diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/attach.php | 63 | ||||
| -rw-r--r-- | include/channel.php | 14 | ||||
| -rw-r--r-- | include/connections.php | 4 | ||||
| -rw-r--r-- | include/conversation.php | 19 | ||||
| -rw-r--r-- | include/help.php | 2 | ||||
| -rw-r--r-- | include/hubloc.php | 4 | ||||
| -rw-r--r-- | include/items.php | 30 | ||||
| -rw-r--r-- | include/markdown.php | 5 | ||||
| -rw-r--r-- | include/nav.php | 10 | ||||
| -rw-r--r-- | include/photo/photo_driver.php | 1 | ||||
| -rw-r--r-- | include/photos.php | 10 | ||||
| -rw-r--r-- | include/plugin.php | 4 | ||||
| -rw-r--r-- | include/socgraph.php | 5 | ||||
| -rw-r--r-- | include/taxonomy.php | 2 | ||||
| -rw-r--r-- | include/text.php | 8 | ||||
| -rw-r--r-- | include/zid.php | 6 |
16 files changed, 106 insertions, 81 deletions
diff --git a/include/attach.php b/include/attach.php index 32a86fcba..3b63bd651 100644 --- a/include/attach.php +++ b/include/attach.php @@ -501,13 +501,13 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $ret = array('success' => false); $channel_id = $channel['channel_id']; $sql_options = ''; - $source = (($arr) ? $arr['source'] : ''); - $album = (($arr) ? $arr['album'] : ''); - $newalbum = (($arr) ? $arr['newalbum'] : ''); - $hash = (($arr && $arr['hash']) ? $arr['hash'] : null); - $upload_path = (($arr && $arr['directory']) ? $arr['directory'] : ''); - $visible = (($arr && $arr['visible']) ? $arr['visible'] : ''); - $notify = (($arr && $arr['notify']) ? $arr['notify'] : ''); + $source = $arr['source'] ?? ''; + $album = $arr['album'] ?? ''; + $newalbum = $arr['newalbum'] ?? ''; + $hash = $arr['hash'] ?? null; + $upload_path = $arr['directory'] ?? ''; + $visible = $arr['visible'] ?? 0; + $notify = $arr['notify'] ?? 0; $observer = array(); @@ -528,10 +528,10 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { return $ret; } - $str_group_allow = perms2str($arr['group_allow']); - $str_contact_allow = perms2str($arr['contact_allow']); - $str_group_deny = perms2str($arr['group_deny']); - $str_contact_deny = perms2str($arr['contact_deny']); + $str_group_allow = ((isset($arr['group_allow'])) ? perms2str($arr['group_allow']) : ''); + $str_contact_allow = ((isset($arr['contact_allow'])) ? perms2str($arr['contact_allow']) : ''); + $str_group_deny = ((isset($arr['group_deny'])) ? perms2str($arr['group_deny']) : ''); + $str_contact_deny = ((isset($arr['contact_deny'])) ? perms2str($arr['contact_deny']) : ''); // The 'update' option sets db values without uploading a new attachment @@ -546,6 +546,8 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { $remove_when_processed = true; $import_replace = false; + $type = ''; + if($options === 'import') { $src = $arr['src']; $filename = $arr['filename']; @@ -707,10 +709,10 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { // if we need to create a directory, use the channel default permissions. - $darr['allow_cid'] = $channel['allow_cid']; - $darr['allow_gid'] = $channel['allow_gid']; - $darr['deny_cid'] = $channel['deny_cid']; - $darr['deny_gid'] = $channel['deny_gid']; + $darr['allow_cid'] = $channel['channel_allow_cid']; + $darr['allow_gid'] = $channel['channel_allow_gid']; + $darr['deny_cid'] = $channel['channel_deny_cid']; + $darr['deny_gid'] = $channel['channel_deny_gid']; $direct = null; @@ -960,32 +962,33 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { if($is_photo && $r) { $args = array( 'source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => $pathname, 'os_syspath' => $os_basepath . $os_relpath, 'os_path' => $os_path, 'display_path' => $display_path, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct, 'options' => $options ); - if($arr['contact_allow']) + if (array_key_exists('contact_allow', $arr)) $args['contact_allow'] = $arr['contact_allow']; - if($arr['group_allow']) + if (array_key_exists('contact_deny', $arr)) $args['group_allow'] = $arr['group_allow']; - if($arr['contact_deny']) + if (array_key_exists('contact_deny', $arr)) $args['contact_deny'] = $arr['contact_deny']; - if($arr['group_deny']) + if (array_key_exists('group_deny', $arr)) $args['group_deny'] = $arr['group_deny']; - if(array_key_exists('allow_cid',$arr)) + if (array_key_exists('allow_cid', $arr)) $args['allow_cid'] = $arr['allow_cid']; - if(array_key_exists('allow_gid',$arr)) + if (array_key_exists('allow_gid', $arr)) $args['allow_gid'] = $arr['allow_gid']; - if(array_key_exists('deny_cid',$arr)) + if (array_key_exists('deny_cid', $arr)) $args['deny_cid'] = $arr['deny_cid']; - if(array_key_exists('deny_gid',$arr)) + if (array_key_exists('deny_gid', $arr)) $args['deny_gid'] = $arr['deny_gid']; $args['created'] = $created; $args['edited'] = $edited; - if($arr['item']) + + if (array_key_exists('item', $arr)) $args['item'] = $arr['item']; - if($arr['body']) + if (array_key_exists('body', $arr)) $args['body'] = $arr['body']; - if($arr['description']) + if (array_key_exists('description', $arr)) $args['description'] = $arr['description']; $args['deliver'] = $dosync; @@ -1175,7 +1178,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { return $ret; } - $arr['hash'] = (($arr['hash']) ? $arr['hash'] : new_uuid()); + $arr['hash'] = $arr['hash'] ?? new_uuid(); // Check for duplicate name. // Check both the filename and the hash as we will be making use of both. @@ -1201,6 +1204,9 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { return $ret; } + $path = ''; + $dpath = ''; + if($arr['folder']) { // Walk the directory tree from parent back to root to make sure the parent is valid and name is unique and we @@ -1237,8 +1243,7 @@ function attach_mkdir($channel, $observer_hash, $arr = null) { $path = $lpath; } - else - $path = ''; + $created = datetime_convert(); diff --git a/include/channel.php b/include/channel.php index a309fa5c8..296615524 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1581,6 +1581,8 @@ function profile_sidebar($profile, $block = 0, $show_connect = true, $details = $location = false; $pdesc = true; $reddress = true; + $connect_url = ''; + $connect = ''; if(! perm_is_allowed($profile['uid'], $observer_hash, 'view_profile')) { $block = true; @@ -1792,7 +1794,7 @@ function advanced_profile() { $profile['birthday'] = array( t('Birthday:'), $val); } - if($age = age(App::$profile['dob'],App::$profile['timezone'],'')) + if($age = age(App::$profile['dob'], App::$profile['timezone'] ?? '','')) $profile['age'] = array( t('Age:'), $age ); if(App::$profile['marital']) @@ -1874,7 +1876,7 @@ function advanced_profile() { return replace_macros($tpl, array( '$title' => t('Profile'), - '$canlike' => (($profile['canlike'])? true : false), + '$canlike' => ((isset($profile['canlike']) && $profile['canlike'])? true : false), '$likethis' => t('Like this thing'), '$export' => t('Export'), '$exportlink' => $exportlink, @@ -1890,18 +1892,18 @@ function advanced_profile() { function get_my_url() { - if(x($_SESSION, 'zrl_override')) + if(isset($_SESSION['zrl_override']) && $_SESSION['zrl_override']) return $_SESSION['zrl_override']; - if(x($_SESSION, 'my_url')) + if(isset($_SESSION['my_url']) && $_SESSION['my_url']) return $_SESSION['my_url']; return false; } function get_my_address() { - if(x($_SESSION, 'zid_override')) + if(isset($_SESSION['zid_override']) && $_SESSION['zid_override']) return $_SESSION['zid_override']; - if(x($_SESSION, 'my_address')) + if(isset($_SESSION['my_address']) && $_SESSION['my_address']) return $_SESSION['my_address']; return false; diff --git a/include/connections.php b/include/connections.php index dcfcc3985..936fc1edd 100644 --- a/include/connections.php +++ b/include/connections.php @@ -384,7 +384,7 @@ function contact_remove($channel_id, $abook_id) { dbesc($abook['abook_xchan']) ); - if (strpos($xchan['xchan_addr'],'guest:') === 0 && strpos($abook['abook_xchan'],'.')){ + if ($xchan && strpos($xchan['xchan_addr'],'guest:') === 0 && strpos($abook['abook_xchan'],'.')){ $atoken_guid = substr($abook['abook_xchan'],strrpos($abook['abook_xchan'],'.') + 1); if ($atoken_guid) { atoken_delete_and_sync($channel_id,$atoken_guid); @@ -424,7 +424,7 @@ function contact_remove($channel_id, $abook_id) { function remove_abook_items($channel_id, $xchan_hash) { - $r = q("select id from item where (owner_xchan = '%s' or author_xchan = '%s') and uid = %d and item_retained = 0 and item_starred = 0", + $r = q("select id, parent from item where (owner_xchan = '%s' or author_xchan = '%s') and uid = %d and item_retained = 0 and item_starred = 0", dbesc($xchan_hash), dbesc($xchan_hash), intval($channel_id) diff --git a/include/conversation.php b/include/conversation.php index 2b00c12be..46621a243 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -643,10 +643,9 @@ function conversation($items, $mode, $update, $page_mode = 'traditional', $prepa $channel = App::get_channel(); $observer = App::get_observer(); - if($update) - $return_url = $_SESSION['return_url']; - else - $return_url = $_SESSION['return_url'] = App::$query_string; + if (!$update) { + $_SESSION['return_url'] = App::$query_string; + } load_contact_links(local_channel()); @@ -1328,7 +1327,7 @@ function hz_status_editor($a, $x, $popup = false) { if(x($x, 'hide_future')) $feature_future = false; - $geotag = (($x['allow_location']) ? replace_macros(get_markup_template('jot_geotag.tpl'), array()) : ''); + $geotag = ((isset($x['allow_location']) && $x['allow_location']) ? replace_macros(get_markup_template('jot_geotag.tpl'), array()) : ''); $setloc = t('Set your location'); $clearloc = ((get_pconfig($x['profile_uid'], 'system', 'use_browser_location')) ? t('Clear browser location') : ''); if(x($x, 'hide_location')) @@ -1491,10 +1490,10 @@ function hz_status_editor($a, $x, $popup = false) { '$content' => ((x($x,'body')) ? htmlspecialchars($x['body'], ENT_COMPAT,'UTF-8') : ''), '$attachment' => ((x($x, 'attachment')) ? $x['attachment'] : ''), '$post_id' => ((x($x, 'post_id')) ? $x['post_id'] : ''), - '$defloc' => $x['default_location'], - '$visitor' => $x['visitor'], - '$lockstate' => $x['lockstate'], - '$acl' => $x['acl'], + '$defloc' => $x['default_location'] ?? '', + '$visitor' => $x['visitor'] ?? '', + '$lockstate' => $x['lockstate'] ?? '', + '$acl' => $x['acl'] ?? '', '$allow_cid' => acl2json($x['permissions']['allow_cid']), '$allow_gid' => acl2json($x['permissions']['allow_gid']), '$deny_cid' => acl2json($x['permissions']['deny_cid']), @@ -1502,7 +1501,7 @@ function hz_status_editor($a, $x, $popup = false) { '$mimeselect' => $mimeselect, '$layoutselect' => $layoutselect, '$showacl' => ((array_key_exists('showacl', $x)) ? $x['showacl'] : true), - '$bang' => $x['bang'], + '$bang' => $x['bang'] ?? '', '$profile_uid' => $x['profile_uid'], '$preview' => $preview, '$source' => ((x($x, 'source')) ? $x['source'] : ''), diff --git a/include/help.php b/include/help.php index 6daf81b8e..8a913578a 100644 --- a/include/help.php +++ b/include/help.php @@ -248,7 +248,7 @@ function search_doc_files($s) { $r[$x]['text'] = substr($r[$x]['body'], $start, $dislen); $r[$x]['rank'] = 0; - if($r[$x]['term']) { + if(isset($r[$x]['term'])) { foreach($r[$x]['term'] as $t) { if(stristr($t['term'],$s)) { $r[$x]['rank'] ++; diff --git a/include/hubloc.php b/include/hubloc.php index 6401d1f0d..bf5d8f120 100644 --- a/include/hubloc.php +++ b/include/hubloc.php @@ -137,11 +137,11 @@ function remove_obsolete_hublocs() { // Do we have any invalid ones? - $r = q("select hubloc_id from hubloc where hubloc_sitekey = '%s' and hubloc_url != '%s'", + $r = q("select hubloc_id, hubloc_hash from hubloc where hubloc_sitekey = '%s' and hubloc_url != '%s'", dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); - $p = q("select hubloc_id from hubloc where hubloc_sitekey != '%s' and hubloc_url = '%s'", + $p = q("select hubloc_id, hubloc_hash from hubloc where hubloc_sitekey != '%s' and hubloc_url = '%s'", dbesc(get_config('system', 'pubkey')), dbesc(z_root()) ); diff --git a/include/items.php b/include/items.php index be3c83f7d..46140b699 100644 --- a/include/items.php +++ b/include/items.php @@ -1030,20 +1030,20 @@ function import_author_unknown($x) { return $r[0]['xchan_hash']; } - $name = trim($x['name']); + $name = ((isset($x['name'])) ? trim($x['name']) : 'Unknown'); $r = xchan_store_lowlevel( [ 'xchan_hash' => $x['url'], 'xchan_guid' => $x['url'], 'xchan_url' => $x['url'], - 'xchan_name' => (($name) ? $name : t('(Unknown)')), + 'xchan_name' => $name, 'xchan_name_date' => datetime_convert(), 'xchan_network' => 'unknown' ] ); - if($r && $x['photo']) { + if($r && isset($x['photo']) && $x['photo']) { $photos = import_xchan_photo($x['photo']['src'],$x['url']); @@ -2108,8 +2108,8 @@ function item_store_update($arr, $allow_exec = false, $deliver = true) { // apply the input filter here - $arr['summary'] = trim(z_input_filter($arr['summary'],$arr['mimetype'],$allow_exec)); - $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); + $arr['summary'] = ((isset($arr['summary'])) ? trim(z_input_filter($arr['summary'],$arr['mimetype'],$allow_exec)) : ''); + $arr['body'] = ((isset($arr['body'])) ? trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)) : ''); item_sign($arr); @@ -2409,6 +2409,7 @@ function send_status_notifications($post_id,$item) { $parent = 0; $is_reaction = false; + $thr_parent_id = 0; $type = ((intval($item['item_private']) === 2) ? NOTIFY_MAIL : NOTIFY_COMMENT); @@ -2966,18 +2967,20 @@ function tgroup_check($uid, $item) { if(! $u) return false; - - $terms = array_merge(get_terms_oftype($item['term'],TERM_MENTION),get_terms_oftype($item['term'],TERM_FORUM)); - - if($terms) - logger('tgroup_check: post mentions: ' . print_r($terms,true), LOGGER_DATA); - $max_forums = get_config('system','max_tagged_forums',2); $matched_forums = 0; $link = normalise_link($u[0]['xchan_url']); + $terms = []; + + if (isset($item['terms']) && $item['terms']) { + $terms = array_merge(get_terms_oftype($item['term'],TERM_MENTION),get_terms_oftype($item['term'],TERM_FORUM)); + } + if($terms) { + logger('tgroup_check: post mentions: ' . print_r($terms,true), LOGGER_DATA); + foreach($terms as $term) { if(! link_compare($term['url'],$link)) { continue; @@ -3755,8 +3758,7 @@ function item_expire($uid,$days,$comment_days = 7) { // don't expire filed items - $terms = get_terms_oftype($item['term'],TERM_FILE); - if($terms) { + if (isset($item['term']) && get_terms_oftype($item['term'], TERM_FILE)) { retain_item($item['id']); continue; } @@ -4715,7 +4717,7 @@ function set_linkified_perms($linkified, &$str_contact_allow, &$str_group_allow, foreach($linkified as $x) { $access_tag = $x['success']['access_tag']; if(($access_tag) && (! $parent_item)) { - logger('access_tag: ' . $tag . ' ' . print_r($access_tag,true), LOGGER_DATA); + logger('access_tag: ' . print_r($access_tag,true), LOGGER_DATA); if ($first_access_tag && (! get_pconfig($profile_uid,'system','no_private_mention_acl_override'))) { // This is a tough call, hence configurable. The issue is that one can type in a @!privacy mention diff --git a/include/markdown.php b/include/markdown.php index a0e07ba68..7fba1259f 100644 --- a/include/markdown.php +++ b/include/markdown.php @@ -66,7 +66,10 @@ function markdown_to_bb($s, $use_zrl = false, $options = []) { $s = MarkdownExtra::defaultTransform($s); - if($options && $options['preserve_lf']) { + + $preserve_lf = $options['preserve_lf'] ?? false; + + if($preserve_lf) { $s = str_replace(["\r","\n"],["",'<br>'],$s); } else { diff --git a/include/nav.php b/include/nav.php index 65d5a3ef6..29d99aaee 100644 --- a/include/nav.php +++ b/include/nav.php @@ -110,12 +110,12 @@ function nav($template = 'default') { $nav['logout'] = ['logout', t('Logout'), "", t('End this session'), 'logout_nav_btn']; // user menu - $nav['usermenu'][] = ['profile/' . $channel['channel_address'], t('View Profile'), ((App::$nav_sel['raw_name'] == 'Profile') ? 'active' : ''), t('Your profile page'), 'profile_nav_btn']; + $nav['usermenu'][] = ['profile/' . $channel['channel_address'], t('View Profile'), ((isset(App::$nav_sel['raw_name']) && App::$nav_sel['raw_name'] == 'Profile') ? 'active' : ''), t('Your profile page'), 'profile_nav_btn']; if (feature_enabled(local_channel(), 'multi_profiles')) - $nav['usermenu'][] = ['profiles', t('Edit Profiles'), ((App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : ''), t('Manage/Edit profiles'), 'profiles_nav_btn']; + $nav['usermenu'][] = ['profiles', t('Edit Profiles'), ((isset(App::$nav_sel['raw_name']) && App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : ''), t('Manage/Edit profiles'), 'profiles_nav_btn']; else - $nav['usermenu'][] = ['profiles/' . $prof[0]['id'], t('Edit Profile'), ((App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : ''), t('Edit your profile'), 'profiles_nav_btn']; + $nav['usermenu'][] = ['profiles/' . $prof[0]['id'], t('Edit Profile'), ((isset(App::$nav_sel['raw_name']) && App::$nav_sel['raw_name'] == 'Profiles') ? 'active' : ''), t('Edit your profile'), 'profiles_nav_btn']; } else { @@ -206,7 +206,7 @@ function nav($template = 'default') { $url = ''; $settings_url = ''; - if (App::$profile_uid && App::$nav_sel['raw_name']) { + if (App::$profile_uid && isset(App::$nav_sel['raw_name']) && App::$nav_sel['raw_name']) { $active_app = q("SELECT app_url FROM app WHERE app_channel = %d AND app_name = '%s' LIMIT 1", intval(App::$profile_uid), dbesc(App::$nav_sel['raw_name']) @@ -276,7 +276,7 @@ function nav($template = 'default') { if ($pinned_list) { foreach ($pinned_list as $app) { - if (App::$nav_sel['name'] == $app['name']) + if (isset(App::$nav_sel['name']) && App::$nav_sel['name'] == $app['name']) $app['active'] = true; if ($is_owner) { diff --git a/include/photo/photo_driver.php b/include/photo/photo_driver.php index 14408ea50..0b691b457 100644 --- a/include/photo/photo_driver.php +++ b/include/photo/photo_driver.php @@ -77,6 +77,7 @@ function guess_image_type($filename, $data = '') { $type = null; $m = null; + $headers = ''; $ph = photo_factory(''); $types = $ph->supportedTypes(); diff --git a/include/photos.php b/include/photos.php index 9e4e8923d..de9cc6b13 100644 --- a/include/photos.php +++ b/include/photos.php @@ -247,13 +247,13 @@ function photo_upload($channel, $observer, $args) { 'os_storage' => $os_storage, 'os_syspath' => $args['os_syspath'], 'os_path' => $args['os_path'], 'display_path' => $args['display_path'] ]; - if ($args['created']) + if (isset($args['created'])) $p['created'] = $args['created']; - if ($args['edited']) + if (isset($args['edited'])) $p['edited'] = $args['edited']; - if ($args['title']) + if (isset($args['title'])) $p['title'] = $args['title']; - if ($args['description']) + if (isset($args['description'])) $p['description'] = $args['description']; $url = []; @@ -446,7 +446,7 @@ function photo_upload($channel, $observer, $args) { ]; // Create item container - if ($args['item']) { + if (isset($args['item'])) { foreach ($args['item'] as $i) { $item = get_item_elements($i); diff --git a/include/plugin.php b/include/plugin.php index a17f5761d..ff5014c8b 100644 --- a/include/plugin.php +++ b/include/plugin.php @@ -851,6 +851,10 @@ function get_template_info($template){ foreach( $ll as $l ) { $l = trim($l, "\t\n\r */"); if ($l != ""){ + if (strpos($l, ':') === false) { + continue; + } + list($k, $v) = array_map("trim", explode(":", $l, 2)); $k = strtolower($k); if ($k == 'author' || $k == 'maintainer'){ diff --git a/include/socgraph.php b/include/socgraph.php index 5b913dcfd..f08913ee2 100644 --- a/include/socgraph.php +++ b/include/socgraph.php @@ -332,7 +332,7 @@ function update_suggestions() { } -function poco($a,$extended = false) { +function poco() { $system_mode = false; @@ -342,6 +342,7 @@ function poco($a,$extended = false) { } $observer = App::get_observer(); + $user = ''; if(argc() > 1) { $user = notags(trim(argv(1))); @@ -355,7 +356,7 @@ function poco($a,$extended = false) { $system_mode = true; } - $format = (($_REQUEST['format']) ? $_REQUEST['format'] : 'json'); + $format = $_REQUEST['format'] ?? 'json'; $justme = false; diff --git a/include/taxonomy.php b/include/taxonomy.php index 88be43464..1eded055a 100644 --- a/include/taxonomy.php +++ b/include/taxonomy.php @@ -555,7 +555,7 @@ function dir_tagblock($link,$r) { $o = ''; if(! $r) - $r = App::$data['directory_keywords']; + $r = App::$data['directory_keywords'] ?? []; if($r) { $o = '<div class="dirtagblock widget"><h3>' . t('Keywords') . '</h3><div class="tags" align="center">'; diff --git a/include/text.php b/include/text.php index 37d185ce6..2bcbdd1c0 100644 --- a/include/text.php +++ b/include/text.php @@ -2174,6 +2174,9 @@ function layout_select($channel_id, $current = '') { intval(ITEM_TYPE_PDL) ); + $selected = ''; + $options = ''; + if($r) { $empty_selected = (($current === false) ? ' selected="selected" ' : ''); $options .= '<option value="" ' . $empty_selected . '>' . t('default') . '</option>'; @@ -2206,6 +2209,9 @@ function mimetype_select($channel_id, $current = 'text/bbcode', $choices = null, $x['application/x-php'] = t('PHP'); } + $selected = ''; + $options = ''; + foreach($x as $y => $z) { $selected = (($y == $current) ? ' selected="selected" ' : ''); $options .= '<option value="' . $y . '"' . $selected . '>' . $z . '</option>'; @@ -3977,7 +3983,7 @@ function new_token($minlen = 36, $maxlen = 48) { $len = (($minlen === $maxlen) ? $minlen : mt_rand($minlen, $maxlen)); for ($a = 0; $a < $len; $a++) { - $str .= $chars[mt_rand(0, 62)]; + $str .= $chars[mt_rand(0, 61)]; } return $str; diff --git a/include/zid.php b/include/zid.php index 5710d9f3f..b38457d99 100644 --- a/include/zid.php +++ b/include/zid.php @@ -359,10 +359,12 @@ function owt_init($token) { $_SESSION['authenticated'] = 1; + $delegate = $_REQUEST['delegate'] ?? ''; $delegate_success = false; - if($_REQUEST['delegate']) { + + if($delegate) { $r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1", - dbesc($_REQUEST['delegate']) + dbesc($delegate) ); if ($r && intval($r[0]['channel_id'])) { $allowed = perm_is_allowed($r[0]['channel_id'],$hubloc['xchan_hash'],'delegate'); |