2010-07-02 01:48:07 +02:00
< ? php
function profile_init ( & $a ) {
2011-04-22 02:29:47 +02:00
if (( get_config ( 'system' , 'block_public' )) && ( ! local_user ()) && ( ! remote_user ()))
return ;
2010-07-02 01:48:07 +02:00
if ( $a -> argc > 1 )
$which = $a -> argv [ 1 ];
else {
2010-09-09 05:14:17 +02:00
notice ( t ( 'No profile' ) . EOL );
2010-07-02 01:48:07 +02:00
$a -> error = 404 ;
return ;
}
2010-07-29 06:02:36 +02:00
$profile = 0 ;
2010-09-27 02:24:20 +02:00
if (( local_user ()) && ( $a -> argc > 2 ) && ( $a -> argv [ 2 ] === 'view' )) {
2010-07-29 06:02:36 +02:00
$which = $a -> user [ 'nickname' ];
$profile = $a -> argv [ 1 ];
}
2010-10-21 23:32:29 +02:00
2010-07-29 06:02:36 +02:00
profile_load ( $a , $which , $profile );
2010-08-11 01:54:36 +02:00
2011-02-27 23:17:42 +01:00
if (( x ( $a -> profile , 'page-flags' )) && ( $a -> profile [ 'page-flags' ] & PAGE_COMMUNITY )) {
$a -> page [ 'htmlhead' ] .= '<meta name="friendika.community" content="true" />' ;
}
2010-12-23 23:40:32 +01:00
if ( x ( $a -> profile , 'openidserver' ))
$a -> page [ 'htmlhead' ] .= '<link rel="openid.server" href="' . $a -> profile [ 'openidserver' ] . '" />' . " \r \n " ;
if ( x ( $a -> profile , 'openid' )) {
$delegate = (( strstr ( $a -> profile [ 'openid' ], '://' )) ? $a -> profile [ 'openid' ] : 'http://' . $a -> profile [ 'openid' ]);
$a -> page [ 'htmlhead' ] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . " \r \n " ;
2010-12-23 21:32:13 +01:00
}
2011-03-15 04:19:45 +01:00
$keywords = (( x ( $a -> profile , 'pub_keywords' )) ? $a -> profile [ 'pub_keywords' ] : '' );
$keywords = str_replace ( array ( ',' , ' ' , ',,' ), array ( ' ' , ',' , ',' ), $keywords );
if ( strlen ( $keywords ))
$a -> page [ 'htmlhead' ] .= '<meta name="keywords" content="' . $keywords . '" />' . " \r \n " ;
2010-10-21 23:32:29 +02:00
$a -> page [ 'htmlhead' ] .= '<meta name="dfrn-global-visibility" content="' . (( $a -> profile [ 'net-publish' ]) ? 'true' : 'false' ) . '" />' . " \r \n " ;
$a -> page [ 'htmlhead' ] .= '<link rel="alternate" type="application/atom+xml" href="' . $a -> get_baseurl () . '/dfrn_poll/' . $which . '" />' . " \r \n " ;
2010-10-23 10:20:26 +02:00
$uri = urlencode ( 'acct:' . $a -> profile [ 'nickname' ] . '@' . $a -> get_hostname () . (( $a -> path ) ? '/' . $a -> path : '' ));
2010-10-21 23:32:29 +02:00
$a -> page [ 'htmlhead' ] .= '<link rel="lrdd" type="application/xrd+xml" href="' . $a -> get_baseurl () . '/xrd/?uri=' . $uri . '" />' . " \r \n " ;
2010-11-11 11:49:28 +01:00
header ( 'Link: <' . $a -> get_baseurl () . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"' , false );
2010-12-23 23:40:32 +01:00
2010-07-02 01:48:07 +02:00
$dfrn_pages = array ( 'request' , 'confirm' , 'notify' , 'poll' );
foreach ( $dfrn_pages as $dfrn )
$a -> page [ 'htmlhead' ] .= " <link rel= \" dfrn- { $dfrn } \" href= \" " . $a -> get_baseurl () . " /dfrn_ { $dfrn } / { $which } \" /> \r \n " ;
2010-07-08 16:03:25 +02:00
2010-07-02 01:48:07 +02:00
}
2010-09-21 04:34:44 +02:00
function profile_content ( & $a , $update = 0 ) {
2011-05-25 01:30:52 +02:00
if ( get_config ( 'system' , 'block_public' ) && ( ! local_user ()) && ( ! remote_user ())) {
2011-04-22 03:39:07 +02:00
return login ();
2011-04-22 02:29:47 +02:00
}
2010-07-02 01:48:07 +02:00
require_once ( " include/bbcode.php " );
require_once ( 'include/security.php' );
2011-04-13 02:58:16 +02:00
require_once ( 'include/conversation.php' );
2011-04-20 14:51:02 +02:00
require_once ( 'include/acl_selectors.php' );
2010-07-12 08:10:52 +02:00
$groups = array ();
2010-07-11 04:43:55 +02:00
$tab = 'posts' ;
2010-10-30 22:25:37 +02:00
$o = '' ;
2010-07-11 04:43:55 +02:00
2010-08-20 02:23:13 +02:00
if ( $update ) {
// Ensure we've got a profile owner if updating.
2010-09-21 04:34:44 +02:00
$a -> profile [ 'profile_uid' ] = $update ;
2010-08-20 02:23:13 +02:00
}
else {
2010-10-18 23:34:59 +02:00
if ( $a -> profile [ 'profile_uid' ] == local_user ())
2010-09-19 06:29:22 +02:00
$o .= '<script> $(document).ready(function() { $(\'#nav-home-link\').addClass(\'nav-selected\'); });</script>' ;
2010-07-28 14:01:52 +02:00
}
2010-07-26 07:51:45 +02:00
2010-08-20 02:23:13 +02:00
$contact = null ;
$remote_contact = false ;
2010-07-12 08:10:52 +02:00
if ( remote_user ()) {
2010-07-06 06:39:55 +02:00
$contact_id = $_SESSION [ 'visitor_id' ];
2010-07-12 08:10:52 +02:00
$groups = init_groups_visitor ( $contact_id );
2010-08-14 16:55:18 +02:00
$r = q ( " SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1 " ,
intval ( $contact_id ),
2010-08-20 02:23:13 +02:00
intval ( $a -> profile [ 'profile_uid' ])
2010-08-14 16:55:18 +02:00
);
2010-08-20 02:23:13 +02:00
if ( count ( $r )) {
2010-08-14 16:55:18 +02:00
$contact = $r [ 0 ];
2010-08-20 02:23:13 +02:00
$remote_contact = true ;
}
2010-07-12 08:10:52 +02:00
}
2010-08-20 02:23:13 +02:00
if ( ! $remote_contact ) {
2010-08-19 13:59:31 +02:00
if ( local_user ()) {
$contact_id = $_SESSION [ 'cid' ];
$contact = $a -> contact ;
}
2010-07-06 06:39:55 +02:00
}
2010-10-20 05:52:05 +02:00
$is_owner = (( local_user ()) && ( local_user () == $a -> profile [ 'profile_uid' ]) ? true : false );
2011-05-28 09:42:01 +02:00
2011-05-28 09:49:03 +02:00
if ( $a -> profile [ 'hidewall' ] && ( ! $is_owner ) && ( ! $remote_contact )) {
2011-05-28 09:42:01 +02:00
notice ( t ( 'Access to this profile has been restricted.' ) . EOL );
return ;
}
2010-12-06 03:08:36 +01:00
2010-08-20 02:23:13 +02:00
if ( ! $update ) {
2010-07-25 00:21:33 +02:00
if ( x ( $_GET , 'tab' ))
$tab = notags ( trim ( $_GET [ 'tab' ]));
2010-07-02 01:48:07 +02:00
2011-05-11 13:37:13 +02:00
$tpl = get_markup_template ( 'profile_tabs.tpl' );
2010-07-13 03:00:58 +02:00
2010-07-02 01:48:07 +02:00
$o .= replace_macros ( $tpl , array (
2010-08-06 06:15:24 +02:00
'$url' => $a -> get_baseurl () . '/' . $a -> cmd ,
2011-03-21 12:10:08 +01:00
'$phototab' => $a -> get_baseurl () . '/photos/' . $a -> profile [ 'nickname' ],
2011-03-21 23:12:40 +01:00
'$status' => t ( 'Status' ),
2011-03-21 12:10:08 +01:00
'$profile' => t ( 'Profile' ),
'$photos' => t ( 'Photos' )
2010-07-02 01:48:07 +02:00
));
2010-07-24 15:56:02 +02:00
2010-09-27 02:24:20 +02:00
if ( $tab === 'profile' ) {
2011-04-08 08:10:43 +02:00
require_once ( 'include/profile_advanced.php' );
$o .= advanced_profile ( $a );
2010-12-23 05:23:41 +01:00
call_hooks ( 'profile_advanced' , $o );
2010-07-25 00:21:33 +02:00
return $o ;
}
2010-12-06 03:08:36 +01:00
$commpage = (( $a -> profile [ 'page-flags' ] == PAGE_COMMUNITY ) ? true : false );
$commvisitor = (( $commpage && $remote_contact == true ) ? true : false );
2010-10-18 09:43:49 +02:00
$celeb = ((( $a -> profile [ 'page-flags' ] == PAGE_SOAPBOX ) || ( $a -> profile [ 'page-flags' ] == PAGE_COMMUNITY )) ? true : false );
2010-10-20 05:52:05 +02:00
2010-12-06 03:08:36 +01:00
if ( can_write_wall ( $a , $a -> profile [ 'profile_uid' ])) {
2010-10-20 05:52:05 +02:00
2011-04-20 14:48:12 +02:00
$x = array (
'is_owner' => $is_owner ,
'allow_location' => ((( $is_owner || $commvisitor ) && $a -> profile [ 'allow_location' ]) ? true : false ),
'default_location' => (( $is_owner ) ? $a -> user [ 'default-location' ] : '' ),
'nickname' => $a -> profile [ 'nickname' ],
'lockstate' => ((( is_array ( $a -> user ) && (( strlen ( $a -> user [ 'allow_cid' ])) || ( strlen ( $a -> user [ 'allow_gid' ])) || ( strlen ( $a -> user [ 'deny_cid' ])) || ( strlen ( $a -> user [ 'deny_gid' ]))))) ? 'lock' : 'unlock' ),
'acl' => (( $is_owner ) ? populate_acl ( $a -> user , $celeb ) : '' ),
'bang' => '' ,
'visitor' => (( $is_owner || $commvisitor ) ? 'block' : 'none' ),
'profile_uid' => $a -> profile [ 'profile_uid' ]
);
$o .= status_editor ( $a , $x );
2010-07-25 00:21:33 +02:00
}
2010-09-21 04:34:44 +02:00
// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
// because browser prefetching might change it on us. We have to deliver it with the page.
2011-02-17 09:40:35 +01:00
if ( $tab === 'posts' ) {
2010-09-21 07:27:33 +02:00
$o .= '<div id="live-profile"></div>' . " \r \n " ;
2011-02-17 09:40:35 +01:00
$o .= " <script> var profile_uid = " . $a -> profile [ 'profile_uid' ]
. " ; var netargs = ''; var profile_page = " . $a -> pager [ 'page' ] . " ; </script> \r \n " ;
2010-09-21 07:27:33 +02:00
}
2010-07-25 00:21:33 +02:00
}
2010-07-02 01:48:07 +02:00
2010-10-20 05:52:05 +02:00
// Construct permissions
2010-07-12 08:10:52 +02:00
2010-07-17 16:03:06 +02:00
// default permissions - anonymous user
2010-07-12 08:10:52 +02:00
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' " ;
// Profile owner - everything is visible
2010-07-02 01:48:07 +02:00
2010-10-30 07:18:05 +02:00
if ( $is_owner ) {
2010-07-12 08:10:52 +02:00
$sql_extra = '' ;
2010-07-20 14:21:19 +02:00
// Oh - while we're here... reset the Unseen messages
$r = q ( " UPDATE `item` SET `unseen` = 0
2011-05-21 04:28:48 +02:00
WHERE `wall` = 1 AND `unseen` = 1 AND `uid` = % d " ,
2010-07-20 14:21:19 +02:00
intval ( $_SESSION [ 'uid' ])
);
}
2010-07-02 01:48:07 +02:00
2010-07-12 08:10:52 +02:00
// authenticated visitor - here lie dragons
2010-08-20 02:23:13 +02:00
// If $remotecontact is true, we know that not only is this a remotely authenticated
// person, but that it is *our* contact, which is important in multi-user mode.
elseif ( $remote_contact ) {
2010-07-12 08:10:52 +02:00
$gs = '<<>>' ; // should be impossible to match
if ( count ( $groups )) {
foreach ( $groups as $g )
2010-07-13 11:00:53 +02:00
$gs .= '|<' . intval ( $g ) . '>' ;
2010-07-12 08:10:52 +02:00
}
$sql_extra = sprintf (
" AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
2010-07-19 08:23:18 +02:00
AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s' ) " ,
2010-07-12 08:10:52 +02:00
2010-07-13 08:08:07 +02:00
intval ( $_SESSION [ 'visitor_id' ]),
intval ( $_SESSION [ 'visitor_id' ]),
2010-07-13 11:00:53 +02:00
dbesc ( $gs ),
dbesc ( $gs )
2010-07-02 01:48:07 +02:00
);
2010-07-12 08:10:52 +02:00
}
2010-07-02 01:48:07 +02:00
2010-07-12 08:10:52 +02:00
$r = q ( " SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact` . `id` = `item` . `contact-id`
WHERE `item` . `uid` = % d AND `item` . `visible` = 1 AND `item` . `deleted` = 0
2010-08-13 09:43:44 +02:00
AND `contact` . `blocked` = 0 AND `contact` . `pending` = 0
2011-03-28 04:53:36 +02:00
AND `item` . `id` = `item` . `parent` AND `item` . `wall` = 1
2010-07-12 08:10:52 +02:00
$sql_extra " ,
2010-08-20 02:23:13 +02:00
intval ( $a -> profile [ 'profile_uid' ])
2010-07-06 06:39:55 +02:00
2010-07-12 08:10:52 +02:00
);
2010-07-06 06:39:55 +02:00
2011-03-28 04:53:36 +02:00
if ( count ( $r )) {
2010-07-12 08:10:52 +02:00
$a -> set_pager_total ( $r [ 0 ][ 'total' ]);
2011-03-28 04:53:36 +02:00
$a -> set_pager_itemspage ( 40 );
}
2010-07-17 16:03:06 +02:00
2011-03-28 04:53:36 +02:00
$r = q ( " SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact-uid`
2010-07-12 08:10:52 +02:00
FROM `item` LEFT JOIN `contact` ON `contact` . `id` = `item` . `contact-id`
WHERE `item` . `uid` = % d AND `item` . `visible` = 1 AND `item` . `deleted` = 0
2010-08-13 09:43:44 +02:00
AND `contact` . `blocked` = 0 AND `contact` . `pending` = 0
2011-03-28 04:53:36 +02:00
AND `item` . `id` = `item` . `parent` AND `item` . `wall` = 1
2010-07-12 08:10:52 +02:00
$sql_extra
2011-03-28 04:59:27 +02:00
ORDER BY `item` . `created` DESC LIMIT % d , % d " ,
2010-08-20 02:23:13 +02:00
intval ( $a -> profile [ 'profile_uid' ]),
2010-07-12 08:10:52 +02:00
intval ( $a -> pager [ 'start' ]),
intval ( $a -> pager [ 'itemspage' ])
);
2010-07-02 01:48:07 +02:00
2011-03-28 04:53:36 +02:00
$parents_arr = array ();
$parents_str = '' ;
if ( count ( $r )) {
foreach ( $r as $rr )
$parents_arr [] = $rr [ 'item_id' ];
$parents_str = implode ( ', ' , $parents_arr );
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `network` , `contact` . `rel` ,
2011-04-11 12:22:09 +02:00
`contact` . `thumb` , `contact` . `self` , `contact` . `writable` ,
2011-03-28 04:53:36 +02:00
`contact` . `id` AS `cid` , `contact` . `uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact` . `id` = `item` . `contact-id`
WHERE `item` . `uid` = % d AND `item` . `visible` = 1 AND `item` . `deleted` = 0
AND `contact` . `blocked` = 0 AND `contact` . `pending` = 0
AND `item` . `parent` IN ( % s )
$sql_extra
ORDER BY `parent` DESC , `gravity` ASC , `item` . `id` ASC " ,
intval ( $a -> profile [ 'profile_uid' ]),
dbesc ( $parents_str )
);
}
2011-01-14 05:28:33 +01:00
if ( $is_owner && ! $update )
2011-01-17 01:40:09 +01:00
$o .= get_birthdays ();
2011-01-14 05:28:33 +01:00
2010-07-12 08:10:52 +02:00
2010-09-17 12:10:19 +02:00
2011-04-12 00:45:19 +02:00
$o .= conversation ( $a , $r , 'profile' , $update );
2010-07-17 08:14:37 +02:00
2010-09-21 06:26:18 +02:00
2011-04-11 08:01:38 +02:00
if ( ! $update ) {
2010-07-25 00:21:33 +02:00
2011-04-11 08:01:38 +02:00
$o .= paginate ( $a );
$o .= '<div class="cc-license">' . t ( 'Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.' ) . '</div>' ;
}
2011-01-23 23:56:14 +01:00
2010-07-02 01:48:07 +02:00
return $o ;
2010-12-23 21:32:13 +01:00
}