aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-05-05 20:07:19 -0700
committerfriendica <info@friendica.com>2013-05-05 20:07:19 -0700
commit5031015cc53534f679608d0b8e982b70b2ef7dee (patch)
tree50cd87c33311a5447bf0d6a15947c442e30929f9
parent6f04a7e07033c8ca06df47defe1839d5763f1ee6 (diff)
downloadvolse-hubzilla-5031015cc53534f679608d0b8e982b70b2ef7dee.tar.gz
volse-hubzilla-5031015cc53534f679608d0b8e982b70b2ef7dee.tar.bz2
volse-hubzilla-5031015cc53534f679608d0b8e982b70b2ef7dee.zip
email notification content privacy by default (unless it's public content)
-rw-r--r--include/enotify.php24
1 files changed, 24 insertions, 0 deletions
diff --git a/include/enotify.php b/include/enotify.php
index b742b17f4..07e660191 100644
--- a/include/enotify.php
+++ b/include/enotify.php
@@ -108,6 +108,8 @@ function notification($params) {
$item_post_type = item_post_type($p[0]);
+ $private = $p[0]['item_private'];
+
//$possess_desc = str_replace('<!item_type!>',$possess_desc);
// "a post"
@@ -154,6 +156,8 @@ function notification($params) {
$epreamble = sprintf( t('%1$s posted to [zrl=%2$s]your wall[/zrl]') ,
'[zrl=' . $sender['xchan_url'] . ']' . $sender['xchan_name'] . '[/zrl]',
$params['link']);
+ // FIXME - check the item privacy
+ $private = false;
$sitelink = t('Please visit %s to view and/or reply to the conversation.');
$tsitelink = sprintf( $sitelink, $siteurl );
@@ -346,6 +350,7 @@ function notification($params) {
$htmlversion = html_entity_decode(bbcode(stripslashes(str_replace(array("\\r\\n", "\\r","\\n\\n" ,"\\n"),
"<br />\n",$body))));
+
$datarray = array();
$datarray['banner'] = $banner;
$datarray['product'] = $product;
@@ -370,9 +375,28 @@ function notification($params) {
$datarray['textversion'] = $textversion;
$datarray['subject'] = $subject;
$datarray['headers'] = $additional_mail_header;
+ $datarray['email_secure'] = false;
call_hooks('enotify_mail', $datarray);
+ // Default to private - don't disclose message contents over insecure channels (such as email)
+ // Might be interesting to use GPG,PGP,S/MIME encryption instead
+ // but we'll save that for a clever plugin developer to implement
+
+ if(! $datarray['email_secure']) {
+ switch($params['type']) {
+ case NOTIFY_WALL:
+ case NOTIFY_COMMENT:
+ if(! $private)
+ break;
+ case NOTIFY_MAIL:
+ $datarray['textversion'] = $datarray['htmlversion'] = '';
+ break;
+ default:
+ break;
+ }
+ }
+
// load the template for private message notifications
$tpl = get_markup_template('email_notify_html.tpl');
$email_html_body = replace_macros($tpl,array(