icon changes, feed security improvements

2 files changed, 10 insertions, 5 deletions

diff --git a/mod/pubsub.php b/mod/pubsub.php
index df27c6bc2..5d8ea2ed7 100644
--- a/mod/pubsub.php
+++ b/mod/pubsub.php
@@ -55,7 +55,8 @@ function pubsub_init(&$a) {
 
 		$sql_extra = ((strlen($hub_verify)) ? sprintf(" AND `hub-verify` = '%s' ", dbesc($hub_verify)) : '');
 
-		$r = q("SELECT * FROM `contact` WHERE `poll` = '%s' AND `id` = %d AND `uid` = %d AND `blocked` = 0 $sql_extra LIMIT 1",
+		$r = q("SELECT * FROM `contact` WHERE `poll` = '%s' AND `id` = %d AND `uid` = %d 
+			AND `blocked` = 0 AND `pending` = 0 $sql_extra LIMIT 1",
 			dbesc($hub_topic),
 			intval($contact_id),
 			intval($owner['uid'])
@@ -101,10 +102,14 @@ function pubsub_post(&$a) {
 
 	$importer = $r[0];
 
-	$r = q("SELECT * FROM `contact` WHERE `subhub` = 1 AND `id` = %d AND `uid` = %d AND `blocked` = 0 AND `readonly` = 0 LIMIT 1",
+	$r = q("SELECT * FROM `contact` WHERE `subhub` = 1 AND `id` = %d AND `uid` = %d 
+		AND ( `rel` = %d OR `rel` = %d ) AND `blocked` = 0 AND `readonly` = 0 LIMIT 1",
 		intval($contact_id),
-		intval($importer['uid'])
+		intval($importer['uid']),
+		intval(REL_FAN),
+		intval(REL_BUD)	
 	);
+
 	if(! count($r)) {
 		logger('pubsub: no contact record - ignored');
 		hub_post_return();
diff --git a/mod/wall_upload.php b/mod/wall_upload.php
index ab06b4b2d..b5725311d 100644
--- a/mod/wall_upload.php
+++ b/mod/wall_upload.php
@@ -101,5 +101,5 @@ function wall_upload_post(&$a) {
 	echo  '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}.jpg\" alt=\"$basename\" /></a><br /><br />";
 
 	killme();
-	return; // NOTREACHED
-}
\ No newline at end of file
+	// NOTREACHED
+}