3 namespace Friendica\Module\Update;
5 use Friendica\BaseModule;
6 use Friendica\Content\Pager;
7 use Friendica\Core\Session;
8 use Friendica\Database\DBA;
10 use Friendica\Model\Item;
11 use Friendica\Model\Profile as ProfileModel;
12 use Friendica\Network\HTTPException\ForbiddenException;
13 use Friendica\Util\DateTimeFormat;
15 require_once 'boot.php';
17 class Profile extends BaseModule
19 public static function rawContent(array $parameters = [])
23 if (DI::config()->get('system', 'block_public') && !local_user() && !Session::getRemoteContactID($a->profile['uid'])) {
24 throw new ForbiddenException();
29 $profile_uid = intval($_GET['p'] ?? 0);
31 // Ensure we've got a profile owner if updating.
32 $a->profile['uid'] = $profile_uid;
34 $remote_contact = Session::getRemoteContactID($a->profile['uid']);
35 $is_owner = local_user() == $a->profile['uid'];
36 $last_updated_key = "profile:" . $a->profile['uid'] . ":" . local_user() . ":" . $remote_contact;
38 if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) {
39 throw new ForbiddenException(DI::l10n()->t('Access to this profile has been restricted.'));
42 // Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
43 $sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid']);
45 $last_updated_array = Session::get('last_updated', []);
47 $last_updated = $last_updated_array[$last_updated_key] ?? 0;
49 // If the page user is the owner of the page we should query for unseen
50 // items. Otherwise use a timestamp of the last succesful update request.
51 if ($is_owner || !$last_updated) {
52 $sql_extra4 = " AND `item`.`unseen`";
54 $gmupdate = gmdate(DateTimeFormat::MYSQL, $last_updated);
55 $sql_extra4 = " AND `item`.`received` > '" . $gmupdate . "'";
59 "SELECT DISTINCT(`parent-uri`) AS `uri`, `item`.`created`
62 ON `contact`.`id` = `item`.`contact-id`
63 AND NOT `contact`.`blocked`
64 AND NOT `contact`.`pending`
65 WHERE `item`.`uid` = ?
67 AND (NOT `item`.`deleted` OR `item`.`gravity` = ?)
68 AND NOT `item`.`moderated`
72 ORDER BY `item`.`received` DESC",
77 if (!DBA::isResult($items_stmt)) {
81 $pager = new Pager(DI::args()->getQueryString());
83 // Set a time stamp for this page. We will make use of it when we
84 // search for new items (update routine)
85 $last_updated_array[$last_updated_key] = time();
86 Session::set('last_updated', $last_updated_array);
88 if ($is_owner && !$profile_uid && !DI::config()->get('theme', 'hide_eventlist')) {
89 $o .= ProfileModel::getBirthdays();
90 $o .= ProfileModel::getEventsReminderHTML();
94 $unseen = Item::exists(['wall' => true, 'unseen' => true, 'uid' => local_user()]);
96 Item::update(['unseen' => false], ['wall' => true, 'unseen' => true, 'uid' => local_user()]);
100 $items = DBA::toArray($items_stmt);
102 $o .= conversation($a, $items, $pager, 'profile', $profile_uid, false, 'received', $a->profile['uid']);
104 header("Content-type: text/html");
105 echo "<!DOCTYPE html><html><body>\r\n";
106 // We can remove this hack once Internet Explorer recognises HTML5 natively
109 if (DI::pConfig()->get(local_user(), "system", "bandwidth_saver")) {
110 $replace = "<br />".DI::l10n()->t("[Embedded content - reload page to view]")."<br />";
111 $pattern = "/<\s*audio[^>]*>(.*?)<\s*\/\s*audio>/i";
112 $o = preg_replace($pattern, $replace, $o);
113 $pattern = "/<\s*video[^>]*>(.*?)<\s*\/\s*video>/i";
114 $o = preg_replace($pattern, $replace, $o);
115 $pattern = "/<\s*embed[^>]*>(.*?)<\s*\/\s*embed>/i";
116 $o = preg_replace($pattern, $replace, $o);
117 $pattern = "/<\s*iframe[^>]*>(.*?)<\s*\/\s*iframe>/i";
118 $o = preg_replace($pattern, $replace, $o);
121 // reportedly some versions of MSIE don't handle tabs in XMLHttpRequest documents very well
122 echo str_replace("\t", " ", $o);
124 echo "</body></html>\r\n";