diff options
author | friendica <info@friendica.com> | 2014-01-06 02:37:06 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-01-06 02:37:06 -0800 |
commit | 196b3022bd8759428d04d8d3bcf10c27d7c3b329 (patch) | |
tree | ba785f204e8616af5751d7303d3357c75b9d30bc /mod | |
parent | 0c85c9748096d625ae9baa29fb9aad48bab3a208 (diff) | |
parent | ae8a30273a6b787985d06fa776d1726d4427f9be (diff) | |
download | volse-hubzilla-196b3022bd8759428d04d8d3bcf10c27d7c3b329.tar.gz volse-hubzilla-196b3022bd8759428d04d8d3bcf10c27d7c3b329.tar.bz2 volse-hubzilla-196b3022bd8759428d04d8d3bcf10c27d7c3b329.zip |
Merge branch 'master' into movejs
Conflicts:
version.inc
Diffstat (limited to 'mod')
-rw-r--r-- | mod/cloud.php | 92 | ||||
-rw-r--r-- | mod/editblock.php | 1 | ||||
-rw-r--r-- | mod/editlayout.php | 1 | ||||
-rw-r--r-- | mod/editwebpage.php | 2 | ||||
-rw-r--r-- | mod/item.php | 34 |
5 files changed, 30 insertions, 100 deletions
diff --git a/mod/cloud.php b/mod/cloud.php index 106379785..a72d0f108 100644 --- a/mod/cloud.php +++ b/mod/cloud.php @@ -1,23 +1,5 @@ <?php - // This module is currently !!!HIGHLY EXPERIMENTAL!!! - // You should think twice before running this on a production server - // as security mechanisms are not yet implemented and those that - // are implemented probably don't work. - - // DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send - // basic auth over non-encrypted connections. - // One could use digest auth - but then one has to calculate the A1 digest and store it for - // all acounts. We aren't doing that. We have a stored password already. We don't need another - // one. The login unfortunately is the channel nickname (webbie) as we have no way of passing - // the destination channel to DAV. You should be able to login with your account credentials - // and be directed to your default channel. - - // This interface does not yet support Red stored files. Consider any content in your "store" - // directory to be throw-away until advised otherwise. - - - use Sabre\DAV; require_once('vendor/autoload.php'); @@ -44,64 +26,28 @@ -class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic { - - public $channel_name = ''; - public $channel_id = 0; - public $channel_hash = ''; - public $observer = ''; - - protected function validateUserPass($username, $password) { - require_once('include/auth.php'); - $record = account_verify_password($email,$pass); - if($record && $record['account_default_channel']) { - $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1", - intval($record['account_id']), - intval($record['account_default_channel']) - ); - if($r) { - $this->currentUser = $r[0]['channel_address']; - $this->channel_name = $r[0]['channel_address']; - $this->channel_id = $r[0]['channel_id']; - $this->channel_hash = $this->observer = $r[0]['channel_hash']; - return true; - } - } - $r = q("select * from channel where channel_address = '%s' limit 1", - dbesc($username) - ); - if($r) { - $x = q("select * from account where account_id = %d limit 1", - intval($r[0]['channel_account_id']) - ); - if($x) { - foreach($x as $record) { - if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) - && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) { - logger('(DAV) RedBasicAuth: password verified for ' . $username); - $this->channel_name = $r[0]['channel_address']; - $this->channel_id = $r[0]['channel_id']; - $this->channel_hash = $this->observer = $r[0]['channel_hash']; - return true; - } - } - } - } - logger('(DAV) RedBasicAuth: password failed for ' . $username); - return false; - } -} function cloud_init(&$a) { - if(! get_config('system','enable_cloud')) - killme(); - require_once('include/reddav.php'); $auth = new RedBasicAuth(); + $ob_hash = get_observer_hash(); + + if($ob_hash) { + if(local_user()) { + $channel = $a->get_channel(); + $auth->setCurrentUser($channel['channel_address']); + $auth->channel_name = $channel['channel_address']; + $auth->channel_id = $channel['channel_id']; + $auth->channel_hash = $channel['channel_hash']; + } + $auth->observer = $ob_hash; + } + + $rootDirectory = new RedDirectory('/',$auth); $server = new DAV\Server($rootDirectory); $lockBackend = new DAV\Locks\Backend\File('store/data/locks'); @@ -110,9 +56,15 @@ function cloud_init(&$a) { $server->addPlugin($lockPlugin); - $auth->Authenticate($server,'Red Matrix'); + if(! $auth->observer) + $auth->Authenticate($server,'Red Matrix'); + +// $browser = new DAV\Browser\Plugin(); + + $browser = new RedBrowser($auth); + + $auth->setBrowserPlugin($browser); - $browser = new DAV\Browser\Plugin(); $server->addPlugin($browser); diff --git a/mod/editblock.php b/mod/editblock.php index 8b5b2d16c..e8f3e90f8 100644 --- a/mod/editblock.php +++ b/mod/editblock.php @@ -111,6 +111,7 @@ function editblock_content(&$a) { $o .= replace_macros($tpl,array( '$return_path' => $rp, '$action' => 'item', + '$webpage' => ITEM_BUILDBLOCK, '$share' => t('Edit'), '$upload' => t('Upload photo'), '$attach' => t('Attach file'), diff --git a/mod/editlayout.php b/mod/editlayout.php index 542bb8357..e6be1056f 100644 --- a/mod/editlayout.php +++ b/mod/editlayout.php @@ -97,6 +97,7 @@ function editlayout_content(&$a) { $o .= replace_macros($tpl,array( '$return_path' => $rp, '$action' => 'item', + '$webpage' => ITEM_PDL, '$share' => t('Edit'), '$upload' => t('Upload photo'), '$attach' => t('Attach file'), diff --git a/mod/editwebpage.php b/mod/editwebpage.php index 00659b4b7..e1de09e37 100644 --- a/mod/editwebpage.php +++ b/mod/editwebpage.php @@ -136,7 +136,7 @@ function editwebpage_content(&$a) { $o .= replace_macros($tpl,array( '$return_path' => $rp, - '$webpage' => true, + '$webpage' => ITEM_WEBPAGE, '$placeholdpagetitle' => t('Page link title'), '$pagetitle' => $page_title, diff --git a/mod/item.php b/mod/item.php index 2c0a36d52..037c24835 100644 --- a/mod/item.php +++ b/mod/item.php @@ -44,7 +44,7 @@ function item_post(&$a) { call_hooks('post_local_start', $_REQUEST); -// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); + logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); $api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false); @@ -571,7 +571,7 @@ function item_post(&$a) { } $item_flags |= ITEM_UNSEEN; - $item_restrict |= ITEM_VISIBLE; +// $item_restrict |= ITEM_VISIBLE; if($post_type === 'wall' || $post_type === 'wall-comment') $item_flags = $item_flags | ITEM_WALL; @@ -705,6 +705,8 @@ function item_post(&$a) { item_store_update($datarray,$execflag); + update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remote_id,$mid); + proc_run('php', "include/notifier.php", 'edit_post', $post_id); if((x($_REQUEST,'return')) && strlen($return_path)) { logger('return: ' . $return_path); @@ -808,34 +810,8 @@ function item_post(&$a) { // NOTREACHED } - $page_type = ''; - - if($webpage & ITEM_WEBPAGE) - $page_type = 'WEBPAGE'; - elseif($webpage & ITEM_BUILDBLOCK) - $page_type = 'BUILDBLOCK'; - elseif($webpage & ITEM_PDL) - $page_type = 'PDL'; - elseif($namespace && $remote_id) { - $page_type = $namespace; - $pagetitle = $remote_id; - } - - if($page_type) { - // store page info as an alternate message_id so we can access it via - // https://sitename/page/$channelname/$pagetitle - // if no pagetitle was given or it couldn't be transliterated into a url, use the first - // sixteen bytes of the mid - which makes the link portable and not quite as daunting - // as the entire mid. If it were the post_id the link would be less portable. - - q("insert into item_id ( iid, uid, sid, service ) values ( %d, %d, '%s','%s' )", - intval($post_id), - intval($channel['channel_id']), - dbesc(($pagetitle) ? $pagetitle : substr($mid,0,16)), - dbesc($page_type) - ); - } + update_remote_id($channel,$post_id,$webpage,$pagetitle,$namespace,$remote_id,$mid); $datarray['id'] = $post_id; $datarray['llink'] = $a->get_baseurl() . '/display/' . $channel['channel_address'] . '/' . $post_id; |