From 2a26c898cafb3523b2e6c8b8b499402befc0c442 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 2 Sep 2015 15:52:54 -0700 Subject: protect from sql injection --- include/zot.php | 2 +- version.inc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/zot.php b/include/zot.php index 55870c2b9..0376dc7f5 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1663,7 +1663,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $ $ab = q("select * from abook where abook_channel = %d and abook_xchan = '%s'", intval($channel['channel_id']), - $arr['owner_xchan'] + dbesc($arr['owner_xchan']) ); $abook = (($ab) ? $ab[0] : null); diff --git a/version.inc b/version.inc index bfff44914..da2499cde 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2015-09-01.1142 +2015-09-02.1143 -- cgit v1.2.3 From d9a67d64b1275257e51c0754d2f76ce7883affcc Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 2 Sep 2015 18:04:22 -0700 Subject: Update the credits --- doc/credits.bb | 8 +++++++- include/text.php | 4 ---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/doc/credits.bb b/doc/credits.bb index e251d4227..200f1fc85 100644 --- a/doc/credits.bb +++ b/doc/credits.bb @@ -1,5 +1,9 @@ [b]Credits[/b] +Thanks to all who have helped and contributed to the project and its predecessors over the years. It is possible we missed in your name but this is unintentional. We also thank the community and its members for providing valuable input and without whom this entire effort would be meaningless. + +It is also worth acknowledging the contributions and solutions to problems which arose from discussions amongst members and developers of other somewhat related and competing projects; even if we have had our occasional disagreements. + Mike Macgirvin Fabio Comuni Simon L'nu @@ -62,7 +66,7 @@ tonnerkiller Antoine G Christian Drechsler Ludovic Grossard -$ProjectnameCanada +RedmatrixCanada Stanislav Lechev [0xAF] aweiher bufalo1973 @@ -74,3 +78,5 @@ mycocham ndurchx pafcu Simó Albert i Beltran +Manuel Reva +Manuel Jiménez Friaza diff --git a/include/text.php b/include/text.php index 02a038ef4..f4122845e 100644 --- a/include/text.php +++ b/include/text.php @@ -72,10 +72,6 @@ function notags($string) { // return(str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string)); } -// use this on "body" or "content" input where angle chars shouldn't be removed, -// and allow them to be safely displayed. - - /** * use this on "body" or "content" input where angle chars shouldn't be removed, -- cgit v1.2.3 From 470915a55b9125d4dd361dcba3c5dbe013f3d4e0 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 2 Sep 2015 20:07:15 -0700 Subject: sync "things" (obj elements) --- mod/thing.php | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/mod/thing.php b/mod/thing.php index c6b70fbb4..842832d16 100644 --- a/mod/thing.php +++ b/mod/thing.php @@ -92,6 +92,20 @@ function thing_init(&$a) { ); info( t('Thing updated') . EOL); + + $datestamp = datetime_convert(); + + $r = q("select obj.*, term.term as obj_term, term.url as obj_url, term.imgurl as obj_imgurl, '%s' as obj_created, '%s' as obj_edited, '%s' as obj_baseurl from obj left join term on obj_obj = term.term_hash where obj_channel = %d and term.term_hash = '%s'", + dbesc($datestamp), + dbesc($datestamp), + dbesc(z_root()), + intval(local_channel()), + dbesc($term_hash) + ); + + if($r) + build_sync_packet(0,array('obj' => $r)); + return; } @@ -156,6 +170,20 @@ function thing_init(&$a) { info( t('Thing added')); + $datestamp = datetime_convert(); + + $r = q("select obj.*, term.term as obj_term, term.url as obj_url, term.imgurl as obj_imgurl, '%s' as obj_created, '%s' as obj_edited, '%s' as obj_baseurl from obj left join term on obj_obj = term.term_hash where obj_channel = %d and term.term_hash = '%s' ", + dbesc($datestamp), + dbesc($datestamp), + dbesc(z_root()), + intval(local_channel()), + dbesc($term['term_hash']) + ); + + if($r) + build_sync_packet(0,array('obj' => $r)); + + if($activity) { $arr = array(); $links = array(array('rel' => 'alternate','type' => 'text/html', 'href' => $term['url'])); -- cgit v1.2.3