diff options
author | Mike Macgirvin <mike@macgirvin.com> | 2010-08-05 02:57:03 -0700 |
---|---|---|
committer | Mike Macgirvin <mike@macgirvin.com> | 2010-08-05 02:57:03 -0700 |
commit | 40a06771ff2a22f3801dfe174ca318cf4f67c1b1 (patch) | |
tree | 118bb7d76726b68d2155229b8039170e5c500d9e /mod | |
parent | b294ff63024da5629a0d7b6f66aaa9af6d1dd400 (diff) | |
download | volse-hubzilla-40a06771ff2a22f3801dfe174ca318cf4f67c1b1.tar.gz volse-hubzilla-40a06771ff2a22f3801dfe174ca318cf4f67c1b1.tar.bz2 volse-hubzilla-40a06771ff2a22f3801dfe174ca318cf4f67c1b1.zip |
reciprocal verification on notify, poll
Diffstat (limited to 'mod')
-rw-r--r-- | mod/dfrn_notify.php | 9 | ||||
-rw-r--r-- | mod/dfrn_poll.php | 10 | ||||
-rw-r--r-- | mod/regmod.php | 2 |
3 files changed, 18 insertions, 3 deletions
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 38756f724..5655977e5 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -253,7 +253,14 @@ function dfrn_notify_content(&$a) { openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); $challenge = bin2hex($challenge); - echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_notify><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>' + + $encrypted_id = ''; + $id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999); + + openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + $encrypted_id = bin2hex($encrypted_id); + + echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_notify><status>' .$status . '</status><dfrn_id>' . $encrypted_id . '</dfrn_id>' . '<challenge>' . $challenge . '</challenge></dfrn_notify>' . "\r\n" ; session_write_close(); exit; diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index dadcd3148..8d93700d6 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -174,7 +174,15 @@ function dfrn_poll_content(&$a) { openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); $challenge = bin2hex($challenge); - echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>' + + $encrypted_id = ''; + $id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999); + + openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + $encrypted_id = bin2hex($encrypted_id); + + + echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $encrypted_id . '</dfrn_id>' . '<challenge>' . $challenge . '</challenge></dfrn_poll>' . "\r\n" ; session_write_close(); exit; diff --git a/mod/regmod.php b/mod/regmod.php index f2c3cb807..f03c2a3fe 100644 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -6,7 +6,7 @@ function regmod_content(&$a) { if(! local_user()) { notice( t('Please login.') . EOL); - $o = login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1); + $o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1); return $o; } |