mod/manage.php

   1 <?php
   2
   3 use Friendica\App;
   4 use Friendica\Core\System;
   5 use Friendica\Database\DBM;
   6
   7 require_once("include/text.php");
   8
   9 function manage_post(App $a) {
  10
  11         if (! local_user()) {
  12                 return;
  13         }
  14
  15         $uid = local_user();
  16         $orig_record = $a->user;
  17
  18         if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
  19                 $r = q("select * from user where uid = %d limit 1",
  20                         intval($_SESSION['submanage'])
  21                 );
  22                 if (DBM::is_result($r)) {
  23                         $uid = intval($r[0]['uid']);
  24                         $orig_record = $r[0];
  25                 }
  26         }
  27
  28         $r = q("SELECT * FROM `manage` WHERE `uid` = %d",
  29                 intval($uid)
  30         );
  31
  32         $submanage = $r;
  33
  34         $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
  35         if (! $identity) {
  36                 return;
  37         }
  38
  39         $limited_id = 0;
  40         $original_id = $uid;
  41
  42         if (DBM::is_result($submanage)) {
  43                 foreach ($submanage as $m) {
  44                         if ($identity == $m['mid']) {
  45                                 $limited_id = $m['mid'];
  46                                 break;
  47                         }
  48                 }
  49         }
  50
  51         if ($limited_id) {
  52                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  53                         intval($limited_id)
  54                 );
  55         } else {
  56                 $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
  57                         intval($identity),
  58                         dbesc($orig_record['email']),
  59                         dbesc($orig_record['password'])
  60                 );
  61         }
  62
  63         if (! DBM::is_result($r)) {
  64                 return;
  65         }
  66
  67         unset($_SESSION['authenticated']);
  68         unset($_SESSION['uid']);
  69         unset($_SESSION['visitor_id']);
  70         unset($_SESSION['administrator']);
  71         unset($_SESSION['cid']);
  72         unset($_SESSION['theme']);
  73         unset($_SESSION['mobile-theme']);
  74         unset($_SESSION['page_flags']);
  75         unset($_SESSION['return_url']);
  76         if (x($_SESSION, 'submanage')) {
  77                 unset($_SESSION['submanage']);
  78         }
  79         if (x($_SESSION, 'sysmsg')) {
  80                 unset($_SESSION['sysmsg']);
  81         }
  82         if (x($_SESSION, 'sysmsg_info')) {
  83                 unset($_SESSION['sysmsg_info']);
  84         }
  85
  86         require_once('include/security.php');
  87         authenticate_success($r[0], true, true);
  88
  89         if ($limited_id) {
  90                 $_SESSION['submanage'] = $original_id;
  91         }
  92
  93         $ret = array();
  94         call_hooks('home_init',$ret);
  95
  96         goaway( System::baseUrl() . "/profile/" . $a->user['nickname'] );
  97         // NOTREACHED
  98 }
  99
 100
 101
 102 function manage_content(App $a) {
 103
 104         if (! local_user()) {
 105                 notice( t('Permission denied.') . EOL);
 106                 return;
 107         }
 108
 109         if ($_GET['identity']) {
 110                 $_POST['identity'] = $_GET['identity'];
 111                 manage_post($a);
 112                 return;
 113         }
 114
 115         $identities = $a->identities;
 116
 117         //getting additinal information for each identity
 118         foreach ($identities as $key=>$id) {
 119                 $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
 120                         dbesc($id['uid'])
 121                 );
 122
 123                 $identities[$key]['thumb'] = $thumb[0]['thumb'];
 124
 125                 $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
 126
 127                 $notifications = 0;
 128
 129                 $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
 130                         intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
 131
 132                 if (DBM::is_result($r)) {
 133                         $notifications = sizeof($r);
 134                 }
 135
 136                 $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
 137                         intval($id['uid']));
 138
 139                 if (DBM::is_result($r)) {
 140                         $notifications = $notifications + sizeof($r);
 141                 }
 142
 143                 $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
 144                         intval($id['uid']));
 145
 146                 if (DBM::is_result($r)) {
 147                         $notifications = $notifications + $r[0]["introductions"];
 148                 }
 149
 150                 $identities[$key]['notifications'] = $notifications;
 151         }
 152
 153         $o = replace_macros(get_markup_template('manage.tpl'), array(
 154                 '$title' => t('Manage Identities and/or Pages'),
 155                 '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 156                 '$choose' => t('Select an identity to manage: '),
 157                 '$identities' => $identities,
 158                 '$submit' => t('Submit'),
 159         ));
 160
 161         return $o;
 162
 163 }