diff options
author | Mike Macgirvin <mike@macgirvin.com> | 2010-07-20 21:00:49 -0700 |
---|---|---|
committer | Mike Macgirvin <mike@macgirvin.com> | 2010-07-20 21:00:49 -0700 |
commit | 023dd993f60a103601c4943a33678356d919a643 (patch) | |
tree | 4e5b742ecfa0a03980f5e5d1ee125dff8fbd2cbf | |
parent | db99f3abda0bdbdc26c5234671ea434c20a622b2 (diff) | |
download | volse-hubzilla-023dd993f60a103601c4943a33678356d919a643.tar.gz volse-hubzilla-023dd993f60a103601c4943a33678356d919a643.tar.bz2 volse-hubzilla-023dd993f60a103601c4943a33678356d919a643.zip |
more intro fix
-rw-r--r-- | mod/dfrn_request.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 7db61d35b..4b41c9c6c 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -33,7 +33,7 @@ function dfrn_request_post(&$a) { // callback to local site after remote request and local confirm if((x($_POST,'localconfirm')) && ($_POST['localconfirm'] == 1) - && local_user() && ($_SESSION['uid'] == $a->argv[1]) && (x($_POST,'dfrn_url'))) { + && local_user() && ($a->user['nickname'] == $a->argv[1]) && (x($_POST,'dfrn_url'))) { // We are the requestor, and we've been sent back to our own site // to confirm the request. We've done so and clicked submit, @@ -136,6 +136,9 @@ function dfrn_request_post(&$a) { notice( "Unrecoverable protocol error." . EOL ); goaway($a->get_baseurl()); } + // extra safety + if($_POST['localconfirm']) + return; // we are operating as a remote site and an introduction was requested of us. |