X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fmanage.php;h=a6ab32c2d8428c713398dc61b6f816d504826b57;hb=47bd3243cdb4a4840ca4d40452402a86b792ce1b;hp=26f7315c326cc7c87809f0c194c147349536b29b;hpb=067626380db6d5ed71d68bd91481ff51cfa76915;p=friendica.git diff --git a/mod/manage.php b/mod/manage.php index 26f7315c32..a6ab32c2d8 100644 --- a/mod/manage.php +++ b/mod/manage.php @@ -1,23 +1,66 @@ identities)) +function manage_post(App $a) { + + if (! local_user()) { return; + } + + $uid = local_user(); + $orig_record = $a->user; + + if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) { + $r = q("select * from user where uid = %d limit 1", + intval($_SESSION['submanage']) + ); + if (dbm::is_result($r)) { + $uid = intval($r[0]['uid']); + $orig_record = $r[0]; + } + } + + $r = q("SELECT * FROM `manage` WHERE `uid` = %d", + intval($uid) + ); + + $submanage = $r; $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0); - if(! $identity) + if (! $identity) { return; + } - $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1", - intval($identity), - dbesc($a->user['email']), - dbesc($a->user['password']) - ); + $limited_id = 0; + $original_id = $uid; - if(! count($r)) + if (dbm::is_result($submanage)) { + foreach ($submanage as $m) { + if ($identity == $m['mid']) { + $limited_id = $m['mid']; + break; + } + } + } + + if ($limited_id) { + $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + intval($limited_id) + ); + } else { + $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1", + intval($identity), + dbesc($orig_record['email']), + dbesc($orig_record['password']) + ); + } + + if (! dbm::is_result($r)) { return; + } unset($_SESSION['authenticated']); unset($_SESSION['uid']); @@ -25,86 +68,94 @@ function manage_post(&$a) { unset($_SESSION['administrator']); unset($_SESSION['cid']); unset($_SESSION['theme']); + unset($_SESSION['mobile-theme']); unset($_SESSION['page_flags']); - - - $_SESSION['uid'] = $r[0]['uid']; - $_SESSION['theme'] = $r[0]['theme']; - $_SESSION['authenticated'] = 1; - $_SESSION['page_flags'] = $r[0]['page-flags']; - $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname']; - - notice( sprintf( t("Welcome back %s") , $r[0]['username']) . EOL); - $a->user = $r[0]; - - if(strlen($a->user['timezone'])) { - date_default_timezone_set($a->user['timezone']); - $a->timezone = $a->user['timezone']; + unset($_SESSION['return_url']); + if (x($_SESSION, 'submanage')) { + unset($_SESSION['submanage']); + } + if (x($_SESSION, 'sysmsg')) { + unset($_SESSION['sysmsg']); + } + if (x($_SESSION, 'sysmsg_info')) { + unset($_SESSION['sysmsg_info']); } - $r = q("SELECT `uid`,`username` FROM `user` WHERE `password` = '%s' AND `email` = '%s'", - dbesc($a->user['password']), - dbesc($a->user['email']) - ); - if(count($r)) - $a->identities = $r; - - $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", - intval($_SESSION['uid'])); - if(count($r)) { - $a->contact = $r[0]; - $a->cid = $r[0]['id']; - $_SESSION['cid'] = $a->cid; + require_once('include/security.php'); + authenticate_success($r[0], true, true); + + if ($limited_id) { + $_SESSION['submanage'] = $original_id; } - q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1", - dbesc(datetime_convert()), - intval($_SESSION['uid']) - ); + $ret = array(); + call_hooks('home_init',$ret); - header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"'); - goaway($a->get_baseurl() . '/profile/' . $a->user['nickname']); + goaway( App::get_baseurl() . "/profile/" . $a->user['nickname'] ); // NOTREACHED } -function manage_content(&$a) { +function manage_content(App $a) { - if(! local_user() || ! is_array($a->identities)) { + if (! local_user()) { notice( t('Permission denied.') . EOL); return; } - $r = q("SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s'", - dbesc($a->user['email']), - dbesc($a->user['password']) - ); - if(! count($r)) + if ($_GET['identity']) { + $_POST['identity'] = $_GET['identity']; + manage_post($a); return; + } + $identities = $a->identities; - $o = '

' . t('Manage Identities and/or Pages') . '

'; + //getting additinal information for each identity + foreach ($identities as $key=>$id) { + $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1", + dbesc($id['uid']) + ); - - $o .= '
' . t("\x28Toggle between different identities or community/group pages which share your account details.\x29") . '
'; + $identities[$key]['thumb'] = $thumb[0]['thumb']; - $o .= '
' . t('Select an identity to manage: ') . '
'; + $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']); - $o .= '
' . "\r\n"; - $o .= '
' . "\r\n"; - $o .= '' . "\r\n"; - $o .= '
' . "\r\n"; + $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d", + intval($id['uid'])); - $o .= '
' . "\r\n"; + if (dbm::is_result($r)) { + $notifications = $notifications + $r[0]["introductions"]; + } + + $identities[$key]['notifications'] = $notifications; + } + + $o = replace_macros(get_markup_template('manage.tpl'), array( + '$title' => t('Manage Identities and/or Pages'), + '$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'), + '$choose' => t('Select an identity to manage: '), + '$identities' => $identities, + '$submit' => t('Submit'), + )); return $o; -} \ No newline at end of file +}