diff options
Diffstat (limited to 'Zotlabs/Web')
| -rw-r--r-- | Zotlabs/Web/HTTPSig.php | 16 | ||||
| -rw-r--r-- | Zotlabs/Web/SessionHandler.php | 18 |
2 files changed, 23 insertions, 11 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 7da9acabf..a7a59b8cf 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -156,6 +156,7 @@ class HTTPSig { $cached_key = self::get_key($key, $keytype, $result['signer']); + if (!($cached_key && $cached_key['public_key'])) { return $result; } @@ -243,7 +244,12 @@ class HTTPSig { } } - $key = self::get_activitystreams_key($id, $force); + $delete = false; + if ($keytype === 'delete') { + $delete = true; + } + + $key = self::get_activitystreams_key($id, $force, $delete); return $key; @@ -274,7 +280,7 @@ class HTTPSig { * false if no pub key found, otherwise return an array with the pub key */ - static function get_activitystreams_key($id, $force = false) { + static function get_activitystreams_key($id, $force = false, $delete = false) { // Check the local cache first, but remove any fragments like #main-key since these won't be present in our cached data $url = ((strpos($id, '#')) ? substr($id, 0, strpos($id, '#')) : $id); @@ -294,6 +300,12 @@ class HTTPSig { } } + if ($delete) { + // If we received a delete and we do not have the record cached, + // we probably never saw this actor. Do not try to fetch it now. + return false; + } + // The record wasn't in cache. Fetch it now. $r = ActivityStreams::fetch($id); diff --git a/Zotlabs/Web/SessionHandler.php b/Zotlabs/Web/SessionHandler.php index 4292fdc28..392cab1ae 100644 --- a/Zotlabs/Web/SessionHandler.php +++ b/Zotlabs/Web/SessionHandler.php @@ -6,7 +6,7 @@ namespace Zotlabs\Web; class SessionHandler implements \SessionHandlerInterface { - function open ($s, $n) { + function open ($s, $n) : bool { return true; } @@ -15,7 +15,7 @@ class SessionHandler implements \SessionHandlerInterface { // some which call read explicitly and some that do not. So we call it explicitly // just after sid regeneration to force a record to exist. - function read ($id) { + function read ($id) : string|false { if($id) { $r = q("SELECT sess_data FROM session WHERE sid= '%s'", dbesc($id)); @@ -36,7 +36,7 @@ class SessionHandler implements \SessionHandlerInterface { } - function write ($id, $data) { + function write ($id, $data) : bool { // Pretend everything is hunky-dory, even though it isn't. // There probably isn't anything we can do about it in any event. @@ -49,9 +49,9 @@ class SessionHandler implements \SessionHandlerInterface { // Unless we authenticate somehow, only keep a session for 5 minutes // The viewer can extend this by performing any web action using the - // original cookie, but this allows us to cleanup the hundreds or + // original cookie, but this allows us to cleanup the hundreds or // thousands of empty sessions left around from web crawlers which are - // assigned cookies on each page that they never use. + // assigned cookies on each page that they never use. $expire = time() + 300; @@ -74,19 +74,19 @@ class SessionHandler implements \SessionHandlerInterface { return true; } - - function close() { + + function close() : bool { return true; } - function destroy ($id) { + function destroy ($id) : bool { q("DELETE FROM session WHERE sid = '%s'", dbesc($id)); return true; } - function gc($expire) { + function gc($expire) : int|false { q("DELETE FROM session WHERE expire < %d", dbesc(time())); return true; } |