diff --git a/include/api.php b/include/api.php
index c2a77bdcd8..88736e1f0d 100644
--- a/include/api.php
+++ b/include/api.php
@@ -247,7 +247,7 @@ function api_login(App $a)
 	*/
 	Hook::callAll('authenticate', $addon_auth);
 
-	if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) {
+	if ($addon_auth['authenticated'] && !empty($addon_auth['user_record'])) {
 		$record = $addon_auth['user_record'];
 	} else {
 		$user_id = User::authenticate(trim($user), trim($password), true);
@@ -1021,7 +1021,7 @@ function api_statuses_mediap($type)
 
 	$_REQUEST['profile_uid'] = api_user();
 	$_REQUEST['api_source'] = true;
-	$txt = requestdata('status');
+	$txt = requestdata('status') ?? '';
 	/// @TODO old-lost code?
 	//$txt = urldecode(requestdata('status'));
 
@@ -1076,7 +1076,7 @@ function api_statuses_update($type)
 
 	// convert $_POST array items to the form we use for web posts.
 	if (requestdata('htmlstatus')) {
-		$txt = requestdata('htmlstatus');
+		$txt = requestdata('htmlstatus') ?? '';
 		if ((strpos($txt, '<') !== false) || (strpos($txt, '>') !== false)) {
 			$txt = HTML::toBBCodeVideo($txt);
 
@@ -1157,30 +1157,56 @@ function api_statuses_update($type)
 		}
 	}
 
-	if (!empty($_FILES['media'])) {
+	if (requestdata('media_ids')) {
+		$ids = explode(',', requestdata('media_ids') ?? '');
+	} elseif (!empty($_FILES['media'])) {
 		// upload the image if we have one
 		$picture = wall_upload_post($a, false);
 		if (is_array($picture)) {
-			$_REQUEST['body'] .= "\n\n" . '[url=' . $picture["albumpage"] . '][img]' . $picture["preview"] . "[/img][/url]";
+			$ids[] = $picture['id'];
 		}
 	}
 
-	if (requestdata('media_ids')) {
-		$ids = explode(',', requestdata('media_ids'));
+	$attachments = [];
+	$ressources = [];
+
+	if (!empty($ids)) {
 		foreach ($ids as $id) {
-			$r = q(
-				"SELECT `resource-id`, `scale`, `nickname`, `type`, `desc` FROM `photo` INNER JOIN `user` ON `user`.`uid` = `photo`.`uid` WHERE `resource-id` IN (SELECT `resource-id` FROM `photo` WHERE `id` = %d) AND `scale` > 0 AND `photo`.`uid` = %d ORDER BY `photo`.`width` DESC LIMIT 1",
-				intval($id),
-				api_user()
-			);
-			if (DBA::isResult($r)) {
+			$media = DBA::toArray(DBA::p("SELECT `resource-id`, `scale`, `nickname`, `type`, `desc`, `filename`, `datasize`, `width`, `height` FROM `photo`
+					INNER JOIN `user` ON `user`.`uid` = `photo`.`uid` WHERE `resource-id` IN
+						(SELECT `resource-id` FROM `photo` WHERE `id` = ?) AND `photo`.`uid` = ?
+					ORDER BY `photo`.`width` DESC LIMIT 2", $id, api_user()));
+				
+			if (!empty($media)) {
+				$ressources[] = $media[0]['resource-id'];
 				$phototypes = Images::supportedTypes();
-				$ext = $phototypes[$r[0]['type']];
-				$description = $r[0]['desc'] ?? '';
-				$_REQUEST['body'] .= "\n\n" . '[url=' . DI::baseUrl() . '/photos/' . $r[0]['nickname'] . '/image/' . $r[0]['resource-id'] . ']';
-				$_REQUEST['body'] .= '[img=' . DI::baseUrl() . '/photo/' . $r[0]['resource-id'] . '-' . $r[0]['scale'] . '.' . $ext . ']' . $description . '[/img][/url]';
+				$ext = $phototypes[$media[0]['type']];
+			
+				$attachment = ['type' => Post\Media::IMAGE, 'mimetype' => $media[0]['type'],
+					'url' => DI::baseUrl() . '/photo/' . $media[0]['resource-id'] . '-' . $media[0]['scale'] . '.' . $ext,
+					'size' => $media[0]['datasize'],
+					'name' => $media[0]['filename'] ?: $media[0]['resource-id'],
+					'description' => $media[0]['desc'] ?? '',
+					'width' => $media[0]['width'],
+					'height' => $media[0]['height']];
+			
+				if (count($media) > 1) {
+					$attachment['preview'] = DI::baseUrl() . '/photo/' . $media[1]['resource-id'] . '-' . $media[1]['scale'] . '.' . $ext;
+					$attachment['preview-width'] = $media[1]['width'];
+					$attachment['preview-height'] = $media[1]['height'];
+				}
+				$attachments[] = $attachment;
 			}
 		}
+
+		// We have to avoid that the post is rejected because of an empty body
+		if (empty($_REQUEST['body'])) {
+			$_REQUEST['body'] = '[hr]'; 
+		}
+	}
+
+	if (!empty($attachments)) {
+		$_REQUEST['attachments'] = $attachments;
 	}
 
 	// set this so that the item_post() function is quiet and doesn't redirect or emit json
@@ -1194,6 +1220,13 @@ function api_statuses_update($type)
 	// call out normal post function
 	$item_id = item_post($a);
 
+	if (!empty($ressources) && !empty($item_id)) {
+		$item = Post::selectFirst(['uri-id', 'allow_cid', 'allow_gid', 'deny_cid', 'deny_gid'], ['id' => $item_id]);
+		foreach ($ressources as $ressource) {
+			Photo::setPermissionForRessource($ressource, api_user(), $item['allow_cid'], $item['allow_gid'], $item['deny_cid'], $item['deny_gid']);
+		}
+	}
+
 	// output the post that we just posted.
 	return api_status_show($type, $item_id);
 }
@@ -2534,7 +2567,7 @@ function api_convert_item($item)
 		$statustext = mb_substr($statustext, 0, 1000) . "... \n" . ($item['plink'] ?? '');
 	}
 
-	$statushtml = BBCode::convert(BBCode::removeAttachment($body), false);
+	$statushtml = BBCode::convert(BBCode::removeAttachment($body), false, BBCode::API, true);
 
 	// Workaround for clients with limited HTML parser functionality
 	$search = ["<br>", "<blockquote>", "</blockquote>",
@@ -2585,25 +2618,7 @@ function api_convert_item($item)
  */
 function api_add_attachments_to_body(array $item)
 {
-	$body = $item['body'];
-
-	foreach (Post\Media::getByURIId($item['uri-id'], [Post\Media::IMAGE, Post\Media::AUDIO, Post\Media::VIDEO]) as $media) {
-		if (Item::containsLink($item['body'], $media['url'])) {
-			continue;
-		}
-
-		if ($media['type'] == Post\Media::IMAGE) {
-			if (!empty($media['description'])) {
-				$body .= "\n[img=" . $media['url'] . ']' . $media['description'] .'[/img]';
-			} else {
-				$body .= "\n[img]" . $media['url'] .'[/img]';
-			}
-		} elseif ($media['type'] == Post\Media::AUDIO) {
-			$body .= "\n[audio]" . $media['url'] . "[/audio]\n";
-		} elseif ($media['type'] == Post\Media::VIDEO) {
-			$body .= "\n[video]" . $media['url'] . "[/video]\n";
-		}
-	}
+	$body = Post\Media::addAttachmentsToBody($item['uri-id'], $item['body']);
 
 	if (strpos($body, '[/img]') !== false) {
 		return $body;
diff --git a/mod/item.php b/mod/item.php
index 04e7c7c39c..71793f14dc 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -614,7 +614,8 @@ function item_post(App $a) {
 	$datarray['origin']        = $origin;
 	$datarray['object']        = $object;
 
-	$datarray["uri-id"]        = ItemURI::getIdByURI($datarray["uri"]);
+	$datarray['uri-id']        = ItemURI::getIdByURI($datarray['uri']);
+	$datarray['attachments']   = $_REQUEST['attachments'] ?? [];
 
 	/*
 	 * These fields are for the convenience of addons...
diff --git a/src/Model/Item.php b/src/Model/Item.php
index 1d8742926d..13da8ec75b 100644
--- a/src/Model/Item.php
+++ b/src/Model/Item.php
@@ -21,7 +21,6 @@
 
 namespace Friendica\Model;
 
-use Friendica\Content\PageInfo;
 use Friendica\Content\Text\BBCode;
 use Friendica\Content\Text\HTML;
 use Friendica\Core\Hook;
@@ -960,7 +959,13 @@ class Item
 			self::setOwnerforResharedItem($item);
 		}
 
-		Post\Media::insertFromAttachmentData($item['uri-id'], $item['body']);
+		if (isset($item['attachments'])) {
+			foreach ($item['attachments'] as $attachment) {
+				$attachment['uri-id'] = $item['uri-id'];
+				Post\Media::insert($attachment);
+			}
+			unset($item['attachments']);
+		}
 
 		// Remove all media attachments from the body and store them in the post-media table
 		$item['raw-body'] = Post\Media::insertFromBody($item['uri-id'], $item['raw-body']);
@@ -2884,6 +2889,20 @@ class Item
 		DI::profiler()->saveTimestamp($stamp1, 'rendering');
 
 		if (isset($data['url']) && !in_array($data['url'], $ignore_links)) {
+			$parts = parse_url($data['url']);
+			if (!empty($parts['scheme']) && !empty($parts['host'])) {
+				if (empty($data['provider_name'])) {
+					$data['provider_name'] = $parts['host'];
+				}
+				if (empty($data['provider_url']) || empty(parse_url($data['provider_url'], PHP_URL_SCHEME))) {
+					$data['provider_url'] = $parts['scheme'] . '://' . $parts['host'];
+
+					if (!empty($parts['port'])) {
+						$data['provider_url'] .= ':' . $parts['port'];
+					}
+				}
+			}
+
 			// @todo Use a template
 			$rendered = BBCode::convertAttachment('', BBCode::INTERNAL, false, $data);
 			if ($shared) {
diff --git a/src/Model/Photo.php b/src/Model/Photo.php
index 567a17d5b5..41b41fd6f5 100644
--- a/src/Model/Photo.php
+++ b/src/Model/Photo.php
@@ -726,18 +726,35 @@ class Photo
 			 * Then set the permissions to public.
 			 */
 
-			$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
-					'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny,
-					'accessible' => DI::pConfig()->get($uid, 'system', 'accessible-photos', false)];
-
-			$condition = ['resource-id' => $image_rid, 'uid' => $uid];
-			Logger::info('Set permissions', ['condition' => $condition, 'permissions' => $fields]);
-			Photo::update($fields, $condition);
+			self::setPermissionForRessource($image_rid, $uid, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
 		}
 
 		return true;
 	}
 
+	/**
+	 * Add permissions to photo ressource
+	 * @todo mix with previous photo permissions
+	 * 
+	 * @param string $image_rid
+	 * @param integer $uid
+	 * @param string $str_contact_allow
+	 * @param string $str_group_allow
+	 * @param string $str_contact_deny
+	 * @param string $str_group_deny
+	 * @return void
+	 */
+	public static function setPermissionForRessource(string $image_rid, int $uid, string $str_contact_allow, string $str_group_allow, string $str_contact_deny, string $str_group_deny)
+	{
+		$fields = ['allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow,
+		'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny,
+		'accessible' => DI::pConfig()->get($uid, 'system', 'accessible-photos', false)];
+
+		$condition = ['resource-id' => $image_rid, 'uid' => $uid];
+		Logger::info('Set permissions', ['condition' => $condition, 'permissions' => $fields]);
+		Photo::update($fields, $condition);
+	}
+
 	/**
 	 * Strips known picture extensions from picture links
 	 *
diff --git a/src/Model/Post/Delayed.php b/src/Model/Post/Delayed.php
index 8182dfdd8e..2097f0f537 100644
--- a/src/Model/Post/Delayed.php
+++ b/src/Model/Post/Delayed.php
@@ -112,6 +112,10 @@ class Delayed
 	 */
 	public static function publish(array $item, int $notify = 0, array $taglist = [], array $attachments = [], bool $unprepared = false, string $uri = '')
 	{
+		if (!empty($attachments)) {
+			$item['attachments'] = $attachments;
+		}
+
 		if ($unprepared) {
 			$_SESSION['authenticated'] = true;
 			$_SESSION['uid'] = $item['uid'];
@@ -157,11 +161,6 @@ class Delayed
 			foreach ($taglist as $tag) {
 				Tag::store($feeditem['uri-id'], Tag::HASHTAG, $tag);
 			}
-
-			foreach ($attachments as $attachment) {
-				$attachment['uri-id'] = $feeditem['uri-id'];
-				Media::insert($attachment);
-			}
 		}
 
 		return $id;
diff --git a/src/Protocol/Feed.php b/src/Protocol/Feed.php
index 65af597f16..ebd6f5ed30 100644
--- a/src/Protocol/Feed.php
+++ b/src/Protocol/Feed.php
@@ -29,11 +29,9 @@ use Friendica\Content\Text\HTML;
 use Friendica\Core\Cache\Duration;
 use Friendica\Core\Logger;
 use Friendica\Core\Protocol;
-use Friendica\Core\Worker;
 use Friendica\Database\DBA;
 use Friendica\DI;
 use Friendica\Model\Contact;
-use Friendica\Model\Conversation;
 use Friendica\Model\Item;
 use Friendica\Model\Post;
 use Friendica\Model\Tag;