Issue 7285: Perform duplicate check for item URI also with AP

[friendica.git] / mod / delegate.php

diff --git a/mod/delegate.php b/mod/delegate.php
index e9760fa3f5cafd0c06d2c991576d5c06cf9a32b0..456078451570cbc1db5f929201f6de0fa5cd6ad3 100644 (file)
--- a/mod/delegate.php
+++ b/mod/delegate.php
@@ -4,16 +4,20 @@
  */
 
 use Friendica\App;
+use Friendica\BaseModule;
 use Friendica\Core\L10n;
+use Friendica\Core\Protocol;
+use Friendica\Core\Renderer;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\User;
+use Friendica\Util\Strings;
 
 require_once 'mod/settings.php';
 
 function delegate_init(App $a)
 {
-       return settings_init($a);
+       settings_init($a);
 }
 
 function delegate_post(App $a)
@@ -22,12 +26,12 @@ function delegate_post(App $a)
                return;
        }
 
-       if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) {
+       if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
                notice(L10n::t('Permission denied.') . EOL);
                return;
        }
 
-       check_form_security_token_redirectOnErr('/delegate', 'delegate');
+       BaseModule::checkFormSecurityTokenRedirectOnError('/delegate', 'delegate');
 
        $parent_uid = defaults($_POST, 'parent_user', 0);
        $parent_password = defaults($_POST, 'parent_password', '');
@@ -58,8 +62,8 @@ function delegate_content(App $a)
 
        if ($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) {
                // delegated admins can view but not change delegation permissions
-               if (x($_SESSION, 'submanage')) {
-                       goaway(System::baseUrl() . '/delegate');
+               if (!empty($_SESSION['submanage'])) {
+                       $a->internalRedirect('delegate');
                }
 
                $user_id = $a->argv[2];
@@ -68,23 +72,23 @@ function delegate_content(App $a)
                if (DBA::isResult($user)) {
                        $condition = [
                                'uid' => local_user(),
-                               'nurl' => normalise_link(System::baseUrl() . '/profile/' . $user['nickname'])
+                               'nurl' => Strings::normaliseLink(System::baseUrl() . '/profile/' . $user['nickname'])
                        ];
                        if (DBA::exists('contact', $condition)) {
                                DBA::insert('manage', ['uid' => $user_id, 'mid' => local_user()]);
                        }
                }
-               goaway(System::baseUrl() . '/delegate');
+               $a->internalRedirect('delegate');
        }
 
        if ($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) {
                // delegated admins can view but not change delegation permissions
-               if (x($_SESSION, 'submanage')) {
-                       goaway(System::baseUrl() . '/delegate');
+               if (!empty($_SESSION['submanage'])) {
+                       $a->internalRedirect('delegate');
                }
 
                DBA::delete('manage', ['uid' => $a->argv[2], 'mid' => local_user()]);
-               goaway(System::baseUrl() . '/delegate');
+               $a->internalRedirect('delegate');
        }
 
        // find everybody that currently has delegated management to this account/page
@@ -110,14 +114,14 @@ function delegate_content(App $a)
                AND SUBSTRING_INDEX(`nurl`, '/', 3) = '%s'
                AND `uid` = %d
                AND `network` = '%s' ",
-               dbesc(normalise_link(System::baseUrl())),
+               DBA::escape(Strings::normaliseLink(System::baseUrl())),
                intval(local_user()),
-               dbesc(NETWORK_DFRN)
+               DBA::escape(Protocol::DFRN)
        );
        if (DBA::isResult($r)) {
                $nicknames = [];
                foreach ($r as $rr) {
-                       $nicknames[] = "'" . dbesc(basename($rr['nurl'])) . "'";
+                       $nicknames[] = "'" . DBA::escape(basename($rr['nurl'])) . "'";
                }
 
                $nicks = implode(',', $nicknames);
@@ -158,10 +162,12 @@ function delegate_content(App $a)
 
        if (!is_null($parent_user)) {
                $parent_password = ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')];
+       } else {
+               $parent_password = '';
        }
 
-       $o = replace_macros(get_markup_template('delegate.tpl'), [
-               '$form_security_token' => get_form_security_token('delegate'),
+       $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegate.tpl'), [
+               '$form_security_token' => BaseModule::getFormSecurityToken('delegate'),
                '$parent_header' => L10n::t('Parent User'),
                '$parent_user' => $parent_user,
                '$parent_password' => $parent_password,