diff options
Diffstat (limited to 'Zotlabs/Module/Admin')
| -rw-r--r-- | Zotlabs/Module/Admin/Security.php | 61 | ||||
| -rw-r--r-- | Zotlabs/Module/Admin/Site.php | 18 |
2 files changed, 44 insertions, 35 deletions
diff --git a/Zotlabs/Module/Admin/Security.php b/Zotlabs/Module/Admin/Security.php index 16045f9ed..499572170 100644 --- a/Zotlabs/Module/Admin/Security.php +++ b/Zotlabs/Module/Admin/Security.php @@ -7,12 +7,12 @@ class Security { function post() { check_form_security_token_redirectOnErr('/admin/security', 'admin_security'); - + $allowed_email = ((x($_POST,'allowed_email')) ? notags(trim($_POST['allowed_email'])) : ''); $not_allowed_email = ((x($_POST,'not_allowed_email')) ? notags(trim($_POST['not_allowed_email'])) : ''); set_config('system','allowed_email', $allowed_email); - set_config('system','not_allowed_email', $not_allowed_email); + set_config('system','not_allowed_email', $not_allowed_email); $block_public = ((x($_POST,'block_public')) ? True : False); set_config('system','block_public',$block_public); @@ -25,22 +25,22 @@ class Security { $ws = $this->trim_array_elems(explode("\n",$_POST['whitelisted_sites'])); set_config('system','whitelisted_sites',$ws); - + $bs = $this->trim_array_elems(explode("\n",$_POST['blacklisted_sites'])); set_config('system','blacklisted_sites',$bs); - + $wc = $this->trim_array_elems(explode("\n",$_POST['whitelisted_channels'])); set_config('system','whitelisted_channels',$wc); - + $bc = $this->trim_array_elems(explode("\n",$_POST['blacklisted_channels'])); set_config('system','blacklisted_channels',$bc); - + $embed_sslonly = ((x($_POST,'embed_sslonly')) ? True : False); set_config('system','embed_sslonly',$embed_sslonly); - + $we = $this->trim_array_elems(explode("\n",$_POST['embed_allow'])); set_config('system','embed_allow',$we); - + $be = $this->trim_array_elems(explode("\n",$_POST['embed_deny'])); set_config('system','embed_deny',$be); @@ -49,47 +49,54 @@ class Security { $inline_pdf = ((x($_POST,'inline_pdf')) ? intval($_POST['inline_pdf']) : 0); set_config('system', 'inline_pdf' , $inline_pdf); - + $ts = ((x($_POST,'transport_security')) ? True : False); set_config('system','transport_security_header',$ts); $cs = ((x($_POST,'content_security')) ? True : False); set_config('system','content_security_policy',$cs); + $trusted_directory_servers = $this->trim_array_elems(explode("\n", $_POST['trusted_directory_servers'])); + set_config('system', 'trusted_directory_servers', $trusted_directory_servers); + goaway(z_root() . '/admin/security'); } - - + + function get() { - + $whitesites = get_config('system','whitelisted_sites'); $whitesites_str = ((is_array($whitesites)) ? implode("\n",$whitesites) : ''); - + $blacksites = get_config('system','blacklisted_sites'); $blacksites_str = ((is_array($blacksites)) ? implode("\n",$blacksites) : ''); - - + + $whitechannels = get_config('system','whitelisted_channels'); $whitechannels_str = ((is_array($whitechannels)) ? implode("\n",$whitechannels) : ''); - + $blackchannels = get_config('system','blacklisted_channels'); $blackchannels_str = ((is_array($blackchannels)) ? implode("\n",$blackchannels) : ''); - - + + $whiteembeds = get_config('system','embed_allow'); $whiteembeds_str = ((is_array($whiteembeds)) ? implode("\n",$whiteembeds) : ''); - + $blackembeds = get_config('system','embed_deny'); $blackembeds_str = ((is_array($blackembeds)) ? implode("\n",$blackembeds) : ''); - + + $trusted_directory_servers = get_config('system', 'trusted_directory_servers'); + $trusted_directory_servers_str = ((is_array($trusted_directory_servers)) ? implode("\n", $trusted_directory_servers) : ''); + $is_dir = (intval(get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL)) !== DIRECTORY_MODE_NORMAL); + $embed_coop = intval(get_config('system','embed_coop')); - + if((! $whiteembeds) && (! $blackembeds)) { $embedhelp1 = t("By default, unfiltered HTML is allowed in embedded media. This is inherently insecure."); } - $embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); + $embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); $embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />"); $embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked."); @@ -99,7 +106,7 @@ class Security { '$page' => t('Security'), '$form_security_token' => get_form_security_token('admin_security'), '$block_public' => array('block_public', t("Block public"), get_config('system','block_public'), t("Check to block public access to all otherwise public personal pages on this site unless you are currently authenticated.")), - '$cloud_noroot' => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ], + '$cloud_noroot' => [ 'cloud_noroot', t('Provide a cloud root directory'), 1 - intval(get_config('system','cloud_disable_siteroot')), t('The cloud root directory lists all channel names which provide public files') ], '$cloud_disksize' => [ 'cloud_disksize', t('Show total disk space available to cloud uploads'), intval(get_config('system','cloud_report_disksize')), '' ], '$transport_security' => array('transport_security', t('Set "Transport Security" HTTP header'),intval(get_config('system','transport_security_header')),''), '$content_security' => array('content_security', t('Set "Content Security Policy" HTTP header'),intval(get_config('system','content_security_policy')),''), @@ -115,6 +122,8 @@ class Security { '$thumbnail_security' => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ], '$inline_pdf' => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), get_config('system','inline_pdf',0), '' ], + '$trusted_directory_servers' => (($is_dir) ? ['trusted_directory_servers', t('Additional trusted directory server URLs'), $trusted_directory_servers_str, t('Accept directory flags (spam, nsfw) from those servers. One per line like https://example.tld')] : ''), + // '$embed_coop' => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')), '$submit' => t('Submit') @@ -124,7 +133,7 @@ class Security { function trim_array_elems($arr) { $narr = array(); - + if($arr && is_array($arr)) { for($x = 0; $x < count($arr); $x ++) { $y = trim($arr[$x]); @@ -134,6 +143,6 @@ class Security { } return $narr; } - - + + } diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 42cf064c9..b24821b28 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -67,7 +67,6 @@ class Site { $open_pubstream = ((x($_POST,'open_pubstream')) ? True : False); $login_on_homepage = ((x($_POST,'login_on_homepage')) ? True : False); $enable_context_help = ((x($_POST,'enable_context_help')) ? True : False); - $global_directory = ((x($_POST,'directory_submit_url')) ? notags(trim($_POST['directory_submit_url'])) : ''); $no_community_page = !((x($_POST,'no_community_page')) ? True : False); $default_expire_days = ((array_key_exists('default_expire_days',$_POST)) ? intval($_POST['default_expire_days']) : 0); $active_expire_days = ((array_key_exists('active_expire_days',$_POST)) ? intval($_POST['active_expire_days']) : 7); @@ -181,7 +180,7 @@ class Site { set_config('system', 'admininfo', $admininfo); } set_config('system','siteinfo',$siteinfo); - set_config('system', 'language', $language); + //set_config('system', 'language', $language); set_config('system', 'theme', $theme); // if ( $theme_mobile === '---' ) { // del_config('system', 'mobile_theme'); @@ -206,11 +205,6 @@ class Site { set_config('system','site_firehose', $site_firehose); set_config('system','open_pubstream', $open_pubstream); //set_config('system','force_queue_threshold', $force_queue); - if ($global_directory == '') { - del_config('system', 'directory_submit_url'); - } else { - set_config('system', 'directory_submit_url', $global_directory); - } set_config('system','no_community_page', $no_community_page); set_config('system','no_utf', $no_utf); @@ -283,7 +277,7 @@ class Site { } $dir_choices = null; - $dirmode = get_config('system','directory_mode'); + $dirmode = get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL); $realm = get_directory_realm(); // directory server should not be set or settable unless we are a directory client @@ -301,6 +295,12 @@ class Site { $dir_choices[$xx['site_url']] = $xx['site_url']; } } + if ($realm === DIRECTORY_REALM) { + $fallback_servers = get_directory_fallback_servers(); + foreach ($fallback_servers as $fallback_server) { + $dir_choices[$fallback_server] = $fallback_server; + } + } } /* Banner */ @@ -425,7 +425,7 @@ class Site { '$banner' => array('banner', t("Banner/Logo"), $banner, t('Unfiltered HTML/CSS/JS is allowed')), '$admininfo' => array('admininfo', t("Administrator Information"), $admininfo, t("Contact information for site administrators. Displayed on siteinfo page. BBCode can be used here")), '$siteinfo' => array('siteinfo', t('Site Information'), get_config('system','siteinfo'), t("Publicly visible description of this site. Displayed on siteinfo page. BBCode can be used here")), - '$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), + //'$language' => array('language', t("System language"), get_config('system','language'), "", $lang_choices), '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - <a href='#' id='cnftheme'>change theme settings</a>"), $theme_choices), // '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile_theme'), t("Theme for mobile devices"), $theme_choices_mobile), // '$site_channel' => array('site_channel', t("Channel to use for this website's static pages"), get_config('system','site_channel'), t("Site Channel")), |