diff options
-rwxr-xr-x | include/diaspora.php | 26 | ||||
-rwxr-xr-x | include/items.php | 6 | ||||
-rw-r--r-- | mod/item.php | 6 | ||||
-rw-r--r-- | version.inc | 2 |
4 files changed, 33 insertions, 7 deletions
diff --git a/include/diaspora.php b/include/diaspora.php index 33ad4211b..77a400604 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -2371,6 +2371,24 @@ function diaspora_profile($importer,$xml,$msg) { function diaspora_share($owner,$contact) { $a = get_app(); + + $enabled = intval(get_config('system','diaspora_enabled')); + if(! $enabled) { + logger('diaspora_share: disabled'); + return; + } + + $allowed = get_pconfig($owner['channel_id'],'system','diaspora_allowed'); + if($allowed === false) + $allowed = 1; + + if(! intval($allowed)) { + logger('diaspora_share: disallowed for channel ' . $importer['channel_name']); + return; + } + + + $myaddr = $owner['channel_address'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); if(! array_key_exists('xchan_hash',$contact)) { @@ -2947,6 +2965,14 @@ function diaspora_transmit($owner,$contact,$slap,$public_batch,$queue_run=false) return 200; } + $allowed = get_pconfig($owner['channel_id'],'system','diaspora_allowed'); + if($allowed === false) + $allowed = 1; + + if(! intval($allowed)) { + return 200; + } + if($public_batch) $dest_url = $contact['hubloc_callback'] . '/public'; else diff --git a/include/items.php b/include/items.php index eb4ad1ead..229512ead 100755 --- a/include/items.php +++ b/include/items.php @@ -423,7 +423,7 @@ function post_activity_item($arr) { if(array_key_exists('item_private',$arr) && $arr['item_private']) { - $arr['body'] = z_input_filter($arr['uid'],$arr['body'],$arr['mimetype']); + $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); if($channel) { if($channel['channel_hash'] === $arr['author_xchan']) { @@ -2064,7 +2064,7 @@ function item_store($arr, $allow_exec = false) { $arr['lang'] = detect_language($arr['body']); // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = z_input_filter($arr['uid'],$arr['body'],$arr['mimetype']); + $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); if(local_channel() && (! $arr['sig'])) { $channel = get_app()->get_channel(); @@ -2461,7 +2461,7 @@ function item_store_update($arr,$allow_exec = false) { $arr['lang'] = detect_language($arr['body']); // apply the input filter here - if it is obscured it has been filtered already - $arr['body'] = z_input_filter($arr['uid'],$arr['body'],$arr['mimetype']); + $arr['body'] = trim(z_input_filter($arr['uid'],$arr['body'],$arr['mimetype'])); if(local_channel() && (! $arr['sig'])) { $channel = get_app()->get_channel(); diff --git a/mod/item.php b/mod/item.php index 3ff286268..8a73974c6 100644 --- a/mod/item.php +++ b/mod/item.php @@ -343,8 +343,8 @@ function item_post(&$a) { $coord = $orig_post['coord']; $verb = $orig_post['verb']; $app = $orig_post['app']; - $title = $_REQUEST['title']; - $body = $_REQUEST['body']; + $title = escape_tags(trim($_REQUEST['title'])); + $body = trim($_REQUEST['body']); $item_flags = $orig_post['item_flags']; // force us to recalculate if we need to obscure this post @@ -798,7 +798,7 @@ function item_post(&$a) { if(array_key_exists('item_private',$datarray) && $datarray['item_private']) { - $datarray['body'] = z_input_filter($datarray['uid'],$datarray['body'],$datarray['mimetype']); + $datarray['body'] = trim(z_input_filter($datarray['uid'],$datarray['body'],$datarray['mimetype'])); if($uid) { if($channel['channel_hash'] === $datarray['author_xchan']) { diff --git a/version.inc b/version.inc index 03a0995b5..cbaf6aa9c 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2015-06-21.1070 +2015-06-22.1071 |