aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-02-18 16:59:31 -0800
committerfriendica <info@friendica.com>2014-02-18 16:59:31 -0800
commit5747e20e502cd4504aef4371b30631265579e81c (patch)
treeced1931f1dd3b4f9801e32b1900bb804b7a5a5fa
parent7d4916ec714d834db3493c2fc12e76b0ffdb26b2 (diff)
downloadvolse-hubzilla-5747e20e502cd4504aef4371b30631265579e81c.tar.gz
volse-hubzilla-5747e20e502cd4504aef4371b30631265579e81c.tar.bz2
volse-hubzilla-5747e20e502cd4504aef4371b30631265579e81c.zip
some more snakebite and fix up include/account - forgot about that inline array stuff
-rw-r--r--include/account.php9
-rw-r--r--include/auth.php8
-rw-r--r--mod/item.php10
-rw-r--r--mod/openid.php51
4 files changed, 57 insertions, 21 deletions
diff --git a/include/account.php b/include/account.php
index 242e6512f..1206223d9 100644
--- a/include/account.php
+++ b/include/account.php
@@ -440,7 +440,8 @@ function downgrade_accounts() {
dbesc('0000-00-00 00:00:00'),
intval($rr['account_id'])
);
- call_hooks('account_downgrade', array('account' => $rr));
+ $ret = array('account' => $rr);
+ call_hooks('account_downgrade', $ret );
logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' downgraded.');
}
else {
@@ -448,8 +449,10 @@ function downgrade_accounts() {
intval(ACCOUNT_EXPIRED),
intval($rr['account_id'])
);
- call_hooks('account_downgrade', array('account' => $rr));
+ $ret = array('account' => $rr);
+ call_hooks('account_downgrade', $ret);
logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' expired.');
}
}
-} \ No newline at end of file
+}
+
diff --git a/include/auth.php b/include/auth.php
index a4e859e0c..425715014 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -233,10 +233,10 @@ else {
function match_openid($authid) {
- $r = q("select * from pconfig where cat = 'system' and k = 'openid' ");
+ $r = q("select * from pconfig where cat = 'system' and k = 'openid' and v = '%s' limit 1",
+ dbesc($authid)
+ );
if($r)
- foreach($r as $rr)
- if($rr['v'] === $authid)
- return $rr['uid'];
+ return $r[0]['uid'];
return false;
}
diff --git a/mod/item.php b/mod/item.php
index fa7720791..dc005bb20 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -453,6 +453,16 @@ function item_post(&$a) {
* the post and we should keep it private. If it's encrypted we have no way of knowing
* so we'll set the permissions regardless and realise that the media may not be
* referenced in the post.
+ *
+ * What is preventing us from being able to upload photos into comments is dealing with
+ * the photo and attachment permissions, since we don't always know who was in the
+ * distribution for the top level post.
+ *
+ * We might be able to provide this functionality with a lot of fiddling:
+ * - if the top level post is public (make the photo public)
+ * - if the top level post was written by us or a wall post that belongs to us (match the top level post)
+ * - if the top level post has privacy mentions, add those to the permissions.
+ * - otherwise disallow the photo *or* make the photo public. This is the part that gets messy.
*/
if(! $preview) {
diff --git a/mod/openid.php b/mod/openid.php
index 6f97c6fb9..e1c71f9ee 100644
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -52,8 +52,9 @@ function openid_content(&$a) {
}
// Successful OpenID login - but we can't match it to an existing account.
+ // See if they've got an xchan
- $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ $r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1",
dbesc($authid)
);
@@ -73,7 +74,22 @@ function openid_content(&$a) {
goaway(z_root());
}
+ // no xchan...
+ // create one.
+ // We should probably probe the openid url.
+
+ $name = $authid;
+ $url = $_REQUEST['openid_identity'];
+ if(strpos($url,'http') === false)
+ $url = 'https://' . $url;
+ $pphoto = get_default_profile_photo();
+ $parsed = @parse_url($url);
+ if($parsed) {
+ $host = $parsed['host'];
+ }
+
$attr = $openid->getAttributes();
+
if(is_array($attr) && count($attr)) {
foreach($attr as $k => $v) {
if($k === 'namePerson/friendly')
@@ -81,30 +97,37 @@ function openid_content(&$a) {
if($k === 'namePerson/first')
$first = notags(trim($v));
if($k === 'namePerson')
- $args .= '&username=' . notags(trim($v));
+ $name = notags(trim($v));
if($k === 'contact/email')
- $args .= '&email=' . notags(trim($v));
+ $addr = notags(trim($v));
if($k === 'media/image/aspect11')
- $photosq = bin2hex(trim($v));
+ $photosq = trim($v);
if($k === 'media/image/default')
- $photo = bin2hex(trim($v));
+ $photo_other = trim($v);
}
}
- if($nick)
- $args .= '&nickname=' . $nick;
- elseif($first)
- $args .= '&nickname=' . $first;
+ if(! $nick) {
+ if($first)
+ $nick = $first;
+ else
+ $nick = $name;
+ }
+ require_once('library/urlify/URLify.php');
+ $x = strtolower(URLify::transliterate($nick));
+ if(! $addr)
+ $addr = $nick . '@' . $host;
+ $network = 'unknown';
+
if($photosq)
- $args .= '&photo=' . $photosq;
+ $pphoto = $photosq;
elseif($photo)
- $args .= '&photo=' . $photo;
-
- $args .= '&openid_url=' . notags(trim($authid));
+ $pphoto = $photo;
- goaway($a->get_baseurl() . '/register' . $args);
+ // add the xchan record and xconfig for the openid
// NOTREACHED
+ // actually it is reached until the other bits get written
}
}
notice( t('Login failed.') . EOL);