]> git.mxchange.org Git - friendica.git/blobdiff - mod/delegate.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Catch HTTPExceptions in App::runFrontend()
[friendica.git] / mod / delegate.php
diff --git a/mod/delegate.php b/mod/delegate.php
index 510fc0ec8ff11b7730b53de657f5bda941f81832..4bfc0e31ba8b78879d5c47021f7f524ae9ea8606 100644 (file)
--- a/mod/delegate.php
+++ b/mod/delegate.php
@@ -2,11 +2,17 @@
 /**
  * @file mod/delegate.php
  */
+
 use Friendica\App;
+use Friendica\BaseModule;
 use Friendica\Core\L10n;
+use Friendica\Core\Protocol;
+use Friendica\Core\Renderer;
 use Friendica\Core\System;
-use Friendica\Database\DBM;
+use Friendica\Database\DBA;
 use Friendica\Model\User;
+use Friendica\Util\Security;
+use Friendica\Util\Strings;
 
 require_once 'mod/settings.php';
 
@@ -21,19 +27,19 @@ function delegate_post(App $a)
                return;
        }
 
-       if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) {
+       if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) {
                notice(L10n::t('Permission denied.') . EOL);
                return;
        }
 
-       check_form_security_token_redirectOnErr('/delegate', 'delegate');
+       BaseModule::checkFormSecurityTokenRedirectOnError('/delegate', 'delegate');
 
        $parent_uid = defaults($_POST, 'parent_user', 0);
        $parent_password = defaults($_POST, 'parent_password', '');
 
        if ($parent_uid != 0) {
-               $user = dba::selectFirst('user', ['nickname'], ['uid' => $parent_uid]);
-               if (!DBM::is_result($user)) {
+               $user = DBA::selectFirst('user', ['nickname'], ['uid' => $parent_uid]);
+               if (!DBA::isResult($user)) {
                        notice(L10n::t('Parent user not found.') . EOL);
                        return;
                }
@@ -45,7 +51,7 @@ function delegate_post(App $a)
                }
        }
 
-       dba::update('user', ['parent-uid' => $parent_uid], ['uid' => local_user()]);
+       DBA::update('user', ['parent-uid' => $parent_uid], ['uid' => local_user()]);
 }
 
 function delegate_content(App $a)
@@ -57,33 +63,33 @@ function delegate_content(App $a)
 
        if ($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) {
                // delegated admins can view but not change delegation permissions
-               if (x($_SESSION, 'submanage')) {
-                       goaway(System::baseUrl() . '/delegate');
+               if (!empty($_SESSION['submanage'])) {
+                       $a->internalRedirect('delegate');
                }
 
                $user_id = $a->argv[2];
 
-               $user = dba::selectFirst('user', ['nickname'], ['uid' => $user_id]);
-               if (DBM::is_result($user)) {
+               $user = DBA::selectFirst('user', ['nickname'], ['uid' => $user_id]);
+               if (DBA::isResult($user)) {
                        $condition = [
                                'uid' => local_user(),
-                               'nurl' => normalise_link(System::baseUrl() . '/profile/' . $user['nickname'])
+                               'nurl' => Strings::normaliseLink(System::baseUrl() . '/profile/' . $user['nickname'])
                        ];
-                       if (dba::exists('contact', $condition)) {
-                               dba::insert('manage', ['uid' => $user_id, 'mid' => local_user()]);
+                       if (DBA::exists('contact', $condition)) {
+                               DBA::insert('manage', ['uid' => $user_id, 'mid' => local_user()]);
                        }
                }
-               goaway(System::baseUrl() . '/delegate');
+               $a->internalRedirect('delegate');
        }
 
        if ($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) {
                // delegated admins can view but not change delegation permissions
-               if (x($_SESSION, 'submanage')) {
-                       goaway(System::baseUrl() . '/delegate');
+               if (!empty($_SESSION['submanage'])) {
+                       $a->internalRedirect('delegate');
                }
 
-               dba::delete('manage', ['uid' => $a->argv[2], 'mid' => local_user()]);
-               goaway(System::baseUrl() . '/delegate');
+               DBA::delete('manage', ['uid' => $a->argv[2], 'mid' => local_user()]);
+               $a->internalRedirect('delegate');
        }
 
        // find everybody that currently has delegated management to this account/page
@@ -91,7 +97,7 @@ function delegate_content(App $a)
        $r = q("SELECT * FROM `user` WHERE `uid` IN (SELECT `uid` FROM `manage` WHERE `mid` = %d)",
                intval(local_user())
        );
-       if (DBM::is_result($r)) {
+       if (DBA::isResult($r)) {
                $delegates = $r;
        }
 
@@ -109,21 +115,21 @@ function delegate_content(App $a)
                AND SUBSTRING_INDEX(`nurl`, '/', 3) = '%s'
                AND `uid` = %d
                AND `network` = '%s' ",
-               dbesc(normalise_link(System::baseUrl())),
+               DBA::escape(Strings::normaliseLink(System::baseUrl())),
                intval(local_user()),
-               dbesc(NETWORK_DFRN)
+               DBA::escape(Protocol::DFRN)
        );
-       if (DBM::is_result($r)) {
+       if (DBA::isResult($r)) {
                $nicknames = [];
                foreach ($r as $rr) {
-                       $nicknames[] = "'" . dbesc(basename($rr['nurl'])) . "'";
+                       $nicknames[] = "'" . DBA::escape(basename($rr['nurl'])) . "'";
                }
 
                $nicks = implode(',', $nicknames);
 
                // get user records for all potential page delegates who are not already delegates or managers
                $r = q("SELECT `uid`, `username`, `nickname` FROM `user` WHERE `nickname` IN ($nicks)");
-               if (DBM::is_result($r)) {
+               if (DBA::isResult($r)) {
                        foreach ($r as $rr) {
                                if (!in_array($rr['uid'], $uids)) {
                                        $potentials[] = $rr;
@@ -134,19 +140,19 @@ function delegate_content(App $a)
 
        settings_init($a);
 
-       $user = dba::selectFirst('user', ['parent-uid', 'email'], ['uid' => local_user()]);
+       $user = DBA::selectFirst('user', ['parent-uid', 'email'], ['uid' => local_user()]);
 
        $parent_user = null;
 
-       if (DBM::is_result($user)) {
-               if (!dba::exists('user', ['parent-uid' => local_user()])) {
+       if (DBA::isResult($user)) {
+               if (!DBA::exists('user', ['parent-uid' => local_user()])) {
                        $parent_uid = $user['parent-uid'];
                        $parents = [0 => L10n::t('No parent user')];
 
                        $fields = ['uid', 'username', 'nickname'];
                        $condition = ['email' => $user['email'], 'verified' => true, 'blocked' => false, 'parent-uid' => 0];
-                       $parent_users = dba::select('user', $fields, $condition);
-                       while ($parent = dba::fetch($parent_users)) {
+                       $parent_users = DBA::select('user', $fields, $condition);
+                       while ($parent = DBA::fetch($parent_users)) {
                                if ($parent['uid'] != local_user()) {
                                        $parents[$parent['uid']] = sprintf('%s (%s)', $parent['username'], $parent['nickname']);
                                }
@@ -157,10 +163,12 @@ function delegate_content(App $a)
 
        if (!is_null($parent_user)) {
                $parent_password = ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')];
+       } else {
+               $parent_password = '';
        }
 
-       $o = replace_macros(get_markup_template('delegate.tpl'), [
-               '$form_security_token' => get_form_security_token('delegate'),
+       $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('delegate.tpl'), [
+               '$form_security_token' => BaseModule::getFormSecurityToken('delegate'),
                '$parent_header' => L10n::t('Parent User'),
                '$parent_user' => $parent_user,
                '$parent_password' => $parent_password,
Unnamed repository; edit this file 'description' to name the repository.