diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/attach.php | 5 | ||||
| -rw-r--r-- | mod/connedit.php | 25 | ||||
| -rw-r--r-- | mod/ffsapi.php | 8 |
3 files changed, 25 insertions, 13 deletions
diff --git a/mod/attach.php b/mod/attach.php index ad5dead07..306e39519 100644 --- a/mod/attach.php +++ b/mod/attach.php @@ -37,7 +37,10 @@ function attach_init(&$a) { header('Content-disposition: attachment; filename="' . $r['data']['filename'] . '"'); if(intval($r['data']['os_storage'])) { $fname = dbunescbin($r['data']['data']); - $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb'); + if(strpos($fname,'store') !== false) + $istream = fopen($fname,'rb'); + else + $istream = fopen('store/' . $c[0]['channel_address'] . '/' . $fname,'rb'); $ostream = fopen('php://output','wb'); if($istream && $ostream) { pipe_streams($istream,$ostream); diff --git a/mod/connedit.php b/mod/connedit.php index 877c12dc7..9c46fa999 100644 --- a/mod/connedit.php +++ b/mod/connedit.php @@ -177,16 +177,21 @@ function connedit_post(&$a) { if(($_REQUEST['pending']) && intval($orig_record[0]['abook_pending'])) { $new_friend = true; - if(! $abook_my_perms) { - $abook_my_perms = get_channel_default_perms(local_channel()); + // @fixme it won't be common, but when you accept a new connection request + // the permissions will now be that of your permissions role and ignore + // any you may have set manually on the form. We'll probably see a bug if somebody + // tries to set the permissions *and* approve the connection in the same + // request. The workaround is to approve the connection, then go back and + // adjust permissions as desired. - $role = get_pconfig(local_channel(),'system','permissions_role'); - if($role) { - $x = get_role_perms($role); - if($x['perms_accept']) - $abook_my_perms = $x['perms_accept']; - } + $abook_my_perms = get_channel_default_perms(local_channel()); + + $role = get_pconfig(local_channel(),'system','permissions_role'); + if($role) { + $x = get_role_perms($role); + if($x['perms_accept']) + $abook_my_perms = $x['perms_accept']; } } @@ -661,6 +666,10 @@ function connedit_content(&$a) { if($locs) { foreach($locs as $l) { + if(!($l['location'])) + continue; + if(strpos($locstr,$l['location']) !== false) + continue; if(strlen($locstr)) $locstr .= ', '; $locstr .= $l['location']; diff --git a/mod/ffsapi.php b/mod/ffsapi.php index f4033e63b..1f68a87ba 100644 --- a/mod/ffsapi.php +++ b/mod/ffsapi.php @@ -40,9 +40,9 @@ var data = { "unmarkedIcon": baseurl+"/images/hz-bookmark-32.png", // should be available for display purposes - "description": '$description', - "author": '$author', - "homepageURL": '$homepage', + "description": "$description", + "author": "$author", + "homepageURL": "$homepage", // optional "version": "1.0" @@ -56,7 +56,7 @@ function activate(node) { } </script> -<button onclick="activate(this)" title="activate the demo provider" class="btn btn-primary">$activate</button> +<button onclick="activate(this)" title="$activate" class="btn btn-primary">$activate</button> EOT; |