Exemplo n.º 1
0
function update_1177()
{
    require_once "mod/profiles.php";
    $profiles = q("SELECT `uid`, `about`, `locality`, `pub_keywords`, `gender` FROM `profile` WHERE `is-default`");
    foreach ($profiles as $profile) {
        if ($profile["about"] . $profile["locality"] . $profile["pub_keywords"] . $profile["gender"] == "") {
            continue;
        }
        $profile["pub_keywords"] = profile_clean_keywords($profile["pub_keywords"]);
        $r = q("UPDATE `contact` SET `about` = '%s', `location` = '%s', `keywords` = '%s', `gender` = '%s' WHERE `self` AND `uid` = %d", dbesc($profile["about"]), dbesc($profile["locality"]), dbesc($profile["pub_keywords"]), dbesc($profile["gender"]), intval($profile["uid"]));
    }
}
Exemplo n.º 2
0
function profiles_post(&$a)
{
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $namechanged = false;
    call_hooks('profile_post', $_POST);
    if ($a->argc > 1 && $a->argv[1] !== "new" && intval($a->argv[1])) {
        $orig = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), intval(local_user()));
        if (!count($orig)) {
            notice(t('Profile not found.') . EOL);
            return;
        }
        check_form_security_token_redirectOnErr('/profiles', 'profile_edit');
        $is_default = $orig[0]['is-default'] ? 1 : 0;
        $profile_name = notags(trim($_POST['profile_name']));
        if (!strlen($profile_name)) {
            notice(t('Profile Name is required.') . EOL);
            return;
        }
        $dob = $_POST['dob'] ? escape_tags(trim($_POST['dob'])) : '0000-00-00';
        // FIXME: Needs to be validated?
        $y = substr($dob, 0, 4);
        if (!ctype_digit($y) || $y < 1900) {
            $ignore_year = true;
        } else {
            $ignore_year = false;
        }
        if ($dob != '0000-00-00') {
            if (strpos($dob, '0000-') === 0) {
                $ignore_year = true;
                $dob = substr($dob, 5);
            }
            $dob = datetime_convert('UTC', 'UTC', $ignore_year ? '1900-' . $dob : $dob, $ignore_year ? 'm-d' : 'Y-m-d');
            if ($ignore_year) {
                $dob = '0000-' . $dob;
            }
        }
        $name = notags(trim($_POST['name']));
        if (!strlen($name)) {
            $name = '[No Name]';
        }
        if ($orig[0]['name'] != $name) {
            $namechanged = true;
        }
        $pdesc = notags(trim($_POST['pdesc']));
        $gender = notags(trim($_POST['gender']));
        $address = notags(trim($_POST['address']));
        $locality = notags(trim($_POST['locality']));
        $region = notags(trim($_POST['region']));
        $postal_code = notags(trim($_POST['postal_code']));
        $country_name = notags(trim($_POST['country_name']));
        $pub_keywords = profile_clean_keywords(notags(trim($_POST['pub_keywords'])));
        $prv_keywords = profile_clean_keywords(notags(trim($_POST['prv_keywords'])));
        $marital = notags(trim($_POST['marital']));
        $howlong = notags(trim($_POST['howlong']));
        $with = x($_POST, 'with') ? notags(trim($_POST['with'])) : '';
        if (!strlen($howlong)) {
            $howlong = '0000-00-00 00:00:00';
        } else {
            $howlong = datetime_convert(date_default_timezone_get(), 'UTC', $howlong);
        }
        // linkify the relationship target if applicable
        $withchanged = false;
        if (strlen($with)) {
            if ($with != strip_tags($orig[0]['with'])) {
                $withchanged = true;
                $prf = '';
                $lookup = $with;
                if (strpos($lookup, '@') === 0) {
                    $lookup = substr($lookup, 1);
                }
                $lookup = str_replace('_', ' ', $lookup);
                if (strpos($lookup, '@') || strpos($lookup, 'http://')) {
                    $newname = $lookup;
                    $links = @lrdd($lookup);
                    if (count($links)) {
                        foreach ($links as $link) {
                            if ($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
                                $prf = $link['@attributes']['href'];
                            }
                        }
                    }
                } else {
                    $newname = $lookup;
                    /*					if(strstr($lookup,' ')) {
                    						$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
                    							dbesc($newname),
                    							intval(local_user())
                    						);
                    					}
                    					else {
                    						$r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1",
                    							dbesc($lookup),
                    							intval(local_user())
                    						);
                    					}*/
                    $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", dbesc($newname), intval(local_user()));
                    if (!$r) {
                        $r = q("SELECT * FROM `contact` WHERE `nick` = '%s' AND `uid` = %d LIMIT 1", dbesc($lookup), intval(local_user()));
                    }
                    if (count($r)) {
                        $prf = $r[0]['url'];
                        $newname = $r[0]['name'];
                    }
                }
                if ($prf) {
                    $with = str_replace($lookup, '<a href="' . $prf . '">' . $newname . '</a>', $with);
                    if (strpos($with, '@') === 0) {
                        $with = substr($with, 1);
                    }
                }
            } else {
                $with = $orig[0]['with'];
            }
        }
        $sexual = notags(trim($_POST['sexual']));
        $homepage = notags(trim($_POST['homepage']));
        if (strpos($homepage, 'http') !== 0 && strlen($homepage)) {
            // neither http nor https in URL, add them
            $homepage = 'http://' . $homepage;
        }
        $hometown = notags(trim($_POST['hometown']));
        $politic = notags(trim($_POST['politic']));
        $religion = notags(trim($_POST['religion']));
        $likes = fix_mce_lf(escape_tags(trim($_POST['likes'])));
        $dislikes = fix_mce_lf(escape_tags(trim($_POST['dislikes'])));
        $about = fix_mce_lf(escape_tags(trim($_POST['about'])));
        $interest = fix_mce_lf(escape_tags(trim($_POST['interest'])));
        $contact = fix_mce_lf(escape_tags(trim($_POST['contact'])));
        $music = fix_mce_lf(escape_tags(trim($_POST['music'])));
        $book = fix_mce_lf(escape_tags(trim($_POST['book'])));
        $tv = fix_mce_lf(escape_tags(trim($_POST['tv'])));
        $film = fix_mce_lf(escape_tags(trim($_POST['film'])));
        $romance = fix_mce_lf(escape_tags(trim($_POST['romance'])));
        $work = fix_mce_lf(escape_tags(trim($_POST['work'])));
        $education = fix_mce_lf(escape_tags(trim($_POST['education'])));
        $hide_friends = $_POST['hide-friends'] == 1 ? 1 : 0;
        $changes = array();
        $value = '';
        if ($is_default) {
            if ($marital != $orig[0]['marital']) {
                $changes[] = '[color=#ff0000]&hearts;[/color] ' . t('Marital Status');
                $value = $marital;
            }
            if ($withchanged) {
                $changes[] = '[color=#ff0000]&hearts;[/color] ' . t('Romantic Partner');
                $value = strip_tags($with);
            }
            if ($likes != $orig[0]['likes']) {
                $changes[] = t('Likes');
                $value = $likes;
            }
            if ($dislikes != $orig[0]['dislikes']) {
                $changes[] = t('Dislikes');
                $value = $dislikes;
            }
            if ($work != $orig[0]['work']) {
                $changes[] = t('Work/Employment');
            }
            if ($religion != $orig[0]['religion']) {
                $changes[] = t('Religion');
                $value = $religion;
            }
            if ($politic != $orig[0]['politic']) {
                $changes[] = t('Political Views');
                $value = $politic;
            }
            if ($gender != $orig[0]['gender']) {
                $changes[] = t('Gender');
                $value = $gender;
            }
            if ($sexual != $orig[0]['sexual']) {
                $changes[] = t('Sexual Preference');
                $value = $sexual;
            }
            if ($homepage != $orig[0]['homepage']) {
                $changes[] = t('Homepage');
                $value = $homepage;
            }
            if ($interest != $orig[0]['interest']) {
                $changes[] = t('Interests');
                $value = $interest;
            }
            if ($address != $orig[0]['address']) {
                $changes[] = t('Address');
                // New address not sent in notifications, potential privacy issues
                // in case this leaks to unintended recipients. Yes, it's in the public
                // profile but that doesn't mean we have to broadcast it to everybody.
            }
            if ($locality != $orig[0]['locality'] || $region != $orig[0]['region'] || $country_name != $orig[0]['country-name']) {
                $changes[] = t('Location');
                $comma1 = $locality && ($region || $country_name) ? ', ' : ' ';
                $comma2 = $region && $country_name ? ', ' : '';
                $value = $locality . $comma1 . $region . $comma2 . $country_name;
            }
            profile_activity($changes, $value);
        }
        $r = q("UPDATE `profile`\n\t\t\tSET `profile-name` = '%s',\n\t\t\t`name` = '%s',\n\t\t\t`pdesc` = '%s',\n\t\t\t`gender` = '%s',\n\t\t\t`dob` = '%s',\n\t\t\t`address` = '%s',\n\t\t\t`locality` = '%s',\n\t\t\t`region` = '%s',\n\t\t\t`postal-code` = '%s',\n\t\t\t`country-name` = '%s',\n\t\t\t`marital` = '%s',\n\t\t\t`with` = '%s',\n\t\t\t`howlong` = '%s',\n\t\t\t`sexual` = '%s',\n\t\t\t`homepage` = '%s',\n\t\t\t`hometown` = '%s',\n\t\t\t`politic` = '%s',\n\t\t\t`religion` = '%s',\n\t\t\t`pub_keywords` = '%s',\n\t\t\t`prv_keywords` = '%s',\n\t\t\t`likes` = '%s',\n\t\t\t`dislikes` = '%s',\n\t\t\t`about` = '%s',\n\t\t\t`interest` = '%s',\n\t\t\t`contact` = '%s',\n\t\t\t`music` = '%s',\n\t\t\t`book` = '%s',\n\t\t\t`tv` = '%s',\n\t\t\t`film` = '%s',\n\t\t\t`romance` = '%s',\n\t\t\t`work` = '%s',\n\t\t\t`education` = '%s',\n\t\t\t`hide-friends` = %d\n\t\t\tWHERE `id` = %d AND `uid` = %d", dbesc($profile_name), dbesc($name), dbesc($pdesc), dbesc($gender), dbesc($dob), dbesc($address), dbesc($locality), dbesc($region), dbesc($postal_code), dbesc($country_name), dbesc($marital), dbesc($with), dbesc($howlong), dbesc($sexual), dbesc($homepage), dbesc($hometown), dbesc($politic), dbesc($religion), dbesc($pub_keywords), dbesc($prv_keywords), dbesc($likes), dbesc($dislikes), dbesc($about), dbesc($interest), dbesc($contact), dbesc($music), dbesc($book), dbesc($tv), dbesc($film), dbesc($romance), dbesc($work), dbesc($education), intval($hide_friends), intval($a->argv[1]), intval(local_user()));
        if ($r) {
            info(t('Profile updated.') . EOL);
        }
        if ($namechanged && $is_default) {
            $r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc($name), dbesc(datetime_convert()), intval(local_user()));
            $r = q("UPDATE `user` set `username` = '%s' where `uid` = %d", dbesc($name), intval(local_user()));
        }
        if ($is_default) {
            $location = $locality;
            if ($region != "") {
                if ($location != "") {
                    $location .= ", ";
                }
                $location .= $region;
            }
            if ($country_name != "") {
                if ($location != "") {
                    $location .= ", ";
                }
                $location .= $country_name;
            }
            $r = q("UPDATE `contact` SET `about` = '%s', `location` = '%s', `keywords` = '%s', `gender` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc($about), dbesc($location), dbesc($pub_keywords), dbesc($gender), intval(local_user()));
            // Update global directory in background
            $url = $_SESSION['my_url'];
            if ($url && strlen(get_config('system', 'directory'))) {
                proc_run('php', "include/directory.php", "{$url}");
            }
            require_once 'include/profile_update.php';
            profile_change();
        }
    }
}