diff options
| author | friendica <info@friendica.com> | 2014-03-26 22:05:19 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2014-03-26 22:05:19 -0700 |
| commit | 5a3903a40c508a6b5e9a90986564e5c4918223cc (patch) | |
| tree | a06da99eeb144b36b0c610f99d1236129c9f5226 /mod/network.php | |
| parent | a00c581e272af71eb064a1a29edd3334d9148d9d (diff) | |
| download | volse-hubzilla-5a3903a40c508a6b5e9a90986564e5c4918223cc.tar.gz volse-hubzilla-5a3903a40c508a6b5e9a90986564e5c4918223cc.tar.bz2 volse-hubzilla-5a3903a40c508a6b5e9a90986564e5c4918223cc.zip | |
firehose testing (network?f=&fh=1) - some possible security bugs so testing purposes only
Diffstat (limited to 'mod/network.php')
| -rw-r--r-- | mod/network.php | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/mod/network.php b/mod/network.php index 191fe55ed..4508d41be 100644 --- a/mod/network.php +++ b/mod/network.php @@ -100,6 +100,7 @@ function network_content(&$a, $update = 0, $load = false) { $spam = ((x($_GET,'spam')) ? intval($_GET['spam']) : 0); $cmin = ((x($_GET,'cmin')) ? intval($_GET['cmin']) : 0); $cmax = ((x($_GET,'cmax')) ? intval($_GET['cmax']) : 99); + $firehose = ((x($_GET,'fh')) ? intval($_GET['fh']) : 0); $file = ((x($_GET,'file')) ? $_GET['file'] : ''); @@ -218,6 +219,7 @@ function network_content(&$a, $update = 0, $load = false) { . ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '') . ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '') . ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '') + . ((x($_GET,'fh')) ? '&fh=' . $_GET['fh'] : '') . "'; var profile_page = " . $a->pager['page'] . ";</script>"; @@ -235,6 +237,7 @@ function network_content(&$a, $update = 0, $load = false) { '$liked' => (($liked) ? $liked : '0'), '$conv' => (($conv) ? $conv : '0'), '$spam' => (($spam) ? $spam : '0'), + '$fh' => (($firehose) ? $firehose : '0'), '$nouveau' => (($nouveau) ? $nouveau : '0'), '$wall' => '0', '$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0), @@ -316,6 +319,16 @@ function network_content(&$a, $update = 0, $load = false) { } + if($firehose) { + require_once('include/identity.php'); + $sys = get_sys_channel(); + $uids = " and item.uid in ( " . intval(local_user()) . "," . intval($sys['channel_id']) . ") "; + } + else { + $uids = " and item.uid = " . local_user() . " "; + } + + $simple_update = (($update) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : ''); if($load) $simple_update = ''; @@ -354,12 +367,11 @@ function network_content(&$a, $update = 0, $load = false) { $r = q("SELECT distinct item.id AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan - WHERE item.uid = %d AND item.item_restrict = 0 + WHERE true $uids AND item.item_restrict = 0 AND item.parent = item.id and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_nets + $sql_extra3 $sql_extra $sql_nets group by item.mid ORDER BY item.$ordering DESC $pager_sql ", - intval(local_user()), intval(ABOOK_FLAG_BLOCKED) ); @@ -368,10 +380,9 @@ function network_content(&$a, $update = 0, $load = false) { // update $r = q("SELECT item.parent AS item_id FROM item left join abook on item.author_xchan = abook.abook_xchan - WHERE item.uid = %d AND item.item_restrict = 0 $simple_update + WHERE true $uids AND item.item_restrict = 0 $simple_update and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null) - $sql_extra3 $sql_extra $sql_nets ", - intval(local_user()), + $sql_extra3 $sql_extra $sql_nets group by item.mid ", intval(ABOOK_FLAG_BLOCKED) ); @@ -388,10 +399,9 @@ function network_content(&$a, $update = 0, $load = false) { $parents_str = ids_to_querystr($r,'item_id'); $items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item` - WHERE `item`.`uid` = %d AND `item`.`item_restrict` = 0 + WHERE true $uids AND `item`.`item_restrict` = 0 AND `item`.`parent` IN ( %s ) - $sql_extra ", - intval(local_user()), + $sql_extra group by item.mid", dbesc($parents_str) ); |