aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2015-02-02 17:58:51 -0800
committerfriendica <info@friendica.com>2015-02-02 17:58:51 -0800
commitfa710106e5f97744e43a61a7e9ef5a1b993261ee (patch)
treee0146b5df9245bc40b675e2cae309cade8fe45db
parent03bb236651fa77c5e73bd04bcf918091d26557b3 (diff)
downloadvolse-hubzilla-fa710106e5f97744e43a61a7e9ef5a1b993261ee.tar.gz
volse-hubzilla-fa710106e5f97744e43a61a7e9ef5a1b993261ee.tar.bz2
volse-hubzilla-fa710106e5f97744e43a61a7e9ef5a1b993261ee.zip
sign the ratings, fix the bugs
-rw-r--r--mod/connedit.php17
-rw-r--r--mod/prate.php2
-rw-r--r--mod/prep.php2
3 files changed, 15 insertions, 6 deletions
diff --git a/mod/connedit.php b/mod/connedit.php
index 8c0212afe..93cf1b09a 100644
--- a/mod/connedit.php
+++ b/mod/connedit.php
@@ -131,26 +131,35 @@ function connedit_post(&$a) {
$new_friend = false;
if(! $is_self) {
- $z = q("select * from xlink where xlink_xchan = '%s' and xlink_xlink = '%s' and xlink_static = 1 limit 1",
+
+ $signed = $target . '.' . $rating . '.' . $rating_text;
+
+ $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey']));
+
+ $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
dbesc($channel['channel_hash']),
dbesc($orig_record[0]['abook_xchan'])
);
+
+
if($z) {
$record = $z[0]['xlink_id'];
- $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_updated = '%s'
+ $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'
where xlink_id = %d",
intval($rating),
dbesc($rating_text),
+ dbesc($sig),
dbesc(datetime_convert()),
intval($record)
);
}
else {
- $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', 1 ) ",
+ $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ",
dbesc($channel['channel_hash']),
dbesc($orig_record[0]['abook_xchan']),
intval($rating),
dbesc($rating_text),
+ dbesc($sig),
dbesc(datetime_convert())
);
$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
@@ -564,7 +573,7 @@ function connedit_content(&$a) {
}
$poco_rating = get_config('system','poco_rating_enable');
- $poco_rating = 0;
+
// if unset default to enabled
if($poco_rating === false)
$poco_rating = true;
diff --git a/mod/prate.php b/mod/prate.php
index 9c46d205a..00de8b6fc 100644
--- a/mod/prate.php
+++ b/mod/prate.php
@@ -28,7 +28,7 @@ function prate_post(&$a) {
$sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey']));
- $z = q("select * from xlink where xlink_xchan = '%s' and xlink_xlink = '%s' and xlink_static = 1 limit 1",
+ $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1",
dbesc($channel['channel_hash']),
dbesc($target)
);
diff --git a/mod/prep.php b/mod/prep.php
index 896717826..9d21b0409 100644
--- a/mod/prep.php
+++ b/mod/prep.php
@@ -54,7 +54,7 @@ function prep_content(&$a) {
if(! $a->poi)
return;
- $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash where xlink_link like '%s' and xlink_rating != 0",
+ $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash where xlink_link like '%s' and xlink_rating != 0 and xlink_static = 1",
dbesc($a->poi['xchan_hash'])
);