diff options
Diffstat (limited to 'mod')
| -rwxr-xr-x | mod/filer.php | 4 | ||||
| -rw-r--r-- | mod/filerm.php | 4 | ||||
| -rwxr-xr-x | mod/network.php | 2 | ||||
| -rwxr-xr-x | mod/register.php | 11 | ||||
| -rwxr-xr-x | mod/settings.php | 40 |
5 files changed, 40 insertions, 21 deletions
diff --git a/mod/filer.php b/mod/filer.php index 3b3a37931..3cd1bfe22 100755 --- a/mod/filer.php +++ b/mod/filer.php @@ -11,8 +11,8 @@ function filer_content(&$a) { killme(); } - $term = notags(trim($_GET['term'])); - $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0); + $term = unxmlify(trim($_GET['term'])); + $item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0); logger('filer: tag ' . $term . ' item ' . $item_id); diff --git a/mod/filerm.php b/mod/filerm.php index 66b684dc9..c520fec7a 100644 --- a/mod/filerm.php +++ b/mod/filerm.php @@ -6,8 +6,8 @@ function filerm_content(&$a) { killme(); } - $term = notags(trim($_GET['term'])); - $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0); + $term = unxmlify(trim($_GET['term'])); + $item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0); logger('filerm: tag ' . $term . ' item ' . $item_id); diff --git a/mod/network.php b/mod/network.php index 5ca0a8c7d..d27945a86 100755 --- a/mod/network.php +++ b/mod/network.php @@ -393,7 +393,7 @@ function network_content(&$a, $update = 0) { ); } if(strlen($file)) { - $sql_extra .= file_tag_file_query('item',$file); + $sql_extra .= file_tag_file_query('item',unxmlify($file)); } if($conv) { diff --git a/mod/register.php b/mod/register.php index 6d0e2700b..630c0a675 100755 --- a/mod/register.php +++ b/mod/register.php @@ -8,6 +8,8 @@ function register_post(&$a) { $verified = 0; $blocked = 1; + $arr = array('post' => $_POST); + call_hooks('register_post', $arr); $max_dailies = intval(get_config('system','max_daily_registrations')); if($max_dailes) { @@ -218,8 +220,8 @@ function register_post(&$a) { $spubkey = $spkey["key"]; $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`, - `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` ) - VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", + `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` ) + VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC' )", dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), @@ -540,6 +542,11 @@ function register_content(&$a) { $license = ''; $o = get_markup_template("register.tpl"); + + $arr = array('template' => $o); + + call_hooks('register_form',$arr); + $o = replace_macros($o, array( '$oidhtml' => $oidhtml, '$invitations' => get_config('system','invitation_only'), diff --git a/mod/settings.php b/mod/settings.php index ce5ceea82..ce2d64851 100755 --- a/mod/settings.php +++ b/mod/settings.php @@ -303,7 +303,8 @@ function settings_post(&$a) { $page_flags = (((x($_POST,'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0); $blockwall = (((x($_POST,'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted! $blocktags = (((x($_POST,'blocktags')) && (intval($_POST['blocktags']) == 1)) ? 0: 1); // this setting is inverted! - + $unkmail = (((x($_POST,'unkmail')) && (intval($_POST['unkmail']) == 1)) ? 1: 0); + $cntunkmail = ((x($_POST,'cntunkmail')) ? intval($_POST['cntunkmail']) : 0); $suggestme = ((x($_POST,'suggestme')) ? intval($_POST['suggestme']) : 0); $hide_friends = (($_POST['hide-friends'] == 1) ? 1: 0); $hidewall = (($_POST['hidewall'] == 1) ? 1: 0); @@ -391,7 +392,7 @@ function settings_post(&$a) { set_pconfig(local_user(),'system','suggestme', $suggestme); - $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d, `hidewall` = %d, `blocktags` = %d WHERE `uid` = %d LIMIT 1", + $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d LIMIT 1", dbesc($username), dbesc($email), dbesc($openid), @@ -410,6 +411,8 @@ function settings_post(&$a) { intval($blockwall), intval($hidewall), intval($blocktags), + intval($unkmail), + intval($cntunkmail), intval(local_user()) ); if($r) @@ -760,17 +763,19 @@ function settings_content(&$a) { if(count($p)) $profile = $p[0]; - $username = $a->user['username']; - $email = $a->user['email']; - $nickname = $a->user['nickname']; - $timezone = $a->user['timezone']; - $notify = $a->user['notify-flags']; - $defloc = $a->user['default-location']; - $openid = $a->user['openid']; - $maxreq = $a->user['maxreq']; - $expire = ((intval($a->user['expire'])) ? $a->user['expire'] : ''); - $blockwall = $a->user['blockwall']; - $blocktags = $a->user['blocktags']; + $username = $a->user['username']; + $email = $a->user['email']; + $nickname = $a->user['nickname']; + $timezone = $a->user['timezone']; + $notify = $a->user['notify-flags']; + $defloc = $a->user['default-location']; + $openid = $a->user['openid']; + $maxreq = $a->user['maxreq']; + $expire = ((intval($a->user['expire'])) ? $a->user['expire'] : ''); + $blockwall = $a->user['blockwall']; + $blocktags = $a->user['blocktags']; + $unkmail = $a->user['unkmail']; + $cntunkmail = $a->user['cntunkmail']; $expire_items = get_pconfig(local_user(), 'expire','items'); $expire_items = (($expire_items===false)? '1' : $expire_items); // default if not set: 1 @@ -870,6 +875,12 @@ function settings_content(&$a) { )); + $unkmail = replace_macros($opt_tpl,array( + '$field' => array('unkmail', t('Permit unknown people to send you private messages?'), $unkmail, '', array(t('No'),t('Yes'))), + + )); + + $invisible = (((! $profile['publish']) && (! $profile['net-publish'])) ? true : false); @@ -946,7 +957,8 @@ function settings_content(&$a) { '$profile_in_net_dir' => $profile_in_net_dir, '$hide_friends' => $hide_friends, '$hide_wall' => $hide_wall, - + '$unkmail' => $unkmail, + '$cntunkmail' => array('cntunkmail', t('Maximum private messages per day from unknown people:'), $cntunkmail ,t("\x28to prevent spam abuse\x29")), '$h_not' => t('Notification Settings'), |