aboutsummaryrefslogtreecommitdiffstats
path: root/include/items.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/items.php')
-rwxr-xr-xinclude/items.php18
1 files changed, 15 insertions, 3 deletions
diff --git a/include/items.php b/include/items.php
index 2eecadad1..e09b888ca 100755
--- a/include/items.php
+++ b/include/items.php
@@ -416,7 +416,7 @@ function get_atom_elements($feed,$item) {
// the wild, by sanitising it and converting supported tags to bbcode before we rip out any remaining
// html.
- if((strpos($res['body'],'<') !== false) || (strpos($res['body'],'>') !== false)) {
+ if((strpos($res['body'],'<') !== false) && (strpos($res['body'],'>') !== false)) {
$res['body'] = reltoabs($res['body'],$base_url);
@@ -429,13 +429,14 @@ function get_atom_elements($feed,$item) {
// we shouldn't need a whitelist, because the bbcode converter
// will strip out any unsupported tags.
- // $config->set('HTML.Allowed', 'p,b,a[href],i');
$purifier = new HTMLPurifier($config);
$res['body'] = $purifier->purify($res['body']);
- $res['body'] = html2bbcode($res['body']);
+ $res['body'] = @html2bbcode($res['body']);
}
+ else
+ $res['body'] = escape_tags($res['body']);
$allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
if($allow && $allow[0]['data'] == 1)
@@ -1090,12 +1091,23 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$postvars = array();
$sent_dfrn_id = hex2bin((string) $res->dfrn_id);
$challenge = hex2bin((string) $res->challenge);
+ $perm = (($res->perm) ? $res->perm : null);
$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
$rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
$page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
$final_dfrn_id = '';
+ if($perm) {
+ if((($perm == 'rw') && (! intval($contact['writable'])))
+ || (($perm == 'r') && (intval($contact['writable'])))) {
+ q("update contact set writable = %d where id = %d limit 1",
+ intval(($perm == 'rw') ? 1 : 0),
+ intval($contact['id'])
+ );
+ $contact['writable'] = (string) 1 - intval($contact['writable']);
+ }
+ }
if(($contact['duplex'] && strlen($contact['pubkey']))
|| ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))