X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fmanage.php;h=0f60e704e4d299e5566dc044e9ce92646a4d48d9;hb=3e797547a37f8c8f22e88965b4a4d278bcc192e0;hp=66891db720a540fbe659644b4a25a7d0d85b23be;hpb=e8e1f9253da63a11c813708f5baaeba2d9f537f3;p=friendica.git diff --git a/mod/manage.php b/mod/manage.php index 66891db720..0f60e704e4 100644 --- a/mod/manage.php +++ b/mod/manage.php @@ -1,12 +1,20 @@ user; @@ -15,49 +23,72 @@ function manage_post(&$a) { $r = q("select * from user where uid = %d limit 1", intval($_SESSION['submanage']) ); - if (dbm::is_result($r)) { + if (DBM::is_result($r)) { $uid = intval($r[0]['uid']); $orig_record = $r[0]; } } - $r = q("select * from manage where uid = %d", + $r = q("SELECT * FROM `manage` WHERE `uid` = %d", intval($uid) ); $submanage = $r; - $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0); - if(! $identity) + $identity = (x($_POST['identity']) ? intval($_POST['identity']) : 0); + if (!$identity) { return; + } $limited_id = 0; $original_id = $uid; - if(count($submanage)) { - foreach($submanage as $m) { - if($identity == $m['mid']) { + if (DBM::is_result($submanage)) { + foreach ($submanage as $m) { + if ($identity == $m['mid']) { $limited_id = $m['mid']; break; } } } - if($limited_id) { + if ($limited_id) { $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($limited_id) ); - } - else { - $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1", + } else { + // Check if the target user is one of our children + $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1", intval($identity), - dbesc($orig_record['email']), - dbesc($orig_record['password']) + dbesc($orig_record['uid']) ); + + // Check if the target user is one of our siblings + if (!DBM::is_result($r) && ($orig_record['parent-uid'] != 0)) { + $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1", + intval($identity), + dbesc($orig_record['parent-uid']) + ); + } + + // Check if it's our parent + if (!DBM::is_result($r) && ($orig_record['parent-uid'] != 0) && ($orig_record['parent-uid'] == $identity)) { + $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + intval($identity) + ); + } + + // Finally check if it's out own user + if (!DBM::is_result($r) && ($orig_record['uid'] != 0) && ($orig_record['uid'] == $identity)) { + $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + intval($identity) + ); + } } - if(! dbm::is_result($r)) + if (!DBM::is_result($r)) { return; + } unset($_SESSION['authenticated']); unset($_SESSION['uid']); @@ -68,32 +99,36 @@ function manage_post(&$a) { unset($_SESSION['mobile-theme']); unset($_SESSION['page_flags']); unset($_SESSION['return_url']); - if(x($_SESSION,'submanage')) + if (x($_SESSION, 'submanage')) { unset($_SESSION['submanage']); - if(x($_SESSION,'sysmsg')) + } + if (x($_SESSION, 'sysmsg')) { unset($_SESSION['sysmsg']); - if(x($_SESSION,'sysmsg_info')) + } + if (x($_SESSION, 'sysmsg_info')) { unset($_SESSION['sysmsg_info']); + } require_once('include/security.php'); - authenticate_success($r[0],true,true); + authenticate_success($r[0], true, true); - if($limited_id) + if ($limited_id) { $_SESSION['submanage'] = $original_id; + } - $ret = array(); - call_hooks('home_init',$ret); + $ret = []; + Addon::callHooks('home_init',$ret); - goaway( $a->get_baseurl() . "/profile/" . $a->user['nickname'] ); + goaway( System::baseUrl() . "/profile/" . $a->user['nickname'] ); // NOTREACHED } -function manage_content(&$a) { +function manage_content(App $a) { - if(! local_user()) { - notice( t('Permission denied.') . EOL); + if (! local_user()) { + notice(L10n::t('Permission denied.') . EOL); return; } @@ -111,37 +146,43 @@ function manage_content(&$a) { dbesc($id['uid']) ); - $identities[$key][thumb] = $thumb[0][thumb]; + $identities[$key]['thumb'] = $thumb[0]['thumb']; - $identities[$key]['selected'] = (($id['nickname'] === $a->user['nickname']) ? true : false); + $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']); $notifications = 0; $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))", intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL)); - if ($r) + + if (DBM::is_result($r)) { $notifications = sizeof($r); + } $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`", intval($id['uid'])); - if ($r) + + if (DBM::is_result($r)) { $notifications = $notifications + sizeof($r); + } $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d", intval($id['uid'])); - if ($r) + + if (DBM::is_result($r)) { $notifications = $notifications + $r[0]["introductions"]; + } $identities[$key]['notifications'] = $notifications; } - $o = replace_macros(get_markup_template('manage.tpl'), array( - '$title' => t('Manage Identities and/or Pages'), - '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'), - '$choose' => t('Select an identity to manage: '), + $o = replace_macros(get_markup_template('manage.tpl'), [ + '$title' => L10n::t('Manage Identities and/or Pages'), + '$desc' => L10n::t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'), + '$choose' => L10n::t('Select an identity to manage: '), '$identities' => $identities, - '$submit' => t('Submit'), - )); + '$submit' => L10n::t('Submit'), + ]); return $o;