search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Misja Hoebe <misja@curverider.co.uk> Added comment to allow transfer by some FTP...
[elgg.git] / profile / profile.class.php
blobb642c070436d3a9442c6c07c5a1a548a4b3a38ed
1 <?php
2 /*
3 Penny note: none of the queries in this file
4 that are get_something_sql or
5 get_something_select can be converted to use
6 prepared statements because they all have $where
7 that has come from some function somewhere...
8 */
9
10 Class ElggProfile {
11
12 function ElggProfile ($profile_id) {
13
14 global $data;
15 global $page_owner;
16 global $PAGE;
17
18 // ELGG profile system initialisation
19 // ID of profile to view / edit
20
21 if (!empty($profile_id)) {
22 $this->id = $profile_id;
23 } else {
24 $this->id = -1;
25 }
26
27 $page_owner = $profile_id;
28
29 // Profile initialisation
30 // very strange init sequence from the old main() call follows
31 $this->editfield_defaults();
32 // $this->actions(); // not from here --
33 // $this->upload_foaf();
34
35 }
36
37 function edit_link () {
38
39
40 global $page_owner;
41 global $data;
42 global $CFG;
43
44 $run_result = '';
45
46 if (run("permissions:check", "profile")) {
47
48 $editMsg = __gettext("Click here to edit this profile.");
49
50 $run_result .= <<<END
51
52 <p>
53 <a href="{$CFG->wwwroot}profile/edit.php?profile_id=$page_owner">$editMsg</a>
54 </p>
55 END;
56
57 $run_result .= run("profile:edit:link");
58
59 }
60 return $run_result;
61 }
62
63 function display_name () {
64
65 global $name_cache;
66 global $data;
67
68 if (!isset($name_cache[$this->id]) || (time() - $name_cache[$this->id]->created > 60)) {
69
70 $name_cache[$this->id]->created = time();
71 $name_cache[$this->id]->data = htmlspecialchars(user_info('name',$this->id), ENT_COMPAT, 'utf-8');
72
73 }
74 $run_result = $name_cache[$this->id]->data;
75 return $run_result;
76 }
77
78 function display_form () {
79
80 global $page_owner;
81 global $data;
82 global $CFG;
83
84 $run_result = '';
85
86 $body = "<p>\n" . __gettext(" This screen allows you to edit your profile. Blank fields will not show up on your profile screen in any view; you can change the access level for each piece of information in order to prevent it from falling into the wrong hands. For example, we strongly recommend you keep your address to yourself or a few trusted parties.") . "</p>\n";
87
88 if (run("permissions:check", "profile")) {
89
90 $profile_username = user_info('username', $page_owner);
91
92 $body .= "<form action=\"".url . "profile/edit.php?profile_id=".$page_owner."\" method=\"post\" enctype=\"multipart/form-data\">";
93 $body .= "<div class=\"tabber\">";
94
95 // Cycle through all defined profile detail fields and display them
96
97 $profilecat = array( );
98
99 if (!empty($data['profile:details']) && sizeof($data['profile:details']) > 0) {
100
101 foreach($data['profile:details'] as $field) {
102
103 if (is_array($field)) {
104 $flabel = !empty($field[0]) ? $field[0] : '';
105 $fname = !empty($field[1]) ? $field[1] : '';
106 $ftype = !empty($field[2]) ? $field[2] : '';
107 $fblurb = !empty($field[3]) ? $field[3] : '';
108 $fusertype = !empty($field[4]) ? $field[4] : '';
109 $finvisible = false;
110 $frequired = false;
111 $fcat = __gettext("Main");
112 // Otherwise map things the new way!
113 } else {
114 $flabel = $field->name;
115 $fname = $field->internal_name;
116 $ftype = $field->field_type;
117 $fblurb = $field->description;
118 $fusertype = $field->user_type;
119 $finvisible = $field->invisible;
120 $frequired = $field->required;
121 if (!empty($field->category)) {
122 $fcat = $field->category;
123 } else {
124 $fcat = __gettext("Main");
125 }
126 }
127
128 if (!isset($profilecat[$fcat])) {
129 $profilecat[$fcat] = '';
130 }
131 $profilecat[$fcat] .= $this->editfield_display($field);
132 }
133 if (sizeof($profilecat) > 0) {
134 foreach($profilecat as $cat => $html) {
135
136 $body .= "<div class=\"tabbertab\" title=\"$cat\">";
137 $body .= $html;
138 $body .= "</div>";
139
140 }
141 }
142
143 }
144
145 $submitMsg = __gettext("Submit details:");
146 $saveProfile = __gettext("Save your profile");
147 $body .= <<< END
148
149 </div>
150
151 <p align="center">
152 <label>
153 $submitMsg
154 <input type="submit" name="submit" value="$saveProfile" />
155 </label>
156 <input type="hidden" name="action" value="profile:edit" />
157 <input type="hidden" name="profile_id" value="$page_owner" />
158 </p>
159
160 </form>
161 END;
162
163 $body .= "<p>&nbsp;</p><form action=\"".url . "profile/edit.php?profile_id=".$page_owner."\" method=\"post\" enctype=\"multipart/form-data\">";
164 $body .= "<p>" . __gettext("You can import some profile data by uploading a FOAF file here:") . "</p>";
165 $body .=templates_draw(array(
166 'context' => 'databox',
167 'name' => __gettext("Upload a FOAF file:"),
168 'column1' => "<input name=\"foaf_file\" id=\"foaf_file\" type=\"file\" />",
169 'column2' => "<input type=\"submit\" value=\"".__gettext("Upload") . "\" />"
170 )
171 );
172 $body .= <<<END
173
174 <input type="hidden" name="action" value="profile:foaf:upload" />
175 <input type="hidden" name="profile_id" value="$page_owner" />
176 </form>
177
178 END;
179
180 $run_result .= $body;
181
182 }
183 return $run_result;
184 }
185
186 function editfield_defaults () {
187
188 global $CFG;
189 include($CFG->profilelocation . "profile.config.php");
190 return $run_result;
191 }
192
193 // the field parameter seems to be an array of unknown structure...
194 function editfield_display ($field) {
195
196 global $page_owner;
197 static $usertype;
198
199 if (!isset($usertype)) {
200 $usertype = user_type($page_owner);
201 }
202
203 // copy array element with default to ''
204
205 // If we're dealing with the old-style profile fields
206 if (is_array($field)) {
207 $flabel = !empty($field[0]) ? $field[0] : '';
208 $fname = !empty($field[1]) ? $field[1] : '';
209 $ftype = !empty($field[2]) ? $field[2] : '';
210 $fblurb = !empty($field[3]) ? $field[3] : '';
211 $fusertype = !empty($field[4]) ? $field[4] : '';
212 $finvisible = false;
213 $frequired = false;
214 // Otherwise map things the new way!
215 } else {
216 $flabel = $field->name;
217 $fname = $field->internal_name;
218 $ftype = $field->field_type;
219 $fblurb = $field->description;
220 $fusertype = $field->user_type;
221 $finvisible = $field->invisible;
222 $frequired = $field->required;
223 }
224
225 if (!empty($fusertype) && $fusertype != $usertype) {
226 return '';
227 }
228
229 global $page_owner;
230 global $data;
231 global $CFG;
232
233 $run_result = '';
234
235 if (empty($flabel) && empty($fname)) {
236 return '';
237 }
238
239 if (!isset($data['profile:preload'][$fname])) {
240 if (!$value = get_record('profile_data','name',$fname,'owner',$page_owner)) {
241 $value = "";
242 $value->value = "";
243 $value->access = $CFG->default_access;
244 }
245 } else {
246 $value = "";
247 $value->value = $data['profile:preload'][$fname];
248 if (!isset($data['profile:preload:access'][$fname])) {
249 $value->access = $CFG->default_access;
250 } else {
251 $value->access = $data['profile:preload:access'][$fname];
252 }
253
254 }
255 if ($finvisible) {
256 $value->access = "PRIVATE";
257 }
258
259 $name = "<label for=\"$fname\"><b>{$flabel}</b>";
260 if (!empty($fblurb)) {
261 $name .= "<br /><i>" . $fblurb . "</i>";
262 }
263 $name .= '</label>';
264
265 if (empty($ftype)) {
266 $ftype = "text";
267 }
268
269 $column1 = display_input_field(array("profiledetails[" . $fname . "]",$value->value,$ftype,$fname,@$value->ident,$page_owner));
270 $column2 = "<label>". __gettext("Access Restriction:") ."<br />";
271 $column2 .= run("display:access_level_select",array("profileaccess[".$fname . "]",$value->access)) . "</label>";
272
273 $run_result .=templates_draw(array(
274 'context' => 'databox',
275 'name' => $name,
276 'column1' => $column1,
277 'column2' => $column2
278 )
279 );
280
281 return $run_result;
282
283 }
284
285 function field_display ($field, $allvalues) {
286
287 global $data;
288
289 $run_result = '';
290
291 // If we're dealing with the old-style profile fields
292 if (is_array($field)) {
293 $flabel = !empty($field[0]) ? $field[0] : '';
294 $fname = !empty($field[1]) ? $field[1] : '';
295 $ftype = !empty($field[2]) ? $field[2] : '';
296 $fblurb = !empty($field[3]) ? $field[3] : '';
297 $fusertype = !empty($field[4]) ? $field[4] : '';
298 // Otherwise map things the new way!
299 } else {
300 $flabel = $field->name;
301 $fname = $field->internal_name;
302 $ftype = $field->field_type;
303 $fblurb = $field->description;
304 $fusertype = $field->user_type;
305 $finvisible = $field->invisible;
306 $frequired = $field->required;
307 }
308
309 //if (sizeof($field) >= 2) {
310
311 // $value = get_record('profile_data','name',$field[1],'owner',$this->id);
312 if (is_array($allvalues) && !empty($allvalues)) {
313 foreach($allvalues as $curvalue) {
314 if ($curvalue->name == stripslashes($fname)) {
315 $value = $curvalue;
316 break; // found it, done!
317 }
318 }
319 }
320
321 if (!isset($value)) {
322 return '';
323 }
324
325 if ((($value->value != "" && $value->value != "blank" && !$finvisible))
326 && run("users:access_level_check", $value->access)) {
327 $name = $flabel;
328 $column1 = display_output_field(array($value->value,$ftype,$fname,$flabel,$value->ident));
329 $run_result .=templates_draw(array(
330 'context' => 'databox1',
331 'name' => $name,
332 'column1' => $column1
333 )
334 );
335 }
336 // }
337 return $run_result;
338 }
339
340 function search ($tagtype, $tagvalue) {
341
342 global $data, $CFG, $db;
343
344 $handle = 0;
345 $run_result = '';
346
347 foreach($data['profile:details'] as $profiletype) {
348 if ($profiletype[1] == $tagtype && $profiletype[2] == "keywords") {
349 $handle = 1;
350 }
351 }
352
353 if ($handle) {
354
355 $searchline = "tagtype = " . $db->qstr($tagtype) . " AND tag = " . $db->qstr($tagvalue) . "";
356 $searchline = "(" . run("users:access_level_sql_where",$_SESSION['userid']) . ") AND " . $searchline;
357 $searchline = str_replace("owner","t.owner",$searchline);
358 $tagvalue = stripslashes($tagvalue);
359 if ($result = get_record_sql('SELECT DISTINCT u.* FROM '.$CFG->prefix.'tags t
360 LEFT JOIN '.$CFG->prefix.'users u ON u.ident = t.owner
361 WHERE '.$searchline)) {
362 $profilesMsg = __gettext("Profiles where");
363 $body = <<< END
364
365 <h2>
366 $profilesMsg
367 END;
368 $body .= "'".__gettext($tagtype)."' = '".$tagvalue."':";
369 $body .= <<< END
370 </h2>
371 END;
372 $body .= <<< END
373 <table class="userlist">
374 <tr>
375 END;
376 $i = 1;
377 foreach($result as $key => $info) {
378 $width = 50;
379 if (sizeof($tagvalue) > 4) {
380 $width = 25;
381 }
382 $friends_username = $info->username;
383 $friends_name = htmlspecialchars(stripslashes($info->name), ENT_COMPAT, 'utf-8');
384 $friends_menu = run("users:infobox:menu",array($info->ident));
385 $body .= <<< END
386 <td align="center">
387 <p>
388 <a href="{$CFG->wwwroot}{$friends_username}/">
389 <img src="{$CFG->wwwroot}_icon/user/{$info->icon}/w/{$width}" alt="{$friends_name}" border="0" /></a><br />
390 <span class="userdetails">
391 {$friends_name}
392 {$friends_menu}
393 </span>
394 </p>
395 </td>
396 END;
397 if ($i % 5 == 0) {
398 $body .= "</tr><tr>";
399 }
400 $i++;
401 }
402 $body .= <<< END
403 </tr>
404 </table>
405 END;
406 $run_result .= $body;
407 }
408 }
409 return $run_result;
410 }
411
412 function search_all_tagtypes () {
413
414 global $data;
415
416 foreach($data['profile:details'] as $profiletype) {
417 if ($profiletype[2] == "keywords") {
418 $data['search:tagtypes'][] = $profiletype[1];
419 }
420 }
421 return true;
422 }
423
424 function search_all_tagtypes_rss () {
425
426 global $data;
427
428 foreach($data['profile:details'] as $profiletype) {
429 if ($profiletype[2] == "keywords") {
430 $data['search:tagtypes:rss'][] = $profiletype[1];
431 }
432 }
433 return true;
434 }
435
436 function search_ecl ($tagtype, $tagvalue) {
437
438 global $data, $CFG, $db;
439
440 $handle = 0;
441 $run_result = '';
442
443 foreach($data['profile:details'] as $profiletype) {
444 if ($profiletype[1] == $tagtype && $profiletype[2] == "keywords") {
445 $handle = 1;
446 }
447 }
448
449 if ($handle) {
450
451 $sub_result = "";
452
453 $searchline = "tagtype = " . $db->qstr($tagtype) . " AND tag = " . $db->qstr($tagvalue) . "";
454 $searchline = "(" . run("users:access_level_sql_where",$_SESSION['userid']) . ") AND " . $searchline;
455 $searchline = str_replace("owner", "t.owner", $searchline);
456 $tagvalue = stripslashes($tagvalue);
457 if ($result = get_record_sql('SELECT DISTINCT u.* FROM '.$CFG->prefix.'tags t
458 LEFT JOIN '.$CFG->prefix.'users u ON u.ident = t.owner
459 WHERE '.$searchline)) {
460 foreach($result as $key => $info) {
461 $icon = url . '_icon/user/'.$post->icon;
462 $sub_result .= "\t\t\t<item>\n";
463 $sub_result .= "\t\t\t\t<name><![CDATA[" . htmlspecialchars(stripslashes($info->name), ENT_COMPAT, 'utf-8') . "]]></name>\n";
464 $sub_result .= "\t\t\t\t<link>" . url . htmlspecialchars($info->username, ENT_COMPAT, 'utf-8') . "</link>\n";
465 $sub_result .= "\t\t\t\t<link>$icon</link>\n";
466 $sub_result .= "\t\t\t</item>\n";
467 }
468 }
469
470 if ($sub_result != "") {
471
472 $run_result .= "\t\t<profiles tagtype=\"".addslashes(htmlspecialchars($tagtype, ENT_COMPAT, 'utf-8'))."\">\n" . $sub_result . "\t\t</profiles>\n";
473
474 }
475
476 }
477 return $run_result;
478 }
479
480 function search_rss ($tagtype, $tagvalue) {
481
482 global $data, $CFG, $db;
483
484 $handle = 0;
485 $run_result = '';
486
487 foreach($data['profile:details'] as $profiletype) {
488 if ($profiletype[1] == $tagtype && $profiletype[2] == "keywords") {
489 $handle = 1;
490 }
491 }
492
493 if ($handle) {
494
495 $searchline = "tagtype = " . $db->qstr($tagtype) . " AND tag = " . $db->qstr($tagvalue) . "";
496 $searchline = "(" . run("users:access_level_sql_where",$_SESSION['userid']) . ") AND " . $searchline;
497 $searchline = str_replace("owner", "t.owner", $searchline);
498 $tagvalue = stripslashes($tagvalue);
499 if ($result = get_records_sql('SELECT DISTINCT u.* FROM '.$CFG->prefix.'tags t
500 LEFT JOIN '.$CFG->prefix.'users u ON u.ident = t.owner
501 WHERE '.$searchline)) {
502 foreach($result as $key => $info) {
503 $run_result .= "\t<item>\n";
504 $run_result .= "\t\t<title><![CDATA['" . htmlspecialchars($tagtype, ENT_COMPAT, 'utf-8') . "' = " . htmlspecialchars($tagvalue, ENT_COMPAT, 'utf-8') . " :: " . htmlspecialchars(stripslashes($info->name), ENT_COMPAT, 'utf-8') . "]]></title>\n";
505 $run_result .= "\t\t<link>" . url . htmlspecialchars($info->username, ENT_COMPAT, 'utf-8') . "</link>\n";
506 $run_result .= "\t</item>\n";
507 }
508 }
509 }
510 return $run_result;
511 }
512
513 function upload_foaf () {
514
515 global $data,$CFG;
516
517 $action = optional_param('action');
518 if (!empty($action) && $action == "profile:foaf:upload" && logged_on && run("permissions:check", "profile")) {
519 require_once($CFG->dirroot.'lib/uploadlib.php');
520 $um = new upload_manager('foaf_file',false,true,0,true);
521 $dir = $CFG->dataroot . 'tmp/foaf/';
522 if (!$um->process_file_uploads($dir)) {
523 $messages[] = __gettext("There was an error uploading the file. Possibly the file was too large, or the upload was interrupted.");
524 $messages[] = $um->get_errors();
525 return false;
526 }
527 $file = $um->get_new_filepath();
528 $foaf = @GetXMLTreeProfile($file);
529
530 $data['profile:preload'] = array();
531
532 if (isset($foaf['RDF:RDF'][0]['PERSON'][0]) && !isset($foaf['RDF:RDF'][0]['FOAF:PERSON'][0])) {
533 $foaf['RDF:RDF'][0]['FOAF:PERSON'][0] = $foaf['RDF:RDF'][0]['PERSON'][0];
534 }
535
536 if (isset($foaf['RDF:RDF'][0]['FOAF:PERSON'][0])) {
537
538 $foaf = $foaf['RDF:RDF'][0]['FOAF:PERSON'][0];
539
540 if (!empty($data['foaf:profile']) && sizeof($data['foaf:profile']) > 0) {
541 foreach($data['foaf:profile'] as $foaf_element) {
542
543 $profile_value = addslashes($foaf_element[0]);
544 $foaf_name = $foaf_element[1];
545 $individual = $foaf_element[2];
546 $resource = $foaf_element[3];
547 if (isset($foaf[strtoupper($foaf_name)])) {
548 $values = $foaf[strtoupper($foaf_name)];
549 foreach($values as $value) {
550 $thisvalue = "";
551 if (trim($value['VALUE']) != "") {
552 $thisvalue = trim($value['VALUE']);
553 } else if (isset($value['ATTRIBUTES']['DC:TITLE']) && trim($value['ATTRIBUTES']['DC:TITLE'] != "")){
554 $thisvalue = trim($value['ATTRIBUTES']['DC:TITLE']);
555 } else if (isset($value['ATTRIBUTES']['RDF:RESOURCE']) && trim($value['ATTRIBUTES']['RDF:RESOURCE'] != "")) {
556 $thisvalue = trim($value['ATTRIBUTES']['RDF:RESOURCE']);
557 }
558 if ($thisvalue != "") {
559 if (!isset($data['profile:preload'][$profile_value])) {
560 $data['profile:preload'][$profile_value] = $thisvalue;
561 } else {
562 $data['profile:preload'][$profile_value] .= ", " . $thisvalue;
563 }
564 }
565 }
566 }
567 }
568 }
569 if (!empty($foaf['VCARD:ADR']) && sizeof($foaf['VCARD:ADR']) > 0) {
570 if (!empty($data['vcard:profile:adr']) && sizeof($data['vcard:profile:adr']) > 0) {
571
572 $foaf = $foaf['VCARD:ADR'][0];
573
574 foreach($data['vcard:profile:adr'] as $foaf_element) {
575 $profile_value = addslashes($foaf_element[0]);
576 $foaf_name = $foaf_element[1];
577 $individual = $foaf_element[2];
578 $resource = $foaf_element[3];
579 if (isset($foaf[strtoupper($foaf_name)])) {
580 $values = $foaf[strtoupper($foaf_name)];
581 foreach($values as $value) {
582 $thisvalue = "";
583 if (trim($value['VALUE']) != "") {
584 $thisvalue = trim($value['VALUE']);
585 } else if (isset($value['ATTRIBUTES']['DC:TITLE']) && trim($value['ATTRIBUTES']['DC:TITLE'] != "")){
586 $thisvalue = trim($value['ATTRIBUTES']['DC:TITLE']);
587 } else if (isset($value['ATTRIBUTES']['RDF:RESOURCE']) && trim($value['ATTRIBUTES']['RDF:RESOURECE'] != "")) {
588 $thisvalue = trim($value['ATTRIBUTES']['DC:TITLE']);
589 }
590 if ($thisvalue != "") {
591 if (!isset($data['profile:preload'][$profile_value])) {
592 $data['profile:preload'][$profile_value] = $thisvalue;
593 } else {
594 $data['profile:preload'][$profile_value] .= ", " . $thisvalue;
595 }
596 }
597 }
598 }
599 }
600 }
601 }
602
603 $messages[] = __gettext("Data from your FOAF file has been preloaded. You must click Save at the bottom of the page for the changes to take effect.");
604
605 } else {
606
607 $messages[] = __gettext("Error: supplied file did not appear to be a FOAF file.");
608
609 }
610
611 }
612 return true;
613 }
614
615 function view () {
616
617 global $data;
618 global $page_owner;
619
620 $run_result = '';
621 $usertype = user_type($page_owner);
622
623 // Cycle through all defined profile detail fields and display them
624
625 if (!empty($data['profile:details']) && sizeof($data['profile:details']) > 0) {
626
627 if ($allvalues = get_records('profile_data','owner',$this->id)) {
628 foreach($data['profile:details'] as $field) {
629 if (is_array($field)) {
630 $flabel = !empty($field[0]) ? $field[0] : '';
631 $fname = !empty($field[1]) ? $field[1] : '';
632 $ftype = !empty($field[2]) ? $field[2] : '';
633 $fblurb = !empty($field[3]) ? $field[3] : '';
634 $fusertype = !empty($field[4]) ? $field[4] : '';
635 $finvisible = false;
636 $frequired = false;
637 // Otherwise map things the new way!
638 } else {
639 $flabel = $field->name;
640 $fname = $field->internal_name;
641 $ftype = $field->field_type;
642 $fblurb = $field->description;
643 $fusertype = $field->user_type;
644 $finvisible = $field->invisible;
645 $frequired = $field->required;
646 }
647 if (empty($fusertype) || $usertype == $fusertype) {
648 // $field is an array, with the name
649 // of the field in $field[0]
650 $run_result .= $this->field_display($field,$allvalues);
651 }
652 }
653 }
654
655 }
656 return $run_result;
657 }
658
659 function generate_foaf_fields ($user_id) {
660
661 global $data;
662 $run_result = '';
663 // If $data['foaf:profile'] is set and has elements in it ...
664
665 $user_id = (int) $user_id;
666
667 $foaf_elements = "";
668 $where = run("users:access_level_sql_where",$_SESSION['userid']);
669
670 if (!empty($data['foaf:profile']) && sizeof($data['foaf:profile']) > 0) {
671
672 foreach($data['foaf:profile'] as $foaf_element) {
673
674
675 $value = "";
676 $value_type = "";
677
678 $profile_value = addslashes($foaf_element[0]);
679 $foaf_name = $foaf_element[1];
680 $individual = $foaf_element[2];
681 $resource = $foaf_element[3];
682 foreach($data['profile:details'] as $profile_element) {
683 if ($profile_element[1] == $profile_value) {
684 $value_type = $profile_element[2];
685 }
686 }
687
688 if ($value_type != "keywords") {
689 $result = get_records_select('profile_data',"name = '$profile_value' AND ($where) AND owner = ".$user_id,'','ident,value');
690 } else {
691 $result = get_records_select('tags',"tagtype = '$profile_value' and ($where) AND owner = $user_id",'','ident,tag AS value');
692 }
693 if (is_array($result)) {
694 if ($individual == "individual") {
695 foreach($result as $element) {
696 if (trim($element->value) != "") {
697 $value = stripslashes($element->value);
698 if ($resource == "resource") {
699 $enclosure = "\t\t<" . $foaf_name . " ";
700 if ($value_type == "keywords") {
701 $enclosure .= "dc:title=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" ";
702 $enclosure .= "rdf:resource=\"" . url . "tag/".urlencode($value)."\" />\n";
703 } else {
704 $enclosure .= "rdf:resource=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" />\n";
705 }
706 $foaf_elements .= $enclosure;
707 } else {
708 $enclosure = "\t\t<" . $foaf_name . "><![CDATA[" . htmlspecialchars(($value), ENT_COMPAT, 'utf-8') . "]]></" . $foaf_name . ">\n";
709 $foaf_elements .= $enclosure;
710 }
711 }
712 }
713 } else {
714 foreach($result as $element) {
715 if (trim($element->value) != "") {
716 if ($value != "") {
717 $value .= ", ";
718 }
719 $value .= stripslashes($element->value);
720 }
721 if ($resource == "resource") {
722 $enclosure = "\t\t<" . $foaf_name . " ";
723 if ($value_type == "keywords") {
724 $enclosure .= "dc:title=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" ";
725 $enclosure .= "rdf:resource=\"" . url . "tag/".urlencode($value)."\" />\n";
726 } else {
727 $enclosure .= "rdf:resource=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" />\n";
728 }
729 } else {
730 $enclosure = "\t\t<" . $foaf_name . "><![CDATA[" . htmlspecialchars(($value), ENT_COMPAT, 'utf-8') . "]]></" . $foaf_name . ">\n";
731 }
732 }
733 $foaf_elements .= $enclosure;
734 }
735 }
736
737 }
738
739 }
740
741 $run_result .= $foaf_elements;
742 return $run_result;
743 }
744
745 function generate_vcard_adr_fields ($user_id) {
746
747 global $data;
748 $run_results = '';
749 // If $data['vcard:profile:adr'] is set and has elements in it ...
750
751 $user_id = (int)$user_id;
752
753 $foaf_elements = "";
754 $where = run("users:access_level_sql_where",$_SESSION['userid']);
755
756 if (!empty($data['vcard:profile:adr']) && sizeof($data['vcard:profile:adr']) > 0) {
757
758 foreach($data['vcard:profile:adr'] as $foaf_element) {
759
760
761 $value = "";
762 $value_type = "";
763
764 $profile_value = addslashes($foaf_element[0]);
765 $foaf_name = $foaf_element[1];
766 $individual = $foaf_element[2];
767 $resource = $foaf_element[3];
768 foreach($data['profile:details'] as $profile_element) {
769 if ($profile_element[1] == $profile_value) {
770 $value_type = $profile_element[2];
771 }
772 }
773
774 if ($value_type != "keywords") {
775 $result = get_records_select('profile_data',"name = '$profile_value' AND ($where) AND owner = ".$user_id,'','ident,value');
776 } else {
777 $result = get_records_select('tags',"tagtype = '$profile_value' and ($where) AND owner = $user_id",'','ident,tag AS value');
778 }
779 if (is_array($result)) {
780 if ($individual == "individual") {
781 foreach($result as $element) {
782 if (trim($element->value) != "") {
783 $value = stripslashes($element->value);
784 if ($resource == "resource") {
785 $enclosure = "\t\t\t<" . $foaf_name . " ";
786 if ($value_type == "keywords") {
787 $enclosure .= "dc:title=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" ";
788 $enclosure .= "rdf:resource=\"" . url . "tag/".urlencode($value)."\" />\n";
789 } else {
790 $enclosure .= "rdf:resource=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" />\n";
791 }
792 $foaf_elements .= $enclosure;
793 } else {
794 $enclosure = "\t\t\t<" . $foaf_name . "><![CDATA[" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "]]></" . $foaf_name . ">\n";
795 $foaf_elements .= $enclosure;
796 }
797 }
798 }
799 } else {
800 foreach($result as $element) {
801 if (trim($element->value) != "") {
802 if ($value != "") {
803 $value .= ", ";
804 }
805 $value .= stripslashes($element->value);
806 }
807 if ($resource == "resource") {
808 $enclosure = "\t\t\t<" . $foaf_name . " ";
809 if ($value_type == "keywords") {
810 $enclosure .= "dc:title=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" ";
811 $enclosure .= "rdf:resource=\"" . url . "tag/".urlencode($value)."\" />\n";
812 } else {
813 $enclosure .= "rdf:resource=\"" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "\" />\n";
814 }
815 } else {
816 $enclosure = "\t\t\t<" . $foaf_name . "><![CDATA[" . htmlspecialchars($value, ENT_COMPAT, 'utf-8') . "]]></" . $foaf_name . ">\n";
817 }
818 }
819 $foaf_elements .= $enclosure;
820 }
821 }
822
823 }
824
825 }
826
827 $run_result .= $foaf_elements;
828 return $run_result;
829 }
830
831 function groups_delete ($group_id) {
832 global $data, $USER;
833 // groups:delete
834 // When an access group is deleted, revert all profile items restricted to that group to private
835 $group_id = (int)$group_id;
836
837 if (!empty($group_id) && logged_on) {
838 // Create 'private' access string for current user
839 $access = "user" . $_SESSION['userid'];
840
841 // Update profile_data table, setting access to $access
842 // where the owner is the current user and access = 'group$group_id'
843 return set_field('profile_data','access',$access,'access','group'.$group_id,'owner',$USER->ident);
844
845 }
846 return true;
847 }
848
849 function main () {
850
851
852 // ELGG Profile system
853
854
855
856 // Initialisation for the search function
857 $function['search:init'][] = path . "units/profile/function_init.php";
858 $function['search:init'][] = path . "units/profile/function_editfield_defaults.php";
859 $function['search:all:tagtypes'][] = path . "units/profile/function_search_all_tagtypes.php";
860 $function['search:all:tagtypes:rss'][] = path . "units/profile/function_search_all_tagtypes_rss.php";
861
862 // Function to search through profiles
863 $function['search:display_results'][] = path . "units/profile/function_search.php";
864 $function['search:display_results:rss'][] = path . "units/profile/function_search_rss.php";
865
866 // Functions to view and edit individual profile fields
867 $function['profile:editfield:display'][] = path . "units/profile/function_editfield_display.php";
868 $function['profile:field:display'][] = path . "units/profile/function_field_display.php";
869
870 // Function to view all profile fields
871 $function['profile:view'][] = path . "units/profile/function_view.php";
872
873 // Function to display user's name
874 $function['profile:display:name'][] = path . "units/profile/function_display_name.php";
875
876 $function['profile:user:info'][] = path . "units/profile/profile_user_info.php";
877
878 // Descriptive text
879 $function['content:profile:edit'][] = path . "units/profile/content_edit.php";
880
881 // Establish permissions
882 $function['permissions:check'][] = path . "units/profile/permissions_check.php";
883
884 // FOAF
885 $function['foaf:generate:fields'][] = path . "units/profile/generate_foaf_fields.php";
886 $function['vcard:generate:fields:adr'][] = path . "units/profile/generate_vcard_adr_fields.php";
887
888 // Actions to perform when an access group is deleted
889 $function['groups:delete'][] = path . "units/profile/groups_delete.php";
890
891 }
892
893
894
895
896 function permissions_check ($object) {
897 global $page_owner;
898 if ($object === "profile" && $page_owner == $_SESSION['userid']) {
899 return true;
900 }
901 return false;
902 }
903
904 function profile_user_info () {
905
906 global $data;
907 global $page_owner;
908
909 // If this is someone else's portfolio, display the user's icon
910 $run_result = '<div class="box_user">';
911
912 $info = get_record('users','ident',$page_owner);
913
914 if (!$tagline = get_field_sql('SELECT value FROM '.$CFG->prefix.'profile_data
915 WHERE owner = '.$page_owner." AND name = 'minibio'
916 AND (".run("users:access_level_sql_where",$USER->ident).")")) {
917 $tagline = "&nbsp;";
918 }
919
920 $icon = '<img alt="" src="' . url . '_icon/user/' . $info->icon . '/w/67" />';
921 $name = stripslashes($info->name);
922 $url = url . $info->username . "/";
923
924 $body =templates_draw(array(
925 'context' => 'ownerbox',
926 'name' => $name,
927 'profileurl' => $url,
928 'usericon' => $icon,
929 'tagline' => $tagline,
930 'lmshosts' => 'foo',
931 'usermenu' => run("users:infobox:menu:text",array($page_owner))
932 )
933 );
934
935 if ($page_owner != -1) {
936 if ($page_owner != $_SESSION['userid']) {
937 $title = __gettext("Profile Owner");
938 } else {
939 $title = __gettext("You");
940 }
941 }
942
943 $run_result .=templates_draw(array(
944 'context' => 'contentholder',
945 'title' => $title,
946 'body' => $body,
947 'submenu' => ""
948 )
949 );
950
951 $run_result .= "</div>";
952
953 return $run_result;
954 }
955
956 } // End Class ElggProfile
957
958 ?>
Elgg Social Networking Platform