aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-10-13 18:36:28 -0700
committerfriendica <info@friendica.com>2013-10-13 18:36:28 -0700
commitad29d0f9a1eb0be9024f1a296460221107654ff9 (patch)
tree036ff008cf7548f804f0bb4ccc719bebdf6647cf
parent3c3c13c63048434b58c99952fa618f7e60a8b2fa (diff)
downloadvolse-hubzilla-ad29d0f9a1eb0be9024f1a296460221107654ff9.tar.gz
volse-hubzilla-ad29d0f9a1eb0be9024f1a296460221107654ff9.tar.bz2
volse-hubzilla-ad29d0f9a1eb0be9024f1a296460221107654ff9.zip
preserve the source owner when creating a delivery fork so that we can uplink back to them without any ambiguity.
-rwxr-xr-xboot.php2
-rwxr-xr-xinclude/items.php32
-rw-r--r--include/notifier.php5
-rw-r--r--install/database.sql1
-rw-r--r--install/update.php9
5 files changed, 41 insertions, 8 deletions
diff --git a/boot.php b/boot.php
index 8b004d6c0..ba62bffa6 100755
--- a/boot.php
+++ b/boot.php
@@ -45,7 +45,7 @@ define ( 'RED_PLATFORM', 'Red Matrix' );
define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'R');
define ( 'ZOT_REVISION', 1 );
-define ( 'DB_UPDATE_VERSION', 1077 );
+define ( 'DB_UPDATE_VERSION', 1078 );
define ( 'EOL', '<br />' . "\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
diff --git a/include/items.php b/include/items.php
index 800684ae2..28aa632ca 100755
--- a/include/items.php
+++ b/include/items.php
@@ -1429,6 +1429,8 @@ function item_store($arr,$allow_exec = false) {
return ret;
}
+ $uplinked_comment = false;
+
// If a page layout is provided, ensure it exists and belongs to us.
if(array_key_exists('layout_mid',$arr) && $arr['layout_mid']) {
@@ -1620,6 +1622,16 @@ function item_store($arr,$allow_exec = false) {
if($r[0]['item_flags'] & ITEM_WALL)
$arr['item_flags'] = $arr['item_flags'] | ITEM_WALL;
+
+ // An uplinked comment might arrive with a downstream owner.
+ // Fix it.
+
+ if($r[0]['owner_xchan'] !== $arr['owner_xchan']) {
+ $arr['owner_xchan'] = $r[0]['owner_xchan'];
+ $uplinked_comment = true;
+ }
+
+
// if the parent is private, force privacy for the entire conversation
// This differs from the above settings as it subtly allows comments from
// email correspondents to be private even if the overall thread is not.
@@ -2136,11 +2148,9 @@ function tag_deliver($uid,$item_id) {
intval($uid)
);
-// issue #59
-// FIXME - check security on post and allowed senders, right now we just allow it. The author *may* be foreign and the original owner is lost on our copy of the post. So this could be very hard to verify. For instance what happens if the top-level post was a wall-to-wall?
-// if(($x) && ($x[0]['item_flags'] & ITEM_UPLINK) && ($x[0]['author_xchan'] == $item['author_xchan'])) {
+
if(($x) && ($x[0]['item_flags'] & ITEM_UPLINK)) {
-// logger('tag_deliver: creating second delivery chain for owner comment.');
+
logger('tag_deliver: creating second delivery chain for comment to tagged post.');
// now change this copy of the post to a forum head message and deliver to all the tgroup members
@@ -2150,6 +2160,14 @@ function tag_deliver($uid,$item_id) {
$flag_bits = ITEM_WALL|ITEM_ORIGIN;
+ // maintain the original source, which will be the original item owner and was stored in source_xchan
+ // when we created the delivery fork
+
+ $r = q("update item set source_xchan = '%s' where id = %d limit 1",
+ dbesc($x[0]['source_xchan']),
+ intval($item_id)
+ );
+
$r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1",
intval($flag_bits),
@@ -2249,6 +2267,12 @@ function tag_deliver($uid,$item_id) {
$flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK;
+ // preserve the source
+
+ $r = q("update item set source_xchan = owner_xchan where id = %d limit 1",
+ intval($item_id)
+ );
+
$r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s',
deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1",
intval($flag_bits),
diff --git a/include/notifier.php b/include/notifier.php
index 0c7ac5264..6ea2e71bb 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -325,12 +325,13 @@ function notifier_run($argv, $argc){
// tag_deliver'd post which needs to be sent back to the original author
if(($cmd === 'uplink') && ($parent_item['item_flags'] & ITEM_UPLINK) && (! $top_level_post)) {
- $uplink = true;
+ logger('notifier: uplink');
+ $uplink = true;
}
if(($relay_to_owner || $uplink) && ($cmd !== 'relay')) {
logger('notifier: followup relay', LOGGER_DEBUG);
- $recipients = array(($uplink) ? $parent_item['author_xchan'] : $parent_item['owner_xchan']);
+ $recipients = array(($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']);
$private = true;
if(! $encoded_item['flags'])
$encoded_item['flags'] = array();
diff --git a/install/database.sql b/install/database.sql
index 6be3a31aa..3998c13c7 100644
--- a/install/database.sql
+++ b/install/database.sql
@@ -423,6 +423,7 @@ CREATE TABLE IF NOT EXISTS `item` (
`changed` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`owner_xchan` char(255) NOT NULL DEFAULT '',
`author_xchan` char(255) NOT NULL DEFAULT '',
+ `source_xchan` char(255) NOT NULL DEFAULT '',
`mimetype` char(255) NOT NULL DEFAULT '',
`title` text NOT NULL,
`body` mediumtext NOT NULL,
diff --git a/install/update.php b/install/update.php
index 20af0de45..74134f260 100644
--- a/install/update.php
+++ b/install/update.php
@@ -1,6 +1,6 @@
<?php
-define( 'UPDATE_VERSION' , 1077 );
+define( 'UPDATE_VERSION' , 1078 );
/**
*
@@ -866,3 +866,10 @@ function update_r1076() {
return UPDATE_SUCCESS;
return UPDATE_FAILED;
}
+
+function update_r1077() {
+ $r = q("ALTER TABLE `item` ADD `source_xchan` CHAR( 255 ) NOT NULL DEFAULT '' AFTER `author_xchan` ");
+ if($r)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+}