src/Module/Profile/Profile.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2022, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module\Profile;
  23
  24 use Friendica\Content\Feature;
  25 use Friendica\Content\ForumManager;
  26 use Friendica\Content\Nav;
  27 use Friendica\Content\Text\BBCode;
  28 use Friendica\Content\Text\HTML;
  29 use Friendica\Core\Hook;
  30 use Friendica\Core\Protocol;
  31 use Friendica\Core\Renderer;
  32 use Friendica\Core\System;
  33 use Friendica\Database\DBA;
  34 use Friendica\DI;
  35 use Friendica\Model\Contact;
  36 use Friendica\Model\Profile as ProfileModel;
  37 use Friendica\Model\Tag;
  38 use Friendica\Model\User;
  39 use Friendica\Module\BaseProfile;
  40 use Friendica\Module\Security\Login;
  41 use Friendica\Network\HTTPException;
  42 use Friendica\Protocol\ActivityPub;
  43 use Friendica\Util\DateTimeFormat;
  44 use Friendica\Util\Temporal;
  45
  46 class Profile extends BaseProfile
  47 {
  48         protected function rawContent(array $request = [])
  49         {
  50                 if (ActivityPub::isRequest()) {
  51                         $user = DBA::selectFirst('user', ['uid'], ['nickname' => $this->parameters['nickname'], 'account_removed' => false]);
  52                         if (DBA::isResult($user)) {
  53                                 try {
  54                                         $data = ActivityPub\Transmitter::getProfile($user['uid']);
  55                                         header('Access-Control-Allow-Origin: *');
  56                                         header('Cache-Control: max-age=23200, stale-while-revalidate=23200');
  57                                         System::jsonExit($data, 'application/activity+json');
  58                                 } catch (HTTPException\NotFoundException $e) {
  59                                         System::jsonError(404, ['error' => 'Record not found']);
  60                                 }
  61                         }
  62
  63                         if (DBA::exists('userd', ['username' => $this->parameters['nickname']])) {
  64                                 // Known deleted user
  65                                 $data = ActivityPub\Transmitter::getDeletedUser($this->parameters['nickname']);
  66
  67                                 System::jsonError(410, $data);
  68                         } else {
  69                                 // Any other case (unknown, blocked, nverified, expired, no profile, no self contact)
  70                                 System::jsonError(404, []);
  71                         }
  72                 }
  73         }
  74
  75         protected function content(array $request = []): string
  76         {
  77                 $a = DI::app();
  78
  79                 $profile = ProfileModel::load($a, $this->parameters['nickname']);
  80                 if (!$profile) {
  81                         throw new HTTPException\NotFoundException(DI::l10n()->t('Profile not found.'));
  82                 }
  83
  84                 $remote_contact_id = DI::userSession()->getRemoteContactID($profile['uid']);
  85
  86                 if (DI::config()->get('system', 'block_public') && !DI::userSession()->getLocalUserId() && !$remote_contact_id) {
  87                         return Login::form();
  88                 }
  89
  90                 $is_owner = DI::userSession()->getLocalUserId() == $profile['uid'];
  91
  92                 if (!empty($profile['hidewall']) && !$is_owner && !$remote_contact_id) {
  93                         throw new HTTPException\ForbiddenException(DI::l10n()->t('Access to this profile has been restricted.'));
  94                 }
  95
  96                 if (!empty($profile['page-flags']) && $profile['page-flags'] == User::PAGE_FLAGS_COMMUNITY) {
  97                         DI::page()['htmlhead'] .= '<meta name="friendica.community" content="true" />' . "\n";
  98                 }
  99
 100                 DI::page()['htmlhead'] .= self::buildHtmlHead($profile, $this->parameters['nickname'], $remote_contact_id);
 101
 102                 Nav::setSelected('home');
 103
 104                 $is_owner = DI::userSession()->getLocalUserId() == $profile['uid'];
 105                 $o = self::getTabsHTML($a, 'profile', $is_owner, $profile['nickname'], $profile['hide-friends']);
 106
 107                 if (!empty($profile['hidewall']) && !$is_owner && !$remote_contact_id) {
 108                         DI::sysmsg()->addNotice(DI::l10n()->t('Access to this profile has been restricted.'));
 109                         return '';
 110                 }
 111
 112                 $view_as_contacts = [];
 113                 $view_as_contact_id = 0;
 114                 $view_as_contact_alert = '';
 115                 if ($is_owner) {
 116                         $view_as_contact_id = intval($_GET['viewas'] ?? 0);
 117
 118                         $view_as_contacts = Contact::selectToArray(['id', 'name'], [
 119                                 'uid' => DI::userSession()->getLocalUserId(),
 120                                 'rel' => [Contact::FOLLOWER, Contact::SHARING, Contact::FRIEND],
 121                                 'network' => Protocol::DFRN,
 122                                 'blocked' => false,
 123                         ]);
 124
 125                         $view_as_contact_ids = array_column($view_as_contacts, 'id');
 126
 127                         // User manually provided a contact ID they aren't privy to, silently defaulting to their own view
 128                         if (!in_array($view_as_contact_id, $view_as_contact_ids)) {
 129                                 $view_as_contact_id = 0;
 130                         }
 131
 132                         if (($key = array_search($view_as_contact_id, $view_as_contact_ids)) !== false) {
 133                                 $view_as_contact_alert = DI::l10n()->t(
 134                                         'You\'re currently viewing your profile as <b>%s</b> <a href="%s" class="btn btn-sm pull-right">Cancel</a>',
 135                                         htmlentities($view_as_contacts[$key]['name'], ENT_COMPAT, 'UTF-8'),
 136                                         'profile/' . $this->parameters['nickname'] . '/profile'
 137                                 );
 138                         }
 139                 }
 140
 141                 $basic_fields = [];
 142
 143                 $basic_fields += self::buildField('fullname', DI::l10n()->t('Full Name:'), $profile['name']);
 144
 145                 if (Feature::isEnabled($profile['uid'], 'profile_membersince')) {
 146                         $basic_fields += self::buildField(
 147                                 'membersince',
 148                                 DI::l10n()->t('Member since:'),
 149                                 DateTimeFormat::local($profile['register_date'])
 150                         );
 151                 }
 152
 153                 if (!empty($profile['dob']) && $profile['dob'] > DBA::NULL_DATE) {
 154                         $year_bd_format = DI::l10n()->t('j F, Y');
 155                         $short_bd_format = DI::l10n()->t('j F');
 156
 157                         $dob = DI::l10n()->getDay(
 158                                 intval($profile['dob']) ?
 159                                         DateTimeFormat::utc($profile['dob'] . ' 00:00 +00:00', $year_bd_format)
 160                                         : DateTimeFormat::utc('2001-' . substr($profile['dob'], 5) . ' 00:00 +00:00', $short_bd_format)
 161                         );
 162
 163                         $basic_fields += self::buildField('dob', DI::l10n()->t('Birthday:'), $dob);
 164
 165                         if ($age = Temporal::getAgeByTimezone($profile['dob'], $profile['timezone'])) {
 166                                 $basic_fields += self::buildField('age', DI::l10n()->t('Age: '), DI::l10n()->tt('%d year old', '%d years old', $age));
 167                         }
 168                 }
 169
 170                 if ($profile['about']) {
 171                         $basic_fields += self::buildField('about', DI::l10n()->t('Description:'), BBCode::convertForUriId($profile['uri-id'], $profile['about']));
 172                 }
 173
 174                 if ($profile['xmpp']) {
 175                         $basic_fields += self::buildField('xmpp', DI::l10n()->t('XMPP:'), $profile['xmpp']);
 176                 }
 177
 178                 if ($profile['matrix']) {
 179                         $basic_fields += self::buildField('matrix', DI::l10n()->t('Matrix:'), $profile['matrix']);
 180                 }
 181
 182                 if ($profile['homepage']) {
 183                         $basic_fields += self::buildField('homepage', DI::l10n()->t('Homepage:'), HTML::toLink($profile['homepage']));
 184                 }
 185
 186                 if (
 187                         $profile['address']
 188                         || $profile['locality']
 189                         || $profile['postal-code']
 190                         || $profile['region']
 191                         || $profile['country-name']
 192                 ) {
 193                         $basic_fields += self::buildField('location', DI::l10n()->t('Location:'), ProfileModel::formatLocation($profile));
 194                 }
 195
 196                 if ($profile['pub_keywords']) {
 197                         $tags = [];
 198                         // Separator is defined in Module\Settings\Profile\Index::cleanKeywords
 199                         foreach (explode(', ', $profile['pub_keywords']) as $tag_label) {
 200                                 $tags[] = [
 201                                         'url' => '/search?tag=' . $tag_label,
 202                                         'label' => Tag::TAG_CHARACTER[Tag::HASHTAG] . $tag_label,
 203                                 ];
 204                         }
 205
 206                         $basic_fields += self::buildField('pub_keywords', DI::l10n()->t('Tags:'), $tags);
 207                 }
 208
 209                 $custom_fields = [];
 210
 211                 // Defaults to the current logged in user self contact id to show self-only fields
 212                 $contact_id = $view_as_contact_id ?: $remote_contact_id ?: 0;
 213
 214                 if ($is_owner && $contact_id === 0) {
 215                         $profile_fields = DI::profileField()->selectByUserId($profile['uid']);
 216                 } else {
 217                         $profile_fields = DI::profileField()->selectByContactId($contact_id, $profile['uid']);
 218                 }
 219
 220                 foreach ($profile_fields as $profile_field) {
 221                         $custom_fields += self::buildField(
 222                                 'custom_' . $profile_field->order,
 223                                 $profile_field->label,
 224                                 BBCode::convertForUriId($profile['uri-id'], $profile_field->value),
 225                                 'aprofile custom'
 226                         );
 227                 };
 228
 229                 //show subcribed forum if it is enabled in the usersettings
 230                 if (Feature::isEnabled($profile['uid'], 'forumlist_profile')) {
 231                         $custom_fields += self::buildField(
 232                                 'forumlist',
 233                                 DI::l10n()->t('Forums:'),
 234                                 ForumManager::profileAdvanced($profile['uid'])
 235                         );
 236                 }
 237
 238                 $tpl = Renderer::getMarkupTemplate('profile/profile.tpl');
 239                 $o .= Renderer::replaceMacros($tpl, [
 240                         '$title' => DI::l10n()->t('Profile'),
 241                         '$yourself' => DI::l10n()->t('Yourself'),
 242                         '$view_as_contacts' => $view_as_contacts,
 243                         '$view_as_contact_id' => $view_as_contact_id,
 244                         '$view_as_contact_alert' => $view_as_contact_alert,
 245                         '$view_as' => DI::l10n()->t('View profile as:'),
 246                         '$submit' => DI::l10n()->t('Submit'),
 247                         '$basic' => DI::l10n()->t('Basic'),
 248                         '$advanced' => DI::l10n()->t('Advanced'),
 249                         '$is_owner' => $profile['uid'] == DI::userSession()->getLocalUserId(),
 250                         '$query_string' => DI::args()->getQueryString(),
 251                         '$basic_fields' => $basic_fields,
 252                         '$custom_fields' => $custom_fields,
 253                         '$profile' => $profile,
 254                         '$edit_link' => [
 255                                 'url' => DI::baseUrl() . '/settings/profile', DI::l10n()->t('Edit profile'),
 256                                 'title' => '',
 257                                 'label' => DI::l10n()->t('Edit profile')
 258                         ],
 259                         '$viewas_link' => [
 260                                 'url' =>  DI::args()->getQueryString() . '#viewas',
 261                                 'title' => '',
 262                                 'label' => DI::l10n()->t('View as')
 263                         ],
 264                 ]);
 265
 266                 Hook::callAll('profile_advanced', $o);
 267
 268                 return $o;
 269         }
 270
 271         /**
 272          * Creates a profile field structure to be used in the profile template
 273          *
 274          * @param string $name  Arbitrary name of the field
 275          * @param string $label Display label of the field
 276          * @param mixed  $value Display value of the field
 277          * @param string $class Optional CSS class to apply to the field
 278          * @return array
 279          */
 280         private static function buildField(string $name, string $label, $value, string $class = 'aprofile')
 281         {
 282                 return [$name => [
 283                         'id' => 'aprofile-' . $name,
 284                         'class' => $class,
 285                         'label' => $label,
 286                         'value' => $value,
 287                 ]];
 288         }
 289
 290         private static function buildHtmlHead(array $profile, string $nickname, int $remote_contact_id)
 291         {
 292                 $baseUrl = DI::baseUrl();
 293
 294                 $htmlhead = "\n";
 295
 296                 if (!empty($profile['page-flags']) && $profile['page-flags'] == User::PAGE_FLAGS_COMMUNITY) {
 297                         $htmlhead .= '<meta name="friendica.community" content="true" />' . "\n";
 298                 }
 299
 300                 if (!empty($profile['openidserver'])) {
 301                         $htmlhead .= '<link rel="openid.server" href="' . $profile['openidserver'] . '" />' . "\n";
 302                 }
 303
 304                 if (!empty($profile['openid'])) {
 305                         $delegate = strstr($profile['openid'], '://') ? $profile['openid'] : 'https://' . $profile['openid'];
 306                         $htmlhead .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\n";
 307                 }
 308
 309                 // site block
 310                 $blocked   = !DI::userSession()->getLocalUserId() && !$remote_contact_id && DI::config()->get('system', 'block_public');
 311                 $userblock = !DI::userSession()->getLocalUserId() && !$remote_contact_id && $profile['hidewall'];
 312                 if (!$blocked && !$userblock) {
 313                         $keywords = str_replace(['#', ',', ' ', ',,'], ['', ' ', ',', ','], $profile['pub_keywords'] ?? '');
 314                         if (strlen($keywords)) {
 315                                 $htmlhead .= '<meta name="keywords" content="' . $keywords . '" />' . "\n";
 316                         }
 317                 }
 318
 319                 $htmlhead .= '<meta name="dfrn-global-visibility" content="' . ($profile['net-publish'] ? 'true' : 'false') . '" />' . "\n";
 320
 321                 if (!$profile['net-publish']) {
 322                         $htmlhead .= '<meta content="noindex, noarchive" name="robots" />' . "\n";
 323                 }
 324
 325                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $baseUrl . '/dfrn_poll/' . $nickname . '" title="DFRN: ' . DI::l10n()->t('%s\'s timeline', $profile['name']) . '"/>' . "\n";
 326                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $baseUrl . '/feed/' . $nickname . '/" title="' . DI::l10n()->t('%s\'s posts', $profile['name']) . '"/>' . "\n";
 327                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $baseUrl . '/feed/' . $nickname . '/comments" title="' . DI::l10n()->t('%s\'s comments', $profile['name']) . '"/>' . "\n";
 328                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $baseUrl . '/feed/' . $nickname . '/activity" title="' . DI::l10n()->t('%s\'s timeline', $profile['name']) . '"/>' . "\n";
 329                 $uri = urlencode('acct:' . $profile['nickname'] . '@' . $baseUrl->getHostname() . ($baseUrl->getUrlPath() ? '/' . $baseUrl->getUrlPath() : ''));
 330                 $htmlhead .= '<link rel="lrdd" type="application/xrd+xml" href="' . $baseUrl . '/xrd/?uri=' . $uri . '" />' . "\n";
 331                 header('Link: <' . $baseUrl . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false);
 332
 333                 $dfrn_pages = ['request', 'confirm', 'notify', 'poll'];
 334                 foreach ($dfrn_pages as $dfrn) {
 335                         $htmlhead .= '<link rel="dfrn-' . $dfrn . '" href="' . $baseUrl . '/dfrn_' . $dfrn . '/' . $nickname . '" />' . "\n";
 336                 }
 337
 338                 return $htmlhead;
 339         }
 340 }