diff options
| author | redmatrix <git@macgirvin.com> | 2016-05-11 17:18:17 -0700 |
|---|---|---|
| committer | redmatrix <git@macgirvin.com> | 2016-05-11 17:18:17 -0700 |
| commit | 32ad8bbaaca32679847931c7cbd6fa3fca67dcba (patch) | |
| tree | 0f8b36dc7b46fba358f697caf1c973d383735f74 /include | |
| parent | 4dd3839c41e18d9724855e7955d8737b6f52dcd6 (diff) | |
| download | volse-hubzilla-32ad8bbaaca32679847931c7cbd6fa3fca67dcba.tar.gz volse-hubzilla-32ad8bbaaca32679847931c7cbd6fa3fca67dcba.tar.bz2 volse-hubzilla-32ad8bbaaca32679847931c7cbd6fa3fca67dcba.zip | |
Ensure that channels can't be created with DAV reserved paths as a redress. Sabre mentions in several places that trying to change these paths to other strings; while possible - is unsupported and likely to cause problems. So for now, we're stuck with 'principals', 'addressbooks', and 'calendars'. If you already have these redresses on your site, you're basically buggered.
Diffstat (limited to 'include')
| -rw-r--r-- | include/import.php | 10 | ||||
| -rw-r--r-- | include/text.php | 16 |
2 files changed, 22 insertions, 4 deletions
diff --git a/include/import.php b/include/import.php index 321f275b1..98c70fa19 100644 --- a/include/import.php +++ b/include/import.php @@ -9,15 +9,19 @@ function import_channel($channel, $account_id, $seize) { $channel['channel_removed'] = (($channel['channel_pageflags'] & 0x8000) ? 1 : 0); } + // Ignore the hash provided and re-calculate + + $channel['channel_hash'] = make_xchan_hash($channel['channel_guid'],$channel['channel_guid_sig']); + + // Check for duplicate channels + $r = q("select * from channel where (channel_guid = '%s' or channel_hash = '%s' or channel_address = '%s' ) limit 1", dbesc($channel['channel_guid']), dbesc($channel['channel_hash']), dbesc($channel['channel_address']) ); - // We should probably also verify the hash - - if($r) { + if(($r) || (check_webbie(array($channel['channel_hash'])) !== $channel['channel_hash'])) { if($r[0]['channel_guid'] === $channel['channel_guid'] || $r[0]['channel_hash'] === $channel['channel_hash']) { logger('mod_import: duplicate channel. ', print_r($channel,true)); notice( t('Cannot create a duplicate channel identifier on this system. Import failed.') . EOL); diff --git a/include/text.php b/include/text.php index a2c0a3209..3f2e85fc8 100644 --- a/include/text.php +++ b/include/text.php @@ -2025,7 +2025,7 @@ function check_webbie($arr) { if(strlen($reservechan)) $taken = explode(',', $reservechan); else - $taken = array(); + $taken = array('principals','addressbooks','calendars'); $str = ''; if(count($arr)) { @@ -2057,6 +2057,20 @@ function check_webbie($arr) { return ''; } +function ids_to_array($arr,$idx = 'id') { + $t = array(); + if($arr) { + foreach($arr as $x) { + if(! in_array($x[$idx],$t)) { + $t[] = $x[$idx]; + } + } + } + return($t); +} + + + function ids_to_querystr($arr,$idx = 'id') { $t = array(); |