diff options
| author | mrjive <mrjive@mrjive.it> | 2015-09-22 13:11:54 +0200 |
|---|---|---|
| committer | mrjive <mrjive@mrjive.it> | 2015-09-22 13:11:54 +0200 |
| commit | 5ec3d3e36d8bb7918b844b4ebbeb878c4b45e30d (patch) | |
| tree | ece0274497ae0f3bc427cfa6e8f10752dd9934dc | |
| parent | 49d11ed9f88531bcd03f2f129230b0352014c22c (diff) | |
| parent | 4b13f0e025b08263d7231845bc76034d9adc7847 (diff) | |
| download | volse-hubzilla-5ec3d3e36d8bb7918b844b4ebbeb878c4b45e30d.tar.gz volse-hubzilla-5ec3d3e36d8bb7918b844b4ebbeb878c4b45e30d.tar.bz2 volse-hubzilla-5ec3d3e36d8bb7918b844b4ebbeb878c4b45e30d.zip | |
Merge pull request #3 from redmatrix/master
updating from original codebase
| -rwxr-xr-x | boot.php | 2 | ||||
| -rw-r--r-- | include/ItemObject.php | 2 | ||||
| -rw-r--r-- | include/deliver.php | 23 | ||||
| -rwxr-xr-x | include/items.php | 12 | ||||
| -rw-r--r-- | include/notifier.php | 12 | ||||
| -rw-r--r-- | include/poller.php | 11 | ||||
| -rw-r--r-- | include/zot.php | 26 | ||||
| -rw-r--r-- | install/schema_mysql.sql | 2 | ||||
| -rw-r--r-- | install/schema_postgres.sql | 2 | ||||
| -rw-r--r-- | install/update.php | 13 | ||||
| -rw-r--r-- | mod/cloud.php | 38 | ||||
| -rw-r--r-- | mod/dreport.php | 43 | ||||
| -rw-r--r-- | mod/item.php | 1 | ||||
| -rw-r--r-- | mod/locs.php | 15 | ||||
| -rw-r--r-- | mod/post.php | 250 | ||||
| -rw-r--r-- | version.inc | 2 | ||||
| -rwxr-xr-x | view/tpl/conv_item.tpl | 5 | ||||
| -rw-r--r-- | view/tpl/locmanage.tpl | 2 |
18 files changed, 312 insertions, 149 deletions
@@ -50,7 +50,7 @@ define ( 'PLATFORM_NAME', 'hubzilla' ); define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'H'); define ( 'ZOT_REVISION', 1 ); -define ( 'DB_UPDATE_VERSION', 1153 ); +define ( 'DB_UPDATE_VERSION', 1154 ); /** * @brief Constant with a HTML line break. diff --git a/include/ItemObject.php b/include/ItemObject.php index d23c1c658..5296a1cf0 100644 --- a/include/ItemObject.php +++ b/include/ItemObject.php @@ -286,6 +286,7 @@ class Item extends BaseObject { 'body' => $body, 'text' => strip_tags($body), 'id' => $this->get_id(), + 'mid' => $item['mid'], 'isevent' => $isevent, 'attend' => $attend, 'consensus' => $consensus, @@ -301,6 +302,7 @@ class Item extends BaseObject { 'vwall' => t('via Wall-To-Wall:'), 'profile_url' => $profile_link, 'item_photo_menu' => item_photo_menu($item), + 'dreport' => t('Delivery Report'), 'name' => $profile_name, 'thumb' => $profile_avatar, 'osparkle' => $osparkle, diff --git a/include/deliver.php b/include/deliver.php index 26739fb06..7a43e3d47 100644 --- a/include/deliver.php +++ b/include/deliver.php @@ -15,7 +15,10 @@ function deliver_run($argv, $argc) { logger('deliver: invoked: ' . print_r($argv,true), LOGGER_DATA); + for($x = 1; $x < $argc; $x ++) { + + $dresult = null; $r = q("select * from outq where outq_hash = '%s' limit 1", dbesc($argv[$x]) ); @@ -98,11 +101,29 @@ function deliver_run($argv, $argc) { } else { $msg = array('body' => json_encode(array('success' => true, 'pickup' => array(array('notify' => $notify,'message' => $m))))); - zot_import($msg,z_root()); + $dresult = zot_import($msg,z_root()); } $r = q("delete from outq where outq_hash = '%s'", dbesc($argv[$x]) ); + if($dresult && is_array($dresult)) { + foreach($dresult as $xx) { + if(is_array($xx) && array_key_exists('message_id',$xx)) { + q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ", + dbesc($xx['message_id']), + dbesc($xx['location']), + dbesc($xx['recipient']), + dbesc($xx['status']), + dbesc(datetime_convert($xx['date'])), + dbesc($xx['sender']) + ); + } + } + } + + q("delete from dreport where dreport_queue = '%s' limit 1", + dbesc($argv[$x]) + ); } } else { diff --git a/include/items.php b/include/items.php index 657168601..b209e55c5 100755 --- a/include/items.php +++ b/include/items.php @@ -4417,6 +4417,18 @@ function delete_item_lowlevel($item, $stage = DROPITEM_NORMAL, $force = false) { intval($item['uid']) ); + // remove delivery reports + + $c = q("select channel_hash from channel where channel_id = %d limit 1", + intval($item['uid']) + ); + if($c) { + q("delete from dreport where dreport_xchan = '%s' and dreport_mid = '%s'", + dbesc($c[0]['channel_hash']), + dbesc($item['mid']) + ); + } + // network deletion request. Keep the message structure so that we can deliver delete notifications. // Come back after several days (or perhaps a month) to do the lowlevel delete (DROPITEM_PHASE2). diff --git a/include/notifier.php b/include/notifier.php index e16f80ecf..fd95d53e2 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -662,6 +662,18 @@ function notifier_run($argv, $argc){ dbesc($n), dbesc(json_encode($encoded_item)) ); + // only create delivery reports for normal undeleted items + if(array_key_exists('postopts',$target_item) && (! $target_item['item_deleted'])) { + q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan, dreport_queue ) values ( '%s','%s','%s','%s','%s','%s','%s' ) ", + dbesc($target_item['mid']), + dbesc($hub['hubloc_host']), + dbesc($hub['hubloc_host']), + dbesc('queued'), + dbesc(datetime_convert()), + dbesc($channel['channel_hash']), + dbesc($hash) + ); + } } $deliver[] = $hash; diff --git a/include/poller.php b/include/poller.php index 72f22d946..031fb4533 100644 --- a/include/poller.php +++ b/include/poller.php @@ -201,6 +201,17 @@ function poller_run($argv, $argc){ db_utcnow(), db_quoteinterval('30 DAY') ); + // expire old delivery reports + + $keep_reports = intval(get_config('system','expire_delivery_reports')); + if($keep_reports === 0) + $keep_reports = 30; + + q("delete from dreport where dreport_time < %s - INTERVAL %s", + db_utcnow(), + db_quoteinterval($keep_reports . ' DAY') + ); + // expire any expired accounts downgrade_accounts(); diff --git a/include/zot.php b/include/zot.php index 767abae38..fb55da0fa 100644 --- a/include/zot.php +++ b/include/zot.php @@ -957,6 +957,25 @@ function zot_process_response($hub, $arr, $outq) { logger('zot_process_response: headers: ' . print_r($arr['header'],true), LOGGER_DATA); } + if(array_key_exists('delivery_report',$x)) { + foreach($x['delivery_report'] as $xx) { + if(is_array($xx) && array_key_exists('message_id',$xx)) { + q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ", + dbesc($xx['message_id']), + dbesc($xx['location']), + dbesc($xx['recipient']), + dbesc($xx['status']), + dbesc(datetime_convert($xx['date'])), + dbesc($xx['sender']) + ); + } + } + } + + q("delete from dreport where dreport_queue = '%s' limit 1", + dbesc($outq['outq_hash']) + ); + // update the timestamp for this site q("update site set site_dead = 0, site_update = '%s' where site_url = '%s'", @@ -1564,6 +1583,13 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $ $DR->addto_recipient($channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>'); + if($d['hash'] === $sender['hash']) { + $DR->update('self delivery ignored'); + $result[] = $DR->get(); + continue; + } + + // allow public postings to the sys channel regardless of permissions, but not // for comments travelling upstream. Wait and catch them on the way down. // They may have been blocked by the owner. diff --git a/install/schema_mysql.sql b/install/schema_mysql.sql index 3bb3b7133..a21e5f48a 100644 --- a/install/schema_mysql.sql +++ b/install/schema_mysql.sql @@ -359,11 +359,13 @@ CREATE TABLE IF NOT EXISTS `dreport` ( `dreport_result` char(255) NOT NULL DEFAULT '', `dreport_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `dreport_xchan` char(255) NOT NULL DEFAULT '', + `dreport_queue` char(255) NOT NULL DEFAULT '', PRIMARY KEY (`dreport_id`), KEY `dreport_mid` (`dreport_mid`), KEY `dreport_site` (`dreport_site`), KEY `dreport_time` (`dreport_time`), KEY `dreport_xchan` (`dreport_xchan`), + KEY `dreport_queue` (`dreport_queue`), KEY `dreport_channel` (`dreport_channel`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; diff --git a/install/schema_postgres.sql b/install/schema_postgres.sql index 1298f3cb3..26d7d79a3 100644 --- a/install/schema_postgres.sql +++ b/install/schema_postgres.sql @@ -350,6 +350,7 @@ CREATE TABLE IF NOT EXISTS "dreport" ( "dreport_result" char(255) NOT NULL DEFAULT '', "dreport_time" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00', "dreport_xchan" char(255) NOT NULL DEFAULT '', + "dreport_queue" char(255) NOT NULL DEFAULT '', PRIMARY KEY ("dreport_id") ); @@ -357,6 +358,7 @@ create index "dreport_mid" on dreport ("dreport_mid"); create index "dreport_site" on dreport ("dreport_site"); create index "dreport_time" on dreport ("dreport_time"); create index "dreport_xchan" on dreport ("dreport_xchan"); +create index "dreport_queue" on dreport ("dreport_queue"); create index "dreport_channel" on dreport ("dreport_channel"); diff --git a/install/update.php b/install/update.php index cf35698df..bef754570 100644 --- a/install/update.php +++ b/install/update.php @@ -1,6 +1,6 @@ <?php -define( 'UPDATE_VERSION' , 1153 ); +define( 'UPDATE_VERSION' , 1154 ); /** * @@ -1854,3 +1854,14 @@ function update_r1152() { return UPDATE_FAILED; } + +function update_r1153() { + + $r1 = q("ALTER TABLE dreport ADD dreport_queue CHAR( 255 ) NOT NULL DEFAULT '' "); + $r2 = q("create index dreport_queue on dreport ( dreport_queue) "); + if($r1 && $r2) + return UPDATE_SUCCESS; + return UPDATE_FAILED; + + +} diff --git a/mod/cloud.php b/mod/cloud.php index 7f6dc0962..efb33f935 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -73,6 +73,8 @@ function cloud_init(&$a) { $server->addPlugin($lockPlugin); +/* This next bit should no longer be needed... */ + // The next section of code allows us to bypass prompting for http-auth if a // FILE is being accessed anonymously and permissions allow this. This way // one can create hotlinks to public media files in their cloud and anonymous @@ -83,24 +85,24 @@ function cloud_init(&$a) { // In order to avoid prompting for passwords for viewing a DIRECTORY, add // the URL query parameter 'davguest=1'. - $isapublic_file = false; - $davguest = ((x($_SESSION, 'davguest')) ? true : false); - - if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) { - try { - $x = RedFileData('/' . $a->cmd, $auth); - if($x instanceof RedDAV\RedFile) - $isapublic_file = true; - } - catch (Exception $e) { - $isapublic_file = false; - } - } - - if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { - logger('mod_cloud: auth exception'); - http_status_exit(401, 'Permission denied.'); - } +// $isapublic_file = false; +// $davguest = ((x($_SESSION, 'davguest')) ? true : false); + +// if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) { +// try { +// $x = RedFileData('/' . $a->cmd, $auth); +// if($x instanceof RedDAV\RedFile) +// $isapublic_file = true; +// } +// catch (Exception $e) { +// $isapublic_file = false; +// } +// } + +// if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) { +// logger('mod_cloud: auth exception'); +// http_status_exit(401, 'Permission denied.'); +// } require_once('include/RedDAV/RedBrowser.php'); // provide a directory view for the cloud in Hubzilla diff --git a/mod/dreport.php b/mod/dreport.php new file mode 100644 index 000000000..a20e17372 --- /dev/null +++ b/mod/dreport.php @@ -0,0 +1,43 @@ +<?php + +function dreport_content(&$a) { + + if(! local_channel()) { + notice( t('Permission denied') . EOL); + return; + } + + $channel = $a->get_channel(); + + $mid = ((argc() > 1) ? argv(1) : ''); + + if(! $mid) { + notice( t('Invalid message') . EOL); + return; + } + + $r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'", + dbesc($channel['channel_hash']), + dbesc($mid) + ); + + if(! $r) { + notice( t('no results') . EOL); + return; + } + + + $o .= '<h2>' . sprintf( t('Delivery report for %1$s'),substr($mid,0,32)) . '...' . '</h2>'; + $o .= '<table>'; + + foreach($r as $rr) { + $name = escape_tags(substr($rr['dreport_recip'],strpos($rr['dreport_recip'],' '))); + $o .= '<tr><td>' . $name . '</td><td>' . escape_tags($rr['dreport_result']) . '</td><td>' . escape_tags($rr['dreport_time']) . '</td></tr>'; + } + $o .= '</table>'; + + return $o; + + + +}
\ No newline at end of file diff --git a/mod/item.php b/mod/item.php index d0cf59091..93f24bd1a 100644 --- a/mod/item.php +++ b/mod/item.php @@ -641,6 +641,7 @@ function item_post(&$a) { $item_unseen = ((local_channel() != $profile_uid) ? 1 : 0); $item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0); $item_origin = (($origin) ? 1 : 0); + $item_consensus = (($consensus) ? 1 : 0); // determine if this is a wall post diff --git a/mod/locs.php b/mod/locs.php index 3f8bd9029..3c6a5da67 100644 --- a/mod/locs.php +++ b/mod/locs.php @@ -50,8 +50,17 @@ function locs_post(&$a) { return; } if(intval($r[0]['hubloc_primary'])) { - notice( t('Primary location cannot be removed.') . EOL); - return; + $x = q("select hubloc_id from hubloc where hubloc_primary = 1 and hubloc_hash = '%s'", + dbesc($channel['channel_hash']) + ); + if(! $x) { + notice( t('Location lookup failed.')); + return; + } + if(count($x) == 1) { + notice( t('Please select another location to become primary before removing the primary location.') . EOL); + return; + } } $r = q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d and hubloc_hash = '%s'", @@ -91,8 +100,6 @@ function locs_content(&$a) { $r[$x]['deleted'] = (intval($r[$x]['hubloc_deleted']) ? true : false); } - - $o = replace_macros(get_markup_template('locmanage.tpl'), array( '$header' => t('Manage Channel Locations'), '$loc' => t('Location (address)'), diff --git a/mod/post.php b/mod/post.php index dfda7db9d..00e599b49 100644 --- a/mod/post.php +++ b/mod/post.php @@ -117,7 +117,7 @@ function post_init(&$a) { } // Try and find a hubloc for the person attempting to auth - $x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc limit 1", + $x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc", dbesc($address) ); @@ -128,7 +128,7 @@ function post_init(&$a) { $j = json_decode($ret['body'], true); if ($j) import_xchan($j); - $x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc limit 1", + $x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc", dbesc($address) ); } @@ -144,152 +144,159 @@ function post_init(&$a) { goaway($desturl); } - logger('mod_zot: auth request received from ' . $x[0]['hubloc_addr'] ); - // check credentials and access + foreach($x as $xx) { + logger('mod_zot: auth request received from ' . $xx['hubloc_addr'] ); - // If they are already authenticated and haven't changed credentials, - // we can save an expensive network round trip and improve performance. + // check credentials and access - $remote = remote_channel(); - $result = null; - $remote_service_class = ''; - $remote_level = 0; - $remote_hub = $x[0]['hubloc_url']; - $DNT = 0; + // If they are already authenticated and haven't changed credentials, + // we can save an expensive network round trip and improve performance. - // Also check that they are coming from the same site as they authenticated with originally. + $remote = remote_channel(); + $result = null; + $remote_service_class = ''; + $remote_level = 0; + $remote_hub = $xx['hubloc_url']; + $DNT = 0; - $already_authed = ((($remote) && ($x[0]['hubloc_hash'] == $remote) && ($x[0]['hubloc_url'] === $_SESSION['remote_hub'])) ? true : false); - if($delegate && $delegate !== $_SESSION['delegate_channel']) - $already_authed = false; + // Also check that they are coming from the same site as they authenticated with originally. - $j = array(); + $already_authed = ((($remote) && ($xx['hubloc_hash'] == $remote) && ($xx['hubloc_url'] === $_SESSION['remote_hub'])) ? true : false); + if($delegate && $delegate !== $_SESSION['delegate_channel']) + $already_authed = false; - if (! $already_authed) { + $j = array(); - // Auth packets MUST use ultra top-secret hush-hush mode - e.g. the entire packet is encrypted using the site private key - // The actual channel sending the packet ($c[0]) is not important, but this provides a generic zot packet with a sender - // which can be verified - - $p = zot_build_packet($c[0],$type = 'auth_check', array(array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig'])), $x[0]['hubloc_sitekey'], $sec); - if ($test) { - $ret['message'] .= 'auth check packet created using sitekey ' . $x[0]['hubloc_sitekey'] . EOL; - $ret['message'] .= 'packet contents: ' . $p . EOL; - } - - $result = zot_zot($x[0]['hubloc_callback'],$p); + if (! $already_authed) { - if (! $result['success']) { - logger('mod_zot: auth_check callback failed.'); + // Auth packets MUST use ultra top-secret hush-hush mode - e.g. the entire packet is encrypted using the site private key + // The actual channel sending the packet ($c[0]) is not important, but this provides a generic zot packet with a sender + // which can be verified + + $p = zot_build_packet($c[0],$type = 'auth_check', array(array('guid' => $xx['hubloc_guid'],'guid_sig' => $xx['hubloc_guid_sig'])), $xx['hubloc_sitekey'], $sec); if ($test) { - $ret['message'] .= 'auth check request to your site returned .' . print_r($result, true) . EOL; - json_return_and_die($ret); - } - - goaway($desturl); - } - $j = json_decode($result['body'], true); - if (! $j) { - logger('mod_zot: auth_check json data malformed.'); - if($test) { - $ret['message'] .= 'json malformed: ' . $result['body'] . EOL; - json_return_and_die($ret); + $ret['message'] .= 'auth check packet created using sitekey ' . $xx['hubloc_sitekey'] . EOL; + $ret['message'] .= 'packet contents: ' . $p . EOL; } - } - } - if ($test) { - $ret['message'] .= 'auth check request returned .' . print_r($j, true) . EOL; - } + $result = zot_zot($xx['hubloc_callback'],$p); - if ($already_authed || $j['success']) { - if ($j['success']) { - // legit response, but we do need to check that this wasn't answered by a man-in-middle - if (! rsa_verify($sec . $x[0]['xchan_hash'],base64url_decode($j['confirm']),$x[0]['xchan_pubkey'])) { - logger('mod_zot: auth: final confirmation failed.'); + if (! $result['success']) { + logger('mod_zot: auth_check callback failed.'); if ($test) { - $ret['message'] .= 'final confirmation failed. ' . $sec . print_r($j,true) . print_r($x[0],true); - json_return_and_die($ret); + $ret['message'] .= 'auth check request to your site returned .' . print_r($result, true) . EOL; + continue; + } + continue; + } + $j = json_decode($result['body'], true); + if (! $j) { + logger('mod_zot: auth_check json data malformed.'); + if($test) { + $ret['message'] .= 'json malformed: ' . $result['body'] . EOL; + continue; } - - goaway($desturl); } - if (array_key_exists('service_class',$j)) - $remote_service_class = $j['service_class']; - if (array_key_exists('level',$j)) - $remote_level = $j['level']; - if (array_key_exists('DNT',$j)) - $DNT = $j['DNT']; } - // everything is good... maybe - if(local_channel()) { - // tell them to logout if they're logged in locally as anything but the target remote account - // in which case just shut up because they don't need to be doing this at all. + if ($test) { + $ret['message'] .= 'auth check request returned .' . print_r($j, true) . EOL; + } - if ($a->channel['channel_hash'] != $x[0]['xchan_hash']) { - logger('mod_zot: auth: already authenticated locally as somebody else.'); - notice( t('Remote authentication blocked. You are logged into this site locally. Please logout and retry.') . EOL); - if ($test) { - $ret['message'] .= 'already logged in locally with a conflicting identity.' . EOL; - json_return_and_die($ret); + if ($already_authed || $j['success']) { + if ($j['success']) { + // legit response, but we do need to check that this wasn't answered by a man-in-middle + if (! rsa_verify($sec . $xx['xchan_hash'],base64url_decode($j['confirm']),$xx['xchan_pubkey'])) { + logger('mod_zot: auth: final confirmation failed.'); + if ($test) { + $ret['message'] .= 'final confirmation failed. ' . $sec . print_r($j,true) . print_r($xx,true); + continue; + } + + continue; } + if (array_key_exists('service_class',$j)) + $remote_service_class = $j['service_class']; + if (array_key_exists('level',$j)) + $remote_level = $j['level']; + if (array_key_exists('DNT',$j)) + $DNT = $j['DNT']; + } + // everything is good... maybe + if(local_channel()) { + + // tell them to logout if they're logged in locally as anything but the target remote account + // in which case just shut up because they don't need to be doing this at all. + + if ($a->channel['channel_hash'] != $xx['xchan_hash']) { + logger('mod_zot: auth: already authenticated locally as somebody else.'); + notice( t('Remote authentication blocked. You are logged into this site locally. Please logout and retry.') . EOL); + if ($test) { + $ret['message'] .= 'already logged in locally with a conflicting identity.' . EOL; + continue; + } + } + continue; } - goaway($desturl); - } - // log them in + // log them in - if ($test) { - $ret['success'] = true; - $ret['message'] .= 'Authentication Success!' . EOL; - json_return_and_die($ret); - } + if ($test) { + $ret['success'] = true; + $ret['message'] .= 'Authentication Success!' . EOL; + json_return_and_die($ret); + } - $delegation_success = false; - if ($delegate) { - $r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1", - dbesc($delegate) - ); - if ($r && intval($r[0]['channel_id'])) { - $allowed = perm_is_allowed($r[0]['channel_id'],$x[0]['xchan_hash'],'delegate'); - if ($allowed) { - $_SESSION['delegate_channel'] = $r[0]['channel_id']; - $_SESSION['delegate'] = $x[0]['xchan_hash']; - $_SESSION['account_id'] = intval($r[0]['channel_account_id']); - require_once('include/security.php'); - change_channel($r[0]['channel_id']); - $delegation_success = true; + $delegation_success = false; + if ($delegate) { + $r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1", + dbesc($delegate) + ); + if ($r && intval($r[0]['channel_id'])) { + $allowed = perm_is_allowed($r[0]['channel_id'],$xx['xchan_hash'],'delegate'); + if ($allowed) { + $_SESSION['delegate_channel'] = $r[0]['channel_id']; + $_SESSION['delegate'] = $xx['xchan_hash']; + $_SESSION['account_id'] = intval($r[0]['channel_account_id']); + require_once('include/security.php'); + change_channel($r[0]['channel_id']); + $delegation_success = true; + } } } - } - $_SESSION['authenticated'] = 1; - if (! $delegation_success) { - $_SESSION['visitor_id'] = $x[0]['xchan_hash']; - $_SESSION['my_url'] = $x[0]['xchan_url']; - $_SESSION['my_address'] = $address; - $_SESSION['remote_service_class'] = $remote_service_class; - $_SESSION['remote_level'] = $remote_level; - $_SESSION['remote_hub'] = $remote_hub; - $_SESSION['DNT'] = $DNT; + $_SESSION['authenticated'] = 1; + if (! $delegation_success) { + $_SESSION['visitor_id'] = $xx['xchan_hash']; + $_SESSION['my_url'] = $xx['xchan_url']; + $_SESSION['my_address'] = $address; + $_SESSION['remote_service_class'] = $remote_service_class; + $_SESSION['remote_level'] = $remote_level; + $_SESSION['remote_hub'] = $remote_hub; + $_SESSION['DNT'] = $DNT; + } + + $arr = array('xchan' => $xx, 'url' => $desturl, 'session' => $_SESSION); + call_hooks('magic_auth_success',$arr); + $a->set_observer($xx); + require_once('include/security.php'); + $a->set_groups(init_groups_visitor($_SESSION['visitor_id'])); + info(sprintf( t('Welcome %s. Remote authentication successful.'),$xx['xchan_name'])); + logger('mod_zot: auth success from ' . $xx['xchan_addr']); + } + else { + if ($test) { + $ret['message'] .= 'auth failure. ' . print_r($_REQUEST,true) . print_r($j,true) . EOL; + continue; + } + logger('mod_zot: magic-auth failure - not authenticated: ' . $xx['xchan_addr']); } - $arr = array('xchan' => $x[0], 'url' => $desturl, 'session' => $_SESSION); - call_hooks('magic_auth_success',$arr); - $a->set_observer($x[0]); - require_once('include/security.php'); - $a->set_groups(init_groups_visitor($_SESSION['visitor_id'])); - info(sprintf( t('Welcome %s. Remote authentication successful.'),$x[0]['xchan_name'])); - logger('mod_zot: auth success from ' . $x[0]['xchan_addr']); - } - else { - if($test) { - $ret['message'] .= 'auth failure. ' . print_r($_REQUEST,true) . print_r($j,true) . EOL; - json_return_and_die($ret); + if ($test) { + $ret['message'] .= 'auth failure fallthrough ' . print_r($_REQUEST,true) . print_r($j,true) . EOL; + continue; } - logger('mod_zot: magic-auth failure - not authenticated: ' . $x[0]['xchan_addr']); } /** @@ -299,14 +306,13 @@ function post_init(&$a) { * But z_root() probably isn't where you really want to go. */ + if(strstr($desturl,z_root() . '/rmagic')) + goaway(z_root()); + if ($test) { - $ret['message'] .= 'auth failure fallthrough ' . print_r($_REQUEST,true) . print_r($j,true) . EOL; json_return_and_die($ret); } - if(strstr($desturl,z_root() . '/rmagic')) - goaway(z_root()); - goaway($desturl); } } diff --git a/version.inc b/version.inc index e412e1495..3b70e98ac 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2015-09-20.1161 +2015-09-22.1163 diff --git a/view/tpl/conv_item.tpl b/view/tpl/conv_item.tpl index 30a007bd6..dc8064f1a 100755 --- a/view/tpl/conv_item.tpl +++ b/view/tpl/conv_item.tpl @@ -123,6 +123,11 @@ {{if $item.item_photo_menu}} <li role="presentation" class="divider"></li> {{$item.item_photo_menu}} + + {{if $item.edpost}} + <li role="presentation"><a role="menuitem" href="dreport/{{$item.mid}}">{{$item.dreport}}</a></li> + {{/if}} + {{/if}} </ul> </div> diff --git a/view/tpl/locmanage.tpl b/view/tpl/locmanage.tpl index 944b3c3f4..e0232547f 100644 --- a/view/tpl/locmanage.tpl +++ b/view/tpl/locmanage.tpl @@ -19,7 +19,7 @@ function drophub(id) { {{if $hub.primary}}<button class="btn btn-std"><i class="icon-check"></i></button>{{else}}<button class="btn btn-std" onclick="primehub({{$hub.hubloc_id}}); return false;" ><i class="icon-check-empty" ></i></button>{{/if}} </td> -<td>{{if $hub.primary}}{{else}}{{if ! $hub.deleted}}<button class="btn btn-std" onclick="drophub({{$hub.hubloc_id}}); return false;"><i class="icon-trash"></i></button>{{/if}}{{/if}}</td> +<td>{{if ! $hub.deleted}}<button class="btn btn-std" onclick="drophub({{$hub.hubloc_id}}); return false;"><i class="icon-trash"></i></button>{{/if}}</td> </tr> {{/foreach}} </table> |