aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--boot.php6
-rw-r--r--include/plugin.php38
-rw-r--r--include/user.php14
-rw-r--r--mod/dfrn_confirm.php2
4 files changed, 52 insertions, 8 deletions
diff --git a/boot.php b/boot.php
index 971762634..ac561edf6 100644
--- a/boot.php
+++ b/boot.php
@@ -1374,9 +1374,9 @@ if(! function_exists('proc_run')) {
if(count($args) && $args[0] === 'php')
$args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
- foreach ($args as $arg){
- $arg = escapeshellarg($arg);
- }
+ for($x = 0; $x < count($args); $x ++)
+ $args[$x] = escapeshellarg($args[$x]);
+
$cmdline = implode($args," ");
proc_close(proc_open($cmdline." &",array(),$foo));
}
diff --git a/include/plugin.php b/include/plugin.php
index c6b61ae6e..3b6faa072 100644
--- a/include/plugin.php
+++ b/include/plugin.php
@@ -316,3 +316,41 @@ function get_theme_screenshot($theme) {
}
return($a->get_baseurl() . '/images/blank.png');
}
+
+
+// check service_class restrictions. If there are no service_classes defined, everything is allowed.
+// if $usage is supplied, we check against a maximum count and return true if the current usage is
+// less than the subscriber plan allows. Otherwise we return boolean true or false if the property
+// is allowed (or not) in this subscriber plan. An unset property for this service plan means
+// the property is allowed, so it is only necessary to provide negative properties for each plan,
+// or what the subscriber is not allowed to do.
+
+
+function service_class_allows($uid,$property,$usage = false) {
+
+ if($uid == local_user()) {
+ $service_class = $a->user['service_class'];
+ }
+ else {
+ $r = q("select service_class from user where uid = %d limit 1",
+ intval($uid)
+ );
+ if($r !== false and count($r)) {
+ $service_class = $r[0]['service_class'];
+ }
+ }
+ if(! x($service_class))
+ return true; // everything is allowed
+
+ $arr = get_config('service_class',$service_class);
+ if(! is_array($arr) || (! count($arr)))
+ return true;
+
+ if($usage === false)
+ return ((x($arr[$property])) ? (bool) $arr['property'] : true);
+ else {
+ if(! array_key_exists($property,$arr))
+ return true;
+ return (((intval($usage)) < intval($arr[$property])) ? true : false);
+ }
+} \ No newline at end of file
diff --git a/include/user.php b/include/user.php
index 2477438bf..383a3b3e1 100644
--- a/include/user.php
+++ b/include/user.php
@@ -147,13 +147,18 @@ function create_user($arr) {
require_once('include/crypto.php');
- $keys = new_keypair(1024);
+ $keys = new_keypair(4096);
if($keys === false) {
$result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL;
return $result;
}
+ $default_service_class = get_config('system','default_service_class');
+ if(! $default_service_class)
+ $default_service_class = '';
+
+
$prvkey = $keys['prvkey'];
$pubkey = $keys['pubkey'];
@@ -173,8 +178,8 @@ function create_user($arr) {
$spubkey = $sres['pubkey'];
$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
- `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` )
- VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC' )",
+ `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone`, `service_class` )
+ VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC', '%s' )",
dbesc(generate_user_guid()),
dbesc($username),
dbesc($new_password_encoded),
@@ -187,7 +192,8 @@ function create_user($arr) {
dbesc($sprvkey),
dbesc(datetime_convert()),
intval($verified),
- intval($blocked)
+ intval($blocked),
+ dbesc($default_service_class)
);
if($r) {
diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 76b99cbca..8e39f5fd0 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -146,7 +146,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
*/
require_once('include/crypto.php');
- $res = new_keypair(1024);
+ $res = new_keypair(4096);
$private_key = $res['prvkey'];
$public_key = $res['pubkey'];