diff options
-rw-r--r-- | include/zot.php | 117 |
1 files changed, 23 insertions, 94 deletions
diff --git a/include/zot.php b/include/zot.php index 455702b06..9a5a0898c 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1295,35 +1295,9 @@ function public_recips($msg) { $check_mentions = true; } else { + $col = 'channel_w_comment'; + $field = PERMS_W_COMMENT; - // This doesn't look like it works so I have to explain what happened. These are my - // notes (below) from when I got this section of code working. You would think that - // we only have to find those with the requisite stream or comment permissions, - // depending on whether this is a top-level post or a comment - but you would be wrong. - - // ... so public_recips and allowed_public_recips is working so much better - // than before, but was still not quite right. We seem to be getting all the right - // results for top-level posts now, but comments aren't getting through on channels - // for which we've allowed them to send us their stream, but not comment on our posts. - // The reason is we were seeing if they could comment - and we only need to do that if - // we own the post. If they own the post, we only need to check if they can send us their stream. - - // if this is a comment and it wasn't sent by the post owner, check to see who is allowing them to comment. - // We should have one specific recipient and this step shouldn't be needed unless somebody stuffed up - // their software. We may need this step to protect us from bad guys intentionally stuffing up their software. - // If it is sent by the post owner, we don't need to do this. We only need to see who is receiving the - // owner's stream (which was already set above) - as they control the comment permissions, not us. - - // Note that by doing this we introduce another bug because some public forums have channel_w_stream - // permissions set to themselves only. We also need in this function to add these public forums to the - // public recipient list based on if they are tagged or not and have tag permissions. This is complicated - // by the fact that this activity doesn't have the public forum tag. It's the parent activity that - // contains the tag. we'll solve that further below. - - if($msg['notify']['sender']['guid_sig'] != $msg['message']['owner']['guid_sig']) { - $col = 'channel_w_comment'; - $field = PERMS_W_COMMENT; - } } } elseif($msg['message']['type'] === 'mail') { @@ -1385,55 +1359,22 @@ function public_recips($msg) { // look for any public mentions on this site // They will get filtered by tgroup_check() so we don't need to check permissions now - if($check_mentions) { - // It's a top level post. Look at the tags. See if any of them are mentions and are on this hub. - if($msg['message']['tags']) { - if(is_array($msg['message']['tags']) && $msg['message']['tags']) { - foreach($msg['message']['tags'] as $tag) { - if(($tag['type'] === 'mention') && (strpos($tag['url'],z_root()) !== false)) { - $address = basename($tag['url']); - if($address) { - $z = q("select channel_hash as hash from channel where channel_address = '%s' limit 1", - dbesc($address) - ); - if($z) - $r = array_merge($r,$z); - } + if($check_mentions && $msg['message']['tags']) { + if(is_array($msg['message']['tags']) && $msg['message']['tags']) { + foreach($msg['message']['tags'] as $tag) { + if(($tag['type'] === 'mention') && (strpos($tag['url'],z_root()) !== false)) { + $address = basename($tag['url']); + if($address) { + $z = q("select channel_hash as hash from channel where channel_address = '%s' limit 1", + dbesc($address) + ); + if($z) + $r = array_merge($r,$z); } } } } } - else { - // This is a comment. We need to find any parent with ITEM_UPLINK set. But in fact, let's just return - // everybody that stored a copy of the parent. This way we know we're covered. We'll check the - // comment permissions when we deliver them. - - if($msg['message']['message_top']) { - $z = q("select owner_xchan as hash from item where parent_mid = '%s' ", - dbesc($msg['message']['message_top']), - intval(ITEM_UPLINK) - ); - if($z) - $r = array_merge($r,$z); - } - } - - // There are probably a lot of duplicates in $r at this point. We need to filter those out. - // It's a bit of work since it's a multi-dimensional array - - if($r) { - $uniq = array(); - - foreach($r as $rr) { - if(! in_array($rr['hash'],$uniq)) - $uniq[] = $rr['hash']; - } - $r = array(); - foreach($uniq as $rr) { - $r[] = array('hash' => $rr); - } - } logger('public_recips: ' . print_r($r,true), LOGGER_DATA); return $r; @@ -1444,15 +1385,8 @@ function public_recips($msg) { function allowed_public_recips($msg) { - logger('allowed_public_recips: ' . print_r($msg,true),LOGGER_DATA); - - if(array_key_exists('public_scope',$msg['message'])) - $scope = $msg['message']['public_scope']; - // Mail won't have a public scope. - // in fact, it's doubtful mail will ever get here since it almost universally - // has a recipient, but in fact we don't require this, so it's technically - // possible to send mail to anybody that's listening. + logger('allowed_public_recips: ' . print_r($msg,true),LOGGER_DATA); $recips = public_recips($msg); @@ -1462,6 +1396,11 @@ function allowed_public_recips($msg) { if($msg['message']['type'] === 'mail') return $recips; + if(array_key_exists('public_scope',$msg['message'])) + $scope = $msg['message']['public_scope']; + + $hash = make_xchan_hash($msg['notify']['sender']['guid'],$msg['notify']['sender']['guid_sig']); + if($scope === 'public' || $scope === 'network: red' || $scope === 'authenticated') return $recips; @@ -1473,17 +1412,12 @@ function allowed_public_recips($msg) { } if($scope === 'self') { - - $hash = make_xchan_hash($msg['notify']['sender']['guid'],$msg['notify']['sender']['guid_sig']); - foreach($recips as $r) if($r['hash'] === $hash) return array('hash' => $hash); } - // note: we shouldn't ever see $scope === 'specific' in this function, but handle it anyway - - if($scope === 'contacts' || $scope === 'any connections' || $scope === 'specific') { + if($scope === 'contacts') { $condensed_recips = array(); foreach($recips as $rr) $condensed_recips[] = $rr['hash']; @@ -1501,7 +1435,6 @@ function allowed_public_recips($msg) { return $results; } - return array(); } @@ -1705,13 +1638,6 @@ function process_delivery($sender,$arr,$deliveries,$relay,$public = false,$reque else { $arr['aid'] = $channel['channel_account_id']; $arr['uid'] = $channel['channel_id']; - - // if it's a sourced post, call the post_local hooks as if it were - // posted locally so that crosspost connectors will be triggered. - - if(check_item_source($arr['uid'],$arr)) - call_hooks('post_local',$arr); - $item_result = item_store($arr); $item_id = 0; if($item_result['success']) { @@ -2880,6 +2806,9 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) { if(count($clean)) { foreach($clean as $k => $v) { + if($k == 'abook_dob') + $v = dbescdate($v); + $r = dbq("UPDATE abook set " . dbesc($k) . " = '" . dbesc($v) . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id'])); } |