diff options
author | friendica <info@friendica.com> | 2015-02-02 17:58:51 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2015-02-02 17:58:51 -0800 |
commit | fa710106e5f97744e43a61a7e9ef5a1b993261ee (patch) | |
tree | e0146b5df9245bc40b675e2cae309cade8fe45db | |
parent | 03bb236651fa77c5e73bd04bcf918091d26557b3 (diff) | |
download | volse-hubzilla-fa710106e5f97744e43a61a7e9ef5a1b993261ee.tar.gz volse-hubzilla-fa710106e5f97744e43a61a7e9ef5a1b993261ee.tar.bz2 volse-hubzilla-fa710106e5f97744e43a61a7e9ef5a1b993261ee.zip |
sign the ratings, fix the bugs
-rw-r--r-- | mod/connedit.php | 17 | ||||
-rw-r--r-- | mod/prate.php | 2 | ||||
-rw-r--r-- | mod/prep.php | 2 |
3 files changed, 15 insertions, 6 deletions
diff --git a/mod/connedit.php b/mod/connedit.php index 8c0212afe..93cf1b09a 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -131,26 +131,35 @@ function connedit_post(&$a) { $new_friend = false; if(! $is_self) { - $z = q("select * from xlink where xlink_xchan = '%s' and xlink_xlink = '%s' and xlink_static = 1 limit 1", + + $signed = $target . '.' . $rating . '.' . $rating_text; + + $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); + + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']) ); + + if($z) { $record = $z[0]['xlink_id']; - $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_updated = '%s' + $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' where xlink_id = %d", intval($rating), dbesc($rating_text), + dbesc($sig), dbesc(datetime_convert()), intval($record) ); } else { - $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', 1 ) ", + $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']), intval($rating), dbesc($rating_text), + dbesc($sig), dbesc(datetime_convert()) ); $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", @@ -564,7 +573,7 @@ function connedit_content(&$a) { } $poco_rating = get_config('system','poco_rating_enable'); - $poco_rating = 0; + // if unset default to enabled if($poco_rating === false) $poco_rating = true; diff --git a/mod/prate.php b/mod/prate.php index 9c46d205a..00de8b6fc 100644 --- a/mod/prate.php +++ b/mod/prate.php @@ -28,7 +28,7 @@ function prate_post(&$a) { $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); - $z = q("select * from xlink where xlink_xchan = '%s' and xlink_xlink = '%s' and xlink_static = 1 limit 1", + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($target) ); diff --git a/mod/prep.php b/mod/prep.php index 896717826..9d21b0409 100644 --- a/mod/prep.php +++ b/mod/prep.php @@ -54,7 +54,7 @@ function prep_content(&$a) { if(! $a->poi) return; - $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash where xlink_link like '%s' and xlink_rating != 0", + $r = q("select * from xlink left join xchan on xlink_xchan = xchan_hash where xlink_link like '%s' and xlink_rating != 0 and xlink_static = 1", dbesc($a->poi['xchan_hash']) ); |