diff options
| -rw-r--r-- | mod/dirsearch.php | 10 | ||||
| -rw-r--r-- | mod/ratings.php | 9 | ||||
| -rw-r--r-- | mod/ratingsearch.php | 6 |
3 files changed, 24 insertions, 1 deletions
diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 0f4dde976..fcd72e9eb 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -12,7 +12,6 @@ function dirsearch_content(&$a) { $ret = array('success' => false); - // If you've got a public directory server, you probably shouldn't block public access $dirmode = intval(get_config('system','directory_mode')); @@ -22,6 +21,15 @@ function dirsearch_content(&$a) { json_return_and_die($ret); } + + // If you've got a public directory server, you probably shouldn't block public access + + if((get_config('system','block_public')) && (! local_channel()) && (! remote_channel())) { + $ret['message'] = 'permission denied'; + json_return_and_die($ret); + } + + if(argc() > 1 && argv(1) === 'sites') { $ret = list_public_sites(); json_return_and_die($ret); diff --git a/mod/ratings.php b/mod/ratings.php index fe7cca6e1..4b94f0e52 100644 --- a/mod/ratings.php +++ b/mod/ratings.php @@ -4,6 +4,10 @@ require_once('include/dir_fns.php'); function ratings_init(&$a) { + if((get_config('system','block_public')) && (! local_channel()) && (! remote_channel())) { + return; + } + $dirmode = intval(get_config('system','directory_mode')); $x = find_upstream_directory($dirmode); @@ -57,6 +61,11 @@ function ratings_init(&$a) { function ratings_content(&$a) { + if((get_config('system','block_public')) && (! local_channel()) && (! remote_channel())) { + notice( t('Public access denied.') . EOL); + return; + } + $poco_rating = get_config('system','poco_rating_enable'); // if unset default to enabled if($poco_rating === false) diff --git a/mod/ratingsearch.php b/mod/ratingsearch.php index 9a537bf97..558b459eb 100644 --- a/mod/ratingsearch.php +++ b/mod/ratingsearch.php @@ -12,6 +12,12 @@ function ratingsearch_init(&$a) { json_return_and_die($ret); } + if((get_config('system','block_public')) && (! local_channel()) && (! remote_channel())) { + $ret['message'] = 'permission denied'; + json_return_and_die($ret); + } + + if(argc() > 1) $hash = argv(1); |