X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=src%2FModel%2FProfile.php;h=f6fb3167d775cbe33d23dee5dfe296c4e335acc0;hb=5c13ecdf6ecc4433f5b1f3b87334ae3c04da4589;hp=1bd7a97027303a1e80f46f512883909516a0bb15;hpb=413424064c30c3b799f03ed728ab0a3f8f5eb424;p=friendica.git

diff --git a/src/Model/Profile.php b/src/Model/Profile.php
index 1bd7a97027..f6fb3167d7 100644
--- a/src/Model/Profile.php
+++ b/src/Model/Profile.php
@@ -13,19 +13,34 @@ use Friendica\Core\Cache;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Core\PConfig;
+use Friendica\Core\Protocol;
 use Friendica\Core\System;
 use Friendica\Core\Worker;
 use Friendica\Database\DBA;
+use Friendica\Model\Contact;
 use Friendica\Protocol\Diaspora;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
+use Friendica\Util\Proxy as ProxyUtils;
 use Friendica\Util\Temporal;
 
 require_once 'include/dba.php';
-require_once 'mod/proxy.php';
 
 class Profile
 {
+	/**
+	 * @brief Returns default profile for a given user id
+	 *
+	 * @param integer User ID
+	 *
+	 * @return array Profile data
+	 */
+	public static function getByUID($uid)
+	{
+		$profile = DBA::selectFirst('profile', [], ['uid' => $uid, 'is-default' => true]);
+		return $profile;
+	}
+
 	/**
 	 * @brief Returns a formatted location string from the given profile array
 	 *
@@ -115,15 +130,17 @@ class Profile
 			return;
 		}
 
+		if (empty($pdata)) {
+			$pdata = ['uid' => 0, 'profile_uid' => 0, 'is-default' => false,'name' => $nickname];
+		}
+
 		// fetch user tags if this isn't the default profile
 
 		if (!$pdata['is-default']) {
-			$x = q(
-				"SELECT `pub_keywords` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
-				intval($pdata['profile_uid'])
-			);
-			if ($x && count($x)) {
-				$pdata['pub_keywords'] = $x[0]['pub_keywords'];
+			$condition = ['uid' => $pdata['profile_uid'], 'is-default' => true];
+			$profile = DBA::selectFirst('profile', ['pub_keywords'], $condition);
+			if (DBA::isResult($profile)) {
+				$pdata['pub_keywords'] = $profile['pub_keywords'];
 			}
 		}
 
@@ -131,7 +148,7 @@ class Profile
 		$a->profile_uid = $pdata['profile_uid'];
 
 		$a->profile['mobile-theme'] = PConfig::get($a->profile['profile_uid'], 'system', 'mobile_theme');
-		$a->profile['network'] = NETWORK_DFRN;
+		$a->profile['network'] = Protocol::DFRN;
 
 		$a->page['title'] = $a->profile['name'] . ' @ ' . Config::get('config', 'sitename');
 
@@ -145,7 +162,7 @@ class Profile
 		* load/reload current theme info
 		*/
 
-		$a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
+		$a->setActiveTemplateEngine(); // reset the template engine to the default in case the user's theme doesn't specify one
 
 		$theme_info_file = 'view/theme/' . $a->getCurrentTheme() . '/theme.php';
 		if (file_exists($theme_info_file)) {
@@ -194,7 +211,7 @@ class Profile
 	 */
 	public static function getByNickname($nickname, $uid = 0, $profile_id = 0)
 	{
-		if (remote_user() && count($_SESSION['remote'])) {
+		if (remote_user() && !empty($_SESSION['remote'])) {
 			foreach ($_SESSION['remote'] as $visitor) {
 				if ($visitor['uid'] == $uid) {
 					$contact = DBA::selectFirst('contact', ['profile-id'], ['id' => $visitor['cid']]);
@@ -275,7 +292,7 @@ class Profile
 
 		$profile['picdate'] = urlencode(defaults($profile, 'picdate', ''));
 
-		if (($profile['network'] != '') && ($profile['network'] != NETWORK_DFRN)) {
+		if (($profile['network'] != '') && ($profile['network'] != Protocol::DFRN)) {
 			$profile['network_name'] = format_network_name($profile['network'], $profile['url']);
 		} else {
 			$profile['network_name'] = '';
@@ -288,7 +305,7 @@ class Profile
 		$connect = $profile['uid'] != local_user() ? L10n::t('Connect') : false;
 
 		// don't show connect link to authenticated visitors either
-		if (remote_user() && count($_SESSION['remote'])) {
+		if (remote_user() && !empty($_SESSION['remote'])) {
 			foreach ($_SESSION['remote'] as $visitor) {
 				if ($visitor['uid'] == $profile['uid']) {
 					$connect = false;
@@ -316,7 +333,7 @@ class Profile
 			}
 		}
 
-		if ($connect && ($profile['network'] != NETWORK_DFRN) && !isset($profile['remoteconnect'])) {
+		if ($connect && ($profile['network'] != Protocol::DFRN) && !isset($profile['remoteconnect'])) {
 			$connect = false;
 		}
 
@@ -325,39 +342,42 @@ class Profile
 			$remoteconnect = $profile['remoteconnect'];
 		}
 
-		if ($connect && ($profile['network'] == NETWORK_DFRN) && !isset($remoteconnect)) {
+		if ($connect && ($profile['network'] == Protocol::DFRN) && !isset($remoteconnect)) {
 			$subscribe_feed = L10n::t('Atom feed');
 		} else {
 			$subscribe_feed = false;
 		}
 
+		$wallmessage = false;
+		$wallmessage_link = false;
+
+		// See issue https://github.com/friendica/friendica/issues/3838
+		// Either we remove the message link for remote users or we enable creating messages from remote users
 		if (remote_user() || (self::getMyURL() && x($profile, 'unkmail') && ($profile['uid'] != local_user()))) {
 			$wallmessage = L10n::t('Message');
-			$wallmessage_link = 'wallmessage/' . $profile['nickname'];
 
 			if (remote_user()) {
 				$r = q(
 					"SELECT `url` FROM `contact` WHERE `uid` = %d AND `id` = '%s' AND `rel` = %d",
 					intval($profile['uid']),
 					intval(remote_user()),
-					intval(CONTACT_IS_FRIEND)
+					intval(Contact::FRIEND)
 				);
 			} else {
 				$r = q(
 					"SELECT `url` FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' AND `rel` = %d",
 					intval($profile['uid']),
 					DBA::escape(normalise_link(self::getMyURL())),
-					intval(CONTACT_IS_FRIEND)
+					intval(Contact::FRIEND)
 				);
 			}
 			if ($r) {
 				$remote_url = $r[0]['url'];
 				$message_path = preg_replace('=(.*)/profile/(.*)=ism', '$1/message/new/', $remote_url);
-				$wallmessage_link = $message_path . base64_encode($profile['addr']);
+				$wallmessage_link = $message_path . base64_encode(defaults($profile, 'addr', ''));
+			} else if (!empty($profile['nickname'])) {
+				$wallmessage_link = 'wallmessage/' . $profile['nickname'];
 			}
-		} else {
-			$wallmessage = false;
-			$wallmessage_link = false;
 		}
 
 		// show edit profile to yourself
@@ -463,9 +483,9 @@ class Profile
 						AND NOT `hidden` AND NOT `archive`
 						AND `network` IN ('%s', '%s', '%s', '')",
 					intval($profile['uid']),
-					DBA::escape(NETWORK_DFRN),
-					DBA::escape(NETWORK_DIASPORA),
-					DBA::escape(NETWORK_OSTATUS)
+					DBA::escape(Protocol::DFRN),
+					DBA::escape(Protocol::DIASPORA),
+					DBA::escape(Protocol::OSTATUS)
 				);
 				if (DBA::isResult($r)) {
 					$contacts = intval($r[0]['total']);
@@ -485,12 +505,12 @@ class Profile
 
 		if (isset($p['address'])) {
 			$p['address'] = BBCode::convert($p['address']);
-		} else {
+		} elseif (isset($p['location'])) {
 			$p['address'] = BBCode::convert($p['location']);
 		}
 
 		if (isset($p['photo'])) {
-			$p['photo'] = proxy_url($p['photo'], false, PROXY_SIZE_SMALL);
+			$p['photo'] = ProxyUtils::proxifyUrl($p['photo'], false, ProxyUtils::SIZE_SMALL);
 		}
 
 		$p['url'] = Contact::magicLink(defaults($p, 'url', $profile_url));
@@ -557,7 +577,7 @@ class Profile
 			);
 			if (DBA::isResult($s)) {
 				$r = DBA::toArray($s);
-				Cache::set($cachekey, $r, CACHE_HOUR);
+				Cache::set($cachekey, $r, Cache::HOUR);
 			}
 		}
 
@@ -632,40 +652,29 @@ class Profile
 		$bd_format = L10n::t('g A l F d'); // 8 AM Friday January 18
 		$classtoday = '';
 
-		$s = DBA::p(
-			"SELECT `event`.*
-			FROM `event`
-			INNER JOIN `item`
-				ON `item`.`uid` = `event`.`uid`
-				AND `item`.`parent-uri` = `event`.`uri`
-			WHERE `event`.`uid` = ?
-			AND `event`.`type` != 'birthday'
-			AND `event`.`start` < ?
-			AND `event`.`start` >= ?
-			AND `item`.`author-id` = ?
-			AND (`item`.`verb` = ? OR `item`.`verb` = ?)
-			AND `item`.`visible`
-			AND NOT `item`.`deleted`
-			ORDER BY  `event`.`start` ASC",
-			local_user(),
-			DateTimeFormat::utc('now + 7 days'),
-			DateTimeFormat::utc('now - 1 days'),
-			public_contact(),
-			ACTIVITY_ATTEND,
-			ACTIVITY_ATTENDMAYBE
-		);
+		$condition = ["`uid` = ? AND `type` != 'birthday' AND `start` < ? AND `start` >= ?",
+			local_user(), DateTimeFormat::utc('now + 7 days'), DateTimeFormat::utc('now - 1 days')];
+		$s = DBA::select('event', [], $condition, ['order' => ['start']]);
 
 		$r = [];
 
 		if (DBA::isResult($s)) {
 			$istoday = false;
+			$total = 0;
 
 			while ($rr = DBA::fetch($s)) {
-				if (strlen($rr['name'])) {
-					$total ++;
+				$condition = ['parent-uri' => $rr['uri'], 'uid' => $rr['uid'], 'author-id' => public_contact(),
+					'activity' => [Item::activityToIndex(ACTIVITY_ATTEND), Item::activityToIndex(ACTIVITY_ATTENDMAYBE)],
+					'visible' => true, 'deleted' => false];
+				if (!Item::exists($condition)) {
+					continue;
 				}
 
-				$strt = DateTimeFormat::convert($rr['start'], $rr['convert'] ? $a->timezone : 'UTC', 'UTC', 'Y-m-d');
+				if (strlen($rr['summary'])) {
+					$total++;
+				}
+
+				$strt = DateTimeFormat::convert($rr['start'], $rr['adjust'] ? $a->timezone : 'UTC', 'UTC', 'Y-m-d');
 				if ($strt === DateTimeFormat::timezoneNow($a->timezone, 'Y-m-d')) {
 					$istoday = true;
 				}
@@ -681,7 +690,7 @@ class Profile
 					$description = L10n::t('[No description]');
 				}
 
-				$strt = DateTimeFormat::convert($rr['start'], $rr['convert'] ? $a->timezone : 'UTC');
+				$strt = DateTimeFormat::convert($rr['start'], $rr['adjust'] ? $a->timezone : 'UTC');
 
 				if (substr($strt, 0, 10) < DateTimeFormat::timezoneNow($a->timezone, 'Y-m-d')) {
 					continue;
@@ -1001,52 +1010,59 @@ class Profile
 		$my_url = self::getMyURL();
 		$my_url = Network::isUrlValid($my_url);
 
-		if ($my_url) {
-			if (!local_user()) {
-				// Is it a DDoS attempt?
-				// The check fetches the cached value from gprobe to reduce the load for this system
-				$urlparts = parse_url($my_url);
+		if (empty($my_url) || local_user()) {
+			return;
+		}
 
-				$result = Cache::get('gprobe:' . $urlparts['host']);
-				if ((!is_null($result)) && (in_array($result['network'], [NETWORK_FEED, NETWORK_PHANTOM]))) {
-					logger('DDoS attempt detected for ' . $urlparts['host'] . ' by ' . $_SERVER['REMOTE_ADDR'] . '. server data: ' . print_r($_SERVER, true), LOGGER_DEBUG);
-					return;
-				}
+		$arr = ['zrl' => $my_url, 'url' => $a->cmd];
+		Addon::callHooks('zrl_init', $arr);
 
-				Worker::add(PRIORITY_LOW, 'GProbe', $my_url);
-				$arr = ['zrl' => $my_url, 'url' => $a->cmd];
-				Addon::callHooks('zrl_init', $arr);
+		// Try to find the public contact entry of the visitor.
+		$cid = Contact::getIdForURL($my_url);
+		if (!$cid) {
+			logger('No contact record found for ' . $my_url, LOGGER_DEBUG);
+			return;
+		}
 
-				// Try to find the public contact entry of the visitor.
-				$cid = Contact::getIdForURL($my_url);
-				if (!$cid) {
-					logger('No contact record found for ' . $my_url, LOGGER_DEBUG);
-					return;
-				}
+		$contact = DBA::selectFirst('contact',['id', 'url'], ['id' => $cid]);
 
-				$contact = DBA::selectFirst('contact',['id', 'url'], ['id' => $cid]);
+		if (DBA::isResult($contact) && remote_user() && remote_user() == $contact['id']) {
+			logger('The visitor ' . $my_url . ' is already authenticated', LOGGER_DEBUG);
+			return;
+		}
 
-				if (DBA::isResult($contact) && remote_user() && remote_user() == $contact['id']) {
-					// The visitor is already authenticated.
-					return;
-				}
+		// Avoid endless loops
+		$cachekey = 'zrlInit:' . $my_url;
+		if (Cache::get($cachekey)) {
+			logger('URL ' . $my_url . ' already tried to authenticate.', LOGGER_DEBUG);
+			return;
+		} else {
+			Cache::set($cachekey, true, Cache::MINUTE);
+		}
 
-				logger('Not authenticated. Invoking reverse magic-auth for ' . $my_url, LOGGER_DEBUG);
+		logger('Not authenticated. Invoking reverse magic-auth for ' . $my_url, LOGGER_DEBUG);
 
-				// Try to avoid recursion - but send them home to do a proper magic auth.
-				$query = str_replace(array('?zrl=', '&zid='), array('?rzrl=', '&rzrl='), $a->query_string);
-				// The other instance needs to know where to redirect.
-				$dest = urlencode(System::baseUrl() . '/' . $query);
+		Worker::add(PRIORITY_LOW, 'GProbe', $my_url);
 
-				// We need to extract the basebath from the profile url
-				// to redirect the visitors '/magic' module.
-				// Note: We should have the basepath of a contact also in the contact table.
-				$urlarr = explode('/profile/', $contact['url']);
-				$basepath = $urlarr[0];
+		// Try to avoid recursion - but send them home to do a proper magic auth.
+		$query = str_replace(array('?zrl=', '&zid='), array('?rzrl=', '&rzrl='), $a->query_string);
+		// The other instance needs to know where to redirect.
+		$dest = urlencode(System::baseUrl() . '/' . $query);
 
-				if ($basepath != System::baseUrl() && !strstr($dest, '/magic') && !strstr($dest, '/rmagic')) {
-					goaway($basepath . '/magic' . '?f=&owa=1&dest=' . $dest);
-				}
+		// We need to extract the basebath from the profile url
+		// to redirect the visitors '/magic' module.
+		// Note: We should have the basepath of a contact also in the contact table.
+		$urlarr = explode('/profile/', $contact['url']);
+		$basepath = $urlarr[0];
+
+		if ($basepath != System::baseUrl() && !strstr($dest, '/magic') && !strstr($dest, '/rmagic')) {
+			$magic_path = $basepath . '/magic' . '?f=&owa=1&dest=' . $dest;
+
+			// We have to check if the remote server does understand /magic without invoking something
+			$serverret = Network::curl($basepath . '/magic');
+			if ($serverret->isSuccess()) {
+				logger('Doing magic auth for visitor ' . $my_url . ' to ' . $magic_path, LOGGER_DEBUG);
+				goaway($magic_path);
 			}
 		}
 	}
@@ -1103,7 +1119,7 @@ class Profile
 
 		$a->contact = $arr['visitor'];
 
-		info(L10n::t('OpenWebAuth: %1$s welcomes %2$s', $a->get_hostname(), $visitor['name']));
+		info(L10n::t('OpenWebAuth: %1$s welcomes %2$s', $a->getHostName(), $visitor['name']));
 
 		logger('OpenWebAuth: auth success from ' . $visitor['addr'], LOGGER_DEBUG);
 	}