aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2021-02-10 20:40:28 +0000
committerMario <mario@mariovavti.com>2021-02-10 20:40:28 +0000
commit464a0634d63707412afb7df9b2fe0d2e23258753 (patch)
tree162cfb044d516843c74ded349cbae6441bda3db6
parent391db616297fab5db1531d31e36884af245ae9ac (diff)
downloadvolse-hubzilla-464a0634d63707412afb7df9b2fe0d2e23258753.tar.gz
volse-hubzilla-464a0634d63707412afb7df9b2fe0d2e23258753.tar.bz2
volse-hubzilla-464a0634d63707412afb7df9b2fe0d2e23258753.zip
use (un)obscurify
-rw-r--r--Zotlabs/Module/Pconfig.php70
-rw-r--r--include/crypto.php2
2 files changed, 35 insertions, 37 deletions
diff --git a/Zotlabs/Module/Pconfig.php b/Zotlabs/Module/Pconfig.php
index b2b5d4386..8a71ab974 100644
--- a/Zotlabs/Module/Pconfig.php
+++ b/Zotlabs/Module/Pconfig.php
@@ -8,16 +8,16 @@ use Zotlabs\Lib\Libsync;
class Pconfig extends \Zotlabs\Web\Controller {
function post() {
-
+
if(! local_channel())
return;
-
-
+
+
if($_SESSION['delegate'])
return;
-
+
check_form_security_token_redirectOnErr('/pconfig', 'pconfig');
-
+
$cat = trim(escape_tags($_POST['cat']));
$k = trim(escape_tags($_POST['k']));
$v = trim($_POST['v']);
@@ -27,16 +27,16 @@ class Pconfig extends \Zotlabs\Web\Controller {
if (preg_match('|^a:[0-9]+:{.*}$|s',$v) || preg_match('|O:8:"stdClass":[0-9]+:{.*}$|s',$v)) {
return;
}
-
+
if(in_array(argv(2),$this->disallowed_pconfig())) {
notice( t('This setting requires special processing and editing has been blocked.') . EOL);
return;
}
-
+
if(strpos($k,'password') !== false) {
- $v = z_obscure($v);
+ $v = obscurify($v);
}
-
+
set_pconfig(local_channel(),$cat,$k,$v);
Libsync::build_sync_packet();
@@ -46,24 +46,24 @@ class Pconfig extends \Zotlabs\Web\Controller {
goaway(z_root() . '/pconfig/' . $cat . '/' . $k);
}
-
-
+
+
function get() {
-
+
if(! local_channel()) {
return login();
}
-
+
$content = '<h3>' . t('Configuration Editor') . '</h3>';
$content .= '<div class="descriptive-paragraph">' . t('Warning: Changing some settings could render your channel inoperable. Please leave this page unless you are comfortable with and knowledgeable about how to correctly use this feature.') . '</div>' . EOL . EOL;
-
-
-
+
+
+
if(argc() == 3) {
$content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL;
$content .= '<a href="pconfig/' . escape_tags(argv(1)) . '">pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . ']</a>' . EOL . EOL;
$content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . escape_tags(argv(2)) . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . escape_tags(argv(2)) . ']</a> = ' . get_pconfig(local_channel(),escape_tags(argv(1)),escape_tags(argv(2))) . EOL;
-
+
if(in_array(argv(2),$this->disallowed_pconfig())) {
notice( t('This setting requires special processing and editing has been blocked.') . EOL);
return $content;
@@ -71,8 +71,8 @@ class Pconfig extends \Zotlabs\Web\Controller {
else
$content .= $this->pconfig_form(escape_tags(argv(1)),escape_tags(argv(2)));
}
-
-
+
+
if(argc() == 2) {
$content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL;
load_pconfig(local_channel(),escape_tags(argv(1)));
@@ -80,9 +80,9 @@ class Pconfig extends \Zotlabs\Web\Controller {
$content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . $k . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . $k . ']</a> = ' . escape_tags($x) . EOL;
}
}
-
+
if(argc() == 1) {
-
+
$r = q("select * from pconfig where uid = " . local_channel());
if($r) {
foreach($r as $rr) {
@@ -91,33 +91,33 @@ class Pconfig extends \Zotlabs\Web\Controller {
}
}
return $content;
-
+
}
-
-
+
+
function pconfig_form($cat,$k) {
-
+
$o = '<form action="pconfig" method="post" >';
$o .= '<input type="hidden" name="form_security_token" value="' . get_form_security_token('pconfig') . '" />';
-
+
$v = get_pconfig(local_channel(),$cat,$k);
- if(strpos($k,'password') !== false)
- $v = z_unobscure($v);
-
+ if(strpos($k,'password') !== false)
+ $v = unobscurify($v);
+
$o .= '<input type="hidden" name="cat" value="' . $cat . '" />';
$o .= '<input type="hidden" name="k" value="' . $k . '" />';
-
+
if(strpos($v,"\n"))
$o .= '<textarea name="v" >' . escape_tags($v) . '</textarea>';
else
$o .= '<input type="text" name="v" value="' . escape_tags($v) . '" />';
-
- $o .= EOL . EOL;
+
+ $o .= EOL . EOL;
$o .= '<input type="submit" name="submit" value="' . t('Submit') . '" />';
$o .= '</form>';
-
+
return $o;
-
+
}
@@ -127,5 +127,5 @@ class Pconfig extends \Zotlabs\Web\Controller {
'permissions_role'
);
}
-
+
}
diff --git a/include/crypto.php b/include/crypto.php
index b09356fc7..40e68a4e7 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -1,7 +1,5 @@
<?php /** @file */
-use Zotlabs\Lib\Crypto;
-
require_once('library/ASNValue.class.php');
require_once('library/asn1.php');