X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fsecurity.php;h=05371f71ca55d1a44559480ffc2c350197cc3add;hb=9521f39ebea7603098e4f96f5edb6c85a40fc646;hp=63a6b9574f7d9cdc9f845725034460733354b7c3;hpb=ed0d858f98babfa7b02e92186ea747b92605aad9;p=friendica.git diff --git a/include/security.php b/include/security.php index 63a6b9574f..05371f71ca 100644 --- a/include/security.php +++ b/include/security.php @@ -54,8 +54,8 @@ function authenticate_success($user_record, $login_initial = false, $interactive $a->user = $user_record; - if ($interactive) { - if ($a->user['login_date'] === '0000-00-00 00:00:00') { + if($interactive) { + if ($a->user['login_date'] <= NULL_DATE) { $_SESSION['return_url'] = 'profile_photo/new'; $a->module = 'profile_photo'; info( t("Welcome ") . $a->user['username'] . EOL); @@ -66,18 +66,18 @@ function authenticate_success($user_record, $login_initial = false, $interactive } $member_since = strtotime($a->user['register_date']); - if (time() < ($member_since + ( 60 * 60 * 24 * 14))) + if(time() < ($member_since + ( 60 * 60 * 24 * 14))) $_SESSION['new_member'] = true; else $_SESSION['new_member'] = false; - if (strlen($a->user['timezone'])) { + if(strlen($a->user['timezone'])) { date_default_timezone_set($a->user['timezone']); $a->timezone = $a->user['timezone']; } $master_record = $a->user; - if ((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) { + if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) { $r = q("select * from user where uid = %d limit 1", intval($_SESSION['submanage']) ); @@ -102,9 +102,9 @@ function authenticate_success($user_record, $login_initial = false, $interactive if (dbm::is_result($r)) $a->identities = array_merge($a->identities,$r); - if ($login_initial) + if($login_initial) logger('auth_identities: ' . print_r($a->identities,true), LOGGER_DEBUG); - if ($login_refresh) + if($login_refresh) logger('auth_identities refresh: ' . print_r($a->identities,true), LOGGER_DEBUG); $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", @@ -117,7 +117,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"'); - if ($login_initial || $login_refresh) { + if($login_initial || $login_refresh) { q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d", dbesc(datetime_convert()), @@ -247,7 +247,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { * Profile owner - everything is visible */ - if (($local_user) && ($local_user == $owner_id)) { + if(($local_user) && ($local_user == $owner_id)) { $sql = ''; } @@ -259,9 +259,9 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { * done this and passed the groups into this function. */ - elseif ($remote_user) { + elseif($remote_user) { - if (! $remote_verified) { + if(! $remote_verified) { $r = q("SELECT id FROM contact WHERE id = %d AND uid = %d AND blocked = 0 LIMIT 1", intval($remote_user), intval($owner_id) @@ -271,12 +271,12 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { $groups = init_groups_visitor($remote_user); } } - if ($remote_verified) { + if($remote_verified) { $gs = '<<>>'; // should be impossible to match - if (is_array($groups) && count($groups)) { - foreach ($groups as $g) + if(is_array($groups) && count($groups)) { + foreach($groups as $g) $gs .= '|<' . intval($g) . '>'; } @@ -329,7 +329,7 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) * Profile owner - everything is visible */ - if ($local_user && ($local_user == $owner_id)) { + if($local_user && ($local_user == $owner_id)) { $sql = ''; } @@ -341,9 +341,9 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) * done this and passed the groups into this function. */ - elseif ($remote_user) { + elseif($remote_user) { - if (! $remote_verified) { + if(! $remote_verified) { $r = q("SELECT id FROM contact WHERE id = %d AND uid = %d AND blocked = 0 LIMIT 1", intval($remote_user), intval($owner_id) @@ -353,14 +353,13 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) $groups = init_groups_visitor($remote_user); } } - if ($remote_verified) { + if($remote_verified) { $gs = '<<>>'; // should be impossible to match - if (is_array($groups) && count($groups)) { - foreach ($groups as $g) { + if(is_array($groups) && count($groups)) { + foreach($groups as $g) $gs .= '|<' . intval($g) . '>'; - } } $sql = sprintf( @@ -453,7 +452,7 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f // DFRN contact. They are *not* neccessarily unique across the entire site. -if (! function_exists('init_groups_visitor')) { +if(! function_exists('init_groups_visitor')) { function init_groups_visitor($contact_id) { $groups = array(); $r = q("SELECT `gid` FROM `group_member` @@ -461,7 +460,7 @@ function init_groups_visitor($contact_id) { intval($contact_id) ); if (dbm::is_result($r)) { - foreach ($r as $rr) + foreach($r as $rr) $groups[] = $rr['gid']; } return $groups;