diff options
Diffstat (limited to 'Zotlabs')
-rw-r--r-- | Zotlabs/Module/Lockview.php | 35 | ||||
-rw-r--r-- | Zotlabs/Module/Settings.php | 32 |
2 files changed, 54 insertions, 13 deletions
diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 4776e1c56..d86a3c1d8 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -1,17 +1,31 @@ <?php namespace Zotlabs\Module; - +require_once('include/security.php'); class Lockview extends \Zotlabs\Web\Controller { function get() { + + $atokens = array(); + + if(local_channel()) { + $at = q("select * from atoken where atoken_uid = %d", + intval(local_channel()) + ); + if($at) { + foreach($at as $t) { + $atokens[] = atoken_xchan($t); + } + } + } $type = ((argc() > 1) ? argv(1) : 0); if (is_numeric($type)) { $item_id = intval($type); $type='item'; - } else { + } + else { $item_id = ((argc() > 2) ? intval(argv(2)) : 0); } @@ -98,6 +112,13 @@ class Lockview extends \Zotlabs\Web\Controller { if($r) foreach($r as $rr) $l[] = '<li>' . $rr['xchan_name'] . '</li>'; + if($atokens) { + foreach($atokens as $at) { + if(in_array("'" . $at['xchan_hash'] . "'",$allowed_users)) { + $l[] = '<li>' . $at['xchan_name'] . '</li>'; + } + } + } } if(count($deny_groups)) { $r = q("SELECT gname FROM `groups` WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); @@ -110,6 +131,16 @@ class Lockview extends \Zotlabs\Web\Controller { if($r) foreach($r as $rr) $l[] = '<li><strike>' . $rr['xchan_name'] . '</strike></li>'; + + if($atokens) { + foreach($atokens as $at) { + if(in_array("'" . $at['xchan_hash'] . "'",$deny_users)) { + $l[] = '<li><strike>' . $at['xchan_name'] . '</strike></li>'; + } + } + } + + } echo $o . implode($l); diff --git a/Zotlabs/Module/Settings.php b/Zotlabs/Module/Settings.php index 60c9be519..20aa59f78 100644 --- a/Zotlabs/Module/Settings.php +++ b/Zotlabs/Module/Settings.php @@ -121,17 +121,24 @@ class Settings extends \Zotlabs\Web\Controller { if((argc() > 1) && (argv(1) == 'tokens')) { check_form_security_token_redirectOnErr('/settings/tokens', 'settings_tokens'); - - $atoken_id = (($_POST['atoken_id']) ? intval($_POST['atoken_id']) : 0); - $name = trim(escape_tags($_POST['name'])); - $token = trim($_POST['token']); - if(trim($_POST['expires'])) - $expires = datetime_convert(date_default_timezone_get(),'UTC',$_POST['expires']); - else - $expires = NULL_DATE; - + $token_errs = 0; + if(array_key_exists('token',$_POST)) { + $atoken_id = (($_POST['atoken_id']) ? intval($_POST['atoken_id']) : 0); + $name = trim(escape_tags($_POST['name'])); + $token = trim($_POST['token']); + if((! $name) || (! $token)) + $token_errs ++; + if(trim($_POST['expires'])) + $expires = datetime_convert(date_default_timezone_get(),'UTC',$_POST['expires']); + else + $expires = NULL_DATE; + } + if($token_errs) { + notice( t('Name and Password are required.') . EOL); + return; + } if($atoken_id) { - $r = q("update atoken set atoken_name = '%s', atoken_token = '%s' atoken_expire = '%s' + $r = q("update atoken set atoken_name = '%s', atoken_token = '%s' atoken_expires = '%s' where atoken_id = %d and atoken_uid = %d", dbesc($name), dbesc($token), @@ -141,7 +148,7 @@ class Settings extends \Zotlabs\Web\Controller { ); } else { - $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expire ) + $r = q("insert into atoken ( atoken_aid, atoken_uid, atoken_name, atoken_token, atoken_expires ) values ( %d, %d, '%s', '%s', '%s' ) ", intval($channel['channel_account_id']), intval($channel['channel_id']), @@ -767,10 +774,13 @@ class Settings extends \Zotlabs\Web\Controller { intval(local_channel()) ); + $desc = t('Use this form to create temporary access identifiers to share things with non-members. These identities may be used in Access Control Lists and visitors may login using these credentials to access the private content.'); + $tpl = get_markup_template("settings_tokens.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_tokens"), '$title' => t('Guest Access Tokens'), + '$desc' => $desc, '$tokens' => $t, '$atoken' => $atoken, '$name' => array('name', t('Login Name'), (($atoken) ? $atoken['atoken_name'] : ''),''), |