3 files changed, 7 insertions, 2 deletions

diff --git a/Zotlabs/Lib/ActivityStreams.php b/Zotlabs/Lib/ActivityStreams.php
index a322637fd..49978031e 100644
--- a/Zotlabs/Lib/ActivityStreams.php
+++ b/Zotlabs/Lib/ActivityStreams.php
@@ -284,7 +284,7 @@ class ActivityStreams {
 	}
 
 	static function is_an_actor($s) {
-		return(in_array($s,[ 'Application','Group','Service','Person','Service' ]));
+		return(in_array($s,[ 'Application','Group','Organization','Person','Service' ]));
 	}
 
 	/**
diff --git a/Zotlabs/Module/Pconfig.php b/Zotlabs/Module/Pconfig.php
index 44fe5d9a9..f31d5fdf6 100644
--- a/Zotlabs/Module/Pconfig.php
+++ b/Zotlabs/Module/Pconfig.php
@@ -22,6 +22,11 @@ class Pconfig extends \Zotlabs\Web\Controller {
 		$k = trim(escape_tags($_POST['k']));
 		$v = trim($_POST['v']);
 		$aj = intval($_POST['aj']);
+
+		// Do not store "serialized" data received in the $_POST
+		if (preg_match('|^a:[0-9]+:{.*}$|s',$v) || preg_match('O:8:"stdClass":[0-9]+:{.*}$|s',$v)) {
+			return;
+		}
 	
 		if(in_array(argv(2),$this->disallowed_pconfig())) {
 			notice( t('This setting requires special processing and editing has been blocked.') . EOL);
diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php
index 642af6300..b30aecf92 100644
--- a/Zotlabs/Storage/Directory.php
+++ b/Zotlabs/Storage/Directory.php
@@ -224,7 +224,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo
 		}
 
 		$filesize = 0;
-		$hash = random_string();
+		$hash = new_uuid();
 
 		$f = 'store/' . $this->auth->owner_nick . '/' . (($this->os_path) ? $this->os_path . '/' : '') . $hash;