diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/identity.php | 12 | ||||
-rwxr-xr-x | include/items.php | 18 | ||||
-rw-r--r-- | include/reddav.php | 10 | ||||
-rwxr-xr-x | include/text.php | 5 | ||||
-rw-r--r-- | include/zot.php | 12 |
5 files changed, 47 insertions, 10 deletions
diff --git a/include/identity.php b/include/identity.php index 627e808ea..d0fffaede 100644 --- a/include/identity.php +++ b/include/identity.php @@ -22,8 +22,9 @@ require_once('include/crypto.php'); function identity_check_service_class($account_id) { $ret = array('success' => false, $message => ''); - $r = q("select count(channel_id) as total from channel where channel_account_id = %d ", - intval($account_id) + $r = q("select count(channel_id) as total from channel where channel_account_id = %d and not ( channel_pageflags & %d ) ", + intval($account_id), + intval(PAGE_REMOVED) ); if(! ($r && count($r))) { $ret['message'] = t('Unable to obtain identity information from database'); @@ -101,7 +102,7 @@ function get_sys_channel() { /** * @channel_total() - * Return the total number of channels on this site. No filtering is performed. + * Return the total number of channels on this site. No filtering is performed except to check PAGE_REMOVED * * @returns int * on error returns boolean false @@ -109,7 +110,10 @@ function get_sys_channel() { */ function channel_total() { - $r = q("select channel_id from channel where true"); + $r = q("select channel_id from channel where not ( channel_pageflags & %d )", + intval(PAGE_REMOVED) + ); + if(is_array($r)) return count($r); return false; diff --git a/include/items.php b/include/items.php index 3c10b8f5c..bf575860a 100755 --- a/include/items.php +++ b/include/items.php @@ -145,7 +145,9 @@ function can_comment_on_post($observer_xchan,$item) { * @function red_zrl_callback * preg_match function when fixing 'naked' links in mod item.php * Check if we've got a hubloc for the site and use a zrl if we do, a url if we don't. - * + * Remove any existing zid= param which may have been pasted by mistake - and will have + * the author's credentials. zid's are dynamic and can't really be passed around like + * that. */ @@ -159,6 +161,13 @@ function red_zrl_callback($matches) { if($r) $zrl = true; } + + $t = strip_zids($matches[2]); + if($t !== $matches[2]) { + $zrl = true; + $matches[2] = $t; + } + if($matches[1] === '#^') $matches[1] = ''; if($zrl) @@ -2254,6 +2263,13 @@ function tag_deliver($uid,$item_id) { if(is_array($j_obj['link'])) $taglink = get_rel_link($j_obj['link'],'alternate'); store_item_tag($u[0]['channel_id'],$p[0]['id'],TERM_OBJ_POST,TERM_HASHTAG,$j_obj['title'],$j_obj['id']); + $x = q("update item set edited = '%s', received = '%s', changed = '%s' where mid = '%s' and uid = %d limit 1", + dbesc(datetime_convert()), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + dbesc($j_tgt['id']), + intval($u[0]['channel_id']) + ); proc_run('php','include/notifier.php','edit_post',$p[0]['id']); } } diff --git a/include/reddav.php b/include/reddav.php index a8d6739f0..cb2aa3bb9 100644 --- a/include/reddav.php +++ b/include/reddav.php @@ -1064,5 +1064,15 @@ class RedBrowser extends DAV\Browser\Plugin { } + /** + * This method takes a path/name of an asset and turns it into url + * suiteable for http access. + * + * @param string $assetName + * @return string + */ + protected function getAssetUrl($assetName) { + return '/cloud/?sabreAction=asset&assetName=' . urlencode($assetName); + } } diff --git a/include/text.php b/include/text.php index 2b334068f..2f5accf6e 100755 --- a/include/text.php +++ b/include/text.php @@ -621,6 +621,11 @@ function get_tags($s) { } +function strip_zids($s) { + return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s); +} + + // quick and dirty quoted_printable encoding diff --git a/include/zot.php b/include/zot.php index 21eef073c..c9d426cc2 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1064,7 +1064,9 @@ function zot_import($arr, $sender_url) { } stringify_array_elms($recip_arr); $recips = implode(',',$recip_arr); - $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) "); + $r = q("select channel_hash as hash from channel where channel_hash in ( " . $recips . " ) and not ( channel_pageflags & %d ) ", + intval(PAGE_REMOVED) + ); if(! $r) { logger('recips: no recipients on this site'); continue; @@ -1222,8 +1224,7 @@ function public_recips($msg) { if(! $r) $r = array(); - $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' - and (( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " )) OR ( " . $col . " & " . PERMS_CONTACTS . " ) ", + $x = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & " . PAGE_REMOVED . " ) and (( " . $col . " & " . PERMS_SPECIFIC . " ) and ( abook_my_perms & " . $field . " )) OR ( " . $col . " & " . PERMS_CONTACTS . " ) ", dbesc($msg['notify']['sender']['hash']) ); @@ -1304,8 +1305,9 @@ function allowed_public_recips($msg) { $condensed_recips[] = $rr['hash']; $results = array(); - $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' ", - dbesc($hash) + $r = q("select channel_hash as hash from channel left join abook on abook_channel = channel_id where abook_xchan = '%s' and not ( channel_pageflags & %d ) ", + dbesc($hash), + intval(PAGE_REMOVED) ); if($r) { foreach($r as $rr) |