function findUserId($id)
{
App::import("Model", "MyProfile");
$model = new MyProfile();
$query = $model->find('first', array('conditions' => array('emp_code' => $id)));
return $query['MyProfile']['emp_name'];
}
public function getemplist()
{
App::import("Model", "MyProfile");
$model = new MyProfile();
$empinfo = $model->find('list', array('fields' => array('MyProfile.emp_code', 'MyProfile.emp_name')));
if (!empty($empinfo)) {
return $empinfo;
} else {
return 'No record found';
}
}
function del_friend($uri, $format = 'rdfxml')
{
$uri = urldecode($uri);
$path = $this->get_local_path($this->webid);
// Create the new graph object in which we store data
$graph = new EasyRdf_Graph($this->webid);
$graph->load();
$person = $graph->resource($this->webid);
$graph->deleteResource($person, 'foaf:knows', $uri);
// write profile to file
$data = $graph->serialise($format);
if (!is_scalar($data)) {
$data = var_export($data, true);
} else {
$data = print_r($data, true);
}
$pf = fopen($path . '/foaf.rdf', 'w') or die('Cannot open profile RDF file!');
fwrite($pf, $data);
fclose($pf);
$pf = fopen($path . '/foaf.txt', 'w') or die('Cannot open profile TXT file!');
fwrite($pf, $data);
fclose($pf);
// get the user's name
$friend = new MyProfile($uri, $this->base_uri, SPARQL_ENDPOINT);
$friend->load();
// everything is fine
return success("You have just removed " . $friend->get_name() . " from your list of friends.");
}
// Display any alerts here
if (isset($confirmation)) {
$ret .= $confirmation;
}
if (isset($_REQUEST['webid'])) {
$ret .= '<div>';
$ret .= "<h3 class=\"demoHeaders\">Details for WebID: <a href=\"" . urldecode($_REQUEST['webid']) . "\">";
if (strlen($_REQUEST['webid']) > 50) {
$ret .= substr(urldecode($_REQUEST['webid']), 0, 47) . '...';
} else {
$ret .= urldecode($_REQUEST['webid']);
}
$ret .= "</a></h3><p>(view <a href=\"view.php?html=0&webid=" . urlencode($_REQUEST['webid']) . "\">RDF</a> or \n";
$ret .= "</a></h3><a href=\"view.php?html=1&webid=" . urlencode($_REQUEST['webid']) . "\">normal</a>?)</p><br/>\n";
// graph
$person = new MyProfile(urldecode($_REQUEST['webid']), BASE_URI, SPARQL_ENDPOINT);
$person->load(true);
$graph = $person->get_graph();
$profile = $person->get_profile();
// sameAs is disabled until further notice
//$profile->loadSameAs();
// check if the user has subscribed to local messages
$is_subscribed = strlen($person->get_hash()) > 0 ? true : false;
$ret .= "<table><tr>\n";
// add or remove friends if we have them in our list
if (isset($_SESSION['webid']) && webid_is_local($_SESSION['webid'])) {
if ($_SESSION['myprofile']->is_friend($_REQUEST['webid'])) {
// remove friend
$ret .= "<td style=\"padding-right: 10px; float: left;\"><form action=\"friends.php\" method=\"POST\">\n";
$ret .= "<input type=\"hidden\" name=\"action\" value=\"delfriend\">\n";
$ret .= "<input type=\"hidden\" name=\"webid\" value=\"" . $_REQUEST['webid'] . "\">\n";
$query .= "name = '" . $name . "', ";
$query .= "pic = '" . $pic . "', ";
$query .= "msg = ' " . $msg . "'";
$result = mysql_query($query);
if (!$result) {
// Database error, return a proper HTTP response code with error
$ret .= header("HTTP/1.1 500 Internal Error");
$ret .= header("Status: 500 Internal Error");
$ret .= "<html><body>\n";
$ret .= "Internal error: could not deliver the ping (database error).\n";
$ret .= "</body></html>\n";
} else {
mysql_free_result($result);
// Send a mail too if the receiving user allows it
if (is_subscribed_email($to)) {
$person = new MyProfile(trim($_POST['target']), BASE_URI, SPARQL_ENDPOINT);
$person->load();
$to_name = $person->get_name();
$to_email = $person->get_email();
$from = 'MyProfile Notification System <' . SMTP_USERNAME . '>';
$to = '"' . $to_name . '" <' . clean_mail($to_email) . '>';
$subject = 'You have received a new personal message!';
$headers = array('From' => $from, 'To' => $to, 'Subject' => $subject);
$smtp = Mail::factory('smtp', array('host' => SMTP_SERVER, 'auth' => SMTP_AUTHENTICATION, 'username' => SMTP_USERNAME, 'password' => SMTP_PASSWORD));
$message = '<html><body>';
$message .= '<p>Hello ' . $to_name . ',</p>';
$message .= '<p>You have just received a new message from ' . $name . '! ';
$message .= '<a href="' . BASE_URI . '/messages">Click here</a> to see it.</p>';
$message .= '<br/><p><small>You are receiving this email because you enabled Semantic Pingback notification ';
$message .= '(with email as notification mechanism) for your Personal Profile on <a href="' . BASE_URI . '">' . BASE_URI . '</a>. ';
$message .= 'If you would like to stop receiving email notifications, please check your ';
$total = count_msg_by_hash($owner_hash);
// populate table
$i = 0;
while ($row = mysql_fetch_assoc($result)) {
// get name
$name = $row['name'];
if ($name == '[NULL]') {
$name = $row['name'];
}
// get picture
$pic = $row['pic'];
// get the date and multiply by 1000 for milliseconds, otherwise moment.js breaks
$timestamp = $row['date'] * 1000;
// to whom it is addressed
if (strlen($row['to_uri']) > 0) {
$to_person = new MyProfile($row['to_uri'], $base_uri, SPARQL_ENDPOINT);
$to_person->load();
$to_name = $to_person->get_name();
} else {
$to_name = 'MyProfile';
}
// replace WebIDs with actual names and links to the WebID
$msg = preg_replace_callback("/<(.*)>/Ui", "preg_get_handle_by_webid", $row["msg"]);
// store everything in this table
$ret .= "<table border=\"0\">\n";
// add horizontal line to separate messages
$ret .= "<tr><td></td><td>\n";
$ret .= "<a name=\"post_" . $row['id'] . "\"><hr style=\"border: none; height: 1px; color: #cccccc; background: #cccccc;\"/></a>\n";
$ret .= "</td></tr>\n";
$ret .= "<tr valign=\"top\">\n";
$ret .= "<td width=\"80\" align=\"center\">\n";
function viewShortInfo($webid, $me, $base_uri, $endpoint)
{
// fetch info for webid
$ret = '';
$person = new MyProfile($webid, $base_uri, $endpoint);
$person->load();
$profile = $person->get_profile();
// find if he has me in his list of foaf:knows!
$has_me = false;
if (in_array($me, $profile->all('foaf:knows'))) {
$has_me = true;
}
// check if the user has subscribed to local messages
$is_subscribed = strlen($person->get_hash()) > 0 ? true : false;
// start populating array
$friend = array('webid' => (string) $webid, 'img' => (string) $person->get_picture(), 'name' => (string) $profile->get("foaf:name"), 'nick' => (string) $profile->get("foaf:nick"), 'email' => (string) $profile->get("foaf:mbox"), 'blog' => (string) $profile->get("foaf:weblog"), 'pingback' => (string) $profile->get("http://purl.org/net/pingback/to"), 'hash' => $person->get_hash(), 'hasme' => $has_me);
if (isset($new)) {
$friend['new'] = $new;
}
$ret .= "<table>\n";
$ret .= "<tr bgcolor=\"\"><td>\n";
$ret .= "<table><tr>\n";
$ret .= "<td width=\"70\" style=\"vertical-align: top; padding: 10px;\">\n";
$ret .= "<div align=\"left\"><a href=\"view.php?webid=" . urlencode($friend['webid']) . "\" target=\"_blank\">";
$ret .= "<img title=\"" . $friend['name'] . "\" alt=\"" . $friend['name'] . ".\" width=\"64\" src=\"" . $friend['img'] . "\" />";
$ret .= "</a></div>\n";
$ret .= "</td>\n";
$ret .= "<td><table>\n";
if ($friend['name'] != null) {
$ret .= "<tr><td><strong>" . $friend['name'] . "</strong>\n";
} else {
$ret .= "<tr><td><strong>Anonymous</strong>\n";
}
if ($friend['nick'] != null) {
$ret .= "''" . $friend['nick'] . "''";
}
$ret .= "</td></tr>\n";
if ($friend['hasme'] == true) {
$ret .= "<tr><td><div style=\"color:#60be60;\">Has you as friend.</div></td></tr>\n";
}
//$ret .= "<tr><td> </td></tr>\n";
if ($friend['email'] != null) {
$ret .= "<tr><td>Email: <a href=\"" . $friend['email'] . "\">" . clean_mail($friend['email']) . "</a></td></tr>\n";
}
if ($friend['blog'] != null) {
$ret .= "<tr><td>Blog:<a href=\"" . $friend['blog'] . "\">" . $friend['blog'] . "</a></td></tr>\n";
}
$ret .= "<tr><td>WebID: <a href=\"view.php?webid=" . urlencode($friend['webid']) . "\">" . $friend['webid'] . "</a></td></tr>\n";
$ret .= "</table>\n";
$ret .= "<br/><table>\n";
$ret .= "<tr>\n";
// add or remove friends if we have them in our list
if (isset($_SESSION['webid']) && webid_is_local($_SESSION['webid'])) {
if ($_SESSION['myprofile']->is_friend($webid)) {
// remove friend
$ret .= "<td style=\"padding-right: 10px; float: left;\"><form action=\"friends.php\" method=\"POST\">\n";
$ret .= "<input type=\"hidden\" name=\"action\" value=\"delfriend\">\n";
$ret .= "<input type=\"hidden\" name=\"uri\" value=\"" . $friend['webid'] . "\">\n";
$ret .= "<input src=\"img/actions/remove.png\" type=\"image\" title=\"Remove friend\" name=\"submit\" value=\" Remove \">\n";
$ret .= "</form></td>\n";
} else {
// add friend
$ret .= "<td style=\"padding-right: 10px; float: left;\"><form action=\"friends.php\" method=\"POST\">\n";
$ret .= "<input type=\"hidden\" name=\"action\" value=\"addfriend\">\n";
$ret .= "<input type=\"hidden\" name=\"uri\" value=\"" . $friend['webid'] . "\">\n";
$ret .= "<input src=\"img/actions/add.png\" type=\"image\" title=\"Add friend\" name=\"submit\" value=\" Add \">\n";
$ret .= "</form></td>\n";
}
}
// send messages using the pingback protocol
if ($friend['pingback'] != null) {
$ret .= "<td style=\"padding-right: 10px; float: left;\"><form action=\"messages.php\" method=\"POST\">\n";
$ret .= "<input type=\"hidden\" name=\"new\" value=\"true\">\n";
$ret .= "<input type=\"hidden\" name=\"to\" value=\"" . $friend['webid'] . "\">\n";
$ret .= "<input src=\"img/actions/message.png\" type=\"image\" title=\"Send a message\" name=\"submit\" value=\" Message \" onclick=\"this.form.target='_blank';return true;\">\n";
$ret .= "</form></td>\n";
}
// more functions if the user has previously subscribed to the local services
if ($is_subscribed) {
// Post on the user's wall
$ret .= "<td style=\"padding-right: 10px; float: left;\"><form action=\"wall.php\" method=\"POST\">\n";
$ret .= "<input type=\"hidden\" name=\"user\" value=\"" . $friend['hash'] . "\">\n";
$ret .= "<input src=\"img/actions/wall.png\" type=\"image\" title=\"View posts\" name=\"submit\" value=\" Wall \" onclick=\"this.form.target='_blank';return true;\">\n";
$ret .= "</form></td>\n";
}
$ret .= "<td style=\"padding-right: 10px; float: left;\"><form action=\"friends.php\" method=\"GET\">\n";
$ret .= "<input type=\"hidden\" name=\"webid\" value=\"" . $friend['webid'] . "\">\n";
$ret .= "<input type=\"hidden\" name=\"me\" value=\"" . $me . "\">\n";
$ret .= "<input src=\"img/actions/friends.png\" type=\"image\" title=\"View friends\" name=\"submit\" value=\" Friends \">\n";
$ret .= "</form></td>\n";
$ret .= "</tr></table></p>\n";
$ret .= "</td>\n";
$ret .= "</tr></table>\n";
$ret .= "</td></tr>\n";
$ret .= "</table>\n";
return $ret;
}
function sendPing($to, $message, $base_uri, $verbose = false)
{
$ret = "<br/>\n";
$to = trim($to);
// fetch the user's profile
$person = new MyProfile($to, $base_uri, SPARQL_ENDPOINT);
$person->load();
$profile = $person->get_profile();
$to_name = $person->get_name();
$to_email = $person->get_email();
$pingback_service = $profile->get("pingback:to");
// set form data
$source = $_SESSION['webid'];
// parse the pingback form
$config = array('auto_extract' => 0);
$parser = ARC2::getSemHTMLParser($config);
$parser->parse($pingback_service);
$parser->extractRDF('rdfa');
// load triples
$triples = $parser->getTriples();
// proceed only if the user has defined a pingback:to relation
if ($pingback_service != null) {
if (sizeof($triples) > 0) {
//echo "<pre>" . print_r($triples, true) . "</pre>\n";
foreach ($triples as $triple) {
// proceed only if we have a valid pingback resource
if ($triple['o'] == 'http://purl.org/net/pingback/Container') {
$fields = array('source' => $source, 'target' => $to, 'comment' => $message);
// Should really replace curl with an ajax call
//open connection to pingback service
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch, CURLOPT_URL, $pingback_service);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//execute post
$return = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
//close connection
curl_close($ch);
if ($httpCode == '201' || $httpCode == '202') {
$ret .= success('Message delivered!');
} else {
$ret .= error('Something happened and I couldn\'t deliver the message!');
$ret .= "<p>Details:</p>\n";
$ret .= "</p>" . $return . "</p>\n";
}
break;
}
}
} else {
$ret .= " <p>{$pingback_service} does not comply with semantic pingback standards! Showing the pingback service page instead.</p>\n";
// show frame
$ret .= " <iframe src=\"{$pingback_service}\" width=\"100%\" height=\"300\">\n";
$ret .= " <p>Your browser does not support iframes.</p>\n";
$ret .= " </iframe>\n";
}
} else {
// no valid pingback service found, fallback to AKSW
$ret .= " <p>Could not find a pingback service for the given WebID. Here is a generic pingback service provided by http://pingback.aksw.org/.</p>\n";
$ret .= " <iframe src=\"http://pingback.aksw.org/\" width=\"100%\" height=\"300\">\n";
$ret .= " <p>Your browser does not support iframes.</p>\n";
$ret .= " </iframe>\n";
}
if ($verbose) {
return $ret;
}
}
namespace Ventus\Profile;
//============================================================================================
// Session, configuration file, localization constructor
//============================================================================================
require '../includes/php/bootstrap.php';
$SESSION = new \Zend_Session_Namespace('internal', true);
if (!isset($SESSION->lang)) {
$SESSION->lang = DEFAULT_LANGUAGE;
}
\Locale::setDefault($SESSION->lang);
$l10n->setLanguage($SESSION->lang);
//============================================================================================
// Model
//============================================================================================
$pro = new MyProfile($dbo);
//============================================================================================
// Attempt to log in the user
//============================================================================================
if ($_GET['page'] === 'login') {
//attempt the login
$login = $pro->attemptLogin($_POST['username'], $_POST['password']);
if (!is_null($login)) {
//retrieve profile information from database
$results = $pro->getEmpByUserName($_POST['username']);
$mod = $pro->getEmpModules($_POST['username']);
\Zend_Session::regenerateId();
// Set session variables relevant to that user
$SESSION->user_id = $login['user_id'];
$SESSION->user_name = $login['user_name'];
$SESSION->user_first_name = $login['first_name'];
function load($count = 20, $offset = 0, $activity = False)
{
$posts = '';
$this->offset = $offset;
// display news feed for a certain user
if ($_SESSION['webid'] && $activity == True) {
$webids = sparql_get_people_im_friend_of($_SESSION['webid'], SPARQL_ENDPOINT);
// Prepare the activity stream SQL query only if the user has friends (foaf:knows)
if (sizeof($webids) > 0) {
$query = 'SELECT * FROM pingback_messages WHERE to_hash IS NOT NULL AND wall=\'1\' AND (';
foreach ($webids as $key => $from) {
$add = $key > 0 ? ' OR' : '';
$query .= $add . " from_uri='" . mysql_real_escape_string($from) . "'";
}
$query .= ' OR from_uri="' . mysql_real_escape_string($_SESSION['webid']) . '") ORDER by date DESC LIMIT ' . $count;
// Contains the offset value for fetching wall messages
if (isset($this->offset)) {
$query .= ' OFFSET ' . mysql_real_escape_string($this->offset);
}
$result = mysql_query($query);
if (!$result) {
return 'Unable to connect to the database! Cannot display Activity Stream.';
} else {
$rows = mysql_num_rows($result);
}
}
} else {
// get the last $count messages for a user
$query = 'SELECT * FROM pingback_messages WHERE ' . 'to_hash=\'' . mysql_real_escape_string($this->owner) . '\' ' . 'AND wall=\'1\' ' . 'ORDER by date DESC ' . 'LIMIT ' . $count;
// Contains the offset value for fetching wall messages
if (isset($this->offset)) {
$query .= ' OFFSET ' . mysql_real_escape_string($this->offset);
}
$result = mysql_query($query);
if (!$result) {
return 'Unable to connect to the database! Cannot display wall posts.';
} else {
$rows = mysql_num_rows($result);
}
}
$posts .= '<!-- query=' . htmlentities($query) . ' -->';
if ($rows == 0) {
// There are no messages on the wall
$posts .= "<p><font style=\"font-size: 1.3em;\">There are no messages.</font></p>\n";
mysql_free_result($result);
} else {
// update offset value
$this->offset = $this->offset + $count;
// populate table
$i = 0;
while ($row = mysql_fetch_assoc($result)) {
// get name
$name = $row['name'];
// get picture
$pic = $row['pic'];
// get the date and multiply by 1000 for milliseconds, otherwise moment.js breaks
$timestamp = $row['date'] * 1000;
// to whom it is addressed
if (strlen($row['to_uri']) > 0) {
$to_person = new MyProfile($row['to_uri'], $base_uri, SPARQL_ENDPOINT);
$to_person->load();
$to_name = $to_person->get_name();
} else {
$to_name = 'MyProfile';
}
$msg = htmlentities($row['msg']);
// replace WebIDs with actual names and links to the WebID
$msg = preg_replace_callback("/<(.*)>/Ui", "preg_get_handle_by_webid", $msg);
// store everything in this table
$posts .= "<a class=\"anchor\" name=\"post_" . $row['id'] . "\"></a>\n";
$posts .= "<div class=\"wall-box shadow r3 clearfix\">\n";
$posts .= "<table border=\"0\" class=\"wall-message\" >\n";
$posts .= "<tr valign=\"top\">\n";
$posts .= "<td align=\"left\" class=\"speaker\">\n";
// image
$posts .= "<a class=\"avatar-link\" href=\"view?webid=" . urlencode($row['from_uri']) . "\" target=\"_blank\">";
$posts .= " <img title=\"" . $name . "\" alt=\"" . $name . "\" width=\"50\" src=\"" . $pic . "\" class=\"r5 image\" />";
$posts .= "</a>\n";
$posts .= "</td>\n";
$posts .= "<td>";
$posts .= "<table border=\"0\">\n";
$posts .= "<tr valign=\"top\">\n";
$posts .= "<td>\n";
// author's name
$posts .= "<b><a href=\"view?webid=" . urlencode($row['from_uri']) . "\" target=\"_blank\" style=\"font-color: black;\">";
$posts .= " <span>" . $name . "</span>";
$posts .= "</a></b> wrote ";
// activity stream
if ($activity == True) {
$posts .= "on <a href=\"wall?user="******"\" target=\"_blank\" style=\"font-color: black;\">";
$posts .= $to_name . "'s Wall ";
$posts .= "</a>";
}
// time of post
$posts .= "<font color=\"grey\">";
$posts .= "<span id=\"date_" . $row['id'] . "\">";
$posts .= "<script type=\"text/javascript\">\$('#date_" . $row['id'] . "').text(moment(" . $timestamp . ").from());</script>";
$posts .= "</span></font>\n";
$posts .= "<span class=\"pull-right\"><a href=\"#post_" . $row['id'] . "\">Link to this post.</a></span>\n";
$posts .= "</td>\n";
$posts .= "</tr>\n";
// message
$posts .= "<tr>\n";
$posts .= "<td><div id=\"message_" . $row['id'] . "\"><pre class=\"wall-message\" id=\"message_text_" . $row['id'] . "\">\n";
$posts .= put_links($msg);
/*
$ret .= put_links(preg_replace('/(.*?)(<.*?>|$)/se', 'html_entity_decode("$1").htmlentities("$2")', $row['msg']));
*/
$posts .= "</pre></div></td>\n";
$posts .= "</tr>\n";
// show options only if we are the source of the post
$posts .= "<tr>\n";
$posts .= "<td class=\"options\">";
if ($_SESSION['webid'] && ($_SESSION['webid'] == $row['from_uri'] || $_SESSION['webid'] == $row['to_uri'] && $this->owner && $this->owner != 'local')) {
$add = '?user='******'message_text_" . $row['id'] . "', 'wall" . $add . "', '" . $row['id'] . "')\" style=\"cursor: pointer;\">Edit</a>";
// add option to delete post
$posts .= " | <a href=\"wall" . $add . "&del=" . $row['id'] . "\">Delete</a>\n";
}
// show vote counters and buttons for logged users
$posts .= "<div class=\"options-vote\">" . add_vote_buttons($row['id']) . "</div>\n";
$posts .= "</td>\n";
$posts .= "</tr>\n";
$posts .= "</table>\n";
$posts .= "</td>\n";
$posts .= "</tr>\n";
$posts .= "</table>\n";
$posts .= "</div>\n";
$i++;
}
mysql_free_result($result);
}
if ($rows >= $count) {
$posts .= "<input type=\"button\" class=\"r5 btn loadmore\" id=\"more_" . $row['id'] . "\" value=\"Load more\" onclick=\"loadWall('wall', 'more_" . $row['id'] . "', '20', '" . $this->offset . "', '{$this->owner}', '" . $activity . "')\" />\n";
}
return $posts;
}
namespace Ventus\Profile;
//============================================================================================
// Session, configuration file, localization constructor
//============================================================================================
require '../includes/php/bootstrap.php';
$SESSION = new \Zend_Session_Namespace('internal', true);
if (!isset($SESSION->lang)) {
$SESSION->lang = DEFAULT_LANGUAGE;
}
\Locale::setDefault($SESSION->lang);
$l10n->setLanguage($SESSION->lang);
//============================================================================================
// Model
//============================================================================================
$pro = new MyProfile($dbo);
$stats = new ProfileStatistics($dbo);
//============================================================================================
// Load the content
//============================================================================================
if (!isset($_GET['page'])) {
$render = true;
$emp = $pro->getEmpByUserName($SESSION->user_name);
$modules = $pro->getEmpModules($SESSION->user_name);
$all_emps = $pro->getAllEmps();
foreach ($all_emps as $key => $a) {
if (file_exists(FS_IMAGES . "/users/" . $a['user_name'] . ".jpg")) {
$all_emps[$key]['emp_image'] = "https://" . URL_IMAGES . "/users/" . $a['user_name'] . ".jpg";
} else {
$all_emps[$key]['emp_image'] = "https://" . URL_IMAGES . "/users/default.jpg";
}
* INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
* PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
* HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
* OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
require 'include.php';
$ret = '';
$notification = '';
// fetch the WebID of the wall's owner
if (isset($_REQUEST['user']) && (strlen($_REQUEST['user']) > 0 && $_REQUEST['user'] != 'local')) {
$wall_on = 'wall-on';
check_auth(IDP, $page_uri);
$owner_webid = get_webid_by_hash(trim($_REQUEST['user']));
// fetch owner's profile
$profile = new MyProfile($owner_webid, $base_uri, SPARQL_ENDPOINT);
$profile->load();
$owner_name = $profile->get_name();
$feed_hash = get_feed_by_hash($_REQUEST['user']);
$owner_hash = $_REQUEST['user'];
// display private wall only if the requesting user is a friend or the wall owner
if ($profile->is_friend($_SESSION['webid']) || $_SESSION['user_hash'] == $_REQUEST['user']) {
$feed_hash = get_feed_by_hash($_REQUEST['user']);
$owner_hash = $_REQUEST['user'];
// mark all wall messages as read when the user checks his personal wall
if ($_SESSION['webid'] == $owner_webid) {
$query = "UPDATE pingback_messages SET new='0' WHERE ";
$query .= "to_hash='" . mysql_real_escape_string($_SESSION['user_hash']) . "' ";
$query .= "AND wall='1'";
$result = mysql_query($query);
if (!$result) {
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is furnished
* to do so, subject to the following conditions:
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
* INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
* PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
* HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
* OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
require_once 'include.php';
// load a specific webid instead of the logged user
if (isset($_REQUEST['webid'])) {
$person = new MyProfile(urldecode($_REQUEST['webid']), BASE_URI, SPARQL_ENDPOINT);
$person->load();
$profile = $person->get_profile();
} else {
// verify if we're logged in or not, so we get the user's list of contacts
check_auth(IDP, $page_uri);
$profile = $_SESSION['myprofile']->get_profile();
}
$user = $profile->get("foaf:name");
$search = isset($_REQUEST['search']) ? $_REQUEST['search'] : '';
$form = "";
$form .= "<div>\n";
$form .= "<form action=\"lookup.php\" method=\"GET\">\n";
$form .= "Looking for someone? <input type=\"text\" name=\"search\" placeholder=\"name, nickname or WebID\" value=\"" . $search . "\" style=\"width: 400px;\">\n";
$form .= "<input class=\"btn btn-primary\" type=\"submit\" name=\"submit\" value=\" Search \">\n";
$form .= "</form></div>\n";
function recover($webid)
{
// hexa string of 20 chars
$hash = sha1(trim($webid) . uniqid(microtime(true), true));
$webid = trim($webid);
// find if a recovery email exists or not for the given WebID
$query = "SELECT email FROM recovery WHERE webid='" . mysql_real_escape_string($webid) . "'";
$result = mysql_query($query);
if (!$result) {
die('Unable to connect to the database!');
} else {
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
$email = $row['email'];
mysql_free_result($result);
// set the hash
$query = "UPDATE recovery SET " . "recovery_hash='" . $hash . "' " . "WHERE webid='" . mysql_real_escape_string($webid) . "'";
$result = mysql_query($query);
if (!$result) {
return error('Unable to connect to the database!');
} else {
// send the email
$person = new MyProfile(trim($webid), BASE_URI, SPARQL_ENDPOINT);
$person->load();
$to_name = $person->get_name();
$from = 'MyProfile Recovery System <' . SMTP_USERNAME . '>';
$to = '"' . $to_name . '" <' . clean_mail($email) . '>';
$subject = 'Instructions to recover your account on ' . BASE_URI . '.';
$headers = array('From' => $from, 'To' => $to, 'Subject' => $subject);
$smtp = Mail::factory('smtp', array('host' => SMTP_SERVER, 'auth' => SMTP_AUTHENTICATION, 'username' => SMTP_USERNAME, 'password' => SMTP_PASSWORD));
$message = '<html><body>';
$message .= '<p>Hello ' . $to_name . ',</p>';
$message .= '<p>You have requested to recover your personal account on ' . BASE_URI . '. ';
$message .= 'Please click <a href="' . BASE_URI . '/recovery?recovery_code=' . $hash . '">' . BASE_URI . '/recovery?recovery_code=' . $hash . '</a> to proceed.</p>';
$message .= '<p>Alternatively, you can recover your account by visiting this page: <a href="' . BASE_URI . '/recovery">' . BASE_URI . '/recovery</a> and typing or pasting the following recovery code:</p>';
$message .= '<p>';
$message .= '<strong>' . $hash . '</strong> ';
$message .= '</p>';
$message .= '<p>Important! Do not forget that once you are logged in, you can obtain a new certificate by going to your <a href="https://my-profile.eu/view">profile page</a> and then clicking on the "Certificate" icon under "Actions for this profile".</p>';
$message .= '<br /><p><hr /></p>';
$message .= '<p><small>This is an automated email generate by <a href="https://my-profile.eu/">MyProfile</a> and you do not need to respond to it.</small></p>';
$message .= '</body></html>';
$crlf = "\n";
$mime = new Mail_Mime(array('eol' => $crlf));
$mime->setHTMLBody($message);
$mimeparams = array();
$mimeparams['html_charset'] = "UTF-8";
$mimeparams['head_charset'] = "UTF-8";
$headers = $mime->headers($headers);
$body = $mime->get($mimeparams);
$mail = $smtp->send($to, $headers, $body);
if (PEAR::isError($mail)) {
$ret .= error('Sendmail: ' . $mail->getMessage());
}
return success('An email has been sent to the recovery address you have specified.');
}
} else {
return error('You did not provide a recovery email address!');
}
}
}
