aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2019-03-13 16:31:37 -0700
committerzotlabs <mike@macgirvin.com>2019-03-13 16:31:37 -0700
commit05bcbfa28cafae0febcfb63bd39fdcb249f7def0 (patch)
tree6e98611451dea41b3eedb5d3831b528b63069c09
parent30f71ad63292c52d037946ad92c9a8a0940ff0c1 (diff)
downloadvolse-hubzilla-05bcbfa28cafae0febcfb63bd39fdcb249f7def0.tar.gz
volse-hubzilla-05bcbfa28cafae0febcfb63bd39fdcb249f7def0.tar.bz2
volse-hubzilla-05bcbfa28cafae0febcfb63bd39fdcb249f7def0.zip
signature issue for zot6 content imported from zotfeeds to hubzilla
-rwxr-xr-xinclude/items.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/include/items.php b/include/items.php
index 6bb453bc8..c9c2e2d48 100755
--- a/include/items.php
+++ b/include/items.php
@@ -763,11 +763,11 @@ function get_item_elements($x,$allow_code = false) {
// check the supplied signature against the supplied content.
// Note that we will purify the content which could change it.
- $r = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1",
+ $r = q("select xchan_pubkey, xchan_network from xchan where xchan_hash = '%s' limit 1",
dbesc($arr['author_xchan'])
);
if($r) {
- if($r[0]['xchan_pubkey']) {
+ if($r[0]['xchan_pubkey'] && $r[0]['xchan_network'] === 'zot') {
if(rsa_verify($x['body'],base64url_decode($arr['sig']),$r[0]['xchan_pubkey'])) {
$arr['item_verified'] = 1;
}