diff options
| author | friendica <info@friendica.com> | 2013-08-01 18:50:36 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2013-08-01 18:50:36 -0700 |
| commit | 222fe08420802f7eacd4a544953f507d536c3fb8 (patch) | |
| tree | 26a031f9a1c066402a7a0d475e3429830e291707 /include | |
| parent | 6197f945adb62da9d1aeb2a8f4058ed4651fa3b6 (diff) | |
| download | volse-hubzilla-222fe08420802f7eacd4a544953f507d536c3fb8.tar.gz volse-hubzilla-222fe08420802f7eacd4a544953f507d536c3fb8.tar.bz2 volse-hubzilla-222fe08420802f7eacd4a544953f507d536c3fb8.zip | |
ensure that no unencrypted content leaks through item_store which is private - we typically do this in mod/item, but some functions
bypass mod/item to create private posts
Diffstat (limited to 'include')
| -rw-r--r-- | include/ItemObject.php | 2 | ||||
| -rwxr-xr-x | include/items.php | 33 | ||||
| -rwxr-xr-x | include/text.php | 2 |
3 files changed, 26 insertions, 11 deletions
diff --git a/include/ItemObject.php b/include/ItemObject.php index b31e60cbc..8c8c0ee2a 100644 --- a/include/ItemObject.php +++ b/include/ItemObject.php @@ -262,7 +262,7 @@ class Item extends BaseObject { } } - $result['private'] = $item['private']; + $result['private'] = $item['item_private']; $result['toplevel'] = ($this->is_toplevel() ? 'toplevel_item' : ''); if($this->is_threaded()) { diff --git a/include/items.php b/include/items.php index 13d891736..b1ec3b14f 100755 --- a/include/items.php +++ b/include/items.php @@ -1356,18 +1356,33 @@ function item_store($arr,$force_parent = false) { if(array_key_exists('parent',$arr)) unset($arr['parent']); - $arr['lang'] = detect_language($arr['body']); - $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); + // only detect language if we have text content, and if the post is private but not yet + // obscured, make it so. + + if(! ($arr['item_flags'] & ITEM_OBSCURED)) { + $arr['lang'] = detect_language($arr['body']); + + $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); - if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { - $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); - call_hooks('item_translate', $translate); - if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { - logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); - return; + if((is_array($allowed_languages)) && ($arr['lang']) && (! array_key_exists($arr['lang'],$allowed_languages))) { + $translate = array('item' => $arr, 'from' => $arr['lang'], 'to' => $allowed_languages, 'translated' => false); + call_hooks('item_translate', $translate); + if((! $translate['translated']) && (intval(get_pconfig($arr['uid'],'system','reject_disallowed_languages')))) { + logger('item_store: language ' . $arr['lang'] . ' not accepted for uid ' . $arr['uid']); + return; + } + $arr = $translate['item']; } - $arr = $translate['item']; + if($arr['item_private']) { + $key = get_config('system','pubkey'); + $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED; + if($arr['title']) + $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key)); + if($arr['body']) + $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key)); + } + } // Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin. diff --git a/include/text.php b/include/text.php index 890355aea..66fa668a9 100755 --- a/include/text.php +++ b/include/text.php @@ -1258,7 +1258,7 @@ function feed_salmonlinks($nick) { function get_plink($item) { $a = get_app(); - if (x($item,'plink') && ($item['private'] != 1)) { + if (x($item,'plink') && ($item['item_private'] != 1)) { return array( 'href' => $item['plink'], 'title' => t('link to source'), |