root/releases/0.6rc2/profile/profile.class.php

Revision 341, 41.6 kB (checked in by ben, 3 years ago)

Empty profile fields are now correctly initialised (using the default access level etc); previously they were attempting to get details from a database query that returned false.

Line 
1 <?php
2 /*
3 Penny note: none of the queries in this file
4 that are get_something_sql or
5 get_something_select can be converted to use
6 prepared statements because they all have $where
7 that has come from some function somewhere...
8 */
9
10 Class ElggProfile {
11
12     function ElggProfile ($profile_id) {
13
14         global $data;
15         global $page_owner;
16         global $PAGE;
17
18         // ELGG profile system initialisation
19         // ID of profile to view / edit
20         
21         if (!empty($profile_id)) {
22             $this->id = $profile_id;
23         } else {
24             $this->id = -1;
25         }
26
27         $page_owner = $profile_id;
28
29         // Profile initialisation
30         // very strange init sequence from the old main() call follows
31         $this->editfield_defaults();
32         // $this->actions();     // not from here --
33         // $this->upload_foaf();
34
35     }
36
37     function edit_link () {
38
39
40         global $page_owner;
41         global $data;
42
43         $url = url;
44     
45         $run_result = '';
46
47         if (run("permissions:check", "profile")) {
48         
49             $editMsg = gettext("Click here to edit this profile.");
50
51             $run_result .= <<<END
52                 
53                 <p>
54                 <a href="{$url}profile/edit.php?profile_id=$page_owner">$editMsg</a>
55                 </p>
56 END;
57
58             $run_result .= run("profile:edit:link");
59             
60         }
61         return $run_result;
62     }
63
64     function display_name () {
65
66         global $name_cache;
67         global $data;
68     
69         if (!isset($name_cache[$this->id]) || (time() - $name_cache[$this->id]->created > 60)) {
70         
71             $name_cache[$this->id]->created = time();
72             $name_cache[$this->id]->data = stripslashes(get_field('users','name','ident',$this->id));
73         
74         }
75         $run_result = $name_cache[$this->id]->data;
76         return $run_result;
77     }
78
79     function display_form () {
80
81         global $page_owner;
82
83         global $data;
84
85         $run_result = '';
86
87         $body = "<p>\n" . gettext("    This screen allows you to edit your profile. Blank fields will not show up on your profile screen in any view; you can change the access level for each piece of information in order to prevent it from falling into the wrong hands. For example, we strongly recommend you keep your address to yourself or a few trusted parties.") . "</p>\n";
88
89         if (run("permissions:check", "profile")) {
90     
91             $profile_username = run("users:id_to_name",$page_owner);
92         
93
94
95             $body .= "<form action=\"".url . "profile/edit.php?profile_id=".$page_owner."\" method=\"post\" enctype=\"multipart/form-data\">";
96             $body .= "<p>" . gettext("You can import some profile data by uploading a FOAF file here:") . "</p>";
97             $body .=templates_draw(array(
98                                                  'context' => 'databox',
99                                                  'name' => gettext("Upload a FOAF file:"),
100                                                  'column1' => "<input name=\"foaf_file\" id=\"foaf_file\" type=\"file\" />",
101                                                  'column2' => "<input type=\"submit\" value=\"".gettext("Upload") . "\" />"
102                                                  )
103                          );
104             $body .= <<<END
105         
106                 <input type="hidden" name="action" value="profile:foaf:upload" />
107                 <input type="hidden" name="profile_id" value="$page_owner" />
108                 </form>
109         
110 END;
111             $body .= "<p>" .gettext("Or you can fill in your profile directly below:") . "</p>";
112             $body .= "<form action=\"".url . "profile/edit.php?profile_id=".$page_owner."\" method=\"post\">";
113     
114             // Cycle through all defined profile detail fields and display them
115     
116             if (!empty($data['profile:details']) && sizeof($data['profile:details']) > 0) {
117         
118                 foreach($data['profile:details'] as $field) {
119                     $body .= $this->editfield_display($field);
120                 }
121     
122             }
123     
124             $submitMsg = gettext("Submit details:");
125             $saveProfile = gettext("Save your profile");
126             $body .= <<< END
127     
128                 <p align="center">
129                 <label>
130                 $submitMsg
131                 <input type="submit" name="submit" value="$saveProfile" />
132                 </label>
133                 <input type="hidden" name="action" value="profile:edit" />
134                 <input type="hidden" name="profile_id" value="$page_owner" />
135                 </p>
136
137                 </form>
138 END;
139
140             $run_result .= $body;
141     
142         }
143         return $run_result;
144     }
145
146     function editfield_defaults () {
147
148         global $data;
149         $run_result = '';
150         // Initial profile data
151
152         /* Profile info is of the format:
153     
154         $data['profile:details'][] = array(
155                                                 Description,
156                                                 Short / unique internal name,
157                                                 Type of field,
158                                                 User instructions for entering data
159                                             )
160         e.g.
161         $data['profile:details'][] = array(gettext("Interests"),"interests","keywords",gettext("Separated with commas."));
162
163         Additions to this data structure will input/output a corresponding FOAF field
164         
165         $data['foaf:profile'][] = array(
166                                             Short / unique internal name,
167                                             Corresponding FOAF schema field
168                                             "collated" or "individual" -     whether multiple data elements (eg interests)
169                                                                             should be in separate tags ("individual") or
170                                                                             in the same tag separated by commas
171                                                                             (collated = default)
172                                             "resource" or "enclosed" -         whether the data is an rdf:resource="" attribute
173                                                                             or enclosed within the tag
174                                                                             (resource = default)
175                                         )
176         e.g.
177         $data['foaf:profile'][] = array("interests","foaf:interest");
178         
179         Also present is $data['vcard:profile:adr'][] for VCard ADR elements within the FOAF file
180         e.g.
181         $data['vcard:profile:adr'][] = array("streetaddress","vCard:Street","collated");
182         */
183     
184         $data['profile:details'][] = array(gettext("Who am I?"),"biography","longtext",gettext("A short introduction for you."));
185         $data['foaf:profile'][] = array("biography","bio:olb","collated","enclosed");
186         
187         $data['profile:details'][] = array(gettext("Brief description"),"minibio","text",gettext("For use in your sidebar profile."));
188         
189         // $data['profile:details'][] = array(gettext("Postal address"),"postaladdress","mediumtext");
190         $data['profile:details'][] = array(gettext("Street address"),"streetaddress","text");
191         $data['vcard:profile:adr'][] = array("streetaddress","vCard:Street","collated","enclosed");
192         
193         $data['profile:details'][] = array(gettext("Town"),"town","keywords");
194         $data['vcard:profile:adr'][] = array("town","vCard:Locality","collated","enclosed");
195         
196         $data['profile:details'][] = array(gettext("State / Region"),"state","keywords");
197         $data['vcard:profile:adr'][] = array("state","vCard:Region","collated","enclosed");
198         
199         $data['profile:details'][] = array(gettext("Postal code"),"postcode","text");
200         $data['vcard:profile:adr'][] = array("postcode","vCard:Pcode","collated","enclosed");
201         
202         $data['profile:details'][] = array(gettext("Country"),"country","keywords");
203         $data['vcard:profile:adr'][] = array("country","vCard:Country","collated","enclosed");
204         
205         $data['profile:details'][] = array(gettext("Email address"),"emailaddress","email");
206         
207         $data['profile:details'][] = array(gettext("Work telephone"),"workphone","text");
208         $data['foaf:profile'][] = array("workphone","foaf:phone","individual","resource");
209         
210         $data['profile:details'][] = array(gettext("Home telephone"),"homephone","text");
211         $data['foaf:profile'][] = array("homephone","foaf:phone","individual","resource");
212         
213         $data['profile:details'][] = array(gettext("Mobile telephone"),"mobphone","text");
214         $data['foaf:profile'][] = array("mobphone","foaf:phone","individual","resource");
215         
216         $data['profile:details'][] = array(gettext("Official website address"),"workweb","web",gettext("The URL to your official website, if you have one."));
217         $data['foaf:profile'][] = array("workweb","foaf:workplaceHomepage","individual","resource");
218         
219         $data['profile:details'][] = array(gettext("Personal website address"),"personalweb","web",gettext("The URL to your personal website, if you have one."));
220         $data['foaf:profile'][] = array("personalweb","foaf:homepage","individual","resource");
221         
222         $data['profile:details'][] = array(gettext("ICQ number"),"icq","icq");
223         $data['foaf:profile'][] = array("icq","foaf:icqChatID","individual","enclosed");
224         
225         $data['profile:details'][] = array(gettext("MSN chat"),"msn","msn");
226         $data['foaf:profile'][] = array("msn","foaf:msnChatID","individual","enclosed");
227         
228         $data['profile:details'][] = array(gettext("AIM screenname"),"aim","aim");
229         $data['foaf:profile'][] = array("aim","foaf:aimChatID","individual","enclosed");
230         
231         $data['profile:details'][] = array(gettext("Skype username"),"skype","skype");
232         
233         $data['profile:details'][] = array(gettext("Jabber username"),"jabber","text");
234         $data['foaf:profile'][] = array("jabber","foaf:jabberChatID","individual","enclosed");
235         
236         $data['profile:details'][] = array(gettext("Interests"),"interests","keywords",gettext("Separated with commas."));
237         $data['foaf:profile'][] = array("interests","foaf:interest","individual","resource");
238         // $data['foaf:profile'][] = array("interests","bio:keywords","collated","enclosed");
239         
240         $data['profile:details'][] = array(gettext("Likes"),"likes","keywords",gettext("Separated with commas."));
241         $data['profile:details'][] = array(gettext("Dislikes"),"dislikes","keywords",gettext("Separated with commas."));
242         $data['profile:details'][] = array(gettext("Occupation"),"occupation","text");
243         $data['profile:details'][] = array(gettext("Industry"),"industry","keywords");
244         
245         $data['profile:details'][] = array(gettext("Company / Institution"),"organisation","text");
246         $data['foaf:profile'][] = array("organisation","foaf:organization","collated","enclosed");
247         
248         $data['profile:details'][] = array(gettext("Job Title"),"jobtitle","text");
249         $data['profile:details'][] = array(gettext("Job Description"),"jobdescription","text");
250         $data['profile:details'][] = array(gettext("I would like to ..."),"goals","keywords",gettext("Separated with commas."));
251         $data['profile:details'][] = array(gettext("Career Goals"),"careergoals","longtext",gettext("Freeform: let colleagues and potential employers know what you'd like to get out of your career."));
252         $data['profile:details'][] = array(gettext("Level of Education"),"educationlevel","text");
253         $data['profile:details'][] = array(gettext("High School"),"highschool","text");
254         $data['profile:details'][] = array(gettext("University / College"),"university","text");
255         $data['profile:details'][] = array(gettext("Degree"),"universitydegree","text");
256         $data['profile:details'][] = array(gettext("Main Skills"),"skills","keywords",gettext("Separated with commas."));
257         return $run_result;
258     }
259
260     // the field parameter seems to be an array of unknown structure...
261     function editfield_display ($field) {
262
263         // copy array element with default to ''
264         $flabel = !empty($field[0]) ? $field[0] : '';
265         $fname  = !empty($field[1]) ? $field[1] : '';
266         $ftype  = !empty($field[2]) ? $field[2] : '';
267         $fblurb = !empty($field[3]) ? $field[3] : '';
268
269         global $page_owner;
270         global $data;
271         global $CFG;
272
273         $run_result = '';
274
275         if (empty($flabel) && empty($fname)) {
276             return '';
277         }
278             
279         if (!isset($data['profile:preload'][$flabel])) {
280             if (!$value = get_record('profile_data','name',$fname,'owner',$page_owner)) {
281                 $value = "";
282                 $value->value = "";
283                 $value->access = $CFG->default_access;
284             }
285         } else {
286             $value = "";
287             $value->value = $data['profile:preload'][$fname];
288             $value->access = $CFG->default_access;
289             
290         }
291         
292         $name = "<label for=\"$fname\"><b>{$flabel}</b>";
293         if (!empty($fblurb)) {
294             $name .= "<br /><i>" . $fblurb . "</i>";
295         }
296         $name .= '</label>';
297         
298         if (empty($ftype)) {
299             $ftype = "text";
300         }
301
302         $column1 = display_input_field(array("profiledetails[" . $fname . "]",$value->value,$ftype,$fname,$value->ident,$page_owner));
303         $column2 = "<label>". gettext("Access Restriction:") ."<br />";
304         $column2 .= run("display:access_level_select",array("profileaccess[".$fname . "]",$value->access)) . "</label>";
305         
306         $run_result .=templates_draw(array(
307                                            'context' => 'databox',
308                                            'name'    => $name,
309                                            'column1' => $column1,
310                                            'column2' => $column2
311                                            )
312                                      );
313         
314         return $run_result;
315
316     }
317
318     function field_display ($field, $allvalues) {
319
320         global $data;
321
322         $run_result = '';
323
324         if (sizeof($field) >= 2) {
325     
326             // $value = get_record('profile_data','name',$field[1],'owner',$this->id);
327         
328             foreach($allvalues as $curvalue) {
329                 if ($curvalue->name == stripslashes($field[1])) {
330                     $value = $curvalue;
331                     break; // found it, done!
332                 }
333             }
334
335             if (!isset($value)) {
336                 return '';
337             }
338
339             if ((($value->value != "" && $value->value != "blank"))
340                 && run("users:access_level_check", $value->access)) {
341                 $name = $field[0];
342                 $column1 = display_output_field(array($value->value,$field[2],$field[1],$field[0],$value->ident));
343                 $run_result .=templates_draw(array(
344                                                            'context' => 'databox1',
345                                                            'name' => $name,
346                                                            'column1' => $column1
347                                                            )
348                                    );
349             }
350         }
351         return $run_result;
352     }
353
354     function search ($tagtype, $tagvalue) {
355
356         global $data,$CFG;
357     
358         $url = url;
359         $handle = 0;
360         $run_result = '';
361
362         foreach($data['profile:details'] as $profiletype) {
363             if ($profiletype[1] == $tagtype && $profiletype[2] == "keywords") {
364                 $handle = 1;
365             }
366         }
367     
368         if ($handle) {
369             
370             $searchline = "tagtype = '".addslashes($tagtype)."' and tag = '".addslashes($tagvalue)."'";
371             $searchline = "(" . run("users:access_level_sql_where",$_SESSION['userid']) . ") and " . $searchline;
372             $searchline = str_replace("owner","t.owner",$searchline);
373             $tagvalue = stripslashes($tagvalue);
374             if ($result = get_record_sql('SELECT DISTINCT u.* FROM '.$CFG->prefix.'tags t
375                                           LEFT JOIN '.$CFG->prefix.'users u ON u.ident = t.owner
376                                           WHERE '.$searchline)) {
377                 $profilesMsg = gettext("Profiles where");
378                 $body = <<< END
379             
380                     <h2>
381                     $profilesMsg
382 END;
383                 $body .= "'".gettext($tagtype)."' = '".$tagvalue."':";
384                 $body .= <<< END
385                     </h2>
386 END;
387                 $body .= <<< END
388                     <table class="userlist">
389                     <tr>
390 END;
391                 $i = 1;
392                 foreach($result as $key => $info) {
393                     $width = 50;
394                     if (sizeof($tagvalue) > 4) {
395                         $width = 25;
396                     }
397                     $friends_username = stripslashes($info->username);
398                     $friends_name = htmlspecialchars(stripslashes($info->name), ENT_COMPAT, 'utf-8');
399                     $friends_menu = run("users:infobox:menu",array($info->ident));
400                     $body .= <<< END
401                         <td align="center">
402                         <p>
403                         <a href="{$url}{$friends_username}/">
404                         <img src="{$url}{$friends_username}/icons/{$info->icon}/w/{$width}" alt="{$friends_name}" border="0" /></a><br />
405                         <span class="userdetails">
406                         {$friends_name}
407                     {$friends_menu}
408                     </span>
409                           </p>
410                           </td>
411 END;
412                     if ($i % 5 == 0) {
413                         $body .= "</tr><tr>";
414                     }
415                     $i++;
416                 }
417                 $body .= <<< END
418                     </tr>
419                     </table>
420 END;
421                 $run_result .= $body;
422             }
423         }
424         return $run_result;
425     }
426
427     function search_all_tagtypes () {
428
429         global $data;
430
431         foreach($data['profile:details'] as $profiletype) {
432             if ($profiletype[2] == "keywords") {
433      &nbs