aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2016-06-28 11:09:22 +0200
committerMario Vavti <mario@mariovavti.com>2016-06-28 11:09:22 +0200
commit9f576369a97009bc93f4f724f85024410c3899df (patch)
treeadc2c68e8729ff783eca9cd259bc5b8fe394d2e6 /Zotlabs/Module
parent911510f9996dc43bd3440884325326b7e99ea12f (diff)
parent7d7f43c2056fd50ff26aed5df553bf4936ead196 (diff)
downloadvolse-hubzilla-9f576369a97009bc93f4f724f85024410c3899df.tar.gz
volse-hubzilla-9f576369a97009bc93f4f724f85024410c3899df.tar.bz2
volse-hubzilla-9f576369a97009bc93f4f724f85024410c3899df.zip
Merge branch 'dev' into sabre32
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Cover_photo.php2
-rw-r--r--Zotlabs/Module/New_channel.php4
-rw-r--r--Zotlabs/Module/Profile_photo.php5
-rw-r--r--Zotlabs/Module/Register.php3
-rw-r--r--Zotlabs/Module/Setup.php10
5 files changed, 15 insertions, 9 deletions
diff --git a/Zotlabs/Module/Cover_photo.php b/Zotlabs/Module/Cover_photo.php
index 9887b8203..886958b37 100644
--- a/Zotlabs/Module/Cover_photo.php
+++ b/Zotlabs/Module/Cover_photo.php
@@ -50,7 +50,7 @@ class Cover_photo extends \Zotlabs\Web\Controller {
check_form_security_token_redirectOnErr('/cover_photo', 'cover_photo');
- if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) {
+ if((array_key_exists('cropfinal',$_POST)) && ($_POST['cropfinal'] == 1)) {
// phase 2 - we have finished cropping
diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php
index 30d7c83c6..1dcf84fb0 100644
--- a/Zotlabs/Module/New_channel.php
+++ b/Zotlabs/Module/New_channel.php
@@ -62,7 +62,7 @@ class New_channel extends \Zotlabs\Web\Controller {
}
- function post() {
+ function post() {
$arr = $_POST;
@@ -96,7 +96,7 @@ class New_channel extends \Zotlabs\Web\Controller {
}
- function get() {
+ function get() {
$acc = \App::get_account();
diff --git a/Zotlabs/Module/Profile_photo.php b/Zotlabs/Module/Profile_photo.php
index 62c5e99ae..9359b80f8 100644
--- a/Zotlabs/Module/Profile_photo.php
+++ b/Zotlabs/Module/Profile_photo.php
@@ -53,7 +53,7 @@ class Profile_photo extends \Zotlabs\Web\Controller {
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
- if((array_key_exists('postfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) {
+ if((array_key_exists('cropfinal',$_POST)) && (intval($_POST['cropfinal']) == 1)) {
// phase 2 - we have finished cropping
@@ -90,12 +90,11 @@ class Profile_photo extends \Zotlabs\Web\Controller {
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
-
+
$r = q("SELECT * FROM photo WHERE resource_id = '%s' AND uid = %d AND imgscale = %d LIMIT 1",
dbesc($image_id),
dbesc(local_channel()),
intval($scale));
-
if($r) {
$base_image = $r[0];
diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php
index 7cd1ee501..6afa4a94c 100644
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -259,7 +259,8 @@ class Register extends \Zotlabs\Web\Controller {
'$email' => $email,
'$pass1' => $password,
'$pass2' => $password2,
- '$submit' => ((UNO || $auto_create || $registration_is) ? t('Register') : t('Proceed to create your first channel'))
+ '$submit' => t('Register'),
+ '$verify_note' => t('This site may require email verification after submitting this form. If you are returned to a login page, please check your email for instructions.')
));
return $o;
diff --git a/Zotlabs/Module/Setup.php b/Zotlabs/Module/Setup.php
index c4878e217..c5d0ccc21 100644
--- a/Zotlabs/Module/Setup.php
+++ b/Zotlabs/Module/Setup.php
@@ -596,7 +596,7 @@ class Setup extends \Zotlabs\Web\Controller {
if(! is_writable('store')) {
$status = false;
- $help = t('Red uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
+ $help = t('This software uses the store directory to save uploaded files. The web server needs to have write access to the store directory under the Red top level folder') . EOL;
$help .= t('Please ensure that the user that your web server runs as (e.g. www-data) has write access to this folder.').EOL;
}
@@ -639,6 +639,9 @@ class Setup extends \Zotlabs\Web\Controller {
$help .= t('If your certificate is not recognized, members of other sites (who may themselves have valid certificates) will get a warning message on their own site complaining about security issues.') . EOL;
$help .= t('This can cause usability issues elsewhere (not just on your own site) so we must insist on this requirement.') .EOL;
$help .= t('Providers are available that issue free certificates which are browser-valid.'). EOL;
+
+ $help .= t('If you are confident that the certificate is valid and signed by a trusted authority, check to see if you have failed to install an intermediate cert. These are not normally required by browsers, but are required for server-to-server communications.') . EOL;
+
$this->check_add($checks, t('SSL certificate validation'), false, true, $help);
}
@@ -695,6 +698,7 @@ class Setup extends \Zotlabs\Web\Controller {
// install the standard theme
set_config('system', 'allowed_themes', 'redbasic');
+
// Set a lenient list of ciphers if using openssl. Other ssl engines
// (e.g. NSS used in RedHat) require different syntax, so hopefully
// the default curl cipher list will work for most sites. If not,
@@ -704,7 +708,9 @@ class Setup extends \Zotlabs\Web\Controller {
// z_fetch_url() is also used to import shared links and other content
// so in theory most any cipher could show up and we should do our best
// to make the content available rather than tell folks that there's a
- // weird SSL error which they can't do anything about.
+ // weird SSL error which they can't do anything about. This does not affect
+ // the SSL server, but is only a client negotiation to find something workable.
+ // Hence it will not make your system susceptible to POODL or other nasties.
$x = curl_version();
if(stristr($x['ssl_version'],'openssl'))