diff options
-rw-r--r-- | include/nav.php | 6 | ||||
-rw-r--r-- | index.php | 3 | ||||
-rw-r--r-- | mod/dfrn_notify.php | 2 | ||||
-rw-r--r-- | mod/notifications.php | 2 | ||||
-rw-r--r-- | mod/ping.php | 4 | ||||
-rw-r--r-- | mod/register.php | 11 | ||||
-rw-r--r-- | view/jot_geotag.tpl | 2 | ||||
-rw-r--r-- | view/theme/duepuntozero/style.css | 4 |
8 files changed, 28 insertions, 6 deletions
diff --git a/include/nav.php b/include/nav.php index 74b4defc3..1bde702be 100644 --- a/include/nav.php +++ b/include/nav.php @@ -15,8 +15,12 @@ $a->page['nav'] .= "<span id=\"nav-link-wrapper\" >\r\n"; + // This should take you home from a remote profile connection + + $homelink = ((x($_SESSION,'visitor_home')) ? $_SESSION['visitor_home'] : ''); + if(($a->module != 'home') && (! (local_user()))) - $a->page['nav'] .= '<a id="nav-home-link" class="nav-commlink" href="">' . t('Home') . "</a>\r\n"; + $a->page['nav'] .= '<a id="nav-home-link" class="nav-commlink" href="' . $homelink . '">' . t('Home') . "</a>\r\n"; if(($a->config['register_policy'] == REGISTER_OPEN) && (! local_user()) && (! remote_user())) $a->page['nav'] .= '<a id="nav-register-link" class="nav-commlink" href="register" >' . t('Register') . "</a>\r\n"; @@ -183,6 +183,9 @@ elseif(local_user()) if(isset($homebase)) $a->page['content'] .= '<script>var homebase="' . $homebase . '" ; </script>'; +// now that we've been through the module content, see if the page reported +// a permission problem and if so, a 403 response would seem to be in order. + if(stristr($_SESSION['sysmsg'], t('Permission denied'))) { header($_SERVER["SERVER_PROTOCOL"] . ' 403 ' . t('Permission denied.')); } diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index e4aabba5a..49356d358 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -363,7 +363,7 @@ function dfrn_notify_post(&$a) { '$username' => $importer['username'], '$email' => $importer['email'], '$from' => $from, - '$display' => $a->get_baseurl() . '/display/' . $r, + '$display' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $r, '$body' => strip_tags(bbcode(stripslashes($datarray['body']))) )); diff --git a/mod/notifications.php b/mod/notifications.php index c425d092e..ef7202363 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -126,7 +126,7 @@ function notifications_content(&$a) { else notice( t('No notifications.') . EOL); - if ($a->config['register_policy'] = REGISTER_APPROVE && + if ($a->config['register_policy'] == REGISTER_APPROVE && $a->config['admin_email'] === $a->user['email']){ $o .= load_view_file('view/registrations-top.tpl'); diff --git a/mod/ping.php b/mod/ping.php index 00c4a3105..cb067f3fe 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -25,8 +25,8 @@ function ping_init(&$a) { ); $intro = $r[0]['total']; - if ($a->config['register_policy'] = REGISTER_APPROVE && - $a->config['admin_email'] = $a->user['email']){ + if ($a->config['register_policy'] == REGISTER_APPROVE && + $a->config['admin_email'] === $a->user['email']){ $r = q("SELECT COUNT(*) AS `total` FROM `register`"); $register = $r[0]['total']; } else { diff --git a/mod/register.php b/mod/register.php index 68c7297c9..fcc9ebcab 100644 --- a/mod/register.php +++ b/mod/register.php @@ -37,8 +37,13 @@ function register_post(&$a) { $openid_url = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : ''); $photo = ((x($_POST,'photo')) ? notags(trim($_POST['photo'])) : ''); + $tmp_str = $openid_url; if((! x($username)) || (! x($email)) || (! x($nickname))) { if($openid_url) { + if(! validate_url($tmp_str)) { + notice( t('Invalid OpenID url') . EOL); + return; + } $_SESSION['register'] = 1; $_SESSION['openid'] = $openid_url; require_once('library/openid.php'); @@ -82,6 +87,12 @@ function register_post(&$a) { if((! valid_email($email)) || (! validate_email($email))) $err .= t('Not a valid email address.') . EOL; + // Disallow somebody creating an account using openid that uses the admin email address, + // since openid bypasses email verification. + + if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) + $err .= t('Cannot use that email.') . EOL; + $nickname = $_POST['nickname'] = strtolower($nickname); if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname)) diff --git a/view/jot_geotag.tpl b/view/jot_geotag.tpl index 4145c3111..b0f71e73b 100644 --- a/view/jot_geotag.tpl +++ b/view/jot_geotag.tpl @@ -1,7 +1,7 @@ if(navigator.geolocation) { navigator.geolocation.getCurrentPosition(function(position) { - $('#jot-coord').val(position.coords.latitude + position.coords.longitude); + $('#jot-coord').val(position.coords.latitude + ' ' + position.coords.longitude); $('#profile-nolocation-wrapper').show(); }); } diff --git a/view/theme/duepuntozero/style.css b/view/theme/duepuntozero/style.css index dafc24360..72e0be00c 100644 --- a/view/theme/duepuntozero/style.css +++ b/view/theme/duepuntozero/style.css @@ -1826,3 +1826,7 @@ a.mail-list-link { /* end from defautlt */ +.fn { + padding: 0px 0px 5px 0px; + font-size: 120%; +}
\ No newline at end of file |