src/Module/Profile/Profile.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2023, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module\Profile;
  23
  24 use Friendica\App;
  25 use Friendica\Content\Feature;
  26 use Friendica\Content\GroupManager;
  27 use Friendica\Content\Nav;
  28 use Friendica\Content\Text\BBCode;
  29 use Friendica\Core\Config\Capability\IManageConfigValues;
  30 use Friendica\Core\Hook;
  31 use Friendica\Core\L10n;
  32 use Friendica\Core\Protocol;
  33 use Friendica\Core\Renderer;
  34 use Friendica\Core\Session\Capability\IHandleUserSessions;
  35 use Friendica\Core\System;
  36 use Friendica\Database\Database;
  37 use Friendica\Database\DBA;
  38 use Friendica\Model\Contact;
  39 use Friendica\Model\Profile as ProfileModel;
  40 use Friendica\Model\Tag;
  41 use Friendica\Model\User;
  42 use Friendica\Module\BaseProfile;
  43 use Friendica\Module\Response;
  44 use Friendica\Module\Security\Login;
  45 use Friendica\Network\HTTPException;
  46 use Friendica\Profile\ProfileField\Repository\ProfileField;
  47 use Friendica\Protocol\ActivityPub;
  48 use Friendica\Util\DateTimeFormat;
  49 use Friendica\Util\Profiler;
  50 use Friendica\Util\Strings;
  51 use Friendica\Util\Temporal;
  52 use Psr\Log\LoggerInterface;
  53
  54 class Profile extends BaseProfile
  55 {
  56         /** @var Database */
  57         private $database;
  58         /** @var App */
  59         private $app;
  60         /** @var IHandleUserSessions */
  61         private $session;
  62         /** @var IManageConfigValues */
  63         private $config;
  64         /** @var App\Page */
  65         private $page;
  66         /** @var ProfileField */
  67         private $profileField;
  68
  69         public function __construct(ProfileField $profileField, App\Page $page, IManageConfigValues $config, IHandleUserSessions $session, App $app, Database $database, L10n $l10n, App\BaseURL $baseUrl, App\Arguments $args, LoggerInterface $logger, Profiler $profiler, Response $response, array $server, array $parameters = [])
  70         {
  71                 parent::__construct($l10n, $baseUrl, $args, $logger, $profiler, $response, $server, $parameters);
  72
  73                 $this->database     = $database;
  74                 $this->app          = $app;
  75                 $this->session      = $session;
  76                 $this->config       = $config;
  77                 $this->page         = $page;
  78                 $this->profileField = $profileField;
  79         }
  80
  81         protected function rawContent(array $request = [])
  82         {
  83                 if (ActivityPub::isRequest()) {
  84                         $user = $this->database->selectFirst('user', ['uid'], ['nickname' => $this->parameters['nickname'] ?? '', 'account_removed' => false]);
  85                         if ($user) {
  86                                 try {
  87                                         $data = ActivityPub\Transmitter::getProfile($user['uid']);
  88                                         header('Access-Control-Allow-Origin: *');
  89                                         header('Cache-Control: max-age=23200, stale-while-revalidate=23200');
  90                                         header('Vary: Accept', false);
  91                                         System::jsonExit($data, 'application/activity+json');
  92                                 } catch (HTTPException\NotFoundException $e) {
  93                                         System::jsonError(404, ['error' => 'Record not found']);
  94                                 }
  95                         }
  96
  97                         if ($this->database->exists('userd', ['username' => $this->parameters['nickname']])) {
  98                                 // Known deleted user
  99                                 $data = ActivityPub\Transmitter::getDeletedUser($this->parameters['nickname']);
 100
 101                                 System::jsonError(410, $data);
 102                         } else {
 103                                 // Any other case (unknown, blocked, nverified, expired, no profile, no self contact)
 104                                 System::jsonError(404, []);
 105                         }
 106                 }
 107
 108                 header('Vary: Accept', false);
 109         }
 110
 111         protected function content(array $request = []): string
 112         {
 113                 $profile = ProfileModel::load($this->app, $this->parameters['nickname'] ?? '');
 114                 if (!$profile) {
 115                         throw new HTTPException\NotFoundException($this->t('Profile not found.'));
 116                 }
 117
 118                 $remote_contact_id = $this->session->getRemoteContactID($profile['uid']);
 119
 120                 if ($this->config->get('system', 'block_public') && !$this->session->isAuthenticated()) {
 121                         return Login::form();
 122                 }
 123
 124                 if (!empty($profile['hidewall']) && !$this->session->isAuthenticated()) {
 125                         $this->baseUrl->redirect('profile/' . $profile['nickname'] . '/restricted');
 126                 }
 127
 128                 if (!empty($profile['page-flags']) && $profile['page-flags'] == User::PAGE_FLAGS_COMMUNITY) {
 129                         $this->page['htmlhead'] .= '<meta name="friendica.community" content="true" />' . "\n";
 130                 }
 131
 132                 $this->page['htmlhead'] .= $this->buildHtmlHead($profile, $this->parameters['nickname']);
 133
 134                 Nav::setSelected('home');
 135
 136                 $is_owner = $this->session->getLocalUserId() == $profile['uid'];
 137                 $o        = self::getTabsHTML('profile', $is_owner, $profile['nickname'], $profile['hide-friends']);
 138
 139                 $view_as_contacts      = [];
 140                 $view_as_contact_id    = 0;
 141                 $view_as_contact_alert = '';
 142                 if ($is_owner) {
 143                         $view_as_contact_id = intval($request['viewas'] ?? 0);
 144
 145                         $view_as_contacts = Contact::selectToArray(['id', 'name'], [
 146                                 'uid'     => $this->session->getLocalUserId(),
 147                                 'rel'     => [Contact::FOLLOWER, Contact::SHARING, Contact::FRIEND],
 148                                 'network' => Protocol::DFRN,
 149                                 'blocked' => false,
 150                         ]);
 151
 152                         $view_as_contact_ids = array_column($view_as_contacts, 'id');
 153
 154                         // User manually provided a contact ID they aren't privy to, silently defaulting to their own view
 155                         if (!in_array($view_as_contact_id, $view_as_contact_ids)) {
 156                                 $view_as_contact_id = 0;
 157                         }
 158
 159                         if (($key = array_search($view_as_contact_id, $view_as_contact_ids)) !== false) {
 160                                 $view_as_contact_alert = $this->t(
 161                                         'You\'re currently viewing your profile as <b>%s</b> <a href="%s" class="btn btn-sm pull-right">Cancel</a>',
 162                                         htmlentities($view_as_contacts[$key]['name'], ENT_COMPAT, 'UTF-8'),
 163                                         'profile/' . $this->parameters['nickname'] . '/profile'
 164                                 );
 165                         }
 166                 }
 167
 168                 $basic_fields = [];
 169
 170                 $basic_fields += self::buildField('fullname', $this->t('Full Name:'), $profile['name']);
 171
 172                 if (Feature::isEnabled($profile['uid'], 'profile_membersince')) {
 173                         $basic_fields += self::buildField(
 174                                 'membersince',
 175                                 $this->t('Member since:'),
 176                                 DateTimeFormat::local($profile['register_date'])
 177                         );
 178                 }
 179
 180                 if (!empty($profile['dob']) && $profile['dob'] > DBA::NULL_DATE) {
 181                         $year_bd_format  = $this->t('j F, Y');
 182                         $short_bd_format = $this->t('j F');
 183
 184                         $dob = $this->l10n->getDay(
 185                                 intval($profile['dob']) ?
 186                                         DateTimeFormat::utc($profile['dob'] . ' 00:00 +00:00', $year_bd_format)
 187                                         : DateTimeFormat::utc('2001-' . substr($profile['dob'], 5) . ' 00:00 +00:00', $short_bd_format)
 188                         );
 189
 190                         $basic_fields += self::buildField('dob', $this->t('Birthday:'), $dob);
 191
 192                         if ($age = Temporal::getAgeByTimezone($profile['dob'], $profile['timezone'])) {
 193                                 $basic_fields += self::buildField('age', $this->t('Age: '), $this->tt('%d year old', '%d years old', $age));
 194                         }
 195                 }
 196
 197                 if ($profile['about']) {
 198                         $basic_fields += self::buildField('about', $this->t('Description:'), BBCode::convertForUriId($profile['uri-id'], $profile['about']));
 199                 }
 200
 201                 if ($profile['xmpp']) {
 202                         $basic_fields += self::buildField('xmpp', $this->t('XMPP:'), $profile['xmpp']);
 203                 }
 204
 205                 if ($profile['matrix']) {
 206                         $basic_fields += self::buildField('matrix', $this->t('Matrix:'), $profile['matrix']);
 207                 }
 208
 209                 if ($profile['homepage']) {
 210                         $basic_fields += self::buildField(
 211                                 'homepage',
 212                                 $this->t('Homepage:'),
 213                                 $this->tryRelMe($profile['homepage']) ?: $profile['homepage']
 214                         );
 215                 }
 216
 217                 if (
 218                         $profile['address']
 219                         || $profile['locality']
 220                         || $profile['postal-code']
 221                         || $profile['region']
 222                         || $profile['country-name']
 223                 ) {
 224                         $basic_fields += self::buildField('location', $this->t('Location:'), ProfileModel::formatLocation($profile));
 225                 }
 226
 227                 if ($profile['pub_keywords']) {
 228                         $tags = [];
 229                         // Separator is defined in Module\Settings\Profile\Index::cleanKeywords
 230                         foreach (explode(', ', $profile['pub_keywords']) as $tag_label) {
 231                                 $tags[] = [
 232                                         'url'   => '/search?tag=' . $tag_label,
 233                                         'label' => Tag::TAG_CHARACTER[Tag::HASHTAG] . $tag_label,
 234                                 ];
 235                         }
 236
 237                         $basic_fields += self::buildField('pub_keywords', $this->t('Tags:'), $tags);
 238                 }
 239
 240                 $custom_fields = [];
 241
 242                 // Defaults to the current logged in user self contact id to show self-only fields
 243                 $contact_id = $view_as_contact_id ?: $remote_contact_id ?: 0;
 244
 245                 if ($is_owner && $contact_id === 0) {
 246                         $profile_fields = $this->profileField->selectByUserId($profile['uid']);
 247                 } else {
 248                         $profile_fields = $this->profileField->selectByContactId($contact_id, $profile['uid']);
 249                 }
 250
 251                 foreach ($profile_fields as $profile_field) {
 252                         $custom_fields += self::buildField(
 253                                 'custom_' . $profile_field->order,
 254                                 $profile_field->label,
 255                                 $this->tryRelMe($profile_field->value) ?: BBCode::convertForUriId($profile['uri-id'], $profile_field->value),
 256                                 'aprofile custom'
 257                         );
 258                 }
 259
 260                 //show subscribed group if it is enabled in the usersettings
 261                 if (Feature::isEnabled($profile['uid'], 'forumlist_profile')) {
 262                         $custom_fields += self::buildField(
 263                                 'group_list',
 264                                 $this->t('Groups:'),
 265                                 GroupManager::profileAdvanced($profile['uid'])
 266                         );
 267                 }
 268
 269                 $tpl = Renderer::getMarkupTemplate('profile/profile.tpl');
 270                 $o   .= Renderer::replaceMacros($tpl, [
 271                         '$title'                 => $this->t('Profile'),
 272                         '$yourself'              => $this->t('Yourself'),
 273                         '$view_as_contacts'      => $view_as_contacts,
 274                         '$view_as_contact_id'    => $view_as_contact_id,
 275                         '$view_as_contact_alert' => $view_as_contact_alert,
 276                         '$view_as'               => $this->t('View profile as:'),
 277                         '$submit'                => $this->t('Submit'),
 278                         '$basic'                 => $this->t('Basic'),
 279                         '$advanced'              => $this->t('Advanced'),
 280                         '$is_owner'              => $profile['uid'] == $this->session->getLocalUserId(),
 281                         '$query_string'          => $this->args->getQueryString(),
 282                         '$basic_fields'          => $basic_fields,
 283                         '$custom_fields'         => $custom_fields,
 284                         '$profile'               => $profile,
 285                         '$edit_link'             => [
 286                                 'url'   => 'settings/profile', $this->t('Edit profile'),
 287                                 'title' => '',
 288                                 'label' => $this->t('Edit profile')
 289                         ],
 290                         '$viewas_link'           => [
 291                                 'url'   => $this->args->getQueryString() . '#viewas',
 292                                 'title' => '',
 293                                 'label' => $this->t('View as')
 294                         ],
 295                 ]);
 296
 297                 Hook::callAll('profile_advanced', $o);
 298
 299                 return $o;
 300         }
 301
 302         /**
 303          * Creates a profile field structure to be used in the profile template
 304          *
 305          * @param string $name  Arbitrary name of the field
 306          * @param string $label Display label of the field
 307          * @param mixed  $value Display value of the field
 308          * @param string $class Optional CSS class to apply to the field
 309          * @return array
 310          */
 311         private static function buildField(string $name, string $label, $value, string $class = 'aprofile'): array
 312         {
 313                 return [$name => [
 314                         'id'    => 'aprofile-' . $name,
 315                         'class' => $class,
 316                         'label' => $label,
 317                         'value' => $value,
 318                 ]];
 319         }
 320
 321         private function buildHtmlHead(array $profile, string $nickname): string
 322         {
 323                 $htmlhead = "\n";
 324
 325                 if (!empty($profile['page-flags']) && $profile['page-flags'] == User::PAGE_FLAGS_COMMUNITY) {
 326                         $htmlhead .= '<meta name="friendica.community" content="true" />' . "\n";
 327                 }
 328
 329                 if (!empty($profile['openidserver'])) {
 330                         $htmlhead .= '<link rel="openid.server" href="' . $profile['openidserver'] . '" />' . "\n";
 331                 }
 332
 333                 if (!empty($profile['openid'])) {
 334                         $delegate = strstr($profile['openid'], '://') ? $profile['openid'] : 'https://' . $profile['openid'];
 335                         $htmlhead .= '<link rel="openid.delegate" href="' . $delegate . '" />' . "\n";
 336                 }
 337
 338                 // site block
 339                 $blocked   = !$this->session->isAuthenticated() && $this->config->get('system', 'block_public');
 340                 $userblock = !$this->session->isAuthenticated() && $profile['hidewall'];
 341                 if (!$blocked && !$userblock) {
 342                         $keywords = str_replace(['#', ',', ' ', ',,'], ['', ' ', ',', ','], $profile['pub_keywords'] ?? '');
 343                         if (strlen($keywords)) {
 344                                 $htmlhead .= '<meta name="keywords" content="' . $keywords . '" />' . "\n";
 345                         }
 346                 }
 347
 348                 $htmlhead .= '<meta name="dfrn-global-visibility" content="' . ($profile['net-publish'] ? 'true' : 'false') . '" />' . "\n";
 349
 350                 if (!$profile['net-publish']) {
 351                         $htmlhead .= '<meta content="noindex, noarchive" name="robots" />' . "\n";
 352                 }
 353
 354                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $this->baseUrl . '/dfrn_poll/' . $nickname . '" title="DFRN: ' . $this->t('%s\'s timeline', $profile['name']) . '"/>' . "\n";
 355                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $this->baseUrl . '/feed/' . $nickname . '/" title="' . $this->t('%s\'s posts', $profile['name']) . '"/>' . "\n";
 356                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $this->baseUrl . '/feed/' . $nickname . '/comments" title="' . $this->t('%s\'s comments', $profile['name']) . '"/>' . "\n";
 357                 $htmlhead .= '<link rel="alternate" type="application/atom+xml" href="' . $this->baseUrl . '/feed/' . $nickname . '/activity" title="' . $this->t('%s\'s timeline', $profile['name']) . '"/>' . "\n";
 358                 $uri      = urlencode('acct:' . $profile['nickname'] . '@' . $this->baseUrl->getHost() . ($this->baseUrl->getPath() ? '/' . $this->baseUrl->getPath() : ''));
 359                 $htmlhead .= '<link rel="lrdd" type="application/xrd+xml" href="' . $this->baseUrl . '/xrd/?uri=' . $uri . '" />' . "\n";
 360                 header('Link: <' . $this->baseUrl . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false);
 361
 362                 $dfrn_pages = ['request', 'confirm', 'notify', 'poll'];
 363                 foreach ($dfrn_pages as $dfrn) {
 364                         $htmlhead .= '<link rel="dfrn-' . $dfrn . '" href="' . $this->baseUrl . '/dfrn_' . $dfrn . '/' . $nickname . '" />' . "\n";
 365                 }
 366
 367                 return $htmlhead;
 368         }
 369
 370         /**
 371          * Check if the input is an HTTP(S) link and returns a rel="me" link if yes, empty string if not
 372          *
 373          * @param string $input
 374          * @return string
 375          */
 376         private function tryRelMe(string $input): string
 377         {
 378                 if (preg_match(Strings::onlyLinkRegEx(), trim($input))) {
 379                         return '<a href="' . trim($input) . '" target="_blank" rel="noopener noreferrer me">' . trim($input) . '</a>';
 380                 }
 381
 382                 return '';
 383         }
 384 }