X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FUpdate%2FProfile.php;h=be15820e45d5ea24c95c8fb25208c6dda773acb2;hb=f609386ca11d805838f5526261068a69b489eab0;hp=b22e607d40394dd55fe03014c4d35421650623a6;hpb=2a431b580f2e8f6a596e84175932e793678cde63;p=friendica.git diff --git a/src/Module/Update/Profile.php b/src/Module/Update/Profile.php index b22e607d40..be15820e45 100644 --- a/src/Module/Update/Profile.php +++ b/src/Module/Update/Profile.php @@ -1,6 +1,6 @@ get('system', 'block_public') && !local_user() && !Session::getRemoteContactID($a->profile['uid'])) { + // Ensure we've got a profile owner if updating. + $a->setProfileOwner((int)($_GET['p'] ?? 0)); + + if (DI::config()->get('system', 'block_public') && !DI::userSession()->getLocalUserId() && !DI::userSession()->getRemoteContactID($a->getProfileOwner())) { throw new ForbiddenException(); } - $profile_uid = intval($_GET['p'] ?? 0); - - // Ensure we've got a profile owner if updating. - $a->profile['uid'] = $profile_uid; - - $remote_contact = Session::getRemoteContactID($a->profile['uid']); - $is_owner = local_user() == $a->profile['uid']; - $last_updated_key = "profile:" . $a->profile['uid'] . ":" . local_user() . ":" . $remote_contact; + $remote_contact = DI::userSession()->getRemoteContactID($a->getProfileOwner()); + $is_owner = DI::userSession()->getLocalUserId() == $a->getProfileOwner(); + $last_updated_key = "profile:" . $a->getProfileOwner() . ":" . DI::userSession()->getLocalUserId() . ":" . $remote_contact; - if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) { - throw new ForbiddenException(DI::l10n()->t('Access to this profile has been restricted.')); + if (!$is_owner && !$remote_contact) { + $user = User::getById($a->getProfileOwner(), ['hidewall']); + if ($user['hidewall']) { + throw new ForbiddenException(DI::l10n()->t('Access to this profile has been restricted.')); + } } $o = ''; - if (empty($_GET['force']) && DI::pConfig()->get(local_user(), 'system', 'no_auto_update')) { + if (empty($_GET['force']) && DI::pConfig()->get(DI::userSession()->getLocalUserId(), 'system', 'no_auto_update')) { System::htmlUpdateExit($o); } // Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups - $sql_extra = Item::getPermissionsSQLByUserId($a->profile['uid']); + $sql_extra = Item::getPermissionsSQLByUserId($a->getProfileOwner()); - $last_updated_array = Session::get('last_updated', []); + $last_updated_array = DI::session()->get('last_updated', []); $last_updated = $last_updated_array[$last_updated_key] ?? 0; + $condition = ["`uid` = ? AND NOT `contact-blocked` AND NOT `contact-pending` + AND `visible` AND (NOT `deleted` OR `gravity` = ?) + AND `wall` " . $sql_extra, $a->getProfileOwner(), Item::GRAVITY_ACTIVITY]; + if ($_GET['force'] && !empty($_GET['item'])) { // When the parent is provided, we only fetch this - $sql_extra4 = " AND `parent` = " . intval($_GET['item']); + $condition = DBA::mergeConditions($condition, ['parent' => $_GET['item']]); } elseif ($is_owner || !$last_updated) { // If the page user is the owner of the page we should query for unseen // items. Otherwise use a timestamp of the last succesful update request. - $sql_extra4 = " AND `unseen`"; + $condition = DBA::mergeConditions($condition, ['unseen' => true]); } else { $gmupdate = gmdate(DateTimeFormat::MYSQL, $last_updated); - $sql_extra4 = " AND `received` > '" . $gmupdate . "'"; + $condition = DBA::mergeConditions($condition, ["`received` > ?", $gmupdate]); } - $items_stmt = DBA::p( - "SELECT `parent-uri-id` AS `uri-id`, MAX(`created`), MAX(`received`) FROM `post-user-view` - WHERE `uid` = ? AND NOT `contact-blocked` AND NOT `contact-pending` - AND `visible` AND (NOT `deleted` OR `gravity` = ?) - AND `wall` $sql_extra4 $sql_extra - GROUP BY `parent-uri-id` ORDER BY `received` DESC", - $a->profile['uid'], - GRAVITY_ACTIVITY - ); - - if (!DBA::isResult($items_stmt)) { - return ''; + $items = Post::selectToArray(['parent-uri-id', 'created', 'received'], $condition, ['group_by' => ['parent-uri-id'], 'order' => ['received' => true]]); + if (!DBA::isResult($items)) { + return; } + // @todo the DBA functions should handle "SELECT field AS alias" in the future, + // so that this workaround here could be removed. + $items = array_map(function ($item) { + $item['uri-id'] = $item['parent-uri-id']; + unset($item['parent-uri-id']); + return $item; + }, $items); + // Set a time stamp for this page. We will make use of it when we // search for new items (update routine) $last_updated_array[$last_updated_key] = time(); - Session::set('last_updated', $last_updated_array); + DI::session()->set('last_updated', $last_updated_array); - if ($is_owner && !$profile_uid && !DI::config()->get('theme', 'hide_eventlist')) { + if ($is_owner && !$a->getProfileOwner() && !DI::config()->get('theme', 'hide_eventlist')) { $o .= ProfileModel::getBirthdays(); $o .= ProfileModel::getEventsReminderHTML(); } if ($is_owner) { - $unseen = Post::exists(['wall' => true, 'unseen' => true, 'uid' => local_user()]); + $unseen = Post::exists(['wall' => true, 'unseen' => true, 'uid' => DI::userSession()->getLocalUserId()]); if ($unseen) { - Item::update(['unseen' => false], ['wall' => true, 'unseen' => true, 'uid' => local_user()]); + Item::update(['unseen' => false], ['wall' => true, 'unseen' => true, 'uid' => DI::userSession()->getLocalUserId()]); } } - $items = DBA::toArray($items_stmt); - - $o .= conversation($a, $items, 'profile', $profile_uid, false, 'received', $a->profile['uid']); + $o .= DI::conversation()->create($items, 'profile', $a->getProfileOwner(), false, 'received', $a->getProfileOwner()); System::htmlUpdateExit($o); }