summaryrefslogtreecommitdiff
path: root/public
diff options
context:
space:
mode:
Diffstat (limited to 'public')
-rw-r--r--public/account/index.php21
-rw-r--r--public/account/security.php7
-rw-r--r--public/emotes/index.php43
-rw-r--r--public/emotesets.php24
-rw-r--r--public/static/img/icons/eye.pngbin0 -> 750 bytes
-rw-r--r--public/system/emotes/index.php20
-rw-r--r--public/users.php77
7 files changed, 124 insertions, 68 deletions
diff --git a/public/account/index.php b/public/account/index.php
index e5a609b..2b3e820 100644
--- a/public/account/index.php
+++ b/public/account/index.php
@@ -202,16 +202,17 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
<input type="password" name="password-new" id="form-password-new">
</div>
<div>
- <?php if (ACCOUNT_LOG_ACTIONS): ?>
- <input type="checkbox" name="hide-actions" value="1" id="form-hide-actions" <?php
- $stmt = $db->prepare("SELECT hide_actions FROM user_preferences WHERE id = ?");
- $stmt->execute([$_SESSION["user_id"]]);
- if (intval($stmt->fetch()[0]) == 1) {
- echo 'checked';
- }
- ?>>
- <label for="hide-actions" class="inline">Hide actions</label>
- <?php endif; ?>
+ <input type="checkbox" name="make-private" value="1" id="form-make-private" <?php
+ $stmt = $db->prepare("SELECT private_profile FROM user_preferences WHERE id = ?");
+ $stmt->execute([$_SESSION["user_id"]]);
+ if (intval($stmt->fetch()[0]) == 1) {
+ echo 'checked';
+ }
+ ?>>
+ <label for="make-private" class="inline">Make profile private</label>
+ <p class="font-small">Enabling this feature will hide your authorship of uploaded emotes and
+ actions.</p>
+
</div>
<div>
<input type="checkbox" name="signout-everywhere" value="1" id="form-signout-everywhere">
diff --git a/public/account/security.php b/public/account/security.php
index 5110f71..5545b60 100644
--- a/public/account/security.php
+++ b/public/account/security.php
@@ -3,6 +3,7 @@
include_once "../../src/accounts.php";
include_once "../../src/alert.php";
include_once "../../src/config.php";
+include_once "../../src/utils.php";
if ($_SERVER["REQUEST_METHOD"] != "POST" || !authorize_user(true)) {
header("Location: /account");
@@ -33,10 +34,10 @@ if (!empty($_POST["password-new"])) {
->execute([password_hash($password, PASSWORD_DEFAULT), $user["id"]]);
}
-$hide_actions = (int) (intval($_POST["hide-actions"] ?? "0") == 1);
+$private_profile = (int) (intval($_POST["make-private"] ?? "0") == 1);
-$db->prepare("UPDATE user_preferences SET hide_actions = ? WHERE id = ?")
- ->execute([$hide_actions, $user["id"]]);
+$db->prepare("UPDATE user_preferences SET private_profile = ? WHERE id = ?")
+ ->execute([$private_profile, $user["id"]]);
if (intval($_POST["signout-everywhere"] ?? "0") == 1) {
$db->prepare("UPDATE users SET secret_key = ? WHERE id = ?")
diff --git a/public/emotes/index.php b/public/emotes/index.php
index 55232a9..fb09b10 100644
--- a/public/emotes/index.php
+++ b/public/emotes/index.php
@@ -12,6 +12,8 @@ $db = new PDO(DB_URL, DB_USER, DB_PASS);
function display_list_emotes(PDO &$db, string $search, string $sort_by, int $page, int $limit): array
{
+ $current_user_id = $_SESSION["user_id"] ?? "";
+
$user_id = $_SESSION["user_id"] ?? "-1";
$offset = ($page - 1) * $limit;
@@ -23,6 +25,7 @@ function display_list_emotes(PDO &$db, string $search, string $sort_by, int $pag
};
$stmt = $db->prepare("SELECT e.*,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by,
CASE WHEN EXISTS (
SELECT 1
FROM emote_set_contents ec
@@ -31,6 +34,7 @@ function display_list_emotes(PDO &$db, string $search, string $sort_by, int $pag
WHERE ec.emote_id = e.id AND es.owner_id = ? AND aes.is_default = TRUE
) THEN 1 ELSE 0 END AS is_in_user_set, COALESCE(COUNT(r.rate), 0) AS rating
FROM emotes e
+ LEFT JOIN user_preferences up ON up.id = e.uploaded_by
LEFT JOIN ratings AS r ON r.emote_id = e.id
WHERE e.code LIKE ? AND e.visibility = 1
GROUP BY
@@ -39,10 +43,11 @@ function display_list_emotes(PDO &$db, string $search, string $sort_by, int $pag
LIMIT ? OFFSET ?
");
- $stmt->bindParam(1, $user_id, PDO::PARAM_INT);
- $stmt->bindParam(2, $search, PDO::PARAM_STR);
- $stmt->bindParam(3, $limit, PDO::PARAM_INT);
- $stmt->bindParam(4, $offset, PDO::PARAM_INT);
+ $stmt->bindParam(1, $current_user_id, PDO::PARAM_STR);
+ $stmt->bindParam(2, $user_id, PDO::PARAM_INT);
+ $stmt->bindParam(3, $search, PDO::PARAM_STR);
+ $stmt->bindParam(4, $limit, PDO::PARAM_INT);
+ $stmt->bindParam(5, $offset, PDO::PARAM_INT);
$stmt->execute();
@@ -54,9 +59,14 @@ function display_list_emotes(PDO &$db, string $search, string $sort_by, int $pag
$uploader = null;
if ($row["uploaded_by"]) {
- $stmt = $db->prepare("SELECT id, username FROM users WHERE id = ?");
+ $private_profile = $row["uploaded_by"] == ($_SESSION["user_id"] ?? "") ? "" : "AND up.private_profile = FALSE";
+ $stmt = $db->prepare("SELECT u.id, u.username FROM users u
+ INNER JOIN user_preferences up ON up.id = u.id
+ WHERE u.id = ? $private_profile
+ ");
$stmt->execute([$row["uploaded_by"]]);
- $uploader = $stmt->fetch(PDO::FETCH_ASSOC);
+
+ $uploader = $stmt->fetch(PDO::FETCH_ASSOC) ?? null;
}
array_push($emotes, new Emote(
@@ -77,11 +87,13 @@ function display_list_emotes(PDO &$db, string $search, string $sort_by, int $pag
function display_emote(PDO &$db, string $id)
{
$stmt = $db->prepare("SELECT e.*, COALESCE(COUNT(r.rate), 0) as total_rating,
- COALESCE(ROUND(AVG(r.rate), 2), 0) AS average_rating
+ COALESCE(ROUND(AVG(r.rate), 2), 0) AS average_rating,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by
FROM emotes e
- LEFT JOIN ratings AS r ON r.emote_id = ?
+ LEFT JOIN user_preferences up ON up.id = e.uploaded_by
+ LEFT JOIN ratings AS r ON r.emote_id = e.id
WHERE e.id = ?");
- $stmt->execute([$id, $id]);
+ $stmt->execute([$_SESSION["user_id"] ?? "", $id]);
$emote = null;
@@ -316,12 +328,19 @@ if (CLIENT_REQUIRES_JSON) {
<td><?php
$username = ANONYMOUS_DEFAULT_NAME;
$link = "#";
+ $show_private_badge = false;
if ($emote->get_uploaded_by()) {
- $stmt = $db->prepare("SELECT username FROM users WHERE id = ?");
+ $stmt = $db->prepare("SELECT u.username, up.private_profile
+ FROM users u
+ INNER JOIN user_preferences up ON up.id = u.id
+ WHERE u.id = ?
+ ");
$stmt->execute([$emote->get_uploaded_by()]);
if ($row = $stmt->fetch()) {
+ $show_private_badge = $row["private_profile"];
+
$username = $row["username"];
$link = "/users.php?id=" . $emote->get_uploaded_by();
}
@@ -331,6 +350,10 @@ if (CLIENT_REQUIRES_JSON) {
echo $username;
echo "</a>";
+ if ($show_private_badge) {
+ echo " <img src='/static/img/icons/eye.png' alt='(Private)' title='You are the only one who sees this' />";
+ }
+
echo ', <span title="';
echo date("M d, Y H:i:s", $emote->get_created_at());
echo ' UTC">about ' . format_timestamp(time() - $emote->get_created_at()) . " ago</span>";
diff --git a/public/emotesets.php b/public/emotesets.php
index 69fbea8..41257e9 100644
--- a/public/emotesets.php
+++ b/public/emotesets.php
@@ -34,11 +34,13 @@ if ($id == "global") {
CASE
WHEN esc.code IS NOT NULL THEN e.code
ELSE NULL
- END AS original_code
+ END AS original_code,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by
FROM emotes e
+ JOIN user_preferences up ON up.id = e.uploaded_by
JOIN emote_set_contents esc ON esc.emote_id = e.id
WHERE esc.emote_set_id = ?");
- $stmt->execute([$emote_set["id"]]);
+ $stmt->execute([$_SESSION["user_id"] ?? "", $emote_set["id"]]);
$emote_set["emotes"] = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -75,11 +77,13 @@ if ($id == "global") {
CASE
WHEN esc.code IS NOT NULL THEN e.code
ELSE NULL
- END AS original_code
+ END AS original_code,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by
FROM emotes e
+ JOIN user_preferences up ON up.id = e.uploaded_by
JOIN emote_set_contents esc ON esc.emote_set_id = ?
WHERE e.id = esc.emote_id");
- $stmt->execute([$e["id"]]);
+ $stmt->execute([$_SESSION["user_id"] ?? "", $e["id"]]);
$e["emotes"] = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($e["emotes"] as &$em) {
@@ -113,11 +117,13 @@ if ($id == "global") {
CASE
WHEN esc.code IS NOT NULL THEN e.code
ELSE NULL
- END AS original_code
+ END AS original_code,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by
FROM emotes e
+ JOIN user_preferences up ON up.id = e.uploaded_by
JOIN emote_set_contents esc ON esc.emote_set_id = ?
WHERE esc.emote_id = e.id");
- $stmt->execute([$emote_set["id"]]);
+ $stmt->execute([$_SESSION["user_id"] ?? "", $emote_set["id"]]);
$emote_set["emotes"] = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -144,11 +150,13 @@ if ($id == "global") {
CASE
WHEN esc.code IS NOT NULL THEN e.code
ELSE NULL
- END AS original_code
+ END AS original_code,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by
FROM emotes e
+ JOIN user_preferences up ON up.id = e.uploaded_by
JOIN emote_set_contents esc ON esc.emote_set_id = ?
WHERE esc.emote_id = e.id");
- $stmt->execute([$emote_set["id"]]);
+ $stmt->execute([$_SESSION["user_id"] ?? "", $emote_set["id"]]);
$emote_set["emotes"] = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($emote_set["emotes"] as &$e) {
diff --git a/public/static/img/icons/eye.png b/public/static/img/icons/eye.png
new file mode 100644
index 0000000..564a1a9
--- /dev/null
+++ b/public/static/img/icons/eye.png
Binary files differ
diff --git a/public/system/emotes/index.php b/public/system/emotes/index.php
index 92d9c9f..c80641c 100644
--- a/public/system/emotes/index.php
+++ b/public/system/emotes/index.php
@@ -15,24 +15,36 @@ if (!authorize_user(true) || !$_SESSION["user_role"]["permission_approve_emotes"
exit;
}
+$current_user_id = $_SESSION["user_id"] ?? "";
+
$db = new PDO(DB_URL, DB_USER, DB_PASS);
-$emote_results = $db->query("SELECT e.*, u.username as uploader_name
+$emote_results = $db->prepare("SELECT e.*,
+CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by,
+CASE WHEN up.private_profile = FALSE OR up.id = ? THEN u.username ELSE NULL END AS uploader_name
FROM emotes e
LEFT JOIN users u ON u.id = e.uploaded_by
+LEFT JOIN user_preferences up ON up.id = u.id
WHERE e.visibility = 2
ORDER BY e.created_at DESC
LIMIT 25
-")->fetchAll(PDO::FETCH_ASSOC);
+");
+$emote_results->execute([$current_user_id, $current_user_id]);
+
+$emote_results = $emote_results->fetchAll(PDO::FETCH_ASSOC);
$emote = $emote_results[0] ?? null;
if (isset($_GET["id"])) {
- $stmt = $db->prepare("SELECT e.*, u.username as uploader_name
+ $stmt = $db->prepare("SELECT e.*,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN u.username ELSE NULL END AS uploader_name
FROM emotes e
+ LEFT JOIN user_preferences up ON up.id = u.id
LEFT JOIN users u ON u.id = e.uploaded_by
WHERE e.visibility = 2 AND e.id = ?
LIMIT 1");
- $stmt->execute([$_GET["id"]]);
+
+ $stmt->execute([$current_user_id, $current_user_id, $_GET["id"]]);
$emote = $stmt->fetch(PDO::FETCH_ASSOC) ?? null;
}
diff --git a/public/users.php b/public/users.php
index 430fda5..1d803e7 100644
--- a/public/users.php
+++ b/public/users.php
@@ -155,6 +155,14 @@ if ($user == null) {
exit;
}
+// User preferences
+$stmt = $db->prepare("SELECT * FROM user_preferences WHERE id = ?");
+$stmt->execute([$user->id()]);
+
+$user_preferences = $stmt->fetch(PDO::FETCH_ASSOC);
+
+$public_profile = !$user_preferences["private_profile"] || $user->id() == ($_SESSION["user_id"] ?? "");
+
// --- EMOTE SETS ---
// TODO: OPTIMIZE IT ASAP!!!
$emote_sets = [];
@@ -172,7 +180,8 @@ while ($row = $stmt->fetch()) {
// getting info about emote set content
$em_stmt = $db->prepare(
- "SELECT e.id, e.created_at, e.uploaded_by,
+ "SELECT e.id, e.created_at,
+ CASE WHEN up.private_profile = FALSE OR up.id = ? THEN e.uploaded_by ELSE NULL END AS uploaded_by,
CASE
WHEN esc.code IS NOT NULL THEN esc.code
ELSE e.code
@@ -182,12 +191,13 @@ while ($row = $stmt->fetch()) {
ELSE NULL
END AS original_code
FROM emotes e
+ LEFT JOIN user_preferences up ON up.id = e.uploaded_by
INNER JOIN emote_set_contents AS esc
ON esc.emote_set_id = ?
WHERE esc.emote_id = e.id
" . ($row["is_default"] ? '' : ' LIMIT 5')
);
- $em_stmt->execute([$row["emote_set_id"]]);
+ $em_stmt->execute([$_SESSION["user_id"] ?? "", $row["emote_set_id"]]);
$emote_set_emotes = $em_stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($emote_set_emotes as &$e) {
@@ -215,7 +225,10 @@ while ($row = $stmt->fetch()) {
$active_emote_set = &$emote_sets[$active_emote_set];
// gathering uploaded emotes
-$stmt = $db->prepare("SELECT e.*,
+$uploaded_emotes = [];
+
+if ($public_profile) {
+ $stmt = $db->prepare("SELECT e.*,
CASE WHEN EXISTS (
SELECT 1
FROM emote_set_contents ec
@@ -226,14 +239,15 @@ $stmt = $db->prepare("SELECT e.*,
WHERE e.uploaded_by = ?
ORDER BY e.created_at ASC
");
-$stmt->execute([$user->id(), $user->id()]);
+ $stmt->execute([$user->id(), $user->id()]);
-$uploaded_emotes = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ $uploaded_emotes = $stmt->fetchAll(PDO::FETCH_ASSOC);
+}
// gathering actions
$actions = [];
-if (ACCOUNT_LOG_ACTIONS) {
+if ($public_profile) {
$stmt = $db->prepare("SELECT a.* FROM actions a WHERE a.user_id = ? ORDER BY a.created_at DESC LIMIT 15");
$stmt->execute([$user->id()]);
$actions = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -266,12 +280,6 @@ $fav_reactions = $stmt->fetchAll(PDO::FETCH_ASSOC);
// getting favorite emote
$fav_emote = 1;
-// User preferences
-$stmt = $db->prepare("SELECT * FROM user_preferences WHERE id = ?");
-$stmt->execute([$user->id()]);
-
-$user_preferences = $stmt->fetch(PDO::FETCH_ASSOC) ?? null;
-
if ($is_json) {
header("Content-type: application/json");
echo json_encode([
@@ -422,13 +430,13 @@ if ($is_json) {
<button onclick="open_tab('user-emotesets')" id="user-emotesets-button"><img
src="/static/img/icons/emotes/emote_folder.png" alt=""> Emote
sets</button>
- <?php if (ACCOUNT_LOG_ACTIONS && !$user_preferences["hide_actions"]): ?>
+ <?php if ($public_profile): ?>
<button onclick="open_tab('user-actions')" id="user-actions-button"><img
src="/static/img/icons/tag_blue.png" alt=""> Actions</button>
+ <button onclick="open_tab('user-uploadedemotes')" id="user-uploadedemotes-button"><img
+ src="/static/img/icons/emotes/emote_go.png" alt=""> Uploaded
+ emotes</button>
<?php endif; ?>
- <button onclick="open_tab('user-uploadedemotes')" id="user-uploadedemotes-button"><img
- src="/static/img/icons/emotes/emote_go.png" alt=""> Uploaded
- emotes</button>
</section>
</section>
<section class="content" style="display: inline-block;">
@@ -489,11 +497,12 @@ if ($is_json) {
?>
</div>
</section>
- <?php if (ACCOUNT_LOG_ACTIONS && !$user_preferences["hide_actions"]): ?>
+ <?php if ($public_profile): ?>
<!-- Actions -->
<section class="box grow user-tab" id="user-actions">
<div class="box navtab">
Actions
+ <?php echo $user_preferences["private_profile"] ? " <img src='/static/img/icons/eye.png' alt='(Private)' title='You are the only one who sees this' />" : "" ?>
</div>
<div class="box content">
<?php
@@ -593,23 +602,25 @@ if ($is_json) {
?>
</div>
</section>
+
+ <!-- Uploaded emotes -->
+ <section class="box grow user-tab" id="user-uploadedemotes">
+ <div class="box navtab">
+ Uploaded emotes
+ <?php echo $user_preferences["private_profile"] ? " <img src='/static/img/icons/eye.png' alt='(Private)' title='You are the only one who sees this' />" : "" ?>
+ </div>
+ <div class="box content items">
+ <?php
+ foreach ($uploaded_emotes as $emote_row) {
+ echo '<a class="box emote" href="/emotes?id=' . $emote_row["id"] . '">';
+ echo '<img src="/static/userdata/emotes/' . $emote_row["id"] . '/2x.webp" alt="' . $emote_row["code"] . '"/>';
+ echo '<h1>' . $emote_row["code"] . '</h1>';
+ echo '</a>';
+ }
+ ?>
+ </div>
+ </section>
<?php endif; ?>
- <!-- Uploaded emotes -->
- <section class="box grow user-tab" id="user-uploadedemotes">
- <div class="box navtab">
- Uploaded emotes
- </div>
- <div class="box content items">
- <?php
- foreach ($uploaded_emotes as $emote_row) {
- echo '<a class="box emote" href="/emotes?id=' . $emote_row["id"] . '">';
- echo '<img src="/static/userdata/emotes/' . $emote_row["id"] . '/2x.webp" alt="' . $emote_row["code"] . '"/>';
- echo '<h1>' . $emote_row["code"] . '</h1>';
- echo '</a>';
- }
- ?>
- </div>
- </section>
</section>
</section>
</div>
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-12 16:58:24 +0000