fix(profile): prevent profile XP updates on other user profile (@Majestic-Fire) (monkeytypegame#6897)

### Description

- Fixed a visual bug in the updateXp() function where claiming rewards
would update any visible profile
- Added same user check when updating XP from alerts modal
- Check uid or displayname, when sameUserCheck is true and the
activePage is "profile".


https://github.com/user-attachments/assets/bd6ec3ca-14ea-4021-a889-7c1931ed6888

### Checks

- [ ] Adding quotes?
- [ ] Make sure to include translations for the quotes in the
description (or another comment) so we can verify their content.
- [ ] Adding a language?
- Make sure to follow the [languages
documentation](https://github.com/monkeytypegame/monkeytype/blob/master/docs/LANGUAGES.md)
  - [ ] Add language to `packages/schemas/src/languages.ts`
- [ ] Add language to exactly one group in
`frontend/src/ts/constants/languages.ts`
  - [ ] Add language json file to `frontend/static/languages` 
- [ ] Adding a theme?
- Make sure to follow the [themes
documentation](https://github.com/monkeytypegame/monkeytype/blob/master/docs/THEMES.md)
  - [ ] Add theme to `packages/schemas/src/themes.ts`
  - [ ] Add theme to `frontend/src/ts/constants/themes.ts`
  - [ ] Add theme css file to `frontend/static/themes`
- [ ] Add some screenshot of the theme, especially with different test
settings (colorful, flip colors) to your pull request
- [ ] Adding a layout?
- [ ] Make sure to follow the [layouts
documentation](https://github.com/monkeytypegame/monkeytype/blob/master/docs/LAYOUTS.md)
  - [ ] Add layout to `packages/schemas/src/layouts.ts`
  - [ ] Add layout json file to `frontend/static/layouts` 
- [ ] Adding a font?
- Make sure to follow the [themes
documentation](https://github.com/monkeytypegame/monkeytype/blob/master/docs/FONTS.md)
  - [ ] Add font file  to `frontend/static/webfonts`
  - [ ] Add font to `packages/schemas/src/fonts.ts`
  - [ ] Add font to `frontend/src/ts/constants/fonts.ts`
- [x] Check if any open issues are related to this PR; if so, be sure to
tag them below.
- [x] Make sure the PR title follows the Conventional Commits standard.
(https://www.conventionalcommits.org for more info)
- [x] Make sure to include your GitHub username prefixed with @ inside
parentheses at the end of the PR title.

---------

Co-authored-by: Miodec <[email protected]>

Author: Majestic-Fire

frontend/src/ts/elements/alerts.ts

@@ -12,6 +12,7 @@ import { updateXp as accountPageUpdateProfile } from "./profile";
 import { MonkeyMail } from "@monkeytype/schemas/users";
 import * as XPBar from "../elements/xp-bar";
 import * as AuthEvent from "../observables/auth-event";
+import * as ActivePage from "../states/active-page";
 
 let accountAlerts: MonkeyMail[] = [];
 let maxMail = 0;
@@ -94,7 +95,12 @@ function hide(): void {
       if (totalXpClaimed > 0) {
         const snapxp = DB.getSnapshot()?.xp ?? 0;
         void XPBar.update(snapxp, totalXpClaimed);
-        accountPageUpdateProfile(snapxp + totalXpClaimed);
+
+        const activePage = ActivePage.get();
+        if (activePage === "account" || activePage === "profile") {
+          accountPageUpdateProfile(activePage, snapxp + totalXpClaimed, true);
+        }
+
         DB.addXp(totalXpClaimed);
       }
     },

frontend/src/ts/elements/profile.ts

@@ -285,7 +285,7 @@ export async function update(
     }
   }
 
-  updateXp(profile.xp ?? 0);
+  updateXp(where, profile.xp ?? 0);
   //lbs
 
   if (banned) {
@@ -373,9 +373,22 @@ export async function update(
   }
 }
 
-export function updateXp(xp: number): void {
-  const details = $(" .profile .details .levelAndBar");
+export function updateXp(
+  where: ProfileViewPaths,
+  xp: number,
+  sameUserCheck = false
+): void {
+  const elementClass = where.charAt(0).toUpperCase() + where.slice(1);
+  const profileElement = $(`.page${elementClass} .profile`);
+  const details = $(`.page${elementClass} .profile .details .levelAndBar`);
+
   if (details === undefined || details === null) return;
+
+  if (sameUserCheck && where === "profile") {
+    const authedUserUid = getAuthenticatedUser()?.uid;
+    if (authedUserUid !== profileElement.attr("uid")) return;
+  }
+
   const xpDetails = Levels.getXpDetails(xp);
   const xpForLevel = xpDetails.levelMaxXp;
   const xpToDisplay = xpDetails.levelCurrentXp;