aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--boot.php2
-rw-r--r--include/auth.php6
-rw-r--r--include/security.php2
-rw-r--r--mod/post.php3
4 files changed, 7 insertions, 6 deletions
diff --git a/boot.php b/boot.php
index 5dddb6404..eb5d54961 100644
--- a/boot.php
+++ b/boot.php
@@ -1186,7 +1186,7 @@ if(! function_exists('local_user')) {
if(! function_exists('remote_user')) {
function remote_user() {
if((x($_SESSION,'authenticated')) && (x($_SESSION,'visitor_id')))
- return intval($_SESSION['visitor_id']);
+ return $_SESSION['visitor_id'];
return false;
}
}
diff --git a/include/auth.php b/include/auth.php
index 75a450dc8..9cdbd80d5 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -63,9 +63,9 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
info( t('Logged out.') . EOL);
goaway(z_root());
}
-
+dbg(1);
if(x($_SESSION,'visitor_id') && (! x($_SESSION,'uid'))) {
- $r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' limit 1",
+ $r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_hash = '%s' limit 1",
dbesc($_SESSION['visitor_id'])
);
if($r) {
@@ -77,7 +77,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
}
$a->set_groups(init_groups_visitor($_SESSION['visitor_id']));
}
-
+dbg(0);
if(x($_SESSION,'uid') || x($_SESSION,'account_id')) {
// already logged in user returning
diff --git a/include/security.php b/include/security.php
index 25318b3e8..f28174153 100644
--- a/include/security.php
+++ b/include/security.php
@@ -349,7 +349,7 @@ if(! function_exists('init_groups_visitor')) {
function init_groups_visitor($contact_id) {
$groups = array();
$r = q("SELECT gid FROM group_member WHERE xchan = '%s' ",
- intval($contact_id)
+ dbesc($contact_id)
);
if(count($r)) {
foreach($r as $rr)
diff --git a/mod/post.php b/mod/post.php
index 7a96bcf7a..36b2e1482 100644
--- a/mod/post.php
+++ b/mod/post.php
@@ -87,8 +87,9 @@ function post_init(&$a) {
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $x[0]['xchan_hash'];
$a->set_observer($x[0]);
+ require_once('include/security.php');
$a->set_groups(init_groups_visitor($_SESSION['visitor_id']));
- notice(sprintf( t('Welcome %s. Remote authentication successful.'),$x[0]['xchan_name']));
+ info(sprintf( t('Welcome %s. Remote authentication successful.'),$x[0]['xchan_name']));
}
}