diff options
Diffstat (limited to 'Zotlabs/Web')
-rw-r--r-- | Zotlabs/Web/HTTPSig.php | 6 | ||||
-rw-r--r-- | Zotlabs/Web/Session.php | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 35b8054e6..c831acda4 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -303,7 +303,7 @@ class HTTPSig { // $force is used to ignore the local cache and only use the remote data; for instance the cached key might be stale if (!$force) { - $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where (hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", dbesc($url), dbesc($url) ); @@ -378,7 +378,7 @@ class HTTPSig { $best = []; if (!$force) { - $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", dbesc($id) ); @@ -427,7 +427,7 @@ class HTTPSig { $best = []; if (!$force) { - $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc", dbesc($id) ); diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 443a02d20..14c054d20 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -203,7 +203,7 @@ class Session { // first check if we're enforcing that sessions can't change IP address // @todo what to do with IPv6 addresses - if($_SESSION['addr'] && $_SESSION['addr'] != $_SERVER['REMOTE_ADDR']) { + if(isset($_SESSION['addr']) && $_SESSION['addr'] != $_SERVER['REMOTE_ADDR']) { logger('SECURITY: Session IP address changed: ' . $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']); $partial1 = substr($_SESSION['addr'], 0, strrpos($_SESSION['addr'], '.')); |