diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/cli_startup.php | 9 | ||||
-rw-r--r-- | include/identity.php | 7 | ||||
-rwxr-xr-x | include/items.php | 5 | ||||
-rw-r--r-- | include/security.php | 15 | ||||
-rw-r--r-- | include/widgets.php | 38 |
5 files changed, 23 insertions, 51 deletions
diff --git a/include/cli_startup.php b/include/cli_startup.php index 6aa652a8f..9fcdce199 100644 --- a/include/cli_startup.php +++ b/include/cli_startup.php @@ -9,12 +9,19 @@ function cli_startup() { global $a, $db, $default_timezone; if(is_null($a)) { - $a = new App; + $a = new miniApp; } + + if(is_null($app)) { + $app = new App; + } + if(is_null($db)) { @include(".htconfig.php"); + $a->convert(); + if(! defined('UNO')) define('UNO', 0); diff --git a/include/identity.php b/include/identity.php index 67fd63aaf..849742c8e 100644 --- a/include/identity.php +++ b/include/identity.php @@ -174,7 +174,6 @@ function channel_total() { */ function create_identity($arr) { - $a = get_app(); $ret = array('success' => false); if(! $arr['account_id']) { @@ -914,7 +913,6 @@ function profile_load(&$a, $nickname, $profile = '') { function profile_edit_menu($uid) { - $a = get_app(); $ret = array(); $is_owner = (($uid == local_channel()) ? true : false); @@ -976,8 +974,6 @@ function profile_edit_menu($uid) { */ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = false) { - $a = get_app(); - $observer = App::get_observer(); $o = ''; @@ -1112,7 +1108,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa */ function get_birthdays() { - $a = get_app(); $o = ''; if(! local_channel()) @@ -1191,8 +1186,6 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $zcard = fa require_once('include/bbcode.php'); - $a = get_app(); - if(! local_channel()) return $o; diff --git a/include/items.php b/include/items.php index 09479e428..07cf2e0e8 100755 --- a/include/items.php +++ b/include/items.php @@ -4294,7 +4294,6 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) { } function fix_private_photos($s, $uid, $item = null, $cid = 0) { - $a = get_app(); logger('fix_private_photos', LOGGER_DEBUG); $site = substr(z_root(),strpos(z_root(),'://')); @@ -4577,8 +4576,6 @@ function drop_items($items) { function drop_item($id,$interactive = true,$stage = DROPITEM_NORMAL,$force = false) { - $a = get_app(); - // locate item to be deleted $r = q("SELECT * FROM item WHERE id = %d LIMIT 1", @@ -5077,8 +5074,6 @@ function items_fetch($arr,$channel = null,$observer_hash = null,$client_mode = C $result = array('success' => false); - $a = get_app(); - $sql_extra = ''; $sql_nets = ''; $sql_options = ''; diff --git a/include/security.php b/include/security.php index 479013460..38045c8a9 100644 --- a/include/security.php +++ b/include/security.php @@ -14,8 +14,6 @@ */ function authenticate_success($user_record, $login_initial = false, $interactive = false, $return = false, $update_lastlog = false) { - $a = get_app(); - $_SESSION['addr'] = $_SERVER['REMOTE_ADDR']; $lastlog_updated = false; @@ -360,10 +358,9 @@ function public_permissions_sql($observer_hash) { * so this mechanism brings in some damage control (the attacker would be able to forge a request to a form of this type, but not to forms of other types). */ function get_form_security_token($typename = '') { - $a = get_app(); $timestamp = time(); - $sec_hash = hash('whirlpool', App::$user['guid'] . App::$user['prvkey'] . session_id() . $timestamp . $typename); + $sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $timestamp . $typename); return $timestamp . '.' . $sec_hash; } @@ -374,12 +371,10 @@ function check_form_security_token($typename = '', $formname = 'form_security_to $max_livetime = 10800; // 3 hours - $a = get_app(); - $x = explode('.', $hash); if (time() > (IntVal($x[0]) + $max_livetime)) return false; - $sec_hash = hash('whirlpool', App::$user['guid'] . App::$user['prvkey'] . session_id() . $x[0] . $typename); + $sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $x[0] . $typename); return ($sec_hash == $x[1]); } @@ -389,8 +384,7 @@ function check_form_security_std_err_msg() { } function check_form_security_token_redirectOnErr($err_redirect, $typename = '', $formname = 'form_security_token') { if (!check_form_security_token($typename, $formname)) { - $a = get_app(); - logger('check_form_security_token failed: user ' . App::$user['guid'] . ' - form element ' . $typename); + logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename); logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA); notice( check_form_security_std_err_msg() ); goaway(z_root() . $err_redirect ); @@ -398,8 +392,7 @@ function check_form_security_token_redirectOnErr($err_redirect, $typename = '', } function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'form_security_token') { if (!check_form_security_token($typename, $formname)) { - $a = get_app(); - logger('check_form_security_token failed: user ' . App::$user['guid'] . ' - form element ' . $typename); + logger('check_form_security_token failed: user ' . App::$observer['xchan_name'] . ' - form element ' . $typename); logger('check_form_security_token failed: _REQUEST data: ' . print_r($_REQUEST, true), LOGGER_DATA); header('HTTP/1.1 403 Forbidden'); killme(); diff --git a/include/widgets.php b/include/widgets.php index 7a35cf37b..24cfff7fa 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -11,13 +11,13 @@ require_once('include/attach.php'); require_once('include/Contact.php'); function widget_profile($args) { - $a = get_app(); + $block = (((get_config('system', 'block_public')) && (! local_channel()) && (! remote_channel())) ? true : false); return profile_sidebar(App::$profile, $block, true); } function widget_zcard($args) { - $a = get_app(); + $block = (((get_config('system', 'block_public')) && (! local_channel()) && (! remote_channel())) ? true : false); $channel = channelx_by_n(App::$profile_uid); return get_zcard($channel,get_observer_hash(),array('width' => 875)); @@ -33,7 +33,7 @@ function widget_tagcloud($args) { $o = ''; //$tab = 0; - $a = get_app(); + $uid = App::$profile_uid; $count = ((x($args,'count')) ? intval($args['count']) : 24); $flags = 0; @@ -164,8 +164,7 @@ function widget_follow($args) { if(! local_channel()) return ''; - $a = get_app(); - $uid =App::$channel['channel_id']; + $uid = App::$channel['channel_id']; $r = q("select count(*) as total from abook where abook_channel = %d and abook_self = 0 ", intval($uid) ); @@ -210,8 +209,6 @@ function widget_savedsearch($arr) { if((! local_channel()) || (! feature_enabled(local_channel(),'savedsearch'))) return ''; - $a = get_app(); - $search = ((x($_GET,'search')) ? $_GET['search'] : ''); if(x($_GET,'searchsave') && $search) { @@ -295,7 +292,6 @@ function widget_filer($arr) { if(! local_channel()) return ''; - $a = get_app(); $selected = ((x($_REQUEST,'file')) ? $_REQUEST['file'] : ''); @@ -323,7 +319,6 @@ function widget_filer($arr) { function widget_archive($arr) { $o = ''; - $a = get_app(); if(! App::$profile_uid) { return ''; @@ -370,7 +365,7 @@ function widget_archive($arr) { function widget_fullprofile($arr) { - $a = get_app(); + if(! App::$profile['profile_uid']) return; @@ -380,7 +375,7 @@ function widget_fullprofile($arr) { } function widget_shortprofile($arr) { - $a = get_app(); + if(! App::$profile['profile_uid']) return; @@ -391,7 +386,7 @@ function widget_shortprofile($arr) { function widget_categories($arr) { - $a = get_app(); + if(App::$profile['profile_uid'] && (! perm_is_allowed(App::$profile['profile_uid'],get_observer_hash(),'view_stream'))) return ''; @@ -406,7 +401,7 @@ function widget_categories($arr) { } function widget_tagcloud_wall($arr) { - $a = get_app(); + if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) return ''; @@ -421,7 +416,7 @@ function widget_tagcloud_wall($arr) { } function widget_catcloud_wall($arr) { - $a = get_app(); + if((! App::$profile['profile_uid']) || (! App::$profile['channel_hash'])) return ''; @@ -486,7 +481,7 @@ function widget_settings_menu($arr) { if(! local_channel()) return; - $a = get_app(); + $channel = App::get_channel(); $abook_self_id = 0; @@ -602,7 +597,6 @@ function widget_mailmenu($arr) { if (! local_channel()) return; - $a = get_app(); return replace_macros(get_markup_template('message_side.tpl'), array( '$title' => t('Private Mail Menu'), @@ -634,8 +628,6 @@ function widget_conversations($arr) { if (! local_channel()) return; - $a = get_app(); - if(argc() > 1) { switch(argv(1)) { @@ -752,7 +744,6 @@ function widget_findpeople($arr) { function widget_photo_albums($arr) { - $a = get_app(); if(! App::$profile['profile_uid']) return ''; @@ -793,7 +784,6 @@ function widget_menu_preview($arr) { } function widget_chatroom_list($arr) { - $a = get_app(); require_once("include/chat.php"); $r = chatroom_list(App::$profile['profile_uid']); @@ -1007,8 +997,6 @@ function widget_cover_photo($arr) { require_once('include/identity.php'); $o = ''; - - $a = get_app(); if(App::$module == 'channel' && $_REQUEST['mid']) return ''; @@ -1159,7 +1147,7 @@ function widget_random_block($arr) { function widget_rating($arr) { - $a = get_app(); + $poco_rating = get_config('system','poco_rating_enable'); if((! $poco_rating) && ($poco_rating !== false)) { @@ -1229,8 +1217,6 @@ function widget_pubsites($arr) { function widget_forums($arr) { - $a = get_app(); - if(! local_channel()) return ''; @@ -1332,8 +1318,6 @@ function widget_admin($arr) { return login(false); } - - $a = get_app(); $o = ''; // array( url, name, extra css classes ) |