From cf7481da53d051c385dbff8d813befc34c8f68ef Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Oct 2017 15:20:45 -0700 Subject: regression in zot site info after zot6 work --- include/zot.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/zot.php b/include/zot.php index da1f3bfa1..55632fc31 100644 --- a/include/zot.php +++ b/include/zot.php @@ -4201,8 +4201,7 @@ function zotinfo($arr) { if($x) $ret['locations'] = $x; - $ret['site'] = zot_site_info(); - + $ret['site'] = zot_site_info($e['xchan_pubkey']); check_zotinfo($e,$x,$ret); @@ -4213,7 +4212,7 @@ function zotinfo($arr) { } -function zot_site_info() { +function zot_site_info($channel_key = '') { $signing_key = get_config('system','prvkey'); $sig_method = get_config('system','signature_algorithm','sha256'); @@ -4221,7 +4220,10 @@ function zot_site_info() { $ret = []; $ret['site'] = []; $ret['site']['url'] = z_root(); - $ret['site']['url_sig'] = base64url_encode(rsa_sign(z_root(),$signing_key,$sig_method)); + if($channel_key) { + $ret['site']['url_sig'] = base64url_encode(rsa_sign(z_root(),$channel_key,$sig_method)); + } + $ret['site']['url_site_sig'] = base64url_encode(rsa_sign(z_root(),$signing_key,$sig_method)); $ret['site']['post'] = z_root() . '/post'; $ret['site']['openWebAuth'] = z_root() . '/owa'; $ret['site']['authRedirect'] = z_root() . '/magic'; -- cgit v1.2.3 From 18279234fd80b016bc81bc90069392ef5ce00b70 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Oct 2017 15:55:41 -0700 Subject: mod_register - don't re-use the password, force them to type it in twice each time unless their browser saves passwords. --- Zotlabs/Module/Register.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index d4573156c..9a364e154 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -27,7 +27,7 @@ class Register extends \Zotlabs\Web\Controller { $result = check_account_email($_REQUEST['email']); break; case 'password_check.json': - $result = check_account_password($_REQUEST['password']); + $result = check_account_password($_REQUEST['password1']); break; default: break; @@ -231,8 +231,8 @@ class Register extends \Zotlabs\Web\Controller { $enable_tos = 1 - intval(get_config('system','no_termsofservice')); $email = array('email', t('Your email address'), ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "")); - $password = array('password', t('Choose a password'), ((x($_REQUEST,'password')) ? trim($_REQUEST['password']) : "")); - $password2 = array('password2', t('Please re-enter your password'), ((x($_REQUEST,'password2')) ? trim($_REQUEST['password2']) : "")); + $password = array('password', t('Choose a password'), ''); + $password2 = array('password2', t('Please re-enter your password'), ''); $invite_code = array('invite_code', t('Please enter your invitation code'), ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : "")); $name = array('name', t('Name or caption'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"')); $nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl')); -- cgit v1.2.3 From a791809a840f168cfe65ea9fd09a30b271f7731e Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Oct 2017 22:31:38 -0700 Subject: ensure guests hve a unique (non-existent) url so that network discovery on remote servers doesn't come up mis-attributing the token. Future work should probably provide an actual page at this location describing it as a guest account of 'xyz'. --- include/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/security.php b/include/security.php index 16c6f1680..d9078eb89 100644 --- a/include/security.php +++ b/include/security.php @@ -116,7 +116,7 @@ function atoken_xchan($atoken) { 'xchan_name' => $atoken['atoken_name'], 'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(), 'xchan_network' => 'unknown', - 'xchan_url' => z_root(), + 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_hidden' => 1, 'xchan_photo_mimetype' => 'image/jpeg', 'xchan_photo_l' => get_default_profile_photo(300), -- cgit v1.2.3 From b106b53d05b434f5bc717b87d4db56b511e1418b Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 16 Oct 2017 23:01:00 -0700 Subject: don't translate 'guest:' since it is part of a url --- include/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/security.php b/include/security.php index d9078eb89..450cc4f69 100644 --- a/include/security.php +++ b/include/security.php @@ -114,7 +114,7 @@ function atoken_xchan($atoken) { 'atoken_id' => $atoken['atoken_id'], 'xchan_hash' => substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_name' => $atoken['atoken_name'], - 'xchan_addr' => t('guest:') . $atoken['atoken_name'] . '@' . \App::get_hostname(), + 'xchan_addr' => 'guest:' . $atoken['atoken_name'] . '@' . \App::get_hostname(), 'xchan_network' => 'unknown', 'xchan_url' => z_root() . '/guest/' . substr($c['channel_hash'],0,16) . '.' . $atoken['atoken_name'], 'xchan_hidden' => 1, -- cgit v1.2.3 From 64a49eb54ac93b9fb3ba4f65894c60dba5620048 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 18 Oct 2017 00:25:00 +0200 Subject: update notifications if a notification area remains open --- view/js/main.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/view/js/main.js b/view/js/main.js index 0aeb4d36d..3455de5c2 100644 --- a/view/js/main.js +++ b/view/js/main.js @@ -1000,6 +1000,13 @@ function notify_popup_loader(notifyType) { }); } }); + + setTimeout(function() { + if(notify_menu.hasClass('show')) { + console.log('updating ' + notifyType + ' notifications...'); + setTimeout(notify_popup_loader, updateInterval, notifyType); + } + }, 1000); } -- cgit v1.2.3