aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/identity.php12
-rwxr-xr-xinclude/items.php18
-rw-r--r--include/reddav.php10
-rwxr-xr-xinclude/text.php5
-rw-r--r--include/zot.php12
5 files changed, 47 insertions, 10 deletions
diff --git a/include/identity.php b/include/identity.php
index 627e808ea..d0fffaede 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -22,8 +22,9 @@ require_once('include/crypto.php');
function identity_check_service_class($account_id) {
$ret = array('success' => false, $message => '');
- $r = q("select count(channel_id) as total from channel where channel_account_id = %d ",
- intval($account_id)
+ $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d ) ",
+ intval($account_id),
+ intval(PAGE_REMOVED)
);
if(! ($r && count($r))) {
$ret['message'] = t('Unable to obtain identity information from database');
@@ -101,7 +102,7 @@ function get_sys_channel() {
/**
* @channel_total()
- * Return the total number of channels on this site. No filtering is performed.
+ * Return the total number of channels on this site. No filtering is performed except to check PAGE_REMOVED
*
* @returns int
* on error returns boolean false
@@ -109,7 +110,10 @@ function get_sys_channel() {
*/
function channel_total() {
- $r = q("select channel_id from channel where true");
+ $r = q("select channel_id from channel where not ( channel_pageflags & %d )",
+ intval(PAGE_REMOVED)
+ );
+
if(is_array($r))
return count($r);
return false;
diff --git a/include/items.php b/include/items.php
index 3c10b8f5c..bf575860a 100755
--- a/include/items.php
+++ b/include/items.php
@@ -145,7 +145,9 @@ function can_comment_on_post($observer_xchan,$item) {
* @function red_zrl_callback
* preg_match function when fixing 'naked' links in mod item.php
* Check if we've got a hubloc for the site and use a zrl if we do, a url if we don't.
- *
+ * Remove any existing zid= param which may have been pasted by mistake - and will have
+ * the author's credentials. zid's are dynamic and can't really be passed around like
+ * that.
*/
@@ -159,6 +161,13 @@ function red_zrl_callback($matches) {
if($r)
$zrl = true;
}
+
+ $t = strip_zids($matches[2]);
+ if($t !== $matches[2]) {
+ $zrl = true;
+ $matches[2] = $t;
+ }
+
if($matches[1] === '#^')
$matches[1] = '';
if($zrl)
@@ -2254,6 +2263,13 @@ function tag_deliver($uid,$item_id) {
if(is_array($j_obj['link']))
$taglink = get_rel_link($j_obj['link'],'alternate');
store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_HASHTAG,$j_obj['title'],$j_obj['id']);
+ $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d limit 1",
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($j_tgt['id']),
+ intval($u[0]['channel_id'])
+ );
proc_run('php','include/notifier.php','edit_post',$p[0]['id']);
}
}
diff --git a/include/reddav.php b/include/reddav.php
index a8d6739f0..cb2aa3bb9 100644
--- a/include/reddav.php
+++ b/include/reddav.php
@@ -1064,5 +1064,15 @@ class RedBrowser extends DAV\Browser\Plugin {
}
+ /**
+ * This method takes a path/name of an asset and turns it into url
+ * suiteable for http access.
+ *
+ * @param string $assetName
+ * @return string
+ */
+ protected function getAssetUrl($assetName) {
+ return '/cloud/?sabreAction=asset&assetName=' . urlencode($assetName);
+ }
}
diff --git a/include/text.php b/include/text.php
index 2b334068f..2f5accf6e 100755
--- a/include/text.php
+++ b/include/text.php
@@ -621,6 +621,11 @@ function get_tags($s) {
}
+function strip_zids($s) {
+ return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s);
+}
+
+
// quick and dirty quoted_printable encoding
diff --git a/include/zot.php b/include/zot.php
index 21eef073c..c9d426cc2 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -1064,7 +1064,9 @@ function zot_import($arr, $sender_url) {
}
stringify_array_elms($recip_arr);
$recips = implode(',',$recip_arr);
- $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) ");
+ $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d ) ",
+ intval(PAGE_REMOVED)
+ );
if(! $r) {
logger('recips: no recipients on this site');
continue;
@@ -1222,8 +1224,7 @@ function public_recips($msg) {
if(! $r)
$r = array();
- $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s'
- and (( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " )) OR ( " . $col . " & " . PERMS_CONTACTS . " ) ",
+ $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " ) and (( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " )) OR ( " . $col . " & " . PERMS_CONTACTS . " ) ",
dbesc($msg['notify']['sender']['hash'])
);
@@ -1304,8 +1305,9 @@ function allowed_public_recips($msg) {
$condensed_recips[] = $rr['hash'];
$results = array();
- $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' ",
- dbesc($hash)
+ $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d ) ",
+ dbesc($hash),
+ intval(PAGE_REMOVED)
);
if($r) {
foreach($r as $rr)