X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fsecurity.php;h=af424df26c65c6122ff76a2070c936b426cdc46d;hb=d6893a45fe6b662793e407e33935a66adb62e3a2;hp=c443586c252a48fa946a6623ee28b5a9f0daa730;hpb=04589ecd38d85df339a3fed320d2822520b686f2;p=friendica.git

diff --git a/include/security.php b/include/security.php
index c443586c25..af424df26c 100644
--- a/include/security.php
+++ b/include/security.php
@@ -1,11 +1,16 @@
 <?php
+/**
+ * @file include/security.php
+ */
 
-use Friendica\App;
+use Friendica\Core\Addon;
 use Friendica\Core\Config;
+use Friendica\Core\L10n;
 use Friendica\Core\PConfig;
 use Friendica\Core\System;
 use Friendica\Database\DBM;
 use Friendica\Model\Group;
+use Friendica\Util\DateTimeFormat;
 
 /**
  * @brief Calculate the hash that is needed for the "Friendica" cookie
@@ -27,16 +32,16 @@ function cookie_hash($user)
  * @param int $time
  * @param array $user Record from "user" table
  */
-function new_cookie($time, $user = array())
+function new_cookie($time, $user = [])
 {
 	if ($time != 0) {
 		$time = $time + time();
 	}
 
 	if ($user) {
-		$value = json_encode(array("uid" => $user["uid"],
+		$value = json_encode(["uid" => $user["uid"],
 			"hash" => cookie_hash($user),
-			"ip" => $_SERVER['REMOTE_ADDR']));
+			"ip" => $_SERVER['REMOTE_ADDR']]);
 	} else {
 		$value = "";
 	}
@@ -73,10 +78,10 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 		if ($a->user['login_date'] <= NULL_DATE) {
 			$_SESSION['return_url'] = 'profile_photo/new';
 			$a->module = 'profile_photo';
-			info(t("Welcome ") . $a->user['username'] . EOL);
-			info(t('Please upload a profile photo.') . EOL);
+			info(L10n::t("Welcome ") . $a->user['username'] . EOL);
+			info(L10n::t('Please upload a profile photo.') . EOL);
 		} else {
-			info(t("Welcome back ") . $a->user['username'] . EOL);
+			info(L10n::t("Welcome back ") . $a->user['username'] . EOL);
 		}
 	}
 
@@ -102,12 +107,35 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 		}
 	}
 
-	$r = dba::select('user', array('uid', 'username', 'nickname'),
-		array('password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false));
-	if (DBM::is_result($r)) {
-		$a->identities = dba::inArray($r);
+	if ($master_record['parent-uid'] == 0) {
+		// First add our own entry
+		$a->identities = [['uid' => $master_record['uid'],
+				'username' => $master_record['username'],
+				'nickname' => $master_record['nickname']]];
+
+		// Then add all the children
+		$r = dba::select('user', ['uid', 'username', 'nickname'],
+			['parent-uid' => $master_record['uid'], 'account_removed' => false]);
+		if (DBM::is_result($r)) {
+			$a->identities = array_merge($a->identities, dba::inArray($r));
+		}
 	} else {
-		$a->identities = array();
+		// Just ensure that the array is always defined
+		$a->identities = [];
+
+		// First entry is our parent
+		$r = dba::select('user', ['uid', 'username', 'nickname'],
+			['uid' => $master_record['parent-uid'], 'account_removed' => false]);
+		if (DBM::is_result($r)) {
+			$a->identities = dba::inArray($r);
+		}
+
+		// Then add all siblings
+		$r = dba::select('user', ['uid', 'username', 'nickname'],
+			['parent-uid' => $master_record['parent-uid'], 'account_removed' => false]);
+		if (DBM::is_result($r)) {
+			$a->identities = array_merge($a->identities, dba::inArray($r));
+		}
 	}
 
 	$r = dba::p("SELECT `user`.`uid`, `user`.`username`, `user`.`nickname`
@@ -137,11 +165,11 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 	header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] . '"');
 
 	if ($login_initial || $login_refresh) {
-		dba::update('user', array('login_date' => datetime_convert()), array('uid' => $_SESSION['uid']));
+		dba::update('user', ['login_date' => DateTimeFormat::utcNow()], ['uid' => $_SESSION['uid']]);
 
 		// Set the login date for all identities of the user
-		dba::update('user', array('login_date' => datetime_convert()),
-			array('password' => $master_record['password'], 'email' => $master_record['email'], 'account_removed' => false));
+		dba::update('user', ['login_date' => DateTimeFormat::utcNow()],
+			['parent-uid' => $master_record['uid'], 'account_removed' => false]);
 	}
 
 	if ($login_initial) {
@@ -157,7 +185,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 	}
 
 	if ($login_initial) {
-		call_hooks('logged_in', $a->user);
+		Addon::callHooks('logged_in', $a->user);
 
 		if (($a->module !== 'home') && isset($_SESSION['return_url'])) {
 			goaway(System::baseUrl() . '/' . $_SESSION['return_url']);
@@ -165,7 +193,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 	}
 }
 
-function can_write_wall(App $a, $owner)
+function can_write_wall($owner)
 {
 	static $verified = 0;
 
@@ -174,8 +202,7 @@ function can_write_wall(App $a, $owner)
 	}
 
 	$uid = local_user();
-
-	if (($uid) && ($uid == $owner)) {
+	if ($uid == $owner) {
 		return true;
 	}
 
@@ -401,7 +428,7 @@ function check_form_security_token($typename = '', $formname = 'form_security_to
 
 function check_form_security_std_err_msg()
 {
-	return t('The form security token was not correct. This probably happened because the form has been opened for too long (>3 hours) before submitting it.') . EOL;
+	return L10n::t("The form security token was not correct. This probably happened because the form has been opened for too long \x28>3 hours\x29 before submitting it.") . EOL;
 }
 
 function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token')