<?php
+/**
+ * @file include/security.php
+ */
-use Friendica\App;
+use Friendica\Core\Addon;
use Friendica\Core\Config;
+use Friendica\Core\L10n;
use Friendica\Core\PConfig;
use Friendica\Core\System;
use Friendica\Database\DBM;
use Friendica\Model\Group;
+use Friendica\Util\DateTimeFormat;
/**
* @brief Calculate the hash that is needed for the "Friendica" cookie
* @param int $time
* @param array $user Record from "user" table
*/
-function new_cookie($time, $user = array())
+function new_cookie($time, $user = [])
{
if ($time != 0) {
$time = $time + time();
}
if ($user) {
- $value = json_encode(array("uid" => $user["uid"],
+ $value = json_encode(["uid" => $user["uid"],
"hash" => cookie_hash($user),
- "ip" => $_SERVER['REMOTE_ADDR']));
+ "ip" => $_SERVER['REMOTE_ADDR']]);
} else {
$value = "";
}
if ($a->user['login_date'] <= NULL_DATE) {
$_SESSION['return_url'] = 'profile_photo/new';
$a->module = 'profile_photo';
- info(t("Welcome ") . $a->user['username'] . EOL);
- info(t('Please upload a profile photo.') . EOL);
+ info(L10n::t("Welcome ") . $a->user['username'] . EOL);
+ info(L10n::t('Please upload a profile photo.') . EOL);
} else {
- info(t("Welcome back ") . $a->user['username'] . EOL);
+ info(L10n::t("Welcome back ") . $a->user['username'] . EOL);
}
}
}
}
- $r = dba::select('user', array('uid', 'username', 'nickname'),
- array('password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false));
- if (DBM::is_result($r)) {
- $a->identities = dba::inArray($r);
+ if ($master_record['parent-uid'] == 0) {
+ // First add our own entry
+ $a->identities = [['uid' => $master_record['uid'],
+ 'username' => $master_record['username'],
+ 'nickname' => $master_record['nickname']]];
+
+ // Then add all the children
+ $r = dba::select('user', ['uid', 'username', 'nickname'],
+ ['parent-uid' => $master_record['uid'], 'account_removed' => false]);
+ if (DBM::is_result($r)) {
+ $a->identities = array_merge($a->identities, dba::inArray($r));
+ }
} else {
- $a->identities = array();
+ // Just ensure that the array is always defined
+ $a->identities = [];
+
+ // First entry is our parent
+ $r = dba::select('user', ['uid', 'username', 'nickname'],
+ ['uid' => $master_record['parent-uid'], 'account_removed' => false]);
+ if (DBM::is_result($r)) {
+ $a->identities = dba::inArray($r);
+ }
+
+ // Then add all siblings
+ $r = dba::select('user', ['uid', 'username', 'nickname'],
+ ['parent-uid' => $master_record['parent-uid'], 'account_removed' => false]);
+ if (DBM::is_result($r)) {
+ $a->identities = array_merge($a->identities, dba::inArray($r));
+ }
}
$r = dba::p("SELECT `user`.`uid`, `user`.`username`, `user`.`nickname`
header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] . '"');
if ($login_initial || $login_refresh) {
- dba::update('user', array('login_date' => datetime_convert()), array('uid' => $_SESSION['uid']));
+ dba::update('user', ['login_date' => DateTimeFormat::utcNow()], ['uid' => $_SESSION['uid']]);
// Set the login date for all identities of the user
- dba::update('user', array('login_date' => datetime_convert()),
- array('password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false));
+ dba::update('user', ['login_date' => DateTimeFormat::utcNow()],
+ ['parent-uid' => $master_record['uid'], 'account_removed' => false]);
}
if ($login_initial) {
}
if ($login_initial) {
- call_hooks('logged_in', $a->user);
+ Addon::callHooks('logged_in', $a->user);
if (($a->module !== 'home') && isset($_SESSION['return_url'])) {
goaway(System::baseUrl() . '/' . $_SESSION['return_url']);
}
}
-function can_write_wall(App $a, $owner)
+function can_write_wall($owner)
{
static $verified = 0;
}
$uid = local_user();
-
- if (($uid) && ($uid == $owner)) {
+ if ($uid == $owner) {
return true;
}
function check_form_security_std_err_msg()
{
- return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before submitting it.') . EOL;
+ return L10n::t("The form security token was not correct. This probably happened because the form has been opened for too long \x28>3 hours\x29 before submitting it.") . EOL;
}
function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token')