Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

profile.php 12KB

10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
8 years ago
10 years ago
9 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
10 years ago
9 years ago
10 years ago
10 years ago
10 years ago
10 years ago
3 years ago
8 years ago
3 years ago
3 years ago
10 years ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348
  1. <?php
  2. require_once('include/contact_widgets.php');
  3. require_once('include/redir.php');
  4. function profile_init(App $a) {
  5. if(! x($a->page,'aside'))
  6. $a->page['aside'] = '';
  7. if($a->argc > 1)
  8. $which = htmlspecialchars($a->argv[1]);
  9. else {
  10. $r = q("select nickname from user where blocked = 0 and account_expired = 0 and account_removed = 0 and verified = 1 order by rand() limit 1");
  11. if (dbm::is_result($r)) {
  12. goaway(App::get_baseurl() . '/profile/' . $r[0]['nickname']);
  13. }
  14. else {
  15. logger('profile error: mod_profile ' . $a->query_string, LOGGER_DEBUG);
  16. notice( t('Requested profile is not available.') . EOL );
  17. $a->error = 404;
  18. return;
  19. }
  20. }
  21. $profile = 0;
  22. if((local_user()) && ($a->argc > 2) && ($a->argv[2] === 'view')) {
  23. $which = $a->user['nickname'];
  24. $profile = htmlspecialchars($a->argv[1]);
  25. }
  26. else {
  27. auto_redir($a, $which);
  28. }
  29. profile_load($a,$which,$profile);
  30. $blocked = (((get_config('system','block_public')) && (! local_user()) && (! remote_user())) ? true : false);
  31. $userblock = (($a->profile['hidewall'] && (! local_user()) && (! remote_user())) ? true : false);
  32. if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) {
  33. $a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />';
  34. }
  35. if (x($a->profile,'openidserver')) {
  36. $a->page['htmlhead'] .= '<link rel="openid.server" href="' . $a->profile['openidserver'] . '" />' . "\r\n";
  37. }
  38. if (x($a->profile,'openid')) {
  39. $delegate = ((strstr($a->profile['openid'],'://')) ? $a->profile['openid'] : 'https://' . $a->profile['openid']);
  40. $a->page['htmlhead'] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\r\n";
  41. }
  42. // site block
  43. if ((! $blocked) && (! $userblock)) {
  44. $keywords = ((x($a->profile,'pub_keywords')) ? $a->profile['pub_keywords'] : '');
  45. $keywords = str_replace(array('#',',',' ',',,'),array('',' ',',',','),$keywords);
  46. if(strlen($keywords))
  47. $a->page['htmlhead'] .= '<meta name="keywords" content="' . $keywords . '" />' . "\r\n" ;
  48. }
  49. $a->page['htmlhead'] .= '<meta name="dfrn-global-visibility" content="' . (($a->profile['net-publish']) ? 'true' : 'false') . '" />' . "\r\n" ;
  50. $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . App::get_baseurl() . '/dfrn_poll/' . $which .'" />' . "\r\n" ;
  51. $uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->get_hostname() . (($a->path) ? '/' . $a->path : ''));
  52. $a->page['htmlhead'] .= '<link rel="lrdd" type="application/xrd+xml" href="' . App::get_baseurl() . '/xrd/?uri=' . $uri . '" />' . "\r\n";
  53. header('Link: <' . App::get_baseurl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false);
  54. $dfrn_pages = array('request', 'confirm', 'notify', 'poll');
  55. foreach ($dfrn_pages as $dfrn) {
  56. $a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"".App::get_baseurl()."/dfrn_{$dfrn}/{$which}\" />\r\n";
  57. }
  58. $a->page['htmlhead'] .= "<link rel=\"dfrn-poco\" href=\"".App::get_baseurl()."/poco/{$which}\" />\r\n";
  59. }
  60. function profile_content(App $a, $update = 0) {
  61. $category = $datequery = $datequery2 = '';
  62. if ($a->argc > 2) {
  63. for ($x = 2; $x < $a->argc; $x ++) {
  64. if (is_a_date_arg($a->argv[$x])) {
  65. if ($datequery) {
  66. $datequery2 = escape_tags($a->argv[$x]);
  67. } else {
  68. $datequery = escape_tags($a->argv[$x]);
  69. }
  70. } else {
  71. $category = $a->argv[$x];
  72. }
  73. }
  74. }
  75. if (! x($category)) {
  76. $category = ((x($_GET,'category')) ? $_GET['category'] : '');
  77. }
  78. if (get_config('system','block_public') && (! local_user()) && (! remote_user())) {
  79. return login();
  80. }
  81. require_once("include/bbcode.php");
  82. require_once('include/security.php');
  83. require_once('include/conversation.php');
  84. require_once('include/acl_selectors.php');
  85. require_once('include/items.php');
  86. $groups = array();
  87. $tab = 'posts';
  88. $o = '';
  89. if ($update) {
  90. // Ensure we've got a profile owner if updating.
  91. $a->profile['profile_uid'] = $update;
  92. } elseif ($a->profile['profile_uid'] == local_user()) {
  93. nav_set_selected('home');
  94. }
  95. $contact = null;
  96. $remote_contact = false;
  97. $contact_id = 0;
  98. if (is_array($_SESSION['remote'])) {
  99. foreach ($_SESSION['remote'] as $v) {
  100. if ($v['uid'] == $a->profile['profile_uid']) {
  101. $contact_id = $v['cid'];
  102. break;
  103. }
  104. }
  105. }
  106. if ($contact_id) {
  107. $groups = init_groups_visitor($contact_id);
  108. $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  109. intval($contact_id),
  110. intval($a->profile['profile_uid'])
  111. );
  112. if (dbm::is_result($r)) {
  113. $contact = $r[0];
  114. $remote_contact = true;
  115. }
  116. }
  117. if (! $remote_contact) {
  118. if (local_user()) {
  119. $contact_id = $_SESSION['cid'];
  120. $contact = $a->contact;
  121. }
  122. }
  123. $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
  124. $last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . remote_user();
  125. if ($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) {
  126. notice( t('Access to this profile has been restricted.') . EOL);
  127. return;
  128. }
  129. if (! $update) {
  130. if (x($_GET,'tab')) {
  131. $tab = notags(trim($_GET['tab']));
  132. }
  133. $o.=profile_tabs($a, $is_owner, $a->profile['nickname']);
  134. if ($tab === 'profile') {
  135. $o .= advanced_profile($a);
  136. call_hooks('profile_advanced',$o);
  137. return $o;
  138. }
  139. $o .= common_friends_visitor_widget($a->profile['profile_uid']);
  140. if (x($_SESSION,'new_member') && $_SESSION['new_member'] && $is_owner) {
  141. $o .= '<a href="newmember" id="newmember-tips" style="font-size: 1.2em;"><b>' . t('Tips for New Members') . '</b></a>' . EOL;
  142. }
  143. $commpage = (($a->profile['page-flags'] == PAGE_COMMUNITY) ? true : false);
  144. $commvisitor = (($commpage && $remote_contact == true) ? true : false);
  145. $a->page['aside'] .= posted_date_widget(App::get_baseurl(true) . '/profile/' . $a->profile['nickname'],$a->profile['profile_uid'],true);
  146. $a->page['aside'] .= categories_widget(App::get_baseurl(true) . '/profile/' . $a->profile['nickname'],(x($category) ? xmlify($category) : ''));
  147. if (can_write_wall($a,$a->profile['profile_uid'])) {
  148. $x = array(
  149. 'is_owner' => $is_owner,
  150. 'allow_location' => ((($is_owner || $commvisitor) && $a->profile['allow_location']) ? true : false),
  151. 'default_location' => (($is_owner) ? $a->user['default-location'] : ''),
  152. 'nickname' => $a->profile['nickname'],
  153. 'lockstate' => (((is_array($a->user) && ((strlen($a->user['allow_cid'])) ||
  154. (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) ||
  155. (strlen($a->user['deny_gid']))))) ? 'lock' : 'unlock'),
  156. 'acl' => (($is_owner) ? populate_acl($a->user, true) : ''),
  157. 'bang' => '',
  158. 'visitor' => (($is_owner || $commvisitor) ? 'block' : 'none'),
  159. 'profile_uid' => $a->profile['profile_uid'],
  160. 'acl_data' => ( $is_owner ? construct_acl_data($a, $a->user) : '' ), // For non-Javascript ACL selector
  161. );
  162. $o .= status_editor($a,$x);
  163. }
  164. }
  165. /**
  166. * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
  167. */
  168. $sql_extra = item_permissions_sql($a->profile['profile_uid'],$remote_contact,$groups);
  169. if ($update) {
  170. $last_updated = (x($_SESSION['last_updated'], $last_updated_key) ? $_SESSION['last_updated'][$last_updated_key] : 0);
  171. // If the page user is the owner of the page we should query for unseen
  172. // items. Otherwise use a timestamp of the last succesful update request.
  173. if ($is_owner || !$last_updated) {
  174. $sql_extra4 = " AND `item`.`unseen`";
  175. } else {
  176. $gmupdate = gmdate("Y-m-d H:i:s", $last_updated);
  177. $sql_extra4 = " AND `item`.`received` > '" . $gmupdate . "'";
  178. }
  179. $r = q("SELECT distinct(parent) AS `item_id`, `item`.`network` AS `item_network`, `item`.`created`
  180. FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
  181. AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
  182. WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND
  183. (`item`.`deleted` = 0 OR item.verb = '" . ACTIVITY_LIKE ."'
  184. OR item.verb = '" . ACTIVITY_DISLIKE . "' OR item.verb = '" . ACTIVITY_ATTEND . "'
  185. OR item.verb = '" . ACTIVITY_ATTENDNO . "' OR item.verb = '" . ACTIVITY_ATTENDMAYBE . "')
  186. AND `item`.`moderated` = 0
  187. AND `item`.`wall` = 1
  188. $sql_extra4
  189. $sql_extra
  190. ORDER BY `item`.`created` DESC",
  191. intval($a->profile['profile_uid'])
  192. );
  193. if (!dbm::is_result($r)) {
  194. return '';
  195. }
  196. } else {
  197. $sql_post_table = "";
  198. if (x($category)) {
  199. $sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
  200. dbesc(protect_sprintf($category)), intval(TERM_OBJ_POST), intval(TERM_CATEGORY), intval($a->profile['profile_uid']));
  201. //$sql_extra .= protect_sprintf(file_tag_file_query('item',$category,'category'));
  202. }
  203. if ($datequery) {
  204. $sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery))));
  205. }
  206. if ($datequery2) {
  207. $sql_extra2 .= protect_sprintf(sprintf(" AND `thread`.`created` >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(),'',$datequery2))));
  208. }
  209. // Belongs the profile page to a forum?
  210. // If not then we can improve the performance with an additional condition
  211. $r = q("SELECT `uid` FROM `user` WHERE `uid` = %d AND `page-flags` IN (%d, %d)",
  212. intval($a->profile['profile_uid']),
  213. intval(PAGE_COMMUNITY),
  214. intval(PAGE_PRVGROUP));
  215. if (!dbm::is_result($r)) {
  216. $sql_extra3 = sprintf(" AND `thread`.`contact-id` = %d ", intval(intval($a->profile['contact_id'])));
  217. }
  218. // check if we serve a mobile device and get the user settings
  219. // accordingly
  220. if ($a->is_mobile) {
  221. $itemspage_network = get_pconfig(local_user(),'system','itemspage_mobile_network');
  222. $itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 10);
  223. } else {
  224. $itemspage_network = get_pconfig(local_user(),'system','itemspage_network');
  225. $itemspage_network = ((intval($itemspage_network)) ? $itemspage_network : 20);
  226. }
  227. // now that we have the user settings, see if the theme forces
  228. // a maximum item number which is lower then the user choice
  229. if(($a->force_max_items > 0) && ($a->force_max_items < $itemspage_network))
  230. $itemspage_network = $a->force_max_items;
  231. $a->set_pager_itemspage($itemspage_network);
  232. $pager_sql = sprintf(" LIMIT %d, %d ",intval($a->pager['start']), intval($a->pager['itemspage']));
  233. $r = q("SELECT `thread`.`iid` AS `item_id`, `thread`.`network` AS `item_network`
  234. FROM `thread`
  235. STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
  236. $sql_post_table
  237. STRAIGHT_JOIN `contact` ON `contact`.`id` = `thread`.`contact-id`
  238. AND NOT `contact`.`blocked` AND NOT `contact`.`pending`
  239. WHERE `thread`.`uid` = %d AND `thread`.`visible`
  240. AND NOT `thread`.`deleted`
  241. AND NOT `thread`.`moderated`
  242. AND `thread`.`wall`
  243. $sql_extra3 $sql_extra $sql_extra2
  244. ORDER BY `thread`.`created` DESC $pager_sql",
  245. intval($a->profile['profile_uid'])
  246. );
  247. }
  248. $parents_arr = array();
  249. $parents_str = '';
  250. // Set a time stamp for this page. We will make use of it when we
  251. // search for new items (update routine)
  252. $_SESSION['last_updated'][$last_updated_key] = time();
  253. if (dbm::is_result($r)) {
  254. foreach($r as $rr)
  255. $parents_arr[] = $rr['item_id'];
  256. $parents_str = implode(', ', $parents_arr);
  257. $items = q(item_query()." AND `item`.`uid` = %d
  258. AND `item`.`parent` IN (%s)
  259. $sql_extra ",
  260. intval($a->profile['profile_uid']),
  261. dbesc($parents_str)
  262. );
  263. $items = conv_sort($items,'created');
  264. } else {
  265. $items = array();
  266. }
  267. if($is_owner && (! $update) && (! get_config('theme','hide_eventlist'))) {
  268. $o .= get_birthdays();
  269. $o .= get_events();
  270. }
  271. if($is_owner) {
  272. $r = q("UPDATE `item` SET `unseen` = 0
  273. WHERE `wall` = 1 AND `unseen` = 1 AND `uid` = %d",
  274. intval(local_user())
  275. );
  276. }
  277. $o .= conversation($a, $items, 'profile', $update);
  278. if (!$update) {
  279. $o .= alt_pager($a, count($items));
  280. }
  281. return $o;
  282. }