aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-09-27 16:47:25 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-09-27 16:47:25 -0700
commitaae51a9b23b974c11dbf7a896991dae5e052aedc (patch)
treea4580fb948355676c52bea3686a7e943b9604bd3
parent8a94a4938fb85baca4a8104cbf6802a59459d17e (diff)
downloadvolse-hubzilla-aae51a9b23b974c11dbf7a896991dae5e052aedc.tar.gz
volse-hubzilla-aae51a9b23b974c11dbf7a896991dae5e052aedc.tar.bz2
volse-hubzilla-aae51a9b23b974c11dbf7a896991dae5e052aedc.zip
add some safety checks on the sending side of sync
-rw-r--r--include/zot.php26
-rw-r--r--util/messages.po46
-rw-r--r--version.inc2
3 files changed, 44 insertions, 30 deletions
diff --git a/include/zot.php b/include/zot.php
index aae429709..c94e9ca6d 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -395,12 +395,6 @@ function zot_refresh($them, $channel = null, $force = false) {
}
}
- $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) > 0 limit 1",
- dbesc($x['hash']),
- intval($channel['channel_id']),
- intval(ABOOK_FLAG_SELF)
- );
-
if(array_key_exists('profile',$j) && array_key_exists('next_birthday',$j['profile'])) {
$next_birthday = datetime_convert('UTC','UTC',$j['profile']['next_birthday']);
}
@@ -408,8 +402,16 @@ function zot_refresh($them, $channel = null, $force = false) {
$next_birthday = NULL_DATE;
}
+ $r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) > 0 limit 1",
+ dbesc($x['hash']),
+ intval($channel['channel_id']),
+ intval(ABOOK_FLAG_SELF)
+ );
+
if($r) {
+ // connection exists
+
// if the dob is the same as what we have stored (disregarding the year), keep the one
// we have as we may have updated the year after sending a notification; and resetting
// to the one we just received would cause us to create duplicated events.
@@ -454,6 +456,9 @@ function zot_refresh($them, $channel = null, $force = false) {
}
}
else {
+
+ // new connection
+
$role = get_pconfig($channel['channel_id'],'system','permissions_role');
if($role) {
$xx = get_role_perms($role);
@@ -490,6 +495,7 @@ function zot_refresh($them, $channel = null, $force = false) {
$new_perms = get_all_perms($channel['channel_id'],$x['hash']);
// Send a clone sync packet and a permissions update if permissions have changed
+
$new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_xchan = '%s' and abook_channel = %d and not (abook_flags & %d) > 0 order by abook_created desc limit 1",
dbesc($x['hash']),
intval($channel['channel_id']),
@@ -2802,6 +2808,9 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
$channel = $r[0];
+ if(intval($channel['channel_pageflags']) & PAGE_REMOVED)
+ return;
+
$h = q("select * from hubloc where hubloc_hash = '%s' and not (hubloc_flags & %d) > 0 and not (hubloc_status & %d) > 0",
dbesc($channel['channel_hash']),
intval(HUBLOC_FLAGS_DELETED),
@@ -2854,6 +2863,9 @@ function build_sync_packet($uid = 0, $packet = null, $groups_changed = false) {
// don't pass these elements, they should not be synchronised
+ if(($k === 'channel_pageflags') && ($v & PAGE_SYSTEM))
+ $v = (string) intval($v - PAGE_SYSTEM);
+
$disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey','channel_address');
if(in_array($k,$disallowed))
@@ -2992,7 +3004,9 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) {
foreach($arr['abook'] as $abook) {
if(array_key_exists('abook_blocked',$abook)) {
+
// convert from hubzilla
+
$abook['abook_flags'] = 0;
if(intval($abook['abook_blocked']))
$abook['abook_flags'] |= ABOOK_FLAG_BLOCKED;
diff --git a/util/messages.po b/util/messages.po
index 7513d0c07..341c042bb 100644
--- a/util/messages.po
+++ b/util/messages.po
@@ -6,9 +6,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: 2015-09-18.1159\n"
+"Project-Id-Version: 2015-09-25.1166\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-09-18 00:04-0700\n"
+"POT-Creation-Date: 2015-09-25 00:05-0700\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -3000,51 +3000,51 @@ msgstr[1] ""
msgid "Permission denied"
msgstr ""
-#: ../../include/items.php:1038 ../../include/items.php:1084
+#: ../../include/items.php:1101 ../../include/items.php:1147
msgid "(Unknown)"
msgstr ""
-#: ../../include/items.php:1310
+#: ../../include/items.php:1373
msgid "Visible to anybody on the internet."
msgstr ""
-#: ../../include/items.php:1312
+#: ../../include/items.php:1375
msgid "Visible to you only."
msgstr ""
-#: ../../include/items.php:1314
+#: ../../include/items.php:1377
msgid "Visible to anybody in this network."
msgstr ""
-#: ../../include/items.php:1316
+#: ../../include/items.php:1379
msgid "Visible to anybody authenticated."
msgstr ""
-#: ../../include/items.php:1318
+#: ../../include/items.php:1381
#, php-format
msgid "Visible to anybody on %s."
msgstr ""
-#: ../../include/items.php:1320
+#: ../../include/items.php:1383
msgid "Visible to all connections."
msgstr ""
-#: ../../include/items.php:1322
+#: ../../include/items.php:1385
msgid "Visible to approved connections."
msgstr ""
-#: ../../include/items.php:1324
+#: ../../include/items.php:1387
msgid "Visible to specific connections."
msgstr ""
-#: ../../include/items.php:4223 ../../mod/thing.php:74
+#: ../../include/items.php:4286 ../../mod/thing.php:74
#: ../../mod/filestorage.php:27 ../../mod/viewsrc.php:20
#: ../../mod/admin.php:167 ../../mod/admin.php:1025 ../../mod/admin.php:1225
#: ../../mod/display.php:36
msgid "Item not found."
msgstr ""
-#: ../../include/items.php:4296 ../../include/attach.php:137
+#: ../../include/items.php:4359 ../../include/attach.php:137
#: ../../include/attach.php:184 ../../include/attach.php:247
#: ../../include/attach.php:261 ../../include/attach.php:305
#: ../../include/attach.php:319 ../../include/attach.php:350
@@ -3087,38 +3087,38 @@ msgstr ""
msgid "Permission denied."
msgstr ""
-#: ../../include/items.php:4700 ../../mod/group.php:38 ../../mod/group.php:140
+#: ../../include/items.php:4763 ../../mod/group.php:38 ../../mod/group.php:140
#: ../../mod/bulksetclose.php:51
msgid "Collection not found."
msgstr ""
-#: ../../include/items.php:4716
+#: ../../include/items.php:4779
msgid "Collection is empty."
msgstr ""
-#: ../../include/items.php:4723
+#: ../../include/items.php:4786
#, php-format
msgid "Collection: %s"
msgstr ""
-#: ../../include/items.php:4733 ../../mod/connedit.php:674
+#: ../../include/items.php:4796 ../../mod/connedit.php:674
#, php-format
msgid "Connection: %s"
msgstr ""
-#: ../../include/items.php:4735
+#: ../../include/items.php:4798
msgid "Connection not found."
msgstr ""
-#: ../../include/zot.php:677
+#: ../../include/zot.php:678
msgid "Invalid data packet"
msgstr ""
-#: ../../include/zot.php:693
+#: ../../include/zot.php:694
msgid "Unable to verify channel signature"
msgstr ""
-#: ../../include/zot.php:2161
+#: ../../include/zot.php:2184
#, php-format
msgid "Unable to verify site signature for %s"
msgstr ""
@@ -6511,7 +6511,7 @@ msgstr ""
msgid "OpenID protocol error. No ID returned."
msgstr ""
-#: ../../mod/openid.php:72 ../../mod/openid.php:180 ../../mod/post.php:286
+#: ../../mod/openid.php:72 ../../mod/openid.php:180 ../../mod/post.php:287
#, php-format
msgid "Welcome %s. Remote authentication successful."
msgstr ""
@@ -8547,7 +8547,7 @@ msgstr ""
msgid "Please login."
msgstr ""
-#: ../../mod/post.php:235
+#: ../../mod/post.php:236
msgid ""
"Remote authentication blocked. You are logged into this site locally. Please "
"logout and retry."
diff --git a/version.inc b/version.inc
index e621e16cb..0384d000f 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2015-09-23.1164
+2015-09-27.1168