2012-01-26 20:08:02 -08:00
< ? php
2014-09-17 11:00:34 +02:00
require_once ( 'mod/settings.php' );
2017-01-09 23:12:54 +11:00
function delegate_init ( App $a ) {
2014-09-17 11:00:34 +02:00
return settings_init ( $a );
}
2016-02-07 15:11:34 +01:00
2017-01-09 23:12:54 +11:00
function delegate_content ( App $a ) {
2012-01-26 20:08:02 -08:00
2016-12-20 11:56:34 +01:00
if ( ! local_user ()) {
2012-01-26 20:08:02 -08:00
notice ( t ( 'Permission denied.' ) . EOL );
return ;
}
2016-12-20 17:43:46 +01:00
if ( $a -> argc > 2 && $a -> argv [ 1 ] === 'add' && intval ( $a -> argv [ 2 ])) {
2012-01-26 20:08:02 -08:00
// delegated admins can view but not change delegation permissions
2016-12-20 10:35:28 +01:00
if ( x ( $_SESSION , 'submanage' ) && intval ( $_SESSION [ 'submanage' ])) {
2016-12-19 14:26:13 +01:00
goaway ( App :: get_baseurl () . '/delegate' );
2016-12-20 10:35:28 +01:00
}
2012-01-26 20:08:02 -08:00
$id = $a -> argv [ 2 ];
2017-01-26 15:23:30 +01:00
$r = q ( " SELECT `nickname` FROM `user` WHERE `uid` = %d LIMIT 1 " ,
2012-01-26 20:08:02 -08:00
intval ( $id )
);
2016-12-14 09:41:33 +01:00
if ( dbm :: is_result ( $r )) {
2017-01-26 15:23:30 +01:00
$r = q ( " SELECT `id` FROM `contact` WHERE `uid` = %d AND `nurl` = '%s' LIMIT 1 " ,
2012-01-26 20:08:02 -08:00
intval ( local_user ()),
2016-12-19 14:26:13 +01:00
dbesc ( normalise_link ( App :: get_baseurl () . '/profile/' . $r [ 0 ][ 'nickname' ]))
2012-01-26 20:08:02 -08:00
);
2016-12-14 09:41:33 +01:00
if ( dbm :: is_result ( $r )) {
2017-01-26 15:23:30 +01:00
q ( " INSERT INTO `manage` ( `uid`, `mid` ) VALUES ( %d , %d ) " ,
2012-01-26 20:08:02 -08:00
intval ( $a -> argv [ 2 ]),
intval ( local_user ())
);
}
}
2016-12-19 14:26:13 +01:00
goaway ( App :: get_baseurl () . '/delegate' );
2012-01-26 20:08:02 -08:00
}
2016-12-20 17:43:46 +01:00
if ( $a -> argc > 2 && $a -> argv [ 1 ] === 'remove' && intval ( $a -> argv [ 2 ])) {
2012-01-26 20:08:02 -08:00
// delegated admins can view but not change delegation permissions
2016-12-20 10:35:28 +01:00
if ( x ( $_SESSION , 'submanage' ) && intval ( $_SESSION [ 'submanage' ])) {
2016-12-19 14:26:13 +01:00
goaway ( App :: get_baseurl () . '/delegate' );
2016-12-20 10:35:28 +01:00
}
2012-01-26 20:08:02 -08:00
2016-12-19 14:26:13 +01:00
q ( " DELETE FROM `manage` WHERE `uid` = %d AND `mid` = %d LIMIT 1 " ,
2012-01-26 20:08:02 -08:00
intval ( $a -> argv [ 2 ]),
intval ( local_user ())
);
2016-12-19 14:26:13 +01:00
goaway ( App :: get_baseurl () . '/delegate' );
2012-01-26 20:08:02 -08:00
}
$full_managers = array ();
// These people can manage this account/page with full privilege
2012-01-26 23:03:27 -08:00
$r = q ( " SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s' " ,
2012-01-26 20:08:02 -08:00
dbesc ( $a -> user [ 'email' ]),
dbesc ( $a -> user [ 'password' ])
);
2017-01-26 15:23:30 +01:00
if ( dbm :: is_result ( $r )) {
2012-01-26 20:08:02 -08:00
$full_managers = $r ;
2017-01-26 15:23:30 +01:00
}
2012-01-26 20:08:02 -08:00
$delegates = array ();
// find everybody that currently has delegated management to this account/page
2017-01-26 15:23:30 +01:00
$r = q ( " SELECT * FROM `user` WHERE `uid` IN ( SELECT `uid` FROM `manage` WHERE `mid` = %d ) " ,
2012-01-26 20:08:02 -08:00
intval ( local_user ())
);
2017-01-26 15:23:30 +01:00
if ( dbm :: is_result ( $r )) {
2012-01-26 20:08:02 -08:00
$delegates = $r ;
2017-01-26 15:23:30 +01:00
}
2012-01-26 20:08:02 -08:00
$uids = array ();
2017-01-26 15:23:30 +01:00
if ( count ( $full_managers )) {
foreach ( $full_managers as $rr ) {
2012-01-26 20:08:02 -08:00
$uids [] = $rr [ 'uid' ];
2017-01-26 15:23:30 +01:00
}
}
2012-01-26 20:08:02 -08:00
2017-01-26 15:23:30 +01:00
if ( count ( $delegates )) {
foreach ( $delegates as $rr ) {
2012-01-26 20:08:02 -08:00
$uids [] = $rr [ 'uid' ];
2017-01-26 15:23:30 +01:00
}
}
2012-01-26 20:08:02 -08:00
// find every contact who might be a candidate for delegation
2017-01-26 15:23:30 +01:00
$r = q ( " SELECT `nurl` FROM `contact` WHERE SUBSTRING_INDEX(`contact`.`nurl`,'/',3) = '%s'
AND `contact` . `uid` = % d AND `contact` . `self` = 0 AND `network` = '%s' " ,
2016-12-19 14:26:13 +01:00
dbesc ( normalise_link ( App :: get_baseurl ())),
2012-01-26 20:08:02 -08:00
intval ( local_user ()),
dbesc ( NETWORK_DFRN )
2017-01-09 23:12:54 +11:00
);
2012-01-26 20:08:02 -08:00
2016-12-20 10:10:33 +01:00
if ( ! dbm :: is_result ( $r )) {
2012-01-26 20:08:02 -08:00
notice ( t ( 'No potential page delegates located.' ) . EOL );
return ;
}
$nicknames = array ();
2016-12-14 09:41:33 +01:00
if ( dbm :: is_result ( $r )) {
2016-12-20 21:15:53 +01:00
foreach ( $r as $rr ) {
2012-01-26 20:08:02 -08:00
$nicknames [] = " ' " . dbesc ( basename ( $rr [ 'nurl' ])) . " ' " ;
}
}
$potentials = array ();
$nicks = implode ( ',' , $nicknames );
// get user records for all potential page delegates who are not already delegates or managers
2017-01-26 15:23:30 +01:00
$r = q ( " SELECT `uid`, `username`, `nickname` FROM `user` WHERE `nickname` IN ( $nicks ) " );
2012-01-26 20:08:02 -08:00
2017-01-26 15:23:30 +01:00
if ( dbm :: is_result ( $r )) {
foreach ( $r as $rr ) {
if ( ! in_array ( $rr [ 'uid' ], $uids )) {
2012-01-26 20:08:02 -08:00
$potentials [] = $rr ;
2017-01-26 15:23:30 +01:00
}
}
}
2012-01-26 20:08:02 -08:00
2014-04-24 11:49:11 +02:00
require_once ( " mod/settings.php " );
settings_init ( $a );
2012-01-26 20:08:02 -08:00
$o = replace_macros ( get_markup_template ( 'delegate.tpl' ), array (
'$header' => t ( 'Delegate Page Management' ),
2016-12-19 14:26:13 +01:00
'$base' => App :: get_baseurl (),
2012-01-26 20:08:02 -08:00
'$desc' => t ( 'Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.' ),
'$head_managers' => t ( 'Existing Page Managers' ),
'$managers' => $full_managers ,
'$head_delegates' => t ( 'Existing Page Delegates' ),
'$delegates' => $delegates ,
'$head_potentials' => t ( 'Potential Delegates' ),
'$potentials' => $potentials ,
'$remove' => t ( 'Remove' ),
'$add' => t ( 'Add' ),
'$none' => t ( 'No entries.' )
));
return $o ;
2016-02-07 15:11:34 +01:00
2014-04-24 11:49:11 +02:00
}