aboutsummaryrefslogtreecommitdiffstats
path: root/mod/manage.php
blob: e0e99b123d4940b8a264b60ad1367bb50dbe826e (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php


function manage_post(&$a) {

	if(! local_user())
		return;

	$uid = local_user();
	$orig_record = $a->user;

	if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) {
		$r = q("select * from user where uid = %d limit 1",
			intval($_SESSION['submanage'])
		);
		if(count($r)) {
			$uid = intval($r[0]['uid']);
			$orig_record = $r[0];
		}
	}

	$r = q("select * from manage where uid = %d",
		intval($uid)
	);

	$submanage = $r;

	$identity = ((x($_POST['identity'])) ? intval($_POST['identity']) : 0);
	if(! $identity)
		return;

	$limited_id = 0;
	$original_id = $uid;

	if(count($submanage)) {
		foreach($submanage as $m) {
			if($identity == $m['mid']) {
				$limited_id = $m['mid'];
				break;
			}
		}
	}

	if($limited_id) {
		$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
			intval($limited_id)
		);
	}
	else {
		$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1",
			intval($identity),
			dbesc($orig_record['email']),
			dbesc($orig_record['password'])
		);
	}

	if(! count($r))
		return;

	unset($_SESSION['authenticated']);
	unset($_SESSION['uid']);
	unset($_SESSION['visitor_id']);
	unset($_SESSION['administrator']);
	unset($_SESSION['cid']);
	unset($_SESSION['theme']);
	unset($_SESSION['page_flags']);
	unset($_SESSION['return_url']);
	if(x($_SESSION,'submanage'))
		unset($_SESSION['submanage']);

	require_once('include/security.php');
	authenticate_success($r[0],true,true);

	if($limited_id)
		$_SESSION['submanage'] = $original_id;

	goaway($a->get_baseurl(true) . '/profile/' . $a->user['nickname']);
	// NOTREACHED
}



function manage_content(&$a) {

	if(! get_account_id()) {
		notice( t('Permission denied.') . EOL);
		return;
	}

	$active = null;

	if(local_user()) {
		$r = q("select * from entity where entity_id = %d limit 1",
			intval(local_user())
		);

		if($r && count($r))
			$active = $r[0];
	}


	$o = replace_macros(get_markup_template('channels.tpl'), array(
		'$header' => t('Manage Profile Channels'),
		'$desc' => t('These are your Profile Channels. Select any Profile Channel to attach and make that the current channel.'),
		'$active' => $active,
	));


	return $o;

}