mod/manage.php

   1 <?php
   2
   3 use Friendica\App;
   4 use Friendica\Core\System;
   5
   6 require_once("include/text.php");
   7
   8 function manage_post(App $a) {
   9
  10         if (! local_user()) {
  11                 return;
  12         }
  13
  14         $uid = local_user();
  15         $orig_record = $a->user;
  16
  17         if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
  18                 $r = q("select * from user where uid = %d limit 1",
  19                         intval($_SESSION['submanage'])
  20                 );
  21                 if (dbm::is_result($r)) {
  22                         $uid = intval($r[0]['uid']);
  23                         $orig_record = $r[0];
  24                 }
  25         }
  26
  27         $r = q("SELECT * FROM `manage` WHERE `uid` = %d",
  28                 intval($uid)
  29         );
  30
  31         $submanage = $r;
  32
  33         $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
  34         if (! $identity) {
  35                 return;
  36         }
  37
  38         $limited_id = 0;
  39         $original_id = $uid;
  40
  41         if (dbm::is_result($submanage)) {
  42                 foreach ($submanage as $m) {
  43                         if ($identity == $m['mid']) {
  44                                 $limited_id = $m['mid'];
  45                                 break;
  46                         }
  47                 }
  48         }
  49
  50         if ($limited_id) {
  51                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  52                         intval($limited_id)
  53                 );
  54         } else {
  55                 $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
  56                         intval($identity),
  57                         dbesc($orig_record['email']),
  58                         dbesc($orig_record['password'])
  59                 );
  60         }
  61
  62         if (! dbm::is_result($r)) {
  63                 return;
  64         }
  65
  66         unset($_SESSION['authenticated']);
  67         unset($_SESSION['uid']);
  68         unset($_SESSION['visitor_id']);
  69         unset($_SESSION['administrator']);
  70         unset($_SESSION['cid']);
  71         unset($_SESSION['theme']);
  72         unset($_SESSION['mobile-theme']);
  73         unset($_SESSION['page_flags']);
  74         unset($_SESSION['return_url']);
  75         if (x($_SESSION, 'submanage')) {
  76                 unset($_SESSION['submanage']);
  77         }
  78         if (x($_SESSION, 'sysmsg')) {
  79                 unset($_SESSION['sysmsg']);
  80         }
  81         if (x($_SESSION, 'sysmsg_info')) {
  82                 unset($_SESSION['sysmsg_info']);
  83         }
  84
  85         require_once('include/security.php');
  86         authenticate_success($r[0], true, true);
  87
  88         if ($limited_id) {
  89                 $_SESSION['submanage'] = $original_id;
  90         }
  91
  92         $ret = array();
  93         call_hooks('home_init',$ret);
  94
  95         goaway( System::baseUrl() . "/profile/" . $a->user['nickname'] );
  96         // NOTREACHED
  97 }
  98
  99
 100
 101 function manage_content(App $a) {
 102
 103         if (! local_user()) {
 104                 notice( t('Permission denied.') . EOL);
 105                 return;
 106         }
 107
 108         if ($_GET['identity']) {
 109                 $_POST['identity'] = $_GET['identity'];
 110                 manage_post($a);
 111                 return;
 112         }
 113
 114         $identities = $a->identities;
 115
 116         //getting additinal information for each identity
 117         foreach ($identities as $key=>$id) {
 118                 $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
 119                         dbesc($id['uid'])
 120                 );
 121
 122                 $identities[$key]['thumb'] = $thumb[0]['thumb'];
 123
 124                 $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
 125
 126                 $notifications = 0;
 127
 128                 $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
 129                         intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
 130
 131                 if (dbm::is_result($r)) {
 132                         $notifications = sizeof($r);
 133                 }
 134
 135                 $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
 136                         intval($id['uid']));
 137
 138                 if (dbm::is_result($r)) {
 139                         $notifications = $notifications + sizeof($r);
 140                 }
 141
 142                 $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
 143                         intval($id['uid']));
 144
 145                 if (dbm::is_result($r)) {
 146                         $notifications = $notifications + $r[0]["introductions"];
 147                 }
 148
 149                 $identities[$key]['notifications'] = $notifications;
 150         }
 151
 152         $o = replace_macros(get_markup_template('manage.tpl'), array(
 153                 '$title' => t('Manage Identities and/or Pages'),
 154                 '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 155                 '$choose' => t('Select an identity to manage: '),
 156                 '$identities' => $identities,
 157                 '$submit' => t('Submit'),
 158         ));
 159
 160         return $o;
 161
 162 }