Merge pull request #843 from annando/master

multiple admin mails
This commit is contained in:
fabrixxm 2013-12-02 00:35:13 -08:00
commit 5f0cb264af
6 changed files with 93 additions and 73 deletions

View file

@ -1906,7 +1906,11 @@ if(! function_exists('feed_birthday')) {
if(! function_exists('is_site_admin')) { if(! function_exists('is_site_admin')) {
function is_site_admin() { function is_site_admin() {
$a = get_app(); $a = get_app();
if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
$adminlist = explode(",", str_replace(" ", "", $a->config['admin_email']));
//if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && ($a->user['email'] === $a->config['admin_email']))
if(local_user() && x($a->user,'email') && x($a->config,'admin_email') && in_array($a->user['email'], $adminlist))
return true; return true;
return false; return false;
} }

View file

@ -114,7 +114,10 @@ function create_user($arr) {
// Disallow somebody creating an account using openid that uses the admin email address, // Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account. // since openid bypasses email verification. We'll allow it if there is not yet an admin account.
if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) { $adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email'])));
//if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
if((x($a->config,'admin_email')) && in_array(strtolower($email), $adminlist) && strlen($openid_url)) {
$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1", $r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
dbesc($email) dbesc($email)
); );

View file

@ -573,7 +573,6 @@ function admin_page_site(&$a) {
'$advanced' => t('Advanced'), '$advanced' => t('Advanced'),
'$performance' => t('Performance'), '$performance' => t('Performance'),
'$relocate'=> t('Relocate - WARNING: advanced function. Could make this server unreachable.'), '$relocate'=> t('Relocate - WARNING: advanced function. Could make this server unreachable.'),
'$baseurl' => $a->get_baseurl(true), '$baseurl' => $a->get_baseurl(true),
// name, label, value, help string, extra data... // name, label, value, help string, extra data...
'$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), 'UTF-8'), '$sitename' => array('sitename', t("Site name"), htmlentities($a->config['sitename'], ENT_QUOTES), 'UTF-8'),
@ -843,7 +842,10 @@ function admin_page_users(&$a){
); );
function _setup_users($e){ function _setup_users($e){
$a = get_app(); $a = get_app();
$adminlist = explode(",", str_replace(" ", "", $a->config['admin_email']));
$accounts = Array( $accounts = Array(
t('Normal Account'), t('Normal Account'),
t('Soapbox Account'), t('Soapbox Account'),
@ -854,8 +856,9 @@ function admin_page_users(&$a){
$e['register_date'] = relative_date($e['register_date']); $e['register_date'] = relative_date($e['register_date']);
$e['login_date'] = relative_date($e['login_date']); $e['login_date'] = relative_date($e['login_date']);
$e['lastitem_date'] = relative_date($e['lastitem_date']); $e['lastitem_date'] = relative_date($e['lastitem_date']);
$e['is_admin'] = ($e['email'] === $a->config['admin_email']); //$e['is_admin'] = ($e['email'] === $a->config['admin_email']);
$e['deleted'] = ($e['account_removed']?relative_date($e['account_expires_on']):False); $e['is_admin'] = in_array($e['email'], $adminlist);
$e['deleted'] = ($e['account_removed']?relative_date($e['account_expires_on']):False);
return $e; return $e;
} }
$users = array_map("_setup_users", $users); $users = array_map("_setup_users", $users);

View file

@ -9,7 +9,10 @@ function friendica_init(&$a) {
$sql_extra = sprintf(" AND nickname = '%s' ",dbesc($a->config['admin_nickname'])); $sql_extra = sprintf(" AND nickname = '%s' ",dbesc($a->config['admin_nickname']));
} }
if (isset($a->config['admin_email']) && $a->config['admin_email']!=''){ if (isset($a->config['admin_email']) && $a->config['admin_email']!=''){
$r = q("SELECT username, nickname FROM user WHERE email='%s' $sql_extra", dbesc($a->config['admin_email'])); $adminlist = explode(",", str_replace(" ", "", $a->config['admin_email']));
//$r = q("SELECT username, nickname FROM user WHERE email='%s' $sql_extra", dbesc($a->config['admin_email']));
$r = q("SELECT username, nickname FROM user WHERE email='%s' $sql_extra", dbesc($adminlist[0]));
$admin = array( $admin = array(
'name' => $r[0]['username'], 'name' => $r[0]['username'],
'profile'=> $a->get_baseurl().'/profile/'.$r[0]['nickname'], 'profile'=> $a->get_baseurl().'/profile/'.$r[0]['nickname'],

View file

@ -118,8 +118,11 @@ function register_post(&$a) {
dbesc($lang) dbesc($lang)
); );
$adminlist = explode(",", str_replace(" ", "", $a->config['admin_email']));
$r = q("SELECT `language` FROM `user` WHERE `email` = '%s' LIMIT 1", $r = q("SELECT `language` FROM `user` WHERE `email` = '%s' LIMIT 1",
dbesc($a->config['admin_email']) //dbesc($a->config['admin_email'])
dbesc($adminlist[0])
); );
if(count($r)) if(count($r))
push_lang($r[0]['language']); push_lang($r[0]['language']);

View file

@ -317,8 +317,8 @@ function settings_post(&$a) {
if((x($_POST,'password')) || (x($_POST,'confirm'))) { if((x($_POST,'password')) || (x($_POST,'confirm'))) {
$newpass = $_POST['password']; $newpass = $_POST['password'];
$confirm = $_POST['confirm']; $confirm = $_POST['confirm'];
$oldpass = hash('whirlpool', $_POST['opassword']); $oldpass = hash('whirlpool', $_POST['opassword']);
$err = false; $err = false;
if($newpass != $confirm ) { if($newpass != $confirm ) {
@ -420,21 +420,25 @@ function settings_post(&$a) {
if($email != $a->user['email']) { if($email != $a->user['email']) {
$email_changed = true; $email_changed = true;
// check for the correct password // check for the correct password
$r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user())); $r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user()));
$password = hash('whirlpool', $_POST['mpassword']); $password = hash('whirlpool', $_POST['mpassword']);
if ($password != $r[0]['password']) { if ($password != $r[0]['password']) {
$err .= t('Wrong Password') . EOL; $err .= t('Wrong Password') . EOL;
$email = $a->user['email'];
}
// check the email is valid
if(! valid_email($email))
$err .= t(' Not valid email.');
// ensure new email is not the admin mail
if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) {
$err .= t(' Cannot change to that email.');
$email = $a->user['email']; $email = $a->user['email'];
} }
// check the email is valid
if(! valid_email($email))
$err .= t(' Not valid email.');
// ensure new email is not the admin mail
//if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) {
if(x($a->config,'admin_email')) {
$adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email'])));
if (in_array(strtolower($email), $adminlist)) {
$err .= t(' Cannot change to that email.');
$email = $a->user['email'];
}
}
} }
if(strlen($err)) { if(strlen($err)) {