mod/manage.php

   1 <?php
   2
   3 use Friendica\App;
   4
   5 require_once("include/text.php");
   6
   7 function manage_post(App $a) {
   8
   9         if (! local_user()) {
  10                 return;
  11         }
  12
  13         $uid = local_user();
  14         $orig_record = $a->user;
  15
  16         if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
  17                 $r = q("select * from user where uid = %d limit 1",
  18                         intval($_SESSION['submanage'])
  19                 );
  20                 if (dbm::is_result($r)) {
  21                         $uid = intval($r[0]['uid']);
  22                         $orig_record = $r[0];
  23                 }
  24         }
  25
  26         $r = q("SELECT * FROM `manage` WHERE `uid` = %d",
  27                 intval($uid)
  28         );
  29
  30         $submanage = $r;
  31
  32         $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
  33         if (! $identity) {
  34                 return;
  35         }
  36
  37         $limited_id = 0;
  38         $original_id = $uid;
  39
  40         if (dbm::is_result($submanage)) {
  41                 foreach ($submanage as $m) {
  42                         if ($identity == $m['mid']) {
  43                                 $limited_id = $m['mid'];
  44                                 break;
  45                         }
  46                 }
  47         }
  48
  49         if ($limited_id) {
  50                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  51                         intval($limited_id)
  52                 );
  53         } else {
  54                 $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
  55                         intval($identity),
  56                         dbesc($orig_record['email']),
  57                         dbesc($orig_record['password'])
  58                 );
  59         }
  60
  61         if (! dbm::is_result($r)) {
  62                 return;
  63         }
  64
  65         unset($_SESSION['authenticated']);
  66         unset($_SESSION['uid']);
  67         unset($_SESSION['visitor_id']);
  68         unset($_SESSION['administrator']);
  69         unset($_SESSION['cid']);
  70         unset($_SESSION['theme']);
  71         unset($_SESSION['mobile-theme']);
  72         unset($_SESSION['page_flags']);
  73         unset($_SESSION['return_url']);
  74         if (x($_SESSION, 'submanage')) {
  75                 unset($_SESSION['submanage']);
  76         }
  77         if (x($_SESSION, 'sysmsg')) {
  78                 unset($_SESSION['sysmsg']);
  79         }
  80         if (x($_SESSION, 'sysmsg_info')) {
  81                 unset($_SESSION['sysmsg_info']);
  82         }
  83
  84         require_once('include/security.php');
  85         authenticate_success($r[0], true, true);
  86
  87         if ($limited_id) {
  88                 $_SESSION['submanage'] = $original_id;
  89         }
  90
  91         $ret = array();
  92         call_hooks('home_init',$ret);
  93
  94         goaway( App::get_baseurl() . "/profile/" . $a->user['nickname'] );
  95         // NOTREACHED
  96 }
  97
  98
  99
 100 function manage_content(App $a) {
 101
 102         if (! local_user()) {
 103                 notice( t('Permission denied.') . EOL);
 104                 return;
 105         }
 106
 107         if ($_GET['identity']) {
 108                 $_POST['identity'] = $_GET['identity'];
 109                 manage_post($a);
 110                 return;
 111         }
 112
 113         $identities = $a->identities;
 114
 115         //getting additinal information for each identity
 116         foreach ($identities as $key=>$id) {
 117                 $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
 118                         dbesc($id['uid'])
 119                 );
 120
 121                 $identities[$key]['thumb'] = $thumb[0]['thumb'];
 122
 123                 $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
 124
 125                 $notifications = 0;
 126
 127                 $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
 128                         intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
 129
 130                 if (dbm::is_result($r)) {
 131                         $notifications = sizeof($r);
 132                 }
 133
 134                 $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
 135                         intval($id['uid']));
 136
 137                 if (dbm::is_result($r)) {
 138                         $notifications = $notifications + sizeof($r);
 139                 }
 140
 141                 $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
 142                         intval($id['uid']));
 143
 144                 if (dbm::is_result($r)) {
 145                         $notifications = $notifications + $r[0]["introductions"];
 146                 }
 147
 148                 $identities[$key]['notifications'] = $notifications;
 149         }
 150
 151         $o = replace_macros(get_markup_template('manage.tpl'), array(
 152                 '$title' => t('Manage Identities and/or Pages'),
 153                 '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
 154                 '$choose' => t('Select an identity to manage: '),
 155                 '$identities' => $identities,
 156                 '$submit' => t('Submit'),
 157         ));
 158
 159         return $o;
 160
 161 }