$url .= empty($_SERVER['QUERY_STRING']) ? '' : '?' . Security::remove_XSS($_SERVER['QUERY_STRING']); header('Location: ' . $url); exit; } else { if (!empty($_POST['social_wall_new_msg']) && !empty($_POST['messageId'])) { $messageId = intval($_POST['messageId']); $messageContent = $_POST['social_wall_new_msg']; $res = SocialManager::sendWallMessage(api_get_user_id(), $friendId, $messageContent, $messageId, MESSAGE_STATUS_WALL); $url = api_get_path(WEB_CODE_PATH) . 'social/profile.php'; $url .= empty($_SERVER['QUERY_STRING']) ? '' : '?' . Security::remove_XSS($_SERVER['QUERY_STRING']); header('Location: ' . $url); exit; } else { if (isset($_GET['messageId'])) { $messageId = Security::remove_XSS($_GET['messageId']); $status = SocialManager::deleteMessage($messageId); header('Location: ' . api_get_path(WEB_CODE_PATH) . 'social/profile.php'); exit; } else { if (isset($_GET['u'])) { //I'm your friend? I can see your profile? $user_id = intval($_GET['u']); if (api_is_anonymous($user_id, true)) { api_not_allowed(true); } // It's me! if (api_get_user_id() != $user_id) { $user_info = api_get_user_info($user_id); $show_full_profile = false; if (!$user_info) { // user does no exist !!