heavy lifting on admin security page

5 files changed, 59 insertions, 4 deletions

diff --git a/include/widgets.php b/include/widgets.php
index 7e502e4c2..011e3a8d7 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -1269,6 +1269,7 @@ function widget_admin($arr) {
 		'site'      => array(z_root() . '/admin/site/',     t('Site'),           'site'),
 		'users'     => array(z_root() . '/admin/users/',    t('Accounts'),       'users'),
 		'channels'  => array(z_root() . '/admin/channels/', t('Channels'),       'channels'),
+		'security'  => array(z_root() . '/admin/security/', t('Security'),       'security'),
 		'features'  => array(z_root() . '/admin/features/', t('Features'),       'features'),
 		'plugins'   => array(z_root() . '/admin/plugins/',  t('Plugins'),        'plugins'),
 		'themes'    => array(z_root() . '/admin/themes/',   t('Themes'),         'themes'),
diff --git a/mod/admin.php b/mod/admin.php
index 7ca2efa35..bdb4bf861 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -542,9 +542,47 @@ function admin_page_hubloc_post(&$a){
 	goaway($a->get_baseurl(true) . '/admin/hubloc' );
 }
 
+function trim_array_elems($arr) {
+	$narr = array();
+
+	if($arr && is_array($arr)) {
+		for($x = 0; $x < count($arr); $x ++) {
+			$y = trim($arr[$x]);
+			if($y)
+				$narr[] = $y;
+		}
+	}
+	return $narr;
+}
+
 function admin_page_security_post(&$a){
 	check_form_security_token_redirectOnErr('/admin/security', 'admin_security');
 
+logger('post: ' . print_r($_POST,true));
+
+	$block_public         = ((x($_POST,'block_public'))		? True	: False);
+	set_config('system','block_public',$block_public);
+
+	$ws = trim_array_elems(explode("\n",$_POST['whitelisted_sites']));
+	set_config('system','whitelisted_sites',$ws);
+
+	$bs = trim_array_elems(explode("\n",$_POST['blacklisted_sites']));
+	set_config('system','blacklisted_sites',$bs);
+
+	$wc = trim_array_elems(explode("\n",$_POST['whitelisted_channels']));
+	set_config('system','whitelisted_channels',$wc);
+
+	$bc = trim_array_elems(explode("\n",$_POST['blacklisted_channels']));
+	set_config('system','blacklisted_channels',$bc);
+
+	$embed_coop         = ((x($_POST,'embed_coop'))		? True	: False);
+	set_config('system','embed_coop',$embed_coop);
+
+	$we = trim_array_elems(explode("\n",$_POST['embed_allow']));
+	set_config('system','embed_allow',$we);
+
+	$be = trim_array_elems(explode("\n",$_POST['embed_deny']));
+	set_config('system','embed_deny',$be);
 
 	goaway(z_root() . '/admin/security');
 }
@@ -666,7 +704,7 @@ function admin_page_security(&$a) {
 	$embed_coop = intval(get_config('system','embed_coop'));
 
 	if((! $whiteembeds) && (! $blackembeds) && (! $embed_coop))
-		$blackembeds_str = "youtube.com\nyoutu.be\ntwitter.com\nvimeo.com\nsoundcloud.com";
+		$whiteembeds_str = "youtube.com\nyoutu.be\ntwitter.com\nvimeo.com\nsoundcloud.com\nwikipedia.com";
 
 	$t = get_markup_template('admin_security.tpl');
 	return replace_macros($t, array(
diff --git a/util/config b/util/config
index 67fe14f93..74a9219b5 100755
--- a/util/config
+++ b/util/config
@@ -8,12 +8,14 @@ require_once('include/cli_startup.php');
 cli_startup();
 
 if($argc > 3) {
+	
+
 	set_config($argv[1],$argv[2],$argv[3]);
-	echo "config[{$argv[1]}][{$argv[2]}] = " . get_config($argv[1],$argv[2]) . "\n";
+	echo "config[{$argv[1]}][{$argv[2]}] = " . printable_config(get_config($argv[1],$argv[2])) . "\n";
 }
 
 if($argc == 3) {
-	echo "config[{$argv[1]}][{$argv[2]}] = " . get_config($argv[1],$argv[2]) . "\n";
+	echo "config[{$argv[1]}][{$argv[2]}] = " . printable_config(get_config($argv[1],$argv[2])) . "\n";
 }
 
 if($argc == 2) {
@@ -27,8 +29,19 @@ if($argc == 1) {
 	$r = q("select * from config where 1");
 	if($r) {
 		foreach($r as $rr) {
-			echo "config[{$rr['cat']}][{$rr['k']}] = " . $rr['v'] . "\n";
+			echo "config[{$rr['cat']}][{$rr['k']}] = " . printable_config($rr['v']) . "\n";
 		}
 	}
 }
 
+function printable_config($x) {
+	$s = '';
+	if(is_array($x)) {
+		foreach($x as $v) {
+			$s .= $v . "\n";
+		}
+		return $s;
+	}
+	else
+		return $x;
+}
\ No newline at end of file
diff --git a/view/tpl/admin_aside.tpl b/view/tpl/admin_aside.tpl
index 0a77ef73c..ab190fc95 100755
--- a/view/tpl/admin_aside.tpl
+++ b/view/tpl/admin_aside.tpl
@@ -16,6 +16,7 @@
 	<li><a href='{{$admin.site.0}}'>{{$admin.site.1}}</a></li>
 	<li><a href='{{$admin.users.0}}'>{{$admin.users.1}}<span id='pending-update' title='{{$h_pending}}'></span></a></li>
 	<li><a href='{{$admin.channels.0}}'>{{$admin.channels.1}}</a></li>
+	<li><a href='{{$admin.security.0}}'>{{$admin.security.1}}</a></li>
 	<li><a href='{{$admin.queue.0}}'>{{$admin.queue.1}}</a></li>
 	<li><a href='{{$admin.plugins.0}}'>{{$admin.plugins.1}}</a></li>
 	<li><a href='{{$admin.themes.0}}'>{{$admin.themes.1}}</a></li>
diff --git a/view/tpl/admin_security.tpl b/view/tpl/admin_security.tpl
index 62120c17c..691db2d88 100755
--- a/view/tpl/admin_security.tpl
+++ b/view/tpl/admin_security.tpl
@@ -3,6 +3,8 @@
 
 	<form action="{{$baseurl}}/admin/security" method="post">
 
+	<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
+
 
 	{{include file="field_checkbox.tpl" field=$block_public}}