2012-01-27 04:08:02 +00:00
< ? php
2014-09-17 09:00:34 +00:00
require_once ( 'mod/settings.php' );
2016-12-20 09:58:55 +00:00
function delegate_init ( App & $a ) {
2014-09-17 09:00:34 +00:00
return settings_init ( $a );
}
2016-02-07 14:11:34 +00:00
2016-12-20 09:58:55 +00:00
function delegate_content ( App & $a ) {
2012-01-27 04:08:02 +00:00
2016-12-20 10:56:34 +00:00
if ( ! local_user ()) {
2012-01-27 04:08:02 +00:00
notice ( t ( 'Permission denied.' ) . EOL );
return ;
}
2016-12-20 16:43:46 +00:00
if ( $a -> argc > 2 && $a -> argv [ 1 ] === 'add' && intval ( $a -> argv [ 2 ])) {
2012-01-27 04:08:02 +00:00
// delegated admins can view but not change delegation permissions
2016-12-20 09:35:28 +00:00
if ( x ( $_SESSION , 'submanage' ) && intval ( $_SESSION [ 'submanage' ])) {
2016-12-19 13:26:13 +00:00
goaway ( App :: get_baseurl () . '/delegate' );
2016-12-20 09:35:28 +00:00
}
2012-01-27 04:08:02 +00:00
$id = $a -> argv [ 2 ];
$r = q ( " select `nickname` from user where uid = %d limit 1 " ,
intval ( $id )
);
2016-12-14 08:41:33 +00:00
if ( dbm :: is_result ( $r )) {
2012-01-27 04:08:02 +00:00
$r = q ( " select id from contact where uid = %d and nurl = '%s' limit 1 " ,
intval ( local_user ()),
2016-12-19 13:26:13 +00:00
dbesc ( normalise_link ( App :: get_baseurl () . '/profile/' . $r [ 0 ][ 'nickname' ]))
2012-01-27 04:08:02 +00:00
);
2016-12-14 08:41:33 +00:00
if ( dbm :: is_result ( $r )) {
2012-01-27 04:08:02 +00:00
q ( " insert into manage ( uid, mid ) values ( %d , %d ) " ,
intval ( $a -> argv [ 2 ]),
intval ( local_user ())
);
}
}
2016-12-19 13:26:13 +00:00
goaway ( App :: get_baseurl () . '/delegate' );
2012-01-27 04:08:02 +00:00
}
2016-12-20 16:43:46 +00:00
if ( $a -> argc > 2 && $a -> argv [ 1 ] === 'remove' && intval ( $a -> argv [ 2 ])) {
2012-01-27 04:08:02 +00:00
// delegated admins can view but not change delegation permissions
2016-12-20 09:35:28 +00:00
if ( x ( $_SESSION , 'submanage' ) && intval ( $_SESSION [ 'submanage' ])) {
2016-12-19 13:26:13 +00:00
goaway ( App :: get_baseurl () . '/delegate' );
2016-12-20 09:35:28 +00:00
}
2012-01-27 04:08:02 +00:00
2016-12-19 13:26:13 +00:00
q ( " DELETE FROM `manage` WHERE `uid` = %d AND `mid` = %d LIMIT 1 " ,
2012-01-27 04:08:02 +00:00
intval ( $a -> argv [ 2 ]),
intval ( local_user ())
);
2016-12-19 13:26:13 +00:00
goaway ( App :: get_baseurl () . '/delegate' );
2012-01-27 04:08:02 +00:00
}
$full_managers = array ();
// These people can manage this account/page with full privilege
2012-01-27 07:03:27 +00:00
$r = q ( " SELECT * FROM `user` WHERE `email` = '%s' AND `password` = '%s' " ,
2012-01-27 04:08:02 +00:00
dbesc ( $a -> user [ 'email' ]),
dbesc ( $a -> user [ 'password' ])
);
2016-12-14 08:41:33 +00:00
if ( dbm :: is_result ( $r ))
2012-01-27 04:08:02 +00:00
$full_managers = $r ;
$delegates = array ();
// find everybody that currently has delegated management to this account/page
$r = q ( " select * from user where uid in ( select uid from manage where mid = %d ) " ,
intval ( local_user ())
);
2016-12-14 08:41:33 +00:00
if ( dbm :: is_result ( $r ))
2012-01-27 04:08:02 +00:00
$delegates = $r ;
$uids = array ();
if ( count ( $full_managers ))
foreach ( $full_managers as $rr )
$uids [] = $rr [ 'uid' ];
if ( count ( $delegates ))
foreach ( $delegates as $rr )
$uids [] = $rr [ 'uid' ];
// find every contact who might be a candidate for delegation
2016-02-07 14:11:34 +00:00
$r = q ( " select nurl from contact where substring_index(contact.nurl,'/',3) = '%s'
2012-01-27 04:08:02 +00:00
and contact . uid = % d and contact . self = 0 and network = '%s' " ,
2016-12-19 13:26:13 +00:00
dbesc ( normalise_link ( App :: get_baseurl ())),
2012-01-27 04:08:02 +00:00
intval ( local_user ()),
dbesc ( NETWORK_DFRN )
2016-02-07 14:11:34 +00:00
);
2012-01-27 04:08:02 +00:00
2016-12-20 09:10:33 +00:00
if ( ! dbm :: is_result ( $r )) {
2012-01-27 04:08:02 +00:00
notice ( t ( 'No potential page delegates located.' ) . EOL );
return ;
}
$nicknames = array ();
2016-12-14 08:41:33 +00:00
if ( dbm :: is_result ( $r )) {
2016-12-20 20:15:53 +00:00
foreach ( $r as $rr ) {
2012-01-27 04:08:02 +00:00
$nicknames [] = " ' " . dbesc ( basename ( $rr [ 'nurl' ])) . " ' " ;
}
}
$potentials = array ();
$nicks = implode ( ',' , $nicknames );
// get user records for all potential page delegates who are not already delegates or managers
$r = q ( " select `uid`, `username`, `nickname` from user where nickname in ( $nicks ) " );
2016-12-14 08:41:33 +00:00
if ( dbm :: is_result ( $r ))
2012-01-27 04:08:02 +00:00
foreach ( $r as $rr )
if ( ! in_array ( $rr [ 'uid' ], $uids ))
$potentials [] = $rr ;
2014-04-24 09:49:11 +00:00
require_once ( " mod/settings.php " );
settings_init ( $a );
2012-01-27 04:08:02 +00:00
$o = replace_macros ( get_markup_template ( 'delegate.tpl' ), array (
'$header' => t ( 'Delegate Page Management' ),
2016-12-19 13:26:13 +00:00
'$base' => App :: get_baseurl (),
2012-01-27 04:08:02 +00:00
'$desc' => t ( 'Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.' ),
'$head_managers' => t ( 'Existing Page Managers' ),
'$managers' => $full_managers ,
'$head_delegates' => t ( 'Existing Page Delegates' ),
'$delegates' => $delegates ,
'$head_potentials' => t ( 'Potential Delegates' ),
'$potentials' => $potentials ,
'$remove' => t ( 'Remove' ),
'$add' => t ( 'Add' ),
'$none' => t ( 'No entries.' )
));
return $o ;
2016-02-07 14:11:34 +00:00
2014-04-24 09:49:11 +00:00
}