diff options
author | redmatrix <git@macgirvin.com> | 2016-08-19 17:12:48 -0700 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-08-19 17:12:48 -0700 |
commit | 9fe4bae52f0c7a84f9bfe51d960ec4e3774dfa7c (patch) | |
tree | baa658cbfc7f3bc6bb092b70df0da8561cabb5ca /include/items.php | |
parent | e4244c0cac301c63e5f69cde24c889e15500d89e (diff) | |
download | volse-hubzilla-9fe4bae52f0c7a84f9bfe51d960ec4e3774dfa7c.tar.gz volse-hubzilla-9fe4bae52f0c7a84f9bfe51d960ec4e3774dfa7c.tar.bz2 volse-hubzilla-9fe4bae52f0c7a84f9bfe51d960ec4e3774dfa7c.zip |
block backdoor delivery of bulk imported items
Diffstat (limited to 'include/items.php')
-rwxr-xr-x | include/items.php | 35 |
1 files changed, 31 insertions, 4 deletions
diff --git a/include/items.php b/include/items.php index 91110eb07..ac746c189 100755 --- a/include/items.php +++ b/include/items.php @@ -1627,8 +1627,21 @@ function item_store($arr, $allow_exec = false, $deliver = true) { $arr['commented'] = ((x($arr,'commented') !== false) ? datetime_convert('UTC','UTC',$arr['commented']) : datetime_convert()); $arr['comments_closed'] = ((x($arr,'comments_closed') !== false) ? datetime_convert('UTC','UTC',$arr['comments_closed']) : NULL_DATE); - $arr['received'] = datetime_convert(); - $arr['changed'] = datetime_convert(); + if($deliver) { + $arr['received'] = datetime_convert(); + $arr['changed'] = datetime_convert(); + } + else { + + // When deliver flag is false, we are *probably* performing an import or bulk migration. + // If one updates the changed timestamp it will be made available to zotfeed and delivery + // will still take place through backdoor methods. Since these fields are rarely used + // otherwise, just preserve the original timestamp. + + $arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert()); + $arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert()); + } + $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : ''); $arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : ''); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? notags(trim($arr['parent_mid'])) : ''); @@ -2035,8 +2048,22 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { $arr['comments_closed'] = $orig[0]['comments_closed']; $arr['commented'] = $orig[0]['commented']; - $arr['received'] = datetime_convert(); - $arr['changed'] = datetime_convert(); + + if($deliver) { + $arr['received'] = datetime_convert(); + $arr['changed'] = datetime_convert(); + } + else { + + // When deliver flag is false, we are *probably* performing an import or bulk migration. + // If one updates the changed timestamp it will be made available to zotfeed and delivery + // will still take place through backdoor methods. Since these fields are rarely used + // otherwise, just preserve the original timestamp. + + $arr['received'] = $orig[0]['received']; + $arr['changed'] = $orig[0]['changed']; + } + $arr['route'] = ((array_key_exists('route',$arr)) ? trim($arr['route']) : $orig[0]['route']); $arr['diaspora_meta'] = ((x($arr,'diaspora_meta')) ? $arr['diaspora_meta'] : $orig[0]['diaspora_meta']); $arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : $orig[0]['location']); |