mod/manage.php

   1 <?php
   2
   3 require_once("include/text.php");
   4
   5
   6 function manage_post(&$a) {
   7
   8         if(! local_user())
   9                 return;
  10
  11         $uid = local_user();
  12         $orig_record = $a->user;
  13
  14         if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
  15                 $r = q("select * from user where uid = %d limit 1",
  16                         intval($_SESSION['submanage'])
  17                 );
  18                 if(count($r)) {
  19                         $uid = intval($r[0]['uid']);
  20                         $orig_record = $r[0];
  21                 }
  22         }
  23
  24         $r = q("select * from manage where uid = %d",
  25                 intval($uid)
  26         );
  27
  28         $submanage = $r;
  29
  30         $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
  31         if(! $identity)
  32                 return;
  33
  34         $limited_id = 0;
  35         $original_id = $uid;
  36
  37         if(count($submanage)) {
  38                 foreach($submanage as $m) {
  39                         if($identity == $m['mid']) {
  40                                 $limited_id = $m['mid'];
  41                                 break;
  42                         }
  43                 }
  44         }
  45
  46         if($limited_id) {
  47                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  48                         intval($limited_id)
  49                 );
  50         }
  51         else {
  52                 $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
  53                         intval($identity),
  54                         dbesc($orig_record['email']),
  55                         dbesc($orig_record['password'])
  56                 );
  57         }
  58
  59         if(! count($r))
  60                 return;
  61
  62         unset($_SESSION['authenticated']);
  63         unset($_SESSION['uid']);
  64         unset($_SESSION['visitor_id']);
  65         unset($_SESSION['administrator']);
  66         unset($_SESSION['cid']);
  67         unset($_SESSION['theme']);
  68         unset($_SESSION['mobile-theme']);
  69         unset($_SESSION['page_flags']);
  70         unset($_SESSION['return_url']);
  71         if(x($_SESSION,'submanage'))
  72                 unset($_SESSION['submanage']);
  73         if(x($_SESSION,'sysmsg'))
  74                 unset($_SESSION['sysmsg']);
  75         if(x($_SESSION,'sysmsg_info'))
  76                 unset($_SESSION['sysmsg_info']);
  77
  78         require_once('include/security.php');
  79         authenticate_success($r[0],true,true);
  80
  81         if($limited_id)
  82                 $_SESSION['submanage'] = $original_id;
  83
  84         $ret = array();
  85         call_hooks('home_init',$ret);
  86
  87         goaway( $a->get_baseurl() . "/profile/" . $a->user['nickname'] );
  88         // NOTREACHED
  89 }
  90
  91
  92
  93 function manage_content(&$a) {
  94
  95         if(! local_user()) {
  96                 notice( t('Permission denied.') . EOL);
  97                 return;
  98         }
  99
 100         $identities = $a->identities;
 101         foreach($identities as $key=>$id) {
 102                 $identities[$key]['selected'] = (($id['nickname'] === $a->user['nickname']) ? ' selected="selected" ' : '');
 103         }
 104
 105         $o = replace_macros(get_markup_template('manage.tpl'), array(
 106                 '$title' => t('Manage Identities and/or Pages'),
 107                 '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 108                 '$choose' => t('Select an identity to manage: '),
 109                 '$identities' => $identities,
 110                 '$submit' => t('Submit'),
 111         ));
 112
 113         return $o;
 114
 115 }