]> git.mxchange.org Git - friendica.git/commitdiff
projects / friendica.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 10f7686)
backend for delegating forums
authorfriendica <info@friendica.com>
Fri, 27 Jan 2012 00:52:12 +0000 (16:52 -0800)
committerfriendica <info@friendica.com>
Fri, 27 Jan 2012 00:52:12 +0000 (16:52 -0800)
boot.php patch | blob | history
database.sql patch | blob | history
include/security.php patch | blob | history
mod/manage.php patch | blob | history
mod/settings.php patch | blob | history
update.php patch | blob | history

diff --git a/boot.php b/boot.php
index e1850fe296d4ffb4cdde7fd6c440215412f674f9..9ccbfe667c215e123de8b2c0aa3eac77cf38e2fc 100755 (executable)
--- a/boot.php
+++ b/boot.php
@@ -9,9 +9,9 @@ require_once('include/nav.php');
 require_once('include/cache.php');
 
 define ( 'FRIENDICA_PLATFORM',     'Friendica');
-define ( 'FRIENDICA_VERSION',      '2.3.1235' );
+define ( 'FRIENDICA_VERSION',      '2.3.1236' );
 define ( 'DFRN_PROTOCOL_VERSION',  '2.22'    );
-define ( 'DB_UPDATE_VERSION',      1116      );
+define ( 'DB_UPDATE_VERSION',      1117      );
 
 define ( 'EOL',                    "<br />\r\n"     );
 define ( 'ATOM_TIME',              'Y-m-d\TH:i:s\Z' );
diff --git a/database.sql b/database.sql
index 5b7c870df9cb6d3da112cd8e3395ad694a73993f..68b8ea076c04920581c3520401af59b4b881205f 100755 (executable)
--- a/database.sql
+++ b/database.sql
@@ -769,4 +769,11 @@ INDEX ( `twit` ),
 INDEX ( `stat` )
 ) ENGINE = MyISAM DEFAULT CHARSET=utf8;
 
+CREATE TABLE IF NOT EXISTS `manage` {
+`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+`uid` INT NOT NULL ,
+`mid` INT NOT NULL,
+INDEX ( `uid` ),
+INDEX ( `mid` )
+) ENGINE = MyISAM DEFAULT CHARSET=utf8;
 
diff --git a/include/security.php b/include/security.php
index f3f16e1bc1551cb9c476729528674cb8e03ac7cf..394986f279ca8146835becd621ef71507b0ec30f 100755 (executable)
--- a/include/security.php
+++ b/include/security.php
@@ -34,13 +34,30 @@ function authenticate_success($user_record, $login_initial = false, $interactive
                $a->timezone = $a->user['timezone'];
        }
 
-       $r = q("SELECT `uid`,`username` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
-               dbesc($a->user['password']),
-               dbesc($a->user['email'])
+       $master_record = $a->user;      
+       if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
+               $r = q("select * from user where uid = %d limit 1",
+                       intval($_SESSION['submanage'])
+               );
+               if(count($r))
+                       $master_record = $r[0];
+       }
+
+       $r = q("SELECT `uid`,`username`,`nickname` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
+               dbesc($master_record['password']),
+               dbesc($master_record['email'])
        );
        if(count($r))
                $a->identities = $r;
+       else
+               $a->identities = array();
 
+       $r = q("select `user`.`uid`, `user`.`username`, `user`.`nickname` from manage left join user on manage.mid = user.uid 
+               where `manage`.`uid` = %d",
+               intval($master_record['uid'])
+       );
+       if(count($r))
+               $a->identities = array_merge($a->identities,$r);
 
        $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
                intval($_SESSION['uid']));
diff --git a/mod/manage.php b/mod/manage.php
index 41ec81129133474a95762e9e8e395c62b1cf94e7..ec4dcd8a00922e0125aca2ae3a690df2a4a6153e 100755 (executable)
--- a/mod/manage.php
+++ b/mod/manage.php
@@ -3,18 +3,56 @@
 
 function manage_post(&$a) {
 
-       if(! local_user() || ! is_array($a->identities))
+       if(! local_user())
                return;
 
+       $uid = local_user();
+       $orig_record = $a->user;
+
+       if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
+               $r = q("select * from user where uid = %d limit 1",
+                       intval($_SESSION['submanage'])
+               );
+               if(count($r)) {
+                       $uid = intval($r[0]['uid']);
+                       $orig_record = $r[0];
+               }
+       }
+
+       $r = q("select * from manage where uid = %d",
+               intval($uid)
+       );
+
+       $submanage = $r;
+
        $identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
        if(! $identity)
                return;
 
-       $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
-               intval($identity),
-               dbesc($a->user['email']),
-               dbesc($a->user['password'])
-       );
+       $limited_id = 0;
+       $original_id = $uid;
+
+       if(count($submanage)) {
+               foreach($submanage as $m) {
+                       if($identity == $m['mid']) {
+                               $limited_id = $m['mid'];
+                               break;
+                       }
+               }
+       }
+
+       if($limited_id) {
+               $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+                       intval($limited_id)
+               );
+       }
+       else {
+               $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
+                       intval($identity),
+                       dbesc($orig_record['email']),
+                       dbesc($orig_record['password'])
+               );
+       }
 
        if(! count($r))
                return;
@@ -27,11 +65,15 @@ function manage_post(&$a) {
        unset($_SESSION['theme']);
        unset($_SESSION['page_flags']);
        unset($_SESSION['return_url']);
-
+       if(x($_SESSION,'submanage'))
+               unset($_SESSION['submanage']);
 
        require_once('include/security.php');
        authenticate_success($r[0],true,true);
 
+       if($limited_id)
+               $_SESSION['submanage'] = $original_id;
+
        goaway($a->get_baseurl() . '/profile/' . $a->user['nickname']);
        // NOTREACHED
 }
@@ -40,23 +82,15 @@ function manage_post(&$a) {
 
 function manage_content(&$a) {
 
-       if(! local_user() || ! is_array($a->identities)) {
+       if(! local_user()) {
                notice( t('Permission denied.') . EOL);
                return;
        }
 
-       $r = q("SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s'",
-               dbesc($a->user['email']),
-               dbesc($a->user['password'])
-       );
-       if(! count($r))
-               return;
-
-
        $o = '<h3>' . t('Manage Identities and/or Pages') . '</h3>';
 
        
-       $o .= '<div id="identity-manage-desc">' . t("\x28Toggle between different identities or community/group pages which share your account details.\x29") . '</div>';
+       $o .= '<div id="identity-manage-desc">' . t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions') . '</div>';
 
        $o .= '<div id="identity-manage-choose">' . t('Select an identity to manage: ') . '</div>';
 
@@ -64,7 +98,7 @@ function manage_content(&$a) {
        $o .= '<form action="manage" method="post" >' . "\r\n";
        $o .= '<select name="identity" size="4">' . "\r\n";
 
-       foreach($r as $rr) {
+       foreach($a->identities as $rr) {
                $selected = (($rr['nickname'] === $a->user['nickname']) ? ' selected="selected" ' : '');
                $o .= '<option ' . $selected . 'value="' . $rr['uid'] . '">' . $rr['username'] . ' (' . $rr['nickname'] . ')</option>' . "\r\n";
        }
diff --git a/mod/settings.php b/mod/settings.php
index 8ca0bb7f811c16ef606c963e976b9571c2dddf2a..c61d5c227a66f10f63a7a96d40941f74d860892f 100755 (executable)
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -39,10 +39,11 @@ EOT;
 
 function settings_post(&$a) {
 
-       if(! local_user()) {
-               notice( t('Permission denied.') . EOL);
+       if(! local_user())
+               return;
+
+       if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
                return;
-       }
 
        if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {
                notice( t('Permission denied.') . EOL);
@@ -403,6 +404,11 @@ function settings_content(&$a) {
                notice( t('Permission denied.') . EOL );
                return;
        }
+
+       if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) {
+               notice( t('Permission denied.') . EOL );
+               return;
+       }
        
        $tabs = array(
                array(
diff --git a/update.php b/update.php
index 166602fb9c48593a84faae61815fd448a0658eec..e1900e8070df641b3a937bcd8c4e385c743500c0 100755 (executable)
--- a/update.php
+++ b/update.php
@@ -1,6 +1,6 @@
 <?php
 
-define( 'UPDATE_VERSION' , 1116 );
+define( 'UPDATE_VERSION' , 1117 );
 
 /**
  *
@@ -997,3 +997,15 @@ function update_1115() {
                ADD INDEX (`moderated`) ");
 }
 
+
+function update_1116() {
+q("create table if not exists `manage` {
+`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+`uid` INT NOT NULL ,
+`mid` INT NOT NULL,
+INDEX ( `uid` ),
+INDEX ( `mid` )
+) ENGINE = MYISAM ");
+
+}
+
Unnamed repository; edit this file 'description' to name the repository.