diff options
author | friendica <info@friendica.com> | 2015-02-24 16:36:27 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2015-02-24 16:36:27 -0800 |
commit | 08f054130f5a57e2928e129131e7609271ec7f40 (patch) | |
tree | e4eb2166044c05f750c78fc30742835ae5294f44 /mod/regdir.php | |
parent | 11df605c2e065e123e58bd73525e7ca2113f40b8 (diff) | |
download | volse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.tar.gz volse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.tar.bz2 volse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.zip |
require access token to view, query, or join directories in private realms, if the realm is so configured.
Diffstat (limited to 'mod/regdir.php')
-rw-r--r-- | mod/regdir.php | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/mod/regdir.php b/mod/regdir.php index f24ee3951..f12659dad 100644 --- a/mod/regdir.php +++ b/mod/regdir.php @@ -18,7 +18,8 @@ function regdir_init(&$a) { $result = array('success' => false); $url = $_REQUEST['url']; - + $access_token = $_REQUEST['t']; + $valid = 0; // we probably don't need the realm as we will find out in the probe. // What we may want to die is throw an error if you're trying to register in a different realm @@ -28,6 +29,18 @@ function regdir_init(&$a) { if(! $realm) $realm = DIRECTORY_REALM; + if($realm === DIRECTORY_REALM) { + $valid = 1; + } + else { + $token = get_config('system','realm_token'); + if($token && $access_token != $token) { + $result['message'] = 'This realm requires an access token'; + return; + } + $valid = 1; + } + $dirmode = intval(get_config('system','directory_mode')); if($dirmode == DIRECTORY_MODE_NORMAL) { @@ -56,14 +69,25 @@ function regdir_init(&$a) { } } + q("update site set site_valid = %d where site_url = '%s' limit 1", + intval($valid), + strtolower($url) + ); + json_return_and_die($result); } else { + + // We can put this in the sql without the condition after 31 march 2015 assuming + // most directory servers will have updated by then + // This just makes sure it happens if I forget + + $sql_extra = ((datetime_convert() > datetime_convert('UTC','UTC','2015-03-31')) ? ' and site_valid = 1 ' : '' ); if($dirmode == DIRECTORY_MODE_STANDALONE) { $r = array(array('site_url' => z_root())); } else { - $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s'", + $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' $sql_extra ", dbesc(get_directory_realm()) ); } |