aboutsummaryrefslogtreecommitdiffstats
path: root/include/import.php
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-01-16 14:00:22 -0800
committerredmatrix <git@macgirvin.com>2016-01-16 14:00:22 -0800
commit110ef6201e0a3731967a662afed1606b7077d0b0 (patch)
treeab940bb7e966d94520bc5bf5fe74ff0b5dd0f938 /include/import.php
parentf66c6bfebfd48274c9b29cd62b1fac933c6530e4 (diff)
downloadvolse-hubzilla-110ef6201e0a3731967a662afed1606b7077d0b0.tar.gz
volse-hubzilla-110ef6201e0a3731967a662afed1606b7077d0b0.tar.bz2
volse-hubzilla-110ef6201e0a3731967a662afed1606b7077d0b0.zip
add $deliver flag to item_store() and item_store_update() [default true]. If false, do not send any notifications or process tag_deliver. This should avoid any network activity from happening as the result of a channel (actually item) import. Other minor fixes in the handling of the $allow_exec flag and further protecting CSS passed to widgets from rogue code and XSS.
Diffstat (limited to 'include/import.php')
-rw-r--r--include/import.php7
1 files changed, 4 insertions, 3 deletions
diff --git a/include/import.php b/include/import.php
index ffaea6c1a..e208c3b00 100644
--- a/include/import.php
+++ b/include/import.php
@@ -496,6 +496,8 @@ function import_items($channel,$items) {
}
}
+ $deliver = false; // Don't deliver any messages or notifications when importing
+
foreach($items as $i) {
$item = get_item_elements($i,$allow_code);
if(! $item)
@@ -509,16 +511,15 @@ function import_items($channel,$items) {
if($item['edited'] > $r[0]['edited']) {
$item['id'] = $r[0]['id'];
$item['uid'] = $channel['channel_id'];
- item_store_update($item);
+ item_store_update($item,$allow_code,$deliver);
continue;
}
}
else {
$item['aid'] = $channel['channel_account_id'];
$item['uid'] = $channel['channel_id'];
- $item_result = item_store($item);
+ $item_result = item_store($item,$allow_code,$deliver);
}
-
}
}
}