aboutsummaryrefslogtreecommitdiffstats
path: root/include/items.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-07-31 18:57:14 -0700
committerfriendica <info@friendica.com>2013-07-31 18:57:14 -0700
commit0d22e1eefbb09b3b4e2c16845131a9db89d52a6e (patch)
tree4c2e04a598eae264a490f1b9c8eca55e4702cd2f /include/items.php
parentc00c550c58f0125785b194c9413a98e114a7ab98 (diff)
downloadvolse-hubzilla-0d22e1eefbb09b3b4e2c16845131a9db89d52a6e.tar.gz
volse-hubzilla-0d22e1eefbb09b3b4e2c16845131a9db89d52a6e.tar.bz2
volse-hubzilla-0d22e1eefbb09b3b4e2c16845131a9db89d52a6e.zip
fix some privacy leakage in logs
Diffstat (limited to 'include/items.php')
-rwxr-xr-xinclude/items.php15
1 files changed, 15 insertions, 0 deletions
diff --git a/include/items.php b/include/items.php
index 49e3dd3de..13d891736 100755
--- a/include/items.php
+++ b/include/items.php
@@ -532,6 +532,21 @@ function get_item_elements($x) {
$arr['item_private'] = ((array_key_exists('flags',$x) && is_array($x['flags']) && in_array('private',$x['flags'])) ? 1 : 0);
+ $arr['item_flags'] = 0;
+
+ // if it's a private post, encrypt it in the DB.
+ // We have to do that here because we need to cleanse the input and prevent bad stuff from getting in,
+ // and we need plaintext to do that.
+
+ if(intval($arr['item_private'])) {
+ $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED;
+ $key = get_config('system','pubkey');
+ if($arr['title'])
+ $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key));
+ if($arr['body'])
+ $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key));
+ }
+
if(array_key_exists('flags',$x) && in_array('deleted',$x['flags']))
$arr['item_restrict'] = ITEM_DELETED;