aboutsummaryrefslogtreecommitdiffstats
path: root/mod/dirsearch.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-01-22 02:56:32 -0800
committerfriendica <info@friendica.com>2013-01-22 02:56:32 -0800
commitbeb3301d43c0d532bd6984ee745074479babdabb (patch)
treee1fb9a4ad9ef56456f6e06049053f2234ce79c63 /mod/dirsearch.php
parentbda4ca4c0d9f247675f4c241ecb0d402bb380d8f (diff)
downloadvolse-hubzilla-beb3301d43c0d532bd6984ee745074479babdabb.tar.gz
volse-hubzilla-beb3301d43c0d532bd6984ee745074479babdabb.tar.bz2
volse-hubzilla-beb3301d43c0d532bd6984ee745074479babdabb.zip
security fixes related to directory access and sites that are off the grid
Diffstat (limited to 'mod/dirsearch.php')
-rw-r--r--mod/dirsearch.php10
1 files changed, 3 insertions, 7 deletions
diff --git a/mod/dirsearch.php b/mod/dirsearch.php
index 57132519c..1dbe60499 100644
--- a/mod/dirsearch.php
+++ b/mod/dirsearch.php
@@ -14,16 +14,12 @@ function dirsearch_content(&$a) {
// If you've got a public directory server, you probably shouldn't block public access
- if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
- $ret['message'] = t('Public access denied.');
- return;
- }
$dirmode = intval(get_config('system','directory_mode'));
if($dirmode == DIRECTORY_MODE_NORMAL) {
$ret['message'] = t('This site is not a directory server');
- return;
+ json_return_and_die($ret);
}
$name = ((x($_REQUEST,'name')) ? $_REQUEST['name'] : '');
@@ -75,7 +71,7 @@ function dirsearch_content(&$a) {
// By default we return one page (default 80 items maximum) and do not count total entries
$logic = ((strlen($sql_extra)) ? 0 : 1);
-
+dbg(1);
if($limit)
$qlimit = " LIMIT $limit ";
else {
@@ -95,7 +91,7 @@ function dirsearch_content(&$a) {
$r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where $logic $sql_extra and not ( xchan_flags & %d ) $order $qlimit ",
intval(XCHAN_FLAGS_HIDDEN)
);
-
+dbg(0);
$ret['page'] = $page + 1;
$ret['records'] = count($r);