diff options
| author | zotlabs <mike@macgirvin.com> | 2017-04-20 20:19:15 -0700 |
|---|---|---|
| committer | Mario Vavti <mario@mariovavti.com> | 2017-04-26 14:16:07 +0200 |
| commit | c904bd3a628e4bf3c2420ee314277da69828c3b2 (patch) | |
| tree | 68a037024e870c207c9a6a89d94edcaadc8a8e39 /Zotlabs/Module/Editwebpage.php | |
| parent | d48bda88e61026930866f947523f1c0cbe1659d2 (diff) | |
| download | volse-hubzilla-c904bd3a628e4bf3c2420ee314277da69828c3b2.tar.gz volse-hubzilla-c904bd3a628e4bf3c2420ee314277da69828c3b2.tar.bz2 volse-hubzilla-c904bd3a628e4bf3c2420ee314277da69828c3b2.zip | |
The rest of the library and backend changes to support client-side e2ee and deprecate previous uses of item_obscured.
Diffstat (limited to 'Zotlabs/Module/Editwebpage.php')
| -rw-r--r-- | Zotlabs/Module/Editwebpage.php | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php index 03b2aeab9..db33cd1db 100644 --- a/Zotlabs/Module/Editwebpage.php +++ b/Zotlabs/Module/Editwebpage.php @@ -100,19 +100,14 @@ class Editwebpage extends \Zotlabs\Web\Controller { intval($owner) ); - if(! $itm) { + // don't allow web editing of potentially binary content (item_obscured = 1) + // @FIXME how do we do it instead? + + if((! $itm) || intval($itm[0]['item_obscured'])) { notice( t('Permission denied.') . EOL); return; } - if(intval($itm[0]['item_obscured'])) { - $key = get_config('system','prvkey'); - if($itm[0]['title']) - $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key); - if($itm[0]['body']) - $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key); - } - $item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1", intval($itm[0]['id']) ); |