mod/manage.php

   1 <?php
   2 /**
   3  * @file mod/manage.php
   4  */
   5 use Friendica\App;
   6 use Friendica\Core\Addon;
   7 use Friendica\Core\L10n;
   8 use Friendica\Core\System;
   9 use Friendica\Database\DBM;
  10
  11 require_once "include/text.php";
  12
  13 function manage_post(App $a) {
  14
  15         if (! local_user()) {
  16                 return;
  17         }
  18
  19         $uid = local_user();
  20         $orig_record = $a->user;
  21
  22         if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
  23                 $r = q("select * from user where uid = %d limit 1",
  24                         intval($_SESSION['submanage'])
  25                 );
  26                 if (DBM::is_result($r)) {
  27                         $uid = intval($r[0]['uid']);
  28                         $orig_record = $r[0];
  29                 }
  30         }
  31
  32         $r = q("SELECT * FROM `manage` WHERE `uid` = %d",
  33                 intval($uid)
  34         );
  35
  36         $submanage = $r;
  37
  38         $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
  39         if (! $identity) {
  40                 return;
  41         }
  42
  43         $limited_id = 0;
  44         $original_id = $uid;
  45
  46         if (DBM::is_result($submanage)) {
  47                 foreach ($submanage as $m) {
  48                         if ($identity == $m['mid']) {
  49                                 $limited_id = $m['mid'];
  50                                 break;
  51                         }
  52                 }
  53         }
  54
  55         if ($limited_id) {
  56                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  57                         intval($limited_id)
  58                 );
  59         } else {
  60                 $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
  61                         intval($identity),
  62                         dbesc($orig_record['email']),
  63                         dbesc($orig_record['password'])
  64                 );
  65         }
  66
  67         if (! DBM::is_result($r)) {
  68                 return;
  69         }
  70
  71         unset($_SESSION['authenticated']);
  72         unset($_SESSION['uid']);
  73         unset($_SESSION['visitor_id']);
  74         unset($_SESSION['administrator']);
  75         unset($_SESSION['cid']);
  76         unset($_SESSION['theme']);
  77         unset($_SESSION['mobile-theme']);
  78         unset($_SESSION['page_flags']);
  79         unset($_SESSION['return_url']);
  80         if (x($_SESSION, 'submanage')) {
  81                 unset($_SESSION['submanage']);
  82         }
  83         if (x($_SESSION, 'sysmsg')) {
  84                 unset($_SESSION['sysmsg']);
  85         }
  86         if (x($_SESSION, 'sysmsg_info')) {
  87                 unset($_SESSION['sysmsg_info']);
  88         }
  89
  90         require_once('include/security.php');
  91         authenticate_success($r[0], true, true);
  92
  93         if ($limited_id) {
  94                 $_SESSION['submanage'] = $original_id;
  95         }
  96
  97         $ret = [];
  98         Addon::callHooks('home_init',$ret);
  99
 100         goaway( System::baseUrl() . "/profile/" . $a->user['nickname'] );
 101         // NOTREACHED
 102 }
 103
 104
 105
 106 function manage_content(App $a) {
 107
 108         if (! local_user()) {
 109                 notice(L10n::t('Permission denied.') . EOL);
 110                 return;
 111         }
 112
 113         if ($_GET['identity']) {
 114                 $_POST['identity'] = $_GET['identity'];
 115                 manage_post($a);
 116                 return;
 117         }
 118
 119         $identities = $a->identities;
 120
 121         //getting additinal information for each identity
 122         foreach ($identities as $key=>$id) {
 123                 $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
 124                         dbesc($id['uid'])
 125                 );
 126
 127                 $identities[$key]['thumb'] = $thumb[0]['thumb'];
 128
 129                 $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
 130
 131                 $notifications = 0;
 132
 133                 $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
 134                         intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
 135
 136                 if (DBM::is_result($r)) {
 137                         $notifications = sizeof($r);
 138                 }
 139
 140                 $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
 141                         intval($id['uid']));
 142
 143                 if (DBM::is_result($r)) {
 144                         $notifications = $notifications + sizeof($r);
 145                 }
 146
 147                 $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
 148                         intval($id['uid']));
 149
 150                 if (DBM::is_result($r)) {
 151                         $notifications = $notifications + $r[0]["introductions"];
 152                 }
 153
 154                 $identities[$key]['notifications'] = $notifications;
 155         }
 156
 157         $o = replace_macros(get_markup_template('manage.tpl'), [
 158                 '$title' => t('Manage Identities and/or Pages'),
 159                 '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 160                 '$choose' => t('Select an identity to manage: '),
 161                 '$identities' => $identities,
 162                 '$submit' => t('Submit'),
 163         ]);
 164
 165         return $o;
 166
 167 }