Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

189 lines
4.5KB

  1. <?php
  2. /**
  3. * @file mod/manage.php
  4. */
  5. use Friendica\App;
  6. use Friendica\Core\Authentication;
  7. use Friendica\Core\Addon;
  8. use Friendica\Core\L10n;
  9. use Friendica\Core\Renderer;
  10. use Friendica\Core\System;
  11. use Friendica\Database\DBA;
  12. function manage_post(App $a) {
  13. if (! local_user()) {
  14. return;
  15. }
  16. $uid = local_user();
  17. $orig_record = $a->user;
  18. if(!empty($_SESSION['submanage'])) {
  19. $r = q("select * from user where uid = %d limit 1",
  20. intval($_SESSION['submanage'])
  21. );
  22. if (DBA::isResult($r)) {
  23. $uid = intval($r[0]['uid']);
  24. $orig_record = $r[0];
  25. }
  26. }
  27. $r = q("SELECT * FROM `manage` WHERE `uid` = %d",
  28. intval($uid)
  29. );
  30. $submanage = $r;
  31. $identity = (!empty($_POST['identity']) ? intval($_POST['identity']) : 0);
  32. if (!$identity) {
  33. return;
  34. }
  35. $limited_id = 0;
  36. $original_id = $uid;
  37. if (DBA::isResult($submanage)) {
  38. foreach ($submanage as $m) {
  39. if ($identity == $m['mid']) {
  40. $limited_id = $m['mid'];
  41. break;
  42. }
  43. }
  44. }
  45. if ($limited_id) {
  46. $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  47. intval($limited_id)
  48. );
  49. } else {
  50. // Check if the target user is one of our children
  51. $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1",
  52. intval($identity),
  53. DBA::escape($orig_record['uid'])
  54. );
  55. // Check if the target user is one of our siblings
  56. if (!DBA::isResult($r) && ($orig_record['parent-uid'] != 0)) {
  57. $r = q("SELECT * FROM `user` WHERE `uid` = %d AND `parent-uid` = %d LIMIT 1",
  58. intval($identity),
  59. DBA::escape($orig_record['parent-uid'])
  60. );
  61. }
  62. // Check if it's our parent
  63. if (!DBA::isResult($r) && ($orig_record['parent-uid'] != 0) && ($orig_record['parent-uid'] == $identity)) {
  64. $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  65. intval($identity)
  66. );
  67. }
  68. // Finally check if it's out own user
  69. if (!DBA::isResult($r) && ($orig_record['uid'] != 0) && ($orig_record['uid'] == $identity)) {
  70. $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  71. intval($identity)
  72. );
  73. }
  74. }
  75. if (!DBA::isResult($r)) {
  76. return;
  77. }
  78. unset($_SESSION['authenticated']);
  79. unset($_SESSION['uid']);
  80. unset($_SESSION['visitor_id']);
  81. unset($_SESSION['administrator']);
  82. unset($_SESSION['cid']);
  83. unset($_SESSION['theme']);
  84. unset($_SESSION['mobile-theme']);
  85. unset($_SESSION['page_flags']);
  86. unset($_SESSION['return_path']);
  87. if (!empty($_SESSION['submanage'])) {
  88. unset($_SESSION['submanage']);
  89. }
  90. if (!empty($_SESSION['sysmsg'])) {
  91. unset($_SESSION['sysmsg']);
  92. }
  93. if (!empty($_SESSION['sysmsg_info'])) {
  94. unset($_SESSION['sysmsg_info']);
  95. }
  96. Authentication::setAuthenticatedSessionForUser($r[0], true, true);
  97. if ($limited_id) {
  98. $_SESSION['submanage'] = $original_id;
  99. }
  100. $ret = [];
  101. Addon::callHooks('home_init',$ret);
  102. $a->internalRedirect('profile/' . $a->user['nickname'] );
  103. // NOTREACHED
  104. }
  105. function manage_content(App $a) {
  106. if (! local_user()) {
  107. notice(L10n::t('Permission denied.') . EOL);
  108. return;
  109. }
  110. if (!empty($_GET['identity'])) {
  111. $_POST['identity'] = $_GET['identity'];
  112. manage_post($a);
  113. return;
  114. }
  115. $identities = $a->identities;
  116. //getting additinal information for each identity
  117. foreach ($identities as $key=>$id) {
  118. $thumb = q("SELECT `thumb` FROM `contact` WHERE `uid` = '%s' AND `self` = 1",
  119. DBA::escape($id['uid'])
  120. );
  121. $identities[$key]['thumb'] = $thumb[0]['thumb'];
  122. $identities[$key]['selected'] = ($id['nickname'] === $a->user['nickname']);
  123. $notifications = 0;
  124. $r = q("SELECT DISTINCT(`parent`) FROM `notify` WHERE `uid` = %d AND NOT `seen` AND NOT (`type` IN (%d, %d))",
  125. intval($id['uid']), intval(NOTIFY_INTRO), intval(NOTIFY_MAIL));
  126. if (DBA::isResult($r)) {
  127. $notifications = sizeof($r);
  128. }
  129. $r = q("SELECT DISTINCT(`convid`) FROM `mail` WHERE `uid` = %d AND NOT `seen`",
  130. intval($id['uid']));
  131. if (DBA::isResult($r)) {
  132. $notifications = $notifications + sizeof($r);
  133. }
  134. $r = q("SELECT COUNT(*) AS `introductions` FROM `intro` WHERE NOT `blocked` AND NOT `ignore` AND `uid` = %d",
  135. intval($id['uid']));
  136. if (DBA::isResult($r)) {
  137. $notifications = $notifications + $r[0]["introductions"];
  138. }
  139. $identities[$key]['notifications'] = $notifications;
  140. }
  141. $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('manage.tpl'), [
  142. '$title' => L10n::t('Manage Identities and/or Pages'),
  143. '$desc' => L10n::t('Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions'),
  144. '$choose' => L10n::t('Select an identity to manage: '),
  145. '$identities' => $identities,
  146. '$submit' => L10n::t('Submit'),
  147. ]);
  148. return $o;
  149. }