aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/nav.php6
-rw-r--r--index.php3
-rw-r--r--mod/dfrn_notify.php2
-rw-r--r--mod/notifications.php2
-rw-r--r--mod/ping.php4
-rw-r--r--mod/register.php11
-rw-r--r--view/jot_geotag.tpl2
-rw-r--r--view/theme/duepuntozero/style.css4
8 files changed, 28 insertions, 6 deletions
diff --git a/include/nav.php b/include/nav.php
index 74b4defc3..1bde702be 100644
--- a/include/nav.php
+++ b/include/nav.php
@@ -15,8 +15,12 @@
$a->page['nav'] .= "<span id=\"nav-link-wrapper\" >\r\n";
+ // This should take you home from a remote profile connection
+
+ $homelink = ((x($_SESSION,'visitor_home')) ? $_SESSION['visitor_home'] : '');
+
if(($a->module != 'home') && (! (local_user())))
- $a->page['nav'] .= '<a id="nav-home-link" class="nav-commlink" href="">' . t('Home') . "</a>\r\n";
+ $a->page['nav'] .= '<a id="nav-home-link" class="nav-commlink" href="' . $homelink . '">' . t('Home') . "</a>\r\n";
if(($a->config['register_policy'] == REGISTER_OPEN) && (! local_user()) && (! remote_user()))
$a->page['nav'] .= '<a id="nav-register-link" class="nav-commlink" href="register" >'
. t('Register') . "</a>\r\n";
diff --git a/index.php b/index.php
index 456c0a144..38684a00a 100644
--- a/index.php
+++ b/index.php
@@ -183,6 +183,9 @@ elseif(local_user())
if(isset($homebase))
$a->page['content'] .= '<script>var homebase="' . $homebase . '" ; </script>';
+// now that we've been through the module content, see if the page reported
+// a permission problem and if so, a 403 response would seem to be in order.
+
if(stristr($_SESSION['sysmsg'], t('Permission denied'))) {
header($_SERVER["SERVER_PROTOCOL"] . ' 403 ' . t('Permission denied.'));
}
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index e4aabba5a..49356d358 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -363,7 +363,7 @@ function dfrn_notify_post(&$a) {
'$username' => $importer['username'],
'$email' => $importer['email'],
'$from' => $from,
- '$display' => $a->get_baseurl() . '/display/' . $r,
+ '$display' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $r,
'$body' => strip_tags(bbcode(stripslashes($datarray['body'])))
));
diff --git a/mod/notifications.php b/mod/notifications.php
index c425d092e..ef7202363 100644
--- a/mod/notifications.php
+++ b/mod/notifications.php
@@ -126,7 +126,7 @@ function notifications_content(&$a) {
else
notice( t('No notifications.') . EOL);
- if ($a->config['register_policy'] = REGISTER_APPROVE &&
+ if ($a->config['register_policy'] == REGISTER_APPROVE &&
$a->config['admin_email'] === $a->user['email']){
$o .= load_view_file('view/registrations-top.tpl');
diff --git a/mod/ping.php b/mod/ping.php
index 00c4a3105..cb067f3fe 100644
--- a/mod/ping.php
+++ b/mod/ping.php
@@ -25,8 +25,8 @@ function ping_init(&$a) {
);
$intro = $r[0]['total'];
- if ($a->config['register_policy'] = REGISTER_APPROVE &&
- $a->config['admin_email'] = $a->user['email']){
+ if ($a->config['register_policy'] == REGISTER_APPROVE &&
+ $a->config['admin_email'] === $a->user['email']){
$r = q("SELECT COUNT(*) AS `total` FROM `register`");
$register = $r[0]['total'];
} else {
diff --git a/mod/register.php b/mod/register.php
index 68c7297c9..fcc9ebcab 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -37,8 +37,13 @@ function register_post(&$a) {
$openid_url = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
$photo = ((x($_POST,'photo')) ? notags(trim($_POST['photo'])) : '');
+ $tmp_str = $openid_url;
if((! x($username)) || (! x($email)) || (! x($nickname))) {
if($openid_url) {
+ if(! validate_url($tmp_str)) {
+ notice( t('Invalid OpenID url') . EOL);
+ return;
+ }
$_SESSION['register'] = 1;
$_SESSION['openid'] = $openid_url;
require_once('library/openid.php');
@@ -82,6 +87,12 @@ function register_post(&$a) {
if((! valid_email($email)) || (! validate_email($email)))
$err .= t('Not a valid email address.') . EOL;
+ // Disallow somebody creating an account using openid that uses the admin email address,
+ // since openid bypasses email verification.
+
+ if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url))
+ $err .= t('Cannot use that email.') . EOL;
+
$nickname = $_POST['nickname'] = strtolower($nickname);
if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname))
diff --git a/view/jot_geotag.tpl b/view/jot_geotag.tpl
index 4145c3111..b0f71e73b 100644
--- a/view/jot_geotag.tpl
+++ b/view/jot_geotag.tpl
@@ -1,7 +1,7 @@
if(navigator.geolocation) {
navigator.geolocation.getCurrentPosition(function(position) {
- $('#jot-coord').val(position.coords.latitude + position.coords.longitude);
+ $('#jot-coord').val(position.coords.latitude + ' ' + position.coords.longitude);
$('#profile-nolocation-wrapper').show();
});
}
diff --git a/view/theme/duepuntozero/style.css b/view/theme/duepuntozero/style.css
index dafc24360..72e0be00c 100644
--- a/view/theme/duepuntozero/style.css
+++ b/view/theme/duepuntozero/style.css
@@ -1826,3 +1826,7 @@ a.mail-list-link {
/* end from defautlt */
+.fn {
+ padding: 0px 0px 5px 0px;
+ font-size: 120%;
+} \ No newline at end of file