mod/manage.php

   1 <?php
   2
   3 use Friendica\App;
   4 use Friendica\Core\Addon;
   5 use Friendica\Core\System;
   6 use Friendica\Database\DBM;
   7
   8 require_once("include/text.php");
   9
  10 function manage_post(App $a) {
  11
  12         if (! local_user()) {
  13                 return;
  14         }
  15
  16         $uid = local_user();
  17         $orig_record = $a->user;
  18
  19         if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
  20                 $r = q("select * from user where uid = %d limit 1",
  21                         intval($_SESSION['submanage'])
  22                 );
  23                 if (DBM::is_result($r)) {
  24                         $uid = intval($r[0]['uid']);
  25                         $orig_record = $r[0];
  26                 }
  27         }
  28
  29         $r = q("SELECT * FROM `manage` WHERE `uid` = %d",
  30                 intval($uid)
  31         );
  32
  33         $submanage = $r;
  34
  35         $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
  36         if (! $identity) {
  37                 return;
  38         }
  39
  40         $limited_id = 0;
  41         $original_id = $uid;
  42
  43         if (DBM::is_result($submanage)) {
  44                 foreach ($submanage as $m) {
  45                         if ($identity == $m['mid']) {
  46                                 $limited_id = $m['mid'];
  47                                 break;
  48                         }
  49                 }
  50         }
  51
  52         if ($limited_id) {
  53                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  54                         intval($limited_id)
  55                 );
  56         } else {
  57                 $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
  58                         intval($identity),
  59                         dbesc($orig_record['email']),
  60                         dbesc($orig_record['password'])
  61                 );
  62         }
  63
  64         if (! DBM::is_result($r)) {
  65                 return;
  66         }
  67
  68         unset($_SESSION['authenticated']);
  69         unset($_SESSION['uid']);
  70         unset($_SESSION['visitor_id']);
  71         unset($_SESSION['administrator']);
  72         unset($_SESSION['cid']);
  73         unset($_SESSION['theme']);
  74         unset($_SESSION['mobile-theme']);
  75         unset($_SESSION['page_flags']);
  76         unset($_SESSION['return_url']);
  77         if (x($_SESSION, 'submanage')) {
  78                 unset($_SESSION['submanage']);
  79         }
  80         if (x($_SESSION, 'sysmsg')) {
  81                 unset($_SESSION['sysmsg']);
  82         }
  83         if (x($_SESSION, 'sysmsg_info')) {
  84                 unset($_SESSION['sysmsg_info']);
  85         }
  86
  87         require_once('include/security.php');
  88         authenticate_success($r[0], true, true);
  89
  90         if ($limited_id) {
  91                 $_SESSION['submanage'] = $original_id;
  92         }
  93
  94         $ret = [];
  95         Addon::callHooks('home_init',$ret);
  96
  97         goaway( System::baseUrl() . "/profile/" . $a->user['nickname'] );
  98         // NOTREACHED
  99 }
 100
 101
 102
 103 function manage_content(App $a) {
 104
 105         if (! local_user()) {
 106                 notice( t('Permission denied.') . EOL);
 107                 return;
 108         }
 109
 110         if ($_GET['identity']) {
 111                 $_POST['identity'] = $_GET['identity'];
 112                 manage_post($a);
 113                 return;
 114         }
 115
 116         $identities = $a->identities;
 117
 118         //getting additinal information for each identity
 119         foreach ($identities as $key=>$id) {
 120                 $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
 121                         dbesc($id['uid'])
 122                 );
 123
 124                 $identities[$key]['thumb'] = $thumb[0]['thumb'];
 125
 126                 $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
 127
 128                 $notifications = 0;
 129
 130                 $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
 131                         intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
 132
 133                 if (DBM::is_result($r)) {
 134                         $notifications = sizeof($r);
 135                 }
 136
 137                 $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
 138                         intval($id['uid']));
 139
 140                 if (DBM::is_result($r)) {
 141                         $notifications = $notifications + sizeof($r);
 142                 }
 143
 144                 $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
 145                         intval($id['uid']));
 146
 147                 if (DBM::is_result($r)) {
 148                         $notifications = $notifications + $r[0]["introductions"];
 149                 }
 150
 151                 $identities[$key]['notifications'] = $notifications;
 152         }
 153
 154         $o = replace_macros(get_markup_template('manage.tpl'), [
 155                 '$title' => t('Manage Identities and/or Pages'),
 156                 '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 157                 '$choose' => t('Select an identity to manage: '),
 158                 '$identities' => $identities,
 159                 '$submit' => t('Submit'),
 160         ]);
 161
 162         return $o;
 163
 164 }