X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModel%2FProfile.php;h=2e70af4d58ef44db4f47ef9d4842ee13a0b8bd7d;hb=92a84275d4f17616129d9426d1120f3544752442;hp=df53b5d80a5faa1d8e6fc2931d84b145ce2d70fb;hpb=f04d40a37eb36e903433478d671a9dcd5bb6aacb;p=friendica.git diff --git a/src/Model/Profile.php b/src/Model/Profile.php index df53b5d80a..2e70af4d58 100644 --- a/src/Model/Profile.php +++ b/src/Model/Profile.php @@ -7,6 +7,7 @@ namespace Friendica\Model; use Friendica\App; use Friendica\Content\Feature; use Friendica\Content\ForumManager; +use Friendica\Content\Text\BBCode; use Friendica\Core\Addon; use Friendica\Core\Cache; use Friendica\Core\Config; @@ -16,12 +17,14 @@ use Friendica\Core\System; use Friendica\Core\Worker; use Friendica\Database\DBM; use Friendica\Model\Contact; +use Friendica\Model\OpenWebAuthToken; use Friendica\Protocol\Diaspora; +use Friendica\Util\DateTimeFormat; use Friendica\Util\Network; +use Friendica\Util\Temporal; use dba; require_once 'include/dba.php'; -require_once 'include/bbcode.php'; require_once 'mod/proxy.php'; class Profile @@ -88,16 +91,16 @@ class Profile */ public static function load(App $a, $nickname, $profile = 0, $profiledata = [], $show_connect = true) { - $user = dba::selectFirst('user', ['uid'], ['nickname' => $nickname]); + $user = dba::selectFirst('user', ['uid'], ['nickname' => $nickname, 'account_removed' => false]); - if (!$user && !count($user) && !count($profiledata)) { + if (!DBM::is_result($user) && empty($profiledata)) { logger('profile error: ' . $a->query_string, LOGGER_DEBUG); notice(L10n::t('Requested account is not available.') . EOL); $a->error = 404; return; } - if (!x($a->page, 'aside')) { + if (empty($a->page['aside'])) { $a->page['aside'] = ''; } @@ -150,15 +153,11 @@ class Profile $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one - $theme_info_file = 'view/theme/' . current_theme() . '/theme.php'; + $theme_info_file = 'view/theme/' . $a->getCurrentTheme() . '/theme.php'; if (file_exists($theme_info_file)) { require_once $theme_info_file; } - if (!x($a->page, 'aside')) { - $a->page['aside'] = ''; - } - if (local_user() && local_user() == $a->profile['uid'] && $profiledata) { $a->page['aside'] .= replace_macros( get_markup_template('profile_edlink.tpl'), @@ -257,7 +256,7 @@ class Profile * @param int $block * @param boolean $show_connect Show connect link * - * @return HTML string suitable for sidebar inclusion + * @return string HTML sidebar module * * @note Returns empty string if passed $profile is wrong type or not populated * @@ -485,19 +484,21 @@ class Profile } if (isset($p['about'])) { - $p['about'] = bbcode($p['about']); + $p['about'] = BBCode::convert($p['about']); } if (isset($p['address'])) { - $p['address'] = bbcode($p['address']); + $p['address'] = BBCode::convert($p['address']); } else { - $p['address'] = bbcode($p['location']); + $p['address'] = BBCode::convert($p['location']); } if (isset($p['photo'])) { $p['photo'] = proxy_url($p['photo'], false, PROXY_SIZE_SMALL); } + $p['url'] = Contact::magicLink($p['url']); + $tpl = get_markup_template('profile_vcard.tpl'); $o .= replace_macros($tpl, [ '$profile' => $p, @@ -555,16 +556,18 @@ class Profile WHERE `event`.`uid` = ? AND `type` = 'birthday' AND `start` < ? AND `finish` > ? ORDER BY `start` ASC ", local_user(), - datetime_convert('UTC', 'UTC', 'now + 6 days'), - datetime_convert('UTC', 'UTC', 'now') + DateTimeFormat::utc('now + 6 days'), + DateTimeFormat::utcNow() ); if (DBM::is_result($s)) { $r = dba::inArray($s); Cache::set($cachekey, $r, CACHE_HOUR); } } + + $total = 0; + $classtoday = ''; if (DBM::is_result($r)) { - $total = 0; $now = strtotime('now'); $cids = []; @@ -592,14 +595,10 @@ class Profile $cids[] = $rr['cid']; $today = (((strtotime($rr['start'] . ' +00:00') < $now) && (strtotime($rr['finish'] . ' +00:00') > $now)) ? true : false); - $url = $rr['url']; - if ($rr['network'] === NETWORK_DFRN) { - $url = System::baseUrl() . '/redir/' . $rr['cid']; - } - $rr['link'] = $url; + $rr['link'] = Contact::magicLink($rr['url']); $rr['title'] = $rr['name']; - $rr['date'] = day_translate(datetime_convert('UTC', $a->timezone, $rr['start'], $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . L10n::t('[today]') : ''); + $rr['date'] = day_translate(DateTimeFormat::convert($rr['start'], $a->timezone, 'UTC', $rr['adjust'] ? $bd_format : $bd_short)) . (($today) ? ' ' . L10n::t('[today]') : ''); $rr['startime'] = null; $rr['today'] = $today; } @@ -618,11 +617,10 @@ class Profile ]); } - public static function getEvents() + public static function getEventsReminderHTML() { - require_once 'include/bbcode.php'; - $a = get_app(); + $o = ''; if (!local_user() || $a->is_mobile || $a->is_tablet) { return $o; @@ -639,12 +637,26 @@ class Profile $classtoday = ''; $s = dba::p( - "SELECT `event`.* FROM `event` - WHERE `event`.`uid` = ? AND `type` != 'birthday' AND `start` < ? AND `start` >= ? - ORDER BY `start` ASC ", + "SELECT `event`.* + FROM `event` + INNER JOIN `item` + ON `item`.`uid` = `event`.`uid` + AND `item`.`parent-uri` = `event`.`uri` + WHERE `event`.`uid` = ? + AND `event`.`type` != 'birthday' + AND `event`.`start` < ? + AND `event`.`start` >= ? + AND `item`.`author-id` = ? + AND (`item`.`verb` = ? OR `item`.`verb` = ?) + AND `item`.`visible` + AND NOT `item`.`deleted` + ORDER BY `event`.`start` ASC", local_user(), - datetime_convert('UTC', 'UTC', 'now + 7 days'), - datetime_convert('UTC', 'UTC', 'now - 1 days') + DateTimeFormat::utc('now + 7 days'), + DateTimeFormat::utc('now - 1 days'), + public_contact(), + ACTIVITY_ATTEND, + ACTIVITY_ATTENDMAYBE ); $r = []; @@ -657,33 +669,33 @@ class Profile $total ++; } - $strt = datetime_convert('UTC', $rr['convert'] ? $a->timezone : 'UTC', $rr['start'], 'Y-m-d'); - if ($strt === datetime_convert('UTC', $a->timezone, 'now', 'Y-m-d')) { + $strt = DateTimeFormat::convert($rr['start'], $rr['convert'] ? $a->timezone : 'UTC', 'UTC', 'Y-m-d'); + if ($strt === DateTimeFormat::timezoneNow($a->timezone, 'Y-m-d')) { $istoday = true; } - $title = strip_tags(html_entity_decode(bbcode($rr['summary']), ENT_QUOTES, 'UTF-8')); + $title = strip_tags(html_entity_decode(BBCode::convert($rr['summary']), ENT_QUOTES, 'UTF-8')); if (strlen($title) > 35) { $title = substr($title, 0, 32) . '... '; } - $description = substr(strip_tags(bbcode($rr['desc'])), 0, 32) . '... '; + $description = substr(strip_tags(BBCode::convert($rr['desc'])), 0, 32) . '... '; if (!$description) { $description = L10n::t('[No description]'); } - $strt = datetime_convert('UTC', $rr['convert'] ? $a->timezone : 'UTC', $rr['start']); + $strt = DateTimeFormat::convert($rr['start'], $rr['convert'] ? $a->timezone : 'UTC'); - if (substr($strt, 0, 10) < datetime_convert('UTC', $a->timezone, 'now', 'Y-m-d')) { + if (substr($strt, 0, 10) < DateTimeFormat::timezoneNow($a->timezone, 'Y-m-d')) { continue; } - $today = ((substr($strt, 0, 10) === datetime_convert('UTC', $a->timezone, 'now', 'Y-m-d')) ? true : false); + $today = ((substr($strt, 0, 10) === DateTimeFormat::timezoneNow($a->timezone, 'Y-m-d')) ? true : false); $rr['title'] = $title; $rr['description'] = $description; - $rr['date'] = day_translate(datetime_convert('UTC', $rr['adjust'] ? $a->timezone : 'UTC', $rr['start'], $bd_format)) . (($today) ? ' ' . L10n::t('[today]') : ''); + $rr['date'] = day_translate(DateTimeFormat::convert($rr['start'], $rr['adjust'] ? $a->timezone : 'UTC', 'UTC', $bd_format)) . (($today) ? ' ' . L10n::t('[today]') : ''); $rr['startime'] = $strt; $rr['today'] = $today; @@ -720,6 +732,10 @@ class Profile $profile['fullname'] = [L10n::t('Full Name:'), $a->profile['name']]; + if (Feature::isEnabled($uid, 'profile_membersince')) { + $profile['membersince'] = [L10n::t('Member since:'), DateTimeFormat::local($a->profile['register_date'])]; + } + if ($a->profile['gender']) { $profile['gender'] = [L10n::t('Gender:'), $a->profile['gender']]; } @@ -728,16 +744,18 @@ class Profile $year_bd_format = L10n::t('j F, Y'); $short_bd_format = L10n::t('j F'); - $val = intval($a->profile['dob']) ? - day_translate(datetime_convert('UTC', 'UTC', $a->profile['dob'] . ' 00:00 +00:00', $year_bd_format)) - : day_translate(datetime_convert('UTC', 'UTC', '2001-' . substr($a->profile['dob'], 5) . ' 00:00 +00:00', $short_bd_format)); + $val = day_translate( + intval($a->profile['dob']) ? + DateTimeFormat::utc($a->profile['dob'] . ' 00:00 +00:00', $year_bd_format) + : DateTimeFormat::utc('2001-' . substr($a->profile['dob'], 5) . ' 00:00 +00:00', $short_bd_format) + ); $profile['birthday'] = [L10n::t('Birthday:'), $val]; } if (!empty($a->profile['dob']) && $a->profile['dob'] > '0001-01-01' - && $age = age($a->profile['dob'], $a->profile['timezone'], '') + && $age = Temporal::getAgeByTimezone($a->profile['dob'], $a->profile['timezone'], '') ) { $profile['age'] = [L10n::t('Age:'), $age]; } @@ -752,7 +770,7 @@ class Profile } if (strlen($a->profile['howlong']) && $a->profile['howlong'] >= NULL_DATE) { - $profile['howlong'] = relative_date($a->profile['howlong'], L10n::t('for %1$d %2$s')); + $profile['howlong'] = Temporal::getRelativeDate($a->profile['howlong'], L10n::t('for %1$d %2$s')); } if ($a->profile['sexual']) { @@ -929,7 +947,7 @@ class Profile ]; } - if ((!$is_owner) && ((count($a->profile)) || (!$a->profile['hide-friends']))) { + if (!$is_owner && empty($a->profile['hide-friends'])) { $tabs[] = [ 'label' => L10n::t('Contacts'), 'url' => System::baseUrl() . '/viewcontacts/' . $nickname, @@ -961,25 +979,127 @@ class Profile return null; } + /** + * Process the 'zrl' parameter and initiate the remote authentication. + * + * This method checks if the visitor has a public contact entry and + * redirects the visitor to his/her instance to start the magic auth (Authentication) + * process. + * + * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/channel.php + * + * @param App $a Application instance. + */ public static function zrlInit(App $a) { $my_url = self::getMyURL(); $my_url = Network::isUrlValid($my_url); + if ($my_url) { - // Is it a DDoS attempt? - // The check fetches the cached value from gprobe to reduce the load for this system - $urlparts = parse_url($my_url); + if (!local_user()) { + // Is it a DDoS attempt? + // The check fetches the cached value from gprobe to reduce the load for this system + $urlparts = parse_url($my_url); + + $result = Cache::get('gprobe:' . $urlparts['host']); + if ((!is_null($result)) && (in_array($result['network'], [NETWORK_FEED, NETWORK_PHANTOM]))) { + logger('DDoS attempt detected for ' . $urlparts['host'] . ' by ' . $_SERVER['REMOTE_ADDR'] . '. server data: ' . print_r($_SERVER, true), LOGGER_DEBUG); + return; + } - $result = Cache::get('gprobe:' . $urlparts['host']); - if ((!is_null($result)) && (in_array($result['network'], [NETWORK_FEED, NETWORK_PHANTOM]))) { - logger('DDoS attempt detected for ' . $urlparts['host'] . ' by ' . $_SERVER['REMOTE_ADDR'] . '. server data: ' . print_r($_SERVER, true), LOGGER_DEBUG); - return; + Worker::add(PRIORITY_LOW, 'GProbe', $my_url); + $arr = ['zrl' => $my_url, 'url' => $a->cmd]; + Addon::callHooks('zrl_init', $arr); + + // Try to find the public contact entry of the visitor. + $cid = Contact::getIdForURL($my_url); + if (!$cid) { + logger('No contact record found for ' . $my_url, LOGGER_DEBUG); + return; + } + + $contact = dba::selectFirst('contact',['id', 'url'], ['id' => $cid]); + + if (DBM::is_result($contact) && remote_user() && remote_user() == $contact['id']) { + // The visitor is already authenticated. + return; + } + + logger('Not authenticated. Invoking reverse magic-auth for ' . $my_url, LOGGER_DEBUG); + + // Try to avoid recursion - but send them home to do a proper magic auth. + $query = str_replace(array('?zrl=', '&zid='), array('?rzrl=', '&rzrl='), $a->query_string); + // The other instance needs to know where to redirect. + $dest = urlencode(System::baseUrl() . '/' . $query); + + // We need to extract the basebath from the profile url + // to redirect the visitors '/magic' module. + // Note: We should have the basepath of a contact also in the contact table. + $urlarr = explode('/profile/', $contact['url']); + $basepath = $urlarr[0]; + + if ($basepath != System::baseUrl() && !strstr($dest, '/magic') && !strstr($dest, '/rmagic')) { + goaway($basepath . '/magic' . '?f=&owa=1&dest=' . $dest); + } } + } + } - Worker::add(PRIORITY_LOW, 'GProbe', $my_url); - $arr = ['zrl' => $my_url, 'url' => $a->cmd]; - Addon::callHooks('zrl_init', $arr); + /** + * OpenWebAuth authentication. + * + * Ported from Hubzilla: https://framagit.org/hubzilla/core/blob/master/include/zid.php + * + * @param string $token + */ + public static function openWebAuthInit($token) + { + $a = get_app(); + + // Clean old OpenWebAuthToken entries. + OpenWebAuthToken::purge('owt', '3 MINUTE'); + + // Check if the token we got is the same one + // we have stored in the database. + $visitor_handle = OpenWebAuthToken::getMeta('owt', 0, $token); + + if($visitor_handle === false) { + return; + } + + // Try to find the public contact entry of the visitor. + $cid = Contact::getIdForURL($visitor_handle); + if(!$cid) { + logger('owt: unable to finger ' . $visitor_handle, LOGGER_DEBUG); + return; } + + $visitor = dba::selectFirst('contact', [], ['id' => $cid]); + + // Authenticate the visitor. + $_SESSION['authenticated'] = 1; + $_SESSION['visitor_id'] = $visitor['id']; + $_SESSION['visitor_handle'] = $visitor['addr']; + $_SESSION['visitor_home'] = $visitor['url']; + $_SESSION['my_url'] = $visitor['url']; + + $arr = [ + 'visitor' => $visitor, + 'url' => $a->query_string + ]; + /** + * @hooks magic_auth_success + * Called when a magic-auth was successful. + * * \e array \b visitor + * * \e string \b url + */ + Addon::callHooks('magic_auth_success', $arr); + + $a->contact = $arr['visitor']; + + info(L10n::t('OpenWebAuth: %1$s welcomes %2$s', $a->get_hostname(), $visitor['name'])); + + logger('OpenWebAuth: auth success from ' . $visitor['addr'], LOGGER_DEBUG); } public static function zrl($s, $force = false) @@ -1025,4 +1145,26 @@ class Profile return $uid; } + + /** + * Stip zrl parameter from a string. + * + * @param string $s The input string. + * @return string The zrl. + */ + public static function stripZrls($s) + { + return preg_replace('/[\?&]zrl=(.*?)([\?&]|$)/is', '', $s); + } + + /** + * Stip query parameter from a string. + * + * @param string $s The input string. + * @return string The query parameter. + */ + public static function stripQueryParam($s, $param) + { + return preg_replace('/[\?&]' . $param . '=(.*?)(&|$)/ism', '$2', $s); + } }