aboutsummaryrefslogtreecommitdiffstats
path: root/mod/network.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-03-26 22:05:19 -0700
committerfriendica <info@friendica.com>2014-03-26 22:05:19 -0700
commit5a3903a40c508a6b5e9a90986564e5c4918223cc (patch)
treea06da99eeb144b36b0c610f99d1236129c9f5226 /mod/network.php
parenta00c581e272af71eb064a1a29edd3334d9148d9d (diff)
downloadvolse-hubzilla-5a3903a40c508a6b5e9a90986564e5c4918223cc.tar.gz
volse-hubzilla-5a3903a40c508a6b5e9a90986564e5c4918223cc.tar.bz2
volse-hubzilla-5a3903a40c508a6b5e9a90986564e5c4918223cc.zip
firehose testing (network?f=&fh=1) - some possible security bugs so testing purposes only
Diffstat (limited to 'mod/network.php')
-rw-r--r--mod/network.php28
1 files changed, 19 insertions, 9 deletions
diff --git a/mod/network.php b/mod/network.php
index 191fe55ed..4508d41be 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -100,6 +100,7 @@ function network_content(&$a, $update = 0, $load = false) {
$spam = ((x($_GET,'spam')) ? intval($_GET['spam']) : 0);
$cmin = ((x($_GET,'cmin')) ? intval($_GET['cmin']) : 0);
$cmax = ((x($_GET,'cmax')) ? intval($_GET['cmax']) : 99);
+ $firehose = ((x($_GET,'fh')) ? intval($_GET['fh']) : 0);
$file = ((x($_GET,'file')) ? $_GET['file'] : '');
@@ -218,6 +219,7 @@ function network_content(&$a, $update = 0, $load = false) {
. ((x($_GET,'cmin')) ? '&cmin=' . $_GET['cmin'] : '')
. ((x($_GET,'cmax')) ? '&cmax=' . $_GET['cmax'] : '')
. ((x($_GET,'file')) ? '&file=' . $_GET['file'] : '')
+ . ((x($_GET,'fh')) ? '&fh=' . $_GET['fh'] : '')
. "'; var profile_page = " . $a->pager['page'] . ";</script>";
@@ -235,6 +237,7 @@ function network_content(&$a, $update = 0, $load = false) {
'$liked' => (($liked) ? $liked : '0'),
'$conv' => (($conv) ? $conv : '0'),
'$spam' => (($spam) ? $spam : '0'),
+ '$fh' => (($firehose) ? $firehose : '0'),
'$nouveau' => (($nouveau) ? $nouveau : '0'),
'$wall' => '0',
'$list' => ((x($_REQUEST,'list')) ? intval($_REQUEST['list']) : 0),
@@ -316,6 +319,16 @@ function network_content(&$a, $update = 0, $load = false) {
}
+ if($firehose) {
+ require_once('include/identity.php');
+ $sys = get_sys_channel();
+ $uids = " and item.uid in ( " . intval(local_user()) . "," . intval($sys['channel_id']) . ") ";
+ }
+ else {
+ $uids = " and item.uid = " . local_user() . " ";
+ }
+
+
$simple_update = (($update) ? " and ( item.item_flags & " . intval(ITEM_UNSEEN) . " ) " : '');
if($load)
$simple_update = '';
@@ -354,12 +367,11 @@ function network_content(&$a, $update = 0, $load = false) {
$r = q("SELECT distinct item.id AS item_id FROM item
left join abook on item.author_xchan = abook.abook_xchan
- WHERE item.uid = %d AND item.item_restrict = 0
+ WHERE true $uids AND item.item_restrict = 0
AND item.parent = item.id
and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)
- $sql_extra3 $sql_extra $sql_nets
+ $sql_extra3 $sql_extra $sql_nets group by item.mid
ORDER BY item.$ordering DESC $pager_sql ",
- intval(local_user()),
intval(ABOOK_FLAG_BLOCKED)
);
@@ -368,10 +380,9 @@ function network_content(&$a, $update = 0, $load = false) {
// update
$r = q("SELECT item.parent AS item_id FROM item
left join abook on item.author_xchan = abook.abook_xchan
- WHERE item.uid = %d AND item.item_restrict = 0 $simple_update
+ WHERE true $uids AND item.item_restrict = 0 $simple_update
and ((abook.abook_flags & %d) = 0 or abook.abook_flags is null)
- $sql_extra3 $sql_extra $sql_nets ",
- intval(local_user()),
+ $sql_extra3 $sql_extra $sql_nets group by item.mid ",
intval(ABOOK_FLAG_BLOCKED)
);
@@ -388,10 +399,9 @@ function network_content(&$a, $update = 0, $load = false) {
$parents_str = ids_to_querystr($r,'item_id');
$items = q("SELECT `item`.*, `item`.`id` AS `item_id` FROM `item`
- WHERE `item`.`uid` = %d AND `item`.`item_restrict` = 0
+ WHERE true $uids AND `item`.`item_restrict` = 0
AND `item`.`parent` IN ( %s )
- $sql_extra ",
- intval(local_user()),
+ $sql_extra group by item.mid",
dbesc($parents_str)
);