X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=src%2FModel%2FProfile.php;h=f6fb3167d775cbe33d23dee5dfe296c4e335acc0;hb=5c13ecdf6ecc4433f5b1f3b87334ae3c04da4589;hp=2e1af26c761275567f682b0e63f08642066404e4;hpb=eaf81e5e66db1f722192005ff75bb5831c1912eb;p=friendica.git

diff --git a/src/Model/Profile.php b/src/Model/Profile.php
index 2e1af26c76..f6fb3167d7 100644
--- a/src/Model/Profile.php
+++ b/src/Model/Profile.php
@@ -13,6 +13,7 @@ use Friendica\Core\Cache;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Core\PConfig;
+use Friendica\Core\Protocol;
 use Friendica\Core\System;
 use Friendica\Core\Worker;
 use Friendica\Database\DBA;
@@ -27,6 +28,19 @@ require_once 'include/dba.php';
 
 class Profile
 {
+	/**
+	 * @brief Returns default profile for a given user id
+	 *
+	 * @param integer User ID
+	 *
+	 * @return array Profile data
+	 */
+	public static function getByUID($uid)
+	{
+		$profile = DBA::selectFirst('profile', [], ['uid' => $uid, 'is-default' => true]);
+		return $profile;
+	}
+
 	/**
 	 * @brief Returns a formatted location string from the given profile array
 	 *
@@ -123,12 +137,10 @@ class Profile
 		// fetch user tags if this isn't the default profile
 
 		if (!$pdata['is-default']) {
-			$x = q(
-				"SELECT `pub_keywords` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
-				intval($pdata['profile_uid'])
-			);
-			if ($x && count($x)) {
-				$pdata['pub_keywords'] = $x[0]['pub_keywords'];
+			$condition = ['uid' => $pdata['profile_uid'], 'is-default' => true];
+			$profile = DBA::selectFirst('profile', ['pub_keywords'], $condition);
+			if (DBA::isResult($profile)) {
+				$pdata['pub_keywords'] = $profile['pub_keywords'];
 			}
 		}
 
@@ -136,7 +148,7 @@ class Profile
 		$a->profile_uid = $pdata['profile_uid'];
 
 		$a->profile['mobile-theme'] = PConfig::get($a->profile['profile_uid'], 'system', 'mobile_theme');
-		$a->profile['network'] = NETWORK_DFRN;
+		$a->profile['network'] = Protocol::DFRN;
 
 		$a->page['title'] = $a->profile['name'] . ' @ ' . Config::get('config', 'sitename');
 
@@ -150,7 +162,7 @@ class Profile
 		* load/reload current theme info
 		*/
 
-		$a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one
+		$a->setActiveTemplateEngine(); // reset the template engine to the default in case the user's theme doesn't specify one
 
 		$theme_info_file = 'view/theme/' . $a->getCurrentTheme() . '/theme.php';
 		if (file_exists($theme_info_file)) {
@@ -280,7 +292,7 @@ class Profile
 
 		$profile['picdate'] = urlencode(defaults($profile, 'picdate', ''));
 
-		if (($profile['network'] != '') && ($profile['network'] != NETWORK_DFRN)) {
+		if (($profile['network'] != '') && ($profile['network'] != Protocol::DFRN)) {
 			$profile['network_name'] = format_network_name($profile['network'], $profile['url']);
 		} else {
 			$profile['network_name'] = '';
@@ -321,7 +333,7 @@ class Profile
 			}
 		}
 
-		if ($connect && ($profile['network'] != NETWORK_DFRN) && !isset($profile['remoteconnect'])) {
+		if ($connect && ($profile['network'] != Protocol::DFRN) && !isset($profile['remoteconnect'])) {
 			$connect = false;
 		}
 
@@ -330,7 +342,7 @@ class Profile
 			$remoteconnect = $profile['remoteconnect'];
 		}
 
-		if ($connect && ($profile['network'] == NETWORK_DFRN) && !isset($remoteconnect)) {
+		if ($connect && ($profile['network'] == Protocol::DFRN) && !isset($remoteconnect)) {
 			$subscribe_feed = L10n::t('Atom feed');
 		} else {
 			$subscribe_feed = false;
@@ -339,6 +351,8 @@ class Profile
 		$wallmessage = false;
 		$wallmessage_link = false;
 
+		// See issue https://github.com/friendica/friendica/issues/3838
+		// Either we remove the message link for remote users or we enable creating messages from remote users
 		if (remote_user() || (self::getMyURL() && x($profile, 'unkmail') && ($profile['uid'] != local_user()))) {
 			$wallmessage = L10n::t('Message');
 
@@ -360,7 +374,7 @@ class Profile
 			if ($r) {
 				$remote_url = $r[0]['url'];
 				$message_path = preg_replace('=(.*)/profile/(.*)=ism', '$1/message/new/', $remote_url);
-				$wallmessage_link = $message_path . base64_encode($profile['addr']);
+				$wallmessage_link = $message_path . base64_encode(defaults($profile, 'addr', ''));
 			} else if (!empty($profile['nickname'])) {
 				$wallmessage_link = 'wallmessage/' . $profile['nickname'];
 			}
@@ -469,9 +483,9 @@ class Profile
 						AND NOT `hidden` AND NOT `archive`
 						AND `network` IN ('%s', '%s', '%s', '')",
 					intval($profile['uid']),
-					DBA::escape(NETWORK_DFRN),
-					DBA::escape(NETWORK_DIASPORA),
-					DBA::escape(NETWORK_OSTATUS)
+					DBA::escape(Protocol::DFRN),
+					DBA::escape(Protocol::DIASPORA),
+					DBA::escape(Protocol::OSTATUS)
 				);
 				if (DBA::isResult($r)) {
 					$contacts = intval($r[0]['total']);
@@ -491,7 +505,7 @@ class Profile
 
 		if (isset($p['address'])) {
 			$p['address'] = BBCode::convert($p['address']);
-		} else {
+		} elseif (isset($p['location'])) {
 			$p['address'] = BBCode::convert($p['location']);
 		}
 
@@ -563,7 +577,7 @@ class Profile
 			);
 			if (DBA::isResult($s)) {
 				$r = DBA::toArray($s);
-				Cache::set($cachekey, $r, CACHE_HOUR);
+				Cache::set($cachekey, $r, Cache::HOUR);
 			}
 		}
 
@@ -638,37 +652,26 @@ class Profile
 		$bd_format = L10n::t('g A l F d'); // 8 AM Friday January 18
 		$classtoday = '';
 
-		$s = DBA::p(
-			"SELECT `event`.*
-			FROM `event`
-			INNER JOIN `item`
-				ON `item`.`uid` = `event`.`uid`
-				AND `item`.`parent-uri` = `event`.`uri`
-			WHERE `event`.`uid` = ?
-			AND `event`.`type` != 'birthday'
-			AND `event`.`start` < ?
-			AND `event`.`start` >= ?
-			AND `item`.`author-id` = ?
-			AND (`item`.`verb` = ? OR `item`.`verb` = ?)
-			AND `item`.`visible`
-			AND NOT `item`.`deleted`
-			ORDER BY  `event`.`start` ASC",
-			local_user(),
-			DateTimeFormat::utc('now + 7 days'),
-			DateTimeFormat::utc('now - 1 days'),
-			public_contact(),
-			ACTIVITY_ATTEND,
-			ACTIVITY_ATTENDMAYBE
-		);
+		$condition = ["`uid` = ? AND `type` != 'birthday' AND `start` < ? AND `start` >= ?",
+			local_user(), DateTimeFormat::utc('now + 7 days'), DateTimeFormat::utc('now - 1 days')];
+		$s = DBA::select('event', [], $condition, ['order' => ['start']]);
 
 		$r = [];
 
 		if (DBA::isResult($s)) {
 			$istoday = false;
+			$total = 0;
 
 			while ($rr = DBA::fetch($s)) {
+				$condition = ['parent-uri' => $rr['uri'], 'uid' => $rr['uid'], 'author-id' => public_contact(),
+					'activity' => [Item::activityToIndex(ACTIVITY_ATTEND), Item::activityToIndex(ACTIVITY_ATTENDMAYBE)],
+					'visible' => true, 'deleted' => false];
+				if (!Item::exists($condition)) {
+					continue;
+				}
+
 				if (strlen($rr['summary'])) {
-					$total ++;
+					$total++;
 				}
 
 				$strt = DateTimeFormat::convert($rr['start'], $rr['adjust'] ? $a->timezone : 'UTC', 'UTC', 'Y-m-d');
@@ -1007,56 +1010,59 @@ class Profile
 		$my_url = self::getMyURL();
 		$my_url = Network::isUrlValid($my_url);
 
-		if ($my_url) {
-			if (!local_user()) {
-				// Is it a DDoS attempt?
-				// The check fetches the cached value from gprobe to reduce the load for this system
-				$urlparts = parse_url($my_url);
+		if (empty($my_url) || local_user()) {
+			return;
+		}
+
+		$arr = ['zrl' => $my_url, 'url' => $a->cmd];
+		Addon::callHooks('zrl_init', $arr);
 
-				$result = Cache::get('gprobe:' . $urlparts['host']);
-				if ((!is_null($result)) && (in_array($result['network'], [NETWORK_FEED, NETWORK_PHANTOM]))) {
-					logger('DDoS attempt detected for ' . $urlparts['host'] . ' by ' . $_SERVER['REMOTE_ADDR'] . '. server data: ' . print_r($_SERVER, true), LOGGER_DEBUG);
-					return;
-				}
+		// Try to find the public contact entry of the visitor.
+		$cid = Contact::getIdForURL($my_url);
+		if (!$cid) {
+			logger('No contact record found for ' . $my_url, LOGGER_DEBUG);
+			return;
+		}
 
-				Worker::add(PRIORITY_LOW, 'GProbe', $my_url);
-				$arr = ['zrl' => $my_url, 'url' => $a->cmd];
-				Addon::callHooks('zrl_init', $arr);
+		$contact = DBA::selectFirst('contact',['id', 'url'], ['id' => $cid]);
 
-				// Try to find the public contact entry of the visitor.
-				$cid = Contact::getIdForURL($my_url);
-				if (!$cid) {
-					logger('No contact record found for ' . $my_url, LOGGER_DEBUG);
-					return;
-				}
+		if (DBA::isResult($contact) && remote_user() && remote_user() == $contact['id']) {
+			logger('The visitor ' . $my_url . ' is already authenticated', LOGGER_DEBUG);
+			return;
+		}
+
+		// Avoid endless loops
+		$cachekey = 'zrlInit:' . $my_url;
+		if (Cache::get($cachekey)) {
+			logger('URL ' . $my_url . ' already tried to authenticate.', LOGGER_DEBUG);
+			return;
+		} else {
+			Cache::set($cachekey, true, Cache::MINUTE);
+		}
 
-				$contact = DBA::selectFirst('contact',['id', 'url'], ['id' => $cid]);
+		logger('Not authenticated. Invoking reverse magic-auth for ' . $my_url, LOGGER_DEBUG);
 
-				if (DBA::isResult($contact) && remote_user() && remote_user() == $contact['id']) {
-					// The visitor is already authenticated.
-					return;
-				}
+		Worker::add(PRIORITY_LOW, 'GProbe', $my_url);
 
-				logger('Not authenticated. Invoking reverse magic-auth for ' . $my_url, LOGGER_DEBUG);
+		// Try to avoid recursion - but send them home to do a proper magic auth.
+		$query = str_replace(array('?zrl=', '&zid='), array('?rzrl=', '&rzrl='), $a->query_string);
+		// The other instance needs to know where to redirect.
+		$dest = urlencode(System::baseUrl() . '/' . $query);
 
-				// Try to avoid recursion - but send them home to do a proper magic auth.
-				$query = str_replace(array('?zrl=', '&zid='), array('?rzrl=', '&rzrl='), $a->query_string);
-				// The other instance needs to know where to redirect.
-				$dest = urlencode(System::baseUrl() . '/' . $query);
+		// We need to extract the basebath from the profile url
+		// to redirect the visitors '/magic' module.
+		// Note: We should have the basepath of a contact also in the contact table.
+		$urlarr = explode('/profile/', $contact['url']);
+		$basepath = $urlarr[0];
 
-				// We need to extract the basebath from the profile url
-				// to redirect the visitors '/magic' module.
-				// Note: We should have the basepath of a contact also in the contact table.
-				$urlarr = explode('/profile/', $contact['url']);
-				$basepath = $urlarr[0];
+		if ($basepath != System::baseUrl() && !strstr($dest, '/magic') && !strstr($dest, '/rmagic')) {
+			$magic_path = $basepath . '/magic' . '?f=&owa=1&dest=' . $dest;
 
-				if ($basepath != System::baseUrl() && !strstr($dest, '/magic') && !strstr($dest, '/rmagic')) {
-					$magic_path = $basepath . '/magic' . '?f=&owa=1&dest=' . $dest;
-					$serverret = Network::curl($magic_path);
-					if (!empty($serverret['success'])) {
-						goaway($magic_path);
-					}
-				}
+			// We have to check if the remote server does understand /magic without invoking something
+			$serverret = Network::curl($basepath . '/magic');
+			if ($serverret->isSuccess()) {
+				logger('Doing magic auth for visitor ' . $my_url . ' to ' . $magic_path, LOGGER_DEBUG);
+				goaway($magic_path);
 			}
 		}
 	}
@@ -1113,7 +1119,7 @@ class Profile
 
 		$a->contact = $arr['visitor'];
 
-		info(L10n::t('OpenWebAuth: %1$s welcomes %2$s', $a->get_hostname(), $visitor['name']));
+		info(L10n::t('OpenWebAuth: %1$s welcomes %2$s', $a->getHostName(), $visitor['name']));
 
 		logger('OpenWebAuth: auth success from ' . $visitor['addr'], LOGGER_DEBUG);
 	}