diff options
author | friendica <info@friendica.com> | 2013-07-31 18:57:14 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2013-07-31 18:57:14 -0700 |
commit | 0d22e1eefbb09b3b4e2c16845131a9db89d52a6e (patch) | |
tree | 4c2e04a598eae264a490f1b9c8eca55e4702cd2f | |
parent | c00c550c58f0125785b194c9413a98e114a7ab98 (diff) | |
download | volse-hubzilla-0d22e1eefbb09b3b4e2c16845131a9db89d52a6e.tar.gz volse-hubzilla-0d22e1eefbb09b3b4e2c16845131a9db89d52a6e.tar.bz2 volse-hubzilla-0d22e1eefbb09b3b4e2c16845131a9db89d52a6e.zip |
fix some privacy leakage in logs
-rwxr-xr-x | include/items.php | 15 | ||||
-rw-r--r-- | include/zot.php | 14 | ||||
-rw-r--r-- | mod/item.php | 25 |
3 files changed, 29 insertions, 25 deletions
diff --git a/include/items.php b/include/items.php index 49e3dd3de..13d891736 100755 --- a/include/items.php +++ b/include/items.php @@ -532,6 +532,21 @@ function get_item_elements($x) { $arr['item_private'] = ((array_key_exists('flags',$x) && is_array($x['flags']) && in_array('private',$x['flags'])) ? 1 : 0); + $arr['item_flags'] = 0; + + // if it's a private post, encrypt it in the DB. + // We have to do that here because we need to cleanse the input and prevent bad stuff from getting in, + // and we need plaintext to do that. + + if(intval($arr['item_private'])) { + $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED; + $key = get_config('system','pubkey'); + if($arr['title']) + $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key)); + if($arr['body']) + $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key)); + } + if(array_key_exists('flags',$x) && in_array('deleted',$x['flags'])) $arr['item_restrict'] = ITEM_DELETED; diff --git a/include/zot.php b/include/zot.php index c53e6c267..b4e005076 100644 --- a/include/zot.php +++ b/include/zot.php @@ -834,20 +834,6 @@ function zot_import($arr) { if($i['message']['type'] === 'activity') { $arr = get_item_elements($i['message']); - // if it's a private post, encrypt it in the DB. - // We have to do that here because we need to cleanse the input and prevent bad stuff from getting in, - // and we need plaintext to do that. - - if(array_key_exists('item_private',$arr) && intval($arr['item_private'])) { - logger('Encrypting local storage'); - $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED; - $key = get_config('system','pubkey'); - if($arr['title']) - $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key)); - if($arr['body']) - $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key)); - } - if(! array_key_exists('created',$arr)) { logger('Activity rejected: probable failure to lookup author/owner. ' . print_r($i['message'],true)); continue; diff --git a/mod/item.php b/mod/item.php index 0509d8fab..990acd2f0 100644 --- a/mod/item.php +++ b/mod/item.php @@ -44,7 +44,7 @@ function item_post(&$a) { call_hooks('post_local_start', $_REQUEST); - logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); +// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); $api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false); @@ -130,14 +130,15 @@ function item_post(&$a) { //if(($parid) && ($parid != $parent)) $thr_parent = $parent_mid; - if($parent_item['contact-id'] && $uid) { - $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($parent_item['contact-id']), - intval($uid) - ); - if(count($r)) - $parent_contact = $r[0]; - } +// if($parent_item['contact-id'] && $uid) { +// $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", +// intval($parent_item['contact-id']), +// intval($uid) +// ); +// if(count($r)) +// $parent_contact = $r[0]; +// } + } if($parent) { @@ -203,6 +204,10 @@ function item_post(&$a) { goaway($a->get_baseurl() . "/" . $return_path ); killme(); } + + if($observer) { + logger('mod_item: post accepted from ' . $observer['xchan_name'] . ' for ' . $owner_xchan['xchan_name'], LOGGER_DEBUG); + } if($orig_post) { @@ -333,8 +338,6 @@ function item_post(&$a) { $body .= "\n\n@group+" . $x[0]['abook_id'] . "\n"; } - - /** * fix naked links by passing through a callback to see if this is a red site * (already known to us) which will get a zrl, otherwise link with url |