X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Fprofiles.php;h=74844ff42efad0d6fb5965316facf567a5461d7b;hb=a4f25f6eaad9f32cd034e1eb2cfa31918cb7b30b;hp=5cc9fa38c4728e31c0473d339701dc9d68e1efb7;hpb=5792b3d3580b9f09460305858293398d8d8a9abf;p=friendica.git diff --git a/mod/profiles.php b/mod/profiles.php index 5cc9fa38c4..74844ff42e 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -21,6 +21,9 @@ function profiles_post(&$a) { notice( t('Profile not found.') . EOL); return; } + + check_form_security_token_redirectOnErr('/profiles', 'profile_edit'); + $is_default = (($orig[0]['is-default']) ? 1 : 0); $profile_name = notags(trim($_POST['profile_name'])); @@ -45,9 +48,15 @@ function profiles_post(&$a) { $name = notags(trim($_POST['name'])); + if(! strlen($name)) { + $name = '[No Name]'; + } + if($orig[0]['name'] != $name) $namechanged = true; + + $pdesc = notags(trim($_POST['pdesc'])); $gender = notags(trim($_POST['gender'])); $address = notags(trim($_POST['address'])); @@ -58,15 +67,22 @@ function profiles_post(&$a) { $pub_keywords = notags(trim($_POST['pub_keywords'])); $prv_keywords = notags(trim($_POST['prv_keywords'])); $marital = notags(trim($_POST['marital'])); - if($marital != $orig[0]['marital']) - $maritalchanged = true; + $howlong = notags(trim($_POST['howlong'])); $with = ((x($_POST,'with')) ? notags(trim($_POST['with'])) : ''); + if(! strlen($howlong)) + $howlong = '0000-00-00 00:00:00'; + else + $howlong = datetime_convert(date_default_timezone_get(),'UTC',$howlong); + // linkify the relationship target if applicable + $withchanged = false; + if(strlen($with)) { if($with != strip_tags($orig[0]['with'])) { + $withchanged = true; $prf = ''; $lookup = $with; if(strpos($lookup,'@') === 0) @@ -115,21 +131,92 @@ function profiles_post(&$a) { $sexual = notags(trim($_POST['sexual'])); $homepage = notags(trim($_POST['homepage'])); + $hometown = notags(trim($_POST['hometown'])); $politic = notags(trim($_POST['politic'])); $religion = notags(trim($_POST['religion'])); - $about = escape_tags(trim($_POST['about'])); - $interest = escape_tags(trim($_POST['interest'])); - $contact = escape_tags(trim($_POST['contact'])); - $music = escape_tags(trim($_POST['music'])); - $book = escape_tags(trim($_POST['book'])); - $tv = escape_tags(trim($_POST['tv'])); - $film = escape_tags(trim($_POST['film'])); - $romance = escape_tags(trim($_POST['romance'])); - $work = escape_tags(trim($_POST['work'])); - $education = escape_tags(trim($_POST['education'])); + $likes = fix_mce_lf(escape_tags(trim($_POST['likes']))); + $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes']))); + + $about = fix_mce_lf(escape_tags(trim($_POST['about']))); + $interest = fix_mce_lf(escape_tags(trim($_POST['interest']))); + $contact = fix_mce_lf(escape_tags(trim($_POST['contact']))); + $music = fix_mce_lf(escape_tags(trim($_POST['music']))); + $book = fix_mce_lf(escape_tags(trim($_POST['book']))); + $tv = fix_mce_lf(escape_tags(trim($_POST['tv']))); + $film = fix_mce_lf(escape_tags(trim($_POST['film']))); + $romance = fix_mce_lf(escape_tags(trim($_POST['romance']))); + $work = fix_mce_lf(escape_tags(trim($_POST['work']))); + $education = fix_mce_lf(escape_tags(trim($_POST['education']))); + $hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0); + + + $changes = array(); + $value = ''; + if($is_default) { + if($marital != $orig[0]['marital']) { + $changes[] = '[color=#ff0000]♥[/color] ' . t('Marital Status'); + $value = $marital; + } + if($withchanged) { + $changes[] = '[color=#ff0000]♥[/color] ' . t('Romantic Partner'); + $value = strip_tags($with); + } + if($likes != $orig[0]['likes']) { + $changes[] = t('Likes'); + $value = $likes; + } + if($dislikes != $orig[0]['dislikes']) { + $changes[] = t('Dislikes'); + $value = $dislikes; + } + if($work != $orig[0]['work']) { + $changes[] = t('Work/Employment'); + } + if($religion != $orig[0]['religion']) { + $changes[] = t('Religion'); + $value = $religion; + } + if($politic != $orig[0]['politic']) { + $changes[] = t('Political Views'); + $value = $politic; + } + if($gender != $orig[0]['gender']) { + $changes[] = t('Gender'); + $value = $gender; + } + if($sexual != $orig[0]['sexual']) { + $changes[] = t('Sexual Preference'); + $value = $sexual; + } + if($homepage != $orig[0]['homepage']) { + $changes[] = t('Homepage'); + $value = $homepage; + } + if($interest != $orig[0]['interest']) { + $changes[] = t('Interests'); + $value = $interest; + } + if($address != $orig[0]['address']) { + $changes[] = t('Address'); + // New address not sent in notifications, potential privacy issues + // in case this leaks to unintended recipients. Yes, it's in the public + // profile but that doesn't mean we have to broadcast it to everybody. + } + if($locality != $orig[0]['locality'] || $region != $orig[0]['region'] + || $country_name != $orig[0]['country-name']) { + $changes[] = t('Location'); + $comma1 = ((($locality) && ($region || $country_name)) ? ', ' : ' '); + $comma2 = (($region && $country_name) ? ', ' : ''); + $value = $locality . $comma1 . $region . $comma2 . $country_name; + } + + profile_activity($changes,$value); + + } + $r = q("UPDATE `profile` SET `profile-name` = '%s', `name` = '%s', @@ -143,12 +230,16 @@ function profiles_post(&$a) { `country-name` = '%s', `marital` = '%s', `with` = '%s', + `howlong` = '%s', `sexual` = '%s', `homepage` = '%s', + `hometown` = '%s', `politic` = '%s', `religion` = '%s', `pub_keywords` = '%s', `prv_keywords` = '%s', + `likes` = '%s', + `dislikes` = '%s', `about` = '%s', `interest` = '%s', `contact` = '%s', @@ -173,12 +264,16 @@ function profiles_post(&$a) { dbesc($country_name), dbesc($marital), dbesc($with), + dbesc($howlong), dbesc($sexual), dbesc($homepage), + dbesc($hometown), dbesc($politic), dbesc($religion), dbesc($pub_keywords), dbesc($prv_keywords), + dbesc($likes), + dbesc($dislikes), dbesc($about), dbesc($interest), dbesc($contact), @@ -191,7 +286,7 @@ function profiles_post(&$a) { dbesc($education), intval($hide_friends), intval($a->argv[1]), - intval($_SESSION['uid']) + intval(local_user()) ); if($r) @@ -210,11 +305,103 @@ function profiles_post(&$a) { $url = $_SESSION['my_url']; if($url && strlen(get_config('system','directory_submit_url'))) proc_run('php',"include/directory.php","$url"); + + require_once('include/profile_update.php'); + profile_change(); } } } +function profile_activity($changed, $value) { + $a = get_app(); + + if(! local_user() || ! is_array($changed) || ! count($changed)) + return; + + if($a->user['hidewall'] || get_config('system','block_public')) + return; + + if(! get_pconfig(local_user(),'system','post_profilechange')) + return; + + require_once('include/items.php'); + + $self = q("SELECT * FROM `contact` WHERE `self` = 1 AND `uid` = %d LIMIT 1", + intval(local_user()) + ); + + if(! count($self)) + return; + + $arr = array(); + $arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), local_user()); + $arr['uid'] = local_user(); + $arr['contact-id'] = $self[0]['id']; + $arr['wall'] = 1; + $arr['type'] = 'wall'; + $arr['gravity'] = 0; + $arr['origin'] = 1; + $arr['author-name'] = $arr['owner-name'] = $self[0]['name']; + $arr['author-link'] = $arr['owner-link'] = $self[0]['url']; + $arr['author-avatar'] = $arr['owner-avatar'] = $self[0]['thumb']; + $arr['verb'] = ACTIVITY_UPDATE; + $arr['object-type'] = ACTIVITY_OBJ_PROFILE; + + $A = '[url=' . $self[0]['url'] . ']' . $self[0]['name'] . '[/url]'; + + + $changes = ''; + $t = count($changed); + $z = 0; + foreach($changed as $ch) { + if(strlen($changes)) { + if ($z == ($t - 1)) + $changes .= t(' and '); + else + $changes .= ', '; + } + $z ++; + $changes .= $ch; + } + + $prof = '[url=' . $self[0]['url'] . '?tab=profile' . ']' . t('public profile') . '[/url]'; + + if($t == 1 && strlen($value)) { + $message = sprintf( t('%1$s changed %2$s to “%3$s”'), $A, $changes, $value); + $message .= "\n\n" . sprintf( t(' - Visit %1$s\'s %2$s'), $A, $prof); + } + else + $message = sprintf( t('%1$s has an updated %2$s, changing %3$s.'), $A, $prof, $changes); + + + $arr['body'] = $message; + + $arr['object'] = '' . ACTIVITY_OBJ_PROFILE . '' . $self[0]['name'] . '' + . '' . $self[0]['url'] . '/' . $self[0]['name'] . ''; + $arr['object'] .= '' . xmlify('' . "\n"); + $arr['object'] .= xmlify('' . "\n"); + $arr['object'] .= '' . "\n"; + $arr['last-child'] = 1; + + $arr['allow_cid'] = $a->user['allow_cid']; + $arr['allow_gid'] = $a->user['allow_gid']; + $arr['deny_cid'] = $a->user['deny_cid']; + $arr['deny_gid'] = $a->user['deny_gid']; + + $i = item_store($arr); + if($i) { + + // give it a permanent link + q("update item set plink = '%s' where id = %d limit 1", + dbesc($a->get_baseurl() . '/display/' . $a->user['nickname'] . '/' . $i), + intval($i) + ); + + proc_run('php',"include/notifier.php","activity","$i"); + + } +} function profiles_content(&$a) { @@ -234,9 +421,11 @@ function profiles_content(&$a) { ); if(! count($r)) { notice( t('Profile not found.') . EOL); - goaway($a->get_baseurl() . '/profiles'); + goaway($a->get_baseurl(true) . '/profiles'); return; // NOTREACHED } + + check_form_security_token_redirectOnErr('/profiles', 'profile_drop', 't'); // move every contact using this profile as their default to the user default @@ -252,7 +441,7 @@ function profiles_content(&$a) { if($r) info( t('Profile deleted.') . EOL); - goaway($a->get_baseurl() . '/profiles'); + goaway($a->get_baseurl(true) . '/profiles'); return; // NOTREACHED } @@ -261,6 +450,8 @@ function profiles_content(&$a) { if(($a->argc > 1) && ($a->argv[1] === 'new')) { + + check_form_security_token_redirectOnErr('/profiles', 'profile_new', 't'); $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", intval(local_user())); @@ -287,11 +478,14 @@ function profiles_content(&$a) { info( t('New profile created.') . EOL); if(count($r3) == 1) - goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']); - goaway($a->get_baseurl() . '/profiles'); - } + goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']); + + goaway($a->get_baseurl(true) . '/profiles'); + } if(($a->argc > 2) && ($a->argv[1] === 'clone')) { + + check_form_security_token_redirectOnErr('/profiles', 'profile_clone', 't'); $r0 = q("SELECT `id` FROM `profile` WHERE `uid` = %d", intval(local_user())); @@ -326,10 +520,12 @@ function profiles_content(&$a) { ); info( t('New profile created.') . EOL); if(count($r3) == 1) - goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']); - goaway($a->get_baseurl() . '/profiles'); - return; // NOTREACHED - } + goaway($a->get_baseurl(true) . '/profiles/' . $r3[0]['id']); + + goaway($a->get_baseurl(true) . '/profiles'); + + return; // NOTREACHED + } if(($a->argc > 1) && (intval($a->argv[1]))) { @@ -346,7 +542,20 @@ function profiles_content(&$a) { require_once('include/profile_selectors.php'); - $tpl = get_markup_template('profed_head.tpl'); + + $editselect = 'textareas'; + if(intval(get_pconfig(local_user(),'system','plaintext'))) + $editselect = 'none'; + + $a->page['htmlhead'] .= replace_macros(get_markup_template('profed_head.tpl'), array( + '$baseurl' => $a->get_baseurl(true), + '$editselect' => $editselect, + )); + $a->page['end'] .= replace_macros(get_markup_template('profed_end.tpl'), array( + '$baseurl' => $a->get_baseurl(true), + '$editselect' => $editselect, + )); + $opt_tpl = get_markup_template("profile-hide-friends.tpl"); $hide_friends = replace_macros($opt_tpl,array( @@ -358,8 +567,7 @@ function profiles_content(&$a) { )); - $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl())); - $a->page['htmlhead'] .= ""; + $f = get_config('system','birthday_input_format'); if(! $f) @@ -368,6 +576,9 @@ function profiles_content(&$a) { $is_default = (($r[0]['is-default']) ? 1 : 0); $tpl = get_markup_template("profile_edit.tpl"); $o .= replace_macros($tpl,array( + '$form_security_token' => get_form_security_token("profile_edit"), + '$profile_clone_link' => 'profiles/clone/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_clone"), + '$profile_drop_link' => 'profiles/drop/' . $r[0]['id'] . '?t=' . get_form_security_token("profile_drop"), '$banner' => t('Edit Profile Details'), '$submit' => t('Submit'), '$viewprof' => t('View this profile'), @@ -387,12 +598,16 @@ function profiles_content(&$a) { '$lbl_marital' => t(' Marital Status:'), '$lbl_with' => t("Who: \x28if applicable\x29"), '$lbl_ex1' => t('Examples: cathy123, Cathy Williams, cathy@example.com'), + '$lbl_howlong' => t('Since [date]:'), '$lbl_sexual' => t('Sexual Preference:'), '$lbl_homepage' => t('Homepage URL:'), + '$lbl_hometown' => t('Hometown:'), '$lbl_politic' => t('Political Views:'), '$lbl_religion' => t('Religious Views:'), '$lbl_pubkey' => t('Public Keywords:'), '$lbl_prvkey' => t('Private Keywords:'), + '$lbl_likes' => t('Likes:'), + '$lbl_dislikes' => t('Dislikes:'), '$lbl_ex2' => t('Example: fishing photography software'), '$lbl_pubdsc' => t("\x28Used for suggesting potential friends, can be seen by others\x29"), '$lbl_prvdsc' => t("\x28Used for searching profiles, never shown to others\x29"), @@ -407,7 +622,7 @@ function profiles_content(&$a) { '$lbl_work' => t('Work/employment'), '$lbl_school' => t('School/education'), '$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''), - '$baseurl' => $a->get_baseurl(), + '$baseurl' => $a->get_baseurl(true), '$profile_id' => $r[0]['id'], '$profile_name' => $r[0]['profile-name'], '$default' => (($is_default) ? '

' . t('This is your public profile.
It may be visible to anybody using the internet.') . '

' : ""), @@ -424,13 +639,17 @@ function profiles_content(&$a) { '$gender' => gender_selector($r[0]['gender']), '$marital' => marital_selector($r[0]['marital']), '$with' => strip_tags($r[0]['with']), + '$howlong' => ($r[0]['howlong'] === '0000-00-00 00:00:00' ? '' : datetime_convert('UTC',date_default_timezone_get(),$r[0]['howlong'])), '$sexual' => sexpref_selector($r[0]['sexual']), '$about' => $r[0]['about'], '$homepage' => $r[0]['homepage'], + '$hometown' => $r[0]['hometown'], '$politic' => $r[0]['politic'], '$religion' => $r[0]['religion'], '$pub_keywords' => $r[0]['pub_keywords'], '$prv_keywords' => $r[0]['prv_keywords'], + '$likes' => $r[0]['likes'], + '$dislikes' => $r[0]['dislikes'], '$music' => $r[0]['music'], '$book' => $r[0]['book'], '$tv' => $r[0]['tv'], @@ -455,9 +674,10 @@ function profiles_content(&$a) { $tpl_header = get_markup_template('profile_listing_header.tpl'); $o .= replace_macros($tpl_header,array( - '$header' => t('Profiles'), + '$header' => t('Edit/Manage Profiles'), '$chg_photo' => t('Change profile photo'), - '$cr_new' => t('Create New Profile') + '$cr_new' => t('Create New Profile'), + '$cr_new_link' => 'profiles/new?t=' . get_form_security_token("profile_new") )); @@ -465,12 +685,12 @@ function profiles_content(&$a) { foreach($r as $rr) { $o .= replace_macros($tpl, array( - '$photo' => $rr['thumb'], + '$photo' => $a->get_cached_avatar_image($rr['thumb']), '$id' => $rr['id'], '$alt' => t('Profile Image'), '$profile_name' => $rr['profile-name'], '$visible' => (($rr['is-default']) ? '' . t('visible to everybody') . '' - : '' . t('Edit visibility') . '') + : '' . t('Edit visibility') . '') )); } }