diff options
-rw-r--r-- | include/conversation.php | 4 | ||||
-rw-r--r-- | include/crypto.php | 2 | ||||
-rwxr-xr-x | include/items.php | 28 |
3 files changed, 29 insertions, 5 deletions
diff --git a/include/conversation.php b/include/conversation.php index 13990e89b..f5fc9da93 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -203,6 +203,10 @@ function localize_item(&$item){ } if (stristr($item['verb'],ACTIVITY_POKE)) { + + // FIXME for obscured private posts, until then leave untranslated + return; + $verb = urldecode(substr($item['verb'],strpos($item['verb'],'#')+1)); if(! $verb) return; diff --git a/include/crypto.php b/include/crypto.php index ca01814da..e9372fbb4 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -75,6 +75,8 @@ function aes_encapsulate($data,$pubkey) { } function crypto_unencapsulate($data,$prvkey) { + if(! $data) + return; $alg = ((array_key_exists('alg',$data)) ? $data['alg'] : 'aes256cbc'); if($alg === 'aes256cbc') return aes_unencapsulate($data,$prvkey); diff --git a/include/items.php b/include/items.php index b6a196f4a..4af544de1 100755 --- a/include/items.php +++ b/include/items.php @@ -202,11 +202,29 @@ function post_activity_item($arr) { return $ret; } - if(array_key_exists('content_type',$arr) && $arr['content_type'] == 'text/html') - $arr['body'] = purify_html($arr['body']); - else - $arr['body'] = escape_tags($arr['body']); + if(! array_key_exists('mimetype',$arr)) + $arr['mimetype'] = 'text/bbcode'; + + if(array_key_exists('item_private',$arr) && $arr['item_private']) { + + $arr['body'] = z_input_filter($arr['uid'],$arr['body'],$arr['mimetype']); + + if($channel) { + if($channel['channel_hash'] === $arr['author_xchan']) { + $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); + $arr['item_flags'] = $arr['item_flags'] | ITEM_VERIFIED; + } + } + + logger('Encrypting local storage'); + $key = get_config('system','pubkey'); + $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED; + if($arr['title']) + $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key)); + if($arr['body']) + $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key)); + } $arr['mid'] = ((x($arr,'mid')) ? $arr['mid'] : item_message_id()); $arr['parent_mid'] = ((x($arr,'parent_mid')) ? $arr['parent_mid'] : $arr['mid']); @@ -238,7 +256,7 @@ function post_activity_item($arr) { $post = item_store($arr); - if($post['result']) + if($post['success']) $post_id = $post['item_id']; if($post_id) { |