From f5826105bfc514599b2c5b6692bca14ca4bc5d78 Mon Sep 17 00:00:00 2001
From: Mike Macgirvin <mike@macgirvin.com>
Date: Mon, 5 Jul 2010 03:33:02 -0700
Subject: [PATCH] group work, dfrn_poll

---
 auth.php              |  79 -------------------------------
 include/group.php     | 105 ++++++++++++++++++++++++++++++++++++++++++
 mod/contacts.php      |   2 +-
 mod/dfrn_poll.php     |   2 +-
 mod/notifications.php |   2 +-
 nav.php               |  23 ---------
 6 files changed, 108 insertions(+), 105 deletions(-)
 delete mode 100644 auth.php
 create mode 100644 include/group.php
 delete mode 100644 nav.php

diff --git a/auth.php b/auth.php
deleted file mode 100644
index e22651cdd1..0000000000
--- a/auth.php
+++ /dev/null
@@ -1,79 +0,0 @@
-<?php
-
-// login/logout 
-
-if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] == 'login'))) {
-	if($_POST['auth-params'] == 'logout' || $a->module == "logout") {
-		unset($_SESSION['authenticated']);
-		unset($_SESSION['uid']);
-		unset($_SESSION['visitor_id']);
-		unset($_SESSION['administrator']);
-		$_SESSION['sysmsg'] = "Logged out." . EOL;
-		goaway($a->get_baseurl());
-	}
-	if(x($_SESSION,'uid')) {
-		$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
-			intval($_SESSION['uid']));
-		if($r === NULL || (! count($r))) {
-			goaway($a->get_baseurl());
-		}
-		$a->user = $r[0];
-		if(strlen($a->user['timezone']))
-			date_default_timezone_set($a->user['timezone']);
-
-	}
-}
-else {
-	unset($_SESSION['authenticated']);
-	unset($_SESSION['uid']);
-	unset($_SESSION['visitor_id']);
-	unset($_SESSION['administrator']);
-	$encrypted = hash('whirlpool',trim($_POST['password']));
-
-	if((x($_POST,'auth-params')) && $_POST['auth-params'] == 'login') {
-		$r = q("SELECT * FROM `user` 
-			WHERE `email` = '%s' AND `password` = '%s' LIMIT 1",
-			dbesc(trim($_POST['login-name'])),
-			dbesc($encrypted));
-		if(($r === false) || (! count($r))) {
-			$_SESSION['sysmsg'] = 'Login failed.' . EOL ;
-			goaway($a->get_baseurl());
-  		}
-		$_SESSION['uid'] = $r[0]['uid'];
-		$_SESSION['admin'] = $r[0]['admin'];
-		$_SESSION['authenticated'] = 1;
-		if(x($r[0],'nickname'))
-			$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
-		else
-			$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['uid'];
-
-		$_SESSION['sysmsg'] = "Welcome back " . $r[0]['username'] . EOL;
-		$a->user = $r[0];
-		if(strlen($a->user['timezone']))
-			date_default_timezone_set($a->user['timezone']);
-
-	}
-}
-
-// Returns an array of group names this contact is a member of.
-// Since contact-id's are unique and each "belongs" to a given user uid,
-// this array will only contain group names related to the uid of this
-// DFRN contact. They are *not* neccessarily unique across the entire site. 
-
-
-if(! function_exists('init_groups_visitor')) {
-function init_groups_visitor($contact_id) {
-	$groups = array();
-	$r = q("SELECT `group_member`.`gid`, `group`.`name` 
-		FROM `group_member` LEFT JOIN `group` ON `group_member`.`gid` = `group`.`id` 
-		WHERE `group_member`.`contact-id` = %d ",
-		intval($contact_id)
-	);
-	if(count($r)) {
-		foreach($r as $rr)
-			$groups[] = $rr['name'];
-	}
-	return $groups;
-}}
-
-
diff --git a/include/group.php b/include/group.php
new file mode 100644
index 0000000000..e92e4480ba
--- /dev/null
+++ b/include/group.php
@@ -0,0 +1,105 @@
+<?php
+
+
+function group_add($uid,$name) {
+
+	$ret = false;
+	if(x($uid) && x($name)) {
+		$r = group_byname($uid,$name); // check for dups
+		if($r !== false) 
+			return true;
+		$r = q("INSERT INTO `group` ( `uid`', `name` )
+			VALUES( %d, '%s' ) ",
+			intval($uid),
+			dbesc($name)
+		);
+		$ret = $r;
+	}	
+	return $ret;
+}
+
+
+function group_rmv($uid,$name) {
+	$ret = false;
+	if(x($uid) && x($name)) {
+		$r = q("SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
+			intval($uid),
+			dbesc($name)
+		}
+		if(count($r))
+			$group_id = $r[0]['id'];
+		if(! $group_id)
+			return false;
+
+		// remove all members
+		$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d ",
+			intval($uid),
+			intval($group_id)
+		);
+
+		// remove group
+		$r = q("DELETE FROM `group` WHERE `uid` = %d AND `id` = %d LIMIT 1",
+			intval($uid),
+			dbesc($name)
+		);
+
+		$ret = $r;
+
+	}
+	// TODO!! remove this group from all content ACL's !!
+
+	return $ret;
+}
+
+function group_byname($uid,$name) {
+	if((! $uid) || (! strlen($name)))
+		return false;
+	$r = q("SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' LIMIT 1",
+		intval($uid),
+		dbesc($name)
+	);
+	if(count($r))
+		return $r[0]['id'];
+	return false;
+}
+
+function group_rmv_member($uid,$name,$member) {
+	$gid = group_byname($uid,$name);
+	if(! $gid)
+		return false;
+	if(! ( $uid && $gid && $member))
+		return false;
+	$r = q("DELETE FROM `group_member` WHERE `uid` = %d AND `gid` = %d AND `contact-id` = %d LIMIT 1 ",
+		intval($uid),
+		intval($gid),
+		intval($member)
+	);
+	return $r;
+	
+
+}
+
+
+function group_add_member($uid,$name,$member) {
+	$gid = group_byname($uid,$name);
+	if((! $gid) || (! $uid) || (! $member))
+		return false;
+
+	$r = q("SELECT * FROM `group_member` WHERE `uid` = %d AND `id` = %d AND `contact-id` = %d LIMIT 1",	
+		intval($uid),
+		intval($gid),
+		intval($member)
+	);
+	if(count($r))
+		return true;	// You might question this, but 
+				// we indicate success because the group was in fact created
+				// -- It was just created at another time
+ 	if(! count($r))
+		$r = q("INSERT INTO `group_member` (`uid`, `gid`, `contact-id`)
+			VALUES( %d, %d, %d ) ",
+			intval($uid),
+			intval($gid),
+			intval($member)
+	);
+	return $r;
+}
\ No newline at end of file
diff --git a/mod/contacts.php b/mod/contacts.php
index b14377cea7..5435df7b25 100644
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -52,7 +52,7 @@ function contacts_post(&$a) {
 				}
 			}
 			if($intval($contact_id))
-				q("DELETE * FROM `item` WHERE `contact-id` = %d ",
+				q("DELETE FROM `item` WHERE `contact-id` = %d LIMIT 1",
 					intval($contact_id)
 				);
 
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index e7f4b0786e..da60eb6292 100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -46,7 +46,7 @@ function dfrn_poll_init(&$a) {
 
 	if((x($type)) && ($type == 'profile-check')) {
 
-		q("DELETE FROM `expire` WHERE `expire` < " . time());
+		q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
 		$r = q("SELECT * FROM `profile_check` WHERE `dfrn_id` = '%s' ORDER BY `expire` DESC",
 			dbesc($dfrn_id));
 		if(count($r))
diff --git a/mod/notifications.php b/mod/notifications.php
index 1064729ffd..6ade0c0bb3 100644
--- a/mod/notifications.php
+++ b/mod/notifications.php
@@ -28,7 +28,7 @@ function notifications_post(&$a) {
 			return;
 		}
 		if($_POST['submit'] == 'Discard') {
-			$r = q("DELETE `intro` WHERE `id` = %d LIMIT 1", intval($intro_id));	
+			$r = q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", intval($intro_id));	
 			$r = q("DELETE `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", 
 				intval($request_id),
 				intval($_SESSION['uid']));
diff --git a/nav.php b/nav.php
deleted file mode 100644
index c51c56ad22..0000000000
--- a/nav.php
+++ /dev/null
@@ -1,23 +0,0 @@
-
-<?php
-	$a->page['nav'] .= "<span id=\"nav-link-wrapper\" >\r\n";
-
-	if(x($_SESSION,'uid')) {
-
-		$a->page['nav'] .= "<a id=\"nav-notify-link\" class=\"nav-commlink\" href=\"notifications\">Notifications</a>\r\n";
-
-		$a->page['nav'] .= "<a id=\"nav-messages-link\" class=\"nav-commlink\" href=\"Messages\">Messages</a>\r\n";
-
-
-		$a->page['nav'] .= "<a id=\"nav-logout-link\" class=\"nav-link\" href=\"logout\">Logout</a>\r\n";
-
-		$a->page['nav'] .= "<a id=\"nav-settings-link\" class=\"nav-link\" href=\"settings\">Settings</a>\r\n";
-
-		$a->page['nav'] .= "<a id=\"nav-profiles-link\" class=\"nav-link\" href=\"profiles\">Profiles</a>\r\n";
-
-		$a->page['nav'] .= "<a id=\"nav-contacts-link\" class=\"nav-link\" href=\"contacts\">Contacts</a>\r\n";
-
-		$a->page['nav'] .= "<a id=\"nav-home-link\" class=\"nav-link\" href=\"profile/{$_SESSION['uid']}\">Home</a>\r\n";
-		
-	}
-	$a->page['nav'] .= "</span>\r\n<span id=\"nav-end\"></span>\r\n";