]> git.mxchange.org Git - friendica.git/blob - mod/display.php
Bugfix: The user id wasn't fetched correctly.
[friendica.git] / mod / display.php
1 <?php
2
3 function display_init(&$a) {
4
5         if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
6                 return;
7         }
8
9         $nick = (($a->argc > 1) ? $a->argv[1] : '');
10         $profiledata = array();
11
12         // If there is only one parameter, then check if this parameter could be a guid
13         if ($a->argc == 2) {
14                 $nick = "";
15                 $itemuid = 0;
16
17                 // Does the local user have this item?
18                 if (local_user()) {
19                         $r = q("SELECT `id`, `parent`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid` FROM `item`
20                                 WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
21                                         AND `guid` = '%s' AND `uid` = %d", $a->argv[1], local_user());
22                         if (count($r)) {
23                                 $nick = $a->user["nickname"];
24                                 $itemuid = local_user();
25                         }
26                 }
27
28                 // Or is it anywhere on the server?
29                 if ($nick == "") {
30                         $r = q("SELECT `user`.`nickname`, `item`.`id`, `item`.`parent`, `item`.`author-name`,
31                                 `item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`body`
32                                 FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
33                                 WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
34                                         AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = ''
35                                         AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = ''
36                                         AND `item`.`private` = 0 AND NOT `user`.`hidewall`
37                                         AND `item`.`guid` = '%s'", $a->argv[1]);
38                                 //      AND `item`.`private` = 0 AND `item`.`wall` = 1
39                         if (count($r)) {
40                                 $nick = $r[0]["nickname"];
41                                 $itemuid = $r[0]["uid"];
42                         }
43                 }
44
45                 // Is it an item with uid=0?
46                 if ($nick == "") {
47                         $r = q("SELECT `item`.`id`, `item`.`parent`, `item`.`author-name`,
48                                 `item`.`author-link`, `item`.`author-avatar`, `item`.`network`, `item`.`uid`, `item`.`body`
49                                 FROM `item` WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
50                                         AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = ''
51                                         AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = ''
52                                         AND `item`.`private` = 0 AND `item`.`uid` = 0
53                                         AND `item`.`guid` = '%s'", $a->argv[1]);
54                                 //      AND `item`.`private` = 0 AND `item`.`wall` = 1
55                 }
56                 if (count($r)) {
57                         if ($r[0]["id"] != $r[0]["parent"])
58                                 $r = q("SELECT `id`, `author-name`, `author-link`, `author-avatar`, `network`, `body`, `uid` FROM `item`
59                                         WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
60                                                 AND `id` = %d", $r[0]["parent"]);
61
62                         $profiledata = display_fetchauthor($a, $r[0]);
63
64                         if (strstr(normalise_link($profiledata["url"]), normalise_link($a->get_baseurl()))) {
65                                 $nickname = str_replace(normalise_link($a->get_baseurl())."/profile/", "", normalise_link($profiledata["url"]));
66
67                                 if (($nickname != $a->user["nickname"])) {
68                                         $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `contact`.`avatar-date` AS picdate, `user`.* FROM `profile`
69                                                 INNER JOIN `contact` on `contact`.`uid` = `profile`.`uid` INNER JOIN `user` ON `profile`.`uid` = `user`.`uid`
70                                                 WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 and `contact`.`self` = 1 LIMIT 1",
71                                                 dbesc($nickname)
72                                         );
73                                         if (count($r))
74                                                 $profiledata = $r[0];
75
76                                         $profiledata["network"] = NETWORK_DFRN;
77                                 } else
78                                         $profiledata = array();
79                         }
80                 } else {
81                         $a->error = 404;
82                         notice( t('Item not found.') . EOL);
83                         return;
84                 }
85         }
86
87         profile_load($a, $nick, 0, $profiledata);
88
89 }
90
91 function display_fetchauthor($a, $item) {
92         require_once("mod/proxy.php");
93         require_once("include/bbcode.php");
94
95         $profiledata = array();
96         $profiledata["uid"] = -1;
97         $profiledata["nickname"] = $item["author-name"];
98         $profiledata["name"] = $item["author-name"];
99         $profiledata["picdate"] = "";
100         $profiledata["photo"] = proxy_url($item["author-avatar"]);
101         $profiledata["url"] = $item["author-link"];
102         $profiledata["network"] = $item["network"];
103
104         // Fetching further contact data from the contact table
105         $r = q("SELECT `photo`, `nick`, `location`, `about` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d",
106                 normalise_link($profiledata["url"]), $item["uid"]);
107         if (count($r)) {
108                 $profiledata["photo"] = proxy_url($r[0]["photo"]);
109                 $profiledata["address"] = proxy_parse_html(bbcode($r[0]["location"]));
110                 $profiledata["about"] = proxy_parse_html(bbcode($r[0]["about"]));
111                 if ($r[0]["nick"] != "")
112                         $profiledata["nickname"] = $r[0]["nick"];
113         }
114
115         // Fetching profile data from unique contacts
116         $r = q("SELECT `avatar`, `nick`, `location`, `about` FROM `unique_contacts` WHERE `url` = '%s'", normalise_link($profiledata["url"]));
117         if (count($r)) {
118                 if ($profiledata["photo"] == "")
119                         $profiledata["photo"] = proxy_url($r[0]["avatar"]);
120                 if ($profiledata["address"] == "")
121                         $profiledata["address"] = proxy_parse_html(bbcode($r[0]["location"]));
122                 if ($profiledata["about"] == "")
123                         $profiledata["about"] = proxy_parse_html(bbcode($r[0]["about"]));
124                 if (($profiledata["nickname"] == "") AND ($r[0]["nick"] != ""))
125                         $profiledata["nickname"] = $r[0]["nick"];
126         }
127
128         // Check for a repeated message
129         $skip = false;
130         $body = trim($item["body"]);
131
132         // Skip if it isn't a pure repeated messages
133         // Does it start with a share?
134         if (!$skip AND strpos($body, "[share") > 0)
135                 $skip = true;
136
137         // Does it end with a share?
138         if (!$skip AND (strlen($body) > (strrpos($body, "[/share]") + 8)))
139                 $skip = true;
140
141         if (!$skip) {
142                 $attributes = preg_replace("/\[share(.*?)\]\s?(.*?)\s?\[\/share\]\s?/ism","$1",$body);
143                 // Skip if there is no shared message in there
144                 if ($body == $attributes)
145                         $skip = true;
146         }
147
148         if (!$skip) {
149                 $author = "";
150                 preg_match("/author='(.*?)'/ism", $attributes, $matches);
151                 if ($matches[1] != "")
152                         $profiledata["name"] = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8');
153
154                 preg_match('/author="(.*?)"/ism', $attributes, $matches);
155                 if ($matches[1] != "")
156                         $profiledata["name"] = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8');
157
158                 $profile = "";
159                 preg_match("/profile='(.*?)'/ism", $attributes, $matches);
160                 if ($matches[1] != "")
161                         $profiledata["url"] = $matches[1];
162
163                 preg_match('/profile="(.*?)"/ism', $attributes, $matches);
164                 if ($matches[1] != "")
165                         $profiledata["url"] = $matches[1];
166
167                 $avatar = "";
168                 preg_match("/avatar='(.*?)'/ism", $attributes, $matches);
169                 if ($matches[1] != "")
170                         $profiledata["photo"] = $matches[1];
171
172                 preg_match('/avatar="(.*?)"/ism', $attributes, $matches);
173                 if ($matches[1] != "")
174                         $profiledata["photo"] = $matches[1];
175
176                 $profiledata["nickname"] = $profiledata["name"];
177                 $profiledata["network"] = GetProfileUsername($profiledata["url"], "", false, true);
178
179                 $profiledata["address"] = "";
180                 $profiledata["about"] = "";
181
182                 // Fetching profile data from unique contacts
183                 if ($profiledata["url"] != "") {
184                         $r = q("SELECT `avatar`, `nick`, `location`, `about` FROM `unique_contacts` WHERE `url` = '%s'", normalise_link($profiledata["url"]));
185                         if (count($r)) {
186                                 $profiledata["photo"] = proxy_url($r[0]["avatar"]);
187                                 $profiledata["address"] = proxy_parse_html(bbcode($r[0]["location"]));
188                                 $profiledata["about"] = proxy_parse_html(bbcode($r[0]["about"]));
189                                 if ($r[0]["nick"] != "")
190                                         $profiledata["nickname"] = $r[0]["nick"];
191                         }
192                 }
193         }
194
195         if (local_user()) {
196                 if (in_array($profiledata["network"], array(NETWORK_DFRN, NETWORK_DIASPORA, NETWORK_OSTATUS)))
197                         $profiledata["remoteconnect"] = $a->get_baseurl()."/follow?url=".urlencode($profiledata["url"]);
198                 //if ($profiledata["network"] == NETWORK_DFRN) {
199                 //      $connect = str_replace("/profile/", "/dfrn_request/", $profiledata["url"])."&addr=".bin2hex($a->get_baseurl()."/profile/".$a->user["nickname"]);
200                 //      $profiledata["remoteconnect"] = $connect;
201                 //} elseif ($profiledata["network"] == NETWORK_DIASPORA)
202                 //      $profiledata["remoteconnect"] = $a->get_baseurl()."/contacts?add=".GetProfileUsername($profiledata["url"], "", true);
203         } elseif ($profiledata["network"] == NETWORK_DFRN) {
204                 $connect = str_replace("/profile/", "/dfrn_request/", $profiledata["url"]);
205                 $profiledata["remoteconnect"] = $connect;
206         }
207
208         return($profiledata);
209 }
210
211 function display_content(&$a, $update = 0) {
212
213         if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
214                 notice( t('Public access denied.') . EOL);
215                 return;
216         }
217
218         require_once("include/bbcode.php");
219         require_once('include/security.php');
220         require_once('include/conversation.php');
221         require_once('include/acl_selectors.php');
222
223
224         $o = '';
225
226         $a->page['htmlhead'] .= replace_macros(get_markup_template('display-head.tpl'), array());
227
228
229         if($update) {
230                 $nick = $_REQUEST['nick'];
231         }
232         else {
233                 $nick = (($a->argc > 1) ? $a->argv[1] : '');
234         }
235
236         if($update) {
237                 $item_id = $_REQUEST['item_id'];
238                 $a->profile = array('uid' => intval($update), 'profile_uid' => intval($update));
239         }
240         else {
241                 $item_id = (($a->argc > 2) ? $a->argv[2] : 0);
242
243                 if ($a->argc == 2) {
244                         $nick = "";
245
246                         if (local_user()) {
247                                 $r = q("SELECT `id` FROM `item`
248                                         WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
249                                                 AND `guid` = '%s' AND `uid` = %d", $a->argv[1], local_user());
250                                 if (count($r)) {
251                                         $item_id = $r[0]["id"];
252                                         $nick = $a->user["nickname"];
253                                 }
254                         }
255
256                         if ($nick == "") {
257                                 $r = q("SELECT `user`.`nickname`, `item`.`id` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
258                                         WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
259                                                 AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = ''
260                                                 AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = ''
261                                                 AND `item`.`private` = 0  AND NOT `user`.`hidewall`
262                                                 AND `item`.`guid` = '%s'", $a->argv[1]);
263                                         //      AND `item`.`private` = 0 AND `item`.`wall` = 1
264                                 if (count($r)) {
265                                         $item_id = $r[0]["id"];
266                                         $nick = $r[0]["nickname"];
267                                 }
268                         }
269                         if ($nick == "") {
270                                 $r = q("SELECT `item`.`id` FROM `item`
271                                         WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
272                                                 AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = ''
273                                                 AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = ''
274                                                 AND `item`.`private` = 0  AND `item`.`uid` = 0
275                                                 AND `item`.`guid` = '%s'", $a->argv[1]);
276                                         //      AND `item`.`private` = 0 AND `item`.`wall` = 1
277                                 if (count($r)) {
278                                         $item_id = $r[0]["id"];
279                                 }
280                         }
281                 }
282         }
283
284         if(! $item_id) {
285                 $a->error = 404;
286                 notice( t('Item not found.') . EOL);
287                 return;
288         }
289
290         $groups = array();
291
292         $contact = null;
293         $remote_contact = false;
294
295         $contact_id = 0;
296
297         if(is_array($_SESSION['remote'])) {
298                 foreach($_SESSION['remote'] as $v) {
299                         if($v['uid'] == $a->profile['uid']) {
300                                 $contact_id = $v['cid'];
301                                 break;
302                         }
303                 }
304         }
305
306         if($contact_id) {
307                 $groups = init_groups_visitor($contact_id);
308                 $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
309                         intval($contact_id),
310                         intval($a->profile['uid'])
311                 );
312                 if(count($r)) {
313                         $contact = $r[0];
314                         $remote_contact = true;
315                 }
316         }
317
318         if(! $remote_contact) {
319                 if(local_user()) {
320                         $contact_id = $_SESSION['cid'];
321                         $contact = $a->contact;
322                 }
323         }
324
325         $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
326                 intval($a->profile['uid'])
327         );
328         if(count($r))
329                 $a->page_contact = $r[0];
330
331         $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
332
333         if($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) {
334                 notice( t('Access to this profile has been restricted.') . EOL);
335                 return;
336         }
337
338         if ($is_owner) {
339                 $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
340
341                 $x = array(
342                         'is_owner' => true,
343                         'allow_location' => $a->user['allow_location'],
344                         'default_location' => $a->user['default-location'],
345                         'nickname' => $a->user['nickname'],
346                         'lockstate' => ( (is_array($a->user)) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))) ? 'lock' : 'unlock'),
347                         'acl' => populate_acl($a->user, $celeb),
348                         'bang' => '',
349                         'visitor' => 'block',
350                         'profile_uid' => local_user(),
351                         'acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector
352                 );
353                 $o .= status_editor($a,$x,0,true);
354         }
355
356         $sql_extra = item_permissions_sql($a->profile['uid'],$remote_contact,$groups);
357
358         //              AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' ))
359
360         if($update) {
361
362                 $r = q("SELECT id FROM item WHERE item.uid = %d
363                         AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE (`id` = '%s' OR `uri` = '%s'))
364                         $sql_extra AND unseen = 1",
365                         intval($a->profile['uid']),
366                         dbesc($item_id),
367                         dbesc($item_id)
368                 );
369
370                 if(!$r)
371                         return '';
372         }
373
374         //      AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE ( `id` = '%s' OR `uri` = '%s' )
375
376         $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,  `item`.`network` AS `item_network`,
377                 `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
378                 `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
379                 `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
380                 FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
381                 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
382                 WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
383                 and `item`.`moderated` = 0
384                 AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE (`id` = '%s' OR `uri` = '%s')
385                 AND uid = %d)
386                 $sql_extra
387                 ORDER BY `parent` DESC, `gravity` ASC, `id` ASC",
388                 intval($a->profile['uid']),
389                 dbesc($item_id),
390                 dbesc($item_id),
391                 intval($a->profile['uid'])
392         );
393
394         if(!$r && local_user()) {
395                 // Check if this is another person's link to a post that we have
396                 $r = q("SELECT `item`.uri FROM `item`
397                         WHERE (`item`.`id` = '%s' OR `item`.`uri` = '%s' )
398                         LIMIT 1",
399                         dbesc($item_id),
400                         dbesc($item_id)
401                 );
402                 if($r) {
403                         $item_uri = $r[0]['uri'];
404                         //      AND `item`.`parent` = ( SELECT `parent` FROM `item` FORCE INDEX (PRIMARY, `uri`) WHERE `uri` = '%s' AND uid = %d )
405
406                         $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,  `item`.`network` AS `item_network`,
407                                 `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
408                                 `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, 
409                                 `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
410                                 FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
411                                 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
412                                 WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
413                                 and `item`.`moderated` = 0
414                                 AND `item`.`parent` = (SELECT `parent` FROM `item` WHERE `uri` = '%s' AND uid = %d)
415                                 ORDER BY `parent` DESC, `gravity` ASC, `id` ASC ",
416                                 intval(local_user()),
417                                 dbesc($item_uri),
418                                 intval(local_user())
419                         );
420                 }
421         }
422
423
424         if($r) {
425
426                 if((local_user()) && (local_user() == $a->profile['uid'])) {
427                         q("UPDATE `item` SET `unseen` = 0
428                                 WHERE `parent` = %d AND `unseen` = 1",
429                                 intval($r[0]['parent'])
430                         );
431                 }
432
433                 $items = conv_sort($r,"`commented`");
434
435                 if(!$update)
436                         $o .= "<script> var netargs = '?f=&nick=" . $nick . "&item_id=" . $item_id . "'; </script>";
437                 $o .= conversation($a,$items,'display', $update);
438
439                 // Preparing the meta header
440                 require_once('include/bbcode.php');
441                 require_once("include/html2plain.php");
442                 $description = trim(html2plain(bbcode($r[0]["body"], false, false), 0, true));
443                 $title = trim(html2plain(bbcode($r[0]["title"], false, false), 0, true));
444                 $author_name = $r[0]["author-name"];
445
446                 $image = "";
447                 if ($image == "")
448                         $image = $r[0]["thumb"];
449
450                 if ($title == "")
451                         $title = $author_name;
452
453                 $description = htmlspecialchars($description, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
454                 $title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
455                 $author_name = htmlspecialchars($author_name, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
456
457                 //<meta name="keywords" content="">
458                 $a->page['htmlhead'] .= '<meta name="author" content="'.$author_name.'" />'."\n";
459                 $a->page['htmlhead'] .= '<meta name="title" content="'.$title.'" />'."\n";
460                 $a->page['htmlhead'] .= '<meta name="fulltitle" content="'.$title.'" />'."\n";
461                 $a->page['htmlhead'] .= '<meta name="description" content="'.$description.'" />'."\n";
462
463                 // Schema.org microdata
464                 $a->page['htmlhead'] .= '<meta itemprop="name" content="'.$title.'" />'."\n";
465                 $a->page['htmlhead'] .= '<meta itemprop="description" content="'.$description.'" />'."\n";
466                 $a->page['htmlhead'] .= '<meta itemprop="image" content="'.$image.'" />'."\n";
467                 $a->page['htmlhead'] .= '<meta itemprop="author" content="'.$author_name.'" />'."\n";
468
469                 // Twitter cards
470                 $a->page['htmlhead'] .= '<meta name="twitter:card" content="summary" />'."\n";
471                 $a->page['htmlhead'] .= '<meta name="twitter:title" content="'.$title.'" />'."\n";
472                 $a->page['htmlhead'] .= '<meta name="twitter:description" content="'.$description.'" />'."\n";
473                 $a->page['htmlhead'] .= '<meta name="twitter:image" content="'.$image.'" />'."\n";
474                 $a->page['htmlhead'] .= '<meta name="twitter:url" content="'.$r[0]["plink"].'" />'."\n";
475
476                 // Dublin Core
477                 $a->page['htmlhead'] .= '<meta name="DC.title" content="'.$title.'" />'."\n";
478                 $a->page['htmlhead'] .= '<meta name="DC.description" content="'.$description.'" />'."\n";
479
480                 // Open Graph
481                 $a->page['htmlhead'] .= '<meta property="og:type" content="website" />'."\n";
482                 $a->page['htmlhead'] .= '<meta property="og:title" content="'.$title.'" />'."\n";
483                 $a->page['htmlhead'] .= '<meta property="og:image" content="'.$image.'" />'."\n";
484                 $a->page['htmlhead'] .= '<meta property="og:url" content="'.$r[0]["plink"].'" />'."\n";
485                 $a->page['htmlhead'] .= '<meta property="og:description" content="'.$description.'" />'."\n";
486                 $a->page['htmlhead'] .= '<meta name="og:article:author" content="'.$author_name.'" />'."\n";
487                 // article:tag
488
489                 return $o;
490         }
491
492         $r = q("SELECT `id`,`deleted` FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1",
493                 dbesc($item_id),
494                 dbesc($item_id)
495         );
496         if($r) {
497                 if($r[0]['deleted']) {
498                         notice( t('Item has been removed.') . EOL );
499                 }
500                 else {
501                         notice( t('Permission denied.') . EOL );
502                 }
503         }
504         else {
505                 notice( t('Item not found.') . EOL );
506         }
507
508         return $o;
509 }
510