X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fmanage.php;h=c0eedc2ba07ebcfecaa4b05cd44ab428c844ef5d;hb=9649386c8d3afc0b060a891fab1fcd1fda2444d4;hp=26f7315c326cc7c87809f0c194c147349536b29b;hpb=9838245c6c9b2e311650b53a1c3aa1ef778ef935;p=friendica.git

diff --git a/mod/manage.php b/mod/manage.php
index 26f7315c32..c0eedc2ba0 100644
--- a/mod/manage.php
+++ b/mod/manage.php
@@ -1,20 +1,60 @@
 <?php
 
+require_once("include/text.php");
+
 
 function manage_post(&$a) {
 
-	if(! local_user() || ! is_array($a->identities))
+	if(! local_user())
 		return;
 
+	$uid = local_user();
+	$orig_record = $a->user;
+
+	if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
+		$r = q("select * from user where uid = %d limit 1",
+			intval($_SESSION['submanage'])
+		);
+		if(count($r)) {
+			$uid = intval($r[0]['uid']);
+			$orig_record = $r[0];
+		}
+	}
+
+	$r = q("select * from manage where uid = %d",
+		intval($uid)
+	);
+
+	$submanage = $r;
+
 	$identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
 	if(! $identity)
 		return;
 
-	$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
-		intval($identity),
-		dbesc($a->user['email']),
-		dbesc($a->user['password'])
-	);
+	$limited_id = 0;
+	$original_id = $uid;
+
+	if(count($submanage)) {
+		foreach($submanage as $m) {
+			if($identity == $m['mid']) {
+				$limited_id = $m['mid'];
+				break;
+			}
+		}
+	}
+
+	if($limited_id) {
+		$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+			intval($limited_id)
+		);
+	}
+	else {
+		$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
+			intval($identity),
+			dbesc($orig_record['email']),
+			dbesc($orig_record['password'])
+		);
+	}
 
 	if(! count($r))
 		return;
@@ -25,45 +65,26 @@ function manage_post(&$a) {
 	unset($_SESSION['administrator']);
 	unset($_SESSION['cid']);
 	unset($_SESSION['theme']);
+	unset($_SESSION['mobile-theme']);
 	unset($_SESSION['page_flags']);
+	unset($_SESSION['return_url']);
+	if(x($_SESSION,'submanage'))
+		unset($_SESSION['submanage']);
+	if(x($_SESSION,'sysmsg'))
+		unset($_SESSION['sysmsg']);
+	if(x($_SESSION,'sysmsg_info'))
+		unset($_SESSION['sysmsg_info']);
 
+	require_once('include/security.php');
+	authenticate_success($r[0],true,true);
 
-	$_SESSION['uid'] = $r[0]['uid'];
-	$_SESSION['theme'] = $r[0]['theme'];
-	$_SESSION['authenticated'] = 1;
-	$_SESSION['page_flags'] = $r[0]['page-flags'];
-	$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
-
-	notice( sprintf( t("Welcome back %s") , $r[0]['username']) . EOL);
-	$a->user = $r[0];
+	if($limited_id)
+		$_SESSION['submanage'] = $original_id;
 
-	if(strlen($a->user['timezone'])) {
-		date_default_timezone_set($a->user['timezone']);
-		$a->timezone = $a->user['timezone'];
-	}
-
-	$r = q("SELECT `uid`,`username` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
-		dbesc($a->user['password']),
-		dbesc($a->user['email'])
-	);
-	if(count($r))
-		$a->identities = $r;
-
-	$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-		intval($_SESSION['uid']));
-	if(count($r)) {
-		$a->contact = $r[0];
-		$a->cid = $r[0]['id'];
-		$_SESSION['cid'] = $a->cid;
-	}
+	$ret = array();
+	call_hooks('home_init',$ret);
 
-	q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1",
-		dbesc(datetime_convert()),
-		intval($_SESSION['uid'])
-	);
-
-	header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
-	goaway($a->get_baseurl() . '/profile/' . $a->user['nickname']);
+	goaway( $a->get_baseurl() . "/profile/" . $a->user['nickname'] );
 	// NOTREACHED
 }
 
@@ -71,40 +92,38 @@ function manage_post(&$a) {
 
 function manage_content(&$a) {
 
-	if(! local_user() || ! is_array($a->identities)) {
+	if(! local_user()) {
 		notice( t('Permission denied.') . EOL);
 		return;
 	}
 
-	$r = q("SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s'",
-		dbesc($a->user['email']),
-		dbesc($a->user['password'])
-	);
-	if(! count($r))
+	if ($_GET['identity']) {
+		$_POST['identity'] = $_GET['identity'];
+		manage_post($a);
 		return;
+	}
 
+	$identities = $a->identities;
 
-	$o = '<h3>' . t('Manage Identities and/or Pages') . '</h3>';
-
-	
-	$o .= '<div id="identity-manage-desc">' . t("\x28Toggle between different identities or community/group pages which share your account details.\x29") . '</div>';
-
-	$o .= '<div id="identity-manage-choose">' . t('Select an identity to manage: ') . '</div>';
+	//getting additinal information for each identity
+	foreach ($identities as $key=>$id) {
+		$thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
+			dbesc($id['uid'])
+		);
 
-	$o .= '<div id="identity-selector-wrapper">' . "\r\n";
-	$o .= '<form action="manage" method="post" >' . "\r\n";
-	$o .= '<select name="identity" size="4">' . "\r\n";
+		$identities[$key][thumb] = $thumb[0][thumb];
 
-	foreach($r as $rr) {
-		$selected = (($rr['nickname'] === $a->user['nickname']) ? ' selected="selected" ' : '');
-		$o .= '<option ' . $selected . 'value="' . $rr['uid'] . '">' . $rr['username'] . ' (' . $rr['nickname'] . ')</option>' . "\r\n";
+		$identities[$key]['selected'] = (($id['nickname'] === $a->user['nickname']) ? true : false);
 	}
 
-	$o .= '</select>' . "\r\n";
-	$o .= '<div id="identity-select-break"></div>' . "\r\n";
-
-	$o .= '<input id="identity-submit" type="submit" name="submit" value="' . t('Submit') . '" /></div></form>' . "\r\n";
+	$o = replace_macros(get_markup_template('manage.tpl'), array(
+		'$title' => t('Manage Identities and/or Pages'),
+		'$desc' => t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
+		'$choose' => t('Select an identity to manage: '),
+		'$identities' => $identities,
+		'$submit' => t('Submit'),
+	));
 
 	return $o;
 
-}
\ No newline at end of file
+}