aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-04-05 21:20:23 -0700
committerredmatrix <git@macgirvin.com>2016-04-05 21:20:23 -0700
commit10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a (patch)
tree22a73f6722e18fc792a145aed37106f1e8787844 /mod
parent9fd8634b62a728e3e6047319548e5029a3d89275 (diff)
downloadvolse-hubzilla-10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a.tar.gz
volse-hubzilla-10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a.tar.bz2
volse-hubzilla-10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a.zip
add some doco to getfile module
Diffstat (limited to 'mod')
-rw-r--r--mod/getfile.php20
1 files changed, 20 insertions, 0 deletions
diff --git a/mod/getfile.php b/mod/getfile.php
index 8a8fa6465..16392f8dd 100644
--- a/mod/getfile.php
+++ b/mod/getfile.php
@@ -1,5 +1,25 @@
<?php
+/**
+ * module: getfile
+ *
+ * used for synchronising files and photos across clones
+ *
+ * The site initiating the file operation will send a sync packet to known clones.
+ * They will respond by building the DB structures they require, then will provide a
+ * post request to this site to grab the file data. This is sent as a stream direct to
+ * disk at the other end, avoiding memory issues.
+ *
+ * Since magic-auth cannot easily be used by the CURL process at the other end,
+ * we will require a signed request which includes a timestamp. This should not be
+ * used without SSL and is potentially vulnerable to replay if an attacker decrypts
+ * the SSL traffic fast enough. The amount of time slop is configurable but defaults
+ * to 3 minutes.
+ *
+ */
+
+
+
require_once('include/Contact.php');
function getfile_post(&$a) {