting('page.read') == 3}selected{/if}>{_privacy_value_anybody_dative}</option>
<option value="2" {if $user->getPrivacySetting('page.read') == 2}selected{/if}>{_privacy_value_users}</option>
<option value="1" {if $user->getPrivacySetting('page.read') == 1}selected{/if}>{_privacy_value_friends_dative}</option>
<option value="0" {if $user->getPrivacySetting('page.read') == 0}selected{/if}>{_privacy_value_only_me_dative}</option>
</select>
</td>
</tr>
@ -384,6 +382,17 @@
</select>
</td>
</tr>
<tr>
<td width="120" valign="top">
<span class="nobold">{_profile_type}</span>
</td>
<td>
<select name="profile_type", style="width: 164px;">
<option value="0" {if $user->getProfileType() == 0}selected{/if}>{_profile_type_open}</option>
<option value="1" {if $user->getProfileType() == 1}selected{/if}>{_profile_type_closed}</option>
</select>
</td>
</tr>
<tr>
<td>

127
Web/Presenters/templates/User/View.xml
View file

@ -1,13 +1,13 @@
{extends "../@layout.xml"}
{if !$user->isBanned()}
{if !$user->isBanned() && $user->canBeViewedBy($thisUser ?? NULL)}
{var $backdrops = $user->getBackDropPictureURLs()}
{/if}
{block title}{$user->getCanonicalName()}{/block}
{block headIncludes}
{if $user->getPrivacyPermission('page.read', $thisUser ?? NULL)}
{if $user->getPrivacySetting("page.read") == 3 && !$user->isClosed()}
<!-- openGraph -->
<meta property="og:title" content="{$user->getCanonicalName()}" />
<meta property="og:url" content="http://{$_SERVER['HTTP_HOST']}{$user->getURL()}" />
@ -59,12 +59,97 @@
{/block}
{block content}
{if !is_null($thisUser) && $thisUser->getId() != $user->getId() && $user->getProfileType() == 1 && $thisUser->getChandlerUser()->can("access")->model("admin")->whichBelongsTo(NULL)}
<div class="msg msg_err" style="width:96%;">
<b>{_private_profile_warning}</b>
<br>
{_private_profile_warning_desc}
</div>
{/if}
{if !$user->isBanned()}
{if !$user->getPrivacyPermission('page.read', $thisUser ?? NULL)}
<div class="msg msg_err">
<b>{_forbidden}</b><br/>
{_forbidden_comment}
{if !$user->canBeViewedBy($thisUser ?? NULL)}
<div class="left_small_block">
<div style="margin-left: auto;margin-right: auto;display: table;position:relative;" class="avatar_block" id="av">
<img
{if $user->getPrivacySetting("page.read") < 3 && !isset($thisUser)}
src="/assets/packages/static/openvk/img/camera_private_200.png"
{else}
src="{$user->getAvatarUrl('normal')}"
{/if}
alt="{$user->getCanonicalName()}"
style="width: 100%; image-rendering: -webkit-optimize-contrast;" />
</div>
<div n:ifset="$thisUser" id="profile_links">
{var $subStatus = $user->getSubscriptionStatus($thisUser)}
{if $user->getPrivacyPermission('messages.write', $thisUser)}
<a style="width: 194px;" href="/im?sel={$user->getId()}" class="profile_link">{_send_message}</a>
{/if}
{if $subStatus === 0}
<form action="/setSub/user" method="post" class="profile_link_form" id="addToFriends">
<input type="hidden" name="act" value="add" />
<input type="hidden" name="id" value="{$user->getId()}" />
<input type="hidden" name="hash" value="{$csrfToken}" />
<input type="submit" class="profile_link" value="{_friends_add}" style="width: 194px;" />
</form>
{elseif $subStatus === 1}
<form action="/setSub/user" method="post" class="profile_link_form" id="addToFriends">
<input type="hidden" name="act" value="add" />
<input type="hidden" name="id" value="{$user->getId()}" />
<input type="hidden" name="hash" value="{$csrfToken}" />
<input type="submit" class="profile_link" value="{_friends_accept}" style="width: 194px;" />
</form>
{elseif $subStatus === 2}
<form action="/setSub/user" method="post" class="profile_link_form">
<input type="hidden" name="act" value="rem" />
<input type="hidden" name="id" value="{$user->getId()}" />
<input type="hidden" name="hash" value="{$csrfToken}" />
<input type="submit" class="profile_link" value="{_friends_reject}" style="width: 194px;" />
</form>
{/if}
</div>
</div>
<div class="right_big_block">
<div class="page_info">
<div n:if="!is_null($alert = $user->getAlert())" class="user-alert">{strpos($alert, "@") === 0 ? tr(substr($alert, 1)) : $alert}</div>
{var $thatIsThisUser = isset($thisUser) && $user->getId() == $thisUser->getId()}
<div class="accountInfo clearFix">
<div class="profileName">
<h2>{$user->getFullName()}</h2>
{if !is_null($user->getStatus())}
<div n:class="page_status, $thatIsThisUser ? page_status_edit_button" n:attr="id => $thatIsThisUser ? page_status_text : NULL">{$user->getStatus()}</div>
{/if}
</div>
</div>
<div>
<table id="basicInfo" class="ugc-table" border="0" cellspacing="0" cellpadding="0" border="0" cellspacing="0" cellpadding="0">
<tbody>
<tr>
<td class="label"><span class="nobold">{_gender}: </span></td>
<td class="data">{$user->isFemale() ? tr("female") : tr("male")}</td>
</tr>
</tbody>
</table>
</div>
<div class="msg msg_yellow" style="width: 93%;">
{var $m = $user->isFemale() ? "f" : "m"}
{tr("limited_access_to_page_$m", $user->getFirstName())}
{if isset($thisUser)}
{if $subStatus != 2}
<br /><br />
{_you_can_add}
<a href="javascript:addToFriends.submit()">{tr("add_to_friends_$m")}</a>
{/if}
{else}
<br /><br />
{tr("register_to_access_page_$m")}
{/if}
</div>
</div>
</div>
{else}
@ -320,20 +405,20 @@
<a href="/notes{$user->getId()}">{_all_title}</a>
</div>
</div>
<div style="padding: 5px 8px 15px 8px;">
<div style="padding: 5px 8px 15px 8px;">
<ul class="notes_titles" n:foreach="$notes as $note">
<li class="written">
<a href="/note{$note->getPrettyId()}">
{$note->getName()}
</a>
<small>
{$note->getPublicationTime()}
<span class="divide">|</span>
<a href="/note{$note->getPrettyId()}">{_comments}</a>
</small>
</li>
</ul>
<li class="written">
<a href="/note{$note->getPrettyId()}">
{$note->getName()}
</a>
<small>
{$note->getPublicationTime()}
<span class="divide">|</span>
<a href="/note{$note->getPrettyId()}">{_comments}</a>
</small>
</li>
</ul>
</div>
</div>
</div>
@ -391,7 +476,7 @@
<button type="submit" name="submit" class="button" style="height: 22px;">{_send}</button>
</form>
</div>
<div class="accountInfo clearFix">
<div class="accountInfo clearFix">
<div class="profileName">
<h2>{$user->getFullName()}</h2>
{if !is_null($user->getStatus())}
@ -434,7 +519,7 @@
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div n:if="$user->getPrivacyPermission('page.info.read', $thisUser ?? NULL)">
<div class="content_title_expanded" onclick="hidePanel(this);">

10
Web/Presenters/templates/Wall/Feed.xml
View file

@ -15,9 +15,13 @@
</div>
</div>
<div n:class="postFeedWrapper, $thisUser->hasMicroblogEnabled() ? postFeedWrapperMicroblog">
{include "../components/textArea.xml", route => "/wall" . $thisUser->getId() . "/makePost", graffiti => true, polls => true, notes => true}
</div>
{if $thisUser->isClosed() && isset($globalFeed)}
{* br *}
{else}
<div n:class="postFeedWrapper, $thisUser->hasMicroblogEnabled() ? postFeedWrapperMicroblog">
{include "../components/textArea.xml", route => "/wall" . $thisUser->getId() . "/makePost", graffiti => true, polls => true, notes => true}
</div>
{/if}
{foreach $posts as $post}
<a name="postGarter={$post->getId()}"></a>

25
Web/Presenters/templates/Wall/Post.xml
View file

@ -1,16 +1,23 @@
{extends "../@layout.xml"}
{block headIncludes}
{if $wallOwner->isDeleted() || $wallOwner->isClosed() || $wallOwner instanceof openvk\Web\Models\Entities\Club && $wallOwner->isHideFromGlobalFeedEnabled()}
<meta name="robots" content="noindex, noarchive">
{/if}
{/block}
{block title}{_post}{/block}
{block header}
<a href="{$wallOwner->getURL()}">
{$wallOwner->getCanonicalName()}
</a>
»
<a href="/wall{$wallOwner->getId() * ($isWallOfGroup ? -1 : 1)}">
{_wall}
</a>
»
{_post}
<a href="{$wallOwner->getURL()}">
{$wallOwner->getCanonicalName()}
</a>
»
<a href="/wall{$wallOwner->getId() * ($isWallOfGroup ? -1 : 1)}">
{_wall}
</a>
»
{_post}
{/block}
{block content}

7
Web/Presenters/templates/Wall/Wall.xml
View file

@ -1,4 +1,11 @@
{extends "../@layout.xml"}
{block headIncludes}
{if $oObj->isDeleted() || $oObj->isClosed() || $oObj instanceof openvk\Web\Models\Entities\Club && $oObj->isHideFromGlobalFeedEnabled()}
<meta name="robots" content="noindex, noarchive">
{/if}
{/block}
{block title}{_wall}{/block}
{block header}

18
Web/Presenters/templates/components/attachment.xml
View file

@ -43,14 +43,20 @@
</div>
{/if}
{elseif $attachment instanceof \openvk\Web\Models\Entities\Post}
{php $GLOBALS["_nesAttGloCou"] = (isset($GLOBALS["_nesAttGloCou"]) ? $GLOBALS["_nesAttGloCou"] : 0) + 1}
{if $GLOBALS["_nesAttGloCou"] > 2}
<a href="/wall{$attachment->getPrettyId()}">{_open_post}</a>
{else}
{include "post.xml", post => $attachment, compact => true}
{if $attachment->canBeViewedBy($thisUser ?? NULL)}
{php $GLOBALS["_nesAttGloCou"] = (isset($GLOBALS["_nesAttGloCou"]) ? $GLOBALS["_nesAttGloCou"] : 0) + 1}
{if $GLOBALS["_nesAttGloCou"] > 2}
<a href="/wall{$attachment->getPrettyId()}">{_open_post}</a>
{else}
{include "post.xml", post => $attachment, compact => true}
{/if}
{else}
<div class="no_access_attachment">
<span>{_no_access_attachment}</span>
</div>
{/if}
{else}
<span style="color:red;">{_version_incompatibility}</span>
{/if}
{php $GLOBALS["_nesAttGloCou"] = NULL}
{php $GLOBALS["_nesAttGloCou"] = NULL}

8
Web/Presenters/templates/components/post.xml
View file

@ -1,7 +1,15 @@
{var $microblogEnabled = isset($thisUser) ? $thisUser->hasMicroblogEnabled() : false}
{if $post->canBeViewedBy($thisUser ?? NULL)}
{if $microblogEnabled}
{include "post/microblogpost.xml", post => $post, commentSection => $commentSection}
{else}
{include "post/oldpost.xml", post => $post}
{/if}
{else}
<div class="post post-divider">
<span style="color:gray;">{_no_access_post}</span>
</div>
{/if}

8
Web/Presenters/templates/components/video.xml
View file

@ -1,3 +1,5 @@
{if $video->canBeViewedBy($thisUser ?? NULL)}
<table>
<tbody>
<tr>
@ -32,4 +34,8 @@
</td>
</tr>
</tbody>
</table>
</table>
{else}
{_no_access_abstract}
{/if}

8
Web/routes.yml
View file

@ -201,6 +201,10 @@ routes:
handler: "Group->admin"
- url: "/club{num}/setAdmin"
handler: "Group->modifyAdmin"
- url: "/club{num}/delete"
handler: "Group->delete"
- url: "/club{num}/restore"
handler: "Group->restore"
- url: "/groups{num}"
handler: "User->groups"
- url: "/groups_pin"
@ -297,6 +301,10 @@ routes:
handler: "Admin->clubs"
- url: "/admin/clubs/id{num}"
handler: "Admin->club"
- url: "/admin/clubs/id{num}/ban"
handler: "Admin->banClub"
- url: "/admin/clubs/id{num}/unban"
handler: "Admin->unbanClub"
- url: "/admin/vouchers"
handler: "Admin->vouchers"
- url: "/admin/vouchers/id{num}"

62
Web/static/css/main.css
View file

@ -165,11 +165,11 @@ h1 {
}
.navigation .link_soon {
color: #2B587A63;
color: #2B587A63;
}
.navigation .link_soon:hover {
background:#DAE1E8;
border-top:1px solid #CAD1D9
background:#DAE1E8;
border-top:1px solid #CAD1D9
}
.navigation .edit-button {
@ -997,6 +997,11 @@ table.User {
background-color: #f5e9ec;
}
.msg.msg_yellow {
border-color:#D4BC4C;
background-color:#F9F6E7;
}
.edit_link {
color: #c5c5c5;
font-family: verdana, arial, sans-serif;
@ -1689,9 +1694,9 @@ body.scrolled .toTop:hover {
}
#wallAttachmentMenu>.header {
padding: 6px 15px;
background-color: #eee;
text-align: center;
padding: 6px 15px;
background-color: #eee;
text-align: center;
}
#ovkDraw {
@ -2090,7 +2095,7 @@ table td[width="120"] {
.cookies-popup {
position: fixed;
bottom: 0;
left: 0;
left: 0;
width: 100%;
height: 40px;
background: linear-gradient(#fff, #eee);
@ -2147,13 +2152,13 @@ table td[width="120"] {
}
.minilink .counter {
font-weight: bold;
background-color: #eee;
line-height: 10px;
margin: -1px 3px 0 0;
padding: 1px 1px;
border-radius: 2px;
height: 11px;
font-weight: bold;
background-color: #eee;
line-height: 10px;
margin: -1px 3px 0 0;
padding: 1px 1px;
border-radius: 2px;
height: 11px;
}
#app_news_container {
@ -2246,13 +2251,13 @@ a.poll-retract-vote {
}
.client_app > img {
top: 3px;
position: relative;
top: 3px;
position: relative;
}
.client_app.client_app_titlebar > img {
top: 2px;
position: relative;
position: relative;
filter: invert(100%) sepia(100%) saturate(800%) hue-rotate(2deg) brightness(130%) contrast(50.1%);
}
@ -2267,12 +2272,12 @@ a.poll-retract-vote {
}
.regform-left{
text-align: right;
min-width: 110px;
text-align: right;
min-width: 110px;
}
.regform-right{
min-width: 200px;
min-width: 200px;
}
@ -2565,3 +2570,20 @@ a.poll-retract-vote {
{
background-color: rgb(233, 232, 232);
}
.no_access_attachment
{
border: 1px dashed black;
text-align: center;
padding-top: 20px;
cursor: pointer;
user-select: none;
margin-top: -8px;
width: 98.4%;
padding-bottom: 20px;
}
.no_access_attachment:hover
{
background-color: rgb(240, 240, 240);
}

BIN
Web/static/img/banned_club_200.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 4.5 KiB

BIN
Web/static/img/camera_private_200.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 3.7 KiB

BIN
Web/static/img/club_200.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 3.8 KiB

BIN
Web/static/img/deleted_club_200.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 4.5 KiB

BIN
Web/static/img/tour/privacy.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 136 KiB

After

Width:  |  Height:  |  Size: 144 KiB

BIN
Web/static/img/tour/search.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 148 KiB

After

Width:  |  Height:  |  Size: 111 KiB

BIN
Web/static/img/tour/search2.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 131 KiB

After

Width:  |  Height:  |  Size: 153 KiB

2
install/sqls/00038-groups-deletions.sql Normal file
View file

@ -0,0 +1,2 @@
ALTER TABLE `groups` ADD `deleted` TINYINT(1) NOT NULL DEFAULT '0' AFTER `backdrop_2`;
ALTER TABLE `profiles` ADD `profile_type` TINYINT(1) NOT NULL DEFAULT '0' AFTER `client_name`;

58
locales/en.strings
View file

@ -149,6 +149,18 @@
"user_banned" = "Unfortunately, we had to block the <b>$1</b> user page.";
"user_banned_comment" = "Moderator's comment:";
"limited_access_to_page_m" = "$1 restricted access to his page.";
"limited_access_to_page_f" = "$1 restricted access to his page.";
"you_can_add" = "You can";
"add_to_friends_m" = "add him to friends.";
"add_to_friends_f" = "add her to friends.";
"register_to_access_page_m" = "Register to access his page.";
"register_to_access_page_f" = "Register to access her page.";
"private_profile_warning" = "This profile is closed, but you can access him, because you have admin rights.";
"private_profile_warning_desc" = "Please, respect privacy rights and don't abuse this ability.";
/* Wall */
@ -214,6 +226,10 @@
"reply" = "Reply";
"no_access_attachment" = "No access to attachment";
"no_access_post" = "No access to post";
"no_access_abstract" = "No access";
/* Friends */
"friends" = "Friends";
@ -330,6 +346,35 @@
"search_group" = "Search group";
"search_by_groups" = "Search by groups";
"search_group_desc" = "Here you can browse through the existing groups and choose a group to suit your needs...";
"owners_delete" = "Only group's creator can delete it.";
"owners_restore" = "Only group's creator can restore it?";
"delete_group" = "Delete group";
"restore_group" = "Restore group";
"group_deletion" = "Group deletion";
"trying_delete_group" = "You are going to delete this group. <br><br> Enter your password:";
"group_was_deleted" = "This group was deleted by owner.";
"group_was_blocked" = "This group was blocked.";
"deleted_f" = "Deleted";
"ban_reason_g" = "Block reason";
"ban_group" = "Ban club";
"ban_group_desc" = "You gonna to ban club named $1. <br><br>Enter ban reason:";
"unban_group" = "Unban club";
"go_to_owner" = "Go to owner's page";
"come_up_with_something_cool" = "come up with something cool";
"delete_every_post" = "Delete every post";
"unsubscribe_everyoune" = "Unsubscribe everyone";
"warn_owner_club" = "Warn groups creator";
"cant_ban_group" = "Can't delete club";
"your_club_was_banned" = "Your club named \"$1\" was banned. Reason: $2";
/* Albums */
@ -522,6 +567,9 @@
"privacy_value_only_me" = "Only me";
"privacy_value_only_me_dative" = "Only me";
"privacy_value_nobody" = "Nobody";
"profile_type" = "Profile type";
"profile_type_open" = "Open";
"profile_type_closed" = "Closed";
"your_email_address" = "Your Email address";
"your_page_address" = "Your address page";
@ -1353,6 +1401,7 @@
"tour_section_2_text_2_1" = "You can define exactly who can access certain types of information and sections on your page.";
"tour_section_2_text_2_2" = "You have the right to block access to your page from search engines and unregistered users.";
"tour_section_2_text_2_3" = "<b>Remember:</b> privacy settings will be expanded in the future.";
"tour_section_2_text_2_4" = "Also, you can make your profile private, by setting the \"profile type\".";
"tour_section_2_title_3" = "Profile URL";
"tour_section_2_text_3_1" = "After registering your page, you get a personal ID like <b>@id12345</b>";
"tour_section_2_text_3_2" = "The <b>default ID</b>, which was obtained after registration, <b>cannot be changed</b>";
@ -1370,8 +1419,8 @@
"tour_section_4_title_1" = "Search";
"tour_section_4_text_1" = "The &quot;Search&quot; section allows you to search for users and groups.";
"tour_section_4_text_2" = "This section of the site will be improved over time.";
"tour_section_4_text_1" = "The &quot;Search&quot; section allows you to search for users, groups, videos, comments, posts and apps.";
"tour_section_4_text_2" = "You can sort and filter search results.";
"tour_section_4_text_3" = "To start a search, you need to know the user's first (or last) name; and if you're looking for a group, you need to know its name.";
"tour_section_4_title_2" = "Quick Search";
"tour_section_4_text_4" = "If you want to save time in any way, the search bar is also available in the header of the site";
@ -1514,8 +1563,9 @@
"s_any" = "any";
"reset" = "Reset";
"closed_group_post" = "This is a post from private group";
"deleted_target_comment" = "This comment belongs to deleted post";
"dont_need_to_see_comment" = "No access to comment.";
"dont_need_to_see_post" = "No access to post.";
"dont_need_to_see_video" = "No access to video.";
"no_results" = "No results";

58
locales/ru.strings
View file

@ -132,6 +132,18 @@
"updated_at" = "Обновлено $1";
"user_banned" = "К сожалению, нам пришлось заблокировать страницу пользователя <b>$1</b>.";
"user_banned_comment" = "Комментарий модератора:";
"limited_access_to_page_m" = "$1 ограничил доступ к своей странице.";
"limited_access_to_page_f" = "$1 ограничила доступ к своей странице.";
"you_can_add" = "Вы можете";
"add_to_friends_m" = "добавить его в друзья.";
"add_to_friends_f" = "добавить её в друзья.";
"register_to_access_page_m" = "Зарегистрируйтесь, чтобы получить доступ к его странице.";
"register_to_access_page_f" = "Зарегистрируйтесь, чтобы получить доступ к её странице.";
"private_profile_warning" = "Этот профиль закрытый, но вы имеете к нему доступ, потому что вы — администратор.";
"private_profile_warning_desc" = "Пожалуйста, уважайте право на личную жизнь и не злоупотребляйте этой возможностью.";
/* Wall */
@ -191,6 +203,9 @@
"version_incompatibility" = "Не удалось отобразить это вложение. Возможно, база данных несовместима с текущей версией OpenVK.";
"graffiti" = "Граффити";
"reply" = "Ответить";
"no_access_attachment" = "Нет доступа к прикреплению";
"no_access_post" = "Нет доступа к записи";
"no_access_abstract" = "Нет доступа";
/* Friends */
@ -315,6 +330,36 @@
"search_by_groups" = "Поиск по группам";
"search_group_desc" = "Здесь Вы можете просмотреть существующие группы и выбрать группу себе по вкусу...";
"owners_delete" = "Только создатель группы может удалить её.";
"owners_restore" = "Только создатель группы может восстановить её?";
"delete_group" = "Удалить группу";
"restore_group" = "Восстановить группу";
"group_deletion" = "Удаление группы";
"trying_delete_group" = "Вы собираетесь удалить эту группу. <br><br> Введите ваш пароль:";
"group_was_deleted" = "Данная группа была удалена создателем.";
"group_was_blocked" = "Данная группа была заблокирована.";
"deleted_f" = "Удалена";
"ban_reason_g" = "Причина блокировки";
"ban_group" = "Заблокировать группу";
"ban_group_desc" = "Вы собираетесь заблокировать группу $1. <br><br>Введите причину блокировки:";
"unban_group" = "Разблокировать группу";
"go_to_owner" = "Перейти на страницу создателя";
"come_up_with_something_cool" = "придумайте что-нибудь крутое";
"delete_every_post" = "Удалить все записи";
"unsubscribe_everyoune" = "Отписать всех участников";
"warn_owner_club" = "Предупредить создателя группы";
"cant_ban_group" = "Не удалось заблокировать группу";
"your_club_was_banned" = "Ваша группа \"$1\" была заблокирована по причине $2";
"your_club_was_unbanned" = "Ваша группа \"$1\" была разблокирована";
/* Albums */
"create" = "Создать";
@ -496,6 +541,9 @@
"privacy_value_only_me" = "Только я";
"privacy_value_only_me_dative" = "Только мне";
"privacy_value_nobody" = "Никто";
"profile_type" = "Тип профиля";
"profile_type_open" = "Открытый";
"profile_type_closed" = "Закрытый";
"your_email_address" = "Адрес Вашей электронной почты";
"your_page_address" = "Адрес Вашей страницы";
"page_address" = "Адрес страницы";
@ -1246,6 +1294,7 @@
"tour_section_2_text_2_1" = "Вы можете определить, кто именно может иметь доступ к определенным типам информации, разделам и возможностям связаться на вашей странице.";
"tour_section_2_text_2_2" = "Вы имеете полное право закрыть доступ к своей странице от поисковых систем и незарегистрированных пользователей.";
"tour_section_2_text_2_3" = "<b>Помните:</b> в будущем настройки приватности будут расширяться.";
"tour_section_2_text_2_4" = "Так же вы можете сделать ваш профиль закрытым, задав соответствующую настройку \"Тип профиля\".";
"tour_section_2_title_3" = "Персональный адрес страницы";
"tour_section_2_text_3_1" = "После регистрации страницы, вам выдаётся персональный ID вида <b>@id12345</b>";
"tour_section_2_text_3_2" = "<b>Стандартный ID</b>, который был получен после регистрации, <b>изменить нельзя</b>";
@ -1263,8 +1312,8 @@
"tour_section_4_title_1" = "Поиск";
"tour_section_4_text_1" = "Раздел &quot;Поиск&quot; позволяет искать пользователей и группы.";
"tour_section_4_text_2" = "Данный раздел сайта со временем будет улучшаться.";
"tour_section_4_text_1" = "Раздел &quot;Поиск&quot; позволяет искать пользователей, групп, а так же комментарии, видео, посты и приложения.";
"tour_section_4_text_2" = "Результаты поиска можно сортировать и фильтровать.";
"tour_section_4_text_3" = "Для начала поиска нужно знать имя (или фамилию) пользователя; а если ищете группу, то нужно знать её название.";
"tour_section_4_title_2" = "Быстрый поиск";
"tour_section_4_text_4" = "Если вы хотите как-либо сэкономить время, то строка поиска доступна и в шапке сайта";
@ -1407,8 +1456,9 @@
"s_any" = "любой";
"reset" = "Сброс";
"closed_group_post" = "Эта запись из закрытой группы";
"deleted_target_comment" = "Этот комментарий принадлежит к удалённой записи";
"dont_need_to_see_comment" = "Нет доступа к комментарию.";
"dont_need_to_see_post" = "Нет доступа к записи.";
"dont_need_to_see_video" = "Нет доступа к видео.";
"no_results" = "Результатов нет";

58
locales/ru_old.strings
View file

@ -131,6 +131,20 @@
"information_about" = "О себѣ";
"updated_at" = "Новыя данные отражены $1";
"user_banned" = "К сожалѣнiю, нам прiшлось запрѣтiть страницу пользоватѣля <b>$1</b>.";
"user_banned_comment" = "Коммѣнтарiй модѣратора:";
"limited_access_to_page_m" = "$1 огранiчилъ доступъ к своей странiце.";
"limited_access_to_page_f" = "$1 огранiчила доступъ к своей странiце.";
"you_can_add" = "Вы можѣте";
"add_to_friends_m" = "добавiть его в знакомцы.";
"add_to_friends_f" = "добавiть её в знакомцы.";
"register_to_access_page_m" = "Зарѣгiстрируйтѣсь, чтобы получить доступъ к его странiце.";
"register_to_access_page_f" = "Зарѣгiстрируйтѣсь, чтобы получить доступъ к её странiце.";
"private_profile_warning" = "Эта страница закрытая, но вы имѣѣте к нѣму доступъ, потому что вы — боярiн.";
"private_profile_warning_desc" = "Пожалуйста, уважайте права крѣпостных и не злоупотрѣбляйте этой возможностью.";
/* Wall */
@ -277,6 +291,39 @@
"meetings_many" = "$1 встрѣчъ";
"meetings_other" = "$1 встрѣчъ";
"open_new_group" = "Открiть новую группу";
"open_group_desc" = "Нѣ можѣте найтi нужную группу? Откройтѣ свою...";
"search_group" = "Поiскъ группы";
"search_by_groups" = "Поiск по группамъ";
"search_group_desc" = "Здѣсь Вы можѣтѣ просмотрѣть сущѣствующиѣ группы i выбрать группу сѣбе по вкусу...";
"owners_delete" = "Только создатѣль группы можѣтъ удалiть её.";
"owners_restore" = "Только создатѣль группы можѣтъ восстановiть её?";
"delete_group" = "Удалiть группу";
"restore_group" = "Восстановiть группу";
"group_deletion" = "Удалѣнiѣ группы";
"trying_delete_group" = "Вы собiраѣтесь удалiть эту группу. <br><br> Введiте ваш шiфр:";
"group_was_deleted" = "Данная группа была удалѣна создатѣлѣм.";
"group_was_blocked" = "Данная группа была заблокирована.";
"deleted_f" = "Удалена";
"ban_reason_g" = "Прiчiна блокiровкi";
"ban_group" = "Заблокiровать группу";
"ban_group_desc" = "Вы собираѣтѣсь заблокiровать группу $1. <br><br>Введiте причину уничтожѣнiя:";
"unban_group" = "Разблокiровать группу";
"go_to_owner" = "Перейтi на странiцу создатѣля";
"come_up_with_something_cool" = "прумайте что-нiбудь забавноя";
"cant_ban_group" = "Не удалось заблокiровать группу";
"your_club_was_banned" = "Ваша группа \"$1\" была заблокiрована по причине $2";
"your_club_was_unbanned" = "Ваша группа \"$1\" была разблокiрована";
/* Albums */
"create" = "Создать";
@ -440,6 +487,10 @@
"privacy_value_only_me_dative" = "Мнѣ одному";
"privacy_value_nobody" = "Никому";
"profile_type" = "Тiп профiля";
"profile_type_open" = "Открытый";
"profile_type_closed" = "Закрытый";
"your_email_address" = "Адресъ Вашей электронной почты";
"your_page_address" = "Адресъ Вашей страницы";
"page_address" = "Адресъ страницы";
@ -772,5 +823,8 @@
"s_any" = "любой";
"reset" = "Сбросъ";
"closed_group_post" = "Это высказыванiе изъ закрытого общѣства";
"deleted_target_comment" = "Этотъ отзыв принадлѣжит к удалѣнному высказыванiю";
"dont_need_to_see_comment" = "Нѣтъ доступа к коммѣнтарiю.";
"dont_need_to_see_post" = "Нѣтъ доступа к запiсi.";
"dont_need_to_see_video" = "Нѣтъ доступа к вiдео.";
"no_results" = "Результатовъ нѣт";

59
locales/ru_sov.strings
View file

@ -137,6 +137,20 @@
"user_banned" = "Органу управления пришлось отправить <b>$1</b> под стражу.";
"user_banned_comment" = "Комментарий милиции:";
"limited_access_to_page_m" = "$1 частично ограничил доступ к своему досье.";
"limited_access_to_page_f" = "$1 частично ограничила доступ к своему досье.";
"you_can_add" = "Вы можете принять решение";
"add_to_friends_m" = "добавить его в товарищи.";
"add_to_friends_f" = "добавить её в товарищи.";
"register_to_access_page_m" = "Зарегистрируйтесь, чтобы увидеть его досье.";
"register_to_access_page_f" = "Зарегистрируйтесь, чтобы увидеть её досье.";
"private_profile_warning" = "Это досье закрытое, но вы имеете к нему доступ, потому что вы — администратор.";
"private_profile_warning_desc" = "Пожалуйста, не уважайте право на частную жизнь и злоупотребляйте этой возможностью.";
/* Wall */
"feed" = "Новостная газета";
@ -293,6 +307,40 @@
"meetings_many" = "$1 встреч";
"meetings_other" = "$1 встреч";
"open_new_group" = "Открыть новое собрание";
"open_group_desc" = "Не можете найти нужное собрание? Откройте своё...";
"search_group" = "Поиск собраний";
"search_by_groups" = "Поиск по собраниям";
"search_group_desc" = "Здесь Вы можете просмотреть существующие собрания и выбрать группу себе по вкусу...";
"owners_delete" = "Только создатель собрания может удалить её.";
"owners_restore" = "Только создатель собрания может восстановить её?";
"delete_group" = "Удалить собрание";
"restore_group" = "Восстановить собрание";
"group_deletion" = "Удаление собрания";
"trying_delete_group" = "Вы собираетесь удалить это собрание. <br><br> Введите ваше проходное слово:";
"group_was_deleted" = "Данное собрание было расформировано создателем.";
"group_was_blocked" = "Данное собрание было разогнано.";
"deleted_f" = "Удалена";
"ban_reason_g" = "Причина разогнания";
"ban_group" = "Заблокировать собрание";
"ban_group_desc" = "Вы собираетесь разогнать собрание $1. <br><br>Введите причину разогнать:";
"unban_group" = "Переформировать группу";
"go_to_owner" = "Перейти на досье главы";
"come_up_with_something_cool" = "придумайте что-нибудь доброе";
"cant_ban_group" = "Не удалось разогнать собрание";
"your_club_was_banned" = "Ваше собрание \"$1\" было заблокировано по причине $2";
"your_club_was_unbanned" = "Ваше собрание \"$1\" была разблокировано";
/* Albums */
"create" = "Создать";
@ -462,6 +510,10 @@
"privacy_value_only_me_dative" = "Только мне и КГБ";
"privacy_value_nobody" = "Никто";
"profile_type" = "Тип досье";
"profile_type_open" = "Открытый";
"profile_type_closed" = "Частично закрытый";
"your_email_address" = "Адрес Вашего почтового ящика";
"your_page_address" = "Адрес Вашего досье";
"page_address" = "Адрес досье";
@ -977,5 +1029,8 @@
"s_any" = "любой";
"reset" = "Сброс";
"closed_group_post" = "Эта запись из закрытого собрания";
"deleted_target_comment" = "Этот отзыв надлежит к удалённой записи";
"dont_need_to_see_comment" = "Здесь нет никакого комментария.";
"dont_need_to_see_post" = "Здесь нет никакой записи.";
"dont_need_to_see_video" = "Здесь нет никакой киноленты.";
"no_results" = "Результатов нет";

7
locales/uk.strings
View file

@ -1416,8 +1416,11 @@
"s_any" = "будь-який";
"reset" = "Очистити";
"closed_group_post" = "Цей допис з приватної групи";
"deleted_target_comment" = "Цей коментар належить до видаленого допису";
"dont_need_to_see_comment" = "Немає доступу до коментаря.";
"dont_need_to_see_post" = "Немає доступу до запису.";
"dont_need_to_see_video" = "Немає доступу до відео.";
"no_results" = "Немає результатів";
/* Mobile */

56
themepacks/midnight/stylesheet.css
View file

@ -115,6 +115,11 @@ a, .page_footer .link, #profile_link, .profile_link {
background-color: #163f13;
}
.msg.msg_yellow {
border-color:#534a22;
background-color:#2f2b19;
}
h4, .content_title_expanded, .summaryBar .summary, .content_title_unexpanded {
color: #7c94c5;
}
@ -137,11 +142,11 @@ h4, .content_title_expanded, .summaryBar .summary, .content_title_unexpanded {
}
.content_title_expanded {
background-image: url("/themepack/midnight/0.0.2.8/resource/flex_arrow_open.png") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/flex_arrow_open.png") !important;
}
.content_title_unexpanded {
background-image: url("/themepack/midnight/0.0.2.8/resource/flex_arrow_shut.gif") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/flex_arrow_shut.gif") !important;
}
.ovk-video > .preview, .video-preview {
@ -163,17 +168,17 @@ h4, .content_title_expanded, .summaryBar .summary, .content_title_unexpanded {
.page_yellowheader {
color: #c6d2e8;
background-image: url("/themepack/midnight/0.0.2.8/resource/header_purple.png") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/header_purple.png") !important;
background-color: #231f34;
border-color: #231f34;
}
.page_header {
background-image: url("/themepack/midnight/0.0.2.8/resource/header.png") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/header.png") !important;
}
.page_custom_header {
background-image: url("/themepack/midnight/0.0.2.8/resource/header_custom.png") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/header_custom.png") !important;
}
.page_yellowheader span, .page_yellowheader a {
@ -193,11 +198,11 @@ form[action="/search"] > input, .header_search_input, textarea, input[type="text
}
input[type="checkbox"] {
background-image: url("/themepack/midnight/0.0.2.8/resource/checkbox.png") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/checkbox.png") !important;
}
input[type="radio"] {
background-image: url("/themepack/midnight/0.0.2.8/resource/radio.png") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/radio.png") !important;
}
.header_navigation .link {
@ -205,19 +210,19 @@ input[type="radio"] {
}
.heart {
background-image: url("/themepack/midnight/0.0.2.8/resource/like.gif") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/like.gif") !important;
}
.pinned-mark, .post-author .pin {
background-image: url("/themepack/midnight/0.0.2.8/resource/pin.png") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/pin.png") !important;
}
.repost-icon {
background-image: url("/themepack/midnight/0.0.2.8/resource/published.gif") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/published.gif") !important;
}
.post-author .delete {
background-image: url("/themepack/midnight/0.0.2.8/resource/input_clear.gif") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/input_clear.gif") !important;
}
.user-alert {
@ -239,6 +244,33 @@ input[type="radio"] {
}
#backdropEditor {
background-image: url("/themepack/midnight/0.0.2.8/resource/backdrop-editor.gif") !important;
background-image: url("/themepack/midnight/0.0.2.9/resource/backdrop-editor.gif") !important;
border-color: #473e66 !important;
}
.no_access_attachment
{
border-color: white;
background-color: rgb(53, 52, 52);
}
.no_access_attachment:hover
{
background-color: #231e33;
}
.searchTips {
background: #181826;
border: 1px solid #2C2640;
border-top: 0px;
}
.searchTips td
{
color: #a48aff;
}
.searchTips .restip:hover
{
background: #202033;
}

2
themepacks/midnight/theme.yml
View file

@ -1,5 +1,5 @@
id: midnight
version: "0.0.2.8"
version: "0.0.2.9"
openvk_version: 0
enabled: 1
metadata: