diff options
Diffstat (limited to 'Zotlabs/Module/Hq.php')
-rw-r--r-- | Zotlabs/Module/Hq.php | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 8c126d154..4e9e75357 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -31,7 +31,12 @@ class Hq extends \Zotlabs\Web\Controller { } if(isset($_REQUEST['mid'])) { - $item_hash = $_REQUEST['mid']; + $item_hash = unpack_link_id($_REQUEST['mid']); + } + + if($item_hash === false) { + notice(t('Malformed message id.') . EOL); + return; } $item_normal = item_normal(); @@ -45,18 +50,12 @@ class Hq extends \Zotlabs\Web\Controller { intval(local_channel()) ); if($r[0]['mid']) { - $item_hash = 'b64.' . base64url_encode($r[0]['mid']); + $item_hash = $r[0]['mid']; } } if($item_hash) { - if(strpos($item_hash,'b64.') === 0) - $decoded = @base64url_decode(substr($item_hash,4)); - - if($decoded) - $item_hash = $decoded; - $target_item = null; $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1", @@ -124,10 +123,10 @@ class Hq extends \Zotlabs\Web\Controller { if($target_item) { // if the target item is not a post (eg a like) we want to address its thread parent //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); - $mid = $target_item['mid']; + // if we got a decoded hash we must encode it again before handing to javascript - if($decoded) - $mid = 'b64.' . base64url_encode($mid); + $mid = gen_link_id($target_item['mid']); + } else { $mid = ''; |