aboutsummaryrefslogtreecommitdiffstats
path: root/mod/regdir.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2015-02-24 16:36:27 -0800
committerfriendica <info@friendica.com>2015-02-24 16:36:27 -0800
commit08f054130f5a57e2928e129131e7609271ec7f40 (patch)
treee4eb2166044c05f750c78fc30742835ae5294f44 /mod/regdir.php
parent11df605c2e065e123e58bd73525e7ca2113f40b8 (diff)
downloadvolse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.tar.gz
volse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.tar.bz2
volse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.zip
require access token to view, query, or join directories in private realms, if the realm is so configured.
Diffstat (limited to 'mod/regdir.php')
-rw-r--r--mod/regdir.php28
1 files changed, 26 insertions, 2 deletions
diff --git a/mod/regdir.php b/mod/regdir.php
index f24ee3951..f12659dad 100644
--- a/mod/regdir.php
+++ b/mod/regdir.php
@@ -18,7 +18,8 @@ function regdir_init(&$a) {
$result = array('success' => false);
$url = $_REQUEST['url'];
-
+ $access_token = $_REQUEST['t'];
+ $valid = 0;
// we probably don't need the realm as we will find out in the probe.
// What we may want to die is throw an error if you're trying to register in a different realm
@@ -28,6 +29,18 @@ function regdir_init(&$a) {
if(! $realm)
$realm = DIRECTORY_REALM;
+ if($realm === DIRECTORY_REALM) {
+ $valid = 1;
+ }
+ else {
+ $token = get_config('system','realm_token');
+ if($token && $access_token != $token) {
+ $result['message'] = 'This realm requires an access token';
+ return;
+ }
+ $valid = 1;
+ }
+
$dirmode = intval(get_config('system','directory_mode'));
if($dirmode == DIRECTORY_MODE_NORMAL) {
@@ -56,14 +69,25 @@ function regdir_init(&$a) {
}
}
+ q("update site set site_valid = %d where site_url = '%s' limit 1",
+ intval($valid),
+ strtolower($url)
+ );
+
json_return_and_die($result);
}
else {
+
+ // We can put this in the sql without the condition after 31 march 2015 assuming
+ // most directory servers will have updated by then
+ // This just makes sure it happens if I forget
+
+ $sql_extra = ((datetime_convert() > datetime_convert('UTC','UTC','2015-03-31')) ? ' and site_valid = 1 ' : '' );
if($dirmode == DIRECTORY_MODE_STANDALONE) {
$r = array(array('site_url' => z_root()));
}
else {
- $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s'",
+ $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' $sql_extra ",
dbesc(get_directory_realm())
);
}