id="user-profile-image"
src="<?php echo $realProfileImagePathXS; ?>"
srcset="<?php echo $realProfileImagePath; ?> 1024w, <?php echo $realProfileImagePathSM; ?> 512w, <?php echo $realProfileImagePathXS; ?> 128w"
alt="Profile image" />
<?php if($isViewingSelf) { ?>
<button class="btn btn-default col-xs-12 col-md-6 col-lg-3" id="expose-uploader">
Change Profile Image
</button>
<?php } ?>
</div>
<?php echo getElement("name", $viewUser->getName(), "row", true); ?>
<?php
$dateCreated = date("d F Y", $userdata["creation"]);
echo getElement("user since", $dateCreated, "row", true); ?>
<?php echo getElement("email", $viewUser->getUsername(), "row", true); ?>
<?php echo getElement("phone", $viewUser->getPhone(), "row from-base-profile"); ?>
<?php echo getElement("twitter", $social["twitter"], "row social twitter"); ?>
<?php echo getElement("google plus", $social["google_plus"], "row social google_plus"); ?>
<?php echo getElement("linkedin", $social["linkedin"], "row social linkedin"); ?>
<?php echo getElement("facebook", $social["facebook"], "row social facebook"); ?>
</div>
<div id="institution-profile" class="col-xs-12 col-md-6 profile-region" data-source="institution">
<h3>Institution Information</h3>
<?php echo getElement("institution", $place["name"]); ?>
<?php echo getElement("department", $place["department"]); ?>
<div class="profile-data address">
<address
data-number="<?php echo $place['street_number']; ?>"
data-street="<?php echo $place['street']; ?>"
data-country="<?php echo $place['country_code']; ?>"
function addAlternateEmail($get)
{
$alternate = $get["email"];
$user = $get["username"];
if (empty($get["username"])) {
return array("status" => false, "error" => "INVALID_PARAMETERS", "human_error" => "This function needs the parameter 'username' specified.");
}
$u = new UserFunctions();
if ($u->getUsername() != $user) {
return array("status" => false, "error" => "NOT_LOGGED_IN", "human_error" => "Sorry, you must be logged in to add an alternate email");
}
return $u->setAlternateEmail($alternate);
}
$deferredScriptBlock = "<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js'></script>\n<script type='text/javascript' src='" . $relative_path . "js/loadJQuery.js'></script>\n<script type='text/javascript'>\nvar loadLast = function () {\n try {\n {$deferredJS}\n }\n catch (e)\n {\n console.error(\"Couldn't load deferred calls\");\n }\n}\n</script>";
header("Refresh: 2; url=" . $baseurl);
ob_end_flush();
$login_output .= "<h1>Logging out ...</h1>" . $deferredScriptBlock;
}
try {
$logged_in = $user->validateUser($_COOKIE[$cookielink]);
if (!$user->has2FA() && $require_two_factor === true && !isset($_REQUEST['2fa']) && $logged_in && $_REQUEST['q'] != 'logout') {
# If require two factor is on, always force it post login
header("Refresh: 0; url=" . $self_url . "?2fa=t");
$deferredJS .= "\nwindow.location.href=\"" . $self_url . "?2fa=t\";";
ob_end_flush();
}
# This should only show when there isn't two factor enabled ...
$twofactor = $user->has2FA() ? "Remove two-factor authentication" : "Add two-factor authentication";
$phone_verify_template = "<form id='verify_phone' onsubmit='event.preventDefault();'>\n <input type='tel' id='phone' name='phone' value='" . $user->getPhone() . "' readonly='readonly'/>\n <input type='hidden' id='username' name='username' value='" . $user->getUsername() . "'/>\n <button id='verify_phone_button' class='btn btn-primary'>Verify Phone Now</button>\n <p>\n <small>\n <a href='#' id='verify_later'>\n Verify Later\n </a>\n </small>\n </p>\n</form>";
try {
$needPhone = !$user->canSMS();
$deferredJS .= "console.log('Needs phone? '," . strbool($needPhone) . "," . DBHelper::staticSanitize($user->getPhone()) . ");\n";
$altPhone = "<p>Congratulations! Your phone number is verified.</p>";
} catch (Exception $e) {
$needPhone = false;
$deferredJS .= "console.warn('An exception was thrown checking for SMS-ability:','" . $e->getMessage() . "');\n";
$altPhone = "<p>You don't have a phone number registered with us. Please go to account settings and add a phone number.</p>";
}
$verifyphone_link = $needPhone ? "<li><a href='?q=verify'>Verify Phone</a></li>" : null;
$phone_verify_form = $needPhone ? $phone_verify_template : $altPhone;
} catch (Exception $e) {
# There have been no cookies set.
$logged_in = false;
$twofactor = "Please log in.";
function readProjectData($get, $precleaned = false, $debug = false)
{
/***
*
***/
global $db, $login_status;
if ($precleaned) {
$project = $get;
} else {
$project = $db->sanitize($get['project']);
}
$userdata = $login_status['detail'];
unset($userdata['source']);
unset($userdata['iv']);
unset($userdata['userdata']['random_seed']);
unset($userdata['userdata']['special_1']);
unset($userdata['userdata']['special_2']);
unset($userdata['userdata']['su_flag']);
unset($userdata['userdata']['admin_flag']);
# Base response
$response = array('status' => false, 'error' => 'UNPROCESSED_READ', 'human_error' => 'Server error handling project read', 'project' => array('project_id' => $project, 'public' => false), 'user' => array('user' => $login_status['detail']['userdata']['dblink'], 'has_edit_permissions' => false, 'has_view_permissions' => false, 'is_author' => false));
if ($debug) {
$response['debug'] = array();
}
# Actual projecting
$query = 'SELECT * FROM ' . $db->getTable() . " WHERE `project_id`='" . $project . "'";
if ($debug) {
$response['debug']['query'] = $query;
}
$l = $db->openDB();
$r = mysqli_query($l, $query);
$row = mysqli_fetch_assoc($r);
# First check the user auth
$uid = $userdata['uid'];
if ($debug) {
$pc = array('checked_id' => $uid, 'checked_data' => $row, 'performed_query' => $query);
$response['debug']['permissions'] = $pc;
}
$permission = checkProjectAuthorized($row, $uid);
if ($permission['can_view'] !== true) {
$response['human_error'] = 'You are not authorized to view this project';
$response['error'] = 'ACCESS_AUTHORIZATION_FAILED';
$response['details'] = $permission;
return $response;
}
# It's good, so set permissions
$response['user']['has_edit_permissions'] = $permission['can_edit'];
$response['user']['has_view_permissions'] = $permission['can_view'];
$response['user']['is_author'] = $permission['is_author'];
# Rewrite the users to be more practical
$u = new UserFunctions($row['author'], 'dblink');
$detail = $u->getUser($row['author']);
$accessData = array('editors' => array(), 'viewers' => array(), 'total' => array(), 'editors_list' => array(), 'viewers_list' => array(), 'author' => $u->getUsername(), 'composite' => array(), 'raw' => $row['access_data']);
# Add the author to the lists
$accessData['editors_list'][] = $u->getUsername();
$accessData['total'][] = $u->getUsername();
$accessData['editors'][] = $u->getHardlink();
$accessData['composite'][$u->getUsername()] = $u->getHardlink();
# Editors
foreach ($permission['editors'] as $editor) {
# Get the editor data
$u = new UserFunctions($editor, 'dblink');
$detail = $u->getUser($editor);
$editor = array('email' => $u->getUsername(), 'user_id' => $u->getHardlink());
$accessData['editors'][] = $editor;
$accessData['editors_list'][] = $u->getUsername();
$accessData['total'][] = $u->getUsername();
$accessData['composite'][$u->getUsername()] = $editor;
}
foreach ($permission['viewers'] as $viewer) {
# Get the viewer data
$u = new UserFunctions($viewer, 'dblink');
$detail = $u->getUser($viewer);
$viewer = array('email' => $u->getUsername(), 'user_id' => $u->getHardlink());
$accessData['viewers'][] = $viewer;
$accessData['viewers_list'][] = $u->getUsername();
$accessData['composite'][$u->getUsername()] = $viewer;
if (!in_array($accessData['total'], $u->getUsername())) {
$accessData['total'][] = $u->getUsername();
}
}
sort($accessData['total']);
# Replace the dumb permissions
$row['access_data'] = $accessData;
# Append it
$row['public'] = boolstr($row['public']);
$row['includes_anura'] = boolstr($row['includes_anura']);
$row['includes_caudata'] = boolstr($row['includes_caudata']);
$row['includes_gymnophiona'] = boolstr($row['includes_gymnophiona']);
$response['project'] = $row;
# Do we want to flag if the current user is a superuser?
# Return it!
$response['status'] = true;
$response['error'] = null;
$response['human_error'] = null;
$response['project_id'] = $project;
$response['project_id_raw'] = $get['project'];
return $response;
}
