more snakebite stuff

1 files changed, 33 insertions, 19 deletions

diff --git a/mod/rmagic.php b/mod/rmagic.php
index b8c1c6553..093ccd328 100644
--- a/mod/rmagic.php
+++ b/mod/rmagic.php
@@ -22,31 +22,45 @@ function rmagic_init(&$a) {
 
 function rmagic_post(&$a) {
 
-	$address = $_REQUEST['address'];
-	if(strpos($address,'@') === false) {
-		notice('Invalid address.');
-		return;
-	}
+	$address = trim($_REQUEST['address']);
+	$other = intval($_REQUEST['other']);
 
-	$r = null;
-	if($address) {
-		$r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1",
-			dbesc($address)
-		);		
-	}
-	if($r) {
-		$url = $r[0]['hubloc_url'];
+	if($other) {
+		$arr = array('address' => $address);
+		call_hooks('reverse_magic_auth', $arr);		
+
+
+		// if they're still here...
+		notice( t('Authentication failed.') . EOL);		
+		return;
 	}
 	else {
-		$url = 'https://' . substr($address,strpos($address,'@')+1);
-	}	
 
-	if($url) {	
-		$dest = z_root() . '/' . str_replace('zid=','zid_=',$a->query_string);
-		goaway($url . '/magic' . '?f=&dest=' . $dest);
-	}
+		// Presumed Red identity. Perform reverse magic auth
 
+		if(strpos($address,'@') === false) {
+			notice('Invalid address.');
+			return;
+		}
 
+		$r = null;
+		if($address) {
+			$r = q("select hubloc_url from hubloc where hubloc_addr = '%s' limit 1",
+				dbesc($address)
+			);		
+		}
+		if($r) {
+			$url = $r[0]['hubloc_url'];
+		}
+		else {
+			$url = 'https://' . substr($address,strpos($address,'@')+1);
+		}	
+
+		if($url) {	
+			$dest = z_root() . '/' . str_replace('zid=','zid_=',$a->query_string);
+			goaway($url . '/magic' . '?f=&dest=' . $dest);
+		}
+	}
 }