From e9ce68559e7f552b6ef738eaf7f9025813eb82ad Mon Sep 17 00:00:00 2001
From: Thomas Willingham <founder@kakste.com>
Date: Sun, 19 Jan 2014 23:48:26 +0000
Subject: Stop Google DDoSing me by providing block_public_search, which unlike
 block_public will block *only* searching without an observer.

---
 mod/search.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/mod/search.php b/mod/search.php
index d13c613c2..22e521164 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -8,11 +8,12 @@ function search_init(&$a) {
 
 function search_content(&$a,$update = 0, $load = false) {
 
-	if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
-		notice( t('Public access denied.') . EOL);
+	if((get_config('system','block_public')) || (get_config('system','block_public_search'))) {
+		if ((! local_user()) && (! remote_user())) {
+			notice( t('Public access denied.') . EOL);
 		return;
+		}
 	}
-
 	nav_set_selected('search');
 
 	require_once("include/bbcode.php");
-- 
cgit v1.2.3


From 9fb36df8d981716a6557068b18ee364e62522180 Mon Sep 17 00:00:00 2001
From: Thomas Willingham <founder@kakste.com>
Date: Mon, 20 Jan 2014 01:54:52 +0000
Subject: Fix dav directory creation.

---
 include/reddav.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/include/reddav.php b/include/reddav.php
index 838ead7b7..1658e43c4 100644
--- a/include/reddav.php
+++ b/include/reddav.php
@@ -190,8 +190,9 @@ class RedDirectory extends DAV\Node implements DAV\ICollection {
 		}
 
 		$r = q("select * from channel where channel_id = %d and not (channel_pageflags & %d) limit 1",
-			intval(PAGE_REMOVED),
-			intval($this->auth->owner_id)
+			intval($this->auth->owner_id),
+			intval(PAGE_REMOVED)
+
 		);
 
 		if($r) {
-- 
cgit v1.2.3


From 26dfcecf054e19616f198872b66c7645270f4430 Mon Sep 17 00:00:00 2001
From: Thomas Willingham <founder@kakste.com>
Date: Mon, 20 Jan 2014 06:28:38 +0000
Subject: Prevent zids messing up dav

---
 include/reddav.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/include/reddav.php b/include/reddav.php
index 1658e43c4..0d2aac19e 100644
--- a/include/reddav.php
+++ b/include/reddav.php
@@ -50,6 +50,9 @@ class RedDirectory extends DAV\Node implements DAV\ICollection {
 	function getChild($name) {
 
 		logger('RedDirectory::getChild : ' . $name, LOGGER_DATA);
+		$name = str_replace(array('?f=','&f='),array('',''),$name);
+		$name = preg_replace('/[\?&]zid=(.*?)([\?&]|$)/ism','',$name);
+		logger('RedDirectory::getChild post strip zid: ' . $name, LOGGER_DATA);
 
 
 		if(get_config('system','block_public') && (! $this->auth->channel_id) && (! $this->auth->observer)) {
@@ -190,9 +193,8 @@ class RedDirectory extends DAV\Node implements DAV\ICollection {
 		}
 
 		$r = q("select * from channel where channel_id = %d and not (channel_pageflags & %d) limit 1",
-			intval($this->auth->owner_id),
-			intval(PAGE_REMOVED)
-
+			intval(PAGE_REMOVED),
+			intval($this->auth->owner_id)
 		);
 
 		if($r) {
-- 
cgit v1.2.3