Beispiel #1
0
 function del_friend($uri, $format = 'rdfxml')
 {
     $uri = urldecode($uri);
     $path = $this->get_local_path($this->webid);
     // Create the new graph object in which we store data
     $graph = new EasyRdf_Graph($this->webid);
     $graph->load();
     $person = $graph->resource($this->webid);
     $graph->deleteResource($person, 'foaf:knows', $uri);
     // write profile to file
     $data = $graph->serialise($format);
     if (!is_scalar($data)) {
         $data = var_export($data, true);
     } else {
         $data = print_r($data, true);
     }
     $pf = fopen($path . '/foaf.rdf', 'w') or die('Cannot open profile RDF file!');
     fwrite($pf, $data);
     fclose($pf);
     $pf = fopen($path . '/foaf.txt', 'w') or die('Cannot open profile TXT file!');
     fwrite($pf, $data);
     fclose($pf);
     // get the user's name
     $friend = new MyProfile($uri, $this->base_uri, SPARQL_ENDPOINT);
     $friend->load();
     // everything is fine
     return success("You have just removed " . $friend->get_name() . " from your list of friends.");
 }
Beispiel #2
0
 $query .= "msg = ' " . $msg . "'";
 $result = mysql_query($query);
 if (!$result) {
     // Database error, return a proper HTTP response code with error
     $ret .= header("HTTP/1.1 500 Internal Error");
     $ret .= header("Status: 500 Internal Error");
     $ret .= "<html><body>\n";
     $ret .= "Internal error: could not deliver the ping (database error).\n";
     $ret .= "</body></html>\n";
 } else {
     mysql_free_result($result);
     // Send a mail too if the receiving user allows it
     if (is_subscribed_email($to)) {
         $person = new MyProfile(trim($_POST['target']), BASE_URI, SPARQL_ENDPOINT);
         $person->load();
         $to_name = $person->get_name();
         $to_email = $person->get_email();
         $from = 'MyProfile Notification System <' . SMTP_USERNAME . '>';
         $to = '"' . $to_name . '" <' . clean_mail($to_email) . '>';
         $subject = 'You have received a new personal message!';
         $headers = array('From' => $from, 'To' => $to, 'Subject' => $subject);
         $smtp = Mail::factory('smtp', array('host' => SMTP_SERVER, 'auth' => SMTP_AUTHENTICATION, 'username' => SMTP_USERNAME, 'password' => SMTP_PASSWORD));
         $message = '<html><body>';
         $message .= '<p>Hello ' . $to_name . ',</p>';
         $message .= '<p>You have just received a new message from ' . $name . '! ';
         $message .= '<a href="' . BASE_URI . '/messages">Click here</a> to see it.</p>';
         $message .= '<br/><p><small>You are receiving this email because you enabled Semantic Pingback notification ';
         $message .= '(with email as notification mechanism) for your Personal Profile on <a href="' . BASE_URI . '">' . BASE_URI . '</a>. ';
         $message .= 'If you would like to stop receiving email notifications, please check your ';
         $message .= '   <a href="' . BASE_URI . '/subscription.php">subscription settings</a>.</small></p>';
         $message .= '<p><small>You do not need to respond to this automated email.</small></p>';
Beispiel #3
0
function sendPing($to, $message, $base_uri, $verbose = false)
{
    $ret = "<br/>\n";
    $to = trim($to);
    // fetch the user's profile
    $person = new MyProfile($to, $base_uri, SPARQL_ENDPOINT);
    $person->load();
    $profile = $person->get_profile();
    $to_name = $person->get_name();
    $to_email = $person->get_email();
    $pingback_service = $profile->get("pingback:to");
    // set form data
    $source = $_SESSION['webid'];
    // parse the pingback form
    $config = array('auto_extract' => 0);
    $parser = ARC2::getSemHTMLParser($config);
    $parser->parse($pingback_service);
    $parser->extractRDF('rdfa');
    // load triples
    $triples = $parser->getTriples();
    // proceed only if the user has defined a pingback:to relation
    if ($pingback_service != null) {
        if (sizeof($triples) > 0) {
            //echo "<pre>" . print_r($triples, true) . "</pre>\n";
            foreach ($triples as $triple) {
                // proceed only if we have a valid pingback resource
                if ($triple['o'] == 'http://purl.org/net/pingback/Container') {
                    $fields = array('source' => $source, 'target' => $to, 'comment' => $message);
                    // Should really replace curl with an ajax call
                    //open connection to pingback service
                    $ch = curl_init();
                    //set the url, number of POST vars, POST data
                    curl_setopt($ch, CURLOPT_URL, $pingback_service);
                    curl_setopt($ch, CURLOPT_POST, count($fields));
                    curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
                    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                    //execute post
                    $return = curl_exec($ch);
                    $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
                    //close connection
                    curl_close($ch);
                    if ($httpCode == '201' || $httpCode == '202') {
                        $ret .= success('Message delivered!');
                    } else {
                        $ret .= error('Something happened and I couldn\'t deliver the message!');
                        $ret .= "<p>Details:</p>\n";
                        $ret .= "</p>" . $return . "</p>\n";
                    }
                    break;
                }
            }
        } else {
            $ret .= "   <p>{$pingback_service} does not comply with semantic pingback standards! Showing the pingback service page instead.</p>\n";
            // show frame
            $ret .= "   <iframe src=\"{$pingback_service}\" width=\"100%\" height=\"300\">\n";
            $ret .= "   <p>Your browser does not support iframes.</p>\n";
            $ret .= "   </iframe>\n";
        }
    } else {
        // no valid pingback service found, fallback to AKSW
        $ret .= "   <p>Could not find a pingback service for the given WebID. Here is a generic pingback service provided by http://pingback.aksw.org/.</p>\n";
        $ret .= "   <iframe src=\"http://pingback.aksw.org/\" width=\"100%\" height=\"300\">\n";
        $ret .= "   <p>Your browser does not support iframes.</p>\n";
        $ret .= "   </iframe>\n";
    }
    if ($verbose) {
        return $ret;
    }
}
Beispiel #4
0
 function load($count = 20, $offset = 0, $activity = False)
 {
     $posts = '';
     $this->offset = $offset;
     // display news feed for a certain user
     if ($_SESSION['webid'] && $activity == True) {
         $webids = sparql_get_people_im_friend_of($_SESSION['webid'], SPARQL_ENDPOINT);
         // Prepare the activity stream SQL query only if the user has friends (foaf:knows)
         if (sizeof($webids) > 0) {
             $query = 'SELECT * FROM pingback_messages WHERE to_hash IS NOT NULL AND wall=\'1\' AND (';
             foreach ($webids as $key => $from) {
                 $add = $key > 0 ? ' OR' : '';
                 $query .= $add . " from_uri='" . mysql_real_escape_string($from) . "'";
             }
             $query .= ' OR from_uri="' . mysql_real_escape_string($_SESSION['webid']) . '") ORDER by date DESC LIMIT ' . $count;
             // Contains the offset value for fetching wall messages
             if (isset($this->offset)) {
                 $query .= ' OFFSET ' . mysql_real_escape_string($this->offset);
             }
             $result = mysql_query($query);
             if (!$result) {
                 return 'Unable to connect to the database! Cannot display Activity Stream.';
             } else {
                 $rows = mysql_num_rows($result);
             }
         }
     } else {
         // get the last $count messages for a user
         $query = 'SELECT * FROM pingback_messages WHERE ' . 'to_hash=\'' . mysql_real_escape_string($this->owner) . '\' ' . 'AND wall=\'1\' ' . 'ORDER by date DESC ' . 'LIMIT ' . $count;
         // Contains the offset value for fetching wall messages
         if (isset($this->offset)) {
             $query .= ' OFFSET ' . mysql_real_escape_string($this->offset);
         }
         $result = mysql_query($query);
         if (!$result) {
             return 'Unable to connect to the database! Cannot display wall posts.';
         } else {
             $rows = mysql_num_rows($result);
         }
     }
     $posts .= '<!-- query=' . htmlentities($query) . ' -->';
     if ($rows == 0) {
         // There are no messages on the wall
         $posts .= "<p><font style=\"font-size: 1.3em;\">There are no messages.</font></p>\n";
         mysql_free_result($result);
     } else {
         // update offset value
         $this->offset = $this->offset + $count;
         // populate table
         $i = 0;
         while ($row = mysql_fetch_assoc($result)) {
             // get name
             $name = $row['name'];
             // get picture
             $pic = $row['pic'];
             // get the date and multiply by 1000 for milliseconds, otherwise moment.js breaks
             $timestamp = $row['date'] * 1000;
             // to whom it is addressed
             if (strlen($row['to_uri']) > 0) {
                 $to_person = new MyProfile($row['to_uri'], $base_uri, SPARQL_ENDPOINT);
                 $to_person->load();
                 $to_name = $to_person->get_name();
             } else {
                 $to_name = 'MyProfile';
             }
             $msg = htmlentities($row['msg']);
             // replace WebIDs with actual names and links to the WebID
             $msg = preg_replace_callback("/&lt;(.*)&gt;/Ui", "preg_get_handle_by_webid", $msg);
             // store everything in this table
             $posts .= "<a class=\"anchor\" name=\"post_" . $row['id'] . "\"></a>\n";
             $posts .= "<div class=\"wall-box shadow r3 clearfix\">\n";
             $posts .= "<table border=\"0\" class=\"wall-message\" >\n";
             $posts .= "<tr valign=\"top\">\n";
             $posts .= "<td align=\"left\" class=\"speaker\">\n";
             // image
             $posts .= "<a class=\"avatar-link\" href=\"view?webid=" . urlencode($row['from_uri']) . "\" target=\"_blank\">";
             $posts .= " <img title=\"" . $name . "\" alt=\"" . $name . "\" width=\"50\" src=\"" . $pic . "\" class=\"r5 image\" />";
             $posts .= "</a>\n";
             $posts .= "</td>\n";
             $posts .= "<td>";
             $posts .= "<table border=\"0\">\n";
             $posts .= "<tr valign=\"top\">\n";
             $posts .= "<td>\n";
             // author's name
             $posts .= "<b><a href=\"view?webid=" . urlencode($row['from_uri']) . "\" target=\"_blank\" style=\"font-color: black;\">";
             $posts .= "   <span>" . $name . "</span>";
             $posts .= "</a></b> wrote ";
             // activity stream
             if ($activity == True) {
                 $posts .= "on <a href=\"wall?user="******"\" target=\"_blank\" style=\"font-color: black;\">";
                 $posts .= $to_name . "'s Wall ";
                 $posts .= "</a>";
             }
             // time of post
             $posts .= "<font color=\"grey\">";
             $posts .= "<span id=\"date_" . $row['id'] . "\">";
             $posts .= "<script type=\"text/javascript\">\$('#date_" . $row['id'] . "').text(moment(" . $timestamp . ").from());</script>";
             $posts .= "</span></font>\n";
             $posts .= "<span class=\"pull-right\"><a href=\"#post_" . $row['id'] . "\">Link to this post.</a></span>\n";
             $posts .= "</td>\n";
             $posts .= "</tr>\n";
             // message
             $posts .= "<tr>\n";
             $posts .= "<td><div id=\"message_" . $row['id'] . "\"><pre class=\"wall-message\" id=\"message_text_" . $row['id'] . "\">\n";
             $posts .= put_links($msg);
             /*
                   $ret .= put_links(preg_replace('/(.*?)(<.*?>|$)/se', 'html_entity_decode("$1").htmlentities("$2")', $row['msg'])); 
             */
             $posts .= "</pre></div></td>\n";
             $posts .= "</tr>\n";
             // show options only if we are the source of the post
             $posts .= "<tr>\n";
             $posts .= "<td class=\"options\">";
             if ($_SESSION['webid'] && ($_SESSION['webid'] == $row['from_uri'] || $_SESSION['webid'] == $row['to_uri'] && $this->owner && $this->owner != 'local')) {
                 $add = '?user='******'message_text_" . $row['id'] . "', 'wall" . $add . "', '" . $row['id'] . "')\" style=\"cursor: pointer;\">Edit</a>";
                 // add option to delete post
                 $posts .= " | <a href=\"wall" . $add . "&del=" . $row['id'] . "\">Delete</a>\n";
             }
             // show vote counters and buttons for logged users
             $posts .= "<div class=\"options-vote\">" . add_vote_buttons($row['id']) . "</div>\n";
             $posts .= "</td>\n";
             $posts .= "</tr>\n";
             $posts .= "</table>\n";
             $posts .= "</td>\n";
             $posts .= "</tr>\n";
             $posts .= "</table>\n";
             $posts .= "</div>\n";
             $i++;
         }
         mysql_free_result($result);
     }
     if ($rows >= $count) {
         $posts .= "<input type=\"button\" class=\"r5 btn loadmore\" id=\"more_" . $row['id'] . "\" value=\"Load more\" onclick=\"loadWall('wall', 'more_" . $row['id'] . "', '20', '" . $this->offset . "', '{$this->owner}', '" . $activity . "')\" />\n";
     }
     return $posts;
 }
Beispiel #5
0
 *  HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 
 *  OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 
 *  SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */
require 'include.php';
$ret = '';
$notification = '';
// fetch the WebID of the wall's owner
if (isset($_REQUEST['user']) && (strlen($_REQUEST['user']) > 0 && $_REQUEST['user'] != 'local')) {
    $wall_on = 'wall-on';
    check_auth(IDP, $page_uri);
    $owner_webid = get_webid_by_hash(trim($_REQUEST['user']));
    // fetch owner's profile
    $profile = new MyProfile($owner_webid, $base_uri, SPARQL_ENDPOINT);
    $profile->load();
    $owner_name = $profile->get_name();
    $feed_hash = get_feed_by_hash($_REQUEST['user']);
    $owner_hash = $_REQUEST['user'];
    // display private wall only if the requesting user is a friend or the wall owner
    if ($profile->is_friend($_SESSION['webid']) || $_SESSION['user_hash'] == $_REQUEST['user']) {
        $feed_hash = get_feed_by_hash($_REQUEST['user']);
        $owner_hash = $_REQUEST['user'];
        // mark all wall messages as read when the user checks his personal wall
        if ($_SESSION['webid'] == $owner_webid) {
            $query = "UPDATE pingback_messages SET new='0' WHERE ";
            $query .= "to_hash='" . mysql_real_escape_string($_SESSION['user_hash']) . "' ";
            $query .= "AND wall='1'";
            $result = mysql_query($query);
            if (!$result) {
                $ret .= error('Database error while trying to update message status!');
            } else {
Beispiel #6
0
 function recover($webid)
 {
     // hexa string of 20 chars
     $hash = sha1(trim($webid) . uniqid(microtime(true), true));
     $webid = trim($webid);
     // find if a recovery email exists or not for the given WebID
     $query = "SELECT email FROM recovery WHERE webid='" . mysql_real_escape_string($webid) . "'";
     $result = mysql_query($query);
     if (!$result) {
         die('Unable to connect to the database!');
     } else {
         if (mysql_num_rows($result) > 0) {
             $row = mysql_fetch_assoc($result);
             $email = $row['email'];
             mysql_free_result($result);
             // set the hash
             $query = "UPDATE recovery SET " . "recovery_hash='" . $hash . "' " . "WHERE webid='" . mysql_real_escape_string($webid) . "'";
             $result = mysql_query($query);
             if (!$result) {
                 return error('Unable to connect to the database!');
             } else {
                 // send the email
                 $person = new MyProfile(trim($webid), BASE_URI, SPARQL_ENDPOINT);
                 $person->load();
                 $to_name = $person->get_name();
                 $from = 'MyProfile Recovery System <' . SMTP_USERNAME . '>';
                 $to = '"' . $to_name . '" <' . clean_mail($email) . '>';
                 $subject = 'Instructions to recover your account on ' . BASE_URI . '.';
                 $headers = array('From' => $from, 'To' => $to, 'Subject' => $subject);
                 $smtp = Mail::factory('smtp', array('host' => SMTP_SERVER, 'auth' => SMTP_AUTHENTICATION, 'username' => SMTP_USERNAME, 'password' => SMTP_PASSWORD));
                 $message = '<html><body>';
                 $message .= '<p>Hello ' . $to_name . ',</p>';
                 $message .= '<p>You have requested to recover your personal account on ' . BASE_URI . '. ';
                 $message .= 'Please click <a href="' . BASE_URI . '/recovery?recovery_code=' . $hash . '">' . BASE_URI . '/recovery?recovery_code=' . $hash . '</a> to proceed.</p>';
                 $message .= '<p>Alternatively, you can recover your account by visiting this page: <a href="' . BASE_URI . '/recovery">' . BASE_URI . '/recovery</a> and typing or pasting the following recovery code:</p>';
                 $message .= '<p>';
                 $message .= '<strong>' . $hash . '</strong> ';
                 $message .= '</p>';
                 $message .= '<p>Important! Do not forget that once you are logged in, you can obtain a new certificate by going to your <a href="https://my-profile.eu/view">profile page</a> and then clicking on the "Certificate" icon under "Actions for this profile".</p>';
                 $message .= '<br /><p><hr /></p>';
                 $message .= '<p><small>This is an automated email generate by <a href="https://my-profile.eu/">MyProfile</a> and you do not need to respond to it.</small></p>';
                 $message .= '</body></html>';
                 $crlf = "\n";
                 $mime = new Mail_Mime(array('eol' => $crlf));
                 $mime->setHTMLBody($message);
                 $mimeparams = array();
                 $mimeparams['html_charset'] = "UTF-8";
                 $mimeparams['head_charset'] = "UTF-8";
                 $headers = $mime->headers($headers);
                 $body = $mime->get($mimeparams);
                 $mail = $smtp->send($to, $headers, $body);
                 if (PEAR::isError($mail)) {
                     $ret .= error('Sendmail: ' . $mail->getMessage());
                 }
                 return success('An email has been sent to the recovery address you have specified.');
             }
         } else {
             return error('You did not provide a recovery email address!');
         }
     }
 }