X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FUpdate%2FProfile.php;h=53406e195f82d9760141cce847c5a5332f5d0416;hb=21f172c585aff8c606774a05fde1548ddff1667d;hp=f660d96be6a904cb14112a8de8f22eb30d69b820;hpb=ef0400fc19529b1204c1cecf69b0beed5725ffbb;p=friendica.git diff --git a/src/Module/Update/Profile.php b/src/Module/Update/Profile.php index f660d96be6..53406e195f 100644 --- a/src/Module/Update/Profile.php +++ b/src/Module/Update/Profile.php @@ -1,6 +1,6 @@ get('system', 'block_public') && !local_user() && !Session::getRemoteContactID($a->profile['uid'])) { + // Ensure we've got a profile owner if updating. + $a->setProfileOwner((int)($request['p'] ?? 0)); + + if (DI::config()->get('system', 'block_public') && !DI::userSession()->getLocalUserId() && !DI::userSession()->getRemoteContactID($a->getProfileOwner())) { throw new ForbiddenException(); } - $profile_uid = intval($_GET['p'] ?? 0); - - // Ensure we've got a profile owner if updating. - $a->profile['uid'] = $profile_uid; - - $remote_contact = Session::getRemoteContactID($a->profile['uid']); - $is_owner = local_user() == $a->profile['uid']; - $last_updated_key = "profile:" . $a->profile['uid'] . ":" . local_user() . ":" . $remote_contact; + $remote_contact = DI::userSession()->getRemoteContactID($a->getProfileOwner()); + $is_owner = DI::userSession()->getLocalUserId() == $a->getProfileOwner(); + $last_updated_key = "profile:" . $a->getProfileOwner() . ":" . DI::userSession()->getLocalUserId() . ":" . $remote_contact; - if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) { - throw new ForbiddenException(DI::l10n()->t('Access to this profile has been restricted.')); + if (!DI::userSession()->isAuthenticated()) { + $user = User::getById($a->getProfileOwner(), ['hidewall']); + if ($user['hidewall']) { + throw new ForbiddenException(DI::l10n()->t('Access to this profile has been restricted.')); + } } $o = ''; - if (empty($_GET['force']) && DI::pConfig()->get(local_user(), 'system', 'no_auto_update')) { + if (empty($request['force'])) { System::htmlUpdateExit($o); } // Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups - $sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid']); + $sql_extra = Item::getPermissionsSQLByUserId($a->getProfileOwner()); - $last_updated_array = Session::get('last_updated', []); + $last_updated_array = DI::session()->get('last_updated', []); $last_updated = $last_updated_array[$last_updated_key] ?? 0; - // If the page user is the owner of the page we should query for unseen - // items. Otherwise use a timestamp of the last succesful update request. - if ($is_owner || !$last_updated) { - $sql_extra4 = " AND `unseen`"; + $condition = ["`uid` = ? AND NOT `contact-blocked` AND NOT `contact-pending` + AND `visible` AND (NOT `deleted` OR `gravity` = ?) + AND `wall` " . $sql_extra, $a->getProfileOwner(), Item::GRAVITY_ACTIVITY]; + + if ($request['force'] && !empty($request['item'])) { + // When the parent is provided, we only fetch this + $condition = DBA::mergeConditions($condition, ['parent' => $request['item']]); + } elseif ($is_owner || !$last_updated) { + // If the page user is the owner of the page we should query for unseen + // items. Otherwise use a timestamp of the last succesful update request. + $condition = DBA::mergeConditions($condition, ['unseen' => true]); } else { $gmupdate = gmdate(DateTimeFormat::MYSQL, $last_updated); - $sql_extra4 = " AND `received` > '" . $gmupdate . "'"; + $condition = DBA::mergeConditions($condition, ["`received` > ?", $gmupdate]); } - $items_stmt = DBA::p( - "SELECT DISTINCT(`parent-uri-id`) AS `uri-id`, `created` FROM `post-view` - WHERE `uid` = ? AND NOT `contact-blocked` AND NOT `contact-pending` - AND `visible` AND (NOT `deleted` OR `gravity` = ?) - AND NOT `moderated` AND `wall` $sql_extra4 $sql_extra - ORDER BY `received` DESC", - $a->profile['uid'], - GRAVITY_ACTIVITY - ); - - if (!DBA::isResult($items_stmt)) { - return ''; + $items = Post::selectToArray(['parent-uri-id', 'created', 'received'], $condition, ['group_by' => ['parent-uri-id'], 'order' => ['received' => true]]); + if (!DBA::isResult($items)) { + return; } + // @todo the DBA functions should handle "SELECT field AS alias" in the future, + // so that this workaround here could be removed. + $items = array_map(function ($item) { + $item['uri-id'] = $item['parent-uri-id']; + unset($item['parent-uri-id']); + return $item; + }, $items); + // Set a time stamp for this page. We will make use of it when we // search for new items (update routine) $last_updated_array[$last_updated_key] = time(); - Session::set('last_updated', $last_updated_array); + DI::session()->set('last_updated', $last_updated_array); - if ($is_owner && !$profile_uid && !DI::config()->get('theme', 'hide_eventlist')) { + if ($is_owner && !$a->getProfileOwner() && !DI::config()->get('theme', 'hide_eventlist')) { $o .= ProfileModel::getBirthdays(); $o .= ProfileModel::getEventsReminderHTML(); } if ($is_owner) { - $unseen = Post::exists(['wall' => true, 'unseen' => true, 'uid' => local_user()]); + $unseen = Post::exists(['wall' => true, 'unseen' => true, 'uid' => DI::userSession()->getLocalUserId()]); if ($unseen) { - Item::update(['unseen' => false], ['wall' => true, 'unseen' => true, 'uid' => local_user()]); + Item::update(['unseen' => false], ['wall' => true, 'unseen' => true, 'uid' => DI::userSession()->getLocalUserId()]); } } - $items = DBA::toArray($items_stmt); - - $o .= conversation($a, $items, 'profile', $profile_uid, false, 'received', $a->profile['uid']); + $o .= DI::conversation()->create($items, Conversation::MODE_PROFILE, $a->getProfileOwner(), false, 'received', $a->getProfileOwner()); System::htmlUpdateExit($o); }