aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/channel.php4
-rw-r--r--include/zot.php7
2 files changed, 8 insertions, 3 deletions
diff --git a/include/channel.php b/include/channel.php
index b9adc588b..625ce16c8 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -2553,10 +2553,10 @@ function channel_remove($channel_id, $local = true, $unset_session = false) {
q("DELETE FROM profile WHERE uid = %d", intval($channel_id));
q("DELETE FROM src WHERE src_channel_id = %d", intval($channel_id));
- $r = q("select resource_id FROM attach WHERE uid = %d", intval($channel_id));
+ $r = q("select hash FROM attach WHERE uid = %d", intval($channel_id));
if($r) {
foreach($r as $rv) {
- attach_delete($channel_id,$rv['resource_id']);
+ attach_delete($channel_id,$rv['hash']);
}
}
diff --git a/include/zot.php b/include/zot.php
index 10550fd69..d28e584a1 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -1152,7 +1152,12 @@ function zot_process_response($hub, $arr, $outq) {
* @brief
*
* We received a notification packet (in mod_post) that a message is waiting for us, and we've verified the sender.
- * Now send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site
+ * Check if the site is using zot6 delivery and includes a verified HTTP Signature, signed content, and a 'msg' field,
+ * and also that the signer and the sender match.
+ * If that happens, we do not need to fetch/pickup the message - we have it already and it is verified.
+ * Translate it into the form we need for zot_import() and import it.
+ *
+ * Otherwise send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site
* private key.
* The entire pickup message is encrypted with the remote site's public key.
* If everything checks out on the remote end, we will receive back a packet containing one or more messages,