use Friendica\Content\ContactSelector;
use Friendica\Content\Feature;
use Friendica\Content\Nav;
use Friendica\Content\ContactSelector;
use Friendica\Content\Feature;
use Friendica\Content\Nav;
use Friendica\Model\Contact;
use Friendica\Model\GContact;
use Friendica\Model\Profile;
use Friendica\Model\Contact;
use Friendica\Model\GContact;
use Friendica\Model\Profile;
use Friendica\Module\Login;
use Friendica\Network\Probe;
use Friendica\Util\DateTimeFormat;
use Friendica\Module\Login;
use Friendica\Network\Probe;
use Friendica\Util\DateTimeFormat;
- $r = q("UPDATE `contact` SET `profile-id` = (SELECT `profile`.`id` AS `profile-id` FROM `profile` WHERE `profile`.`is-default` = 1 AND `profile`.`uid` = %d LIMIT 1) WHERE `profile-id` = %d AND `uid` = %d ",
+ q("UPDATE `contact` SET `profile-id` = (SELECT `profile`.`id` AS `profile-id` FROM `profile` WHERE `profile`.`is-default` = 1 AND `profile`.`uid` = %d LIMIT 1) WHERE `profile-id` = %d AND `uid` = %d ",
$r1 = q("SELECT `name`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
intval(local_user()));
$r1 = q("SELECT `name`, `photo`, `thumb` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
intval(local_user()));
- $r2 = q("INSERT INTO `profile` (`uid` , `profile-name` , `name`, `photo`, `thumb`)
+ q("INSERT INTO `profile` (`uid` , `profile-name` , `name`, `photo`, `thumb`)
VALUES ( %d, '%s', '%s', '%s', '%s' )",
intval(local_user()),
DBA::escape($name),
VALUES ( %d, '%s', '%s', '%s', '%s' )",
intval(local_user()),
DBA::escape($name),
if (($a->argc > 1) && ($a->argv[1] !== "new") && intval($a->argv[1])) {
$orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
if (($a->argc > 1) && ($a->argv[1] !== "new") && intval($a->argv[1])) {
$orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- $pdesc = Strings::removeTags(trim($_POST['pdesc']));
- $gender = Strings::removeTags(trim($_POST['gender']));
- $address = Strings::removeTags(trim($_POST['address']));
- $locality = Strings::removeTags(trim($_POST['locality']));
- $region = Strings::removeTags(trim($_POST['region']));
- $postal_code = Strings::removeTags(trim($_POST['postal_code']));
- $country_name = Strings::removeTags(trim($_POST['country_name']));
- $pub_keywords = profile_clean_keywords(Strings::removeTags(trim($_POST['pub_keywords'])));
- $prv_keywords = profile_clean_keywords(Strings::removeTags(trim($_POST['prv_keywords'])));
- $marital = Strings::removeTags(trim($_POST['marital']));
- $howlong = Strings::removeTags(trim($_POST['howlong']));
+ $pdesc = Strings::escapeTags(trim($_POST['pdesc']));
+ $gender = Strings::escapeTags(trim($_POST['gender']));
+ $address = Strings::escapeTags(trim($_POST['address']));
+ $locality = Strings::escapeTags(trim($_POST['locality']));
+ $region = Strings::escapeTags(trim($_POST['region']));
+ $postal_code = Strings::escapeTags(trim($_POST['postal_code']));
+ $country_name = Strings::escapeTags(trim($_POST['country_name']));
+ $pub_keywords = profile_clean_keywords(Strings::escapeTags(trim($_POST['pub_keywords'])));
+ $prv_keywords = profile_clean_keywords(Strings::escapeTags(trim($_POST['prv_keywords'])));
+ $marital = Strings::escapeTags(trim($_POST['marital']));
+ $howlong = Strings::escapeTags(trim($_POST['howlong']));
- $sexual = Strings::removeTags(trim($_POST['sexual']));
- $xmpp = Strings::removeTags(trim($_POST['xmpp']));
- $homepage = Strings::removeTags(trim($_POST['homepage']));
+ $sexual = Strings::escapeTags(trim($_POST['sexual']));
+ $xmpp = Strings::escapeTags(trim($_POST['xmpp']));
+ $homepage = Strings::escapeTags(trim($_POST['homepage']));
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
// neither http nor https in URL, add them
$homepage = 'http://'.$homepage;
}
if ((strpos($homepage, 'http') !== 0) && (strlen($homepage))) {
// neither http nor https in URL, add them
$homepage = 'http://'.$homepage;
}
- $hometown = Strings::removeTags(trim($_POST['hometown']));
- $politic = Strings::removeTags(trim($_POST['politic']));
- $religion = Strings::removeTags(trim($_POST['religion']));
+ $hometown = Strings::escapeTags(trim($_POST['hometown']));
+ $politic = Strings::escapeTags(trim($_POST['politic']));
+ $religion = Strings::escapeTags(trim($_POST['religion']));
$likes = Strings::escapeHtml(trim($_POST['likes']));
$dislikes = Strings::escapeHtml(trim($_POST['dislikes']));
$likes = Strings::escapeHtml(trim($_POST['likes']));
$dislikes = Strings::escapeHtml(trim($_POST['dislikes']));
PConfig::set(local_user(), 'system', 'detailled_profile', (($_POST['detailled_profile'] == 1) ? 1: 0));
$changes = [];
PConfig::set(local_user(), 'system', 'detailled_profile', (($_POST['detailled_profile'] == 1) ? 1: 0));
$changes = [];
if ($is_default) {
if ($marital != $orig[0]['marital']) {
$changes[] = '[color=#ff0000]♥[/color] ' . L10n::t('Marital Status');
if ($is_default) {
if ($marital != $orig[0]['marital']) {
$changes[] = '[color=#ff0000]♥[/color] ' . L10n::t('Marital Status');
}
if ($work != $orig[0]['work']) {
$changes[] = L10n::t('Work/Employment');
}
if ($religion != $orig[0]['religion']) {
$changes[] = L10n::t('Religion');
}
if ($work != $orig[0]['work']) {
$changes[] = L10n::t('Work/Employment');
}
if ($religion != $orig[0]['religion']) {
$changes[] = L10n::t('Religion');
if ($locality != $orig[0]['locality'] || $region != $orig[0]['region']
|| $country_name != $orig[0]['country-name']) {
$changes[] = L10n::t('Location');
if ($locality != $orig[0]['locality'] || $region != $orig[0]['region']
|| $country_name != $orig[0]['country-name']) {
$changes[] = L10n::t('Location');
$detailled_profile = (PConfig::get(local_user(), 'system', 'detailled_profile') AND $personal_account);
$detailled_profile = (PConfig::get(local_user(), 'system', 'detailled_profile') AND $personal_account);
'$postal_code' => ['postal_code', L10n::t('Postal/Zip Code:'), $r[0]['postal-code']],
'$country_name' => ['country_name', L10n::t('Country:'), $r[0]['country-name']],
'$age' => ((intval($r[0]['dob'])) ? '(' . L10n::t('Age: ') . Temporal::getAgeByTimezone($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''),
'$postal_code' => ['postal_code', L10n::t('Postal/Zip Code:'), $r[0]['postal-code']],
'$country_name' => ['country_name', L10n::t('Country:'), $r[0]['country-name']],
'$age' => ((intval($r[0]['dob'])) ? '(' . L10n::t('Age: ') . Temporal::getAgeByTimezone($r[0]['dob'],$a->user['timezone'],$a->user['timezone']) . ')' : ''),
- '$gender' => ContactSelector::gender($r[0]['gender']),
- '$marital' => ['selector' => ContactSelector::maritalStatus($r[0]['marital']), 'value' => $r[0]['marital']],
+ '$gender' => L10n::t(ContactSelector::gender($r[0]['gender'])),
+ '$marital' => ['selector' => ContactSelector::maritalStatus($r[0]['marital']), 'value' => L10n::t($r[0]['marital'])],
'$with' => ['with', L10n::t("Who: \x28if applicable\x29"), strip_tags($r[0]['with']), L10n::t('Examples: cathy123, Cathy Williams, cathy@example.com')],
'$howlong' => ['howlong', L10n::t('Since [date]:'), ($r[0]['howlong'] <= DBA::NULL_DATETIME ? '' : DateTimeFormat::local($r[0]['howlong']))],
'$with' => ['with', L10n::t("Who: \x28if applicable\x29"), strip_tags($r[0]['with']), L10n::t('Examples: cathy123, Cathy Williams, cathy@example.com')],
'$howlong' => ['howlong', L10n::t('Since [date]:'), ($r[0]['howlong'] <= DBA::NULL_DATETIME ? '' : DateTimeFormat::local($r[0]['howlong']))],
- '$sexual' => ['selector' => ContactSelector::sexualPreference($r[0]['sexual']), 'value' => $r[0]['sexual']],
+ '$sexual' => ['selector' => ContactSelector::sexualPreference($r[0]['sexual']), 'value' => L10n::t($r[0]['sexual'])],
'$about' => ['about', L10n::t('Tell us about yourself...'), $r[0]['about']],
'$xmpp' => ['xmpp', L10n::t("XMPP \x28Jabber\x29 address:"), $r[0]['xmpp'], L10n::t("The XMPP address will be propagated to your contacts so that they can follow you.")],
'$homepage' => ['homepage', L10n::t('Homepage URL:'), $r[0]['homepage']],
'$about' => ['about', L10n::t('Tell us about yourself...'), $r[0]['about']],
'$xmpp' => ['xmpp', L10n::t("XMPP \x28Jabber\x29 address:"), $r[0]['xmpp'], L10n::t("The XMPP address will be propagated to your contacts so that they can follow you.")],
'$homepage' => ['homepage', L10n::t('Homepage URL:'), $r[0]['homepage']],