2011-03-01 23:36:24 -05:00
< ? php
function manage_post ( & $a ) {
2012-01-26 19:52:12 -05:00
if ( ! local_user ())
2011-03-01 23:36:24 -05:00
return ;
2012-01-26 19:52:12 -05:00
$uid = local_user ();
$orig_record = $a -> user ;
if (( x ( $_SESSION , 'submanage' )) && intval ( $_SESSION [ 'submanage' ])) {
$r = q ( " select * from user where uid = %d limit 1 " ,
intval ( $_SESSION [ 'submanage' ])
);
if ( count ( $r )) {
$uid = intval ( $r [ 0 ][ 'uid' ]);
$orig_record = $r [ 0 ];
}
}
$r = q ( " select * from manage where uid = %d " ,
intval ( $uid )
);
$submanage = $r ;
2011-03-01 23:36:24 -05:00
$identity = (( x ( $_POST [ 'identity' ])) ? intval ( $_POST [ 'identity' ]) : 0 );
if ( ! $identity )
return ;
2012-01-26 19:52:12 -05:00
$limited_id = 0 ;
$original_id = $uid ;
if ( count ( $submanage )) {
foreach ( $submanage as $m ) {
if ( $identity == $m [ 'mid' ]) {
$limited_id = $m [ 'mid' ];
break ;
}
}
}
if ( $limited_id ) {
$r = q ( " SELECT * FROM `user` WHERE `uid` = %d LIMIT 1 " ,
intval ( $limited_id )
);
}
else {
$r = q ( " SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1 " ,
intval ( $identity ),
dbesc ( $orig_record [ 'email' ]),
dbesc ( $orig_record [ 'password' ])
);
}
2011-03-01 23:36:24 -05:00
if ( ! count ( $r ))
return ;
unset ( $_SESSION [ 'authenticated' ]);
unset ( $_SESSION [ 'uid' ]);
unset ( $_SESSION [ 'visitor_id' ]);
unset ( $_SESSION [ 'administrator' ]);
unset ( $_SESSION [ 'cid' ]);
unset ( $_SESSION [ 'theme' ]);
unset ( $_SESSION [ 'page_flags' ]);
2012-01-12 22:18:01 -05:00
unset ( $_SESSION [ 'return_url' ]);
2012-01-26 19:52:12 -05:00
if ( x ( $_SESSION , 'submanage' ))
unset ( $_SESSION [ 'submanage' ]);
2011-03-01 23:36:24 -05:00
2012-01-12 22:18:01 -05:00
require_once ( 'include/security.php' );
authenticate_success ( $r [ 0 ], true , true );
2011-03-01 23:36:24 -05:00
2012-01-26 19:52:12 -05:00
if ( $limited_id )
$_SESSION [ 'submanage' ] = $original_id ;
2012-03-15 00:20:20 -04:00
goaway ( $a -> get_baseurl ( true ) . '/profile/' . $a -> user [ 'nickname' ]);
2011-03-01 23:36:24 -05:00
// NOTREACHED
}
function manage_content ( & $a ) {
2012-01-26 19:52:12 -05:00
if ( ! local_user ()) {
2011-03-01 23:36:24 -05:00
notice ( t ( 'Permission denied.' ) . EOL );
return ;
}
$o = '<h3>' . t ( 'Manage Identities and/or Pages' ) . '</h3>' ;
2012-01-26 19:52:12 -05:00
$o .= '<div id="identity-manage-desc">' . t ( 'Toggle between different identities or community/group pages which share your account details or which you have been granted "manage" permissions' ) . '</div>' ;
2011-03-01 23:36:24 -05:00
$o .= '<div id="identity-manage-choose">' . t ( 'Select an identity to manage: ' ) . '</div>' ;
$o .= '<div id="identity-selector-wrapper">' . " \r \n " ;
$o .= '<form action="manage" method="post" >' . " \r \n " ;
$o .= '<select name="identity" size="4">' . " \r \n " ;
2012-01-26 19:52:12 -05:00
foreach ( $a -> identities as $rr ) {
2011-03-01 23:36:24 -05:00
$selected = (( $rr [ 'nickname' ] === $a -> user [ 'nickname' ]) ? ' selected="selected" ' : '' );
$o .= '<option ' . $selected . 'value="' . $rr [ 'uid' ] . '">' . $rr [ 'username' ] . ' (' . $rr [ 'nickname' ] . ')</option>' . " \r \n " ;
}
$o .= '</select>' . " \r \n " ;
$o .= '<div id="identity-select-break"></div>' . " \r \n " ;
$o .= '<input id="identity-submit" type="submit" name="submit" value="' . t ( 'Submit' ) . '" /></div></form>' . " \r \n " ;
return $o ;
2011-05-23 05:39:57 -04:00
}