diff options
Diffstat (limited to 'mod/connedit.php')
-rw-r--r-- | mod/connedit.php | 50 |
1 files changed, 36 insertions, 14 deletions
diff --git a/mod/connedit.php b/mod/connedit.php index e7d16cd82..9a5c4c4fc 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -117,7 +117,7 @@ function connedit_post(&$a) { if($rating > 10) $rating = 10; - $rating_text = escape_tags($_REQUEST['rating_text']); + $rating_text = trim(escape_tags($_REQUEST['rating_text'])); $abook_my_perms = 0; @@ -131,26 +131,35 @@ function connedit_post(&$a) { $new_friend = false; if(! $is_self) { - $z = q("select * from xlink where xlink_xchan = '%s' and xlink_xlink = '%s' and xlink_static = 1 limit 1", + + $signed = $orig_record[0]['abook_xchan'] . '.' . $rating . '.' . $rating_text; + + $sig = base64url_encode(rsa_sign($signed,$channel['channel_prvkey'])); + + $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']) ); + + if($z) { $record = $z[0]['xlink_id']; - $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_updated = '%s' + $w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s' where xlink_id = %d", intval($rating), dbesc($rating_text), + dbesc($sig), dbesc(datetime_convert()), intval($record) ); } else { - $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', 1 ) ", + $w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']), intval($rating), dbesc($rating_text), + dbesc($sig), dbesc(datetime_convert()) ); $z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", @@ -161,7 +170,7 @@ function connedit_post(&$a) { $record = $z[0]['xlink_id']; } if($record) { - proc_run('php','include/notifier.php','rating',$record); + proc_run('php','include/ratenotif.php','rating',$record); } } @@ -171,13 +180,11 @@ function connedit_post(&$a) { } - $r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_rating = %d, abook_rating_text = '%s', abook_flags = %d + $r = q("UPDATE abook SET abook_profile = '%s', abook_my_perms = %d , abook_closeness = %d, abook_flags = %d where abook_id = %d AND abook_channel = %d", dbesc($profile_id), intval($abook_my_perms), intval($closeness), - intval($rating), - dbesc($rating_text), intval($abook_flags), intval($contact_id), intval(local_channel()) @@ -317,6 +324,7 @@ function connedit_content(&$a) { return login(); } + $channel = $a->get_channel(); $my_perms = get_channel_default_perms(local_channel()); $role = get_pconfig(local_channel(),'system','permissions_role'); if($role) { @@ -565,8 +573,22 @@ function connedit_content(&$a) { )); } + $rating_val = 0; + $rating_text = ''; + + $xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", + dbesc($channel['channel_hash']), + dbesc($contact['xchan_hash']) + ); + + if($xl) { + $rating_val = intval($xl[0]['xlink_rating']); + $rating_text = $xl[0]['xlink_rating_text']; + } + + $poco_rating = get_config('system','poco_rating_enable'); - $poco_rating = 0; + // if unset default to enabled if($poco_rating === false) $poco_rating = true; @@ -574,7 +596,7 @@ function connedit_content(&$a) { if($poco_rating) { $rating = replace_macros(get_markup_template('rating_slider.tpl'),array( '$min' => -10, - '$val' => (($contact['abook_rating']) ? $contact['abook_rating'] : 0), + '$val' => $rating_val )); } else { @@ -614,11 +636,11 @@ function connedit_content(&$a) { '$viewprof' => t('View Profile'), '$clickme' => t('Click to open/close'), '$lbl_slider' => t('Slide to adjust your degree of friendship'), - '$lbl_rating' => t('Rating (this information may be public)'), - '$lbl_rating_txt' => t('Optionally explain your rating (this information may be public)'), - '$rating_txt' => $contact['abook_rating_text'], + '$lbl_rating' => t('Rating (this information is public)'), + '$lbl_rating_txt' => t('Optionally explain your rating (this information is public)'), + '$rating_txt' => $rating_text, '$rating' => $rating, - '$rating_val' => $contact['abook_rating'], + '$rating_val' => $rating_val, '$slide' => $slide, '$tabs' => $t, '$tab_str' => $tab_str, |