mod/profiles.php

   1 <?php
   2
   3
   4 function profiles_post(&$a) {
   5
   6         if(! local_user()) {
   7                 notice( t('Permission denied.') . EOL);
   8                 return;
   9         }
  10
  11         $namechanged = false;
  12
  13         if(($a->argc > 1) && ($a->argv[1] != "new") && intval($a->argv[1])) {
  14                 $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  15                         intval($a->argv[1]),
  16                         intval($_SESSION['uid'])
  17                 );
  18                 if(! count($orig)) {
  19                         notice( t('Profile not found.') . EOL);
  20                         return;
  21                 }
  22                 $is_default = (($orig[0]['is-default']) ? 1 : 0);
  23
  24                 $profile_name = notags(trim($_POST['profile_name']));
  25                 if(! strlen($profile_name)) {
  26                         notify( t('Profile Name is required.') . EOL);
  27                         return;
  28                 }
  29
  30                 $year = intval($_POST['year']);
  31                 if($year < 1900 || $year > 2100 || $year < 0)
  32                         $year = 0;
  33                 $month = intval($_POST['month']);
  34                         if(($month > 12) || ($month < 0))
  35                                 $month = 0;
  36                 $mtab = array(0,31,29,31,30,31,30,31,31,30,31,30,31);
  37                 $day = intval($_POST['day']);
  38                         if(($day > $mtab[$month]) || ($day < 0))
  39                                 $day = 0;
  40                 $dob = '0000-00-00';
  41                 $dob = sprintf('%04d-%02d-%02d',$year,$month,$day);
  42
  43
  44                 $name = notags(trim($_POST['name']));
  45
  46                 if($orig[0]['name'] != $name)
  47                         $namechanged = true;
  48
  49                 $gender = notags(trim($_POST['gender']));
  50                 $address = notags(trim($_POST['address']));
  51                 $locality = notags(trim($_POST['locality']));
  52                 $region = notags(trim($_POST['region']));
  53                 $postal_code = notags(trim($_POST['postal_code']));
  54                 $country_name = notags(trim($_POST['country_name']));
  55
  56                 $marital = notags(trim(implode(', ',$_POST['marital'])));
  57                 if($marital != $orig[0]['marital'])
  58                         $maritalchanged = true;
  59
  60                 $sexual = notags(trim($_POST['sexual']));
  61                 $homepage = notags(trim($_POST['homepage']));
  62                 $politic = notags(trim($_POST['politic']));
  63                 $religion = notags(trim($_POST['religion']));
  64
  65                 $about = escape_tags(trim($_POST['about']));
  66                 $interest = escape_tags(trim($_POST['interest']));
  67                 $contact = escape_tags(trim($_POST['contact']));
  68                 $music = escape_tags(trim($_POST['music']));
  69                 $book = escape_tags(trim($_POST['book']));
  70                 $tv = escape_tags(trim($_POST['tv']));
  71                 $film = escape_tags(trim($_POST['film']));
  72                 $romance = escape_tags(trim($_POST['romance']));
  73                 $work = escape_tags(trim($_POST['work']));
  74                 $education = escape_tags(trim($_POST['education']));
  75                 if(x($_POST,'profile_in_directory'))
  76                         $publish = (($_POST['profile_in_directory'] == 1) ? 1: 0);
  77                 if(x($_POST,'profile_in_netdirectory'))
  78                         $net_publish = (($_POST['profile_in_netdirectory'] == 1) ? 1: 0);
  79
  80
  81                 $r = q("UPDATE `profile`
  82                         SET `profile-name` = '%s',
  83                         `name` = '%s',
  84                         `gender` = '%s',
  85                         `dob` = '%s',
  86                         `address` = '%s',
  87                         `locality` = '%s',
  88                         `region` = '%s',
  89                         `postal-code` = '%s',
  90                         `country-name` = '%s',
  91                         `marital` = '%s',
  92                         `sexual` = '%s',
  93                         `homepage` = '%s',
  94                         `politic` = '%s',
  95                         `religion` = '%s',
  96                         `about` = '%s',
  97                         `interest` = '%s',
  98                         `contact` = '%s',
  99                         `music` = '%s',
 100                         `book` = '%s',
 101                         `tv` = '%s',
 102                         `film` = '%s',
 103                         `romance` = '%s',
 104                         `work` = '%s',
 105                         `education` = '%s'
 106                         WHERE `id` = %d AND `uid` = %d LIMIT 1",
 107                         dbesc($profile_name),
 108                         dbesc($name),
 109                         dbesc($gender),
 110                         dbesc($dob),
 111                         dbesc($address),
 112                         dbesc($locality),
 113                         dbesc($region),
 114                         dbesc($postal_code),
 115                         dbesc($country_name),
 116                         dbesc($marital),
 117                         dbesc($sexual),
 118                         dbesc($homepage),
 119                         dbesc($politic),
 120                         dbesc($religion),
 121                         dbesc($about),
 122                         dbesc($interest),
 123                         dbesc($contact),
 124                         dbesc($music),
 125                         dbesc($book),
 126                         dbesc($tv),
 127                         dbesc($film),
 128                         dbesc($romance),
 129                         dbesc($work),
 130                         dbesc($education),
 131                         intval($a->argv[1]),
 132                         intval($_SESSION['uid'])
 133                 );
 134
 135                 if($r)
 136                         notice( t('Profile updated.') . EOL);
 137
 138
 139                 if($is_default) {
 140                         $r = q("UPDATE `profile`
 141                         SET `publish` = %d, `net-publish` = %d
 142                         WHERE `id` = %d AND `uid` = %d LIMIT 1",
 143                         intval($publish),
 144                         intval($net_publish),
 145                         intval($a->argv[1]),
 146                         intval($_SESSION['uid'])
 147
 148                         );
 149                 }
 150                 if($namechanged && $is_default) {
 151                         $r = q("UPDATE `contact` SET `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d LIMIT 1",
 152                                 dbesc(datetime_convert()),
 153                                 intval($_SESSION['uid'])
 154                         );
 155                 }
 156                 if($is_default) {
 157                         // Update global directory in background
 158                         $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
 159                         $url = $_SESSION['my_url'];
 160                         if($url && strlen(get_config('system','directory_submit_url')))
 161                                 proc_close(proc_open("\"$php_path\" \"include/directory.php\" \"$url\" &",
 162                                         array(),$foo));
 163                 }
 164         }
 165 }
 166
 167
 168
 169
 170 function profiles_content(&$a) {
 171         if(! local_user()) {
 172                 notice( t('Permission denied.') . EOL);
 173                 return;
 174         }
 175
 176         if(($a->argc > 2) && ($a->argv[1] == "drop") && intval($a->argv[2])) {
 177                 $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d AND `is-default` = 0 LIMIT 1",
 178                         intval($a->argv[2]),
 179                         intval($_SESSION['uid'])
 180                 );
 181                 if(! count($r)) {
 182                         notice( t('Profile not found.') . EOL);
 183                         goaway($a->get_baseurl() . '/profiles');
 184                         return; // NOTREACHED
 185                 }
 186
 187                 // move every contact using this profile as their default to the user default
 188
 189                 $r = q("UPDATE `contact` SET `profile-id` = (SELECT `profile`.`id` AS `profile-id` FROM `profile` WHERE `profile`.`is-default` = 1 AND `profile`.`uid` = %d LIMIT 1) WHERE `profile-id` = %d AND `uid` = %d ",
 190                         intval($_SESSION['uid']),
 191                         intval($a->argv[2]),
 192                         intval($_SESSION['uid'])
 193                 );
 194                 $r = q("DELETE FROM `profile` WHERE `id` = %d LIMIT 1",
 195                         intval($a->argv[2])
 196                 );
 197                 if($r)
 198                         notice( t('Profile deleted.') . EOL);
 199
 200                 goaway($a->get_baseurl() . '/profiles');
 201                 return; // NOTREACHED
 202         }
 203
 204
 205
 206
 207
 208         if(($a->argc > 1) && ($a->argv[1] == 'new')) {
 209
 210                 $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
 211                         intval($_SESSION['uid']));
 212                 $num_profiles = count($r0);
 213
 214                 $name = t('Profile-') . ($num_profiles + 1);
 215
 216                 $r1 = q("SELECT `name`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
 217                         intval($_SESSION['uid']));
 218
 219                 $r2 = q("INSERT INTO `profile` (`uid` , `profile-name` , `name`, `photo`, `thumb`)
 220                         VALUES ( %d, '%s', '%s', '%s', '%s' )",
 221                         intval($_SESSION['uid']),
 222                         dbesc($name),
 223                         dbesc($r1[0]['name']),
 224                         dbesc($r1[0]['photo']),
 225                         dbesc($ra[0]['thumb'])
 226                 );
 227
 228                 $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
 229                         intval($_SESSION['uid']),
 230                         dbesc($name)
 231                 );
 232                 notice( t('New profile created.') . EOL);
 233                 if(count($r3) == 1)
 234                         goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
 235                 goaway($a->get_baseurl() . '/profiles');
 236         }
 237
 238         if(($a->argc > 2) && ($a->argv[1] == 'clone')) {
 239
 240                 $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d",
 241                         intval($_SESSION['uid']));
 242                 $num_profiles = count($r0);
 243
 244                 $name = t('Profile-') . ($num_profiles + 1);
 245                 $r1 = q("SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d LIMIT 1",
 246                         intval($_SESSION['uid']),
 247                         intval($a->argv[2])
 248                 );
 249                 if(! count($r1)) {
 250                         notice( t('Profile unavailable to clone.') . EOL);
 251                         return;
 252                 }
 253                 unset($r1[0]['id']);
 254                 $r1[0]['is-default'] = 0;
 255                 $r1[0]['publish'] = 0;
 256                 $r1[0]['profile-name'] = dbesc($name);
 257
 258                 dbesc_array($r1[0]);
 259
 260                 $r2 = q("INSERT INTO `profile` (`"
 261                         . implode("`, `", array_keys($r1[0]))
 262                         . "`) VALUES ('"
 263                         . implode("', '", array_values($r1[0]))
 264                         . "')" );
 265
 266                 $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1",
 267                         intval($_SESSION['uid']),
 268                         dbesc($name)
 269                 );
 270                 notice( t('New profile created.') . EOL);
 271                 if(count($r3) == 1)
 272                         goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']);
 273         goaway($a->get_baseurl() . '/profiles');
 274         return; // NOTREACHED
 275         }
 276
 277
 278         if(intval($a->argv[1])) {
 279                 $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 280                         intval($a->argv[1]),
 281                         intval($_SESSION['uid'])
 282                 );
 283                 if(! count($r)) {
 284                         notice( t('Profile not found.') . EOL);
 285                         return;
 286                 }
 287
 288                 require_once('mod/profile.php');
 289                 profile_load($a,$a->user['nickname'],$r[0]['id']);
 290
 291                 require_once('view/profile_selectors.php');
 292
 293                 $tpl = file_get_contents('view/profed_head.tpl');
 294                 $opt_tpl = file_get_contents("view/profile-in-directory.tpl");
 295                 $profile_in_dir = replace_macros($opt_tpl,array(
 296                         '$yes_selected' => (($r[0]['publish']) ? " checked=\"checked\" " : ""),
 297                         '$no_selected' => (($r[0]['publish'] == 0) ? " checked=\"checked\" " : "")
 298                 ));
 299
 300                 if(strlen(get_config('system','directory_submit_url'))) {
 301                         $opt_tpl = file_get_contents("view/profile-in-netdir.tpl");
 302
 303                         $profile_in_net_dir = replace_macros($opt_tpl,array(
 304                                 '$yes_selected' => (($r[0]['net-publish']) ? " checked=\"checked\" " : ""),
 305                                 '$no_selected' => (($r[0]['net-publish'] == 0) ? " checked=\"checked\" " : "")
 306                         ));
 307                 }
 308                 else
 309                         $profile_in_net_dir = '';
 310
 311
 312                 $opt_tpl = file_get_contents("view/profile-hide-friends.tpl");
 313                 $hide_friends = replace_macros($opt_tpl,array(
 314                         '$yes_selected' => (($r[0]['hide-friends']) ? " checked=\"checked\" " : ""),
 315                         '$no_selected' => (($r[0]['hide-friends'] == 0) ? " checked=\"checked\" " : "")
 316                 ));
 317
 318
 319                 $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
 320                 $a->page['htmlhead'] .= "<script type=\"text/javascript\" src=\"include/country.js\" ></script>";
 321
 322
 323
 324
 325
 326                 $is_default = (($r[0]['is-default']) ? 1 : 0);
 327                 $tpl = file_get_contents("view/profile_edit.tpl");
 328                 $o .= replace_macros($tpl,array(
 329                         '$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''),
 330                         '$baseurl' => $a->get_baseurl(),
 331                         '$profile_id' => $r[0]['id'],
 332                         '$profile_name' => $r[0]['profile-name'],
 333                         '$default' => (($is_default) ? '<p id="profile-edit-default-desc">' . t('This is your <strong>public</strong> profile.<br />It <strong>may</strong> be visible to anybody using the internet.') . '</p>' : ""),
 334                         '$name' => $r[0]['name'],
 335                         '$dob' => dob($r[0]['dob']),
 336                         '$hide_friends' => $hide_friends,
 337                         '$address' => $r[0]['address'],
 338                         '$locality' => $r[0]['locality'],
 339                         '$region' => $r[0]['region'],
 340                         '$postal_code' => $r[0]['postal-code'],
 341                         '$country_name' => $r[0]['country-name'],
 342                         '$age' => ((intval($r[0]['dob'])) ? '(' . t('Age: ') . age($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''),
 343                         '$gender' => gender_selector($r[0]['gender']),
 344                         '$marital' => marital_selector($r[0]['marital']),
 345                         '$sexual' => sexpref_selector($r[0]['sexual']),
 346                         '$about' => $r[0]['about'],
 347                         '$homepage' => $r[0]['homepage'],
 348                         '$politic' => $r[0]['politic'],
 349                         '$religion' => $r[0]['religion'],
 350                         '$music' => $r[0]['music'],
 351                         '$book' => $r[0]['book'],
 352                         '$tv' => $r[0]['tv'],
 353                         '$film' => $r[0]['film'],
 354                         '$interest' => $r[0]['interest'],
 355                         '$romance' => $r[0]['romance'],
 356                         '$work' => $r[0]['work'],
 357                         '$education' => $r[0]['education'],
 358                         '$contact' => $r[0]['contact'],
 359                         '$profile_in_dir' => (($is_default) ? $profile_in_dir : ''),
 360                         '$profile_in_net_dir' => (($is_default) ? $profile_in_net_dir : '')
 361                 ));
 362
 363                 return $o;
 364
 365
 366         }
 367         else {
 368
 369                 $r = q("SELECT * FROM `profile` WHERE `uid` = %d",
 370                         $_SESSION['uid']);
 371                 if(count($r)) {
 372
 373                         $o .= file_get_contents('view/profile_listing_header.tpl');
 374                         $tpl_default = file_get_contents('view/profile_entry_default.tpl');
 375                         $tpl = file_get_contents('view/profile_entry.tpl');
 376
 377                         foreach($r as $rr) {
 378                                 $template = (($rr['is-default']) ? $tpl_default : $tpl);
 379                                 $o .= replace_macros($template, array(
 380                                         '$photo' => $rr['thumb'],
 381                                         '$id' => $rr['id'],
 382                                         '$profile_name' => $rr['profile-name']
 383                                 ));
 384                         }
 385                 }
 386                 return $o;
 387         }
 388
 389 }