diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/admin.php | 4 | ||||
-rw-r--r-- | mod/delegate.php | 139 | ||||
-rw-r--r-- | mod/network.php | 8 | ||||
-rw-r--r-- | mod/regmod.php | 2 | ||||
-rw-r--r-- | mod/removeaccount.php | 2 | ||||
-rw-r--r-- | mod/removeme.php | 2 | ||||
-rw-r--r-- | mod/settings.php | 8 |
7 files changed, 10 insertions, 155 deletions
diff --git a/mod/admin.php b/mod/admin.php index 5d8faf424..e991fee27 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -13,7 +13,7 @@ function admin_post(&$a){ logger('admin_post', LOGGER_DEBUG); - if((!is_site_admin()) || ($_SESSION['delegate'])) { + if(! is_site_admin()) { return; } @@ -80,7 +80,7 @@ function admin_content(&$a) { logger('admin_content', LOGGER_DEBUG); - if((!is_site_admin()) || ($_SESSION['delegate'])) { + if(! is_site_admin()) { return login(false); } diff --git a/mod/delegate.php b/mod/delegate.php deleted file mode 100644 index cc399b6e5..000000000 --- a/mod/delegate.php +++ /dev/null @@ -1,139 +0,0 @@ -<?php - -function delegate_content(&$a) { - - if(! local_channel()) { - notice( t('Permission denied.') . EOL); - return; - } - - if($a->argc > 2 && $a->argv[1] === 'add' && intval($a->argv[2])) { - - // delegated admins can view but not change delegation permissions - - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) - goaway($a->get_baseurl() . '/delegate'); - - - $id = $a->argv[2]; - - $r = q("select `nickname` from user where uid = %d limit 1", - intval($id) - ); - if(count($r)) { - $r = q("select id from contact where uid = %d and nurl = '%s' limit 1", - intval(local_channel()), - dbesc(normalise_link($a->get_baseurl() . '/channel/' . $r[0]['nickname'])) - ); - if(count($r)) { - q("insert into manage ( uid, mid ) values ( %d , %d ) ", - intval($a->argv[2]), - intval(local_channel()) - ); - } - } - goaway($a->get_baseurl() . '/delegate'); - } - - if($a->argc > 2 && $a->argv[1] === 'remove' && intval($a->argv[2])) { - - // delegated admins can view but not change delegation permissions - - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) - goaway($a->get_baseurl() . '/delegate'); - - q("delete from manage where uid = %d and mid = %d", - intval($a->argv[2]), - intval(local_channel()) - ); - goaway($a->get_baseurl() . '/delegate'); - - } - - $full_managers = array(); - - // These people can manage this account/page with full privilege - - $r = q("SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s' ", - dbesc($a->user['email']), - dbesc($a->user['password']) - ); - if(count($r)) - $full_managers = $r; - - $delegates = array(); - - // find everybody that currently has delegated management to this account/page - - $r = q("select * from user where uid in ( select uid from manage where mid = %d ) ", - intval(local_channel()) - ); - - if(count($r)) - $delegates = $r; - - $uids = array(); - - if(count($full_managers)) - foreach($full_managers as $rr) - $uids[] = $rr['uid']; - - if(count($delegates)) - foreach($delegates as $rr) - $uids[] = $rr['uid']; - - // find every contact who might be a candidate for delegation - - $r = q("select nurl from contact where substring_index(contact.nurl,'/',3) = '%s' - and contact.uid = %d and contact.self = 0 and network = '%s' ", - dbesc(normalise_link($a->get_baseurl())), - intval(local_channel()), - dbesc(NETWORK_DFRN) - ); - - if(! count($r)) { - notice( t('No potential page delegates located.') . EOL); - return; - } - - $nicknames = array(); - - if(count($r)) { - foreach($r as $rr) { - $nicknames[] = "'" . dbesc(basename($rr['nurl'])) . "'"; - } - } - - $potentials = array(); - - $nicks = implode(',',$nicknames); - - // get user records for all potential page delegates who are not already delegates or managers - - $r = q("select `uid`, `username`, `nickname` from user where nickname in ( $nicks )"); - - if(count($r)) - foreach($r as $rr) - if(! in_array($rr['uid'],$uids)) - $potentials[] = $rr; - - $o = replace_macros(get_markup_template('delegate.tpl'),array( - '$header' => t('Delegate Page Management'), - '$base' => $a->get_baseurl(), - '$desc' => t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'), - '$head_managers' => t('Existing Page Managers'), - '$managers' => $full_managers, - '$head_delegates' => t('Existing Page Delegates'), - '$delegates' => $delegates, - '$head_potentials' => t('Potential Delegates'), - '$potentials' => $potentials, - '$remove' => t('Remove'), - '$add' => t('Add'), - '$none' => t('No entries.') - )); - - - return $o; - - -}
\ No newline at end of file diff --git a/mod/network.php b/mod/network.php index 161b06804..d24d665d8 100644 --- a/mod/network.php +++ b/mod/network.php @@ -342,9 +342,11 @@ function network_content(&$a, $update = 0, $load = false) { $sys = get_sys_channel(); $uids = " and item.uid = " . intval($sys['channel_id']) . " "; $a->data['firehose'] = intval($sys['channel_id']); + $abook_uids = ""; } else { $uids = " and item.uid = " . local_channel() . " "; + $abook_uids = " and abook.abook_channel = " . local_channel() . " "; } if(get_pconfig(local_channel(),'system','network_list_mode')) @@ -376,7 +378,7 @@ function network_content(&$a, $update = 0, $load = false) { $items = q("SELECT item.*, item.id AS item_id, received FROM item left join abook on item.author_xchan = abook.abook_xchan - WHERE true $uids AND item_restrict = 0 + WHERE true $uids $abook_uids AND item_restrict = 0 and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $simple_update $sql_extra $sql_nets @@ -407,7 +409,7 @@ function network_content(&$a, $update = 0, $load = false) { $r = q("SELECT distinct item.id AS item_id, $ordering FROM item left join abook on item.author_xchan = abook.abook_xchan - WHERE true $uids AND item.item_restrict = 0 + WHERE true $uids $abook_uids AND item.item_restrict = 0 AND item.parent = item.id and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra3 $sql_extra $sql_nets @@ -421,7 +423,7 @@ function network_content(&$a, $update = 0, $load = false) { // update $r = q("SELECT item.parent AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan - WHERE true $uids AND item.item_restrict = 0 $simple_update + WHERE true $uids $abook_uids AND item.item_restrict = 0 $simple_update and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) $sql_extra3 $sql_extra $sql_nets ", intval(ABOOK_FLAG_BLOCKED) diff --git a/mod/regmod.php b/mod/regmod.php index bdb794347..c0a75ef48 100644 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -13,7 +13,7 @@ function regmod_content(&$a) { return $o; } - if((!is_site_admin()) || (x($_SESSION,'submanage') && intval($_SESSION['submanage']))) { + if(! is_site_admin()) { notice( t('Permission denied.') . EOL); return ''; } diff --git a/mod/removeaccount.php b/mod/removeaccount.php index 70979ec15..f3fa53f75 100644 --- a/mod/removeaccount.php +++ b/mod/removeaccount.php @@ -5,7 +5,7 @@ function removeaccount_post(&$a) { if(! local_channel()) return; - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) + if($_SESSION['delegate']) return; if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) diff --git a/mod/removeme.php b/mod/removeme.php index ff955775a..b604bc7db 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -5,7 +5,7 @@ function removeme_post(&$a) { if(! local_channel()) return; - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) + if($_SESSION['delegate']) return; if((! x($_POST,'qxz_password')) || (! strlen(trim($_POST['qxz_password'])))) diff --git a/mod/settings.php b/mod/settings.php index afc05f095..8752a47b2 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -49,9 +49,6 @@ function settings_post(&$a) { logger('mod_settings: ' . print_r($_REQUEST,true)); - if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) - return; - if((argc() > 1) && (argv(1) === 'oauth') && x($_POST,'remove')){ check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); @@ -573,11 +570,6 @@ function settings_content(&$a) { if($channel) head_set_icon($channel['xchan_photo_s']); -// if(x($_SESSION,'submanage') && intval($_SESSION['submanage'])) { -// notice( t('Permission denied.') . EOL ); -// return; -// } - $yes_no = array(t('No'),t('Yes')); if((argc() > 1) && (argv(1) === 'oauth')) { |