mod/manage.php

   1 <?php
   2
   3 require_once("include/text.php");
   4
   5
   6 function manage_post(App $a) {
   7
   8         if (! local_user()) {
   9                 return;
  10         }
  11
  12         $uid = local_user();
  13         $orig_record = $a->user;
  14
  15         if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
  16                 $r = q("select * from user where uid = %d limit 1",
  17                         intval($_SESSION['submanage'])
  18                 );
  19                 if (dbm::is_result($r)) {
  20                         $uid = intval($r[0]['uid']);
  21                         $orig_record = $r[0];
  22                 }
  23         }
  24
  25         $r = q("select * from manage where uid = %d",
  26                 intval($uid)
  27         );
  28
  29         $submanage = $r;
  30
  31         $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
  32         if(! $identity)
  33                 return;
  34
  35         $limited_id = 0;
  36         $original_id = $uid;
  37
  38         if(count($submanage)) {
  39                 foreach($submanage as $m) {
  40                         if($identity == $m['mid']) {
  41                                 $limited_id = $m['mid'];
  42                                 break;
  43                         }
  44                 }
  45         }
  46
  47         if($limited_id) {
  48                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  49                         intval($limited_id)
  50                 );
  51         }
  52         else {
  53                 $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
  54                         intval($identity),
  55                         dbesc($orig_record['email']),
  56                         dbesc($orig_record['password'])
  57                 );
  58         }
  59
  60         if (! dbm::is_result($r)) {
  61                 return;
  62         }
  63
  64         unset($_SESSION['authenticated']);
  65         unset($_SESSION['uid']);
  66         unset($_SESSION['visitor_id']);
  67         unset($_SESSION['administrator']);
  68         unset($_SESSION['cid']);
  69         unset($_SESSION['theme']);
  70         unset($_SESSION['mobile-theme']);
  71         unset($_SESSION['page_flags']);
  72         unset($_SESSION['return_url']);
  73         if(x($_SESSION,'submanage'))
  74                 unset($_SESSION['submanage']);
  75         if (x($_SESSION,'sysmsg')) {
  76                 unset($_SESSION['sysmsg']);
  77         }
  78         if (x($_SESSION,'sysmsg_info')) {
  79                 unset($_SESSION['sysmsg_info']);
  80         }
  81
  82         require_once('include/security.php');
  83         authenticate_success($r[0], true, true);
  84
  85         if ($limited_id) {
  86                 $_SESSION['submanage'] = $original_id;
  87         }
  88
  89         $ret = array();
  90         call_hooks('home_init',$ret);
  91
  92         goaway( App::get_baseurl() . "/profile/" . $a->user['nickname'] );
  93         // NOTREACHED
  94 }
  95
  96
  97
  98 function manage_content(App $a) {
  99
 100         if (! local_user()) {
 101                 notice( t('Permission denied.') . EOL);
 102                 return;
 103         }
 104
 105         if ($_GET['identity']) {
 106                 $_POST['identity'] = $_GET['identity'];
 107                 manage_post($a);
 108                 return;
 109         }
 110
 111         $identities = $a->identities;
 112
 113         //getting additinal information for each identity
 114         foreach ($identities as $key=>$id) {
 115                 $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
 116                         dbesc($id['uid'])
 117                 );
 118
 119                 $identities[$key]['thumb'] = $thumb[0]['thumb'];
 120
 121                 $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
 122
 123                 $notifications = 0;
 124
 125                 $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
 126                         intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
 127
 128                 if (dbm::is_result($r)) {
 129                         $notifications = sizeof($r);
 130                 }
 131
 132                 $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
 133                         intval($id['uid']));
 134
 135                 if (dbm::is_result($r)) {
 136                         $notifications = $notifications + sizeof($r);
 137                 }
 138
 139                 $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
 140                         intval($id['uid']));
 141
 142                 if (dbm::is_result($r)) {
 143                         $notifications = $notifications + $r[0]["introductions"];
 144                 }
 145
 146                 $identities[$key]['notifications'] = $notifications;
 147         }
 148
 149         $o = replace_macros(get_markup_template('manage.tpl'), array(
 150                 '$title' => t('Manage Identities and/or Pages'),
 151                 '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 152                 '$choose' => t('Select an identity to manage: '),
 153                 '$identities' => $identities,
 154                 '$submit' => t('Submit'),
 155         ));
 156
 157         return $o;
 158
 159 }