X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fprofile.php;h=e9b144ffdd7b8538cdd318f0cf6bf6f96b909c05;hb=9816f14d40a04867b2d96891c297252cc4a7006d;hp=8d46d6c5ba5fb0a7dff07a9ce2b7c6c8aea00031;hpb=e3d1ef8ef7c1be2a8588ec1709304f766b0c7607;p=friendica.git diff --git a/mod/profile.php b/mod/profile.php index 8d46d6c5ba..e9b144ffdd 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -55,11 +55,6 @@ function profile_content(&$a, $update = 0) { return login(); } - if($a->profile['hidewall'] && (! local_user()) && (! remote_user())) { - notice( t('Access to this profile has been restricted.') . EOL); - return; - } - require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); @@ -102,6 +97,12 @@ function profile_content(&$a, $update = 0) { } $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false); + + if($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) { + notice( t('Access to this profile has been restricted.') . EOL); + return; + } + if(! $update) { if(x($_GET,'tab')) @@ -114,7 +115,10 @@ function profile_content(&$a, $update = 0) { '$phototab' => $a->get_baseurl() . '/photos/' . $a->profile['nickname'], '$status' => t('Status'), '$profile' => t('Profile'), - '$photos' => t('Photos') + '$photos' => t('Photos'), + '$events' => (($is_owner) ? t('Events') : ''), + '$notes' => (($is_owner) ? t('Personal Notes') : ''), + '$activetab' => $tab, )); @@ -125,6 +129,9 @@ function profile_content(&$a, $update = 0) { return $o; } + if(x($_SESSION,'new_member') && $_SESSION['new_member'] && $is_owner) + $o .= '' . t('Tips for New Members') . '' . EOL; + $commpage = (($a->profile['page-flags'] == PAGE_COMMUNITY) ? true : false); $commvisitor = (($commpage && $remote_contact == true) ? true : false); @@ -157,48 +164,19 @@ function profile_content(&$a, $update = 0) { } } - // Construct permissions - - // default permissions - anonymous user - - $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' "; - - // Profile owner - everything is visible - if($is_owner) { - $sql_extra = ''; - - // Oh - while we're here... reset the Unseen messages - $r = q("UPDATE `item` SET `unseen` = 0 WHERE `wall` = 1 AND `unseen` = 1 AND `uid` = %d", - intval($_SESSION['uid']) + intval(local_user()) ); - } - // authenticated visitor - here lie dragons - // If $remotecontact is true, we know that not only is this a remotely authenticated - // person, but that it is *our* contact, which is important in multi-user mode. - - elseif($remote_contact) { - $gs = '<<>>'; // should be impossible to match - if(count($groups)) { - foreach($groups as $g) - $gs .= '|<' . intval($g) . '>'; - } - $sql_extra = sprintf( - " AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' ) - AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' ) - AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' ) - AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') ", - - intval($_SESSION['visitor_id']), - intval($_SESSION['visitor_id']), - dbesc($gs), - dbesc($gs) - ); - } + /** + * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups + */ + + $sql_extra = permissions_sql($a->profile['profile_uid'],$remote_contact,$groups); + $r = q("SELECT COUNT(*) AS `total` FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` @@ -240,12 +218,13 @@ function profile_content(&$a, $update = 0) { `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`network`, `contact`.`rel`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` - FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` + FROM `item`, (SELECT `p`.`id`,`p`.`created` FROM `item` AS `p` WHERE `p`.`parent` = `p`.`id`) AS `parentitem`, `contact` WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - AND `item`.`parent` IN ( %s ) + AND `item`.`parent` = `parentitem`.`id` AND `item`.`parent` IN ( %s ) $sql_extra - ORDER BY `parent` DESC, `gravity` ASC, `item`.`id` ASC ", + ORDER BY `parentitem`.`created` DESC, `gravity` ASC, `item`.`created` ASC ", intval($a->profile['profile_uid']), dbesc($parents_str) ); @@ -254,11 +233,8 @@ function profile_content(&$a, $update = 0) { if($is_owner && ! $update) $o .= get_birthdays(); - - $o .= conversation($a,$r,'profile',$update); - if(! $update) { $o .= paginate($a);