"firewall" setting - block all public pages from the public if configured to do so

7 files changed, 41 insertions, 1 deletions

diff --git a/boot.php b/boot.php
index 2713f3dce..13d6a36d2 100644
--- a/boot.php
+++ b/boot.php
@@ -2,7 +2,7 @@
 
 set_time_limit(0);
 
-define ( 'FRIENDIKA_VERSION',      '2.1.955' );
+define ( 'FRIENDIKA_VERSION',      '2.1.956' );
 define ( 'DFRN_PROTOCOL_VERSION',  '2.21'    );
 define ( 'DB_UPDATE_VERSION',      1053      );
 
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index f8c726c1a..718aa165c 100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -27,6 +27,10 @@ function dfrn_poll_init(&$a) {
 	}
 
 	if(($dfrn_id === '') && (! x($_POST,'dfrn_id')) && ($a->argc > 1)) {
+		if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+			killme();
+		}
+
 		logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] );
 		header("Content-type: application/atom+xml");
 		$o = get_feed_for($a, '', $a->argv[1],$last_update);
diff --git a/mod/directory.php b/mod/directory.php
index a02a4a4a5..95ddbda21 100644
--- a/mod/directory.php
+++ b/mod/directory.php
@@ -13,6 +13,12 @@ function directory_post(&$a) {
 
 
 function directory_content(&$a) {
+
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+		notice( t('Public access denied.') . EOL);
+		return;
+	}
+
 	$o = '';
 	$o .= '<script>	$(document).ready(function() { $(\'#nav-directory-link\').addClass(\'nav-selected\'); });</script>';
 	if(x($_SESSION,'theme'))
diff --git a/mod/display.php b/mod/display.php
index c8496160f..fdb93e480 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -3,6 +3,11 @@
 
 function display_content(&$a) {
 
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+		notice( t('Public access denied.') . EOL);
+		return;
+	}
+
 	require_once("include/bbcode.php");
 	require_once('include/security.php');
 	require_once('include/conversation.php');
diff --git a/mod/photos.php b/mod/photos.php
index 186873a7b..324ce898d 100644
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -6,6 +6,10 @@ require_once('include/bbcode.php');
 
 function photos_init(&$a) {
 
+
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+		return;
+	}
 	$o = '';
 
 	if($a->argc > 1) {
@@ -657,6 +661,12 @@ function photos_content(&$a) {
 	// photos/name/image/xxxxx/edit
 
 
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+		notice( t('Public access denied.') . EOL);
+		return;
+	}
+
+
 	require_once('include/bbcode.php');
 	require_once('include/security.php');
 	require_once('include/conversation.php');
diff --git a/mod/profile.php b/mod/profile.php
index dfa5649e0..c350aa087 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -2,6 +2,9 @@
 
 function profile_init(&$a) {
 
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user()))
+		return;
+
 	if($a->argc > 1)
 		$which = $a->argv[1];
 	else {
@@ -48,6 +51,13 @@ function profile_init(&$a) {
 
 function profile_content(&$a, $update = 0) {
 
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+		notice( t('Public access denied.') . EOL);
+		return;
+	}
+
+
+
 	require_once("include/bbcode.php");
 	require_once('include/security.php');
 	require_once('include/conversation.php');
diff --git a/mod/search.php b/mod/search.php
index 793a8c2bb..33032e183 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -9,6 +9,11 @@ function search_post(&$a) {
 
 function search_content(&$a) {
 
+	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
+		notice( t('Public access denied.') . EOL);
+		return;
+	}
+
 	require_once("include/bbcode.php");
 	require_once('include/security.php');
 	require_once('include/conversation.php');