friendica/mod/profiles.php

512 lines
15 KiB
PHP
Raw Normal View History

2010-07-02 01:48:07 +02:00
<?php
function profiles_post(&$a) {
if(! local_user()) {
notice( t('Permission denied.') . EOL);
2010-07-02 01:48:07 +02:00
return;
}
$namechanged = false;
2011-01-21 00:30:45 +01:00
call_hooks('profile_post', $_POST);
2010-09-27 02:24:20 +02:00
if(($a->argc > 1) && ($a->argv[1] !== "new") && intval($a->argv[1])) {
$orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
2010-07-02 01:48:07 +02:00
intval($a->argv[1]),
2010-11-25 01:35:35 +01:00
intval(local_user())
2010-07-02 01:48:07 +02:00
);
if(! count($orig)) {
notice( t('Profile not found.') . EOL);
2010-07-02 01:48:07 +02:00
return;
}
2012-03-12 21:17:37 +01:00
check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
$is_default = (($orig[0]['is-default']) ? 1 : 0);
2010-07-02 01:48:07 +02:00
$profile_name = notags(trim($_POST['profile_name']));
if(! strlen($profile_name)) {
notify( t('Profile Name is required.') . EOL);
2010-07-02 01:48:07 +02:00
return;
}
2010-07-11 01:47:10 +02:00
$year = intval($_POST['year']);
if($year < 1900 || $year > 2100 || $year < 0)
$year = 0;
$month = intval($_POST['month']);
if(($month > 12) || ($month < 0))
$month = 0;
$mtab = array(0,31,29,31,30,31,30,31,31,30,31,30,31);
$day = intval($_POST['day']);
if(($day > $mtab[$month]) || ($day < 0))
$day = 0;
$dob = '0000-00-00';
$dob = sprintf('%04d-%02d-%02d',$year,$month,$day);
2010-07-02 01:48:07 +02:00
$name = notags(trim($_POST['name']));
if($orig[0]['name'] != $name)
$namechanged = true;
2011-01-19 04:25:28 +01:00
$pdesc = notags(trim($_POST['pdesc']));
2010-07-02 01:48:07 +02:00
$gender = notags(trim($_POST['gender']));
$address = notags(trim($_POST['address']));
$locality = notags(trim($_POST['locality']));
$region = notags(trim($_POST['region']));
$postal_code = notags(trim($_POST['postal_code']));
$country_name = notags(trim($_POST['country_name']));
$pub_keywords = notags(trim($_POST['pub_keywords']));
$prv_keywords = notags(trim($_POST['prv_keywords']));
$marital = notags(trim($_POST['marital']));
2010-08-10 07:58:58 +02:00
if($marital != $orig[0]['marital'])
$maritalchanged = true;
$with = ((x($_POST,'with')) ? notags(trim($_POST['with'])) : '');
// linkify the relationship target if applicable
if(strlen($with)) {
if($with != strip_tags($orig[0]['with'])) {
$prf = '';
$lookup = $with;
if(strpos($lookup,'@') === 0)
$lookup = substr($lookup,1);
$lookup = str_replace('_',' ', $lookup);
if(strpos($lookup,'@') || (strpos($lookup,'http://'))) {
$newname = $lookup;
$links = @lrdd($lookup);
if(count($links)) {
foreach($links as $link) {
if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
$prf = $link['@attributes']['href'];
}
}
}
}
else {
$newname = $lookup;
if(strstr($lookup,' ')) {
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
dbesc($newname),
intval(local_user())
);
}
else {
$r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1",
dbesc($lookup),
intval(local_user())
);
}
if(count($r)) {
$prf = $r[0]['url'];
$newname = $r[0]['name'];
}
}
if($prf) {
$with = str_replace($lookup,'<a href="' . $prf . '">' . $newname . '</a>', $with);
if(strpos($with,'@') === 0)
$with = substr($with,1);
}
}
else
$with = $orig[0]['with'];
}
2010-07-11 01:47:10 +02:00
$sexual = notags(trim($_POST['sexual']));
2010-07-02 01:48:07 +02:00
$homepage = notags(trim($_POST['homepage']));
2010-07-11 01:47:10 +02:00
$politic = notags(trim($_POST['politic']));
$religion = notags(trim($_POST['religion']));
2012-04-11 01:31:49 +02:00
$about = fix_mce_lf(escape_tags(trim($_POST['about'])));
$interest = fix_mce_lf(escape_tags(trim($_POST['interest'])));
$contact = fix_mce_lf(escape_tags(trim($_POST['contact'])));
$music = fix_mce_lf(escape_tags(trim($_POST['music'])));
$book = fix_mce_lf(escape_tags(trim($_POST['book'])));
$tv = fix_mce_lf(escape_tags(trim($_POST['tv'])));
$film = fix_mce_lf(escape_tags(trim($_POST['film'])));
$romance = fix_mce_lf(escape_tags(trim($_POST['romance'])));
$work = fix_mce_lf(escape_tags(trim($_POST['work'])));
$education = fix_mce_lf(escape_tags(trim($_POST['education'])));
$hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0);
2010-07-02 01:48:07 +02:00
$r = q("UPDATE `profile`
SET `profile-name` = '%s',
`name` = '%s',
2011-01-19 04:25:28 +01:00
`pdesc` = '%s',
2010-07-02 01:48:07 +02:00
`gender` = '%s',
2010-07-11 01:47:10 +02:00
`dob` = '%s',
2010-07-02 01:48:07 +02:00
`address` = '%s',
`locality` = '%s',
`region` = '%s',
`postal-code` = '%s',
`country-name` = '%s',
`marital` = '%s',
`with` = '%s',
2010-07-11 01:47:10 +02:00
`sexual` = '%s',
2010-07-02 01:48:07 +02:00
`homepage` = '%s',
2010-07-11 01:47:10 +02:00
`politic` = '%s',
`religion` = '%s',
`pub_keywords` = '%s',
`prv_keywords` = '%s',
2010-07-11 01:47:10 +02:00
`about` = '%s',
`interest` = '%s',
`contact` = '%s',
`music` = '%s',
`book` = '%s',
`tv` = '%s',
`film` = '%s',
`romance` = '%s',
`work` = '%s',
`education` = '%s',
`hide-friends` = %d
2010-07-02 01:48:07 +02:00
WHERE `id` = %d AND `uid` = %d LIMIT 1",
dbesc($profile_name),
dbesc($name),
2011-01-19 04:25:28 +01:00
dbesc($pdesc),
2010-07-02 01:48:07 +02:00
dbesc($gender),
2010-07-11 01:47:10 +02:00
dbesc($dob),
2010-07-02 01:48:07 +02:00
dbesc($address),
dbesc($locality),
dbesc($region),
dbesc($postal_code),
dbesc($country_name),
dbesc($marital),
dbesc($with),
2010-07-11 01:47:10 +02:00
dbesc($sexual),
2010-07-02 01:48:07 +02:00
dbesc($homepage),
2010-07-11 01:47:10 +02:00
dbesc($politic),
dbesc($religion),
dbesc($pub_keywords),
dbesc($prv_keywords),
2010-07-02 01:48:07 +02:00
dbesc($about),
2010-07-11 01:47:10 +02:00
dbesc($interest),
dbesc($contact),
dbesc($music),
dbesc($book),
dbesc($tv),
dbesc($film),
dbesc($romance),
dbesc($work),
dbesc($education),
intval($hide_friends),
2010-07-02 01:48:07 +02:00
intval($a->argv[1]),
intval($_SESSION['uid'])
);
if($r)
info( t('Profile updated.') . EOL);
2010-07-09 12:10:28 +02:00
if($namechanged && $is_default) {
$r = q("UPDATE `contact` SET `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1",
dbesc(datetime_convert()),
2010-11-25 01:35:35 +01:00
intval(local_user())
);
}
if($is_default) {
// Update global directory in background
$url = $_SESSION['my_url'];
if($url && strlen(get_config('system','directory_submit_url')))
2011-02-24 00:16:12 +01:00
proc_run('php',"include/directory.php","$url");
2011-10-20 14:43:33 +02:00
require_once('include/profile_update.php');
profile_change();
}
2010-07-02 01:48:07 +02:00
}
}
function profiles_content(&$a) {
2011-01-19 04:25:28 +01:00
2010-11-01 00:38:22 +01:00
$o = '';
nav_set_selected('profiles');
2010-11-25 01:35:35 +01:00
2010-07-02 01:48:07 +02:00
if(! local_user()) {
notice( t('Permission denied.') . EOL);
2010-07-02 01:48:07 +02:00
return;
}
2010-09-27 02:24:20 +02:00
if(($a->argc > 2) && ($a->argv[1] === "drop") && intval($a->argv[2])) {
2011-03-08 09:39:42 +01:00
$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is-default` = 0 LIMIT 1",
2010-07-11 01:47:10 +02:00
intval($a->argv[2]),
2010-11-25 01:35:35 +01:00
intval(local_user())
2010-07-11 01:47:10 +02:00
);
if(! count($r)) {
notice( t('Profile not found.') . EOL);
2012-03-15 05:20:20 +01:00
goaway($a->get_baseurl(true) . '/profiles');
2010-07-11 01:47:10 +02:00
return; // NOTREACHED
}
2012-03-12 21:17:37 +01:00
check_form_security_token_redirectOnErr('/profiles', 'profile_drop', 't');
2010-07-11 01:47:10 +02:00
// move every contact using this profile as their default to the user default
$r = q("UPDATE `contact` SET `profile-id` = (SELECT `profile`.`id` AS `profile-id` FROM `profile` WHERE `profile`.`is-default` = 1 AND `profile`.`uid` = %d LIMIT 1) WHERE `profile-id` = %d AND `uid` = %d ",
2010-11-25 01:35:35 +01:00
intval(local_user()),
2010-07-11 01:47:10 +02:00
intval($a->argv[2]),
2010-11-25 01:35:35 +01:00
intval(local_user())
2010-07-11 01:47:10 +02:00
);
2011-03-08 09:39:42 +01:00
$r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
intval(local_user())
2010-07-11 01:47:10 +02:00
);
if($r)
info( t('Profile deleted.') . EOL);
2010-07-11 01:47:10 +02:00
2012-03-15 05:20:20 +01:00
goaway($a->get_baseurl(true) . '/profiles');
2010-07-11 01:47:10 +02:00
return; // NOTREACHED
}
2010-09-27 02:24:20 +02:00
if(($a->argc > 1) && ($a->argv[1] === 'new')) {
2012-03-12 21:17:37 +01:00
check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't');
2010-07-02 01:48:07 +02:00
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
2010-11-25 01:35:35 +01:00
intval(local_user()));
2010-07-02 01:48:07 +02:00
$num_profiles = count($r0);
$name = t('Profile-') . ($num_profiles + 1);
2010-07-02 01:48:07 +02:00
$r1 = q("SELECT `name`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
2010-11-25 01:35:35 +01:00
intval(local_user()));
2010-07-02 01:48:07 +02:00
$r2 = q("INSERT INTO `profile` (`uid` , `profile-name` , `name`, `photo`, `thumb`)
VALUES ( %d, '%s', '%s', '%s', '%s' )",
2010-11-25 01:35:35 +01:00
intval(local_user()),
2010-07-02 01:48:07 +02:00
dbesc($name),
dbesc($r1[0]['name']),
dbesc($r1[0]['photo']),
2011-01-02 23:26:23 +01:00
dbesc($r1[0]['thumb'])
2010-07-02 01:48:07 +02:00
);
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
2010-11-25 01:35:35 +01:00
intval(local_user()),
2010-07-02 01:48:07 +02:00
dbesc($name)
);
2011-01-02 23:26:23 +01:00
info( t('New profile created.') . EOL);
2010-07-02 01:48:07 +02:00
if(count($r3) == 1)
2012-03-15 05:20:20 +01:00
goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
2012-03-12 21:17:37 +01:00
2012-03-15 05:20:20 +01:00
goaway($a->get_baseurl(true) . '/profiles');
2012-03-12 21:17:37 +01:00
}
2010-07-02 01:48:07 +02:00
2010-09-27 02:24:20 +02:00
if(($a->argc > 2) && ($a->argv[1] === 'clone')) {
2012-03-12 21:17:37 +01:00
check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't');
2010-07-10 01:28:50 +02:00
$r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
2010-11-25 01:35:35 +01:00
intval(local_user()));
2010-07-10 01:28:50 +02:00
$num_profiles = count($r0);
$name = t('Profile-') . ($num_profiles + 1);
2010-07-10 01:28:50 +02:00
$r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1",
2010-11-25 01:35:35 +01:00
intval(local_user()),
2010-07-10 01:28:50 +02:00
intval($a->argv[2])
);
if(! count($r1)) {
notice( t('Profile unavailable to clone.') . EOL);
2010-07-10 01:28:50 +02:00
return;
}
unset($r1[0]['id']);
$r1[0]['is-default'] = 0;
$r1[0]['publish'] = 0;
$r1[0]['net-publish'] = 0;
2010-07-10 01:28:50 +02:00
$r1[0]['profile-name'] = dbesc($name);
2010-07-10 01:45:43 +02:00
dbesc_array($r1[0]);
$r2 = dbq("INSERT INTO `profile` (`"
2010-07-10 01:28:50 +02:00
. implode("`, `", array_keys($r1[0]))
. "`) VALUES ('"
. implode("', '", array_values($r1[0]))
. "')" );
$r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
2010-11-25 01:35:35 +01:00
intval(local_user()),
2010-07-10 01:28:50 +02:00
dbesc($name)
);
info( t('New profile created.') . EOL);
2010-07-10 01:28:50 +02:00
if(count($r3) == 1)
2012-03-15 05:20:20 +01:00
goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']);
2012-03-12 21:17:37 +01:00
2012-03-15 05:20:20 +01:00
goaway($a->get_baseurl(true) . '/profiles');
2012-03-12 21:17:37 +01:00
return; // NOTREACHED
}
2010-07-10 01:28:50 +02:00
2010-11-01 00:40:09 +01:00
if(($a->argc > 1) && (intval($a->argv[1]))) {
2010-07-02 01:48:07 +02:00
$r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
2010-11-25 01:35:35 +01:00
intval(local_user())
2010-07-02 01:48:07 +02:00
);
if(! count($r)) {
notice( t('Profile not found.') . EOL);
2010-07-02 01:48:07 +02:00
return;
}
profile_load($a,$a->user['nickname'],$r[0]['id']);
2010-07-02 01:48:07 +02:00
2010-11-16 06:06:44 +01:00
require_once('include/profile_selectors.php');
2010-07-02 01:48:07 +02:00
2012-04-11 03:08:06 +02:00
$editselect = 'textareas';
if(intval(get_pconfig(local_user(),'system','plaintext')))
$editselect = 'none';
$a->page['htmlhead'] .= replace_macros(get_markup_template('profed_head.tpl'), array(
'$baseurl' => $a->get_baseurl(true),
'$editselect' => $editselect,
));
2011-05-11 13:37:13 +02:00
$opt_tpl = get_markup_template("profile-hide-friends.tpl");
2010-07-11 11:52:47 +02:00
$hide_friends = replace_macros($opt_tpl,array(
'$desc' => t('Hide your contact/friend list from viewers of this profile?'),
2011-04-08 03:00:35 +02:00
'$yes_str' => t('Yes'),
'$no_str' => t('No'),
2010-07-11 11:52:47 +02:00
'$yes_selected' => (($r[0]['hide-friends']) ? " checked=\"checked\" " : ""),
'$no_selected' => (($r[0]['hide-friends'] == 0) ? " checked=\"checked\" " : "")
));
$a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"js/country.js\" ></script>";
2010-07-10 16:09:57 +02:00
2012-04-11 03:08:06 +02:00
$f = get_config('system','birthday_input_format');
if(! $f)
$f = 'ymd';
2010-07-10 16:09:57 +02:00
2010-07-02 01:48:07 +02:00
$is_default = (($r[0]['is-default']) ? 1 : 0);
2011-05-11 13:37:13 +02:00
$tpl = get_markup_template("profile_edit.tpl");
2010-07-02 01:48:07 +02:00
$o .= replace_macros($tpl,array(
2012-03-12 21:17:37 +01:00
'$form_security_token' => get_form_security_token("profile_edit"),
'$profile_clone_link' => 'profiles/clone/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_clone"),
'$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_drop"),
'$banner' => t('Edit Profile Details'),
'$submit' => t('Submit'),
'$viewprof' => t('View this profile'),
'$cr_prof' => t('Create a new profile using these settings'),
'$cl_prof' => t('Clone this profile'),
'$del_prof' => t('Delete this profile'),
'$lbl_profname' => t('Profile Name:'),
'$lbl_fullname' => t('Your Full Name:'),
'$lbl_title' => t('Title/Description:'),
'$lbl_gender' => t('Your Gender:'),
'$lbl_bd' => sprintf( t("Birthday \x28%s\x29:"),datesel_format($f)),
'$lbl_address' => t('Street Address:'),
'$lbl_city' => t('Locality/City:'),
'$lbl_zip' => t('Postal/Zip Code:'),
'$lbl_country' => t('Country:'),
'$lbl_region' => t('Region/State:'),
'$lbl_marital' => t('<span class="heart">&hearts;</span> Marital Status:'),
'$lbl_with' => t("Who: \x28if applicable\x29"),
'$lbl_ex1' => t('Examples: cathy123, Cathy Williams, cathy@example.com'),
'$lbl_sexual' => t('Sexual Preference:'),
'$lbl_homepage' => t('Homepage URL:'),
'$lbl_politic' => t('Political Views:'),
'$lbl_religion' => t('Religious Views:'),
'$lbl_pubkey' => t('Public Keywords:'),
'$lbl_prvkey' => t('Private Keywords:'),
'$lbl_ex2' => t('Example: fishing photography software'),
'$lbl_pubdsc' => t("\x28Used for suggesting potential friends, can be seen by others\x29"),
'$lbl_prvdsc' => t("\x28Used for searching profiles, never shown to others\x29"),
'$lbl_about' => t('Tell us about yourself...'),
'$lbl_hobbies' => t('Hobbies/Interests'),
'$lbl_social' => t('Contact information and Social Networks'),
'$lbl_music' => t('Musical interests'),
'$lbl_book' => t('Books, literature'),
'$lbl_tv' => t('Television'),
'$lbl_film' => t('Film/dance/culture/entertainment'),
'$lbl_love' => t('Love/romance'),
'$lbl_work' => t('Work/employment'),
'$lbl_school' => t('School/education'),
'$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''),
2012-03-15 05:20:20 +01:00
'$baseurl' => $a->get_baseurl(true),
2010-07-02 01:48:07 +02:00
'$profile_id' => $r[0]['id'],
'$profile_name' => $r[0]['profile-name'],
'$default' => (($is_default) ? '<p id="profile-edit-default-desc">' . t('This is your <strong>public</strong> profile.<br />It <strong>may</strong> be visible to anybody using the internet.') . '</p>' : ""),
2010-07-02 01:48:07 +02:00
'$name' => $r[0]['name'],
2011-01-19 04:25:28 +01:00
'$pdesc' => $r[0]['pdesc'],
2010-07-10 16:09:57 +02:00
'$dob' => dob($r[0]['dob']),
2010-07-11 11:52:47 +02:00
'$hide_friends' => $hide_friends,
2010-07-02 01:48:07 +02:00
'$address' => $r[0]['address'],
'$locality' => $r[0]['locality'],
'$region' => $r[0]['region'],
'$postal_code' => $r[0]['postal-code'],
'$country_name' => $r[0]['country-name'],
'$age' => ((intval($r[0]['dob'])) ? '(' . t('Age: ') . age($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''),
2010-07-02 01:48:07 +02:00
'$gender' => gender_selector($r[0]['gender']),
'$marital' => marital_selector($r[0]['marital']),
'$with' => strip_tags($r[0]['with']),
2010-07-10 16:09:57 +02:00
'$sexual' => sexpref_selector($r[0]['sexual']),
2010-07-02 01:48:07 +02:00
'$about' => $r[0]['about'],
'$homepage' => $r[0]['homepage'],
2010-07-10 17:18:58 +02:00
'$politic' => $r[0]['politic'],
'$religion' => $r[0]['religion'],
'$pub_keywords' => $r[0]['pub_keywords'],
'$prv_keywords' => $r[0]['prv_keywords'],
2010-07-10 17:18:58 +02:00
'$music' => $r[0]['music'],
'$book' => $r[0]['book'],
'$tv' => $r[0]['tv'],
'$film' => $r[0]['film'],
'$interest' => $r[0]['interest'],
'$romance' => $r[0]['romance'],
'$work' => $r[0]['work'],
'$education' => $r[0]['education'],
'$contact' => $r[0]['contact']
2010-07-02 01:48:07 +02:00
));
2011-01-21 00:30:45 +01:00
$arr = array('profile' => $r[0], 'entry' => $o);
call_hooks('profile_edit', $arr);
2010-07-02 01:48:07 +02:00
return $o;
}
else {
$r = q("SELECT * FROM `profile` WHERE `uid` = %d",
2010-11-25 01:35:35 +01:00
local_user());
2010-07-02 01:48:07 +02:00
if(count($r)) {
2011-05-11 13:37:13 +02:00
$tpl_header = get_markup_template('profile_listing_header.tpl');
2011-04-08 03:00:35 +02:00
$o .= replace_macros($tpl_header,array(
2011-11-03 23:14:33 +01:00
'$header' => t('Edit/Manage Profiles'),
2011-04-08 03:00:35 +02:00
'$chg_photo' => t('Change profile photo'),
2012-03-12 21:17:37 +01:00
'$cr_new' => t('Create New Profile'),
'$cr_new_link' => 'profiles/new?t=' . get_form_security_token("profile_new")
2011-04-08 03:00:35 +02:00
));
2011-05-11 13:37:13 +02:00
$tpl = get_markup_template('profile_entry.tpl');
2010-07-02 01:48:07 +02:00
foreach($r as $rr) {
2011-04-13 06:21:33 +02:00
$o .= replace_macros($tpl, array(
2010-07-02 01:48:07 +02:00
'$photo' => $rr['thumb'],
'$id' => $rr['id'],
2011-01-12 21:44:22 +01:00
'$alt' => t('Profile Image'),
2011-04-13 06:21:33 +02:00
'$profile_name' => $rr['profile-name'],
'$visible' => (($rr['is-default']) ? '<strong>' . t('visible to everybody') . '</strong>'
2012-03-15 05:20:20 +01:00
: '<a href="' . $a->get_baseurl(true) . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
2010-07-02 01:48:07 +02:00
));
}
}
return $o;
}
}