diff options
author | friendica <info@friendica.com> | 2013-12-05 15:55:14 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2013-12-05 15:55:14 -0800 |
commit | 539988b62f20d73f097ee24d5a7fb6d23fa9fd4d (patch) | |
tree | d3d9d39e4d907bd0abd7a1878677b51fec4054dd | |
parent | d66d8ff524203ccc0fae894b483178b2f706b711 (diff) | |
download | volse-hubzilla-539988b62f20d73f097ee24d5a7fb6d23fa9fd4d.tar.gz volse-hubzilla-539988b62f20d73f097ee24d5a7fb6d23fa9fd4d.tar.bz2 volse-hubzilla-539988b62f20d73f097ee24d5a7fb6d23fa9fd4d.zip |
couple of additional checks
-rw-r--r-- | mod/post.php | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/mod/post.php b/mod/post.php index 31f17a873..73345c4e9 100644 --- a/mod/post.php +++ b/mod/post.php @@ -172,19 +172,30 @@ function post_init(&$a) { $result = zot_zot($x[0]['hubloc_callback'],$p); - $ret['message'] .= 'auth check request to your site returned .' . print_r($result, true) . EOL; if(! $result['success']) { logger('mod_zot: auth_check callback failed.'); if($test) { + $ret['message'] .= 'auth check request to your site returned .' . print_r($result, true) . EOL; json_return_and_die($ret); } goaway($desturl); } $j = json_decode($result['body'],true); + if(! $j) { + logger('mod_zot: auth_check json data malformed.'); + if($test) { + $ret['message'] .= 'json malformed: ' . $result['body'] . EOL; + json_return_and_die($ret); + } + } } + if($test) { + $ret['message'] .= 'auth check request returned .' . print_r($j, true) . EOL; + } + if($already_authed || $j['success']) { if($j['success']) { // legit response, but we do need to check that this wasn't answered by a man-in-middle |