2010-07-01 19:48:07 -04:00
< ? php
function profile_init ( & $a ) {
2011-04-21 20:29:47 -04:00
if (( get_config ( 'system' , 'block_public' )) && ( ! local_user ()) && ( ! remote_user ()))
return ;
2010-07-01 19:48:07 -04:00
if ( $a -> argc > 1 )
$which = $a -> argv [ 1 ];
else {
2010-09-08 23:14:17 -04:00
notice ( t ( 'No profile' ) . EOL );
2010-07-01 19:48:07 -04:00
$a -> error = 404 ;
return ;
}
2010-07-29 00:02:36 -04:00
$profile = 0 ;
2010-09-26 20:24:20 -04:00
if (( local_user ()) && ( $a -> argc > 2 ) && ( $a -> argv [ 2 ] === 'view' )) {
2010-07-29 00:02:36 -04:00
$which = $a -> user [ 'nickname' ];
$profile = $a -> argv [ 1 ];
}
2010-10-21 17:32:29 -04:00
2010-07-29 00:02:36 -04:00
profile_load ( $a , $which , $profile );
2010-08-10 19:54:36 -04:00
2011-02-27 17:17:42 -05:00
if (( x ( $a -> profile , 'page-flags' )) && ( $a -> profile [ 'page-flags' ] & PAGE_COMMUNITY )) {
$a -> page [ 'htmlhead' ] .= '<meta name="friendika.community" content="true" />' ;
}
2010-12-23 17:40:32 -05:00
if ( x ( $a -> profile , 'openidserver' ))
$a -> page [ 'htmlhead' ] .= '<link rel="openid.server" href="' . $a -> profile [ 'openidserver' ] . '" />' . " \r \n " ;
if ( x ( $a -> profile , 'openid' )) {
$delegate = (( strstr ( $a -> profile [ 'openid' ], '://' )) ? $a -> profile [ 'openid' ] : 'http://' . $a -> profile [ 'openid' ]);
$a -> page [ 'htmlhead' ] .= '<link rel="openid.delegate" href="' . $delegate . '" />' . " \r \n " ;
2010-12-23 15:32:13 -05:00
}
2011-03-14 23:19:45 -04:00
$keywords = (( x ( $a -> profile , 'pub_keywords' )) ? $a -> profile [ 'pub_keywords' ] : '' );
$keywords = str_replace ( array ( ',' , ' ' , ',,' ), array ( ' ' , ',' , ',' ), $keywords );
if ( strlen ( $keywords ))
$a -> page [ 'htmlhead' ] .= '<meta name="keywords" content="' . $keywords . '" />' . " \r \n " ;
2010-10-21 17:32:29 -04:00
$a -> page [ 'htmlhead' ] .= '<meta name="dfrn-global-visibility" content="' . (( $a -> profile [ 'net-publish' ]) ? 'true' : 'false' ) . '" />' . " \r \n " ;
$a -> page [ 'htmlhead' ] .= '<link rel="alternate" type="application/atom+xml" href="' . $a -> get_baseurl () . '/dfrn_poll/' . $which . '" />' . " \r \n " ;
2010-10-23 04:20:26 -04:00
$uri = urlencode ( 'acct:' . $a -> profile [ 'nickname' ] . '@' . $a -> get_hostname () . (( $a -> path ) ? '/' . $a -> path : '' ));
2010-10-21 17:32:29 -04:00
$a -> page [ 'htmlhead' ] .= '<link rel="lrdd" type="application/xrd+xml" href="' . $a -> get_baseurl () . '/xrd/?uri=' . $uri . '" />' . " \r \n " ;
2010-11-11 05:49:28 -05:00
header ( 'Link: <' . $a -> get_baseurl () . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"' , false );
2010-12-23 17:40:32 -05:00
2010-07-01 19:48:07 -04:00
$dfrn_pages = array ( 'request' , 'confirm' , 'notify' , 'poll' );
foreach ( $dfrn_pages as $dfrn )
$a -> page [ 'htmlhead' ] .= " <link rel= \" dfrn- { $dfrn } \" href= \" " . $a -> get_baseurl () . " /dfrn_ { $dfrn } / { $which } \" /> \r \n " ;
2010-07-08 10:03:25 -04:00
2010-07-01 19:48:07 -04:00
}
2010-09-20 22:34:44 -04:00
function profile_content ( & $a , $update = 0 ) {
2011-05-24 19:30:52 -04:00
if ( get_config ( 'system' , 'block_public' ) && ( ! local_user ()) && ( ! remote_user ())) {
2011-04-21 21:39:07 -04:00
return login ();
2011-04-21 20:29:47 -04:00
}
2010-07-01 19:48:07 -04:00
require_once ( " include/bbcode.php " );
require_once ( 'include/security.php' );
2011-04-12 20:58:16 -04:00
require_once ( 'include/conversation.php' );
2011-04-20 08:51:02 -04:00
require_once ( 'include/acl_selectors.php' );
2010-07-12 02:10:52 -04:00
$groups = array ();
2010-07-10 22:43:55 -04:00
$tab = 'posts' ;
2010-10-30 16:25:37 -04:00
$o = '' ;
2010-07-10 22:43:55 -04:00
2010-08-19 20:23:13 -04:00
if ( $update ) {
// Ensure we've got a profile owner if updating.
2010-09-20 22:34:44 -04:00
$a -> profile [ 'profile_uid' ] = $update ;
2010-08-19 20:23:13 -04:00
}
else {
2010-10-18 17:34:59 -04:00
if ( $a -> profile [ 'profile_uid' ] == local_user ())
2010-09-19 00:29:22 -04:00
$o .= '<script> $(document).ready(function() { $(\'#nav-home-link\').addClass(\'nav-selected\'); });</script>' ;
2010-07-28 08:01:52 -04:00
}
2010-07-26 01:51:45 -04:00
2010-08-19 20:23:13 -04:00
$contact = null ;
$remote_contact = false ;
2010-07-12 02:10:52 -04:00
if ( remote_user ()) {
2010-07-06 00:39:55 -04:00
$contact_id = $_SESSION [ 'visitor_id' ];
2010-07-12 02:10:52 -04:00
$groups = init_groups_visitor ( $contact_id );
2010-08-14 10:55:18 -04:00
$r = q ( " SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1 " ,
intval ( $contact_id ),
2010-08-19 20:23:13 -04:00
intval ( $a -> profile [ 'profile_uid' ])
2010-08-14 10:55:18 -04:00
);
2010-08-19 20:23:13 -04:00
if ( count ( $r )) {
2010-08-14 10:55:18 -04:00
$contact = $r [ 0 ];
2010-08-19 20:23:13 -04:00
$remote_contact = true ;
}
2010-07-12 02:10:52 -04:00
}
2010-08-19 20:23:13 -04:00
if ( ! $remote_contact ) {
2010-08-19 07:59:31 -04:00
if ( local_user ()) {
$contact_id = $_SESSION [ 'cid' ];
$contact = $a -> contact ;
}
2010-07-06 00:39:55 -04:00
}
2010-10-19 23:52:05 -04:00
$is_owner = (( local_user ()) && ( local_user () == $a -> profile [ 'profile_uid' ]) ? true : false );
2011-05-28 03:42:01 -04:00
2011-05-28 03:49:03 -04:00
if ( $a -> profile [ 'hidewall' ] && ( ! $is_owner ) && ( ! $remote_contact )) {
2011-05-28 03:42:01 -04:00
notice ( t ( 'Access to this profile has been restricted.' ) . EOL );
return ;
}
2010-12-05 21:08:36 -05:00
2010-08-19 20:23:13 -04:00
if ( ! $update ) {
2010-07-24 18:21:33 -04:00
if ( x ( $_GET , 'tab' ))
$tab = notags ( trim ( $_GET [ 'tab' ]));
2010-07-01 19:48:07 -04:00
2011-05-11 07:37:13 -04:00
$tpl = get_markup_template ( 'profile_tabs.tpl' );
2010-07-12 21:00:58 -04:00
2010-07-01 19:48:07 -04:00
$o .= replace_macros ( $tpl , array (
2010-08-06 00:15:24 -04:00
'$url' => $a -> get_baseurl () . '/' . $a -> cmd ,
2011-03-21 07:10:08 -04:00
'$phototab' => $a -> get_baseurl () . '/photos/' . $a -> profile [ 'nickname' ],
2011-03-21 18:12:40 -04:00
'$status' => t ( 'Status' ),
2011-03-21 07:10:08 -04:00
'$profile' => t ( 'Profile' ),
'$photos' => t ( 'Photos' )
2010-07-01 19:48:07 -04:00
));
2010-07-24 09:56:02 -04:00
2010-09-26 20:24:20 -04:00
if ( $tab === 'profile' ) {
2011-04-08 02:10:43 -04:00
require_once ( 'include/profile_advanced.php' );
$o .= advanced_profile ( $a );
2010-12-22 23:23:41 -05:00
call_hooks ( 'profile_advanced' , $o );
2010-07-24 18:21:33 -04:00
return $o ;
}
2010-12-05 21:08:36 -05:00
$commpage = (( $a -> profile [ 'page-flags' ] == PAGE_COMMUNITY ) ? true : false );
$commvisitor = (( $commpage && $remote_contact == true ) ? true : false );
2010-10-18 03:43:49 -04:00
$celeb = ((( $a -> profile [ 'page-flags' ] == PAGE_SOAPBOX ) || ( $a -> profile [ 'page-flags' ] == PAGE_COMMUNITY )) ? true : false );
2010-10-19 23:52:05 -04:00
2010-12-05 21:08:36 -05:00
if ( can_write_wall ( $a , $a -> profile [ 'profile_uid' ])) {
2010-10-19 23:52:05 -04:00
2011-04-20 08:48:12 -04:00
$x = array (
'is_owner' => $is_owner ,
'allow_location' => ((( $is_owner || $commvisitor ) && $a -> profile [ 'allow_location' ]) ? true : false ),
'default_location' => (( $is_owner ) ? $a -> user [ 'default-location' ] : '' ),
'nickname' => $a -> profile [ 'nickname' ],
'lockstate' => ((( is_array ( $a -> user ) && (( strlen ( $a -> user [ 'allow_cid' ])) || ( strlen ( $a -> user [ 'allow_gid' ])) || ( strlen ( $a -> user [ 'deny_cid' ])) || ( strlen ( $a -> user [ 'deny_gid' ]))))) ? 'lock' : 'unlock' ),
'acl' => (( $is_owner ) ? populate_acl ( $a -> user , $celeb ) : '' ),
'bang' => '' ,
'visitor' => (( $is_owner || $commvisitor ) ? 'block' : 'none' ),
'profile_uid' => $a -> profile [ 'profile_uid' ]
);
$o .= status_editor ( $a , $x );
2010-07-24 18:21:33 -04:00
}
2010-09-20 22:34:44 -04:00
// This is ugly, but we can't pass the profile_uid through the session to the ajax updater,
// because browser prefetching might change it on us. We have to deliver it with the page.
2011-02-17 03:40:35 -05:00
if ( $tab === 'posts' ) {
2010-09-21 01:27:33 -04:00
$o .= '<div id="live-profile"></div>' . " \r \n " ;
2011-02-17 03:40:35 -05:00
$o .= " <script> var profile_uid = " . $a -> profile [ 'profile_uid' ]
. " ; var netargs = ''; var profile_page = " . $a -> pager [ 'page' ] . " ; </script> \r \n " ;
2010-09-21 01:27:33 -04:00
}
2010-07-24 18:21:33 -04:00
}
2010-07-01 19:48:07 -04:00
2010-10-19 23:52:05 -04:00
// Construct permissions
2010-07-12 02:10:52 -04:00
2010-07-17 10:03:06 -04:00
// default permissions - anonymous user
2010-07-12 02:10:52 -04:00
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' " ;
// Profile owner - everything is visible
2010-07-01 19:48:07 -04:00
2010-10-30 01:18:05 -04:00
if ( $is_owner ) {
2010-07-12 02:10:52 -04:00
$sql_extra = '' ;
2010-07-20 08:21:19 -04:00
// Oh - while we're here... reset the Unseen messages
$r = q ( " UPDATE `item` SET `unseen` = 0
2011-05-20 22:28:48 -04:00
WHERE `wall` = 1 AND `unseen` = 1 AND `uid` = % d " ,
2010-07-20 08:21:19 -04:00
intval ( $_SESSION [ 'uid' ])
);
}
2010-07-01 19:48:07 -04:00
2010-07-12 02:10:52 -04:00
// authenticated visitor - here lie dragons
2010-08-19 20:23:13 -04:00
// If $remotecontact is true, we know that not only is this a remotely authenticated
// person, but that it is *our* contact, which is important in multi-user mode.
elseif ( $remote_contact ) {
2010-07-12 02:10:52 -04:00
$gs = '<<>>' ; // should be impossible to match
if ( count ( $groups )) {
foreach ( $groups as $g )
2010-07-13 05:00:53 -04:00
$gs .= '|<' . intval ( $g ) . '>' ;
2010-07-12 02:10:52 -04:00
}
$sql_extra = sprintf (
" AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
2010-07-19 02:23:18 -04:00
AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s' ) " ,
2010-07-12 02:10:52 -04:00
2010-07-13 02:08:07 -04:00
intval ( $_SESSION [ 'visitor_id' ]),
intval ( $_SESSION [ 'visitor_id' ]),
2010-07-13 05:00:53 -04:00
dbesc ( $gs ),
dbesc ( $gs )
2010-07-01 19:48:07 -04:00
);
2010-07-12 02:10:52 -04:00
}
2010-07-01 19:48:07 -04:00
2010-07-12 02:10:52 -04:00
$r = q ( " SELECT COUNT(*) AS `total`
FROM `item` LEFT JOIN `contact` ON `contact` . `id` = `item` . `contact-id`
WHERE `item` . `uid` = % d AND `item` . `visible` = 1 AND `item` . `deleted` = 0
2010-08-13 03:43:44 -04:00
AND `contact` . `blocked` = 0 AND `contact` . `pending` = 0
2011-03-27 22:53:36 -04:00
AND `item` . `id` = `item` . `parent` AND `item` . `wall` = 1
2010-07-12 02:10:52 -04:00
$sql_extra " ,
2010-08-19 20:23:13 -04:00
intval ( $a -> profile [ 'profile_uid' ])
2010-07-06 00:39:55 -04:00
2010-07-12 02:10:52 -04:00
);
2010-07-06 00:39:55 -04:00
2011-03-27 22:53:36 -04:00
if ( count ( $r )) {
2010-07-12 02:10:52 -04:00
$a -> set_pager_total ( $r [ 0 ][ 'total' ]);
2011-03-27 22:53:36 -04:00
$a -> set_pager_itemspage ( 40 );
}
2010-07-17 10:03:06 -04:00
2011-03-27 22:53:36 -04:00
$r = q ( " SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact-uid`
2010-07-12 02:10:52 -04:00
FROM `item` LEFT JOIN `contact` ON `contact` . `id` = `item` . `contact-id`
WHERE `item` . `uid` = % d AND `item` . `visible` = 1 AND `item` . `deleted` = 0
2010-08-13 03:43:44 -04:00
AND `contact` . `blocked` = 0 AND `contact` . `pending` = 0
2011-03-27 22:53:36 -04:00
AND `item` . `id` = `item` . `parent` AND `item` . `wall` = 1
2010-07-12 02:10:52 -04:00
$sql_extra
2011-03-27 22:59:27 -04:00
ORDER BY `item` . `created` DESC LIMIT % d , % d " ,
2010-08-19 20:23:13 -04:00
intval ( $a -> profile [ 'profile_uid' ]),
2010-07-12 02:10:52 -04:00
intval ( $a -> pager [ 'start' ]),
intval ( $a -> pager [ 'itemspage' ])
);
2010-07-01 19:48:07 -04:00
2011-03-27 22:53:36 -04:00
$parents_arr = array ();
$parents_str = '' ;
if ( count ( $r )) {
foreach ( $r as $rr )
$parents_arr [] = $rr [ 'item_id' ];
$parents_str = implode ( ', ' , $parents_arr );
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `network` , `contact` . `rel` ,
2011-04-11 06:22:09 -04:00
`contact` . `thumb` , `contact` . `self` , `contact` . `writable` ,
2011-03-27 22:53:36 -04:00
`contact` . `id` AS `cid` , `contact` . `uid` AS `contact-uid`
FROM `item` LEFT JOIN `contact` ON `contact` . `id` = `item` . `contact-id`
WHERE `item` . `uid` = % d AND `item` . `visible` = 1 AND `item` . `deleted` = 0
AND `contact` . `blocked` = 0 AND `contact` . `pending` = 0
AND `item` . `parent` IN ( % s )
$sql_extra
ORDER BY `parent` DESC , `gravity` ASC , `item` . `id` ASC " ,
intval ( $a -> profile [ 'profile_uid' ]),
dbesc ( $parents_str )
);
}
2011-01-13 23:28:33 -05:00
if ( $is_owner && ! $update )
2011-01-16 19:40:09 -05:00
$o .= get_birthdays ();
2011-01-13 23:28:33 -05:00
2010-07-12 02:10:52 -04:00
2010-09-17 06:10:19 -04:00
2011-04-11 18:45:19 -04:00
$o .= conversation ( $a , $r , 'profile' , $update );
2010-07-17 02:14:37 -04:00
2010-09-21 00:26:18 -04:00
2011-04-11 02:01:38 -04:00
if ( ! $update ) {
2010-07-24 18:21:33 -04:00
2011-04-11 02:01:38 -04:00
$o .= paginate ( $a );
$o .= '<div class="cc-license">' . t ( 'Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.' ) . '</div>' ;
}
2011-01-23 17:56:14 -05:00
2010-07-01 19:48:07 -04:00
return $o ;
2010-12-23 15:32:13 -05:00
}