]> git.mxchange.org Git - friendica.git/blob - mod/profiles.php
fix json_encode on url's
[friendica.git] / mod / profiles.php
1 <?php
2
3
4 function profiles_post(&$a) {
5
6         if(! local_user()) {
7                 notice( t('Permission denied.') . EOL);
8                 return;
9         }
10
11         $namechanged = false;
12
13         call_hooks('profile_post', $_POST);
14
15         if(($a->argc > 1) && ($a->argv[1] !== "new") && intval($a->argv[1])) {
16                 $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
17                         intval($a->argv[1]),
18                         intval(local_user())
19                 );
20                 if(! count($orig)) {
21                         notice( t('Profile not found.') . EOL);
22                         return;
23                 }
24                 $is_default = (($orig[0]['is-default']) ? 1 : 0);
25
26                 $profile_name = notags(trim($_POST['profile_name']));
27                 if(! strlen($profile_name)) {
28                         notify( t('Profile Name is required.') . EOL);
29                         return;
30                 }
31         
32                 $year = intval($_POST['year']);
33                 if($year < 1900 || $year > 2100 || $year < 0)
34                         $year = 0;
35                 $month = intval($_POST['month']);
36                         if(($month > 12) || ($month < 0))
37                                 $month = 0;
38                 $mtab = array(0,31,29,31,30,31,30,31,31,30,31,30,31);
39                 $day = intval($_POST['day']);
40                         if(($day > $mtab[$month]) || ($day < 0))
41                                 $day = 0;
42                 $dob = '0000-00-00';
43                 $dob = sprintf('%04d-%02d-%02d',$year,$month,$day);
44
45                         
46                 $name = notags(trim($_POST['name']));
47
48                 if($orig[0]['name'] != $name)
49                         $namechanged = true;
50
51                 $pdesc = notags(trim($_POST['pdesc']));
52                 $gender = notags(trim($_POST['gender']));
53                 $address = notags(trim($_POST['address']));
54                 $locality = notags(trim($_POST['locality']));
55                 $region = notags(trim($_POST['region']));
56                 $postal_code = notags(trim($_POST['postal_code']));
57                 $country_name = notags(trim($_POST['country_name']));
58                 $pub_keywords = notags(trim($_POST['pub_keywords']));
59                 $prv_keywords = notags(trim($_POST['prv_keywords']));
60                 $marital = notags(trim($_POST['marital']));
61                 if($marital != $orig[0]['marital'])
62                         $maritalchanged = true;
63
64                 $with = ((x($_POST,'with')) ? notags(trim($_POST['with'])) : '');
65
66                 // linkify the relationship target if applicable
67
68                 if(strlen($with)) {
69                         if($with != strip_tags($orig[0]['with'])) {
70                                 $prf = '';
71                                 $lookup = $with;
72                                 if(strpos($lookup,'@') === 0)
73                                         $lookup = substr($lookup,1);
74                                 $lookup = str_replace('_',' ', $lookup);
75                                 if(strpos($lookup,'@') || (strpos($lookup,'http://'))) {
76                                         $newname = $lookup;
77                                         $links = @lrdd($lookup);
78                                         if(count($links)) {
79                                                 foreach($links as $link) {
80                                                         if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
81                                         $prf = $link['@attributes']['href'];
82                                                         }
83                                                 }
84                                         }
85                                 }
86                                 else {
87                                         $newname = $lookup;
88                                         if(strstr($lookup,' ')) {
89                                                 $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
90                                                         dbesc($newname),
91                                                         intval(local_user())
92                                                 );
93                                         }
94                                         else {
95                                                 $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1",
96                                                         dbesc($lookup),
97                                                         intval(local_user())
98                                                 );
99                                         }
100                                         if(count($r)) {
101                                                 $prf = $r[0]['url'];
102                                                 $newname = $r[0]['name'];
103                                         }
104                                 }
105         
106                                 if($prf) {
107                                         $with = str_replace($lookup,'<a href="' . $prf . '">' . $newname        . '</a>', $with);
108                                         if(strpos($with,'@') === 0)
109                                                 $with = substr($with,1);
110                                 }
111                         }
112                         else
113                                 $with = $orig[0]['with'];
114                 }
115
116                 $sexual = notags(trim($_POST['sexual']));
117                 $homepage = notags(trim($_POST['homepage']));
118                 $politic = notags(trim($_POST['politic']));
119                 $religion = notags(trim($_POST['religion']));
120
121                 $about = escape_tags(trim($_POST['about']));
122                 $interest = escape_tags(trim($_POST['interest']));
123                 $contact = escape_tags(trim($_POST['contact']));
124                 $music = escape_tags(trim($_POST['music']));
125                 $book = escape_tags(trim($_POST['book']));
126                 $tv = escape_tags(trim($_POST['tv']));
127                 $film = escape_tags(trim($_POST['film']));
128                 $romance = escape_tags(trim($_POST['romance']));
129                 $work = escape_tags(trim($_POST['work']));
130                 $education = escape_tags(trim($_POST['education']));
131                 $hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0);
132
133
134                 $r = q("UPDATE `profile` 
135                         SET `profile-name` = '%s',
136                         `name` = '%s',
137                         `pdesc` = '%s',
138                         `gender` = '%s',
139                         `dob` = '%s',
140                         `address` = '%s',
141                         `locality` = '%s',
142                         `region` = '%s',
143                         `postal-code` = '%s',
144                         `country-name` = '%s',
145                         `marital` = '%s',
146                         `with` = '%s',
147                         `sexual` = '%s',
148                         `homepage` = '%s',
149                         `politic` = '%s',
150                         `religion` = '%s',
151                         `pub_keywords` = '%s',
152                         `prv_keywords` = '%s',
153                         `about` = '%s',
154                         `interest` = '%s',
155                         `contact` = '%s',
156                         `music` = '%s',
157                         `book` = '%s',
158                         `tv` = '%s',
159                         `film` = '%s',
160                         `romance` = '%s',
161                         `work` = '%s',
162                         `education` = '%s',
163                         `hide-friends` = %d
164                         WHERE `id` = %d AND `uid` = %d LIMIT 1",
165                         dbesc($profile_name),
166                         dbesc($name),
167                         dbesc($pdesc),
168                         dbesc($gender),
169                         dbesc($dob),
170                         dbesc($address),
171                         dbesc($locality),
172                         dbesc($region),
173                         dbesc($postal_code),
174                         dbesc($country_name),
175                         dbesc($marital),
176                         dbesc($with),
177                         dbesc($sexual),
178                         dbesc($homepage),
179                         dbesc($politic),
180                         dbesc($religion),
181                         dbesc($pub_keywords),
182                         dbesc($prv_keywords),
183                         dbesc($about),
184                         dbesc($interest),
185                         dbesc($contact),
186                         dbesc($music),
187                         dbesc($book),
188                         dbesc($tv),
189                         dbesc($film),
190                         dbesc($romance),
191                         dbesc($work),
192                         dbesc($education),
193                         intval($hide_friends),
194                         intval($a->argv[1]),
195                         intval($_SESSION['uid'])
196                 );
197
198                 if($r)
199                         notice( t('Profile updated.') . EOL);
200
201
202                 if($namechanged && $is_default) {
203                         $r = q("UPDATE `contact` SET `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1",
204                                 dbesc(datetime_convert()),
205                                 intval(local_user())
206                         );
207                 }
208
209                 if($is_default) {
210                         // Update global directory in background
211                         $url = $_SESSION['my_url'];
212                         if($url && strlen(get_config('system','directory_submit_url')))
213                                 proc_run('php',"include/directory.php","$url");
214                 }
215         }
216 }
217
218
219
220
221 function profiles_content(&$a) {
222
223         $o = '';
224         $o .= '<script> $(document).ready(function() { $(\'#nav-profiles-link\').addClass(\'nav-selected\'); });</script>';
225
226         if(! local_user()) {
227                 notice( t('Permission denied.') . EOL);
228                 return;
229         }
230
231         if(($a->argc > 2) && ($a->argv[1] === "drop") && intval($a->argv[2])) {
232                 $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is-default` = 0 LIMIT 1",
233                         intval($a->argv[2]),
234                         intval(local_user())
235                 );
236                 if(! count($r)) {
237                         notice( t('Profile not found.') . EOL);
238                         goaway($a->get_baseurl() . '/profiles');
239                         return; // NOTREACHED
240                 }
241
242                 // move every contact using this profile as their default to the user default
243
244                 $r = q("UPDATE `contact` SET `profile-id` = (SELECT `profile`.`id` AS `profile-id` FROM `profile` WHERE `profile`.`is-default` = 1 AND `profile`.`uid` = %d LIMIT 1) WHERE `profile-id` = %d AND `uid` = %d ",
245                         intval(local_user()),
246                         intval($a->argv[2]),
247                         intval(local_user())
248                 );
249                 $r = q("DELETE FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
250                         intval($a->argv[2]),
251                         intval(local_user())
252                 );
253                 if($r)
254                         notice( t('Profile deleted.') . EOL);
255
256                 goaway($a->get_baseurl() . '/profiles');
257                 return; // NOTREACHED
258         }
259
260
261
262
263
264         if(($a->argc > 1) && ($a->argv[1] === 'new')) {
265
266                 $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
267                         intval(local_user()));
268                 $num_profiles = count($r0);
269
270                 $name = t('Profile-') . ($num_profiles + 1);
271
272                 $r1 = q("SELECT `name`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
273                         intval(local_user()));
274                 
275                 $r2 = q("INSERT INTO `profile` (`uid` , `profile-name` , `name`, `photo`, `thumb`)
276                         VALUES ( %d, '%s', '%s', '%s', '%s' )",
277                         intval(local_user()),
278                         dbesc($name),
279                         dbesc($r1[0]['name']),
280                         dbesc($r1[0]['photo']),
281                         dbesc($r1[0]['thumb'])
282                 );
283
284                 $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
285                         intval(local_user()),
286                         dbesc($name)
287                 );
288
289                 notice( t('New profile created.') . EOL);
290                 if(count($r3) == 1)
291                         goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
292                 goaway($a->get_baseurl() . '/profiles');
293         }                
294
295         if(($a->argc > 2) && ($a->argv[1] === 'clone')) {
296
297                 $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
298                         intval(local_user()));
299                 $num_profiles = count($r0);
300
301                 $name = t('Profile-') . ($num_profiles + 1);
302                 $r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1",
303                         intval(local_user()),
304                         intval($a->argv[2])
305                 );
306                 if(! count($r1)) {
307                         notice( t('Profile unavailable to clone.') . EOL);
308                         return;
309                 }
310                 unset($r1[0]['id']);
311                 $r1[0]['is-default'] = 0;
312                 $r1[0]['publish'] = 0;  
313                 $r1[0]['net-publish'] = 0;      
314                 $r1[0]['profile-name'] = dbesc($name);
315
316                 dbesc_array($r1[0]);
317
318                 $r2 = dbq("INSERT INTO `profile` (`" 
319                         . implode("`, `", array_keys($r1[0])) 
320                         . "`) VALUES ('" 
321                         . implode("', '", array_values($r1[0])) 
322                         . "')" );
323
324                 $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
325                         intval(local_user()),
326                         dbesc($name)
327                 );
328                 notice( t('New profile created.') . EOL);
329                 if(count($r3) == 1)
330                         goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
331         goaway($a->get_baseurl() . '/profiles');
332         return; // NOTREACHED
333         }                
334
335
336         if(($a->argc > 1) && (intval($a->argv[1]))) {
337                 $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
338                         intval($a->argv[1]),
339                         intval(local_user())
340                 );
341                 if(! count($r)) {
342                         notice( t('Profile not found.') . EOL);
343                         return;
344                 }
345
346                 profile_load($a,$a->user['nickname'],$r[0]['id']);
347
348                 require_once('include/profile_selectors.php');
349
350                 $tpl = get_markup_template('profed_head.tpl');
351
352                 $opt_tpl = get_markup_template("profile-hide-friends.tpl");
353                 $hide_friends = replace_macros($opt_tpl,array(
354                         '$desc' => t('Hide my contact/friend list from viewers of this profile?'),
355                         '$yes_str' => t('Yes'),
356                         '$no_str' => t('No'),
357                         '$yes_selected' => (($r[0]['hide-friends']) ? " checked=\"checked\" " : ""),
358                         '$no_selected' => (($r[0]['hide-friends'] == 0) ? " checked=\"checked\" " : "")
359                 ));
360
361
362                 $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
363                 $a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"include/country.js\" ></script>";
364
365
366                 $is_default = (($r[0]['is-default']) ? 1 : 0);
367                 $tpl = get_markup_template("profile_edit.tpl");
368                 $o .= replace_macros($tpl,array(
369                         '$banner' => t('Edit Profile Details'),
370                         '$submit' => t('Submit'),
371                         '$viewprof' => t('View this profile'),
372                         '$cr_prof' => t('Create a new profile using these settings'),
373                         '$cl_prof' => t('Clone this profile'),
374                         '$del_prof' => t('Delete this profile'),
375                         '$lbl_profname' => t('Profile Name:'),
376                         '$lbl_fullname' => t('Your Full Name:'),
377                         '$lbl_title' => t('Title/Description:'),
378                         '$lbl_gender' => t('Your Gender:'),
379                         '$lbl_bd' => t("Birthday \x28y/m/d\x29:"),
380                         '$lbl_address' => t('Street Address:'),
381                         '$lbl_city' => t('Locality/City:'),
382                         '$lbl_zip' => t('Postal/Zip Code:'),
383                         '$lbl_country' => t('Country:'),
384                         '$lbl_region' => t('Region/State:'),
385                         '$lbl_marital' => t('<span class="heart">&hearts;</span> Marital Status:'),
386                         '$lbl_with' => t("Who: \x28if applicable\x29"),
387                         '$lbl_ex1' => t('Examples: cathy123, Cathy Williams, cathy@example.com'),
388                         '$lbl_sexual' => t('Sexual Preference:'),
389                         '$lbl_homepage' => t('Homepage URL:'),
390                         '$lbl_politic' => t('Political Views:'),
391                         '$lbl_religion' => t('Religious Views:'),
392                         '$lbl_pubkey' => t('Public Keywords:'),
393                         '$lbl_prvkey' => t('Private Keywords:'),
394                         '$lbl_ex2' => t('Example: fishing photography software'),
395                         '$lbl_pubdsc' => t("\x28Used for suggesting potential friends, can be seen by others\x29"),
396                         '$lbl_prvdsc' => t("\x28Used for searching profiles, never shown to others\x29"),
397                         '$lbl_about' => t('Tell us about yourself...'),
398                         '$lbl_hobbies' => t('Hobbies/Interests'),
399                         '$lbl_social' => t('Contact information and Social Networks'),
400                         '$lbl_music' => t('Musical interests'),
401                         '$lbl_book' => t('Books, literature'),
402                         '$lbl_tv' => t('Television'),
403                         '$lbl_film' => t('Film/dance/culture/entertainment'),
404                         '$lbl_love' => t('Love/romance'),
405                         '$lbl_work' => t('Work/employment'),
406                         '$lbl_school' => t('School/education'),
407                         '$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''),
408                         '$baseurl' => $a->get_baseurl(),
409                         '$profile_id' => $r[0]['id'],
410                         '$profile_name' => $r[0]['profile-name'],
411                         '$default' => (($is_default) ? '<p id="profile-edit-default-desc">' . t('This is your <strong>public</strong> profile.<br />It <strong>may</strong> be visible to anybody using the internet.') . '</p>' : ""),
412                         '$name' => $r[0]['name'],
413                         '$pdesc' => $r[0]['pdesc'],
414                         '$dob' => dob($r[0]['dob']),
415                         '$hide_friends' => $hide_friends,
416                         '$address' => $r[0]['address'],
417                         '$locality' => $r[0]['locality'],
418                         '$region' => $r[0]['region'],
419                         '$postal_code' => $r[0]['postal-code'],
420                         '$country_name' => $r[0]['country-name'],
421                         '$age' => ((intval($r[0]['dob'])) ? '(' . t('Age: ') . age($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''),
422                         '$gender' => gender_selector($r[0]['gender']),
423                         '$marital' => marital_selector($r[0]['marital']),
424                         '$with' => strip_tags($r[0]['with']),
425                         '$sexual' => sexpref_selector($r[0]['sexual']),
426                         '$about' => $r[0]['about'],
427                         '$homepage' => $r[0]['homepage'],
428                         '$politic' => $r[0]['politic'],
429                         '$religion' => $r[0]['religion'],
430                         '$pub_keywords' => $r[0]['pub_keywords'],
431                         '$prv_keywords' => $r[0]['prv_keywords'],
432                         '$music' => $r[0]['music'],
433                         '$book' => $r[0]['book'],
434                         '$tv' => $r[0]['tv'],
435                         '$film' => $r[0]['film'],
436                         '$interest' => $r[0]['interest'],
437                         '$romance' => $r[0]['romance'],
438                         '$work' => $r[0]['work'],
439                         '$education' => $r[0]['education'],
440                         '$contact' => $r[0]['contact']
441                 ));
442
443                 $arr = array('profile' => $r[0], 'entry' => $o);
444                 call_hooks('profile_edit', $arr);
445
446                 return $o;
447         }
448         else {
449
450                 $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
451                         local_user());
452                 if(count($r)) {
453
454                         $tpl_header = get_markup_template('profile_listing_header.tpl');
455                         $o .= replace_macros($tpl_header,array(
456                                 '$header' => t('Profiles'),
457                                 '$chg_photo' => t('Change profile photo'),
458                                 '$cr_new' => t('Create New Profile')
459                         ));
460
461
462                         $tpl = get_markup_template('profile_entry.tpl');
463
464                         foreach($r as $rr) {
465                                 $o .= replace_macros($tpl, array(
466                                         '$photo' => $rr['thumb'],
467                                         '$id' => $rr['id'],
468                                         '$alt' => t('Profile Image'),
469                                         '$profile_name' => $rr['profile-name'],
470                                         '$visible' => (($rr['is-default']) ?  '<strong>' . t('Visible to everybody') . '</strong>' 
471                                                 : '<a href="' . $a->get_baseurl() . '/profperm/' . $rr['id'] . '" />' . t('Edit visibility') . '</a>')
472                                 ));
473                         }
474                 }
475                 return $o;
476         }
477
478 }