function vcard_from_xchan($xchan, $observer = null, $mode = '') { $a = get_app(); if (!$xchan) { if (App::$poi) { $xchan = App::$poi; } elseif (is_array(App::$profile) && App::$profile['channel_hash']) { $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc(App::$profile['channel_hash'])); if ($r) { $xchan = $r[0]; } } } if (!$xchan) { return; } // FIXME - show connect button to observer if appropriate $connect = false; if (local_channel()) { $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($xchan['xchan_hash']), intval(local_channel())); if (!$r) { $connect = t('Connect'); } } if (array_key_exists('channel_id', $xchan)) { App::$profile_uid = $xchan['channel_id']; } $url = $observer ? z_root() . '/magic?f=&dest=' . $xchan['xchan_url'] . '&addr=' . $xchan['xchan_addr'] : $xchan['xchan_url']; return replace_macros(get_markup_template('xchan_vcard.tpl'), array('$name' => $xchan['xchan_name'], '$photo' => is_array(App::$profile) && array_key_exists('photo', App::$profile) ? App::$profile['photo'] : $xchan['xchan_photo_l'], '$follow' => $xchan['xchan_addr'], '$link' => zid($xchan['xchan_url']), '$connect' => $connect, '$newwin' => $mode === 'chanview' ? t('New window') : '', '$newtit' => t('Open the selected location in a different window or browser tab'), '$url' => $url)); }
function init() { if (!local_channel()) { notice(t('Permission denied.') . EOL); return; } if (count($_GET) < 2) { $network_options = get_pconfig(local_channel(), 'system', 'network_page_default'); if ($network_options) { goaway('network' . '?f=&' . $network_options); } } $channel = \App::get_channel(); \App::$profile_uid = local_channel(); head_set_icon($channel['xchan_photo_s']); }
function init() { if (!local_channel()) { return; } if ($_SESSION['delegate']) { return; } \App::$profile_uid = local_channel(); // default is channel settings in the absence of other arguments if (argc() == 1) { // We are setting these values - don't use the argc(), argv() functions here \App::$argc = 2; \App::$argv[] = 'channel'; } }
function get($update = 0, $load = false) { if ($load) { $_SESSION['loadtime'] = datetime_convert(); } $checkjs = new \Zotlabs\Web\CheckJS(1); $category = $datequery = $datequery2 = ''; $mid = x($_REQUEST, 'mid') ? $_REQUEST['mid'] : ''; $datequery = x($_GET, 'dend') && is_a_date_arg($_GET['dend']) ? notags($_GET['dend']) : ''; $datequery2 = x($_GET, 'dbegin') && is_a_date_arg($_GET['dbegin']) ? notags($_GET['dbegin']) : ''; if (observer_prohibited(true)) { return login(); } $category = x($_REQUEST, 'cat') ? $_REQUEST['cat'] : ''; $hashtags = x($_REQUEST, 'tag') ? $_REQUEST['tag'] : ''; $groups = array(); $o = ''; if ($update) { // Ensure we've got a profile owner if updating. \App::$profile['profile_uid'] = \App::$profile_uid = $update; } else { if (\App::$profile['profile_uid'] == local_channel()) { nav_set_selected('home'); } } $is_owner = local_channel() && \App::$profile['profile_uid'] == local_channel() ? true : false; $channel = \App::get_channel(); $observer = \App::get_observer(); $ob_hash = $observer ? $observer['xchan_hash'] : ''; $perms = get_all_perms(\App::$profile['profile_uid'], $ob_hash); if (!$perms['view_stream']) { // We may want to make the target of this redirect configurable if ($perms['view_profile']) { notice(t('Insufficient permissions. Request redirected to profile page.') . EOL); goaway(z_root() . "/profile/" . \App::$profile['channel_address']); } notice(t('Permission denied.') . EOL); return; } if (!$update) { $o .= profile_tabs($a, $is_owner, \App::$profile['channel_address']); $o .= common_friends_visitor_widget(\App::$profile['profile_uid']); if ($channel && $is_owner) { $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']); } else { $channel_acl = array(); } if ($perms['post_wall']) { $x = array('is_owner' => $is_owner, 'allow_location' => ($is_owner || $observer) && intval(get_pconfig(\App::$profile['profile_uid'], 'system', 'use_browser_location')) ? true : false, 'default_location' => $is_owner ? \App::$profile['channel_location'] : '', 'nickname' => \App::$profile['channel_address'], 'lockstate' => strlen(\App::$profile['channel_allow_cid']) || strlen(\App::$profile['channel_allow_gid']) || strlen(\App::$profile['channel_deny_cid']) || strlen(\App::$profile['channel_deny_gid']) ? 'lock' : 'unlock', 'acl' => $is_owner ? populate_acl($channel_acl, true, \PermissionDescription::fromGlobalPermission('view_stream'), get_post_aclDialogDescription(), 'acl_dialog_post') : '', 'showacl' => $is_owner ? 'yes' : '', 'bang' => '', 'visitor' => $is_owner || $observer ? true : false, 'profile_uid' => \App::$profile['profile_uid'], 'editor_autocomplete' => true, 'bbco_autocomplete' => 'bbcode', 'bbcode' => true); $o .= status_editor($a, $x); } } /** * Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups */ $item_normal = item_normal(); $sql_extra = item_permissions_sql(\App::$profile['profile_uid']); if (get_pconfig(\App::$profile['profile_uid'], 'system', 'channel_list_mode') && !$mid) { $page_mode = 'list'; } else { $page_mode = 'client'; } $abook_uids = " and abook.abook_channel = " . intval(\App::$profile['profile_uid']) . " "; $simple_update = $update ? " AND item_unseen = 1 " : ''; \App::$page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . \App::$query_string) . '" title="oembed" />' . "\r\n"; if ($update && $_SESSION['loadtime']) { $simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC', 'UTC', $_SESSION['loadtime']) . "' ) "; } if ($load) { $simple_update = ''; } if ($update && !$load) { if ($mid) { $r = q("SELECT parent AS item_id from item where mid like '%s' and uid = %d {$item_normal}\n\t\t\t\t\tAND item_wall = 1 AND item_unseen = 1 {$sql_extra} limit 1", dbesc($mid . '%'), intval(\App::$profile['profile_uid'])); } else { $r = q("SELECT distinct parent AS `item_id`, created from item\n\t\t\t\t\tleft join abook on ( item.owner_xchan = abook.abook_xchan {$abook_uids} )\n\t\t\t\t\tWHERE uid = %d {$item_normal}\n\t\t\t\t\tAND item_wall = 1 {$simple_update}\n\t\t\t\t\tAND (abook.abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t{$sql_extra}\n\t\t\t\t\tORDER BY created DESC", intval(\App::$profile['profile_uid'])); $_SESSION['loadtime'] = datetime_convert(); } } else { if (x($category)) { $sql_extra .= protect_sprintf(term_query('item', $category, TERM_CATEGORY)); } if (x($hashtags)) { $sql_extra .= protect_sprintf(term_query('item', $hashtags, TERM_HASHTAG, TERM_COMMUNITYTAG)); } if ($datequery) { $sql_extra2 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery)))); } if ($datequery2) { $sql_extra2 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2)))); } $itemspage = get_pconfig(local_channel(), 'system', 'itemspage'); \App::set_pager_itemspage(intval($itemspage) ? $itemspage : 20); $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']), intval(\App::$pager['start'])); if ($load || $checkjs->disabled()) { if ($mid) { $r = q("SELECT parent AS item_id from item where mid = '%s' and uid = %d {$item_normal}\n\t\t\t\t\t\tAND item_wall = 1 {$sql_extra} limit 1", dbesc($mid), intval(\App::$profile['profile_uid'])); if (!$r) { notice(t('Permission denied.') . EOL); } } else { $r = q("SELECT distinct id AS item_id, created FROM item \n\t\t\t\t\t\tleft join abook on item.author_xchan = abook.abook_xchan\n\t\t\t\t\t\tWHERE uid = %d {$item_normal}\n\t\t\t\t\t\tAND item_wall = 1 and item_thread_top = 1\n\t\t\t\t\t\tAND (abook_blocked = 0 or abook.abook_flags is null)\n\t\t\t\t\t\t{$sql_extra} {$sql_extra2}\n\t\t\t\t\t\tORDER BY created DESC {$pager_sql} ", intval(\App::$profile['profile_uid'])); } } else { $r = array(); } } if ($r) { $parents_str = ids_to_querystr($r, 'item_id'); $items = q("SELECT `item`.*, `item`.`id` AS `item_id` \n\t\t\t\tFROM `item`\n\t\t\t\tWHERE `item`.`uid` = %d {$item_normal}\n\t\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t\t{$sql_extra} ", intval(\App::$profile['profile_uid']), dbesc($parents_str)); xchan_query($items); $items = fetch_post_tags($items, true); $items = conv_sort($items, 'created'); if ($load && $mid && !count($items)) { // This will happen if we don't have sufficient permissions // to view the parent item (or the item itself if it is toplevel) notice(t('Permission denied.') . EOL); } } else { $items = array(); } if (!$update && !$load) { // This is ugly, but we can't pass the profile_uid through the session to the ajax updater, // because browser prefetching might change it on us. We have to deliver it with the page. $maxheight = get_pconfig(\App::$profile['profile_uid'], 'system', 'channel_divmore_height'); if (!$maxheight) { $maxheight = 400; } $o .= '<div id="live-channel"></div>' . "\r\n"; $o .= "<script> var profile_uid = " . \App::$profile['profile_uid'] . "; var netargs = '?f='; var profile_page = " . \App::$pager['page'] . "; divmore_height = " . intval($maxheight) . "; </script>\r\n"; \App::$page['htmlhead'] .= replace_macros(get_markup_template("build_query.tpl"), array('$baseurl' => z_root(), '$pgtype' => 'channel', '$uid' => \App::$profile['profile_uid'] ? \App::$profile['profile_uid'] : '0', '$gid' => '0', '$cid' => '0', '$cmin' => '0', '$cmax' => '0', '$star' => '0', '$liked' => '0', '$conv' => '0', '$spam' => '0', '$nouveau' => '0', '$wall' => '1', '$fh' => '0', '$page' => \App::$pager['page'] != 1 ? \App::$pager['page'] : 1, '$search' => '', '$order' => '', '$list' => x($_REQUEST, 'list') ? intval($_REQUEST['list']) : 0, '$file' => '', '$cats' => $category ? $category : '', '$tags' => $hashtags ? $hashtags : '', '$mid' => $mid, '$verb' => '', '$dend' => $datequery, '$dbegin' => $datequery2)); } $update_unseen = ''; if ($page_mode === 'list') { /** * in "list mode", only mark the parent item and any like activities as "seen". * We won't distinguish between comment likes and post likes. The important thing * is that the number of unseen comments will be accurate. The SQL to separate the * comment likes could also get somewhat hairy. */ if ($parents_str) { $update_unseen = " AND ( id IN ( " . dbesc($parents_str) . " )"; $update_unseen .= " OR ( parent IN ( " . dbesc($parents_str) . " ) AND verb in ( '" . dbesc(ACTIVITY_LIKE) . "','" . dbesc(ACTIVITY_DISLIKE) . "' ))) "; } } else { if ($parents_str) { $update_unseen = " AND parent IN ( " . dbesc($parents_str) . " )"; } } if ($is_owner && $update_unseen) { $r = q("UPDATE item SET item_unseen = 0 where item_unseen = 1 and item_wall = 1 AND uid = %d {$update_unseen}", intval(local_channel())); } if ($checkjs->disabled()) { $o .= conversation($a, $items, 'channel', $update, 'traditional'); } else { $o .= conversation($a, $items, 'channel', $update, $page_mode); } if (!$update || $checkjs->disabled()) { $o .= alt_pager($a, count($items)); if ($mid && $items[0]['title']) { \App::$page['title'] = $items[0]['title'] . " - " . \App::$page['title']; } } if ($mid) { $o .= '<div id="content-complete"></div>'; } return $o; }
/** * @brief Loads a profile into the App structure. * * The function requires a writeable copy of the main App structure, and the * nickname of a valid channel. * * Permissions of the current observer are checked. If a restricted profile is available * to the current observer, that will be loaded instead of the channel default profile. * * The channel owner can set $profile to a valid profile_guid to preview that profile. * * The channel default theme is also selected for use, unless over-riden elsewhere. * * @param string $nickname * @param string $profile */ function profile_load($nickname, $profile = '') { // logger('profile_load: ' . $nickname . (($profile) ? ' profile: ' . $profile : '')); $user = q("select channel_id from channel where channel_address = '%s' and channel_removed = 0 limit 1", dbesc($nickname)); if (!$user) { logger('profile error: ' . App::$query_string, LOGGER_DEBUG); notice(t('Requested channel is not available.') . EOL); App::$error = 404; return; } // get the current observer $observer = App::get_observer(); $can_view_profile = true; // Can the observer see our profile? require_once 'include/permissions.php'; if (!perm_is_allowed($user[0]['channel_id'], $observer['xchan_hash'], 'view_profile')) { $can_view_profile = false; } if (!$profile) { $r = q("SELECT abook_profile FROM abook WHERE abook_xchan = '%s' and abook_channel = '%d' limit 1", dbesc($observer['xchan_hash']), intval($user[0]['channel_id'])); if ($r) { $profile = $r[0]['abook_profile']; } } $p = null; if ($profile) { $p = q("SELECT profile.uid AS profile_uid, profile.*, channel.* FROM profile\n\t\t\t\tLEFT JOIN channel ON profile.uid = channel.channel_id\n\t\t\t\tWHERE channel.channel_address = '%s' AND profile.profile_guid = '%s' LIMIT 1", dbesc($nickname), dbesc($profile)); } if (!$p) { $p = q("SELECT profile.uid AS profile_uid, profile.*, channel.* FROM profile\n\t\t\tLEFT JOIN channel ON profile.uid = channel.channel_id\n\t\t\tWHERE channel.channel_address = '%s' and channel_removed = 0\n\t\t\tAND profile.is_default = 1 LIMIT 1", dbesc($nickname)); } if (!$p) { logger('profile error: ' . App::$query_string, LOGGER_DEBUG); notice(t('Requested profile is not available.') . EOL); App::$error = 404; return; } $q = q("select * from profext where hash = '%s' and channel_id = %d", dbesc($p[0]['profile_guid']), intval($p[0]['profile_uid'])); if ($q) { $extra_fields = array(); require_once 'include/channel.php'; $profile_fields_basic = get_profile_fields_basic(); $profile_fields_advanced = get_profile_fields_advanced(); $advanced = feature_enabled(local_channel(), 'advanced_profiles') ? true : false; if ($advanced) { $fields = $profile_fields_advanced; } else { $fields = $profile_fields_basic; } foreach ($q as $qq) { foreach ($fields as $k => $f) { if ($k == $qq['k']) { $p[0][$k] = $qq['v']; $extra_fields[] = $k; break; } } } } $p[0]['extra_fields'] = $extra_fields; $z = q("select xchan_photo_date, xchan_addr from xchan where xchan_hash = '%s' limit 1", dbesc($p[0]['channel_hash'])); if ($z) { $p[0]['picdate'] = $z[0]['xchan_photo_date']; $p[0]['reddress'] = str_replace('@', '@', $z[0]['xchan_addr']); } // fetch user tags if this isn't the default profile if (!$p[0]['is_default']) { $x = q("select `keywords` from `profile` where uid = %d and `is_default` = 1 limit 1", intval($p[0]['profile_uid'])); if ($x && $can_view_profile) { $p[0]['keywords'] = $x[0]['keywords']; } } if ($p[0]['keywords']) { $keywords = str_replace(array('#', ',', ' ', ',,'), array('', ' ', ',', ','), $p[0]['keywords']); if (strlen($keywords) && $can_view_profile) { App::$page['htmlhead'] .= '<meta name="keywords" content="' . htmlentities($keywords, ENT_COMPAT, 'UTF-8') . '" />' . "\r\n"; } } App::$profile = $p[0]; App::$profile_uid = $p[0]['profile_uid']; App::$page['title'] = App::$profile['channel_name'] . " - " . channel_reddress(App::$profile); App::$profile['permission_to_view'] = $can_view_profile; if ($can_view_profile) { $online = get_online_status($nickname); App::$profile['online_status'] = $online['result']; } if (local_channel()) { App::$profile['channel_mobile_theme'] = get_pconfig(local_channel(), 'system', 'mobile_theme'); $_SESSION['mobile_theme'] = App::$profile['channel_mobile_theme']; } /* * load/reload current theme info */ // $_SESSION['theme'] = $p[0]['channel_theme']; }