diff options
| author | redmatrix <redmatrix@redmatrix.me> | 2015-06-08 16:55:17 -0700 |
|---|---|---|
| committer | redmatrix <redmatrix@redmatrix.me> | 2015-06-08 16:55:17 -0700 |
| commit | 39f0e6fe622b2080bede823d19b36c9961c64f1d (patch) | |
| tree | b01cc44218380bd7e55647d48a59951cf58731ce /mod | |
| parent | 5b482c1daf1774b185df1e165d04df3de21fb730 (diff) | |
| download | volse-hubzilla-39f0e6fe622b2080bede823d19b36c9961c64f1d.tar.gz volse-hubzilla-39f0e6fe622b2080bede823d19b36c9961c64f1d.tar.bz2 volse-hubzilla-39f0e6fe622b2080bede823d19b36c9961c64f1d.zip | |
add site_dead flag to prevent delivery to dead sites. Allow sys channel webpages to be viewed even if site is configured "block public".
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/page.php | 17 | ||||
| -rw-r--r-- | mod/public.php | 5 |
2 files changed, 16 insertions, 6 deletions
diff --git a/mod/page.php b/mod/page.php index 25b4d8888..648bd81fd 100644 --- a/mod/page.php +++ b/mod/page.php @@ -11,10 +11,11 @@ function page_init(&$a) { $profile = 0; profile_load($a,$which,$profile); - if($a->profile['profile_uid']) - head_set_icon($a->profile['thumb']); + if($a->profile['profile_uid']) + head_set_icon($a->profile['thumb']); + // load the item here in the init function because we need to extract // the page layout and initialise the correct theme. @@ -22,9 +23,11 @@ function page_init(&$a) { $observer = $a->get_observer(); $ob_hash = (($observer) ? $observer['xchan_hash'] : ''); - $perms = get_all_perms($a->profile['profile_uid'],$ob_hash); - if(! $perms['view_pages']) { + // perm_is_allowed is denied unconditionally when 'site blocked to unauthenticated members'. + // This bypasses that restriction for sys channel (public) content + + if((! perm_is_allowed($a->profile['profile_uid'],$ob_hash,'view_pages')) && (! is_sys_channel($a->profile['profile_uid']))) { notice( t('Permission denied.') . EOL); return; } @@ -58,6 +61,8 @@ function page_init(&$a) { require_once('include/security.php'); $sql_options = item_permissions_sql($u[0]['channel_id']); +dbg(1); + $r = q("select item.* from item left join item_id on item.id = item_id.iid where item.uid = %d and sid = '%s' and (( service = 'WEBPAGE' and item_restrict = %d ) or ( service = 'PDL' and item_restrict = %d )) $sql_options $revision limit 1", @@ -77,6 +82,8 @@ function page_init(&$a) { dbesc($page_id), intval(ITEM_WEBPAGE) ); + +dbg(0); if($x) { // Yes, it's there. You just aren't allowed to see it. notice( t('Permission denied.') . EOL); @@ -119,7 +126,7 @@ function page_content(&$a) { return; if($r[0]['item_restrict'] == ITEM_PDL) { - $r[0]['body'] = t('Ipsum Lorem'); + $r[0]['body'] = t('Lorem Ipsum'); $r[0]['mimetype'] = 'text/plain'; $r[0]['title'] = ''; diff --git a/mod/public.php b/mod/public.php index 57c12e283..1f23a1999 100644 --- a/mod/public.php +++ b/mod/public.php @@ -60,17 +60,20 @@ function public_content(&$a, $update = 0, $load = false) { } require_once('include/identity.php'); + require_once('include/security.php'); if(get_config('system','site_firehose')) { - require_once('include/security.php'); $uids = " and item.uid in ( " . stream_perms_api_uids(PERMS_PUBLIC) . " ) and item_private = 0 and (item_flags & " . intval(ITEM_WALL) . " ) > 0 "; } else { $sys = get_sys_channel(); $uids = " and item.uid = " . intval($sys['channel_id']) . " "; + $sql_extra = item_permissions_sql($sys['channel_id']); $a->data['firehose'] = intval($sys['channel_id']); } + + $page_mode = 'list'; $simple_update = (($update) ? " and item.item_unseen = 1 " : ''); |