Merge pull request #4777 from Rudloff/feature/list_api

[friendica.git] / include / security.php

diff --git a/include/security.php b/include/security.php
index 9b14ed3415a97eba37924ac4a44692b42aa4cfdb..af424df26c65c6122ff76a2070c936b426cdc46d 100644 (file)
--- a/include/security.php
+++ b/include/security.php
@@ -10,7 +10,7 @@ use Friendica\Core\PConfig;
 use Friendica\Core\System;
 use Friendica\Database\DBM;
 use Friendica\Model\Group;
-use Friendica\Util\Temporal;
+use Friendica\Util\DateTimeFormat;
 
 /**
  * @brief Calculate the hash that is needed for the "Friendica" cookie
@@ -107,12 +107,35 @@ function authenticate_success($user_record, $login_initial = false, $interactive
                }
        }
 
-       $r = dba::select('user', ['uid', 'username', 'nickname'],
-               ['password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false]);
-       if (DBM::is_result($r)) {
-               $a->identities = dba::inArray($r);
+       if ($master_record['parent-uid'] == 0) {
+               // First add our own entry
+               $a->identities = [['uid' => $master_record['uid'],
+                               'username' => $master_record['username'],
+                               'nickname' => $master_record['nickname']]];
+
+               // Then add all the children
+               $r = dba::select('user', ['uid', 'username', 'nickname'],
+                       ['parent-uid' => $master_record['uid'], 'account_removed' => false]);
+               if (DBM::is_result($r)) {
+                       $a->identities = array_merge($a->identities, dba::inArray($r));
+               }
        } else {
+               // Just ensure that the array is always defined
                $a->identities = [];
+
+               // First entry is our parent
+               $r = dba::select('user', ['uid', 'username', 'nickname'],
+                       ['uid' => $master_record['parent-uid'], 'account_removed' => false]);
+               if (DBM::is_result($r)) {
+                       $a->identities = dba::inArray($r);
+               }
+
+               // Then add all siblings
+               $r = dba::select('user', ['uid', 'username', 'nickname'],
+                       ['parent-uid' => $master_record['parent-uid'], 'account_removed' => false]);
+               if (DBM::is_result($r)) {
+                       $a->identities = array_merge($a->identities, dba::inArray($r));
+               }
        }
 
        $r = dba::p("SELECT `user`.`uid`, `user`.`username`, `user`.`nickname`
@@ -142,11 +165,11 @@ function authenticate_success($user_record, $login_initial = false, $interactive
        header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] . '"');
 
        if ($login_initial || $login_refresh) {
-               dba::update('user', ['login_date' => Temporal::convert()], ['uid' => $_SESSION['uid']]);
+               dba::update('user', ['login_date' => DateTimeFormat::utcNow()], ['uid' => $_SESSION['uid']]);
 
                // Set the login date for all identities of the user
-               dba::update('user', ['login_date' => Temporal::convert()],
-                       ['password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false]);
+               dba::update('user', ['login_date' => DateTimeFormat::utcNow()],
+                       ['parent-uid' => $master_record['uid'], 'account_removed' => false]);
        }
 
        if ($login_initial) {