aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-02-03 20:24:46 -0800
committerredmatrix <git@macgirvin.com>2016-02-03 20:24:46 -0800
commitc75f76f740be16f9880650fcff359d7afd85991d (patch)
tree50e40fcb64de4dfa0c8dfa176c52e7319a1527d0
parent28386d747115598ccd4851e049084219b2f99fef (diff)
downloadvolse-hubzilla-c75f76f740be16f9880650fcff359d7afd85991d.tar.gz
volse-hubzilla-c75f76f740be16f9880650fcff359d7afd85991d.tar.bz2
volse-hubzilla-c75f76f740be16f9880650fcff359d7afd85991d.zip
heavy lifting on admin security page
-rw-r--r--include/widgets.php1
-rw-r--r--mod/admin.php40
-rwxr-xr-xutil/config19
-rwxr-xr-xview/tpl/admin_aside.tpl1
-rwxr-xr-xview/tpl/admin_security.tpl2
5 files changed, 59 insertions, 4 deletions
diff --git a/include/widgets.php b/include/widgets.php
index 7e502e4c2..011e3a8d7 100644
--- a/include/widgets.php
+++ b/include/widgets.php
@@ -1269,6 +1269,7 @@ function widget_admin($arr) {
'site' => array(z_root() . '/admin/site/', t('Site'), 'site'),
'users' => array(z_root() . '/admin/users/', t('Accounts'), 'users'),
'channels' => array(z_root() . '/admin/channels/', t('Channels'), 'channels'),
+ 'security' => array(z_root() . '/admin/security/', t('Security'), 'security'),
'features' => array(z_root() . '/admin/features/', t('Features'), 'features'),
'plugins' => array(z_root() . '/admin/plugins/', t('Plugins'), 'plugins'),
'themes' => array(z_root() . '/admin/themes/', t('Themes'), 'themes'),
diff --git a/mod/admin.php b/mod/admin.php
index 7ca2efa35..bdb4bf861 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -542,9 +542,47 @@ function admin_page_hubloc_post(&$a){
goaway($a->get_baseurl(true) . '/admin/hubloc' );
}
+function trim_array_elems($arr) {
+ $narr = array();
+
+ if($arr && is_array($arr)) {
+ for($x = 0; $x < count($arr); $x ++) {
+ $y = trim($arr[$x]);
+ if($y)
+ $narr[] = $y;
+ }
+ }
+ return $narr;
+}
+
function admin_page_security_post(&$a){
check_form_security_token_redirectOnErr('/admin/security', 'admin_security');
+logger('post: ' . print_r($_POST,true));
+
+ $block_public = ((x($_POST,'block_public')) ? True : False);
+ set_config('system','block_public',$block_public);
+
+ $ws = trim_array_elems(explode("\n",$_POST['whitelisted_sites']));
+ set_config('system','whitelisted_sites',$ws);
+
+ $bs = trim_array_elems(explode("\n",$_POST['blacklisted_sites']));
+ set_config('system','blacklisted_sites',$bs);
+
+ $wc = trim_array_elems(explode("\n",$_POST['whitelisted_channels']));
+ set_config('system','whitelisted_channels',$wc);
+
+ $bc = trim_array_elems(explode("\n",$_POST['blacklisted_channels']));
+ set_config('system','blacklisted_channels',$bc);
+
+ $embed_coop = ((x($_POST,'embed_coop')) ? True : False);
+ set_config('system','embed_coop',$embed_coop);
+
+ $we = trim_array_elems(explode("\n",$_POST['embed_allow']));
+ set_config('system','embed_allow',$we);
+
+ $be = trim_array_elems(explode("\n",$_POST['embed_deny']));
+ set_config('system','embed_deny',$be);
goaway(z_root() . '/admin/security');
}
@@ -666,7 +704,7 @@ function admin_page_security(&$a) {
$embed_coop = intval(get_config('system','embed_coop'));
if((! $whiteembeds) && (! $blackembeds) && (! $embed_coop))
- $blackembeds_str = "youtube.com\nyoutu.be\ntwitter.com\nvimeo.com\nsoundcloud.com";
+ $whiteembeds_str = "youtube.com\nyoutu.be\ntwitter.com\nvimeo.com\nsoundcloud.com\nwikipedia.com";
$t = get_markup_template('admin_security.tpl');
return replace_macros($t, array(
diff --git a/util/config b/util/config
index 67fe14f93..74a9219b5 100755
--- a/util/config
+++ b/util/config
@@ -8,12 +8,14 @@ require_once('include/cli_startup.php');
cli_startup();
if($argc > 3) {
+
+
set_config($argv[1],$argv[2],$argv[3]);
- echo "config[{$argv[1]}][{$argv[2]}] = " . get_config($argv[1],$argv[2]) . "\n";
+ echo "config[{$argv[1]}][{$argv[2]}] = " . printable_config(get_config($argv[1],$argv[2])) . "\n";
}
if($argc == 3) {
- echo "config[{$argv[1]}][{$argv[2]}] = " . get_config($argv[1],$argv[2]) . "\n";
+ echo "config[{$argv[1]}][{$argv[2]}] = " . printable_config(get_config($argv[1],$argv[2])) . "\n";
}
if($argc == 2) {
@@ -27,8 +29,19 @@ if($argc == 1) {
$r = q("select * from config where 1");
if($r) {
foreach($r as $rr) {
- echo "config[{$rr['cat']}][{$rr['k']}] = " . $rr['v'] . "\n";
+ echo "config[{$rr['cat']}][{$rr['k']}] = " . printable_config($rr['v']) . "\n";
}
}
}
+function printable_config($x) {
+ $s = '';
+ if(is_array($x)) {
+ foreach($x as $v) {
+ $s .= $v . "\n";
+ }
+ return $s;
+ }
+ else
+ return $x;
+} \ No newline at end of file
diff --git a/view/tpl/admin_aside.tpl b/view/tpl/admin_aside.tpl
index 0a77ef73c..ab190fc95 100755
--- a/view/tpl/admin_aside.tpl
+++ b/view/tpl/admin_aside.tpl
@@ -16,6 +16,7 @@
<li><a href='{{$admin.site.0}}'>{{$admin.site.1}}</a></li>
<li><a href='{{$admin.users.0}}'>{{$admin.users.1}}<span id='pending-update' title='{{$h_pending}}'></span></a></li>
<li><a href='{{$admin.channels.0}}'>{{$admin.channels.1}}</a></li>
+ <li><a href='{{$admin.security.0}}'>{{$admin.security.1}}</a></li>
<li><a href='{{$admin.queue.0}}'>{{$admin.queue.1}}</a></li>
<li><a href='{{$admin.plugins.0}}'>{{$admin.plugins.1}}</a></li>
<li><a href='{{$admin.themes.0}}'>{{$admin.themes.1}}</a></li>
diff --git a/view/tpl/admin_security.tpl b/view/tpl/admin_security.tpl
index 62120c17c..691db2d88 100755
--- a/view/tpl/admin_security.tpl
+++ b/view/tpl/admin_security.tpl
@@ -3,6 +3,8 @@
<form action="{{$baseurl}}/admin/security" method="post">
+ <input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
+
{{include file="field_checkbox.tpl" field=$block_public}}