From ad29d0f9a1eb0be9024f1a296460221107654ff9 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 13 Oct 2013 18:36:28 -0700 Subject: preserve the source owner when creating a delivery fork so that we can uplink back to them without any ambiguity. --- boot.php | 2 +- include/items.php | 32 ++++++++++++++++++++++++++++---- include/notifier.php | 5 +++-- install/database.sql | 1 + install/update.php | 9 ++++++++- 5 files changed, 41 insertions(+), 8 deletions(-) diff --git a/boot.php b/boot.php index 8b004d6c0..ba62bffa6 100755 --- a/boot.php +++ b/boot.php @@ -45,7 +45,7 @@ define ( 'RED_PLATFORM', 'Red Matrix' ); define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'R'); define ( 'ZOT_REVISION', 1 ); -define ( 'DB_UPDATE_VERSION', 1077 ); +define ( 'DB_UPDATE_VERSION', 1078 ); define ( 'EOL', '
' . "\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); diff --git a/include/items.php b/include/items.php index 800684ae2..28aa632ca 100755 --- a/include/items.php +++ b/include/items.php @@ -1429,6 +1429,8 @@ function item_store($arr,$allow_exec = false) { return ret; } + $uplinked_comment = false; + // If a page layout is provided, ensure it exists and belongs to us. if(array_key_exists('layout_mid',$arr) && $arr['layout_mid']) { @@ -1620,6 +1622,16 @@ function item_store($arr,$allow_exec = false) { if($r[0]['item_flags'] & ITEM_WALL) $arr['item_flags'] = $arr['item_flags'] | ITEM_WALL; + + // An uplinked comment might arrive with a downstream owner. + // Fix it. + + if($r[0]['owner_xchan'] !== $arr['owner_xchan']) { + $arr['owner_xchan'] = $r[0]['owner_xchan']; + $uplinked_comment = true; + } + + // if the parent is private, force privacy for the entire conversation // This differs from the above settings as it subtly allows comments from // email correspondents to be private even if the overall thread is not. @@ -2136,11 +2148,9 @@ function tag_deliver($uid,$item_id) { intval($uid) ); -// issue #59 -// FIXME - check security on post and allowed senders, right now we just allow it. The author *may* be foreign and the original owner is lost on our copy of the post. So this could be very hard to verify. For instance what happens if the top-level post was a wall-to-wall? -// if(($x) && ($x[0]['item_flags'] & ITEM_UPLINK) && ($x[0]['author_xchan'] == $item['author_xchan'])) { + if(($x) && ($x[0]['item_flags'] & ITEM_UPLINK)) { -// logger('tag_deliver: creating second delivery chain for owner comment.'); + logger('tag_deliver: creating second delivery chain for comment to tagged post.'); // now change this copy of the post to a forum head message and deliver to all the tgroup members @@ -2150,6 +2160,14 @@ function tag_deliver($uid,$item_id) { $flag_bits = ITEM_WALL|ITEM_ORIGIN; + // maintain the original source, which will be the original item owner and was stored in source_xchan + // when we created the delivery fork + + $r = q("update item set source_xchan = '%s' where id = %d limit 1", + dbesc($x[0]['source_xchan']), + intval($item_id) + ); + $r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1", intval($flag_bits), @@ -2249,6 +2267,12 @@ function tag_deliver($uid,$item_id) { $flag_bits = ITEM_WALL|ITEM_ORIGIN|ITEM_UPLINK; + // preserve the source + + $r = q("update item set source_xchan = owner_xchan where id = %d limit 1", + intval($item_id) + ); + $r = q("update item set item_flags = ( item_flags | %d ), owner_xchan = '%s', allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d where id = %d limit 1", intval($flag_bits), diff --git a/include/notifier.php b/include/notifier.php index 0c7ac5264..6ea2e71bb 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -325,12 +325,13 @@ function notifier_run($argv, $argc){ // tag_deliver'd post which needs to be sent back to the original author if(($cmd === 'uplink') && ($parent_item['item_flags'] & ITEM_UPLINK) && (! $top_level_post)) { - $uplink = true; + logger('notifier: uplink'); + $uplink = true; } if(($relay_to_owner || $uplink) && ($cmd !== 'relay')) { logger('notifier: followup relay', LOGGER_DEBUG); - $recipients = array(($uplink) ? $parent_item['author_xchan'] : $parent_item['owner_xchan']); + $recipients = array(($uplink) ? $parent_item['source_xchan'] : $parent_item['owner_xchan']); $private = true; if(! $encoded_item['flags']) $encoded_item['flags'] = array(); diff --git a/install/database.sql b/install/database.sql index 6be3a31aa..3998c13c7 100644 --- a/install/database.sql +++ b/install/database.sql @@ -423,6 +423,7 @@ CREATE TABLE IF NOT EXISTS `item` ( `changed` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `owner_xchan` char(255) NOT NULL DEFAULT '', `author_xchan` char(255) NOT NULL DEFAULT '', + `source_xchan` char(255) NOT NULL DEFAULT '', `mimetype` char(255) NOT NULL DEFAULT '', `title` text NOT NULL, `body` mediumtext NOT NULL, diff --git a/install/update.php b/install/update.php index 20af0de45..74134f260 100644 --- a/install/update.php +++ b/install/update.php @@ -1,6 +1,6 @@