diff options
| author | habeascodice <habeascodice@federated.social> | 2014-10-09 20:47:29 -0700 |
|---|---|---|
| committer | habeascodice <habeascodice@federated.social> | 2014-10-09 20:47:29 -0700 |
| commit | 328ed8bb1b5f73626a032091a78609aea312f5ae (patch) | |
| tree | 1cb3dc14a29e42ce31ef9c4733b085dd7d410181 /include | |
| parent | 1b0b847fc80827022c513a74a7fa817c7d640da0 (diff) | |
| parent | c78227292709f8f36206c7234dbf3548e476d442 (diff) | |
| download | volse-hubzilla-328ed8bb1b5f73626a032091a78609aea312f5ae.tar.gz volse-hubzilla-328ed8bb1b5f73626a032091a78609aea312f5ae.tar.bz2 volse-hubzilla-328ed8bb1b5f73626a032091a78609aea312f5ae.zip | |
Merge remote branch 'upstream/master'
Diffstat (limited to 'include')
| -rw-r--r-- | include/apps.php | 5 | ||||
| -rw-r--r-- | include/bb2diaspora.php | 12 | ||||
| -rwxr-xr-x | include/items.php | 12 | ||||
| -rw-r--r-- | include/nav.php | 2 | ||||
| -rw-r--r-- | include/zot.php | 36 |
5 files changed, 50 insertions, 17 deletions
diff --git a/include/apps.php b/include/apps.php index 91012b0ef..cd0c2984e 100644 --- a/include/apps.php +++ b/include/apps.php @@ -11,7 +11,10 @@ require_once('include/identity.php'); function get_system_apps() { $ret = array(); - $files = glob('app/*.apd'); + if(is_dir('apps')) + $files = glob('apps/*.apd'); + else + $files = glob('app/*.apd'); if($files) { foreach($files as $f) { $x = parse_app_description($f); diff --git a/include/bb2diaspora.php b/include/bb2diaspora.php index 65f4311a0..a80b3343b 100644 --- a/include/bb2diaspora.php +++ b/include/bb2diaspora.php @@ -263,8 +263,15 @@ function bb2dmention_callback($match) { function bb2diaspora_itemwallwall(&$item) { + $author_exists = true; if(! array_key_exists('author',$item)) { + $author_exists = false; logger('bb2diaspora_itemwallwall: no author'); + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($item['author_xchan']) + ); + if($r) + $item['author'] = $r[0]; } if(($item['mid'] == $item['parent_mid']) && ($item['author_xchan'] != $item['owner_xchan']) && (is_array($item['author']))) { @@ -279,6 +286,11 @@ function bb2diaspora_itemwallwall(&$item) { . '[url=' . $item['author']['xchan_url'] . ']' . $item['author']['xchan_name'] . '[/url]' . "\n\n" . $item['body']; } + // $item['author'] might cause a surprise further down the line if it wasn't expected to be here. + + if(! $author_exists) + $unset($item['author']); + } diff --git a/include/items.php b/include/items.php index c9810bb7c..a930a7c3e 100755 --- a/include/items.php +++ b/include/items.php @@ -2522,12 +2522,6 @@ function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id) // since Diaspora doesn't handle edits we can only do this for the original text and not update it. - $enabled = intval(get_config('system','diaspora_enabled')); - if(! $enabled) { - logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG); - return; - } - require_once('include/bb2diaspora.php'); $signed_body = bb2diaspora_itembody($datarray); @@ -2552,12 +2546,6 @@ function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id) intval($post_id) ); - $r = q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", - intval($post_id), - dbesc($signed_text), - dbesc(base64_encode($authorsig)), - dbesc($diaspora_handle) - ); if(! $r) logger('store_diaspora_comment_sig: DB write failed'); diff --git a/include/nav.php b/include/nav.php index 7c9abce49..4f7d609aa 100644 --- a/include/nav.php +++ b/include/nav.php @@ -130,7 +130,7 @@ EOT; if($observer) { $userinfo = array( - 'icon' => $observer['xchan_photo_m'], + 'icon' => $observer['xchan_photo_s'], 'name' => $observer['xchan_addr'], ); } diff --git a/include/zot.php b/include/zot.php index 3d59f00f3..9ea92aed8 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1402,6 +1402,7 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) { $perm = (($arr['mid'] == $arr['parent_mid']) ? 'send_stream' : 'post_comments'); + // This is our own post, possibly coming from a channel clone if($arr['owner_xchan'] == $d['hash']) { @@ -1420,6 +1421,30 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) { continue; } + if(($arr['mid'] != $arr['parent_mid']) && (! $relay)) { + + // check source route. + // We are only going to accept comments from this sender if the comment has the same route as the top-level-post, + // this is so that permissions mismatches between senders apply to the entire conversation + // As a side effect we will also do a preliminary check that we have the top-level-post, otherwise + // processing it is pointless. + + $r = q("select route from item where mid = '%s' and uid = %d limit 1", + dbesc($arr['parent_mid']), + intval($channel['channel_id']) + ); + if(! $r) { + $result[] = array($d['hash'],'comment parent not found',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); + continue; + } + $current_route = (($arr['route']) ? $arr['route'] . ',' : '') . $sender['hash']; + + if($r[0]['route'] != $current_route) { + $result[] = array($d['hash'],'comment route mismatch',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); + continue; + } + } + if($arr['item_restrict'] & ITEM_DELETED) { // remove_community_tag is a no-op if this isn't a community tag activity @@ -1446,8 +1471,11 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) { $arr['id'] = $r[0]['id']; $arr['uid'] = $channel['channel_id']; update_imported_item($sender,$arr,$channel['channel_id']); - } - $result[] = array($d['hash'],'updated',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); + $result[] = array($d['hash'],'updated',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); + } + else { + $result[] = array($d['hash'],'update ignored',$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); + } $item_id = $r[0]['id']; } else { @@ -1459,7 +1487,9 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false) { $item_id = $item_result['item_id']; $parr = array('item_id' => $item_id,'item' => $arr,'sender' => $sender,'channel' => $channel); call_hooks('activity_received',$parr); - add_source_route($item_id,$sender['hash']); + // don't add a source route if it's a relay or later recipients will get a route mismatch + if(! $relay) + add_source_route($item_id,$sender['hash']); } $result[] = array($d['hash'],(($item_id) ? 'posted' : 'storage failed:' . $item_result['message']),$channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>',$arr['mid']); } |