diff options
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Access/AccessList.php | 5 | ||||
| -rw-r--r-- | Zotlabs/Daemon/Gprobe.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Lib/Activity.php | 8 | ||||
| -rw-r--r-- | Zotlabs/Lib/Libzot.php | 9 | ||||
| -rw-r--r-- | Zotlabs/Lib/Libzotdir.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Module/Acl.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Directory.php | 41 | ||||
| -rw-r--r-- | Zotlabs/Module/File_upload.php | 10 | ||||
| -rw-r--r-- | Zotlabs/Module/Item.php | 56 | ||||
| -rw-r--r-- | Zotlabs/Module/Lockview.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Owa.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Storage/Browser.php | 7 | ||||
| -rw-r--r-- | Zotlabs/Storage/Directory.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Storage/File.php | 4 | ||||
| -rw-r--r-- | Zotlabs/Web/HTTPSig.php | 6 | ||||
| -rw-r--r-- | Zotlabs/Web/Session.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Widget/Messages.php | 2 |
17 files changed, 101 insertions, 72 deletions
diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php index af6c4b7a6..790ef4745 100644 --- a/Zotlabs/Access/AccessList.php +++ b/Zotlabs/Access/AccessList.php @@ -139,6 +139,11 @@ class AccessList { * @param boolean $explicit (optional) default true */ function set_from_array($arr, $explicit = true) { + $arr['contact_allow'] = $arr['contact_allow'] ?? []; + $arr['group_allow'] = $arr['group_allow'] ?? []; + $arr['contact_deny'] = $arr['contact_deny'] ?? []; + $arr['group_deny'] = $arr['group_deny'] ?? []; + $this->allow_cid = perms2str((is_array($arr['contact_allow'])) ? $arr['contact_allow'] : explode(',', $arr['contact_allow'])); $this->allow_gid = perms2str((is_array($arr['group_allow'])) diff --git a/Zotlabs/Daemon/Gprobe.php b/Zotlabs/Daemon/Gprobe.php index 1124ead54..c12ae4631 100644 --- a/Zotlabs/Daemon/Gprobe.php +++ b/Zotlabs/Daemon/Gprobe.php @@ -32,17 +32,20 @@ class Gprobe { } if (!$r) { + + + if ($is_webbie) { $url = Webfinger::zot_url(punify($url)); } if ($url) { $zf = Zotfinger::exec($url, null); + if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) { + Libzot::import_xchan($zf['data']); + } } - if (is_array($zf) && array_path_exists('signature/signer', $zf) && $zf['signature']['signer'] === $href && intval($zf['signature']['header_valid'])) { - Libzot::import_xchan($zf['data']); - } } return; diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 8afdb723a..26aef8104 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -415,7 +415,7 @@ class Activity { $objtype = self::activity_obj_mapper($i['obj_type']); } - if ($i['obj']) { + if (isset($i['obj']) && $i['obj']) { $ret = Activity::encode_object($i['obj']); } @@ -430,7 +430,7 @@ class Activity { return $ret; } - if ($i['obj']) { + if (isset($i['obj']) && $i['obj']) { if (is_array($i['obj'])) { $ret = $i['obj']; } @@ -851,7 +851,7 @@ class Activity { else return []; - if ($i['obj']) { + if (isset($i['obj']) && $i['obj']) { if (!is_array($i['obj'])) { $i['obj'] = json_decode($i['obj'], true); } @@ -879,7 +879,7 @@ class Activity { $ret['type'] = 'Invite'; } - if ($i['target']) { + if (isset($i['target']) && $i['target']) { if (!is_array($i['target'])) { $i['target'] = json_decode($i['target'], true); } diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php index 5c55b0ba9..7abbab00b 100644 --- a/Zotlabs/Lib/Libzot.php +++ b/Zotlabs/Lib/Libzot.php @@ -668,7 +668,7 @@ class Libzot { $verified = false; if (!self::verify($arr['id'], $arr['id_sig'], $arr['public_key'])) { - logger('Unable to verify channel signature for ' . $arr['address']); + logger('Unable to verify channel signature for ' . $arr['primary_location']['address']); return $ret; } else { @@ -914,7 +914,7 @@ class Libzot { // Which entries in the update table are we interested in updating? - $address = (($ud_arr && $ud_arr['ud_addr']) ? $ud_arr['ud_addr'] : $arr['address']); + $address = (($ud_arr && $ud_arr['ud_addr']) ? $ud_arr['ud_addr'] : $arr['primary_location']['address']); // Are we a directory server of some kind? @@ -1298,7 +1298,7 @@ class Libzot { } } - if ($AS->meta['hubloc']) { + if (isset($AS->meta['hubloc']) && $AS->meta['hubloc']) { $arr['item_verified'] = true; } @@ -1306,7 +1306,7 @@ class Libzot { $arr['comment_policy'] = 'authenticated'; } - if ($AS->meta['signed_data']) { + if (isset($AS->meta['signed_data']) && $AS->meta['signed_data']) { IConfig::Set($arr, 'activitypub', 'signed_data', $AS->meta['signed_data'], false); } @@ -1516,6 +1516,7 @@ class Libzot { foreach ($deliveries as $d) { $local_public = $public; + $item_result = null; $DR = new DReport(z_root(), $sender, $d, $arr['mid']); diff --git a/Zotlabs/Lib/Libzotdir.php b/Zotlabs/Lib/Libzotdir.php index 4f35a1b80..db8992fc4 100644 --- a/Zotlabs/Lib/Libzotdir.php +++ b/Zotlabs/Lib/Libzotdir.php @@ -145,8 +145,8 @@ class Libzotdir { if(! $directory_sort_order) $directory_sort_order = 'date'; - $current_order = (($_REQUEST['order']) ? $_REQUEST['order'] : $directory_sort_order); - $suggest = (($_REQUEST['suggest']) ? '&suggest=' . $_REQUEST['suggest'] : ''); + $current_order = $_REQUEST['order'] ?? $directory_sort_order; + $suggest = ((isset($_REQUEST['suggest'])) ? '&suggest=' . $_REQUEST['suggest'] : ''); $url = 'directory?f='; diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php index 9dc422e6b..f8c6232c5 100644 --- a/Zotlabs/Module/Acl.php +++ b/Zotlabs/Module/Acl.php @@ -284,7 +284,7 @@ class Acl extends \Zotlabs\Web\Controller { } elseif($type == 'm') { $r = array(); - $z = q("SELECT xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url + $z = q("SELECT abook_id as id, xchan_hash as hash, xchan_name as name, xchan_network as net, xchan_addr as nick, xchan_photo_s as micro, xchan_url as url, abook_self FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d and xchan_deleted = 0 diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php index da37c582f..c543503e4 100644 --- a/Zotlabs/Module/Directory.php +++ b/Zotlabs/Module/Directory.php @@ -83,7 +83,7 @@ class Directory extends Controller { $globaldir = Libzotdir::get_directory_setting($observer, 'globaldir'); // override your personal global search pref if we're doing a navbar search of the directory - if(intval($_REQUEST['navsearch'])) + if(isset($_REQUEST['navsearch']) && intval($_REQUEST['navsearch'])) $globaldir = 1; $safe_mode = Libzotdir::get_directory_setting($observer, 'safemode'); @@ -98,15 +98,18 @@ class Directory extends Controller { else $search = ((x($_GET,'search')) ? notags(trim(rawurldecode($_GET['search']))) : ''); - + $advanced = ''; if(strpos($search,'=') && local_channel() && feature_enabled(local_channel(), 'advanced_dirsearch')) $advanced = $search; - $keywords = (($_GET['keywords']) ? $_GET['keywords'] : ''); + $keywords = $_GET['keywords'] ?? ''; // Suggest channels if no search terms or keywords are given $suggest = (local_channel() && x($_REQUEST,'suggest')) ? $_REQUEST['suggest'] : ''; + $addresses = []; + $common = []; + if($suggest) { // the directory options have no effect in suggestion mode @@ -123,8 +126,7 @@ class Directory extends Controller { } // Remember in which order the suggestions were - $addresses = array(); - $common = array(); + $index = 0; foreach($r as $rr) { $common[$rr['xchan_addr']] = ((intval($rr['total']) > 0) ? intval($rr['total']) - 1 : 0); @@ -132,7 +134,7 @@ class Directory extends Controller { } // Build query to get info about suggested people - $advanced = ''; + foreach(array_keys($addresses) as $address) { $advanced .= "address=\"$address\" "; } @@ -147,6 +149,8 @@ class Directory extends Controller { $directory_admin = false; + $url = ''; + if(($dirmode == DIRECTORY_MODE_PRIMARY) || ($dirmode == DIRECTORY_MODE_STANDALONE)) { $url = z_root() . '/dirsearch'; if (is_site_admin()) { @@ -275,19 +279,12 @@ class Directory extends Controller { $page_type = ''; - $rating_enabled = get_config('system','rating_enabled'); - - if($rr['total_ratings'] && $rating_enabled) - $total_ratings = sprintf( tt("%d rating", "%d ratings", $rr['total_ratings']), $rr['total_ratings']); - else - $total_ratings = ''; - $profile = $rr; - if ((x($profile,'locale') == 1) - || (x($profile,'region') == 1) - || (x($profile,'postcode') == 1) - || (x($profile,'country') == 1)) + // if ((x($profile,'locale') == 1) + // || (x($profile,'region') == 1) + // || (x($profile,'postcode') == 1) + // || (x($profile,'country') == 1)) $gender = ((x($profile,'gender') == 1) ? t('Gender: ') . $profile['gender']: False); @@ -352,9 +349,6 @@ class Directory extends Controller { 'location' => $location, 'location_label' => t('Location:'), 'gender' => $gender, - 'total_ratings' => $total_ratings, - 'viewrate' => true, - 'canrate' => (($rating_enabled && local_channel()) ? true : false), 'pdesc' => $pdesc, 'pdesc_label' => t('Description:'), 'censor' => (($directory_admin) ? 'dircensor/' . $rr['hash'] : ''), @@ -374,9 +368,9 @@ class Directory extends Controller { 'keywords' => $out, 'ignlink' => $suggest ? z_root() . '/directory?ignore=' . $rr['hash'] : '', 'ignore_label' => t('Don\'t suggest'), - 'common_friends' => (($common[$rr['address']]) ? intval($common[$rr['address']]) : ''), + 'common_friends' => $common[$rr['address']] ?? '', 'common_label' => t('Common connections (estimated):'), - 'common_count' => intval($common[$rr['address']]), + 'common_count' => $common[$rr['address']] ?? '', 'safe' => $safe_mode ); @@ -408,8 +402,9 @@ class Directory extends Controller { logger('mod_directory: entries: ' . print_r($entries,true), LOGGER_DATA); + $aj = $_REQUEST['aj'] ?? ''; - if($_REQUEST['aj']) { + if($aj) { if($entries) { $o = replace_macros(get_markup_template('directajax.tpl'),array( '$entries' => $entries diff --git a/Zotlabs/Module/File_upload.php b/Zotlabs/Module/File_upload.php index d4c9ad59a..39a30cb1a 100644 --- a/Zotlabs/Module/File_upload.php +++ b/Zotlabs/Module/File_upload.php @@ -30,12 +30,12 @@ class File_upload extends \Zotlabs\Web\Controller { $_REQUEST['group_deny'] = expand_acl($channel['channel_deny_gid']); } - $_REQUEST['allow_cid'] = perms2str($_REQUEST['contact_allow']); - $_REQUEST['allow_gid'] = perms2str($_REQUEST['group_allow']); - $_REQUEST['deny_cid'] = perms2str($_REQUEST['contact_deny']); - $_REQUEST['deny_gid'] = perms2str($_REQUEST['group_deny']); + $_REQUEST['allow_cid'] = ((isset($_REQUEST['contact_allow'])) ? perms2str($_REQUEST['contact_allow']) : ''); + $_REQUEST['allow_gid'] = ((isset($_REQUEST['group_allow'])) ? perms2str($_REQUEST['group_allow']) : ''); + $_REQUEST['deny_cid'] = ((isset($_REQUEST['contact_deny'])) ? perms2str($_REQUEST['contact_deny']) : ''); + $_REQUEST['deny_gid'] = ((isset($_REQUEST['group_deny'])) ? perms2str($_REQUEST['group_deny']) : ''); - if($_REQUEST['filename']) { + if(isset($_REQUEST['filename']) && $_REQUEST['filename']) { $r = attach_mkdir($channel, get_observer_hash(), $_REQUEST); if($r['success']) { $hash = $r['data']['hash']; diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 588391843..3104ce9fb 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -312,6 +312,21 @@ class Item extends Controller { $observer = null; $datarray = []; + $item_starred = false; + $item_uplink = false; + $item_notshown = false; + $item_nsfw = false; + $item_relay = false; + $item_mentionsme = false; + $item_verified = false; + $item_retained = false; + $item_rss = false; + $item_deleted = false; + $item_hidden = false; + $item_unpublished = false; + $item_delayed = false; + $item_pending_remove = false; + $item_blocked = false; /** * Is this a reply to something? @@ -319,7 +334,7 @@ class Item extends Controller { $parent = ((x($_REQUEST, 'parent')) ? intval($_REQUEST['parent']) : 0); $parent_mid = ((x($_REQUEST, 'parent_mid')) ? trim($_REQUEST['parent_mid']) : ''); - $mode = (($_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network'); + $mode = ((isset($_REQUEST['conv_mode']) && $_REQUEST['conv_mode'] === 'channel') ? 'channel' : 'network'); $remote_xchan = ((x($_REQUEST, 'remote_xchan')) ? trim($_REQUEST['remote_xchan']) : false); $r = q("select * from xchan where xchan_hash = '%s' limit 1", @@ -355,10 +370,10 @@ class Item extends Controller { $api_source = ((x($_REQUEST, 'api_source') && $_REQUEST['api_source']) ? true : false); - $consensus = intval($_REQUEST['consensus']); - $nocomment = intval($_REQUEST['nocomment']); + $consensus = $_REQUEST['consensus'] ?? 0; + $nocomment = $_REQUEST['nocomment'] ?? 0; - $is_poll = ((trim((string)$_REQUEST['poll_answers'][0]) != '' && trim((string)$_REQUEST['poll_answers'][1]) != '') ? true : false); + $is_poll = ((isset($_REQUEST['poll_answers'][0]) && $_REQUEST['poll_answers'][0]) && (isset($_REQUEST['poll_answers'][1]) && $_REQUEST['poll_answers'][1])); // 'origin' (if non-zero) indicates that this network is where the message originated, // for the purpose of relaying comments to other conversation members. @@ -720,18 +735,18 @@ class Item extends Controller { } - $location = notags(trim((string)$_REQUEST['location'])); - $coord = notags(trim((string)$_REQUEST['coord'])); - $verb = notags(trim((string)$_REQUEST['verb'])); - $title = escape_tags(trim((string)$_REQUEST['title'])); - $summary = trim((string)$_REQUEST['summary']); - $body = trim((string)$_REQUEST['body']); - $body .= trim((string)$_REQUEST['attachment']); + $location = ((isset($_REQUEST['location'])) ? notags(trim($_REQUEST['location'])) : ''); + $coord = ((isset($_REQUEST['coord'])) ? notags(trim($_REQUEST['coord'])) : ''); + $verb = ((isset($_REQUEST['verb'])) ? notags(trim($_REQUEST['verb'])) : ''); + $title = ((isset($_REQUEST['title'])) ? escape_tags(trim($_REQUEST['title'])) : ''); + $summary = ((isset($_REQUEST['summary'])) ? trim($_REQUEST['summary']) : ''); + $body = ((isset($_REQUEST['body'])) ? trim($_REQUEST['body']) : ''); + $body .= ((isset($_REQUEST['attachment'])) ? trim($_REQUEST['attachment']) : ''); $postopts = ''; $allow_empty = ((array_key_exists('allow_empty', $_REQUEST)) ? intval($_REQUEST['allow_empty']) : 0); - $private = (($private) ? $private : intval($acl->is_private() || ($public_policy))); + $private = ((isset($private) && $private) ? $private : intval($acl->is_private() || ($public_policy))); // If this is a comment, set the permissions from the parent. @@ -767,7 +782,8 @@ class Item extends Controller { } - $mimetype = notags(trim((string)$_REQUEST['mimetype'])); + $mimetype = ((isset($_REQUEST['mimetype'])) ? notags(trim($_REQUEST['mimetype'])) : ''); + if (!$mimetype) $mimetype = 'text/bbcode'; @@ -957,7 +973,7 @@ class Item extends Controller { $item_unseen = ((local_channel() != $profile_uid) ? 1 : 0); - $item_wall = (($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment') ? 1 : 0); + $item_wall = ((isset($_REQUEST['type']) && ($_REQUEST['type'] === 'wall' || $_REQUEST['type'] === 'wall-comment')) ? 1 : 0); $item_origin = (($origin) ? 1 : 0); $item_consensus = (($consensus) ? 1 : 0); $item_nocomment = (($nocomment) ? 1 : 0); @@ -986,9 +1002,7 @@ class Item extends Controller { $uuid = (($message_id) ? $message_id : item_message_id()); - if (!$mid) { - $mid = z_root() . '/item/' . $uuid; - } + $mid = $mid ?? z_root() . '/item/' . $uuid; if ($is_poll) { @@ -1045,7 +1059,7 @@ class Item extends Controller { $plink = $mid; } - if ($datarray['obj']) { + if (isset($datarray['obj']) && $datarray['obj']) { $datarray['obj']['id'] = $mid; } @@ -1285,7 +1299,7 @@ class Item extends Controller { // This way we don't see every picture in your new photo album posted to your wall at once. // They will show up as people comment on them. - if (intval($parent_item['item_hidden'])) { + if ($parent_item && intval($parent_item['item_hidden'])) { $r = q("UPDATE item SET item_hidden = 0 WHERE id = %d", intval($parent_item['id']) ); @@ -1437,7 +1451,11 @@ class Item extends Controller { if ($complex) { tag_deliver($i[0]['uid'], $i[0]['id']); } + } + + killme(); + } } diff --git a/Zotlabs/Module/Lockview.php b/Zotlabs/Module/Lockview.php index 3637482c7..bac3a7eb9 100644 --- a/Zotlabs/Module/Lockview.php +++ b/Zotlabs/Module/Lockview.php @@ -101,7 +101,7 @@ class Lockview extends Controller { killme(); } - if (intval($item['item_private']) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid'])) + if ((isset($item['item_private']) && intval($item['item_private'])) && (!strlen($item['allow_cid'])) && (!strlen($item['allow_gid'])) && (!strlen($item['deny_cid'])) && (!strlen($item['deny_gid']))) { // if the post is private, but public_policy is blank ("visible to the internet"), and there aren't any diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 0922eb5d4..3400defd7 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -32,14 +32,14 @@ class Owa extends Controller { $keyId = $sigblock['keyId']; if ($keyId) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC", + WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC", dbesc($keyId) ); if (! $r) { $found = discover_by_webbie($keyId); if ($found) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 ORDER BY hubloc_id DESC ", + WHERE hubloc_id_url = '%s' AND hubloc_deleted = 0 AND xchan_pubkey != '' ORDER BY hubloc_id DESC ", dbesc($keyId) ); } diff --git a/Zotlabs/Storage/Browser.php b/Zotlabs/Storage/Browser.php index fdef35210..923906371 100644 --- a/Zotlabs/Storage/Browser.php +++ b/Zotlabs/Storage/Browser.php @@ -262,7 +262,7 @@ class Browser extends DAV\Browser\Plugin { // put the array for this file together $ft['attach_id'] = $id; - $ft['icon'] = $icon; + // $ft['icon'] = $icon; $ft['photo_icon'] = $photo_icon; $ft['is_creator'] = $is_creator; $ft['rel_path'] = (($data) ? '/cloud/' . $nick .'/' . $data['display_path'] : $href); @@ -454,6 +454,9 @@ class Browser extends DAV\Browser\Plugin { $lockstate = ''; $limit = 0; + $cat = $_REQUEST['cat'] ?? ''; + $cloud_tiles = $_SESSION['cloud_tiles'] ?? 0; + if($this->auth->owner_id) { $channel = channelx_by_n($this->auth->owner_id); if($channel) { @@ -507,7 +510,7 @@ class Browser extends DAV\Browser\Plugin { $breadcrumbs_html = ''; - if($display_path && ! $_REQUEST['cat'] && ! $_SESSION['cloud_tiles']){ + if ($display_path && !$cat && !$cloud_tiles) { $breadcrumbs = []; $folders = explode('/', $display_path); $folder_hashes = explode('/', $node->os_path); diff --git a/Zotlabs/Storage/Directory.php b/Zotlabs/Storage/Directory.php index c56ffcbbb..87ca220d6 100644 --- a/Zotlabs/Storage/Directory.php +++ b/Zotlabs/Storage/Directory.php @@ -617,7 +617,7 @@ class Directory extends DAV\Node implements DAV\ICollection, DAV\IQuota, DAV\IMo $file = trim($file, '/'); $path_arr = explode('/', $file); - $cat = $_REQUEST['cat']; + $cat = $_REQUEST['cat'] ?? ''; if (! $path_arr) diff --git a/Zotlabs/Storage/File.php b/Zotlabs/Storage/File.php index 76295d922..dc60a72ae 100644 --- a/Zotlabs/Storage/File.php +++ b/Zotlabs/Storage/File.php @@ -38,6 +38,7 @@ class File extends DAV\Node implements DAV\IFile { */ private $name; + /** * Sets up the node, expects a full path name. * @@ -49,7 +50,8 @@ class File extends DAV\Node implements DAV\IFile { $this->name = $name; $this->data = $data; $this->auth = $auth; - + $this->os_path = null; + $this->folder_hash = null; // logger(print_r($this->data, true), LOGGER_DATA); } diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 35b8054e6..c831acda4 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -303,7 +303,7 @@ class HTTPSig { // $force is used to ignore the local cache and only use the remote data; for instance the cached key might be stale if (!$force) { - $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where (hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where (hubloc_id_url = '%s' or hubloc_hash = '%s') and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", dbesc($url), dbesc($url) ); @@ -378,7 +378,7 @@ class HTTPSig { $best = []; if (!$force) { - $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network in ('zot6', 'activitypub') order by hubloc_id desc", dbesc($id) ); @@ -427,7 +427,7 @@ class HTTPSig { $best = []; if (!$force) { - $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc", + $x = q("select * from xchan join hubloc on xchan_hash = hubloc_hash where hubloc_id_url = '%s' and hubloc_network = 'zot6' order by hubloc_id desc", dbesc($id) ); diff --git a/Zotlabs/Web/Session.php b/Zotlabs/Web/Session.php index 443a02d20..14c054d20 100644 --- a/Zotlabs/Web/Session.php +++ b/Zotlabs/Web/Session.php @@ -203,7 +203,7 @@ class Session { // first check if we're enforcing that sessions can't change IP address // @todo what to do with IPv6 addresses - if($_SESSION['addr'] && $_SESSION['addr'] != $_SERVER['REMOTE_ADDR']) { + if(isset($_SESSION['addr']) && $_SESSION['addr'] != $_SERVER['REMOTE_ADDR']) { logger('SECURITY: Session IP address changed: ' . $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']); $partial1 = substr($_SESSION['addr'], 0, strrpos($_SESSION['addr'], '.')); diff --git a/Zotlabs/Widget/Messages.php b/Zotlabs/Widget/Messages.php index c92b9e311..267467bb0 100644 --- a/Zotlabs/Widget/Messages.php +++ b/Zotlabs/Widget/Messages.php @@ -198,6 +198,8 @@ class Messages { } } + $recipients = ''; + if(is_array($recips)) { stringify_array_elms($recips, true); |